diff options
| author | Jakob Schlyter <jakob@cvs.openbsd.org> | 2007-12-09 12:34:57 +0000 |
|---|---|---|
| committer | Jakob Schlyter <jakob@cvs.openbsd.org> | 2007-12-09 12:34:57 +0000 |
| commit | 22b3400dbbcf53ca766905676d927453a6645f85 (patch) | |
| tree | ff7ad80c67504a2a67013052d0ec7da58ead1345 | |
| parent | 2b864d06a3facac2aea4ea0bc5846ce9e24062d9 (diff) | |
ISC BIND release 9.4.2
622 files changed, 44597 insertions, 10428 deletions
diff --git a/usr.sbin/bind/FAQ.xml b/usr.sbin/bind/FAQ.xml index 8b4388569f9..2f120bd6971 100644 --- a/usr.sbin/bind/FAQ.xml +++ b/usr.sbin/bind/FAQ.xml @@ -4,7 +4,7 @@ - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000-2003 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -17,7 +17,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: FAQ.xml,v 1.4.6.5.6.1 2007/01/12 02:28:00 marka Exp $ --> +<!-- $ISC: FAQ.xml,v 1.4.4.16 2007/10/31 02:14:07 marka Exp $ --> <article class="faq"> <title>Frequently Asked Questions about BIND 9</title> @@ -38,69 +38,63 @@ </copyright> </articleinfo> <qandaset defaultlabel='qanda'> + + <qandadiv><title>Compilation and Installation Questions</title> + <qandaentry> <question> <para> - Why doesn't -u work on Linux 2.2.x when I build with - --enable-threads? + I'm trying to compile BIND 9, and "make" is failing due to + files not being found. Why? </para> </question> <answer> <para> - Linux threads do not fully implement the Posix threads - (pthreads) standard. In particular, setuid() operates only - on the current thread, not the full process. Because of - this limitation, BIND 9 cannot use setuid() on Linux as it - can on all other supported platforms. setuid() cannot be - called before creating threads, since the server does not - start listening on reserved ports until after threads have - started. - </para> - <para> - In the 2.2.18 or 2.3.99-pre3 and newer kernels, the ability - to preserve capabilities across a setuid() call is present. - This allows BIND 9 to call setuid() early, while retaining - the ability to bind reserved ports. This is a Linux-specific - hack. - </para> - <para> - On a 2.2 kernel, BIND 9 does drop many root privileges, so - it should be less of a security risk than a root process - that has not dropped privileges. - </para> - <para> - If Linux threads ever work correctly, this restriction will - go away. - </para> - <para> - Configuring BIND9 with the --disable-threads option (the - default) causes a non-threaded version to be built, which - will allow -u to be used. + Using a parallel or distributed "make" to build BIND 9 is + not supported, and doesn't work. If you are using one of + these, use normal make or gmake instead. </para> </answer> </qandaentry> - + <qandaentry> <question> <para> - Why do I get the following errors: -<programlisting>general: errno2result.c:109: unexpected error: -general: unable to convert errno to isc_result: 14: Bad address -client: UDP client handler shutting down due to fatal receive error: unexpected error</programlisting> + Isn't "make install" supposed to generate a default named.conf? </para> </question> <answer> <para> - This is the result of a Linux kernel bug. + Short Answer: No. </para> <para> - See: - <ulink url="http://marc.theaimsgroup.com/?l=linux-netdev&m=113081708031466&w=2">http://marc.theaimsgroup.com/?l=linux-netdev&m=113081708031466&w=2</ulink> + Long Answer: There really isn't a default configuration which fits + any site perfectly. There are lots of decisions that need to + be made and there is no consensus on what the defaults should be. + For example FreeBSD uses /etc/namedb as the location where the + configuration files for named are stored. Others use /var/named. + </para> + <para> + What addresses to listen on? For a laptop on the move a lot + you may only want to listen on the loop back interfaces. + </para> + <para> + Who do you offer recursive service to? Is there are firewall + to consider? If so is it stateless or stateful. Are you + directly on the Internet? Are you on a private network? Are + you on a NAT'd network? The answers + to all these questions change how you configure even a + caching name server. </para> </answer> </qandaentry> + + </qandadiv> <!-- Compilation and Installation Questions --> + + <qandadiv><title>Configuration and Setup Questions</title> <qandaentry> + <!-- configuration, log --> <question> <para> Why does named log the warning message <quote>no TTL specified - @@ -126,48 +120,9 @@ example.com. 86400 IN SOA ns hostmaster ( 1 3600 1800 1814400 3600 )</programlis </informalexample> </answer> </qandaentry> - - <qandaentry> - <question> - <para> - Why do I see 5 (or more) copies of named on Linux? - </para> - </question> - <answer> - <para> - Linux threads each show up as a process under ps. The - approximate number of threads running is n+4, where n is - the number of CPUs. Note that the amount of memory used - is not cumulative; if each process is using 10M of memory, - only a total of 10M is used. - </para> - <para> - Newer versions of Linux's ps command hide the individual threads - and require -L to display them. - </para> - </answer> - </qandaentry> - - <qandaentry> - <question> - <para> - Why does BIND 9 log <quote>permission denied</quote> errors accessing - its configuration files or zones on my Linux system even - though it is running as root? - </para> - </question> - <answer> - <para> - On Linux, BIND 9 drops most of its root privileges on - startup. This including the privilege to open files owned - by other users. Therefore, if the server is running as - root, the configuration files and zone files should also - be owned by root. - </para> - </answer> - </qandaentry> - + <qandaentry> + <!-- configuration --> <question> <para> Why do I get errors like <quote>dns_zone_load: zone foo/IN: loading @@ -184,25 +139,7 @@ example.com. 86400 IN SOA ns hostmaster ( 1 3600 1800 1814400 3600 )</programlis </qandaentry> <qandaentry> - <question> - <para> - How do I produce a usable core file from a multithreaded - named on Linux? - </para> - </question> - <answer> - <para> - If the Linux kernel is 2.4.7 or newer, multithreaded core - dumps are usable (that is, the correct thread is dumped). - Otherwise, if using a 2.2 kernel, apply the kernel patch - found in contrib/linux/coredump-patch and rebuild the kernel. - This patch will cause multithreaded programs to dump the - correct thread. - </para> - </answer> - </qandaentry> - - <qandaentry> + <!-- security --> <question> <para> How do I restrict people from looking up the server version? @@ -221,6 +158,7 @@ example.com. 86400 IN SOA ns hostmaster ( 1 3600 1800 1814400 3600 )</programlis </qandaentry> <qandaentry> + <!-- security --> <question> <para> How do I restrict only remote users from looking up the @@ -249,6 +187,7 @@ view "chaos" chaos { </qandaentry> <qandaentry> + <!-- configuration --> <question> <para> What do <quote>no source of entropy found</quote> or <quote>could not @@ -268,21 +207,7 @@ view "chaos" chaos { </qandaentry> <qandaentry> - <question> - <para> - I installed BIND 9 and restarted named, but it's still BIND 8. Why? - </para> - </question> - <answer> - <para> - BIND 9 is installed under /usr/local by default. BIND 8 - is often installed under /usr. Check that the correct named - is running. - </para> - </answer> - </qandaentry> - - <qandaentry> + <!-- configuration --> <question> <para> I'm trying to use TSIG to authenticate dynamic updates or @@ -302,87 +227,6 @@ view "chaos" chaos { <qandaentry> <question> <para> - I'm trying to compile BIND 9, and "make" is failing due to - files not being found. Why? - </para> - </question> - <answer> - <para> - Using a parallel or distributed "make" to build BIND 9 is - not supported, and doesn't work. If you are using one of - these, use normal make or gmake instead. - </para> - </answer> - </qandaentry> - - <qandaentry> - <question> - <para> - I have a BIND 9 master and a BIND 8.2.3 slave, and the - master is logging error messages like <quote>notify to 10.0.0.1#53 - failed: unexpected end of input</quote>. What's wrong? - </para> - </question> - <answer> - <para> - This error message is caused by a known bug in BIND 8.2.3 - and is fixed in BIND 8.2.4. It can be safely ignored - the - notify has been acted on by the slave despite the error - message. - </para> - </answer> - </qandaentry> - - <qandaentry> - <question> - <para> - I keep getting log messages like the following. Why? - </para> - <para> - Dec 4 23:47:59 client 10.0.0.1#1355: updating zone - 'example.com/IN': update failed: 'RRset exists (value - dependent)' prerequisite not satisfied (NXRRSET) - </para> - </question> - <answer> - <para> - DNS updates allow the update request to test to see if - certain conditions are met prior to proceeding with the - update. The message above is saying that conditions were - not met and the update is not proceeding. See doc/rfc/rfc2136.txt - for more details on prerequisites. - </para> - </answer> - </qandaentry> - - <qandaentry> - <question> - <para> - I keep getting log messages like the following. Why? - </para> - <para> - Jun 21 12:00:00.000 client 10.0.0.1#1234: update denied - </para> - </question> - <answer> - <para> - Someone is trying to update your DNS data using the RFC2136 - Dynamic Update protocol. Windows 2000 machines have a habit - of sending dynamic update requests to DNS servers without - being specifically configured to do so. If the update - requests are coming from a Windows 2000 machine, see - <ulink - url="http://support.microsoft.com/support/kb/articles/q246/8/04.asp"> - http://support.microsoft.com/support/kb/articles/q246/8/04.asp - </ulink> - for information about how to turn them off. - </para> - </answer> - </qandaentry> - - <qandaentry> - <question> - <para> I see a log message like the following. Why? </para> <para> @@ -402,81 +246,7 @@ view "chaos" chaos { </para> </answer> </qandaentry> - - <qandaentry> - <question> - <para> - When I do a "dig . ns", many of the A records for the root - servers are missing. Why? - </para> - </question> - <answer> - <para> - This is normal and harmless. It is a somewhat confusing - side effect of the way BIND 9 does RFC2181 trust ranking - and of the efforts BIND 9 makes to avoid promoting glue - into answers. - </para> - <para> - When BIND 9 first starts up and primes its cache, it receives - the root server addresses as additional data in an authoritative - response from a root server, and these records are eligible - for inclusion as additional data in responses. Subsequently - it receives a subset of the root server addresses as - additional data in a non-authoritative (referral) response - from a root server. This causes the addresses to now be - considered non-authoritative (glue) data, which is not - eligible for inclusion in responses. - </para> - <para> - The server does have a complete set of root server addresses - cached at all times, it just may not include all of them - as additional data, depending on whether they were last - received as answers or as glue. You can always look up the - addresses with explicit queries like "dig a.root-servers.net A". - </para> - </answer> - </qandaentry> - - <qandaentry> - <question> - <para> - Zone transfers from my BIND 9 master to my Windows 2000 - slave fail. Why? - </para> - </question> - <answer> - <para> - This may be caused by a bug in the Windows 2000 DNS server - where DNS messages larger than 16K are not handled properly. - This can be worked around by setting the option "transfer-format - one-answer;". Also check whether your zone contains domain - names with embedded spaces or other special characters, - like "John\032Doe\213s\032Computer", since such names have - been known to cause Windows 2000 slaves to incorrectly - reject the zone. - </para> - </answer> - </qandaentry> - - <qandaentry> - <question> - <para> - Why don't my zones reload when I do an "rndc reload" or SIGHUP? - </para> - </question> - <answer> - <para> - A zone can be updated either by editing zone files and - reloading the server or by dynamic update, but not both. - If you have enabled dynamic update for a zone using the - "allow-update" option, you are not supposed to edit the - zone file by hand, and the server will not attempt to reload - it. - </para> - </answer> - </qandaentry> - + <qandaentry> <question> <para> @@ -491,7 +261,7 @@ view "chaos" chaos { </para> </answer> </qandaentry> - + <qandaentry> <question> <para> @@ -579,50 +349,7 @@ Slave 10.0.1.2: </informalexample> </answer> </qandaentry> - - <qandaentry> - <question> - <para> - I have FreeBSD 4.x and "rndc-confgen -a" just sits there. - </para> - </question> - <answer> - <para> - /dev/random is not configured. Use rndcontrol(8) to tell - the kernel to use certain interrupts as a source of random - events. You can make this permanent by setting rand_irqs - in /etc/rc.conf. - </para> - <informalexample> - <programlisting> -/etc/rc.conf -rand_irqs="3 14 15"</programlisting> - </informalexample> - <para> - See also - <ulink url="http://people.freebsd.org/~dougb/randomness.html"> - http://people.freebsd.org/~dougb/randomness.html - </ulink> - </para> - </answer> - </qandaentry> - - <qandaentry> - <question> - <para> - Why is named listening on UDP port other than 53? - </para> - </question> - <answer> - <para> - Named uses a system selected port to make queries of other - nameservers. This behaviour can be overridden by using - query-source to lock down the port and/or address. See - also notify-source and transfer-source. - </para> - </answer> - </qandaentry> - + <qandaentry> <question> <para> @@ -644,7 +371,7 @@ named-checkzone example.com tmp</programlisting> </informalexample> <para> A CNAME record cannot exist with the same name as another record - except for the DNSSEC records which prove its existance (NSEC). + except for the DNSSEC records which prove its existence (NSEC). </para> <para> RFC 1034, Section 3.6.2: <quote>If a CNAME RR is present at a node, @@ -655,7 +382,7 @@ named-checkzone example.com tmp</programlisting> </para> </answer> </qandaentry> - + <qandaentry> <question> <para> @@ -674,33 +401,7 @@ named-checkzone example.com tmp</programlisting> </para> </answer> </qandaentry> - - <qandaentry> - <question> - <para> - I get warning messages like <quote>zone example.com/IN: refresh: - failure trying master 1.2.3.4#53: timed out</quote>. - </para> - </question> - <answer> - <para> - Check that you can make UDP queries from the slave to the master - </para> - <informalexample> - <programlisting> -dig +norec example.com soa @1.2.3.4</programlisting> - </informalexample> - <para> - You could be generating queries faster than the slave can - cope with. Lower the serial query rate. - </para> - <informalexample> - <programlisting> -serial-query-rate 5; // default 20</programlisting> - </informalexample> - </answer> - </qandaentry> - + <qandaentry> <question> <para> @@ -726,7 +427,7 @@ Master 10.0.1.1: }; view "internal" { - match-clients { !external; 10.0.1/24; }; + match-clients { !key external; 10.0.1/24; }; server 10.0.1.1 { /* Deliver notify messages to external view. */ keys { external; }; @@ -740,7 +441,7 @@ Master 10.0.1.1: }; view "external" { - match-clients { external; any; }; + match-clients { key external; any; }; zone "example.com" { type slave; file "external/example.db"; @@ -767,8 +468,8 @@ Master 10.0.1.1: This error is produced when a line in the master file contains leading white space (tab/space) but the is no current record owner name to inherit the name from. Usually - this is the result of putting white space before a comment. - Forgeting the "@" for the SOA record or indenting the master + this is the result of putting white space before a comment, + forgetting the "@" for the SOA record, or indenting the master file. </para> </answer> @@ -782,7 +483,7 @@ Master 10.0.1.1: </question> <answer> <para> - You are running chrooted (-t) and have not supplied local timzone + You are running chrooted (-t) and have not supplied local timezone information in the chroot area. </para> <simplelist> @@ -795,22 +496,7 @@ Master 10.0.1.1: </para> </answer> </qandaentry> - - <qandaentry> - <question> - <para> - I get the error message <quote>named: capset failed: Operation - not permitted</quote> when starting named. - </para> - </question> - <answer> - <para> - The capability module, part of "Linux Security Modules/LSM", - has not been loaded into the kernel. See insmod(8). - </para> - </answer> - </qandaentry> - + <qandaentry> <question> <para> @@ -850,46 +536,7 @@ Master 10.0.1.1: </para> </answer> </qandaentry> - - <qandaentry> - <question> - <para> - I don't get RRSIG's returned when I use "dig +dnssec". - </para> - </question> - <answer> - <para> - You need to ensure DNSSEC is enabled (dnssec-enable yes;). - </para> - </answer> - </qandaentry> - - <qandaentry> - <question> - <para> - I get <quote>Error 1067</quote> when starting named under Windows. - </para> - </question> - <answer> - <para> - This is the service manager saying that named exited. You - need to examine the Application log in the EventViewer to - find out why. - </para> - <para> - Common causes are that you failed to create "named.conf" - (usually "C:\windows\dns\etc\named.conf") or failed to - specify the directory in named.conf. - </para> - <informalexample> - <programlisting> -options { - Directory "C:\windows\dns\etc"; -};</programlisting> - </informalexample> - </answer> - </qandaentry> - + <qandaentry> <question> <para> @@ -941,26 +588,238 @@ zone "example.net" { </informalexample> </answer> </qandaentry> + + <qandaentry> + <question> + <para> + I want to forward all DNS queries from my caching nameserver to + another server. But there are some domains which have to be + served locally, via rbldnsd. + </para> + <para> + How do I achieve this ? + </para> + </question> + <answer> + <programlisting> +options { + forward only; + forwarders { <ip.of.primary.nameserver>; }; +}; + +zone "sbl-xbl.spamhaus.org" { + type forward; forward only; + forwarders { <ip.of.rbldns.server> port 530; }; +}; + +zone "list.dsbl.org" { + type forward; forward only; + forwarders { <ip.of.rbldns.server> port 530; }; +}; + </programlisting> + </answer> + </qandaentry> <qandaentry> <question> <para> - How do I intergrate BIND 9 and Solaris SMF + Can you help me understand how BIND 9 uses memory to store + DNS zones? + </para> + <para> + Some times it seems to take several times the amount of + memory it needs to store the zone. </para> </question> <answer> <para> - Sun has a blog entry describing how to do this. + When reloading a zone named my have multiple copies of + the zone in memory at one time. The zone it is serving + and the one it is loading. If reloads are ultra fast it + can have more still. + </para> + <para> + e.g. Ones that are transferring out, the one that it is + serving and the one that is loading. + </para> + <para> + BIND 8 destroyed the zone before loading and also killed + off outgoing transfers of the zone. + </para> + <para> + The new strategy allows slaves to get copies of the new + zone regardless of how often the master is loaded compared + to the transfer time. The slave might skip some intermediate + versions but the transfers will complete and it will keep + reasonably in sync with the master. + </para> + <para> + The new strategy also allows the master to recover from + syntax and other errors in the master file as it still + has an in-core copy of the old contents. </para> + </answer> + </qandaentry> + + </qandadiv> <!-- Configuration and Setup Questions --> + + <qandadiv><title>General Questions</title> + + <qandaentry> + <question> <para> + I keep getting log messages like the following. Why? + </para> + <para> + Dec 4 23:47:59 client 10.0.0.1#1355: updating zone + 'example.com/IN': update failed: 'RRset exists (value + dependent)' prerequisite not satisfied (NXRRSET) + </para> + </question> + <answer> + <para> + DNS updates allow the update request to test to see if + certain conditions are met prior to proceeding with the + update. The message above is saying that conditions were + not met and the update is not proceeding. See doc/rfc/rfc2136.txt + for more details on prerequisites. + </para> + </answer> + </qandaentry> + + <qandaentry> + <question> + <para> + I keep getting log messages like the following. Why? + </para> + <para> + Jun 21 12:00:00.000 client 10.0.0.1#1234: update denied + </para> + </question> + <answer> + <para> + Someone is trying to update your DNS data using the RFC2136 + Dynamic Update protocol. Windows 2000 machines have a habit + of sending dynamic update requests to DNS servers without + being specifically configured to do so. If the update + requests are coming from a Windows 2000 machine, see <ulink - url="http://blogs.sun.com/roller/page/anay/Weblog?catname=%2FSolaris"> - http://blogs.sun.com/roller/page/anay/Weblog?catname=%2FSolaris + url="http://support.microsoft.com/support/kb/articles/q246/8/04.asp"> + http://support.microsoft.com/support/kb/articles/q246/8/04.asp </ulink> + for information about how to turn them off. + </para> + </answer> + </qandaentry> + + <qandaentry> + <question> + <para> + When I do a "dig . ns", many of the A records for the root + servers are missing. Why? + </para> + </question> + <answer> + <para> + This is normal and harmless. It is a somewhat confusing + side effect of the way BIND 9 does RFC2181 trust ranking + and of the efforts BIND 9 makes to avoid promoting glue + into answers. + </para> + <para> + When BIND 9 first starts up and primes its cache, it receives + the root server addresses as additional data in an authoritative + response from a root server, and these records are eligible + for inclusion as additional data in responses. Subsequently + it receives a subset of the root server addresses as + additional data in a non-authoritative (referral) response + from a root server. This causes the addresses to now be + considered non-authoritative (glue) data, which is not + eligible for inclusion in responses. + </para> + <para> + The server does have a complete set of root server addresses + cached at all times, it just may not include all of them + as additional data, depending on whether they were last + received as answers or as glue. You can always look up the + addresses with explicit queries like "dig a.root-servers.net A". + </para> + </answer> + </qandaentry> + + <qandaentry> + <question> + <para> + Why don't my zones reload when I do an "rndc reload" or SIGHUP? + </para> + </question> + <answer> + <para> + A zone can be updated either by editing zone files and + reloading the server or by dynamic update, but not both. + If you have enabled dynamic update for a zone using the + "allow-update" option, you are not supposed to edit the + zone file by hand, and the server will not attempt to reload + it. + </para> + </answer> + </qandaentry> + + <qandaentry> + <question> + <para> + Why is named listening on UDP port other than 53? </para> + </question> + <answer> + <para> + Named uses a system selected port to make queries of other + nameservers. This behaviour can be overridden by using + query-source to lock down the port and/or address. See + also notify-source and transfer-source. + </para> + </answer> + </qandaentry> + + <qandaentry> + <question> + <para> + I get warning messages like <quote>zone example.com/IN: refresh: + failure trying master 1.2.3.4#53: timed out</quote>. + </para> + </question> + <answer> + <para> + Check that you can make UDP queries from the slave to the master + </para> + <informalexample> + <programlisting> +dig +norec example.com soa @1.2.3.4</programlisting> + </informalexample> + <para> + You could be generating queries faster than the slave can + cope with. Lower the serial query rate. + </para> + <informalexample> + <programlisting> +serial-query-rate 5; // default 20</programlisting> + </informalexample> </answer> </qandaentry> + <qandaentry> + <question> + <para> + I don't get RRSIG's returned when I use "dig +dnssec". + </para> + </question> + <answer> + <para> + You need to ensure DNSSEC is enabled (dnssec-enable yes;). + </para> + </answer> + </qandaentry> + <qandaentry> <question> <para> @@ -977,7 +836,7 @@ zone "example.net" { You would have to add both the CNAME and address records (A/AAAA) as glue to the parent zone and have CNAMEs be followed when doing additional section processing to make - it work. No namesever implementation supports either of + it work. No nameserver implementation supports either of these requirements. </para> </answer> @@ -996,7 +855,7 @@ zone "example.net" { space you are using then you have failed to follow RFC 1918 usage rules and are leaking queries to the Internet. You should establish your own zones for these addresses to prevent - you quering the Internet's name servers for these addresses. + you querying the Internet's name servers for these addresses. Please see <ulink url="http://as112.net/">http://as112.net/</ulink> for details of the problems you are causing and the counter measures that have had to be deployed. @@ -1044,10 +903,175 @@ empty: </para> </answer> </qandaentry> + + <qandaentry> + <question> + <para> + Will named be affected by the 2007 changes to daylight savings + rules in the US. + </para> + </question> + <answer> + <para> + No, so long as the machines internal clock (as reported + by "date -u") remains at UTC. The only visible change + if you fail to upgrade your OS, if you are in a affected + area, will be that log messages will be a hour out during + the period where the old rules do not match the new rules. + </para> + <para> + For most OS's this change just means that you need to + update the conversion rules from UTC to local time. + Normally this involves updating a file in /etc (which + sets the default timezone for the machine) and possibly + a directory which has all the conversion rules for the + world (e.g. /usr/share/zoneinfo). When updating the OS + do not forget to update any chroot areas as well. + See your OS's documentation for more details. + </para> + <para> + The local timezone conversion rules can also be done on + a individual basis by setting the TZ environment variable + appropriately. See your OS's documentation for more + details. + </para> + </answer> + </qandaentry> <qandaentry> <question> <para> + Is there a bugzilla (or other tool) database that mere + mortals can have (read-only) access to for bind? + </para> + </question> + <answer> + <para> + No. The BIND 9 bug database is kept closed for a number + of reasons. These include, but are not limited to, that + the database contains proprietory information from people + reporting bugs. The database has in the past and may in + future contain unfixed bugs which are capable of bringing + down most of the Internet's DNS infrastructure. + </para> + <para> + The release pages for each version contain up to date + lists of bugs that have been fixed post release. That + is as close as we can get to providing a bug database. + </para> + </answer> + </qandaentry> + + </qandadiv> <!-- General Questions --> + + <qandadiv><title>Operating-System Specific Questions</title> + + <qandadiv><title>HPUX</title> + + <qandaentry> + <question> + <para>I get the following error trying to configure BIND: +<programlisting>checking if unistd.h or sys/types.h defines fd_set... no +configure: error: need either working unistd.h or sys/select.h</programlisting> + </para> + </question> + <answer> + <para> + You have attempted to configure BIND with the bundled C compiler. + This compiler does not meet the minimum compiler requirements to + for building BIND. You need to install a ANSI C compiler and / or + teach configure how to find the ANSI C compiler. The later can + be done by adjusting the PATH environment variable and / or + specifying the compiler via CC. + </para> + <informalexample> + <programlisting>./configure CC=<compiler> ...</programlisting> + </informalexample> + </answer> + </qandaentry> + + </qandadiv> <!-- HPUX --> + + <qandadiv><title>Linux</title> + + <qandaentry> + <question> + <para> + Why do I get the following errors: +<programlisting>general: errno2result.c:109: unexpected error: +general: unable to convert errno to isc_result: 14: Bad address +client: UDP client handler shutting down due to fatal receive error: unexpected error</programlisting> + </para> + </question> + <answer> + <para> + This is the result of a Linux kernel bug. + </para> + <para> + See: + <ulink url="http://marc.theaimsgroup.com/?l=linux-netdev&m=113081708031466&w=2">http://marc.theaimsgroup.com/?l=linux-netdev&m=113081708031466&w=2</ulink> + </para> + </answer> + </qandaentry> + + <qandaentry> + <question> + <para> + Why do I see 5 (or more) copies of named on Linux? + </para> + </question> + <answer> + <para> + Linux threads each show up as a process under ps. The + approximate number of threads running is n+4, where n is + the number of CPUs. Note that the amount of memory used + is not cumulative; if each process is using 10M of memory, + only a total of 10M is used. + </para> + <para> + Newer versions of Linux's ps command hide the individual threads + and require -L to display them. + </para> + </answer> + </qandaentry> + + <qandaentry> + <question> + <para> + Why does BIND 9 log <quote>permission denied</quote> errors accessing + its configuration files or zones on my Linux system even + though it is running as root? + </para> + </question> + <answer> + <para> + On Linux, BIND 9 drops most of its root privileges on + startup. This including the privilege to open files owned + by other users. Therefore, if the server is running as + root, the configuration files and zone files should also + be owned by root. + </para> + </answer> + </qandaentry> + + <qandaentry> + <question> + <para> + I get the error message <quote>named: capset failed: Operation + not permitted</quote> when starting named. + </para> + </question> + <answer> + <para> + The capability module, part of "Linux Security Modules/LSM", + has not been loaded into the kernel. See insmod(8). + </para> + </answer> + </qandaentry> + + <qandaentry> + <question> + <para> I'm running BIND on Red Hat Enterprise Linux or Fedora Core - </para> <para> @@ -1073,7 +1097,7 @@ empty: SELinux security policy ( see http://www.nsa.gov/selinux ) and recommendations for BIND security , which are more secure than running named in a chroot and make use of - the bind-chroot environment unecessary . + the bind-chroot environment unnecessary . </para> <para> @@ -1174,7 +1198,7 @@ named_cache_t: for files modifiable by named - $ROOTDIR/var/{tmp,named/{slaves,d </para> <para> - To create a custom configuration file location, eg. + To create a custom configuration file location, e.g. '/root/named.conf', to use with the 'named -c' option, do: <informalexample> @@ -1185,7 +1209,7 @@ named_cache_t: for files modifiable by named - $ROOTDIR/var/{tmp,named/{slaves,d </para> <para> - To create a custom modifiable named data location, eg. + To create a custom modifiable named data location, e.g. '/var/log/named' for a log file, do: <informalexample> <programlisting> @@ -1195,7 +1219,7 @@ named_cache_t: for files modifiable by named - $ROOTDIR/var/{tmp,named/{slaves,d </para> <para> - To create a custom zone file location, eg. /root/zones/, do: + To create a custom zone file location, e.g. /root/zones/, do: <informalexample> <programlisting> # chcon system_u:object_r:named_zone_t /root/zones/{.,*} @@ -1209,68 +1233,115 @@ named_cache_t: for files modifiable by named - $ROOTDIR/var/{tmp,named/{slaves,d </para> </answer> </qandaentry> + + </qandadiv> <!-- Linux --> + + <qandadiv><title>Windows</title> + <qandaentry> <question> <para> - I want to forward all DNS queries from my caching nameserver to - another server. But there are some domains which have to be - served locally, via rbldnsd. + Zone transfers from my BIND 9 master to my Windows 2000 + slave fail. Why? </para> + </question> + <answer> <para> - How do I achieve this ? + This may be caused by a bug in the Windows 2000 DNS server + where DNS messages larger than 16K are not handled properly. + This can be worked around by setting the option "transfer-format + one-answer;". Also check whether your zone contains domain + names with embedded spaces or other special characters, + like "John\032Doe\213s\032Computer", since such names have + been known to cause Windows 2000 slaves to incorrectly + reject the zone. + </para> + </answer> + </qandaentry> + + <qandaentry> + <question> + <para> + I get <quote>Error 1067</quote> when starting named under Windows. </para> </question> <answer> - <programlisting> + <para> + This is the service manager saying that named exited. You + need to examine the Application log in the EventViewer to + find out why. + </para> + <para> + Common causes are that you failed to create "named.conf" + (usually "C:\windows\dns\etc\named.conf") or failed to + specify the directory in named.conf. + </para> + <informalexample> + <programlisting> options { - forward only; - forwarders { <ip.of.primary.nameserver>; }; -}; - -zone "sbl-xbl.spamhaus.org" { - type forward; forward only; - forwarders { <ip.of.rbldns.server> port 530; }; -}; - -zone "list.dsbl.org" { - type forward; forward only; - forwarders { <ip.of.rbldns.server> port 530; }; -}; - </programlisting> + Directory "C:\windows\dns\etc"; +};</programlisting> + </informalexample> </answer> </qandaentry> + + </qandadiv> <!-- Windows --> + + <qandadiv><title>FreeBSD</title> + <qandaentry> <question> <para> - Will named be affected by the 2007 changes to daylight savings - rules in the US. + I have FreeBSD 4.x and "rndc-confgen -a" just sits there. </para> </question> <answer> <para> - No, so long as the machines internal clock (as reported - by "date -u") remains at UTC. The only visible change - if you fail to upgrade your OS, if you are in a affected - area, will be that log messages will be a hour out during - the period where the old rules do not match the new rules. + /dev/random is not configured. Use rndcontrol(8) to tell + the kernel to use certain interrupts as a source of random + events. You can make this permanent by setting rand_irqs + in /etc/rc.conf. </para> + <informalexample> + <programlisting> +/etc/rc.conf +rand_irqs="3 14 15"</programlisting> + </informalexample> <para> - For most OS's this change just means that you need to - update the conversion rules from UTC to local time. - Normally this involves updating a file in /etc (which - sets the default timezone for the machine) and possibly - a directory which has all the conversion rules for the - world (e.g. /usr/share/zoneinfo). When updating the OS - do not forget to update any chroot areas as well. - See your OS's documetation for more details. + See also + <ulink url="http://people.freebsd.org/~dougb/randomness.html"> + http://people.freebsd.org/~dougb/randomness.html + </ulink> </para> + </answer> + </qandaentry> + + </qandadiv> <!-- FreeBSD --> + + <qandadiv><title>Solaris</title> + + <qandaentry> + <question> <para> - The local timezone conversion rules can also be done on - a individual basis by setting the TZ envirionment variable - appropriately. See your OS's documentation for more - details. + How do I integrate BIND 9 and Solaris SMF + </para> + </question> + <answer> + <para> + Sun has a blog entry describing how to do this. + </para> + <para> + <ulink + url="http://blogs.sun.com/roller/page/anay/Weblog?catname=%2FSolaris"> + http://blogs.sun.com/roller/page/anay/Weblog?catname=%2FSolaris + </ulink> </para> </answer> </qandaentry> + + </qandadiv> + + </qandadiv> <!-- Operating-System Specific Questions --> + </qandaset> </article> diff --git a/usr.sbin/bind/README.idnkit b/usr.sbin/bind/README.idnkit new file mode 100644 index 00000000000..c05be5e684e --- /dev/null +++ b/usr.sbin/bind/README.idnkit @@ -0,0 +1,112 @@ + + BIND-9 IDN patch + + Japan Network Information Center (JPNIC) + + +* What is this patch for? + +This patch adds internationalized domain name (IDN) support to BIND-9. +You'll get internationalized version of dig/host/nslookup commands. + + + internationalized dig/host/nslookup + dig/host/nslookup accepts non-ASCII domain names in the local + codeset (such as Shift JIS, Big5 or ISO8859-1) determined by + the locale information. The domain names are normalized and + converted to the encoding on the DNS protocol, and sent to DNS + servers. The replies are converted back to the local codeset + and displayed. + + +* Compilation & installation + +0. Prerequisite + +You have to build and install idnkit before building this patched version +of bind-9. + +1. Running configure script + +Run `configure' in the top directory. See `README' for the +configuration options. + +This patch adds the following 4 options to `configure'. You should +at least specify `--with-idn' option to enable IDN support. + + --with-idn[=IDN_PREFIX] + To enable IDN support, you have to specify `--with-idn' option. + The argument IDN_PREFIX is the install prefix of idnkit. If + IDN_PREFIX is omitted, PREFIX (derived from `--prefix=PREFIX') + is assumed. + + --with-libiconv[=LIBICONV_PREFIX] + Specify this option if idnkit you have installed links GNU + libiconv. The argument LIBICONV_PREFIX is install prefix of + GNU libiconv. If the argument is omitted, PREFIX (derived + from `--prefix=PREFIX') is assumed. + + `--with-libiconv' is shorthand option for GNU libiconv. + + --with-libiconv=/usr/local + + This is equivalent to: + + --with-iconv='-L/usr/local/lib -R/usr/local/lib -liconv' + + `--with-libiconv' assumes that your C compiler has `-R' + option, and that the option adds the specified run-time path + to an exacutable binary. If `-R' option of your compiler has + different meaning, or your compiler lacks the option, you + should use `--with-iconv' option instead. Binary command + without run-time path information might be unexecutable. + In that case, you would see an error message like: + + error in loading shared libraries: libiconv.so.2: cannot + open shared object file + + If both `--with-libiconv' and `--with-iconv' options are + specified, `--with-iconv' is prior to `--with-libiconv'. + + --with-iconv=ICONV_LIBSPEC + If your libc doens't provide iconv(), you need to specify the + library containing iconv() with this option. `ICONV_LIBSPEC' + is the argument(s) to `cc' or `ld' to link the library, for + example, `--with-iconv="-L/usr/local/lib -liconv"'. + You don't need to specify the header file directory for "iconv.h" + to the compiler, as it isn't included directly by bind-9 with + this patch. + + --with-idnlib=IDN_LIBSPEC + With this option, you can explicitly specify the argument(s) + to `cc' or `ld' to link the idnkit's library, `libidnkit'. If + this option is not specified, `-L${PREFIX}/lib -lidnkit' is + assumed, where ${PREFIX} is the installation prefix specified + with `--with-idn' option above. You may need to use this + option to specify extra argments, for example, + `--with-idnlib="-L/usr/local/lib -R/usr/local/lib -lidnkit"'. + +Please consult `README' for other configuration options. + +Note that if you want to specify some extra header file directories, +you should use the environment variable STD_CINCLUDES instead of +CFLAGS, as described in README. + +2. Compilation and installation + +After running "configure", just do + + make + make install + +for compiling and installing. + + +* Contact information + +Please see http//www.nic.ad.jp/en/idn/ for the latest news +about idnkit and this patch. + +Bug reports and comments on this kit should be sent to +mdnkit-bugs@nic.ad.jp and idn-cmt@nic.ad.jp, respectively. + +; $ISC: README.idnkit,v 1.2.2.2 2005/09/12 02:12:08 marka Exp $ diff --git a/usr.sbin/bind/bin/check/Makefile.in b/usr.sbin/bind/bin/check/Makefile.in index d1b6981fedf..1f682891b47 100644 --- a/usr.sbin/bind/bin/check/Makefile.in +++ b/usr.sbin/bind/bin/check/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2000-2003 Internet Software Consortium. # # Permission to use, copy, modify, and distribute this software for any @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.15.2.3.8.6 2004/07/20 07:01:48 marka Exp $ +# $ISC: Makefile.in,v 1.24.18.6 2006/06/09 00:54:08 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ @@ -75,7 +75,8 @@ named-checkconf@EXEEXT@: named-checkconf.@O@ check-tool.@O@ ${ISCDEPLIBS} \ named-checkzone@EXEEXT@: named-checkzone.@O@ check-tool.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS} ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \ - named-checkzone.@O@ check-tool.@O@ ${DNSLIBS} ${ISCLIBS} ${LIBS} + named-checkzone.@O@ check-tool.@O@ ${ISCCFGLIBS} ${DNSLIBS} \ + ${ISCLIBS} ${LIBS} doc man:: ${MANOBJS} @@ -89,7 +90,9 @@ installdirs: install:: named-checkconf@EXEEXT@ named-checkzone@EXEEXT@ installdirs ${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named-checkconf@EXEEXT@ ${DESTDIR}${sbindir} ${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named-checkzone@EXEEXT@ ${DESTDIR}${sbindir} + (cd ${DESTDIR}${sbindir}; rm -f named-compilezone@EXEEXT@; ${LINK_PROGRAM} named-checkzone@EXEEXT@ named-compilezone@EXEEXT@) for m in ${MANPAGES}; do ${INSTALL_DATA} ${srcdir}/$$m ${DESTDIR}${mandir}/man8; done + (cd ${DESTDIR}${mandir}/man8; rm -f named-compilezone.8; ${LINK_PROGRAM} named-checkzone.8 named-compilezone.8) clean distclean:: rm -f ${TARGETS} r1.htm diff --git a/usr.sbin/bind/bin/check/check-tool.h b/usr.sbin/bind/bin/check/check-tool.h index 69d490ef00b..bdd2280ed9d 100644 --- a/usr.sbin/bind/bin/check/check-tool.h +++ b/usr.sbin/bind/bin/check/check-tool.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,14 +15,17 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: check-tool.h,v 1.2.12.5 2004/03/08 04:04:13 marka Exp $ */ +/* $ISC: check-tool.h,v 1.7.18.4 2005/06/20 01:19:25 marka Exp $ */ #ifndef CHECK_TOOL_H #define CHECK_TOOL_H -#include <isc/lang.h> +/*! \file */ +#include <isc/lang.h> #include <isc/types.h> + +#include <dns/masterdump.h> #include <dns/types.h> ISC_LANG_BEGINDECLS @@ -32,13 +35,18 @@ setup_logging(isc_mem_t *mctx, isc_log_t **logp); isc_result_t load_zone(isc_mem_t *mctx, const char *zonename, const char *filename, - const char *classname, dns_zone_t **zonep); + dns_masterformat_t fileformat, const char *classname, + dns_zone_t **zonep); isc_result_t -dump_zone(const char *zonename, dns_zone_t *zone, const char *filename); +dump_zone(const char *zonename, dns_zone_t *zone, const char *filename, + dns_masterformat_t fileformat, const dns_master_style_t *style); extern int debug; extern isc_boolean_t nomerge; +extern isc_boolean_t docheckmx; +extern isc_boolean_t docheckns; +extern isc_boolean_t dochecksrv; extern unsigned int zone_options; ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/bin/check/named-checkconf.8 b/usr.sbin/bind/bin/check/named-checkconf.8 index 0eb0cf85a69..a04fd23eab2 100644 --- a/usr.sbin/bind/bin/check/named-checkconf.8 +++ b/usr.sbin/bind/bin/check/named-checkconf.8 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000-2002 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: named-checkconf.8,v 1.11.12.8 2006/06/29 13:02:30 marka Exp $ +.\" $ISC: named-checkconf.8,v 1.16.18.13 2007/06/20 02:26:58 marka Exp $ .\" .hy 0 .ad l .\" Title: named\-checkconf .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: June 14, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -39,27 +39,37 @@ named\-checkconf \- named configuration file syntax checking tool \fBnamed\-checkconf\fR checks the syntax, but not the semantics, of a named configuration file. .SH "OPTIONS" -.TP 3n +.PP \-t \fIdirectory\fR -chroot to +.RS 4 +Chroot to \fIdirectory\fR so that include directives in the configuration file are processed as if run by a similarly chrooted named. -.TP 3n +.RE +.PP \-v +.RS 4 Print the version of the \fBnamed\-checkconf\fR program and exit. -.TP 3n +.RE +.PP \-z -Perform a check load the master zonefiles found in +.RS 4 +Perform a test load of all master zones found in \fInamed.conf\fR. -.TP 3n +.RE +.PP \-j +.RS 4 When loading a zonefile read the journal if it exists. -.TP 3n +.RE +.PP filename +.RS 4 The name of the configuration file to be checked. If not specified, it defaults to \fI/etc/named.conf\fR. +.RE .SH "RETURN VALUES" .PP \fBnamed\-checkconf\fR @@ -67,9 +77,13 @@ returns an exit status of 1 if errors were detected and 0 otherwise. .SH "SEE ALSO" .PP \fBnamed\fR(8), +\fBnamed\-checkzone\fR(8), BIND 9 Administrator Reference Manual. .SH "AUTHOR" .PP Internet Systems Consortium .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000\-2002 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/bin/check/named-checkconf.c b/usr.sbin/bind/bin/check/named-checkconf.c index 30514adddc5..ab8fbcbccfe 100644 --- a/usr.sbin/bind/bin/check/named-checkconf.c +++ b/usr.sbin/bind/bin/check/named-checkconf.c @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: named-checkconf.c,v 1.12.12.11 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: named-checkconf.c,v 1.28.18.14 2006/02/28 03:10:47 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -39,7 +41,9 @@ #include <dns/fixedname.h> #include <dns/log.h> +#include <dns/name.h> #include <dns/result.h> +#include <dns/zone.h> #include "check-tool.h" @@ -52,6 +56,7 @@ isc_log_t *logc = NULL; goto cleanup; \ } while (0) +/*% usage */ static void usage(void) { fprintf(stderr, "usage: named-checkconf [-j] [-v] [-z] [-t directory] " @@ -59,6 +64,7 @@ usage(void) { exit(1); } +/*% directory callback */ static isc_result_t directory_callback(const char *clausename, const cfg_obj_t *obj, void *arg) { isc_result_t result; @@ -84,19 +90,84 @@ directory_callback(const char *clausename, const cfg_obj_t *obj, void *arg) { return (ISC_R_SUCCESS); } +static isc_boolean_t +get_maps(const cfg_obj_t **maps, const char *name, const cfg_obj_t **obj) { + int i; + for (i = 0;; i++) { + if (maps[i] == NULL) + return (ISC_FALSE); + if (cfg_map_get(maps[i], name, obj) == ISC_R_SUCCESS) + return (ISC_TRUE); + } +} + +static isc_boolean_t +get_checknames(const cfg_obj_t **maps, const cfg_obj_t **obj) { + const cfg_listelt_t *element; + const cfg_obj_t *checknames; + const cfg_obj_t *type; + const cfg_obj_t *value; + isc_result_t result; + int i; + + for (i = 0;; i++) { + if (maps[i] == NULL) + return (ISC_FALSE); + checknames = NULL; + result = cfg_map_get(maps[i], "check-names", &checknames); + if (result != ISC_R_SUCCESS) + continue; + if (checknames != NULL && !cfg_obj_islist(checknames)) { + *obj = checknames; + return (ISC_TRUE); + } + for (element = cfg_list_first(checknames); + element != NULL; + element = cfg_list_next(element)) { + value = cfg_listelt_value(element); + type = cfg_tuple_get(value, "type"); + if (strcasecmp(cfg_obj_asstring(type), "master") != 0) + continue; + *obj = cfg_tuple_get(value, "mode"); + return (ISC_TRUE); + } + } +} + +static isc_result_t +config_get(const cfg_obj_t **maps, const char *name, const cfg_obj_t **obj) { + int i; + + for (i = 0;; i++) { + if (maps[i] == NULL) + return (ISC_R_NOTFOUND); + if (cfg_map_get(maps[i], name, obj) == ISC_R_SUCCESS) + return (ISC_R_SUCCESS); + } +} + +/*% configure the zone */ static isc_result_t configure_zone(const char *vclass, const char *view, - const cfg_obj_t *zconfig, isc_mem_t *mctx) + const cfg_obj_t *zconfig, const cfg_obj_t *vconfig, + const cfg_obj_t *config, isc_mem_t *mctx) { + int i = 0; isc_result_t result; const char *zclass; const char *zname; const char *zfile; + const cfg_obj_t *maps[4]; const cfg_obj_t *zoptions = NULL; const cfg_obj_t *classobj = NULL; const cfg_obj_t *typeobj = NULL; const cfg_obj_t *fileobj = NULL; const cfg_obj_t *dbobj = NULL; + const cfg_obj_t *obj = NULL; + const cfg_obj_t *fmtobj = NULL; + dns_masterformat_t masterformat; + + zone_options = DNS_ZONEOPT_CHECKNS | DNS_ZONEOPT_MANYERRORS; zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name")); classobj = cfg_tuple_get(zconfig, "class"); @@ -104,7 +175,18 @@ configure_zone(const char *vclass, const char *view, zclass = vclass; else zclass = cfg_obj_asstring(classobj); + zoptions = cfg_tuple_get(zconfig, "options"); + maps[i++] = zoptions; + if (vconfig != NULL) + maps[i++] = cfg_tuple_get(vconfig, "options"); + if (config != NULL) { + cfg_map_get(config, "options", &obj); + if (obj != NULL) + maps[i++] = obj; + } + maps[i++] = NULL; + cfg_map_get(zoptions, "type", &typeobj); if (typeobj == NULL) return (ISC_R_FAILURE); @@ -117,13 +199,116 @@ configure_zone(const char *vclass, const char *view, if (fileobj == NULL) return (ISC_R_FAILURE); zfile = cfg_obj_asstring(fileobj); - result = load_zone(mctx, zname, zfile, zclass, NULL); + + obj = NULL; + if (get_maps(maps, "check-mx", &obj)) { + if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) { + zone_options |= DNS_ZONEOPT_CHECKMX; + zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL; + } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) { + zone_options |= DNS_ZONEOPT_CHECKMX; + zone_options |= DNS_ZONEOPT_CHECKMXFAIL; + } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) { + zone_options &= ~DNS_ZONEOPT_CHECKMX; + zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL; + } else + INSIST(0); + } else { + zone_options |= DNS_ZONEOPT_CHECKMX; + zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL; + } + + obj = NULL; + if (get_maps(maps, "check-integrity", &obj)) { + if (cfg_obj_asboolean(obj)) + zone_options |= DNS_ZONEOPT_CHECKINTEGRITY; + else + zone_options &= ~DNS_ZONEOPT_CHECKINTEGRITY; + } + + obj = NULL; + if (get_maps(maps, "check-mx-cname", &obj)) { + if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) { + zone_options |= DNS_ZONEOPT_WARNMXCNAME; + zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME; + } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) { + zone_options &= ~DNS_ZONEOPT_WARNMXCNAME; + zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME; + } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) { + zone_options |= DNS_ZONEOPT_WARNMXCNAME; + zone_options |= DNS_ZONEOPT_IGNOREMXCNAME; + } else + INSIST(0); + } else { + zone_options |= DNS_ZONEOPT_WARNMXCNAME; + zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME; + } + + obj = NULL; + if (get_maps(maps, "check-srv-cname", &obj)) { + if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) { + zone_options |= DNS_ZONEOPT_WARNSRVCNAME; + zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME; + } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) { + zone_options &= ~DNS_ZONEOPT_WARNSRVCNAME; + zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME; + } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) { + zone_options |= DNS_ZONEOPT_WARNSRVCNAME; + zone_options |= DNS_ZONEOPT_IGNORESRVCNAME; + } else + INSIST(0); + } else { + zone_options |= DNS_ZONEOPT_WARNSRVCNAME; + zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME; + } + + obj = NULL; + if (get_maps(maps, "check-sibling", &obj)) { + if (cfg_obj_asboolean(obj)) + zone_options |= DNS_ZONEOPT_CHECKSIBLING; + else + zone_options &= ~DNS_ZONEOPT_CHECKSIBLING; + } + + obj = NULL; + if (get_checknames(maps, &obj)) { + if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) { + zone_options |= DNS_ZONEOPT_CHECKNAMES; + zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL; + } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) { + zone_options |= DNS_ZONEOPT_CHECKNAMES; + zone_options |= DNS_ZONEOPT_CHECKNAMESFAIL; + } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) { + zone_options &= ~DNS_ZONEOPT_CHECKNAMES; + zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL; + } else + INSIST(0); + } else { + zone_options |= DNS_ZONEOPT_CHECKNAMES; + zone_options |= DNS_ZONEOPT_CHECKNAMESFAIL; + } + + masterformat = dns_masterformat_text; + fmtobj = NULL; + result = config_get(maps, "masterfile-format", &fmtobj); + if (result == ISC_R_SUCCESS) { + const char *masterformatstr = cfg_obj_asstring(fmtobj); + if (strcasecmp(masterformatstr, "text") == 0) + masterformat = dns_masterformat_text; + else if (strcasecmp(masterformatstr, "raw") == 0) + masterformat = dns_masterformat_raw; + else + INSIST(0); + } + + result = load_zone(mctx, zname, zfile, masterformat, zclass, NULL); if (result != ISC_R_SUCCESS) fprintf(stderr, "%s/%s/%s: %s\n", view, zname, zclass, dns_result_totext(result)); return(result); } +/*% configure a view */ static isc_result_t configure_view(const char *vclass, const char *view, const cfg_obj_t *config, const cfg_obj_t *vconfig, isc_mem_t *mctx) @@ -149,7 +334,8 @@ configure_view(const char *vclass, const char *view, const cfg_obj_t *config, element = cfg_list_next(element)) { const cfg_obj_t *zconfig = cfg_listelt_value(element); - tresult = configure_zone(vclass, view, zconfig, mctx); + tresult = configure_zone(vclass, view, zconfig, vconfig, + config, mctx); if (tresult != ISC_R_SUCCESS) result = tresult; } @@ -157,6 +343,7 @@ configure_view(const char *vclass, const char *view, const cfg_obj_t *config, } +/*% load zones from the configuration */ static isc_result_t load_zones_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx) { const cfg_listelt_t *element; @@ -197,6 +384,7 @@ load_zones_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx) { return (result); } +/*% The main processing routine */ int main(int argc, char **argv) { int c; @@ -240,6 +428,9 @@ main(int argc, char **argv) { case 'z': load_zones = ISC_TRUE; + docheckmx = ISC_FALSE; + docheckns = ISC_FALSE; + dochecksrv = ISC_FALSE; break; default: @@ -275,8 +466,6 @@ main(int argc, char **argv) { exit_status = 1; if (result == ISC_R_SUCCESS && load_zones) { - dns_log_init(logc); - dns_log_setcontext(logc); result = load_zones_fromconfig(config, mctx); if (result != ISC_R_SUCCESS) exit_status = 1; @@ -286,6 +475,8 @@ main(int argc, char **argv) { cfg_parser_destroy(&parser); + dns_name_destroy(); + isc_log_destroy(&logc); isc_hash_destroy(); diff --git a/usr.sbin/bind/bin/check/named-checkconf.docbook b/usr.sbin/bind/bin/check/named-checkconf.docbook index 72b67403252..cecc43c0da1 100644 --- a/usr.sbin/bind/bin/check/named-checkconf.docbook +++ b/usr.sbin/bind/bin/check/named-checkconf.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000-2002 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,9 +18,8 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: named-checkconf.docbook,v 1.3.2.1.8.7 2005/05/12 21:35:56 sra Exp $ --> - -<refentry> +<!-- $ISC: named-checkconf.docbook,v 1.8.18.10 2007/08/28 07:19:55 tbox Exp $ --> +<refentry id="man.named-checkconf"> <refentryinfo> <date>June 14, 2000</date> </refentryinfo> @@ -35,6 +34,7 @@ <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -63,9 +63,9 @@ <refsect1> <title>DESCRIPTION</title> - <para> - <command>named-checkconf</command> checks the syntax, but not - the semantics, of a named configuration file. + <para><command>named-checkconf</command> + checks the syntax, but not the semantics, of a named + configuration file. </para> </refsect1> @@ -75,52 +75,53 @@ <variablelist> <varlistentry> <term>-t <replaceable class="parameter">directory</replaceable></term> - <listitem> - <para> - chroot to <filename>directory</filename> so that include - directives in the configuration file are processed as if - run by a similarly chrooted named. - </para> - </listitem> + <listitem> + <para> + Chroot to <filename>directory</filename> so that + include + directives in the configuration file are processed as if + run by a similarly chrooted named. + </para> + </listitem> </varlistentry> <varlistentry> <term>-v</term> - <listitem> - <para> - Print the version of the <command>named-checkconf</command> - program and exit. - </para> - </listitem> + <listitem> + <para> + Print the version of the <command>named-checkconf</command> + program and exit. + </para> + </listitem> </varlistentry> <varlistentry> <term>-z</term> - <listitem> - <para> - Perform a check load the master zonefiles found in - <filename>named.conf</filename>. - </para> - </listitem> + <listitem> + <para> + Perform a test load of all master zones found in + <filename>named.conf</filename>. + </para> + </listitem> </varlistentry> <varlistentry> <term>-j</term> - <listitem> - <para> - When loading a zonefile read the journal if it exists. - </para> - </listitem> + <listitem> + <para> + When loading a zonefile read the journal if it exists. + </para> + </listitem> </varlistentry> <varlistentry> <term>filename</term> - <listitem> - <para> - The name of the configuration file to be checked. If not - specified, it defaults to <filename>/etc/named.conf</filename>. - </para> - </listitem> + <listitem> + <para> + The name of the configuration file to be checked. If not + specified, it defaults to <filename>/etc/named.conf</filename>. + </para> + </listitem> </varlistentry> </variablelist> @@ -129,18 +130,19 @@ <refsect1> <title>RETURN VALUES</title> - <para> - <command>named-checkconf</command> returns an exit status of 1 if - errors were detected and 0 otherwise. + <para><command>named-checkconf</command> + returns an exit status of 1 if + errors were detected and 0 otherwise. </para> </refsect1> <refsect1> <title>SEE ALSO</title> - <para> + <para><citerefentry> + <refentrytitle>named</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>, <citerefentry> - <refentrytitle>named</refentrytitle> - <manvolnum>8</manvolnum> + <refentrytitle>named-checkzone</refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citetitle>BIND 9 Administrator Reference Manual</citetitle>. </para> @@ -148,16 +150,12 @@ <refsect1> <title>AUTHOR</title> - <para> - <corpauthor>Internet Systems Consortium</corpauthor> + <para><corpauthor>Internet Systems Consortium</corpauthor> </para> </refsect1> -</refentry> - -<!-- +</refentry><!-- - Local variables: - mode: sgml - End: --> - diff --git a/usr.sbin/bind/bin/check/named-checkzone.8 b/usr.sbin/bind/bin/check/named-checkzone.8 index c0b9f48047d..e550e8d7ef8 100644 --- a/usr.sbin/bind/bin/check/named-checkzone.8 +++ b/usr.sbin/bind/bin/check/named-checkzone.8 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000-2002 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: named-checkzone.8,v 1.11.2.1.8.11 2006/10/05 02:50:17 marka Exp $ +.\" $ISC: named-checkzone.8,v 1.18.18.23 2007/06/20 02:26:58 marka Exp $ .\" .hy 0 .ad l .\" Title: named\-checkzone .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: June 13, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -30,10 +30,12 @@ .\" disable justification (adjust text to left margin only) .ad l .SH "NAME" -named\-checkzone \- zone file validity checking tool +named\-checkzone, named\-compilezone \- zone file validity checking or converting tool .SH "SYNOPSIS" .HP 16 -\fBnamed\-checkzone\fR [\fB\-d\fR] [\fB\-j\fR] [\fB\-q\fR] [\fB\-v\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-k\ \fR\fB\fImode\fR\fR] [\fB\-n\ \fR\fB\fImode\fR\fR] [\fB\-o\ \fR\fB\fIfilename\fR\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-w\ \fR\fB\fIdirectory\fR\fR] [\fB\-D\fR] {zonename} {filename} +\fBnamed\-checkzone\fR [\fB\-d\fR] [\fB\-j\fR] [\fB\-q\fR] [\fB\-v\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-f\ \fR\fB\fIformat\fR\fR] [\fB\-F\ \fR\fB\fIformat\fR\fR] [\fB\-i\ \fR\fB\fImode\fR\fR] [\fB\-k\ \fR\fB\fImode\fR\fR] [\fB\-m\ \fR\fB\fImode\fR\fR] [\fB\-M\ \fR\fB\fImode\fR\fR] [\fB\-n\ \fR\fB\fImode\fR\fR] [\fB\-o\ \fR\fB\fIfilename\fR\fR] [\fB\-s\ \fR\fB\fIstyle\fR\fR] [\fB\-S\ \fR\fB\fImode\fR\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-w\ \fR\fB\fIdirectory\fR\fR] [\fB\-D\fR] [\fB\-W\ \fR\fB\fImode\fR\fR] {zonename} {filename} +.HP 18 +\fBnamed\-compilezone\fR [\fB\-d\fR] [\fB\-j\fR] [\fB\-q\fR] [\fB\-v\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-C\ \fR\fB\fImode\fR\fR] [\fB\-f\ \fR\fB\fIformat\fR\fR] [\fB\-F\ \fR\fB\fIformat\fR\fR] [\fB\-i\ \fR\fB\fImode\fR\fR] [\fB\-k\ \fR\fB\fImode\fR\fR] [\fB\-m\ \fR\fB\fImode\fR\fR] [\fB\-n\ \fR\fB\fImode\fR\fR] [\fB\-o\ \fR\fB\fIfilename\fR\fR] [\fB\-s\ \fR\fB\fIstyle\fR\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-w\ \fR\fB\fIdirectory\fR\fR] [\fB\-D\fR] [\fB\-W\ \fR\fB\fImode\fR\fR] {zonename} {filename} .SH "DESCRIPTION" .PP \fBnamed\-checkzone\fR @@ -42,64 +44,211 @@ checks the syntax and integrity of a zone file. It performs the same checks as does when loading a zone. This makes \fBnamed\-checkzone\fR useful for checking zone files before configuring them into a name server. +.PP +\fBnamed\-compilezone\fR +is similar to +\fBnamed\-checkzone\fR, but it always dumps the zone contents to a specified file in a specified format. Additionally, it applies stricter check levels by default, since the dump output will be used as an actual zone file loaded by +\fBnamed\fR. When manually specified otherwise, the check levels must at least be as strict as those specified in the +\fBnamed\fR +configuration file. .SH "OPTIONS" -.TP 3n +.PP \-d +.RS 4 Enable debugging. -.TP 3n +.RE +.PP \-q +.RS 4 Quiet mode \- exit code only. -.TP 3n +.RE +.PP \-v +.RS 4 Print the version of the \fBnamed\-checkzone\fR program and exit. -.TP 3n +.RE +.PP \-j +.RS 4 When loading the zone file read the journal if it exists. -.TP 3n +.RE +.PP \-c \fIclass\fR +.RS 4 Specify the class of the zone. If not specified "IN" is assumed. -.TP 3n +.RE +.PP +\-i \fImode\fR +.RS 4 +Perform post\-load zone integrity checks. Possible modes are +\fB"full"\fR +(default), +\fB"full\-sibling"\fR, +\fB"local"\fR, +\fB"local\-sibling"\fR +and +\fB"none"\fR. +.sp +Mode +\fB"full"\fR +checks that MX records refer to A or AAAA record (both in\-zone and out\-of\-zone hostnames). Mode +\fB"local"\fR +only checks MX records which refer to in\-zone hostnames. +.sp +Mode +\fB"full"\fR +checks that SRV records refer to A or AAAA record (both in\-zone and out\-of\-zone hostnames). Mode +\fB"local"\fR +only checks SRV records which refer to in\-zone hostnames. +.sp +Mode +\fB"full"\fR +checks that delegation NS records refer to A or AAAA record (both in\-zone and out\-of\-zone hostnames). It also checks that glue address records in the zone match those advertised by the child. Mode +\fB"local"\fR +only checks NS records which refer to in\-zone hostnames or that some required glue exists, that is when the nameserver is in a child zone. +.sp +Mode +\fB"full\-sibling"\fR +and +\fB"local\-sibling"\fR +disable sibling glue checks but are otherwise the same as +\fB"full"\fR +and +\fB"local"\fR +respectively. +.sp +Mode +\fB"none"\fR +disables the checks. +.RE +.PP +\-f \fIformat\fR +.RS 4 +Specify the format of the zone file. Possible formats are +\fB"text"\fR +(default) and +\fB"raw"\fR. +.RE +.PP +\-F \fIformat\fR +.RS 4 +Specify the format of the output file specified. Possible formats are +\fB"text"\fR +(default) and +\fB"raw"\fR. For +\fBnamed\-checkzone\fR, this does not cause any effects unless it dumps the zone contents. +.RE +.PP \-k \fImode\fR +.RS 4 Perform \fB"check\-names"\fR checks with the specified failure mode. Possible modes are +\fB"fail"\fR +(default for +\fBnamed\-compilezone\fR), +\fB"warn"\fR +(default for +\fBnamed\-checkzone\fR) and +\fB"ignore"\fR. +.RE +.PP +\-m \fImode\fR +.RS 4 +Specify whether MX records should be checked to see if they are addresses. Possible modes are \fB"fail"\fR, \fB"warn"\fR (default) and \fB"ignore"\fR. -.TP 3n -\-n \fImode\fR -Specify whether NS records should be checked to see if they are addresses. Possible modes are +.RE +.PP +\-M \fImode\fR +.RS 4 +Check if a MX record refers to a CNAME. Possible modes are \fB"fail"\fR, \fB"warn"\fR (default) and \fB"ignore"\fR. -.TP 3n +.RE +.PP +\-n \fImode\fR +.RS 4 +Specify whether NS records should be checked to see if they are addresses. Possible modes are +\fB"fail"\fR +(default for +\fBnamed\-compilezone\fR), +\fB"warn"\fR +(default for +\fBnamed\-checkzone\fR) and +\fB"ignore"\fR. +.RE +.PP \-o \fIfilename\fR +.RS 4 Write zone output to -\fIfilename\fR. -.TP 3n +\fIfilename\fR. This is mandatory for +\fBnamed\-compilezone\fR. +.RE +.PP +\-s \fIstyle\fR +.RS 4 +Specify the style of the dumped zone file. Possible styles are +\fB"full"\fR +(default) and +\fB"relative"\fR. The full format is most suitable for processing automatically by a separate script. On the other hand, the relative format is more human\-readable and is thus suitable for editing by hand. For +\fBnamed\-checkzone\fR +this does not cause any effects unless it dumps the zone contents. It also does not have any meaning if the output format is not text. +.RE +.PP +\-S \fImode\fR +.RS 4 +Check if a SRV record refers to a CNAME. Possible modes are +\fB"fail"\fR, +\fB"warn"\fR +(default) and +\fB"ignore"\fR. +.RE +.PP \-t \fIdirectory\fR -chroot to +.RS 4 +Chroot to \fIdirectory\fR so that include directives in the configuration file are processed as if run by a similarly chrooted named. -.TP 3n +.RE +.PP \-w \fIdirectory\fR +.RS 4 chdir to \fIdirectory\fR so that relative filenames in master file $INCLUDE directives work. This is similar to the directory clause in \fInamed.conf\fR. -.TP 3n +.RE +.PP \-D -Dump zone file in canonical format. -.TP 3n +.RS 4 +Dump zone file in canonical format. This is always enabled for +\fBnamed\-compilezone\fR. +.RE +.PP +\-W \fImode\fR +.RS 4 +Specify whether to check for non\-terminal wildcards. Non\-terminal wildcards are almost always the result of a failure to understand the wildcard matching algorithm (RFC 1034). Possible modes are +\fB"warn"\fR +(default) and +\fB"ignore"\fR. +.RE +.PP zonename +.RS 4 The domain name of the zone being checked. -.TP 3n +.RE +.PP filename +.RS 4 The name of the zone file. +.RE .SH "RETURN VALUES" .PP \fBnamed\-checkzone\fR @@ -107,10 +256,14 @@ returns an exit status of 1 if errors were detected and 0 otherwise. .SH "SEE ALSO" .PP \fBnamed\fR(8), +\fBnamed\-checkconf\fR(8), RFC 1035, BIND 9 Administrator Reference Manual. .SH "AUTHOR" .PP Internet Systems Consortium .SH "COPYRIGHT" -Copyright \(co 2004\-2006 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004\-2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000\-2002 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/bin/check/named-checkzone.c b/usr.sbin/bind/bin/check/named-checkzone.c index fcb068cdd92..8f205a7ef39 100644 --- a/usr.sbin/bind/bin/check/named-checkzone.c +++ b/usr.sbin/bind/bin/check/named-checkzone.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: named-checkzone.c,v 1.13.2.3.8.11 2004/10/25 01:36:06 marka Exp $ */ +/* $ISC: named-checkzone.c,v 1.29.18.19 2007/08/28 07:19:55 tbox Exp $ */ + +/*! \file */ #include <config.h> @@ -37,9 +39,12 @@ #include <dns/db.h> #include <dns/fixedname.h> #include <dns/log.h> +#include <dns/masterdump.h> +#include <dns/name.h> #include <dns/rdataclass.h> #include <dns/rdataset.h> #include <dns/result.h> +#include <dns/types.h> #include <dns/zone.h> #include "check-tool.h" @@ -51,6 +56,9 @@ dns_zone_t *zone = NULL; dns_zonetype_t zonetype = dns_zone_master; static int dumpzone = 0; static const char *output_filename; +static char *prog_name = NULL; +static const dns_master_style_t *outputstyle = NULL; +static enum { progmode_check, progmode_compile } progmode; #define ERRRET(result, function) \ do { \ @@ -65,9 +73,13 @@ static const char *output_filename; static void usage(void) { fprintf(stderr, - "usage: named-checkzone [-djqvD] [-c class] [-o output] " + "usage: %s [-djqvD] [-c class] [-o output] " + "[-f inputformat] [-F outputformat] " "[-t directory] [-w directory] [-k (ignore|warn|fail)] " - "[-n (ignore|warn|fail)] zonename filename\n"); + "[-n (ignore|warn|fail)] [-m (ignore|warn|fail)] " + "[-i (full|local|none)] [-M (ignore|warn|fail)] " + "[-S (ignore|warn|fail)] [-W (ignore|warn)] " + "zonename filename\n", prog_name); exit(1); } @@ -75,8 +87,10 @@ static void destroy(void) { if (zone != NULL) dns_zone_detach(&zone); + dns_name_destroy(); } +/*% main processing routine */ int main(int argc, char **argv) { int c; @@ -87,8 +101,47 @@ main(int argc, char **argv) { char classname_in[] = "IN"; char *classname = classname_in; const char *workdir = NULL; + const char *inputformatstr = NULL; + const char *outputformatstr = NULL; + dns_masterformat_t inputformat = dns_masterformat_text; + dns_masterformat_t outputformat = dns_masterformat_text; + + outputstyle = &dns_master_style_full; + + prog_name = strrchr(argv[0], '/'); + if (prog_name == NULL) + prog_name = strrchr(argv[0], '\\'); + if (prog_name != NULL) + prog_name++; + else + prog_name = argv[0]; + /* + * Libtool doesn't preserve the program name prior to final + * installation. Remove the libtool prefix ("lt-"). + */ + if (strncmp(prog_name, "lt-", 3) == 0) + prog_name += 3; + if (strcmp(prog_name, "named-checkzone") == 0) + progmode = progmode_check; + else if (strcmp(prog_name, "named-compilezone") == 0) + progmode = progmode_compile; + else + INSIST(0); + + /* Compilation specific defaults */ + if (progmode == progmode_compile) { + zone_options |= (DNS_ZONEOPT_CHECKNS | + DNS_ZONEOPT_FATALNS | + DNS_ZONEOPT_CHECKNAMES | + DNS_ZONEOPT_CHECKNAMESFAIL | + DNS_ZONEOPT_CHECKWILDCARD); + } + +#define ARGCMP(X) (strcmp(isc_commandline_argument, X) == 0) - while ((c = isc_commandline_parse(argc, argv, "c:dijk:n:qst:o:vw:D")) != EOF) { + while ((c = isc_commandline_parse(argc, argv, + "c:df:i:jk:m:n:qs:t:o:vw:DF:M:S:W:")) + != EOF) { switch (c) { case 'c': classname = isc_commandline_argument; @@ -98,34 +151,104 @@ main(int argc, char **argv) { debug++; break; + case 'i': + if (ARGCMP("full")) { + zone_options |= DNS_ZONEOPT_CHECKINTEGRITY | + DNS_ZONEOPT_CHECKSIBLING; + docheckmx = ISC_TRUE; + docheckns = ISC_TRUE; + dochecksrv = ISC_TRUE; + } else if (ARGCMP("full-sibling")) { + zone_options |= DNS_ZONEOPT_CHECKINTEGRITY; + zone_options &= ~DNS_ZONEOPT_CHECKSIBLING; + docheckmx = ISC_TRUE; + docheckns = ISC_TRUE; + dochecksrv = ISC_TRUE; + } else if (ARGCMP("local")) { + zone_options |= DNS_ZONEOPT_CHECKINTEGRITY; + zone_options |= DNS_ZONEOPT_CHECKSIBLING; + docheckmx = ISC_FALSE; + docheckns = ISC_FALSE; + dochecksrv = ISC_FALSE; + } else if (ARGCMP("local-sibling")) { + zone_options |= DNS_ZONEOPT_CHECKINTEGRITY; + zone_options &= ~DNS_ZONEOPT_CHECKSIBLING; + docheckmx = ISC_FALSE; + docheckns = ISC_FALSE; + dochecksrv = ISC_FALSE; + } else if (ARGCMP("none")) { + zone_options &= ~DNS_ZONEOPT_CHECKINTEGRITY; + zone_options &= ~DNS_ZONEOPT_CHECKSIBLING; + docheckmx = ISC_FALSE; + docheckns = ISC_FALSE; + dochecksrv = ISC_FALSE; + } else { + fprintf(stderr, "invalid argument to -i: %s\n", + isc_commandline_argument); + exit(1); + } + break; + + case 'f': + inputformatstr = isc_commandline_argument; + break; + + case 'F': + outputformatstr = isc_commandline_argument; + break; + case 'j': nomerge = ISC_FALSE; break; + case 'k': + if (ARGCMP("warn")) { + zone_options |= DNS_ZONEOPT_CHECKNAMES; + zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL; + } else if (ARGCMP("fail")) { + zone_options |= DNS_ZONEOPT_CHECKNAMES | + DNS_ZONEOPT_CHECKNAMESFAIL; + } else if (ARGCMP("ignore")) { + zone_options &= ~(DNS_ZONEOPT_CHECKNAMES | + DNS_ZONEOPT_CHECKNAMESFAIL); + } else { + fprintf(stderr, "invalid argument to -k: %s\n", + isc_commandline_argument); + exit(1); + } + break; + case 'n': - if (!strcmp(isc_commandline_argument, "ignore")) + if (ARGCMP("ignore")) { zone_options &= ~(DNS_ZONEOPT_CHECKNS| DNS_ZONEOPT_FATALNS); - else if (!strcmp(isc_commandline_argument, "warn")) { + } else if (ARGCMP("warn")) { zone_options |= DNS_ZONEOPT_CHECKNS; zone_options &= ~DNS_ZONEOPT_FATALNS; - } else if (!strcmp(isc_commandline_argument, "fail")) + } else if (ARGCMP("fail")) { zone_options |= DNS_ZONEOPT_CHECKNS| DNS_ZONEOPT_FATALNS; + } else { + fprintf(stderr, "invalid argument to -n: %s\n", + isc_commandline_argument); + exit(1); + } break; - case 'k': - if (!strcmp(isc_commandline_argument, "warn")) { - zone_options |= DNS_ZONEOPT_CHECKNAMES; - zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL; - } else if (!strcmp(isc_commandline_argument, - "fail")) { - zone_options |= DNS_ZONEOPT_CHECKNAMES | - DNS_ZONEOPT_CHECKNAMESFAIL; - } else if (!strcmp(isc_commandline_argument, - "ignore")) { - zone_options &= ~(DNS_ZONEOPT_CHECKNAMES | - DNS_ZONEOPT_CHECKNAMESFAIL); + case 'm': + if (ARGCMP("warn")) { + zone_options |= DNS_ZONEOPT_CHECKMX; + zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL; + } else if (ARGCMP("fail")) { + zone_options |= DNS_ZONEOPT_CHECKMX | + DNS_ZONEOPT_CHECKMXFAIL; + } else if (ARGCMP("ignore")) { + zone_options &= ~(DNS_ZONEOPT_CHECKMX | + DNS_ZONEOPT_CHECKMXFAIL); + } else { + fprintf(stderr, "invalid argument to -m: %s\n", + isc_commandline_argument); + exit(1); } break; @@ -149,6 +272,19 @@ main(int argc, char **argv) { } break; + case 's': + if (ARGCMP("full")) + outputstyle = &dns_master_style_full; + else if (ARGCMP("relative")) { + outputstyle = &dns_master_style_default; + } else { + fprintf(stderr, + "unknown or unsupported style: %s\n", + isc_commandline_argument); + exit(1); + } + break; + case 'o': output_filename = isc_commandline_argument; break; @@ -165,11 +301,61 @@ main(int argc, char **argv) { dumpzone++; break; + case 'M': + if (ARGCMP("fail")) { + zone_options &= ~DNS_ZONEOPT_WARNMXCNAME; + zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME; + } else if (ARGCMP("warn")) { + zone_options |= DNS_ZONEOPT_WARNMXCNAME; + zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME; + } else if (ARGCMP("ignore")) { + zone_options |= DNS_ZONEOPT_WARNMXCNAME; + zone_options |= DNS_ZONEOPT_IGNOREMXCNAME; + } else { + fprintf(stderr, "invalid argument to -M: %s\n", + isc_commandline_argument); + exit(1); + } + break; + + case 'S': + if (ARGCMP("fail")) { + zone_options &= ~DNS_ZONEOPT_WARNSRVCNAME; + zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME; + } else if (ARGCMP("warn")) { + zone_options |= DNS_ZONEOPT_WARNSRVCNAME; + zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME; + } else if (ARGCMP("ignore")) { + zone_options |= DNS_ZONEOPT_WARNSRVCNAME; + zone_options |= DNS_ZONEOPT_IGNORESRVCNAME; + } else { + fprintf(stderr, "invalid argument to -S: %s\n", + isc_commandline_argument); + exit(1); + } + break; + + case 'W': + if (ARGCMP("warn")) + zone_options |= DNS_ZONEOPT_CHECKWILDCARD; + else if (ARGCMP("ignore")) + zone_options &= ~DNS_ZONEOPT_CHECKWILDCARD; + break; + default: usage(); } } + if (progmode == progmode_compile) { + dumpzone = 1; /* always dump */ + if (output_filename == NULL) { + fprintf(stderr, + "output file required, but not specified\n"); + usage(); + } + } + if (workdir != NULL) { result = isc_dir_chdir(workdir); if (result != ISC_R_SUCCESS) { @@ -179,15 +365,36 @@ main(int argc, char **argv) { } } + if (inputformatstr != NULL) { + if (strcasecmp(inputformatstr, "text") == 0) + inputformat = dns_masterformat_text; + else if (strcasecmp(inputformatstr, "raw") == 0) + inputformat = dns_masterformat_raw; + else { + fprintf(stderr, "unknown file format: %s\n", + inputformatstr); + exit(1); + } + } + + if (outputformatstr != NULL) { + if (strcasecmp(outputformatstr, "text") == 0) + outputformat = dns_masterformat_text; + else if (strcasecmp(outputformatstr, "raw") == 0) + outputformat = dns_masterformat_raw; + else { + fprintf(stderr, "unknown file format: %s\n", + outputformatstr); + exit(1); + } + } + if (isc_commandline_index + 2 > argc) usage(); RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS); - if (!quiet) { + if (!quiet) RUNTIME_CHECK(setup_logging(mctx, &lctx) == ISC_R_SUCCESS); - dns_log_init(lctx); - dns_log_setcontext(lctx); - } RUNTIME_CHECK(isc_entropy_create(mctx, &ectx) == ISC_R_SUCCESS); RUNTIME_CHECK(isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE) == ISC_R_SUCCESS); @@ -196,10 +403,18 @@ main(int argc, char **argv) { origin = argv[isc_commandline_index++]; filename = argv[isc_commandline_index++]; - result = load_zone(mctx, origin, filename, classname, &zone); + result = load_zone(mctx, origin, filename, inputformat, classname, + &zone); if (result == ISC_R_SUCCESS && dumpzone) { - result = dump_zone(origin, zone, output_filename); + if (!quiet && progmode == progmode_compile) { + fprintf(stdout, "dump zone to %s...", output_filename); + fflush(stdout); + } + result = dump_zone(origin, zone, output_filename, + outputformat, outputstyle); + if (!quiet && progmode == progmode_compile) + fprintf(stdout, "done\n"); } if (!quiet && result == ISC_R_SUCCESS) diff --git a/usr.sbin/bind/bin/check/named-checkzone.docbook b/usr.sbin/bind/bin/check/named-checkzone.docbook index 116f47f9a48..477582cc896 100644 --- a/usr.sbin/bind/bin/check/named-checkzone.docbook +++ b/usr.sbin/bind/bin/check/named-checkzone.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000-2002 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,9 +18,8 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: named-checkzone.docbook,v 1.3.2.2.8.13 2006/09/30 23:58:36 marka Exp $ --> - -<refentry> +<!-- $ISC: named-checkzone.docbook,v 1.11.18.21 2007/08/28 07:19:55 tbox Exp $ --> +<refentry id="man.named-checkzone"> <refentryinfo> <date>June 13, 2000</date> </refentryinfo> @@ -36,6 +35,7 @@ <year>2004</year> <year>2005</year> <year>2006</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -48,7 +48,8 @@ <refnamediv> <refname><application>named-checkzone</application></refname> - <refpurpose>zone file validity checking tool</refpurpose> + <refname><application>named-compilezone</application></refname> + <refpurpose>zone file validity checking or converting tool</refpurpose> </refnamediv> <refsynopsisdiv> @@ -59,12 +60,43 @@ <arg><option>-q</option></arg> <arg><option>-v</option></arg> <arg><option>-c <replaceable class="parameter">class</replaceable></option></arg> + <arg><option>-f <replaceable class="parameter">format</replaceable></option></arg> + <arg><option>-F <replaceable class="parameter">format</replaceable></option></arg> + <arg><option>-i <replaceable class="parameter">mode</replaceable></option></arg> + <arg><option>-k <replaceable class="parameter">mode</replaceable></option></arg> + <arg><option>-m <replaceable class="parameter">mode</replaceable></option></arg> + <arg><option>-M <replaceable class="parameter">mode</replaceable></option></arg> + <arg><option>-n <replaceable class="parameter">mode</replaceable></option></arg> + <arg><option>-o <replaceable class="parameter">filename</replaceable></option></arg> + <arg><option>-s <replaceable class="parameter">style</replaceable></option></arg> + <arg><option>-S <replaceable class="parameter">mode</replaceable></option></arg> + <arg><option>-t <replaceable class="parameter">directory</replaceable></option></arg> + <arg><option>-w <replaceable class="parameter">directory</replaceable></option></arg> + <arg><option>-D</option></arg> + <arg><option>-W <replaceable class="parameter">mode</replaceable></option></arg> + <arg choice="req">zonename</arg> + <arg choice="req">filename</arg> + </cmdsynopsis> + <cmdsynopsis> + <command>named-compilezone</command> + <arg><option>-d</option></arg> + <arg><option>-j</option></arg> + <arg><option>-q</option></arg> + <arg><option>-v</option></arg> + <arg><option>-c <replaceable class="parameter">class</replaceable></option></arg> + <arg><option>-C <replaceable class="parameter">mode</replaceable></option></arg> + <arg><option>-f <replaceable class="parameter">format</replaceable></option></arg> + <arg><option>-F <replaceable class="parameter">format</replaceable></option></arg> + <arg><option>-i <replaceable class="parameter">mode</replaceable></option></arg> <arg><option>-k <replaceable class="parameter">mode</replaceable></option></arg> + <arg><option>-m <replaceable class="parameter">mode</replaceable></option></arg> <arg><option>-n <replaceable class="parameter">mode</replaceable></option></arg> <arg><option>-o <replaceable class="parameter">filename</replaceable></option></arg> + <arg><option>-s <replaceable class="parameter">style</replaceable></option></arg> <arg><option>-t <replaceable class="parameter">directory</replaceable></option></arg> <arg><option>-w <replaceable class="parameter">directory</replaceable></option></arg> <arg><option>-D</option></arg> + <arg><option>-W <replaceable class="parameter">mode</replaceable></option></arg> <arg choice="req">zonename</arg> <arg choice="req">filename</arg> </cmdsynopsis> @@ -72,13 +104,23 @@ <refsect1> <title>DESCRIPTION</title> - <para> - <command>named-checkzone</command> checks the syntax and integrity of - a zone file. It performs the same checks as <command>named</command> - does when loading a zone. This makes - <command>named-checkzone</command> useful for checking zone - files before configuring them into a name server. + <para><command>named-checkzone</command> + checks the syntax and integrity of a zone file. It performs the + same checks as <command>named</command> does when loading a + zone. This makes <command>named-checkzone</command> useful for + checking zone files before configuring them into a name server. </para> + <para> + <command>named-compilezone</command> is similar to + <command>named-checkzone</command>, but it always dumps the + zone contents to a specified file in a specified format. + Additionally, it applies stricter check levels by default, + since the dump output will be used as an actual zone file + loaded by <command>named</command>. + When manually specified otherwise, the check levels must at + least be as strict as those specified in the + <command>named</command> configuration file. + </para> </refsect1> <refsect1> @@ -87,131 +129,280 @@ <variablelist> <varlistentry> <term>-d</term> - <listitem> - <para> - Enable debugging. - </para> - </listitem> + <listitem> + <para> + Enable debugging. + </para> + </listitem> </varlistentry> <varlistentry> <term>-q</term> - <listitem> - <para> - Quiet mode - exit code only. - </para> - </listitem> + <listitem> + <para> + Quiet mode - exit code only. + </para> + </listitem> </varlistentry> <varlistentry> <term>-v</term> - <listitem> - <para> - Print the version of the <command>named-checkzone</command> - program and exit. - </para> - </listitem> + <listitem> + <para> + Print the version of the <command>named-checkzone</command> + program and exit. + </para> + </listitem> </varlistentry> <varlistentry> <term>-j</term> <listitem> <para> - When loading the zone file read the journal if it exists. - </para> + When loading the zone file read the journal if it exists. + </para> </listitem> </varlistentry> <varlistentry> <term>-c <replaceable class="parameter">class</replaceable></term> + <listitem> + <para> + Specify the class of the zone. If not specified "IN" is assumed. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-i <replaceable class="parameter">mode</replaceable></term> <listitem> <para> - Specify the class of the zone. If not specified "IN" is assumed. + Perform post-load zone integrity checks. Possible modes are + <command>"full"</command> (default), + <command>"full-sibling"</command>, + <command>"local"</command>, + <command>"local-sibling"</command> and + <command>"none"</command>. + </para> + <para> + Mode <command>"full"</command> checks that MX records + refer to A or AAAA record (both in-zone and out-of-zone + hostnames). Mode <command>"local"</command> only + checks MX records which refer to in-zone hostnames. + </para> + <para> + Mode <command>"full"</command> checks that SRV records + refer to A or AAAA record (both in-zone and out-of-zone + hostnames). Mode <command>"local"</command> only + checks SRV records which refer to in-zone hostnames. + </para> + <para> + Mode <command>"full"</command> checks that delegation NS + records refer to A or AAAA record (both in-zone and out-of-zone + hostnames). It also checks that glue address records + in the zone match those advertised by the child. + Mode <command>"local"</command> only checks NS records which + refer to in-zone hostnames or that some required glue exists, + that is when the nameserver is in a child zone. + </para> + <para> + Mode <command>"full-sibling"</command> and + <command>"local-sibling"</command> disable sibling glue + checks but are otherwise the same as <command>"full"</command> + and <command>"local"</command> respectively. + </para> + <para> + Mode <command>"none"</command> disables the checks. </para> </listitem> </varlistentry> <varlistentry> - <term>-k <replaceable class="parameter">mode</replaceable></term> + <term>-f <replaceable class="parameter">format</replaceable></term> <listitem> <para> - Perform <command>"check-names"</command> checks with the specified failure mode. - Possible modes are <command>"fail"</command>, - <command>"warn"</command> (default) and - <command>"ignore"</command>. + Specify the format of the zone file. + Possible formats are <command>"text"</command> (default) + and <command>"raw"</command>. </para> </listitem> </varlistentry> <varlistentry> - <term>-n <replaceable class="parameter">mode</replaceable></term> + <term>-F <replaceable class="parameter">format</replaceable></term> <listitem> <para> - Specify whether NS records should be checked to see if they - are addresses. Possible modes are <command>"fail"</command>, - <command>"warn"</command> (default) and - <command>"ignore"</command>. + Specify the format of the output file specified. + Possible formats are <command>"text"</command> (default) + and <command>"raw"</command>. + For <command>named-checkzone</command>, + this does not cause any effects unless it dumps the zone + contents. </para> </listitem> </varlistentry> <varlistentry> - <term>-o <replaceable class="parameter">filename</replaceable></term> + <term>-k <replaceable class="parameter">mode</replaceable></term> <listitem> <para> - Write zone output to <filename>filename</filename>. + Perform <command>"check-names"</command> checks with the + specified failure mode. + Possible modes are <command>"fail"</command> + (default for <command>named-compilezone</command>), + <command>"warn"</command> + (default for <command>named-checkzone</command>) and + <command>"ignore"</command>. </para> </listitem> </varlistentry> <varlistentry> - <term>-t <replaceable class="parameter">directory</replaceable></term> + <term>-m <replaceable class="parameter">mode</replaceable></term> <listitem> <para> - chroot to <filename>directory</filename> so that include - directives in the configuration file are processed as if - run by a similarly chrooted named. + Specify whether MX records should be checked to see if they + are addresses. Possible modes are <command>"fail"</command>, + <command>"warn"</command> (default) and + <command>"ignore"</command>. </para> </listitem> </varlistentry> <varlistentry> - <term>-w <replaceable class="parameter">directory</replaceable></term> + <term>-M <replaceable class="parameter">mode</replaceable></term> + <listitem> + <para> + Check if a MX record refers to a CNAME. + Possible modes are <command>"fail"</command>, + <command>"warn"</command> (default) and + <command>"ignore"</command>. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-n <replaceable class="parameter">mode</replaceable></term> <listitem> <para> - chdir to <filename>directory</filename> so that relative - filenames in master file $INCLUDE directives work. This - is similar to the directory clause in - <filename>named.conf</filename>. + Specify whether NS records should be checked to see if they + are addresses. + Possible modes are <command>"fail"</command> + (default for <command>named-compilezone</command>), + <command>"warn"</command> + (default for <command>named-checkzone</command>) and + <command>"ignore"</command>. </para> </listitem> </varlistentry> <varlistentry> - <term>-D</term> + <term>-o <replaceable class="parameter">filename</replaceable></term> + <listitem> + <para> + Write zone output to <filename>filename</filename>. + This is mandatory for <command>named-compilezone</command>. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-s <replaceable class="parameter">style</replaceable></term> <listitem> <para> - Dump zone file in canonical format. + Specify the style of the dumped zone file. + Possible styles are <command>"full"</command> (default) + and <command>"relative"</command>. + The full format is most suitable for processing + automatically by a separate script. + On the other hand, the relative format is more + human-readable and is thus suitable for editing by hand. + For <command>named-checkzone</command> + this does not cause any effects unless it dumps the zone + contents. + It also does not have any meaning if the output format + is not text. </para> </listitem> </varlistentry> <varlistentry> - <term>zonename</term> - <listitem> + <term>-S <replaceable class="parameter">mode</replaceable></term> + <listitem> <para> - The domain name of the zone being checked. + Check if a SRV record refers to a CNAME. + Possible modes are <command>"fail"</command>, + <command>"warn"</command> (default) and + <command>"ignore"</command>. </para> - </listitem> + </listitem> + </varlistentry> + + <varlistentry> + <term>-t <replaceable class="parameter">directory</replaceable></term> + <listitem> + <para> + Chroot to <filename>directory</filename> so that + include + directives in the configuration file are processed as if + run by a similarly chrooted named. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-w <replaceable class="parameter">directory</replaceable></term> + <listitem> + <para> + chdir to <filename>directory</filename> so that + relative + filenames in master file $INCLUDE directives work. This + is similar to the directory clause in + <filename>named.conf</filename>. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-D</term> + <listitem> + <para> + Dump zone file in canonical format. + This is always enabled for <command>named-compilezone</command>. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-W <replaceable class="parameter">mode</replaceable></term> + <listitem> + <para> + Specify whether to check for non-terminal wildcards. + Non-terminal wildcards are almost always the result of a + failure to understand the wildcard matching algorithm (RFC 1034). + Possible modes are <command>"warn"</command> (default) + and + <command>"ignore"</command>. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>zonename</term> + <listitem> + <para> + The domain name of the zone being checked. + </para> + </listitem> </varlistentry> <varlistentry> <term>filename</term> - <listitem> - <para> - The name of the zone file. - </para> - </listitem> + <listitem> + <para> + The name of the zone file. + </para> + </listitem> </varlistentry> </variablelist> @@ -220,18 +411,19 @@ <refsect1> <title>RETURN VALUES</title> - <para> - <command>named-checkzone</command> returns an exit status of 1 if - errors were detected and 0 otherwise. + <para><command>named-checkzone</command> + returns an exit status of 1 if + errors were detected and 0 otherwise. </para> </refsect1> <refsect1> <title>SEE ALSO</title> - <para> + <para><citerefentry> + <refentrytitle>named</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>, <citerefentry> - <refentrytitle>named</refentrytitle> - <manvolnum>8</manvolnum> + <refentrytitle>named-checkconf</refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citetitle>RFC 1035</citetitle>, <citetitle>BIND 9 Administrator Reference Manual</citetitle>. @@ -240,16 +432,12 @@ <refsect1> <title>AUTHOR</title> - <para> - <corpauthor>Internet Systems Consortium</corpauthor> + <para><corpauthor>Internet Systems Consortium</corpauthor> </para> </refsect1> -</refentry> - -<!-- +</refentry><!-- - Local variables: - mode: sgml - End: --> - diff --git a/usr.sbin/bind/bin/check/named-checkzone.html b/usr.sbin/bind/bin/check/named-checkzone.html index d84bf4d6ac7..726fcad7005 100644 --- a/usr.sbin/bind/bin/check/named-checkzone.html +++ b/usr.sbin/bind/bin/check/named-checkzone.html @@ -1,5 +1,5 @@ <!-- - - Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000-2002 Internet Software Consortium. - - Permission to use, copy, modify, and distribute this software for any @@ -14,121 +14,242 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: named-checkzone.html,v 1.5.2.2.4.17 2006/10/05 02:50:17 marka Exp $ --> +<!-- $ISC: named-checkzone.html,v 1.11.18.30 2007/06/20 02:26:58 marka Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>named-checkzone</title> -<meta name="generator" content="DocBook XSL Stylesheets V1.70.1"> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2482688"></a><div class="titlepage"></div> +<a name="man.named-checkzone"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> -<p><span class="application">named-checkzone</span> — zone file validity checking tool</p> +<p><span class="application">named-checkzone</span>, <span class="application">named-compilezone</span> — zone file validity checking or converting tool</p> </div> <div class="refsynopsisdiv"> <h2>Synopsis</h2> -<div class="cmdsynopsis"><p><code class="command">named-checkzone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] {zonename} {filename}</p></div> +<div class="cmdsynopsis"><p><code class="command">named-checkzone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-M <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-S <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div> +<div class="cmdsynopsis"><p><code class="command">named-compilezone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-C <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div> </div> <div class="refsect1" lang="en"> -<a name="id2549490"></a><h2>DESCRIPTION</h2> -<p> - <span><strong class="command">named-checkzone</strong></span> checks the syntax and integrity of - a zone file. It performs the same checks as <span><strong class="command">named</strong></span> - does when loading a zone. This makes - <span><strong class="command">named-checkzone</strong></span> useful for checking zone - files before configuring them into a name server. +<a name="id2543665"></a><h2>DESCRIPTION</h2> +<p><span><strong class="command">named-checkzone</strong></span> + checks the syntax and integrity of a zone file. It performs the + same checks as <span><strong class="command">named</strong></span> does when loading a + zone. This makes <span><strong class="command">named-checkzone</strong></span> useful for + checking zone files before configuring them into a name server. </p> +<p> + <span><strong class="command">named-compilezone</strong></span> is similar to + <span><strong class="command">named-checkzone</strong></span>, but it always dumps the + zone contents to a specified file in a specified format. + Additionally, it applies stricter check levels by default, + since the dump output will be used as an actual zone file + loaded by <span><strong class="command">named</strong></span>. + When manually specified otherwise, the check levels must at + least be as strict as those specified in the + <span><strong class="command">named</strong></span> configuration file. + </p> </div> <div class="refsect1" lang="en"> -<a name="id2549510"></a><h2>OPTIONS</h2> +<a name="id2543700"></a><h2>OPTIONS</h2> <div class="variablelist"><dl> <dt><span class="term">-d</span></dt> <dd><p> - Enable debugging. - </p></dd> + Enable debugging. + </p></dd> <dt><span class="term">-q</span></dt> <dd><p> - Quiet mode - exit code only. - </p></dd> + Quiet mode - exit code only. + </p></dd> <dt><span class="term">-v</span></dt> <dd><p> - Print the version of the <span><strong class="command">named-checkzone</strong></span> - program and exit. - </p></dd> + Print the version of the <span><strong class="command">named-checkzone</strong></span> + program and exit. + </p></dd> <dt><span class="term">-j</span></dt> <dd><p> - When loading the zone file read the journal if it exists. + When loading the zone file read the journal if it exists. </p></dd> <dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt> <dd><p> - Specify the class of the zone. If not specified "IN" is assumed. + Specify the class of the zone. If not specified "IN" is assumed. + </p></dd> +<dt><span class="term">-i <em class="replaceable"><code>mode</code></em></span></dt> +<dd> +<p> + Perform post-load zone integrity checks. Possible modes are + <span><strong class="command">"full"</strong></span> (default), + <span><strong class="command">"full-sibling"</strong></span>, + <span><strong class="command">"local"</strong></span>, + <span><strong class="command">"local-sibling"</strong></span> and + <span><strong class="command">"none"</strong></span>. + </p> +<p> + Mode <span><strong class="command">"full"</strong></span> checks that MX records + refer to A or AAAA record (both in-zone and out-of-zone + hostnames). Mode <span><strong class="command">"local"</strong></span> only + checks MX records which refer to in-zone hostnames. + </p> +<p> + Mode <span><strong class="command">"full"</strong></span> checks that SRV records + refer to A or AAAA record (both in-zone and out-of-zone + hostnames). Mode <span><strong class="command">"local"</strong></span> only + checks SRV records which refer to in-zone hostnames. + </p> +<p> + Mode <span><strong class="command">"full"</strong></span> checks that delegation NS + records refer to A or AAAA record (both in-zone and out-of-zone + hostnames). It also checks that glue address records + in the zone match those advertised by the child. + Mode <span><strong class="command">"local"</strong></span> only checks NS records which + refer to in-zone hostnames or that some required glue exists, + that is when the nameserver is in a child zone. + </p> +<p> + Mode <span><strong class="command">"full-sibling"</strong></span> and + <span><strong class="command">"local-sibling"</strong></span> disable sibling glue + checks but are otherwise the same as <span><strong class="command">"full"</strong></span> + and <span><strong class="command">"local"</strong></span> respectively. + </p> +<p> + Mode <span><strong class="command">"none"</strong></span> disables the checks. + </p> +</dd> +<dt><span class="term">-f <em class="replaceable"><code>format</code></em></span></dt> +<dd><p> + Specify the format of the zone file. + Possible formats are <span><strong class="command">"text"</strong></span> (default) + and <span><strong class="command">"raw"</strong></span>. + </p></dd> +<dt><span class="term">-F <em class="replaceable"><code>format</code></em></span></dt> +<dd><p> + Specify the format of the output file specified. + Possible formats are <span><strong class="command">"text"</strong></span> (default) + and <span><strong class="command">"raw"</strong></span>. + For <span><strong class="command">named-checkzone</strong></span>, + this does not cause any effects unless it dumps the zone + contents. </p></dd> <dt><span class="term">-k <em class="replaceable"><code>mode</code></em></span></dt> <dd><p> - Perform <span><strong class="command">"check-names"</strong></span> checks with the specified failure mode. - Possible modes are <span><strong class="command">"fail"</strong></span>, - <span><strong class="command">"warn"</strong></span> (default) and - <span><strong class="command">"ignore"</strong></span>. + Perform <span><strong class="command">"check-names"</strong></span> checks with the + specified failure mode. + Possible modes are <span><strong class="command">"fail"</strong></span> + (default for <span><strong class="command">named-compilezone</strong></span>), + <span><strong class="command">"warn"</strong></span> + (default for <span><strong class="command">named-checkzone</strong></span>) and + <span><strong class="command">"ignore"</strong></span>. + </p></dd> +<dt><span class="term">-m <em class="replaceable"><code>mode</code></em></span></dt> +<dd><p> + Specify whether MX records should be checked to see if they + are addresses. Possible modes are <span><strong class="command">"fail"</strong></span>, + <span><strong class="command">"warn"</strong></span> (default) and + <span><strong class="command">"ignore"</strong></span>. + </p></dd> +<dt><span class="term">-M <em class="replaceable"><code>mode</code></em></span></dt> +<dd><p> + Check if a MX record refers to a CNAME. + Possible modes are <span><strong class="command">"fail"</strong></span>, + <span><strong class="command">"warn"</strong></span> (default) and + <span><strong class="command">"ignore"</strong></span>. </p></dd> <dt><span class="term">-n <em class="replaceable"><code>mode</code></em></span></dt> <dd><p> - Specify whether NS records should be checked to see if they - are addresses. Possible modes are <span><strong class="command">"fail"</strong></span>, - <span><strong class="command">"warn"</strong></span> (default) and - <span><strong class="command">"ignore"</strong></span>. - </p></dd> + Specify whether NS records should be checked to see if they + are addresses. + Possible modes are <span><strong class="command">"fail"</strong></span> + (default for <span><strong class="command">named-compilezone</strong></span>), + <span><strong class="command">"warn"</strong></span> + (default for <span><strong class="command">named-checkzone</strong></span>) and + <span><strong class="command">"ignore"</strong></span>. + </p></dd> <dt><span class="term">-o <em class="replaceable"><code>filename</code></em></span></dt> <dd><p> - Write zone output to <code class="filename">filename</code>. + Write zone output to <code class="filename">filename</code>. + This is mandatory for <span><strong class="command">named-compilezone</strong></span>. </p></dd> +<dt><span class="term">-s <em class="replaceable"><code>style</code></em></span></dt> +<dd><p> + Specify the style of the dumped zone file. + Possible styles are <span><strong class="command">"full"</strong></span> (default) + and <span><strong class="command">"relative"</strong></span>. + The full format is most suitable for processing + automatically by a separate script. + On the other hand, the relative format is more + human-readable and is thus suitable for editing by hand. + For <span><strong class="command">named-checkzone</strong></span> + this does not cause any effects unless it dumps the zone + contents. + It also does not have any meaning if the output format + is not text. + </p></dd> +<dt><span class="term">-S <em class="replaceable"><code>mode</code></em></span></dt> +<dd><p> + Check if a SRV record refers to a CNAME. + Possible modes are <span><strong class="command">"fail"</strong></span>, + <span><strong class="command">"warn"</strong></span> (default) and + <span><strong class="command">"ignore"</strong></span>. + </p></dd> <dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt> <dd><p> - chroot to <code class="filename">directory</code> so that include - directives in the configuration file are processed as if - run by a similarly chrooted named. + Chroot to <code class="filename">directory</code> so that + include + directives in the configuration file are processed as if + run by a similarly chrooted named. </p></dd> <dt><span class="term">-w <em class="replaceable"><code>directory</code></em></span></dt> <dd><p> - chdir to <code class="filename">directory</code> so that relative - filenames in master file $INCLUDE directives work. This - is similar to the directory clause in - <code class="filename">named.conf</code>. + chdir to <code class="filename">directory</code> so that + relative + filenames in master file $INCLUDE directives work. This + is similar to the directory clause in + <code class="filename">named.conf</code>. </p></dd> <dt><span class="term">-D</span></dt> <dd><p> - Dump zone file in canonical format. - </p></dd> + Dump zone file in canonical format. + This is always enabled for <span><strong class="command">named-compilezone</strong></span>. + </p></dd> +<dt><span class="term">-W <em class="replaceable"><code>mode</code></em></span></dt> +<dd><p> + Specify whether to check for non-terminal wildcards. + Non-terminal wildcards are almost always the result of a + failure to understand the wildcard matching algorithm (RFC 1034). + Possible modes are <span><strong class="command">"warn"</strong></span> (default) + and + <span><strong class="command">"ignore"</strong></span>. + </p></dd> <dt><span class="term">zonename</span></dt> <dd><p> - The domain name of the zone being checked. - </p></dd> + The domain name of the zone being checked. + </p></dd> <dt><span class="term">filename</span></dt> <dd><p> - The name of the zone file. - </p></dd> + The name of the zone file. + </p></dd> </dl></div> </div> <div class="refsect1" lang="en"> -<a name="id2549824"></a><h2>RETURN VALUES</h2> -<p> - <span><strong class="command">named-checkzone</strong></span> returns an exit status of 1 if - errors were detected and 0 otherwise. +<a name="id2544299"></a><h2>RETURN VALUES</h2> +<p><span><strong class="command">named-checkzone</strong></span> + returns an exit status of 1 if + errors were detected and 0 otherwise. </p> </div> <div class="refsect1" lang="en"> -<a name="id2549836"></a><h2>SEE ALSO</h2> -<p> - <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, +<a name="id2544311"></a><h2>SEE ALSO</h2> +<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>, <em class="citetitle">RFC 1035</em>, <em class="citetitle">BIND 9 Administrator Reference Manual</em>. </p> </div> <div class="refsect1" lang="en"> -<a name="id2549863"></a><h2>AUTHOR</h2> -<p> - <span class="corpauthor">Internet Systems Consortium</span> +<a name="id2544344"></a><h2>AUTHOR</h2> +<p><span class="corpauthor">Internet Systems Consortium</span> </p> </div> </div></body> diff --git a/usr.sbin/bind/bin/dig/nslookup.docbook b/usr.sbin/bind/bin/dig/nslookup.docbook index 28c8b0fb60b..04cbf9e0777 100644 --- a/usr.sbin/bind/bin/dig/nslookup.docbook +++ b/usr.sbin/bind/bin/dig/nslookup.docbook @@ -1,10 +1,10 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -17,12 +17,11 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: nslookup.docbook,v 1.3.6.7 2006/01/06 00:01:42 marka Exp $ --> - +<!-- $ISC: nslookup.docbook,v 1.4.2.13 2007/08/28 07:19:55 tbox Exp $ --> <!-- - Copyright (c) 1985, 1989 - The Regents of the University of California. All rights reserved. - - + - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions - are met: @@ -38,7 +37,7 @@ - 4. Neither the name of the University nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - - + - - THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -51,281 +50,447 @@ - OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - SUCH DAMAGE. --> - <refentry> -<refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> + <refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> + + <refmeta> + <refentrytitle>nslookup</refentrytitle> + <manvolnum>1</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> -<refmeta> -<refentrytitle>nslookup</refentrytitle> -<manvolnum>1</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refnamediv> + <refname>nslookup</refname> + <refpurpose>query Internet name servers interactively</refpurpose> + </refnamediv> <docinfo> <copyright> <year>2004</year> <year>2005</year> <year>2006</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> </docinfo> -<refnamediv> -<refname>nslookup</refname> -<refpurpose>query Internet name servers interactively</refpurpose> -</refnamediv> - -<refsynopsisdiv> -<cmdsynopsis> - <command>nslookup</command> - <arg><option>-option</option></arg> - <arg choice="opt">name | -</arg> - <arg choice="opt">server</arg> -</cmdsynopsis> -</refsynopsisdiv> - -<refsect1> -<title>DESCRIPTION</title> -<para> -<command>Nslookup</command> -is a program to query Internet domain name servers. <command>Nslookup</command> -has two modes: interactive and non-interactive. Interactive mode allows -the user to query name servers for information about various hosts and -domains or to print a list of hosts in a domain. Non-interactive mode is -used to print just the name and requested information for a host or -domain. -</para> -</refsect1> - -<refsect1> -<title>ARGUMENTS</title> -<para> -Interactive mode is entered in the following cases: -<orderedlist numeration="loweralpha"> -<listitem> -<para> -when no arguments are given (the default name server will be used) -</para> -</listitem> -<listitem> -<para> -when the first argument is a hyphen (-) and the second argument is -the host name or Internet address of a name server. -</para> -</listitem> -</orderedlist> -</para> - -<para> -Non-interactive mode is used when the name or Internet address of the -host to be looked up is given as the first argument. The optional second -argument specifies the host name or address of a name server. -</para> - -<para> -Options can also be specified on the command line if they precede the -arguments and are prefixed with a hyphen. For example, to -change the default query type to host information, and the initial timeout to 10 seconds, type: -<informalexample> -<programlisting> + <refsynopsisdiv> + <cmdsynopsis> + <command>nslookup</command> + <arg><option>-option</option></arg> + <arg choice="opt">name | -</arg> + <arg choice="opt">server</arg> + </cmdsynopsis> + </refsynopsisdiv> + + <refsect1> + <title>DESCRIPTION</title> + <para><command>Nslookup</command> + is a program to query Internet domain name servers. <command>Nslookup</command> + has two modes: interactive and non-interactive. Interactive mode allows + the user to query name servers for information about various hosts and + domains or to print a list of hosts in a domain. Non-interactive mode + is + used to print just the name and requested information for a host or + domain. + </para> + </refsect1> + + <refsect1> + <title>ARGUMENTS</title> + <para> + Interactive mode is entered in the following cases: + <orderedlist numeration="loweralpha"> + <listitem> + <para> + when no arguments are given (the default name server will be used) + </para> + </listitem> + <listitem> + <para> + when the first argument is a hyphen (-) and the second argument is + the host name or Internet address of a name server. + </para> + </listitem> + </orderedlist> + </para> + + <para> + Non-interactive mode is used when the name or Internet address of the + host to be looked up is given as the first argument. The optional second + argument specifies the host name or address of a name server. + </para> + + <para> + Options can also be specified on the command line if they precede the + arguments and are prefixed with a hyphen. For example, to + change the default query type to host information, and the initial + timeout to 10 seconds, type: + <informalexample> + <programlisting> nslookup -query=hinfo -timeout=10 </programlisting> -</informalexample> -</para> - -</refsect1> - -<refsect1> -<title>INTERACTIVE COMMANDS</title> -<variablelist> -<varlistentry><term>host <optional>server</optional></term> -<listitem><para> -Look up information for host using the current default server or -using server, if specified. If host is an Internet address and -the query type is A or PTR, the name of the host is returned. -If host is a name and does not have a trailing period, the -search list is used to qualify the name. -</para> - -<para> -To look up a host not in the current domain, append a period to -the name. -</para></listitem></varlistentry> - -<varlistentry><term><constant>server</constant> <replaceable class="parameter">domain</replaceable></term> -<listitem><para></para></listitem></varlistentry> -<varlistentry><term><constant>lserver</constant> <replaceable class="parameter">domain</replaceable></term> -<listitem><para> -Change the default server to <replaceable>domain</replaceable>; <constant>lserver</constant> uses the initial -server to look up information about <replaceable>domain</replaceable>, while <constant>server</constant> uses -the current default server. If an authoritative answer can't be -found, the names of servers that might have the answer are -returned. -</para></listitem></varlistentry> - -<varlistentry><term><constant>root</constant></term> -<listitem><para>not implemented</para></listitem></varlistentry> - -<varlistentry><term><constant>finger</constant></term> -<listitem><para>not implemented</para></listitem></varlistentry> - -<varlistentry><term><constant>ls</constant></term> -<listitem><para>not implemented</para></listitem></varlistentry> - -<varlistentry><term><constant>view</constant></term> -<listitem><para>not implemented</para></listitem></varlistentry> - -<varlistentry><term><constant>help</constant></term> -<listitem><para>not implemented</para></listitem></varlistentry> - -<varlistentry><term><constant>?</constant></term> -<listitem><para>not implemented</para></listitem></varlistentry> - -<varlistentry><term><constant>exit</constant></term> -<listitem><para>Exits the program.</para></listitem></varlistentry> - -<varlistentry><term><constant>set</constant> <replaceable>keyword<optional>=value</optional></replaceable></term> -<listitem><para>This command is used to change state information that affects -the lookups. Valid keywords are: - <variablelist> - <varlistentry><term><constant>all</constant></term> - <listitem> - <para>Prints the current values of the frequently used - options to <command>set</command>. Information about the current default - server and host is also printed. - </para> - </listitem> - </varlistentry> - - <varlistentry><term><constant>class=</constant><replaceable>value</replaceable></term> - <listitem><para> - Change the query class to one of: - <variablelist> - <varlistentry><term><constant>IN</constant></term> - <listitem><para>the Internet class</para></listitem></varlistentry> - <varlistentry><term><constant>CH</constant></term> - <listitem><para>the Chaos class</para></listitem></varlistentry> - <varlistentry><term><constant>HS</constant></term> - <listitem><para>the Hesiod class</para></listitem></varlistentry> - <varlistentry><term><constant>ANY</constant></term> - <listitem><para>wildcard</para></listitem></varlistentry> - </variablelist> - The class specifies the protocol group of the information. - </para><para> - (Default = IN; abbreviation = cl) - </para></listitem> - </varlistentry> - - <varlistentry><term><constant><replaceable><optional>no</optional></replaceable>debug</constant></term> - <listitem><para> - Turn debugging mode on. A lot more information is - printed about the packet sent to the server and the - resulting answer. - </para><para> - (Default = nodebug; abbreviation = <optional>no</optional>deb) - </para></listitem></varlistentry> - - <varlistentry><term><constant><replaceable><optional>no</optional></replaceable>d2</constant></term> - <listitem><para> - Turn debugging mode on. A lot more information is - printed about the packet sent to the server and the - resulting answer. - </para><para> - (Default = nod2) - </para></listitem></varlistentry> - - <varlistentry><term><constant>domain=</constant><replaceable>name</replaceable></term> - <listitem><para> - Sets the search list to <replaceable>name</replaceable>. - </para></listitem></varlistentry> - - <varlistentry><term><constant><replaceable><optional>no</optional></replaceable>search</constant></term> - <listitem><para> - If the lookup request contains at least one period but - doesn't end with a trailing period, append the domain - names in the domain search list to the request until an - answer is received. - </para><para> - (Default = search) - </para></listitem></varlistentry> - - <varlistentry><term><constant>port=</constant><replaceable>value</replaceable></term> - <listitem><para> - Change the default TCP/UDP name server port to <replaceable>value</replaceable>. - </para><para> - (Default = 53; abbreviation = po) - </para></listitem></varlistentry> - - <varlistentry><term><constant>querytype=</constant><replaceable>value</replaceable></term> - <listitem><para></para></listitem></varlistentry> - - <varlistentry><term><constant>type=</constant><replaceable>value</replaceable></term> - <listitem><para> - Change the type of the information query. - </para><para> - (Default = A; abbreviations = q, ty) - </para></listitem></varlistentry> - - <varlistentry><term><constant><replaceable><optional>no</optional></replaceable>recurse</constant></term> - <listitem><para> - Tell the name server to query other servers if it does not have the - information. - </para><para> - (Default = recurse; abbreviation = [no]rec) - </para></listitem></varlistentry> - - <varlistentry><term><constant>retry=</constant><replaceable>number</replaceable></term> - <listitem><para> - Set the number of retries to number. - </para></listitem></varlistentry> - - <varlistentry><term><constant>timeout=</constant><replaceable>number</replaceable></term> - <listitem><para> - Change the initial timeout interval for waiting for a - reply to number seconds. - </para></listitem></varlistentry> - - <varlistentry><term><constant><replaceable><optional>no</optional></replaceable>vc</constant></term> - <listitem><para> - Always use a virtual circuit when sending requests to the server. - </para><para> - (Default = novc) - </para></listitem></varlistentry> - - </variablelist> -</para></listitem></varlistentry> -</variablelist> -</refsect1> - -<refsect1> -<title>FILES</title> -<para> -<filename>/etc/resolv.conf</filename> -</para> -</refsect1> - -<refsect1> -<title>SEE ALSO</title> -<para> -<citerefentry> -<refentrytitle>dig</refentrytitle><manvolnum>1</manvolnum> -</citerefentry>, -<citerefentry> -<refentrytitle>host</refentrytitle><manvolnum>1</manvolnum> -</citerefentry>, -<citerefentry> -<refentrytitle>named</refentrytitle><manvolnum>8</manvolnum> -</citerefentry>. -</para> -</refsect1> - -<refsect1> -<title>Author</title> -<para> -Andrew Cherenson -</para> -</refsect1> -</refentry> + </informalexample> + </para> + + </refsect1> + + <refsect1> + <title>INTERACTIVE COMMANDS</title> + <variablelist> + <varlistentry> + <term><constant>host</constant> <optional>server</optional></term> + <listitem> + <para> + Look up information for host using the current default server or + using server, if specified. If host is an Internet address and + the query type is A or PTR, the name of the host is returned. + If host is a name and does not have a trailing period, the + search list is used to qualify the name. + </para> + + <para> + To look up a host not in the current domain, append a period to + the name. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>server</constant> <replaceable class="parameter">domain</replaceable></term> + <listitem> + <para/> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>lserver</constant> <replaceable class="parameter">domain</replaceable></term> + <listitem> + <para> + Change the default server to <replaceable>domain</replaceable>; <constant>lserver</constant> uses the initial + server to look up information about <replaceable>domain</replaceable>, while <constant>server</constant> uses + the current default server. If an authoritative answer can't be + found, the names of servers that might have the answer are + returned. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>root</constant></term> + <listitem> + <para> + not implemented + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>finger</constant></term> + <listitem> + <para> + not implemented + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>ls</constant></term> + <listitem> + <para> + not implemented + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>view</constant></term> + <listitem> + <para> + not implemented + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>help</constant></term> + <listitem> + <para> + not implemented + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>?</constant></term> + <listitem> + <para> + not implemented + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>exit</constant></term> + <listitem> + <para> + Exits the program. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>set</constant> + <replaceable>keyword<optional>=value</optional></replaceable></term> + <listitem> + <para> + This command is used to change state information that affects + the lookups. Valid keywords are: + <variablelist> + <varlistentry> + <term><constant>all</constant></term> + <listitem> + <para> + Prints the current values of the frequently used + options to <command>set</command>. + Information about the current default + server and host is also printed. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>class=</constant><replaceable>value</replaceable></term> + <listitem> + <para> + Change the query class to one of: + <variablelist> + <varlistentry> + <term><constant>IN</constant></term> + <listitem> + <para> + the Internet class + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>CH</constant></term> + <listitem> + <para> + the Chaos class + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>HS</constant></term> + <listitem> + <para> + the Hesiod class + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>ANY</constant></term> + <listitem> + <para> + wildcard + </para> + </listitem> + </varlistentry> + </variablelist> + The class specifies the protocol group of the information. + + </para> + <para> + (Default = IN; abbreviation = cl) + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant> + <replaceable><optional>no</optional></replaceable>debug</constant></term> + <listitem> + <para> + Turn on or off the display of the full response packet and + any intermediate response packets when searching. + </para> + <para> + (Default = nodebug; abbreviation = <optional>no</optional>deb) + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant> + <replaceable><optional>no</optional></replaceable>d2</constant></term> + <listitem> + <para> + Turn debugging mode on or off. This displays more about + what nslookup is doing. + </para> + <para> + (Default = nod2) + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>domain=</constant><replaceable>name</replaceable></term> + <listitem> + <para> + Sets the search list to <replaceable>name</replaceable>. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant> + <replaceable><optional>no</optional></replaceable>search</constant></term> + <listitem> + <para> + If the lookup request contains at least one period but + doesn't end with a trailing period, append the domain + names in the domain search list to the request until an + answer is received. + </para> + <para> + (Default = search) + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>port=</constant><replaceable>value</replaceable></term> + <listitem> + <para> + Change the default TCP/UDP name server port to <replaceable>value</replaceable>. + </para> + <para> + (Default = 53; abbreviation = po) + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>querytype=</constant><replaceable>value</replaceable></term> + <listitem> + <para/> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>type=</constant><replaceable>value</replaceable></term> + <listitem> + <para> + Change the type of the information query. + </para> + <para> + (Default = A; abbreviations = q, ty) + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant> + <replaceable><optional>no</optional></replaceable>recurse</constant></term> + <listitem> + <para> + Tell the name server to query other servers if it does not + have the + information. + </para> + <para> + (Default = recurse; abbreviation = [no]rec) + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>retry=</constant><replaceable>number</replaceable></term> + <listitem> + <para> + Set the number of retries to number. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>timeout=</constant><replaceable>number</replaceable></term> + <listitem> + <para> + Change the initial timeout interval for waiting for a + reply to number seconds. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant> + <replaceable><optional>no</optional></replaceable>vc</constant></term> + <listitem> + <para> + Always use a virtual circuit when sending requests to the + server. + </para> + <para> + (Default = novc) + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant> + <replaceable><optional>no</optional></replaceable>fail</constant></term> + <listitem> + <para> + Try the next nameserver if a nameserver responds with + SERVFAIL or a referral (nofail) or terminate query + (fail) on such a response. + </para> + <para> + (Default = nofail) + </para> + </listitem> + </varlistentry> + + </variablelist> + </para> + </listitem> + </varlistentry> + </variablelist> + </refsect1> + + <refsect1> + <title>FILES</title> + <para><filename>/etc/resolv.conf</filename> + </para> + </refsect1> + + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>dig</refentrytitle><manvolnum>1</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>host</refentrytitle><manvolnum>1</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>named</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>. + </para> + </refsect1> + + <refsect1> + <title>Author</title> + <para> + Andrew Cherenson + </para> + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/bin/dig/nslookup.html b/usr.sbin/bind/bin/dig/nslookup.html index ad4ec979cc0..e8f68ab8241 100644 --- a/usr.sbin/bind/bin/dig/nslookup.html +++ b/usr.sbin/bind/bin/dig/nslookup.html @@ -1,5 +1,5 @@ <!-- - - Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") - - Permission to use, copy, modify, and distribute this software for any - purpose with or without fee is hereby granted, provided that the above @@ -13,15 +13,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: nslookup.html,v 1.1.6.12 2006/06/29 13:02:30 marka Exp $ --> +<!-- $ISC: nslookup.html,v 1.1.10.21 2007/05/16 06:11:27 marka Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>nslookup</title> -<meta name="generator" content="DocBook XSL Stylesheets V1.70.1"> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2482694"></a><div class="titlepage"></div> +<a name="id2476276"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>nslookup — query Internet name servers interactively</p> @@ -31,234 +31,277 @@ <div class="cmdsynopsis"><p><code class="command">nslookup</code> [<code class="option">-option</code>] [name | -] [server]</p></div> </div> <div class="refsect1" lang="en"> -<a name="id2549404"></a><h2>DESCRIPTION</h2> -<p> -<span><strong class="command">Nslookup</strong></span> -is a program to query Internet domain name servers. <span><strong class="command">Nslookup</strong></span> -has two modes: interactive and non-interactive. Interactive mode allows -the user to query name servers for information about various hosts and -domains or to print a list of hosts in a domain. Non-interactive mode is -used to print just the name and requested information for a host or -domain. -</p> +<a name="id2543355"></a><h2>DESCRIPTION</h2> +<p><span><strong class="command">Nslookup</strong></span> + is a program to query Internet domain name servers. <span><strong class="command">Nslookup</strong></span> + has two modes: interactive and non-interactive. Interactive mode allows + the user to query name servers for information about various hosts and + domains or to print a list of hosts in a domain. Non-interactive mode + is + used to print just the name and requested information for a host or + domain. + </p> </div> <div class="refsect1" lang="en"> -<a name="id2549421"></a><h2>ARGUMENTS</h2> +<a name="id2543371"></a><h2>ARGUMENTS</h2> <p> -Interactive mode is entered in the following cases: -</p> + Interactive mode is entered in the following cases: + </p> <div class="orderedlist"><ol type="a"> <li><p> -when no arguments are given (the default name server will be used) -</p></li> + when no arguments are given (the default name server will be used) + </p></li> <li><p> -when the first argument is a hyphen (-) and the second argument is -the host name or Internet address of a name server. -</p></li> + when the first argument is a hyphen (-) and the second argument is + the host name or Internet address of a name server. + </p></li> </ol></div> <p> -</p> + </p> <p> -Non-interactive mode is used when the name or Internet address of the -host to be looked up is given as the first argument. The optional second -argument specifies the host name or address of a name server. -</p> + Non-interactive mode is used when the name or Internet address of the + host to be looked up is given as the first argument. The optional second + argument specifies the host name or address of a name server. + </p> <p> -Options can also be specified on the command line if they precede the -arguments and are prefixed with a hyphen. For example, to -change the default query type to host information, and the initial timeout to 10 seconds, type: -</p> + Options can also be specified on the command line if they precede the + arguments and are prefixed with a hyphen. For example, to + change the default query type to host information, and the initial + timeout to 10 seconds, type: + </p> <div class="informalexample"><pre class="programlisting"> nslookup -query=hinfo -timeout=10 </pre></div> <p> -</p> + </p> </div> <div class="refsect1" lang="en"> -<a name="id2549464"></a><h2>INTERACTIVE COMMANDS</h2> +<a name="id2543413"></a><h2>INTERACTIVE COMMANDS</h2> <div class="variablelist"><dl> -<dt><span class="term">host [<span class="optional">server</span>]</span></dt> +<dt><span class="term"><code class="constant">host</code> [<span class="optional">server</span>]</span></dt> <dd> <p> -Look up information for host using the current default server or -using server, if specified. If host is an Internet address and -the query type is A or PTR, the name of the host is returned. -If host is a name and does not have a trailing period, the -search list is used to qualify the name. -</p> + Look up information for host using the current default server or + using server, if specified. If host is an Internet address and + the query type is A or PTR, the name of the host is returned. + If host is a name and does not have a trailing period, the + search list is used to qualify the name. + </p> <p> -To look up a host not in the current domain, append a period to -the name. -</p> + To look up a host not in the current domain, append a period to + the name. + </p> </dd> <dt><span class="term"><code class="constant">server</code> <em class="replaceable"><code>domain</code></em></span></dt> <dd><p></p></dd> <dt><span class="term"><code class="constant">lserver</code> <em class="replaceable"><code>domain</code></em></span></dt> <dd><p> -Change the default server to <em class="replaceable"><code>domain</code></em>; <code class="constant">lserver</code> uses the initial -server to look up information about <em class="replaceable"><code>domain</code></em>, while <code class="constant">server</code> uses -the current default server. If an authoritative answer can't be -found, the names of servers that might have the answer are -returned. -</p></dd> + Change the default server to <em class="replaceable"><code>domain</code></em>; <code class="constant">lserver</code> uses the initial + server to look up information about <em class="replaceable"><code>domain</code></em>, while <code class="constant">server</code> uses + the current default server. If an authoritative answer can't be + found, the names of servers that might have the answer are + returned. + </p></dd> <dt><span class="term"><code class="constant">root</code></span></dt> -<dd><p>not implemented</p></dd> +<dd><p> + not implemented + </p></dd> <dt><span class="term"><code class="constant">finger</code></span></dt> -<dd><p>not implemented</p></dd> +<dd><p> + not implemented + </p></dd> <dt><span class="term"><code class="constant">ls</code></span></dt> -<dd><p>not implemented</p></dd> +<dd><p> + not implemented + </p></dd> <dt><span class="term"><code class="constant">view</code></span></dt> -<dd><p>not implemented</p></dd> +<dd><p> + not implemented + </p></dd> <dt><span class="term"><code class="constant">help</code></span></dt> -<dd><p>not implemented</p></dd> +<dd><p> + not implemented + </p></dd> <dt><span class="term"><code class="constant">?</code></span></dt> -<dd><p>not implemented</p></dd> +<dd><p> + not implemented + </p></dd> <dt><span class="term"><code class="constant">exit</code></span></dt> -<dd><p>Exits the program.</p></dd> -<dt><span class="term"><code class="constant">set</code> <em class="replaceable"><code>keyword[<span class="optional">=value</span>]</code></em></span></dt> +<dd><p> + Exits the program. + </p></dd> +<dt><span class="term"><code class="constant">set</code> + <em class="replaceable"><code>keyword[<span class="optional">=value</span>]</code></em></span></dt> <dd> -<p>This command is used to change state information that affects -the lookups. Valid keywords are: - </p> +<p> + This command is used to change state information that affects + the lookups. Valid keywords are: + </p> <div class="variablelist"><dl> <dt><span class="term"><code class="constant">all</code></span></dt> -<dd><p>Prints the current values of the frequently used - options to <span><strong class="command">set</strong></span>. Information about the current default - server and host is also printed. - </p></dd> +<dd><p> + Prints the current values of the frequently used + options to <span><strong class="command">set</strong></span>. + Information about the current default + server and host is also printed. + </p></dd> <dt><span class="term"><code class="constant">class=</code><em class="replaceable"><code>value</code></em></span></dt> <dd> <p> - Change the query class to one of: - </p> + Change the query class to one of: + </p> <div class="variablelist"><dl> <dt><span class="term"><code class="constant">IN</code></span></dt> -<dd><p>the Internet class</p></dd> +<dd><p> + the Internet class + </p></dd> <dt><span class="term"><code class="constant">CH</code></span></dt> -<dd><p>the Chaos class</p></dd> +<dd><p> + the Chaos class + </p></dd> <dt><span class="term"><code class="constant">HS</code></span></dt> -<dd><p>the Hesiod class</p></dd> +<dd><p> + the Hesiod class + </p></dd> <dt><span class="term"><code class="constant">ANY</code></span></dt> -<dd><p>wildcard</p></dd> +<dd><p> + wildcard + </p></dd> </dl></div> <p> - The class specifies the protocol group of the information. - </p> + The class specifies the protocol group of the information. + + </p> <p> - (Default = IN; abbreviation = cl) - </p> + (Default = IN; abbreviation = cl) + </p> </dd> -<dt><span class="term"><code class="constant"><em class="replaceable"><code>[<span class="optional">no</span>]</code></em>debug</code></span></dt> +<dt><span class="term"><code class="constant"> + <em class="replaceable"><code>[<span class="optional">no</span>]</code></em>debug</code></span></dt> <dd> <p> - Turn debugging mode on. A lot more information is - printed about the packet sent to the server and the - resulting answer. - </p> + Turn on or off the display of the full response packet and + any intermediate response packets when searching. + </p> <p> - (Default = nodebug; abbreviation = [<span class="optional">no</span>]deb) - </p> + (Default = nodebug; abbreviation = [<span class="optional">no</span>]deb) + </p> </dd> -<dt><span class="term"><code class="constant"><em class="replaceable"><code>[<span class="optional">no</span>]</code></em>d2</code></span></dt> +<dt><span class="term"><code class="constant"> + <em class="replaceable"><code>[<span class="optional">no</span>]</code></em>d2</code></span></dt> <dd> <p> - Turn debugging mode on. A lot more information is - printed about the packet sent to the server and the - resulting answer. - </p> + Turn debugging mode on or off. This displays more about + what nslookup is doing. + </p> <p> - (Default = nod2) - </p> + (Default = nod2) + </p> </dd> <dt><span class="term"><code class="constant">domain=</code><em class="replaceable"><code>name</code></em></span></dt> <dd><p> - Sets the search list to <em class="replaceable"><code>name</code></em>. - </p></dd> -<dt><span class="term"><code class="constant"><em class="replaceable"><code>[<span class="optional">no</span>]</code></em>search</code></span></dt> + Sets the search list to <em class="replaceable"><code>name</code></em>. + </p></dd> +<dt><span class="term"><code class="constant"> + <em class="replaceable"><code>[<span class="optional">no</span>]</code></em>search</code></span></dt> <dd> <p> - If the lookup request contains at least one period but - doesn't end with a trailing period, append the domain - names in the domain search list to the request until an - answer is received. - </p> + If the lookup request contains at least one period but + doesn't end with a trailing period, append the domain + names in the domain search list to the request until an + answer is received. + </p> <p> - (Default = search) - </p> + (Default = search) + </p> </dd> <dt><span class="term"><code class="constant">port=</code><em class="replaceable"><code>value</code></em></span></dt> <dd> <p> - Change the default TCP/UDP name server port to <em class="replaceable"><code>value</code></em>. - </p> + Change the default TCP/UDP name server port to <em class="replaceable"><code>value</code></em>. + </p> <p> - (Default = 53; abbreviation = po) - </p> + (Default = 53; abbreviation = po) + </p> </dd> <dt><span class="term"><code class="constant">querytype=</code><em class="replaceable"><code>value</code></em></span></dt> <dd><p></p></dd> <dt><span class="term"><code class="constant">type=</code><em class="replaceable"><code>value</code></em></span></dt> <dd> <p> - Change the type of the information query. - </p> + Change the type of the information query. + </p> <p> - (Default = A; abbreviations = q, ty) - </p> + (Default = A; abbreviations = q, ty) + </p> </dd> -<dt><span class="term"><code class="constant"><em class="replaceable"><code>[<span class="optional">no</span>]</code></em>recurse</code></span></dt> +<dt><span class="term"><code class="constant"> + <em class="replaceable"><code>[<span class="optional">no</span>]</code></em>recurse</code></span></dt> <dd> <p> - Tell the name server to query other servers if it does not have the - information. - </p> + Tell the name server to query other servers if it does not + have the + information. + </p> <p> - (Default = recurse; abbreviation = [no]rec) - </p> + (Default = recurse; abbreviation = [no]rec) + </p> </dd> <dt><span class="term"><code class="constant">retry=</code><em class="replaceable"><code>number</code></em></span></dt> <dd><p> - Set the number of retries to number. - </p></dd> + Set the number of retries to number. + </p></dd> <dt><span class="term"><code class="constant">timeout=</code><em class="replaceable"><code>number</code></em></span></dt> <dd><p> - Change the initial timeout interval for waiting for a - reply to number seconds. - </p></dd> -<dt><span class="term"><code class="constant"><em class="replaceable"><code>[<span class="optional">no</span>]</code></em>vc</code></span></dt> + Change the initial timeout interval for waiting for a + reply to number seconds. + </p></dd> +<dt><span class="term"><code class="constant"> + <em class="replaceable"><code>[<span class="optional">no</span>]</code></em>vc</code></span></dt> +<dd> +<p> + Always use a virtual circuit when sending requests to the + server. + </p> +<p> + (Default = novc) + </p> +</dd> +<dt><span class="term"><code class="constant"> + <em class="replaceable"><code>[<span class="optional">no</span>]</code></em>fail</code></span></dt> <dd> <p> - Always use a virtual circuit when sending requests to the server. - </p> + Try the next nameserver if a nameserver responds with + SERVFAIL or a referral (nofail) or terminate query + (fail) on such a response. + </p> <p> - (Default = novc) - </p> + (Default = nofail) + </p> </dd> </dl></div> <p> -</p> + </p> </dd> </dl></div> </div> <div class="refsect1" lang="en"> -<a name="id2549990"></a><h2>FILES</h2> -<p> -<code class="filename">/etc/resolv.conf</code> -</p> +<a name="id2546279"></a><h2>FILES</h2> +<p><code class="filename">/etc/resolv.conf</code> + </p> </div> <div class="refsect1" lang="en"> -<a name="id2550003"></a><h2>SEE ALSO</h2> -<p> -<span class="citerefentry"><span class="refentrytitle">dig</span>(1)</span>, -<span class="citerefentry"><span class="refentrytitle">host</span>(1)</span>, -<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>. -</p> +<a name="id2546291"></a><h2>SEE ALSO</h2> +<p><span class="citerefentry"><span class="refentrytitle">dig</span>(1)</span>, + <span class="citerefentry"><span class="refentrytitle">host</span>(1)</span>, + <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>. + </p> </div> <div class="refsect1" lang="en"> -<a name="id2550038"></a><h2>Author</h2> +<a name="id2546325"></a><h2>Author</h2> <p> -Andrew Cherenson -</p> + Andrew Cherenson + </p> </div> </div></body> </html> diff --git a/usr.sbin/bind/bin/dnssec/Makefile.in b/usr.sbin/bind/bin/dnssec/Makefile.in index 63881023884..b30c2cb3684 100644 --- a/usr.sbin/bind/bin/dnssec/Makefile.in +++ b/usr.sbin/bind/bin/dnssec/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.19.12.12 2005/05/02 00:25:54 marka Exp $ +# $ISC: Makefile.in,v 1.26.18.4 2005/05/02 00:26:11 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/bin/dnssec/dnssec-keygen.8 b/usr.sbin/bind/bin/dnssec/dnssec-keygen.8 index 280f02cf979..8454dec982b 100644 --- a/usr.sbin/bind/bin/dnssec/dnssec-keygen.8 +++ b/usr.sbin/bind/bin/dnssec/dnssec-keygen.8 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000-2003 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: dnssec-keygen.8,v 1.19.12.10 2006/06/29 13:02:30 marka Exp $ +.\" $ISC: dnssec-keygen.8,v 1.23.18.14 2007/05/09 03:33:12 marka Exp $ .\" .hy 0 .ad l .\" Title: dnssec\-keygen .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: June 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -37,10 +37,11 @@ dnssec\-keygen \- DNSSEC key generation tool .SH "DESCRIPTION" .PP \fBdnssec\-keygen\fR -generates keys for DNSSEC (Secure DNS), as defined in RFC 2535 and RFC <TBA\\>. It can also generate keys for use with TSIG (Transaction Signatures), as defined in RFC 2845. +generates keys for DNSSEC (Secure DNS), as defined in RFC 2535 and RFC 4034. It can also generate keys for use with TSIG (Transaction Signatures), as defined in RFC 2845. .SH "OPTIONS" -.TP 3n +.PP \-a \fIalgorithm\fR +.RS 4 Selects the cryptographic algorithm. The value of \fBalgorithm\fR must be one of RSAMD5 (RSA) or RSASHA1, DSA, DH (Diffie Hellman), or HMAC\-MD5. These values are case insensitive. @@ -48,38 +49,58 @@ must be one of RSAMD5 (RSA) or RSASHA1, DSA, DH (Diffie Hellman), or HMAC\-MD5. Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement algorithm, and DSA is recommended. For TSIG, HMAC\-MD5 is mandatory. .sp Note 2: HMAC\-MD5 and DH automatically set the \-k flag. -.TP 3n +.RE +.PP \-b \fIkeysize\fR +.RS 4 Specifies the number of bits in the key. The choice of key size depends on the algorithm used. RSAMD5 / RSASHA1 keys must be between 512 and 2048 bits. Diffie Hellman keys must be between 128 and 4096 bits. DSA keys must be between 512 and 1024 bits and an exact multiple of 64. HMAC\-MD5 keys must be between 1 and 512 bits. -.TP 3n +.RE +.PP \-n \fInametype\fR +.RS 4 Specifies the owner type of the key. The value of \fBnametype\fR must either be ZONE (for a DNSSEC zone key (KEY/DNSKEY)), HOST or ENTITY (for a key associated with a host (KEY)), USER (for a key associated with a user(KEY)) or OTHER (DNSKEY). These values are case insensitive. -.TP 3n +.RE +.PP \-c \fIclass\fR +.RS 4 Indicates that the DNS record containing the key should have the specified class. If not specified, class IN is used. -.TP 3n +.RE +.PP \-e +.RS 4 If generating an RSAMD5/RSASHA1 key, use a large exponent. -.TP 3n +.RE +.PP \-f \fIflag\fR +.RS 4 Set the specified flag in the flag field of the KEY/DNSKEY record. The only recognized flag is KSK (Key Signing Key) DNSKEY. -.TP 3n +.RE +.PP \-g \fIgenerator\fR +.RS 4 If generating a Diffie Hellman key, use this generator. Allowed values are 2 and 5. If no generator is specified, a known prime from RFC 2539 will be used if possible; otherwise the default is 2. -.TP 3n +.RE +.PP \-h +.RS 4 Prints a short summary of the options and arguments to \fBdnssec\-keygen\fR. -.TP 3n +.RE +.PP \-k +.RS 4 Generate KEY records rather than DNSKEY records. -.TP 3n +.RE +.PP \-p \fIprotocol\fR +.RS 4 Sets the protocol value for the generated key. The protocol is a number between 0 and 255. The default is 3 (DNSSEC). Other possible values for this argument are listed in RFC 2535 and its successors. -.TP 3n +.RE +.PP \-r \fIrandomdev\fR +.RS 4 Specifies the source of randomness. If the operating system does not provide a \fI/dev/random\fR or equivalent device, the default source of randomness is keyboard input. @@ -87,17 +108,24 @@ or equivalent device, the default source of randomness is keyboard input. specifies the name of a character device or file containing random data to be used instead of the default. The special value \fIkeyboard\fR indicates that keyboard input should be used. -.TP 3n +.RE +.PP \-s \fIstrength\fR +.RS 4 Specifies the strength value of the key. The strength is a number between 0 and 15, and currently has no defined purpose in DNSSEC. -.TP 3n +.RE +.PP \-t \fItype\fR +.RS 4 Indicates the use of the key. \fBtype\fR must be one of AUTHCONF, NOAUTHCONF, NOAUTH, or NOCONF. The default is AUTHCONF. AUTH refers to the ability to authenticate data, and CONF the ability to encrypt data. -.TP 3n +.RE +.PP \-v \fIlevel\fR +.RS 4 Sets the debugging level. +.RE .SH "GENERATED KEYS" .PP When @@ -105,23 +133,21 @@ When completes successfully, it prints a string of the form \fIKnnnn.+aaa+iiiii\fR to the standard output. This is an identification string for the key it has generated. -.TP 3n +.TP 4 \(bu \fInnnn\fR is the key name. -.TP 3n +.TP 4 \(bu \fIaaa\fR is the numeric representation of the algorithm. -.TP 3n +.TP 4 \(bu \fIiiiii\fR is the key identifier (or footprint). -.sp -.RE .PP \fBdnssec\-keygen\fR -creates two file, with names based on the printed string. +creates two files, with names based on the printed string. \fIKnnnn.+aaa+iiiii.key\fR contains the public key, and \fIKnnnn.+aaa+iiiii.private\fR @@ -133,13 +159,13 @@ file contains a DNS KEY record that can be inserted into a zone file (directly o .PP The \fI.private\fR -file contains algorithm specific fields. For obvious security reasons, this file does not have general read permission. +file contains algorithm\-specific fields. For obvious security reasons, this file does not have general read permission. .PP Both \fI.key\fR and \fI.private\fR -files are generated for symmetric encryption algorithm such as HMAC\-MD5, even though the public and private key are equivalent. +files are generated for symmetric encryption algorithms such as HMAC\-MD5, even though the public and private key are equivalent. .SH "EXAMPLE" .PP To generate a 768\-bit DSA key for the domain @@ -156,7 +182,7 @@ In this example, creates the files \fIKexample.com.+003+26160.key\fR and -\fIKexample.com.+003+26160.private\fR +\fIKexample.com.+003+26160.private\fR. .SH "SEE ALSO" .PP \fBdnssec\-signzone\fR(8), @@ -168,4 +194,7 @@ RFC 2539. .PP Internet Systems Consortium .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000\-2003 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/bin/dnssec/dnssec-keygen.c b/usr.sbin/bind/bin/dnssec/dnssec-keygen.c index 46d37864c7a..fcecdad9b18 100644 --- a/usr.sbin/bind/bin/dnssec/dnssec-keygen.c +++ b/usr.sbin/bind/bin/dnssec/dnssec-keygen.c @@ -1,9 +1,9 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") - * Portions Copyright (C) 2000-2003 Internet Software Consortium. + * Portions Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 1999-2003 Internet Software Consortium. * Portions Copyright (C) 1995-2000 by Network Associates, Inc. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -16,7 +16,9 @@ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dnssec-keygen.c,v 1.48.2.1.10.11 2004/06/11 01:17:34 marka Exp $ */ +/* $ISC: dnssec-keygen.c,v 1.66.18.10 2007/08/28 07:19:55 tbox Exp $ */ + +/*! \file */ #include <config.h> @@ -47,7 +49,9 @@ const char *program = "dnssec-keygen"; int verbose; -static const char *algs = "RSA | RSAMD5 | DH | DSA | RSASHA1 | HMAC-MD5"; +static const char *algs = "RSA | RSAMD5 | DH | DSA | RSASHA1 | HMAC-MD5 |" + " HMAC-SHA1 | HMAC-SHA224 | HMAC-SHA256 | " + " HMAC-SHA384 | HMAC-SHA512"; static isc_boolean_t dsa_size_ok(int size) { @@ -68,10 +72,16 @@ usage(void) { fprintf(stderr, " DH:\t\t[128..4096]\n"); fprintf(stderr, " DSA:\t\t[512..1024] and divisible by 64\n"); fprintf(stderr, " HMAC-MD5:\t[1..512]\n"); + fprintf(stderr, " HMAC-SHA1:\t[1..160]\n"); + fprintf(stderr, " HMAC-SHA224:\t[1..224]\n"); + fprintf(stderr, " HMAC-SHA256:\t[1..256]\n"); + fprintf(stderr, " HMAC-SHA384:\t[1..384]\n"); + fprintf(stderr, " HMAC-SHA512:\t[1..512]\n"); fprintf(stderr, " -n nametype: ZONE | HOST | ENTITY | USER | OTHER\n"); fprintf(stderr, " name: owner of the key\n"); fprintf(stderr, "Other options:\n"); fprintf(stderr, " -c <class> (default: IN)\n"); + fprintf(stderr, " -d <digest bits> (0 => max, default)\n"); fprintf(stderr, " -e use large exponent (RSAMD5/RSASHA1 only)\n"); fprintf(stderr, " -f keyflag: KSK\n"); fprintf(stderr, " -g <generator> use specified generator " @@ -115,6 +125,7 @@ main(int argc, char **argv) { isc_entropy_t *ectx = NULL; dns_rdataclass_t rdclass; int options = DST_TYPE_PRIVATE | DST_TYPE_PUBLIC; + int dbits = 0; if (argc == 1) usage(); @@ -124,7 +135,7 @@ main(int argc, char **argv) { dns_result_register(); while ((ch = isc_commandline_parse(argc, argv, - "a:b:c:ef:g:kn:t:p:s:r:v:h")) != -1) + "a:b:c:d:ef:g:kn:t:p:s:r:v:h")) != -1) { switch (ch) { case 'a': @@ -138,6 +149,11 @@ main(int argc, char **argv) { case 'c': classname = isc_commandline_argument; break; + case 'd': + dbits = strtol(isc_commandline_argument, &endp, 10); + if (*endp != '\0' || dbits < 0) + fatal("-d requires a non-negative number"); + break; case 'e': rsa_exp = 1; break; @@ -211,9 +227,29 @@ main(int argc, char **argv) { if (algname == NULL) fatal("no algorithm was specified"); - if (strcasecmp(algname, "HMAC-MD5") == 0) { + if (strcasecmp(algname, "RSA") == 0) { + fprintf(stderr, "The use of RSA (RSAMD5) is not recommended.\n" + "If you still wish to use RSA (RSAMD5) please " + "specify \"-a RSAMD5\"\n"); + return (1); + } else if (strcasecmp(algname, "HMAC-MD5") == 0) { options |= DST_TYPE_KEY; alg = DST_ALG_HMACMD5; + } else if (strcasecmp(algname, "HMAC-SHA1") == 0) { + options |= DST_TYPE_KEY; + alg = DST_ALG_HMACSHA1; + } else if (strcasecmp(algname, "HMAC-SHA224") == 0) { + options |= DST_TYPE_KEY; + alg = DST_ALG_HMACSHA224; + } else if (strcasecmp(algname, "HMAC-SHA256") == 0) { + options |= DST_TYPE_KEY; + alg = DST_ALG_HMACSHA256; + } else if (strcasecmp(algname, "HMAC-SHA384") == 0) { + options |= DST_TYPE_KEY; + alg = DST_ALG_HMACSHA384; + } else if (strcasecmp(algname, "HMAC-SHA512") == 0) { + options |= DST_TYPE_KEY; + alg = DST_ALG_HMACSHA512; } else { r.base = algname; r.length = strlen(algname); @@ -260,6 +296,56 @@ main(int argc, char **argv) { case DST_ALG_HMACMD5: if (size < 1 || size > 512) fatal("HMAC-MD5 key size %d out of range", size); + if (dbits != 0 && (dbits < 80 || dbits > 128)) + fatal("HMAC-MD5 digest bits %d out of range", dbits); + if ((dbits % 8) != 0) + fatal("HMAC-MD5 digest bits %d not divisible by 8", + dbits); + break; + case DST_ALG_HMACSHA1: + if (size < 1 || size > 160) + fatal("HMAC-SHA1 key size %d out of range", size); + if (dbits != 0 && (dbits < 80 || dbits > 160)) + fatal("HMAC-SHA1 digest bits %d out of range", dbits); + if ((dbits % 8) != 0) + fatal("HMAC-SHA1 digest bits %d not divisible by 8", + dbits); + break; + case DST_ALG_HMACSHA224: + if (size < 1 || size > 224) + fatal("HMAC-SHA224 key size %d out of range", size); + if (dbits != 0 && (dbits < 112 || dbits > 224)) + fatal("HMAC-SHA224 digest bits %d out of range", dbits); + if ((dbits % 8) != 0) + fatal("HMAC-SHA224 digest bits %d not divisible by 8", + dbits); + break; + case DST_ALG_HMACSHA256: + if (size < 1 || size > 256) + fatal("HMAC-SHA256 key size %d out of range", size); + if (dbits != 0 && (dbits < 128 || dbits > 256)) + fatal("HMAC-SHA256 digest bits %d out of range", dbits); + if ((dbits % 8) != 0) + fatal("HMAC-SHA256 digest bits %d not divisible by 8", + dbits); + break; + case DST_ALG_HMACSHA384: + if (size < 1 || size > 384) + fatal("HMAC-384 key size %d out of range", size); + if (dbits != 0 && (dbits < 192 || dbits > 384)) + fatal("HMAC-SHA384 digest bits %d out of range", dbits); + if ((dbits % 8) != 0) + fatal("HMAC-SHA384 digest bits %d not divisible by 8", + dbits); + break; + case DST_ALG_HMACSHA512: + if (size < 1 || size > 512) + fatal("HMAC-SHA512 key size %d out of range", size); + if (dbits != 0 && (dbits < 256 || dbits > 512)) + fatal("HMAC-SHA512 digest bits %d out of range", dbits); + if ((dbits % 8) != 0) + fatal("HMAC-SHA512 digest bits %d not divisible by 8", + dbits); break; } @@ -306,7 +392,10 @@ main(int argc, char **argv) { } if ((flags & DNS_KEYFLAG_OWNERMASK) == DNS_KEYOWNER_ZONE && - (alg == DNS_KEYALG_DH || alg == DST_ALG_HMACMD5)) + (alg == DNS_KEYALG_DH || alg == DST_ALG_HMACMD5 || + alg == DST_ALG_HMACSHA1 || alg == DST_ALG_HMACSHA224 || + alg == DST_ALG_HMACSHA256 || alg == DST_ALG_HMACSHA384 || + alg == DST_ALG_HMACSHA512)) fatal("a key with algorithm '%s' cannot be a zone key", algname); @@ -330,6 +419,11 @@ main(int argc, char **argv) { break; case DNS_KEYALG_DSA: case DST_ALG_HMACMD5: + case DST_ALG_HMACSHA1: + case DST_ALG_HMACSHA224: + case DST_ALG_HMACSHA256: + case DST_ALG_HMACSHA384: + case DST_ALG_HMACSHA512: param = 0; break; } @@ -358,6 +452,8 @@ main(int argc, char **argv) { exit(-1); } + dst_key_setbits(key, dbits); + /* * Try to read a key with the same name, alg and id from disk. * If there is one we must continue generating a new one @@ -407,6 +503,7 @@ main(int argc, char **argv) { cleanup_logging(&log); cleanup_entropy(&ectx); dst_lib_destroy(); + dns_name_destroy(); if (verbose > 10) isc_mem_stats(mctx, stdout); isc_mem_destroy(&mctx); diff --git a/usr.sbin/bind/bin/dnssec/dnssec-keygen.docbook b/usr.sbin/bind/bin/dnssec/dnssec-keygen.docbook index c0ea2afdb3b..fcfdca2704f 100644 --- a/usr.sbin/bind/bin/dnssec/dnssec-keygen.docbook +++ b/usr.sbin/bind/bin/dnssec/dnssec-keygen.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000-2003 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,9 +18,8 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: dnssec-keygen.docbook,v 1.3.12.9 2005/08/30 01:41:41 marka Exp $ --> - -<refentry> +<!-- $ISC: dnssec-keygen.docbook,v 1.7.18.11 2007/08/28 07:20:00 tbox Exp $ --> +<refentry id="man.dnssec-keygen"> <refentryinfo> <date>June 30, 2000</date> </refentryinfo> @@ -31,10 +30,16 @@ <refmiscinfo>BIND9</refmiscinfo> </refmeta> + <refnamediv> + <refname><application>dnssec-keygen</application></refname> + <refpurpose>DNSSEC key generation tool</refpurpose> + </refnamediv> + <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -46,11 +51,6 @@ </copyright> </docinfo> - <refnamediv> - <refname><application>dnssec-keygen</application></refname> - <refpurpose>DNSSEC key generation tool</refpurpose> - </refnamediv> - <refsynopsisdiv> <cmdsynopsis> <command>dnssec-keygen</command> @@ -74,11 +74,10 @@ <refsect1> <title>DESCRIPTION</title> - <para> - <command>dnssec-keygen</command> generates keys for DNSSEC - (Secure DNS), as defined in RFC 2535 and RFC <TBA\>. It can also generate - keys for use with TSIG (Transaction Signatures), as - defined in RFC 2845. + <para><command>dnssec-keygen</command> + generates keys for DNSSEC (Secure DNS), as defined in RFC 2535 + and RFC 4034. It can also generate keys for use with + TSIG (Transaction Signatures), as defined in RFC 2845. </para> </refsect1> @@ -88,168 +87,173 @@ <variablelist> <varlistentry> <term>-a <replaceable class="parameter">algorithm</replaceable></term> - <listitem> - <para> - Selects the cryptographic algorithm. The value of - <option>algorithm</option> must be one of RSAMD5 (RSA) or RSASHA1, - DSA, DH (Diffie Hellman), or HMAC-MD5. These values - are case insensitive. - </para> - <para> - Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement algorithm, - and DSA is recommended. For TSIG, HMAC-MD5 is mandatory. - </para> - <para> - Note 2: HMAC-MD5 and DH automatically set the -k flag. - </para> - </listitem> + <listitem> + <para> + Selects the cryptographic algorithm. The value of + <option>algorithm</option> must be one of RSAMD5 (RSA) or RSASHA1, + DSA, DH (Diffie Hellman), or HMAC-MD5. These values + are case insensitive. + </para> + <para> + Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement + algorithm, + and DSA is recommended. For TSIG, HMAC-MD5 is mandatory. + </para> + <para> + Note 2: HMAC-MD5 and DH automatically set the -k flag. + </para> + </listitem> </varlistentry> <varlistentry> <term>-b <replaceable class="parameter">keysize</replaceable></term> - <listitem> - <para> - Specifies the number of bits in the key. The choice of key - size depends on the algorithm used. RSAMD5 / RSASHA1 keys must be between - 512 and 2048 bits. Diffie Hellman keys must be between - 128 and 4096 bits. DSA keys must be between 512 and 1024 - bits and an exact multiple of 64. HMAC-MD5 keys must be - between 1 and 512 bits. - </para> - </listitem> + <listitem> + <para> + Specifies the number of bits in the key. The choice of key + size depends on the algorithm used. RSAMD5 / RSASHA1 keys must be + between + 512 and 2048 bits. Diffie Hellman keys must be between + 128 and 4096 bits. DSA keys must be between 512 and 1024 + bits and an exact multiple of 64. HMAC-MD5 keys must be + between 1 and 512 bits. + </para> + </listitem> </varlistentry> <varlistentry> <term>-n <replaceable class="parameter">nametype</replaceable></term> - <listitem> - <para> - Specifies the owner type of the key. The value of - <option>nametype</option> must either be ZONE (for a DNSSEC - zone key (KEY/DNSKEY)), HOST or ENTITY (for a key associated with a host (KEY)), - USER (for a key associated with a user(KEY)) or OTHER (DNSKEY). These values are - case insensitive. - </para> - </listitem> + <listitem> + <para> + Specifies the owner type of the key. The value of + <option>nametype</option> must either be ZONE (for a DNSSEC + zone key (KEY/DNSKEY)), HOST or ENTITY (for a key associated with + a host (KEY)), + USER (for a key associated with a user(KEY)) or OTHER (DNSKEY). + These values are + case insensitive. + </para> + </listitem> </varlistentry> <varlistentry> <term>-c <replaceable class="parameter">class</replaceable></term> - <listitem> - <para> - Indicates that the DNS record containing the key should have - the specified class. If not specified, class IN is used. - </para> - </listitem> + <listitem> + <para> + Indicates that the DNS record containing the key should have + the specified class. If not specified, class IN is used. + </para> + </listitem> </varlistentry> <varlistentry> <term>-e</term> - <listitem> - <para> - If generating an RSAMD5/RSASHA1 key, use a large exponent. - </para> - </listitem> + <listitem> + <para> + If generating an RSAMD5/RSASHA1 key, use a large exponent. + </para> + </listitem> </varlistentry> <varlistentry> <term>-f <replaceable class="parameter">flag</replaceable></term> - <listitem> - <para> - Set the specified flag in the flag field of the KEY/DNSKEY record. - The only recognized flag is KSK (Key Signing Key) DNSKEY. - </para> - </listitem> + <listitem> + <para> + Set the specified flag in the flag field of the KEY/DNSKEY record. + The only recognized flag is KSK (Key Signing Key) DNSKEY. + </para> + </listitem> </varlistentry> <varlistentry> <term>-g <replaceable class="parameter">generator</replaceable></term> - <listitem> - <para> - If generating a Diffie Hellman key, use this generator. - Allowed values are 2 and 5. If no generator - is specified, a known prime from RFC 2539 will be used - if possible; otherwise the default is 2. - </para> - </listitem> + <listitem> + <para> + If generating a Diffie Hellman key, use this generator. + Allowed values are 2 and 5. If no generator + is specified, a known prime from RFC 2539 will be used + if possible; otherwise the default is 2. + </para> + </listitem> </varlistentry> <varlistentry> <term>-h</term> - <listitem> - <para> - Prints a short summary of the options and arguments to - <command>dnssec-keygen</command>. - </para> - </listitem> + <listitem> + <para> + Prints a short summary of the options and arguments to + <command>dnssec-keygen</command>. + </para> + </listitem> </varlistentry> <varlistentry> <term>-k</term> - <listitem> - <para> - Generate KEY records rather than DNSKEY records. - </para> - </listitem> + <listitem> + <para> + Generate KEY records rather than DNSKEY records. + </para> + </listitem> </varlistentry> <varlistentry> <term>-p <replaceable class="parameter">protocol</replaceable></term> - <listitem> - <para> - Sets the protocol value for the generated key. The protocol - is a number between 0 and 255. The default is 3 (DNSSEC). - Other possible values for this argument are listed in - RFC 2535 and its successors. - </para> - </listitem> + <listitem> + <para> + Sets the protocol value for the generated key. The protocol + is a number between 0 and 255. The default is 3 (DNSSEC). + Other possible values for this argument are listed in + RFC 2535 and its successors. + </para> + </listitem> </varlistentry> <varlistentry> <term>-r <replaceable class="parameter">randomdev</replaceable></term> - <listitem> - <para> - Specifies the source of randomness. If the operating - system does not provide a <filename>/dev/random</filename> - or equivalent device, the default source of randomness - is keyboard input. <filename>randomdev</filename> specifies - the name of a character device or file containing random - data to be used instead of the default. The special value - <filename>keyboard</filename> indicates that keyboard - input should be used. - </para> - </listitem> + <listitem> + <para> + Specifies the source of randomness. If the operating + system does not provide a <filename>/dev/random</filename> + or equivalent device, the default source of randomness + is keyboard input. <filename>randomdev</filename> + specifies + the name of a character device or file containing random + data to be used instead of the default. The special value + <filename>keyboard</filename> indicates that keyboard + input should be used. + </para> + </listitem> </varlistentry> <varlistentry> <term>-s <replaceable class="parameter">strength</replaceable></term> - <listitem> - <para> - Specifies the strength value of the key. The strength is - a number between 0 and 15, and currently has no defined - purpose in DNSSEC. - </para> - </listitem> + <listitem> + <para> + Specifies the strength value of the key. The strength is + a number between 0 and 15, and currently has no defined + purpose in DNSSEC. + </para> + </listitem> </varlistentry> <varlistentry> <term>-t <replaceable class="parameter">type</replaceable></term> - <listitem> - <para> - Indicates the use of the key. <option>type</option> must be - one of AUTHCONF, NOAUTHCONF, NOAUTH, or NOCONF. The default - is AUTHCONF. AUTH refers to the ability to authenticate - data, and CONF the ability to encrypt data. - </para> - </listitem> + <listitem> + <para> + Indicates the use of the key. <option>type</option> must be + one of AUTHCONF, NOAUTHCONF, NOAUTH, or NOCONF. The default + is AUTHCONF. AUTH refers to the ability to authenticate + data, and CONF the ability to encrypt data. + </para> + </listitem> </varlistentry> <varlistentry> <term>-v <replaceable class="parameter">level</replaceable></term> - <listitem> - <para> - Sets the debugging level. - </para> - </listitem> + <listitem> + <para> + Sets the debugging level. + </para> + </listitem> </varlistentry> </variablelist> @@ -258,82 +262,82 @@ <refsect1> <title>GENERATED KEYS</title> <para> - When <command>dnssec-keygen</command> completes successfully, - it prints a string of the form <filename>Knnnn.+aaa+iiiii</filename> - to the standard output. This is an identification string for - the key it has generated. + When <command>dnssec-keygen</command> completes + successfully, + it prints a string of the form <filename>Knnnn.+aaa+iiiii</filename> + to the standard output. This is an identification string for + the key it has generated. </para> <itemizedlist> <listitem> - <para> - <filename>nnnn</filename> is the key name. + <para><filename>nnnn</filename> is the key name. </para> </listitem> <listitem> - <para> - <filename>aaa</filename> is the numeric representation of the + <para><filename>aaa</filename> is the numeric representation + of the algorithm. </para> </listitem> <listitem> - <para> - <filename>iiiii</filename> is the key identifier (or footprint). + <para><filename>iiiii</filename> is the key identifier (or + footprint). </para> </listitem> </itemizedlist> - <para> - <command>dnssec-keygen</command> creates two file, with names based - on the printed string. <filename>Knnnn.+aaa+iiiii.key</filename> - contains the public key, and - <filename>Knnnn.+aaa+iiiii.private</filename> contains the private - key. + <para><command>dnssec-keygen</command> + creates two files, with names based + on the printed string. <filename>Knnnn.+aaa+iiiii.key</filename> + contains the public key, and + <filename>Knnnn.+aaa+iiiii.private</filename> contains the + private + key. </para> <para> - The <filename>.key</filename> file contains a DNS KEY record that - can be inserted into a zone file (directly or with a $INCLUDE - statement). + The <filename>.key</filename> file contains a DNS KEY record + that + can be inserted into a zone file (directly or with a $INCLUDE + statement). </para> <para> - The <filename>.private</filename> file contains algorithm specific - fields. For obvious security reasons, this file does not have - general read permission. + The <filename>.private</filename> file contains + algorithm-specific + fields. For obvious security reasons, this file does not have + general read permission. </para> <para> - Both <filename>.key</filename> and <filename>.private</filename> - files are generated for symmetric encryption algorithm such as - HMAC-MD5, even though the public and private key are equivalent. + Both <filename>.key</filename> and <filename>.private</filename> + files are generated for symmetric encryption algorithms such as + HMAC-MD5, even though the public and private key are equivalent. </para> </refsect1> <refsect1> <title>EXAMPLE</title> <para> - To generate a 768-bit DSA key for the domain - <userinput>example.com</userinput>, the following command would be - issued: + To generate a 768-bit DSA key for the domain + <userinput>example.com</userinput>, the following command would be + issued: </para> - <para> - <userinput>dnssec-keygen -a DSA -b 768 -n ZONE example.com</userinput> + <para><userinput>dnssec-keygen -a DSA -b 768 -n ZONE example.com</userinput> </para> <para> - The command would print a string of the form: + The command would print a string of the form: </para> - <para> - <userinput>Kexample.com.+003+26160</userinput> + <para><userinput>Kexample.com.+003+26160</userinput> </para> <para> - In this example, <command>dnssec-keygen</command> creates - the files <filename>Kexample.com.+003+26160.key</filename> and - <filename>Kexample.com.+003+26160.private</filename> + In this example, <command>dnssec-keygen</command> creates + the files <filename>Kexample.com.+003+26160.key</filename> + and + <filename>Kexample.com.+003+26160.private</filename>. </para> </refsect1> <refsect1> <title>SEE ALSO</title> - <para> - <citerefentry> - <refentrytitle>dnssec-signzone</refentrytitle> - <manvolnum>8</manvolnum> + <para><citerefentry> + <refentrytitle>dnssec-signzone</refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citetitle>BIND 9 Administrator Reference Manual</citetitle>, <citetitle>RFC 2535</citetitle>, @@ -344,14 +348,11 @@ <refsect1> <title>AUTHOR</title> - <para> - <corpauthor>Internet Systems Consortium</corpauthor> + <para><corpauthor>Internet Systems Consortium</corpauthor> </para> </refsect1> -</refentry> - -<!-- +</refentry><!-- - Local variables: - mode: sgml - End: diff --git a/usr.sbin/bind/bin/dnssec/dnssectool.h b/usr.sbin/bind/bin/dnssec/dnssectool.h index 76067a15f8f..80ca37898b4 100644 --- a/usr.sbin/bind/bin/dnssec/dnssectool.h +++ b/usr.sbin/bind/bin/dnssec/dnssectool.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dnssectool.h,v 1.15.12.3 2004/03/08 04:04:18 marka Exp $ */ +/* $ISC: dnssectool.h,v 1.18 2004/03/05 04:57:41 marka Exp $ */ #ifndef DNSSECTOOL_H #define DNSSECTOOL_H 1 diff --git a/usr.sbin/bind/bin/named/Makefile.in b/usr.sbin/bind/bin/named/Makefile.in index 03b9bacec1e..49e1b7f8ac1 100644 --- a/usr.sbin/bind/bin/named/Makefile.in +++ b/usr.sbin/bind/bin/named/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 1998-2002 Internet Software Consortium. # # Permission to use, copy, modify, and distribute this software for any @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.74.12.11 2004/09/06 21:47:25 marka Exp $ +# $ISC: Makefile.in,v 1.80.18.7 2005/09/05 00:18:10 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ @@ -31,12 +31,20 @@ DBDRIVER_SRCS = DBDRIVER_INCLUDES = DBDRIVER_LIBS = +DLZ_DRIVER_DIR = ${top_srcdir}/contrib/dlz/drivers + +DLZDRIVER_OBJS = @DLZ_DRIVER_OBJS@ +DLZDRIVER_SRCS = @DLZ_DRIVER_SRCS@ +DLZDRIVER_INCLUDES = @DLZ_DRIVER_INCLUDES@ +DLZDRIVER_LIBS = @DLZ_DRIVER_LIBS@ + CINCLUDES = -I${srcdir}/include -I${srcdir}/unix/include \ ${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \ ${ISCCFG_INCLUDES} ${ISCCC_INCLUDES} ${ISC_INCLUDES} \ - ${DBDRIVER_INCLUDES} + ${DLZDRIVER_INCLUDES} ${DBDRIVER_INCLUDES} + +CDEFINES = @USE_DLZ@ -CDEFINES = CWARNINGS = DNSLIBS = ../../lib/dns/libdns.@A@ @DNS_CRYPTO_LIBS@ @@ -57,13 +65,14 @@ DEPLIBS = ${LWRESDEPLIBS} ${DNSDEPLIBS} ${BIND9DEPLIBS} \ ${ISCCFGDEPLIBS} ${ISCCCDEPLIBS} ${ISCDEPLIBS} LIBS = ${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} \ - ${ISCCFGLIBS} ${ISCCCLIBS} ${ISCLIBS} ${DBDRIVER_LIBS} @LIBS@ + ${ISCCFGLIBS} ${ISCCCLIBS} ${ISCLIBS} \ + ${DLZDRIVER_LIBS} ${DBDRIVER_LIBS} @LIBS@ SUBDIRS = unix TARGETS = named@EXEEXT@ lwresd@EXEEXT@ -OBJS = aclconf.@O@ builtin.@O@ client.@O@ config.@O@ control.@O@ \ +OBJS = builtin.@O@ client.@O@ config.@O@ control.@O@ \ controlconf.@O@ interfacemgr.@O@ \ listenlist.@O@ log.@O@ logconf.@O@ main.@O@ notify.@O@ \ query.@O@ server.@O@ sortlist.@O@ \ @@ -71,11 +80,11 @@ OBJS = aclconf.@O@ builtin.@O@ client.@O@ config.@O@ control.@O@ \ zoneconf.@O@ \ lwaddr.@O@ lwresd.@O@ lwdclient.@O@ lwderror.@O@ lwdgabn.@O@ \ lwdgnba.@O@ lwdgrbn.@O@ lwdnoop.@O@ lwsearch.@O@ \ - $(DBDRIVER_OBJS) + ${DLZDRIVER_OBJS} ${DBDRIVER_OBJS} UOBJS = unix/os.@O@ -SRCS = aclconf.c builtin.c client.c config.c control.c \ +SRCS = builtin.c client.c config.c control.c \ controlconf.c interfacemgr.c \ listenlist.c log.c logconf.c main.c notify.c \ query.c server.c sortlist.c \ @@ -83,7 +92,7 @@ SRCS = aclconf.c builtin.c client.c config.c control.c \ zoneconf.c \ lwaddr.c lwresd.c lwdclient.c lwderror.c lwdgabn.c \ lwdgnba.c lwdgrbn.c lwdnoop.c lwsearch.c \ - $(DBDRIVER_SRCS) + ${DLZDRIVER_SRCS} ${DBDRIVER_SRCS} MANPAGES = named.8 lwresd.8 named.conf.5 @@ -133,3 +142,4 @@ install:: named@EXEEXT@ lwresd@EXEEXT@ installdirs ${INSTALL_DATA} ${srcdir}/lwresd.8 ${DESTDIR}${mandir}/man8 ${INSTALL_DATA} ${srcdir}/named.conf.5 ${DESTDIR}${mandir}/man5 +@DLZ_DRIVER_RULES@ diff --git a/usr.sbin/bind/bin/named/builtin.c b/usr.sbin/bind/bin/named/builtin.c index 9c8ab02a36a..accc6d6bf3a 100644 --- a/usr.sbin/bind/bin/named/builtin.c +++ b/usr.sbin/bind/bin/named/builtin.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: builtin.c,v 1.4.106.4 2004/03/08 04:04:18 marka Exp $ */ +/* $ISC: builtin.c,v 1.5.18.5 2005/08/23 04:12:38 marka Exp $ */ -/* - * The built-in "version", "hostname", "id" and "authors" databases. +/*! \file + * \brief + * The built-in "version", "hostname", "id", "authors" and "empty" databases. */ #include <config.h> @@ -26,12 +27,13 @@ #include <string.h> #include <stdio.h> +#include <isc/mem.h> #include <isc/print.h> #include <isc/result.h> #include <isc/util.h> -#include <dns/sdb.h> #include <dns/result.h> +#include <dns/sdb.h> #include <named/builtin.h> #include <named/globals.h> @@ -44,6 +46,7 @@ static isc_result_t do_version_lookup(dns_sdblookup_t *lookup); static isc_result_t do_hostname_lookup(dns_sdblookup_t *lookup); static isc_result_t do_authors_lookup(dns_sdblookup_t *lookup); static isc_result_t do_id_lookup(dns_sdblookup_t *lookup); +static isc_result_t do_empty_lookup(dns_sdblookup_t *lookup); /* * We can't use function pointers as the db_data directly @@ -53,12 +56,15 @@ static isc_result_t do_id_lookup(dns_sdblookup_t *lookup); struct builtin { isc_result_t (*do_lookup)(dns_sdblookup_t *lookup); + char *server; + char *contact; }; -static builtin_t version_builtin = { do_version_lookup }; -static builtin_t hostname_builtin = { do_hostname_lookup }; -static builtin_t authors_builtin = { do_authors_lookup }; -static builtin_t id_builtin = { do_id_lookup }; +static builtin_t version_builtin = { do_version_lookup, NULL, NULL }; +static builtin_t hostname_builtin = { do_hostname_lookup, NULL, NULL }; +static builtin_t authors_builtin = { do_authors_lookup, NULL, NULL }; +static builtin_t id_builtin = { do_id_lookup, NULL, NULL }; +static builtin_t empty_builtin = { do_empty_lookup, NULL, NULL }; static dns_sdbimplementation_t *builtin_impl; @@ -167,16 +173,37 @@ do_id_lookup(dns_sdblookup_t *lookup) { } static isc_result_t +do_empty_lookup(dns_sdblookup_t *lookup) { + + UNUSED(lookup); + return (ISC_R_SUCCESS); +} + +static isc_result_t builtin_authority(const char *zone, void *dbdata, dns_sdblookup_t *lookup) { isc_result_t result; + const char *contact = "hostmaster"; + const char *server = "@"; + builtin_t *b = (builtin_t *) dbdata; UNUSED(zone); UNUSED(dbdata); - result = dns_sdb_putsoa(lookup, "@", "hostmaster", 0); + if (b == &empty_builtin) { + server = "."; + contact = "."; + } else { + if (b->server != NULL) + server = b->server; + if (b->contact != NULL) + contact = b->contact; + } + + result = dns_sdb_putsoa(lookup, server, contact, 0); if (result != ISC_R_SUCCESS) return (ISC_R_FAILURE); - result = dns_sdb_putrr(lookup, "ns", 0, "@"); + + result = dns_sdb_putrr(lookup, "ns", 0, server); if (result != ISC_R_SUCCESS) return (ISC_R_FAILURE); @@ -187,10 +214,17 @@ static isc_result_t builtin_create(const char *zone, int argc, char **argv, void *driverdata, void **dbdata) { + REQUIRE(argc >= 1); + UNUSED(zone); UNUSED(driverdata); - if (argc != 1) + + if (strcmp(argv[0], "empty") == 0) { + if (argc != 3) + return (DNS_R_SYNTAX); + } else if (argc != 1) return (DNS_R_SYNTAX); + if (strcmp(argv[0], "version") == 0) *dbdata = &version_builtin; else if (strcmp(argv[0], "hostname") == 0) @@ -199,17 +233,62 @@ builtin_create(const char *zone, int argc, char **argv, *dbdata = &authors_builtin; else if (strcmp(argv[0], "id") == 0) *dbdata = &id_builtin; - else + else if (strcmp(argv[0], "empty") == 0) { + builtin_t *empty; + char *server; + char *contact; + /* + * We don't want built-in zones to fail. Fallback to + * the static configuration if memory allocation fails. + */ + empty = isc_mem_get(ns_g_mctx, sizeof(*empty)); + server = isc_mem_strdup(ns_g_mctx, argv[1]); + contact = isc_mem_strdup(ns_g_mctx, argv[2]); + if (empty == NULL || server == NULL || contact == NULL) { + *dbdata = &empty_builtin; + if (server != NULL) + isc_mem_free(ns_g_mctx, server); + if (contact != NULL) + isc_mem_free(ns_g_mctx, contact); + if (empty != NULL) + isc_mem_put(ns_g_mctx, empty, sizeof (*empty)); + } else { + memcpy(empty, &empty_builtin, sizeof (empty_builtin)); + empty->server = server; + empty->contact = contact; + *dbdata = empty; + } + } else return (ISC_R_NOTIMPLEMENTED); return (ISC_R_SUCCESS); } +static void +builtin_destroy(const char *zone, void *driverdata, void **dbdata) { + builtin_t *b = (builtin_t *) *dbdata; + + UNUSED(zone); + UNUSED(driverdata); + + /* + * Don't free the static versions. + */ + if (*dbdata == &version_builtin || *dbdata == &hostname_builtin || + *dbdata == &authors_builtin || *dbdata == &id_builtin || + *dbdata == &empty_builtin) + return; + + isc_mem_free(ns_g_mctx, b->server); + isc_mem_free(ns_g_mctx, b->contact); + isc_mem_put(ns_g_mctx, b, sizeof (*b)); +} + static dns_sdbmethods_t builtin_methods = { builtin_lookup, builtin_authority, NULL, /* allnodes */ builtin_create, - NULL /* destroy */ + builtin_destroy }; isc_result_t diff --git a/usr.sbin/bind/bin/named/include/named/builtin.h b/usr.sbin/bind/bin/named/include/named/builtin.h index 8f322c6a7c5..bece03f1f58 100644 --- a/usr.sbin/bind/bin/named/include/named/builtin.h +++ b/usr.sbin/bind/bin/named/include/named/builtin.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: builtin.h,v 1.1.204.3 2004/03/08 04:04:20 marka Exp $ */ +/* $ISC: builtin.h,v 1.2.18.2 2005/04/29 00:15:34 marka Exp $ */ #ifndef NAMED_BUILTIN_H #define NAMED_BUILTIN_H 1 +/*! \file */ + #include <isc/types.h> isc_result_t ns_builtin_init(void); diff --git a/usr.sbin/bind/bin/named/include/named/client.h b/usr.sbin/bind/bin/named/include/named/client.h index 353e9825b4d..f7fe916e032 100644 --- a/usr.sbin/bind/bin/named/include/named/client.h +++ b/usr.sbin/bind/bin/named/include/named/client.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: client.h,v 1.60.2.2.10.12 2006/06/06 00:11:40 marka Exp $ */ +/* $ISC: client.h,v 1.69.18.9 2006/06/06 00:11:41 marka Exp $ */ #ifndef NAMED_CLIENT_H #define NAMED_CLIENT_H 1 @@ -24,9 +24,8 @@ ***** Module Info *****/ -/* - * Client - * +/*! \file + * \brief * This module defines two objects, ns_client_t and ns_clientmgr_t. * * An ns_client_t object handles incoming DNS requests from clients @@ -44,12 +43,12 @@ * fully handled (which can be much later), the ns_client_t must be * notified of this by calling one of the following functions * exactly once in the context of its task: - * + * \code * ns_client_send() (sending a non-error response) * ns_client_sendraw() (sending a raw response) * ns_client_error() (sending an error response) * ns_client_next() (sending no response) - * + *\endcode * This will release any resources used by the request and * and allow the ns_client_t to listen for the next request. * @@ -84,6 +83,7 @@ typedef ISC_LIST(ns_client_t) client_list_t; +/*% nameserver client structure */ struct ns_client { unsigned int magic; isc_mem_t * mctx; @@ -116,15 +116,16 @@ struct ns_client { dns_rdataset_t * opt; isc_uint16_t udpsize; isc_uint16_t extflags; + isc_int16_t ednsversion; /* -1 noedns */ void (*next)(ns_client_t *); void (*shutdown)(void *arg, isc_result_t result); void *shutdown_arg; ns_query_t query; isc_stdtime_t requesttime; isc_stdtime_t now; - dns_name_t signername; /* [T]SIG key name */ - dns_name_t * signer; /* NULL if not valid sig */ - isc_boolean_t mortal; /* Die after handling request */ + dns_name_t signername; /*%< [T]SIG key name */ + dns_name_t * signer; /*%< NULL if not valid sig */ + isc_boolean_t mortal; /*%< Die after handling request */ isc_quota_t *tcpquota; isc_quota_t *recursionquota; ns_interface_t *interface; @@ -132,7 +133,7 @@ struct ns_client { isc_boolean_t peeraddr_valid; struct in6_pktinfo pktinfo; isc_event_t ctlevent; - /* + /*% * Information about recent FORMERR response(s), for * FORMERR loop avoidance. This is separate for each * client object rather than global only to avoid @@ -144,7 +145,7 @@ struct ns_client { dns_messageid_t id; } formerrcache; ISC_LINK(ns_client_t) link; - /* + /*% * The list 'link' is part of, or NULL if not on any list. */ client_list_t *list; @@ -154,38 +155,42 @@ struct ns_client { #define NS_CLIENT_VALID(c) ISC_MAGIC_VALID(c, NS_CLIENT_MAGIC) #define NS_CLIENTATTR_TCP 0x01 -#define NS_CLIENTATTR_RA 0x02 /* Client gets recusive service */ -#define NS_CLIENTATTR_PKTINFO 0x04 /* pktinfo is valid */ -#define NS_CLIENTATTR_MULTICAST 0x08 /* recv'd from multicast */ -#define NS_CLIENTATTR_WANTDNSSEC 0x10 /* include dnssec records */ +#define NS_CLIENTATTR_RA 0x02 /*%< Client gets recusive service */ +#define NS_CLIENTATTR_PKTINFO 0x04 /*%< pktinfo is valid */ +#define NS_CLIENTATTR_MULTICAST 0x08 /*%< recv'd from multicast */ +#define NS_CLIENTATTR_WANTDNSSEC 0x10 /*%< include dnssec records */ +extern unsigned int ns_client_requests; /*** *** Functions ***/ -/* +/*% * Note! These ns_client_ routines MUST be called ONLY from the client's * task in order to ensure synchronization. */ void ns_client_send(ns_client_t *client); -/* +/*% * Finish processing the current client request and * send client->message as a response. + * \brief + * Note! These ns_client_ routines MUST be called ONLY from the client's + * task in order to ensure synchronization. */ void ns_client_sendraw(ns_client_t *client, dns_message_t *msg); -/* +/*% * Finish processing the current client request and * send msg as a response using client->message->id for the id. */ void ns_client_error(ns_client_t *client, isc_result_t result); -/* +/*% * Finish processing the current client request and return * an error response to the client. The error response * will have an RCODE determined by 'result'. @@ -193,38 +198,32 @@ ns_client_error(ns_client_t *client, isc_result_t result); void ns_client_next(ns_client_t *client, isc_result_t result); -/* +/*% * Finish processing the current client request, * return no response to the client. */ -void -ns_client_qnamereplace(ns_client_t *client, dns_name_t *name); -/*% - * Replace the qname. - */ - isc_boolean_t ns_client_shuttingdown(ns_client_t *client); -/* +/*% * Return ISC_TRUE iff the client is currently shutting down. */ void ns_client_attach(ns_client_t *source, ns_client_t **target); -/* +/*% * Attach '*targetp' to 'source'. */ void ns_client_detach(ns_client_t **clientp); -/* +/*% * Detach '*clientp' from its client. */ isc_result_t ns_client_replace(ns_client_t *client); -/* +/*% * Try to replace the current client with a new one, so that the * current one can go off and do some lengthy work without * leaving the dispatch/socket without service. @@ -232,20 +231,20 @@ ns_client_replace(ns_client_t *client); void ns_client_settimeout(ns_client_t *client, unsigned int seconds); -/* +/*% * Set a timer in the client to go off in the specified amount of time. */ isc_result_t ns_clientmgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr, isc_timermgr_t *timermgr, ns_clientmgr_t **managerp); -/* +/*% * Create a client manager. */ void ns_clientmgr_destroy(ns_clientmgr_t **managerp); -/* +/*% * Destroy a client manager and all ns_client_t objects * managed by it. */ @@ -253,7 +252,7 @@ ns_clientmgr_destroy(ns_clientmgr_t **managerp); isc_result_t ns_clientmgr_createclients(ns_clientmgr_t *manager, unsigned int n, ns_interface_t *ifp, isc_boolean_t tcp); -/* +/*% * Create up to 'n' clients listening on interface 'ifp'. * If 'tcp' is ISC_TRUE, the clients will listen for TCP connections, * otherwise for UDP requests. @@ -261,7 +260,7 @@ ns_clientmgr_createclients(ns_clientmgr_t *manager, unsigned int n, isc_sockaddr_t * ns_client_getsockaddr(ns_client_t *client); -/* +/*% * Get the socket address of the client whose request is * currently being processed. */ @@ -270,27 +269,27 @@ isc_result_t ns_client_checkaclsilent(ns_client_t *client,dns_acl_t *acl, isc_boolean_t default_allow); -/* +/*% * Convenience function for client request ACL checking. * * Check the current client request against 'acl'. If 'acl' * is NULL, allow the request iff 'default_allow' is ISC_TRUE. * * Notes: - * This is appropriate for checking allow-update, + *\li This is appropriate for checking allow-update, * allow-query, allow-transfer, etc. It is not appropriate * for checking the blackhole list because we treat positive * matches as "allow" and negative matches as "deny"; in * the case of the blackhole list this would be backwards. * * Requires: - * 'client' points to a valid client. - * 'acl' points to a valid ACL, or is NULL. + *\li 'client' points to a valid client. + *\li 'acl' points to a valid ACL, or is NULL. * * Returns: - * ISC_R_SUCCESS if the request should be allowed - * ISC_R_REFUSED if the request should be denied - * No other return values are possible. + *\li ISC_R_SUCCESS if the request should be allowed + * \li ISC_R_REFUSED if the request should be denied + *\li No other return values are possible. */ isc_result_t @@ -298,16 +297,16 @@ ns_client_checkacl(ns_client_t *client, const char *opname, dns_acl_t *acl, isc_boolean_t default_allow, int log_level); -/* +/*% * Like ns_client_checkacl, but also logs the outcome of the * check at log level 'log_level' if denied, and at debug 3 * if approved. Log messages will refer to the request as * an 'opname' request. * * Requires: - * Those of ns_client_checkaclsilent(), and: + *\li Those of ns_client_checkaclsilent(), and: * - * 'opname' points to a null-terminated string. + *\li 'opname' points to a null-terminated string. */ void @@ -330,8 +329,7 @@ ns_client_aclmsg(const char *msg, dns_name_t *name, dns_rdatatype_t type, void ns_client_recursing(ns_client_t *client); /*% - * Add client to end of recursing list. If 'killoldest' is true - * kill the oldest recursive client (list head). + * Add client to end of th recursing list. */ void @@ -342,8 +340,22 @@ ns_client_killoldestquery(ns_client_t *client); void ns_client_dumprecursing(FILE *f, ns_clientmgr_t *manager); -/* +/*% * Dump the outstanding recursive queries to 'f'. */ +void +ns_client_qnamereplace(ns_client_t *client, dns_name_t *name); +/*% + * Replace the qname. + */ + +isc_boolean_t +ns_client_isself(dns_view_t *myview, dns_tsigkey_t *mykey, + isc_sockaddr_t *srcaddr, isc_sockaddr_t *destaddr, + dns_rdataclass_t rdclass, void *arg); +/*% + * Isself callback. + */ + #endif /* NAMED_CLIENT_H */ diff --git a/usr.sbin/bind/bin/named/include/named/config.h b/usr.sbin/bind/bin/named/include/named/config.h index e064abb3081..eb988c93ae7 100644 --- a/usr.sbin/bind/bin/named/include/named/config.h +++ b/usr.sbin/bind/bin/named/include/named/config.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001, 2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: config.h,v 1.4.12.6 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: config.h,v 1.6.18.6 2006/02/28 03:10:47 marka Exp $ */ #ifndef NAMED_CONFIG_H #define NAMED_CONFIG_H 1 +/*! \file */ + #include <isccfg/cfg.h> #include <dns/types.h> @@ -71,6 +73,7 @@ isc_result_t ns_config_getport(const cfg_obj_t *config, in_port_t *portp); isc_result_t -ns_config_getkeyalgorithm(const char *str, dns_name_t **name); +ns_config_getkeyalgorithm(const char *str, dns_name_t **name, + isc_uint16_t *digestbits); #endif /* NAMED_CONFIG_H */ diff --git a/usr.sbin/bind/bin/named/include/named/interfacemgr.h b/usr.sbin/bind/bin/named/include/named/interfacemgr.h index 4ba58dc2df2..b2eb91c1e15 100644 --- a/usr.sbin/bind/bin/named/include/named/interfacemgr.h +++ b/usr.sbin/bind/bin/named/include/named/interfacemgr.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: interfacemgr.h,v 1.23.24.7 2004/04/29 01:31:22 marka Exp $ */ +/* $ISC: interfacemgr.h,v 1.26.18.4 2005/04/27 05:00:35 sra Exp $ */ #ifndef NAMED_INTERFACEMGR_H #define NAMED_INTERFACEMGR_H 1 @@ -24,24 +24,23 @@ ***** Module Info *****/ -/* - * Interface manager - * +/*! \file + * \brief * The interface manager monitors the operating system's list * of network interfaces, creating and destroying listeners * as needed. * * Reliability: - * No impact expected. + *\li No impact expected. * * Resources: * * Security: - * The server will only be able to bind to the DNS port on + * \li The server will only be able to bind to the DNS port on * newly discovered interfaces if it is running as root. * * Standards: - * The API for scanning varies greatly among operating systems. + *\li The API for scanning varies greatly among operating systems. * This module attempts to hide the differences. */ @@ -65,23 +64,24 @@ #define IFACE_MAGIC ISC_MAGIC('I',':','-',')') #define NS_INTERFACE_VALID(t) ISC_MAGIC_VALID(t, IFACE_MAGIC) -#define NS_INTERFACEFLAG_ANYADDR 0x01U /* bound to "any" address */ +#define NS_INTERFACEFLAG_ANYADDR 0x01U /*%< bound to "any" address */ +/*% The nameserver interface structure */ struct ns_interface { - unsigned int magic; /* Magic number. */ - ns_interfacemgr_t * mgr; /* Interface manager. */ + unsigned int magic; /*%< Magic number. */ + ns_interfacemgr_t * mgr; /*%< Interface manager. */ isc_mutex_t lock; - int references; /* Locked */ - unsigned int generation; /* Generation number. */ - isc_sockaddr_t addr; /* Address and port. */ - unsigned int flags; /* Interface characteristics */ - char name[32]; /* Null terminated. */ - dns_dispatch_t * udpdispatch; /* UDP dispatcher. */ - isc_socket_t * tcpsocket; /* TCP socket. */ - int ntcptarget; /* Desired number of concurrent - TCP accepts */ - int ntcpcurrent; /* Current ditto, locked */ - ns_clientmgr_t * clientmgr; /* Client manager. */ + int references; /*%< Locked */ + unsigned int generation; /*%< Generation number. */ + isc_sockaddr_t addr; /*%< Address and port. */ + unsigned int flags; /*%< Interface characteristics */ + char name[32]; /*%< Null terminated. */ + dns_dispatch_t * udpdispatch; /*%< UDP dispatcher. */ + isc_socket_t * tcpsocket; /*%< TCP socket. */ + int ntcptarget; /*%< Desired number of concurrent + TCP accepts */ + int ntcpcurrent; /*%< Current ditto, locked */ + ns_clientmgr_t * clientmgr; /*%< Client manager. */ ISC_LINK(ns_interface_t) link; }; @@ -94,7 +94,7 @@ ns_interfacemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr, isc_socketmgr_t *socketmgr, dns_dispatchmgr_t *dispatchmgr, ns_interfacemgr_t **mgrp); -/* +/*% * Create a new interface manager. * * Initially, the new manager will not listen on any interfaces. @@ -113,7 +113,7 @@ ns_interfacemgr_shutdown(ns_interfacemgr_t *mgr); void ns_interfacemgr_scan(ns_interfacemgr_t *mgr, isc_boolean_t verbose); -/* +/*% * Scan the operatings system's list of network interfaces * and create listeners when new interfaces are discovered. * Shut down the sockets for interfaces that go away. @@ -126,7 +126,7 @@ ns_interfacemgr_scan(ns_interfacemgr_t *mgr, isc_boolean_t verbose); void ns_interfacemgr_adjust(ns_interfacemgr_t *mgr, ns_listenlist_t *list, isc_boolean_t verbose); -/* +/*% * Similar to ns_interfacemgr_scan(), but this function also tries to see the * need for an explicit listen-on when a list element in 'list' is going to * override an already-listening a wildcard interface. @@ -139,14 +139,14 @@ ns_interfacemgr_adjust(ns_interfacemgr_t *mgr, ns_listenlist_t *list, void ns_interfacemgr_setlistenon4(ns_interfacemgr_t *mgr, ns_listenlist_t *value); -/* +/*% * Set the IPv4 "listen-on" list of 'mgr' to 'value'. * The previous IPv4 listen-on list is freed. */ void ns_interfacemgr_setlistenon6(ns_interfacemgr_t *mgr, ns_listenlist_t *value); -/* +/*% * Set the IPv6 "listen-on" list of 'mgr' to 'value'. * The previous IPv6 listen-on list is freed. */ @@ -162,7 +162,7 @@ ns_interface_detach(ns_interface_t **targetp); void ns_interface_shutdown(ns_interface_t *ifp); -/* +/*% * Stop listening for queries on interface 'ifp'. * May safely be called multiple times. */ @@ -170,4 +170,7 @@ ns_interface_shutdown(ns_interface_t *ifp); void ns_interfacemgr_dumprecursing(FILE *f, ns_interfacemgr_t *mgr); +isc_boolean_t +ns_interfacemgr_listeningon(ns_interfacemgr_t *mgr, isc_sockaddr_t *addr); + #endif /* NAMED_INTERFACEMGR_H */ diff --git a/usr.sbin/bind/bin/named/include/named/listenlist.h b/usr.sbin/bind/bin/named/include/named/listenlist.h index 81e5f58fc28..40d81cdd774 100644 --- a/usr.sbin/bind/bin/named/include/named/listenlist.h +++ b/usr.sbin/bind/bin/named/include/named/listenlist.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: listenlist.h,v 1.10.208.1 2004/03/06 10:21:24 marka Exp $ */ +/* $ISC: listenlist.h,v 1.11.18.2 2005/04/29 00:15:34 marka Exp $ */ #ifndef NAMED_LISTENLIST_H #define NAMED_LISTENLIST_H 1 @@ -24,7 +24,8 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * "Listen lists", as in the "listen-on" configuration statement. */ @@ -62,38 +63,38 @@ struct ns_listenlist { isc_result_t ns_listenelt_create(isc_mem_t *mctx, in_port_t port, dns_acl_t *acl, ns_listenelt_t **target); -/* +/*% * Create a listen-on list element. */ void ns_listenelt_destroy(ns_listenelt_t *elt); -/* +/*% * Destroy a listen-on list element. */ isc_result_t ns_listenlist_create(isc_mem_t *mctx, ns_listenlist_t **target); -/* +/*% * Create a new, empty listen-on list. */ void ns_listenlist_attach(ns_listenlist_t *source, ns_listenlist_t **target); -/* +/*% * Attach '*target' to '*source'. */ void ns_listenlist_detach(ns_listenlist_t **listp); -/* +/*% * Detach 'listp'. */ isc_result_t ns_listenlist_default(isc_mem_t *mctx, in_port_t port, isc_boolean_t enabled, ns_listenlist_t **target); -/* +/*% * Create a listen-on list with default contents, matching * all addresses with port 'port' (if 'enabled' is ISC_TRUE), * or no addresses (if 'enabled' is ISC_FALSE). diff --git a/usr.sbin/bind/bin/named/include/named/log.h b/usr.sbin/bind/bin/named/include/named/log.h index d7f6c3c98a0..4794e77a618 100644 --- a/usr.sbin/bind/bin/named/include/named/log.h +++ b/usr.sbin/bind/bin/named/include/named/log.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: log.h,v 1.19.12.3 2004/03/08 04:04:21 marka Exp $ */ +/* $ISC: log.h,v 1.21.18.2 2005/04/29 00:15:35 marka Exp $ */ #ifndef NAMED_LOG_H #define NAMED_LOG_H 1 +/*! \file */ + #include <isc/log.h> #include <isc/types.h> @@ -54,7 +56,7 @@ isc_result_t ns_log_init(isc_boolean_t safe); -/* +/*% * Initialize the logging system and set up an initial default * logging default configuration that will be used until the * config file has been read. @@ -66,7 +68,7 @@ ns_log_init(isc_boolean_t safe); isc_result_t ns_log_setdefaultchannels(isc_logconfig_t *lcfg); -/* +/*% * Set up logging channels according to the named defaults, which * may differ from the logging library defaults. Currently, * this just means setting up default_debug. @@ -74,19 +76,19 @@ ns_log_setdefaultchannels(isc_logconfig_t *lcfg); isc_result_t ns_log_setsafechannels(isc_logconfig_t *lcfg); -/* +/*% * Like ns_log_setdefaultchannels(), but omits any logging to files. */ isc_result_t ns_log_setdefaultcategory(isc_logconfig_t *lcfg); -/* +/*% * Set up "category default" to go to the right places. */ isc_result_t ns_log_setunmatchedcategory(isc_logconfig_t *lcfg); -/* +/*% * Set up "category unmatched" to go to the right places. */ diff --git a/usr.sbin/bind/bin/named/include/named/logconf.h b/usr.sbin/bind/bin/named/include/named/logconf.h index 8d9ef86ea13..d360909ef15 100644 --- a/usr.sbin/bind/bin/named/include/named/logconf.h +++ b/usr.sbin/bind/bin/named/include/named/logconf.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,16 +15,18 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: logconf.h,v 1.10.208.3 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: logconf.h,v 1.11.18.4 2006/03/02 00:37:21 marka Exp $ */ #ifndef NAMED_LOGCONF_H #define NAMED_LOGCONF_H 1 +/*! \file */ + #include <isc/log.h> isc_result_t ns_log_configure(isc_logconfig_t *logconf, const cfg_obj_t *logstmt); -/* +/*%< * Set up the logging configuration in '*logconf' according to * the named.conf data in 'logstmt'. */ diff --git a/usr.sbin/bind/bin/named/include/named/lwaddr.h b/usr.sbin/bind/bin/named/include/named/lwaddr.h index 52bf6373015..2cf573a267b 100644 --- a/usr.sbin/bind/bin/named/include/named/lwaddr.h +++ b/usr.sbin/bind/bin/named/include/named/lwaddr.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwaddr.h,v 1.3.208.1 2004/03/06 10:21:24 marka Exp $ */ +/* $ISC: lwaddr.h,v 1.4.18.2 2005/04/29 00:15:35 marka Exp $ */ + +/*! \file */ #include <lwres/lwres.h> #include <lwres/net.h> diff --git a/usr.sbin/bind/bin/named/include/named/lwdclient.h b/usr.sbin/bind/bin/named/include/named/lwdclient.h index f1541e8bc41..96563733845 100644 --- a/usr.sbin/bind/bin/named/include/named/lwdclient.h +++ b/usr.sbin/bind/bin/named/include/named/lwdclient.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwdclient.h,v 1.13.208.1 2004/03/06 10:21:24 marka Exp $ */ +/* $ISC: lwdclient.h,v 1.14.18.2 2005/04/29 00:15:36 marka Exp $ */ #ifndef NAMED_LWDCLIENT_H #define NAMED_LWDCLIENT_H 1 +/*! \file */ + #include <isc/event.h> #include <isc/eventclass.h> #include <isc/netaddr.h> @@ -37,23 +39,24 @@ #define LWRD_SHUTDOWN (LWRD_EVENTCLASS + 0x0001) +/*% Lighweight Resolver Daemon Client */ struct ns_lwdclient { - isc_sockaddr_t address; /* where to reply */ + isc_sockaddr_t address; /*%< where to reply */ struct in6_pktinfo pktinfo; isc_boolean_t pktinfo_valid; - ns_lwdclientmgr_t *clientmgr; /* our parent */ + ns_lwdclientmgr_t *clientmgr; /*%< our parent */ ISC_LINK(ns_lwdclient_t) link; unsigned int state; - void *arg; /* packet processing state */ + void *arg; /*%< packet processing state */ /* * Received data info. */ - unsigned char buffer[LWRES_RECVLENGTH]; /* receive buffer */ - isc_uint32_t recvlength; /* length recv'd */ + unsigned char buffer[LWRES_RECVLENGTH]; /*%< receive buffer */ + isc_uint32_t recvlength; /*%< length recv'd */ lwres_lwpacket_t pkt; - /* + /*% * Send data state. If sendbuf != buffer (that is, the send buffer * isn't our receive buffer) it will be freed to the lwres_context_t. */ @@ -61,19 +64,19 @@ struct ns_lwdclient { isc_uint32_t sendlength; isc_buffer_t recv_buffer; - /* + /*% * gabn (get address by name) state info. */ dns_adbfind_t *find; dns_adbfind_t *v4find; dns_adbfind_t *v6find; - unsigned int find_wanted; /* Addresses we want */ + unsigned int find_wanted; /*%< Addresses we want */ dns_fixedname_t query_name; dns_fixedname_t target_name; ns_lwsearchctx_t searchctx; lwres_gabnresponse_t gabn; - /* + /*% * gnba (get name by address) state info. */ lwres_gnbaresponse_t gnba; @@ -81,7 +84,7 @@ struct ns_lwdclient { unsigned int options; isc_netaddr_t na; - /* + /*% * grbn (get rrset by name) state info. * * Note: this also uses target_name and searchctx. @@ -90,7 +93,7 @@ struct ns_lwdclient { dns_lookup_t *lookup; dns_rdatatype_t rdtype; - /* + /*% * Alias and address info. This is copied up to the gabn/gnba * structures eventually. * @@ -103,7 +106,7 @@ struct ns_lwdclient { lwres_addr_t addrs[LWRES_MAX_ADDRS]; }; -/* +/*% * Client states. * * _IDLE The client is not doing anything at all. @@ -156,7 +159,7 @@ struct ns_lwdclient { #define NS_LWDCLIENT_ISSEND(c) \ ((c)->state == NS_LWDCLIENT_STATESEND) -/* +/*% * Overall magic test that means we're not idle. */ #define NS_LWDCLIENT_ISRUNNING(c) (!NS_LWDCLIENT_ISIDLE(c)) @@ -174,17 +177,18 @@ struct ns_lwdclient { #define NS_LWDCLIENT_SETSENDDONE(c) \ ((c)->state = NS_LWDCLIENT_STATESENDDONE) +/*% lightweight daemon client manager */ struct ns_lwdclientmgr { ns_lwreslistener_t *listener; isc_mem_t *mctx; - isc_socket_t *sock; /* socket to use */ + isc_socket_t *sock; /*%< socket to use */ dns_view_t *view; - lwres_context_t *lwctx; /* lightweight proto context */ - isc_task_t *task; /* owning task */ + lwres_context_t *lwctx; /*%< lightweight proto context */ + isc_task_t *task; /*%< owning task */ unsigned int flags; ISC_LINK(ns_lwdclientmgr_t) link; - ISC_LIST(ns_lwdclient_t) idle; /* idle client slots */ - ISC_LIST(ns_lwdclient_t) running; /* running clients */ + ISC_LIST(ns_lwdclient_t) idle; /*%< idle client slots */ + ISC_LIST(ns_lwdclient_t) running; /*%< running clients */ }; #define NS_LWDCLIENTMGR_FLAGRECVPENDING 0x00000001 diff --git a/usr.sbin/bind/bin/named/include/named/lwresd.h b/usr.sbin/bind/bin/named/include/named/lwresd.h index 99925c2079d..a6b5861e143 100644 --- a/usr.sbin/bind/bin/named/include/named/lwresd.h +++ b/usr.sbin/bind/bin/named/include/named/lwresd.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwresd.h,v 1.12.208.3 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: lwresd.h,v 1.13.18.4 2006/03/02 00:37:21 marka Exp $ */ #ifndef NAMED_LWRESD_H #define NAMED_LWRESD_H 1 +/*! \file */ + #include <isc/types.h> #include <isc/sockaddr.h> @@ -52,7 +54,7 @@ struct ns_lwreslistener { ISC_LINK(ns_lwreslistener_t) link; }; -/* +/*% * Configure lwresd. */ isc_result_t @@ -62,7 +64,7 @@ isc_result_t ns_lwresd_parseeresolvconf(isc_mem_t *mctx, cfg_parser_t *pctx, cfg_obj_t **configp); -/* +/*% * Trigger shutdown. */ void @@ -71,29 +73,36 @@ ns_lwresd_shutdown(void); /* * Manager functions */ +/*% create manager */ isc_result_t ns_lwdmanager_create(isc_mem_t *mctx, const cfg_obj_t *lwres, ns_lwresd_t **lwresdp); +/*% attach to manager */ void ns_lwdmanager_attach(ns_lwresd_t *source, ns_lwresd_t **targetp); +/*% detach from manager */ void ns_lwdmanager_detach(ns_lwresd_t **lwresdp); /* * Listener functions */ +/*% attach to listener */ void ns_lwreslistener_attach(ns_lwreslistener_t *source, ns_lwreslistener_t **targetp); +/*% detach from lister */ void ns_lwreslistener_detach(ns_lwreslistener_t **listenerp); +/*% link client manager */ void ns_lwreslistener_unlinkcm(ns_lwreslistener_t *listener, ns_lwdclientmgr_t *cm); +/*% unlink client manager */ void ns_lwreslistener_linkcm(ns_lwreslistener_t *listener, ns_lwdclientmgr_t *cm); diff --git a/usr.sbin/bind/bin/named/include/named/lwsearch.h b/usr.sbin/bind/bin/named/include/named/lwsearch.h index 9984787467b..e4efcc3c088 100644 --- a/usr.sbin/bind/bin/named/include/named/lwsearch.h +++ b/usr.sbin/bind/bin/named/include/named/lwsearch.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwsearch.h,v 1.4.208.1 2004/03/06 10:21:25 marka Exp $ */ +/* $ISC: lwsearch.h,v 1.5.18.2 2005/04/29 00:15:36 marka Exp $ */ #ifndef NAMED_LWSEARCH_H #define NAMED_LWSEARCH_H 1 @@ -28,7 +28,8 @@ #include <named/types.h> -/* +/*! \file + * \brief * Lightweight resolver search list types and routines. * * An ns_lwsearchlist_t holds a list of search path elements. @@ -37,6 +38,7 @@ * operation. */ +/*% An ns_lwsearchlist_t holds a list of search path elements. */ struct ns_lwsearchlist { unsigned int magic; @@ -45,7 +47,7 @@ struct ns_lwsearchlist { unsigned int refs; dns_namelist_t names; }; - +/*% An ns_lwsearchctx stores the state of search list during a lookup operation. */ struct ns_lwsearchctx { dns_name_t *relname; dns_name_t *searchname; @@ -57,51 +59,51 @@ struct ns_lwsearchctx { isc_result_t ns_lwsearchlist_create(isc_mem_t *mctx, ns_lwsearchlist_t **listp); -/* +/*%< * Create an empty search list object. */ void ns_lwsearchlist_attach(ns_lwsearchlist_t *source, ns_lwsearchlist_t **target); -/* +/*%< * Attach to a search list object. */ void ns_lwsearchlist_detach(ns_lwsearchlist_t **listp); -/* +/*%< * Detach from a search list object. */ isc_result_t ns_lwsearchlist_append(ns_lwsearchlist_t *list, dns_name_t *name); -/* +/*%< * Append an element to a search list. This creates a copy of the name. */ void ns_lwsearchctx_init(ns_lwsearchctx_t *sctx, ns_lwsearchlist_t *list, dns_name_t *name, unsigned int ndots); -/* +/*%< * Creates a search list context structure. */ void ns_lwsearchctx_first(ns_lwsearchctx_t *sctx); -/* +/*%< * Moves the search list context iterator to the first element, which * is usually the exact name. */ isc_result_t ns_lwsearchctx_next(ns_lwsearchctx_t *sctx); -/* +/*%< * Moves the search list context iterator to the next element. */ isc_result_t ns_lwsearchctx_current(ns_lwsearchctx_t *sctx, dns_name_t *absname); -/* +/*%< * Obtains the current name to be looked up. This involves either * concatenating the name with a search path element, making an * exact name absolute, or doing nothing. diff --git a/usr.sbin/bind/bin/named/include/named/main.h b/usr.sbin/bind/bin/named/include/named/main.h index 2c9a255228d..194b0bc16cd 100644 --- a/usr.sbin/bind/bin/named/include/named/main.h +++ b/usr.sbin/bind/bin/named/include/named/main.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: main.h,v 1.8.2.2.8.4 2004/03/08 04:04:21 marka Exp $ */ +/* $ISC: main.h,v 1.11.18.2 2005/04/29 00:15:37 marka Exp $ */ #ifndef NAMED_MAIN_H #define NAMED_MAIN_H 1 +/*! \file */ + void ns_main_earlyfatal(const char *format, ...) ISC_FORMAT_PRINTF(1, 2); diff --git a/usr.sbin/bind/bin/named/include/named/notify.h b/usr.sbin/bind/bin/named/include/named/notify.h index 880039af767..b2a875068db 100644 --- a/usr.sbin/bind/bin/named/include/named/notify.h +++ b/usr.sbin/bind/bin/named/include/named/notify.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: notify.h,v 1.9.208.1 2004/03/06 10:21:25 marka Exp $ */ +/* $ISC: notify.h,v 1.10.18.2 2005/04/29 00:15:37 marka Exp $ */ #ifndef NAMED_NOTIFY_H #define NAMED_NOTIFY_H 1 @@ -27,8 +27,9 @@ *** Module Info ***/ -/* - * RFC 1996 +/*! \file + * \brief + * RFC1996 * A Mechanism for Prompt Notification of Zone Changes (DNS NOTIFY) */ @@ -39,7 +40,7 @@ void ns_notify_start(ns_client_t *client); -/* +/*%< * Examines the incoming message to determine apporiate zone. * Returns FORMERR if there is not exactly one question. * Returns REFUSED if we do not serve the listed zone. @@ -47,7 +48,7 @@ ns_notify_start(ns_client_t *client); * and returns the return status. * * Requires - * client to be valid. + *\li client to be valid. */ #endif /* NAMED_NOTIFY_H */ diff --git a/usr.sbin/bind/bin/named/include/named/ns_smf_globals.h b/usr.sbin/bind/bin/named/include/named/ns_smf_globals.h index 8ce735762ad..430692eacbd 100644 --- a/usr.sbin/bind/bin/named/include/named/ns_smf_globals.h +++ b/usr.sbin/bind/bin/named/include/named/ns_smf_globals.h @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ns_smf_globals.h,v 1.2.4.4 2005/05/13 01:22:33 marka Exp $ */ +/* $ISC: ns_smf_globals.h,v 1.2.2.4 2005/05/13 01:32:46 marka Exp $ */ #ifndef NS_SMF_GLOBALS_H #define NS_SMF_GLOBALS_H 1 diff --git a/usr.sbin/bind/bin/named/include/named/query.h b/usr.sbin/bind/bin/named/include/named/query.h index aa575161350..aada16b0ded 100644 --- a/usr.sbin/bind/bin/named/include/named/query.h +++ b/usr.sbin/bind/bin/named/include/named/query.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: query.h,v 1.28.2.3.8.6 2004/03/08 04:04:21 marka Exp $ */ +/* $ISC: query.h,v 1.36.18.2 2005/04/29 00:15:37 marka Exp $ */ #ifndef NAMED_QUERY_H #define NAMED_QUERY_H 1 +/*! \file */ + #include <isc/types.h> #include <isc/buffer.h> #include <isc/netaddr.h> @@ -28,6 +30,7 @@ #include <named/types.h> +/*% nameserver database version structure */ typedef struct ns_dbversion { dns_db_t *db; dns_dbversion_t *version; @@ -35,6 +38,7 @@ typedef struct ns_dbversion { ISC_LINK(struct ns_dbversion) link; } ns_dbversion_t; +/*% nameserver query structure */ struct ns_query { unsigned int attributes; unsigned int restarts; diff --git a/usr.sbin/bind/bin/named/include/named/server.h b/usr.sbin/bind/bin/named/include/named/server.h index 0fca4505df0..0a83d45adab 100644 --- a/usr.sbin/bind/bin/named/include/named/server.h +++ b/usr.sbin/bind/bin/named/include/named/server.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: server.h,v 1.58.2.1.10.13 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: server.h,v 1.73.18.8 2006/03/09 23:46:20 marka Exp $ */ #ifndef NAMED_SERVER_H #define NAMED_SERVER_H 1 +/*! \file */ + #include <isc/log.h> #include <isc/sockaddr.h> #include <isc/magic.h> @@ -35,7 +37,7 @@ #define NS_EVENT_RELOAD (NS_EVENTCLASS + 0) #define NS_EVENT_CLIENTCONTROL (NS_EVENTCLASS + 1) -/* +/*% * Name server state. Better here than in lots of separate global variables. */ struct ns_server { @@ -49,18 +51,18 @@ struct ns_server { isc_quota_t tcpquota; isc_quota_t recursionquota; dns_acl_t *blackholeacl; - char * statsfile; /* Statistics file name */ - char * dumpfile; /* Dump file name */ - char * recfile; /* Recursive file name */ - isc_boolean_t version_set; /* User has set version */ - char * version; /* User-specified version */ - isc_boolean_t hostname_set; /* User has set hostname */ - char * hostname; /* User-specified hostname */ - /* Use hostname for server id */ + char * statsfile; /*%< Statistics file name */ + char * dumpfile; /*%< Dump file name */ + char * recfile; /*%< Recursive file name */ + isc_boolean_t version_set; /*%< User has set version */ + char * version; /*%< User-specified version */ + isc_boolean_t hostname_set; /*%< User has set hostname */ + char * hostname; /*%< User-specified hostname */ + /*% Use hostname for server id */ isc_boolean_t server_usehostname; - char * server_id; /* User-specified server id */ + char * server_id; /*%< User-specified server id */ - /* + /*% * Current ACL environment. This defines the * current values of the localhost and localnets * ACLs. @@ -77,6 +79,8 @@ struct ns_server { isc_timer_t * interface_timer; isc_timer_t * heartbeat_timer; + isc_timer_t * pps_timer; + isc_uint32_t interface_interval; isc_uint32_t heartbeat_interval; @@ -84,14 +88,15 @@ struct ns_server { isc_event_t * reload_event; isc_boolean_t flushonshutdown; - isc_boolean_t log_queries; /* For BIND 8 compatibility */ + isc_boolean_t log_queries; /*%< For BIND 8 compatibility */ - isc_uint64_t * querystats; /* Query statistics counters */ + isc_uint64_t * querystats; /*%< Query statistics counters */ - ns_controls_t * controls; /* Control channels */ + ns_controls_t * controls; /*%< Control channels */ unsigned int dispatchgen; ns_dispatchlist_t dispatches; - + + dns_acache_t *acache; }; #define NS_SERVER_MAGIC ISC_MAGIC('S','V','E','R') @@ -99,7 +104,7 @@ struct ns_server { void ns_server_create(isc_mem_t *mctx, ns_server_t **serverp); -/* +/*%< * Create a server object with default settings. * This function either succeeds or causes the program to exit * with a fatal error. @@ -107,13 +112,13 @@ ns_server_create(isc_mem_t *mctx, ns_server_t **serverp); void ns_server_destroy(ns_server_t **serverp); -/* +/*%< * Destroy a server object, freeing its memory. */ void ns_server_reloadwanted(ns_server_t *server); -/* +/*%< * Inform a server that a reload is wanted. This function * may be called asynchronously, from outside the server's task. * If a reload is already scheduled or in progress, the call @@ -122,92 +127,104 @@ ns_server_reloadwanted(ns_server_t *server); void ns_server_flushonshutdown(ns_server_t *server, isc_boolean_t flush); -/* +/*%< * Inform the server that the zones should be flushed to disk on shutdown. */ isc_result_t ns_server_reloadcommand(ns_server_t *server, char *args, isc_buffer_t *text); -/* +/*%< * Act on a "reload" command from the command channel. */ isc_result_t ns_server_reconfigcommand(ns_server_t *server, char *args); -/* +/*%< * Act on a "reconfig" command from the command channel. */ isc_result_t +ns_server_notifycommand(ns_server_t *server, char *args, isc_buffer_t *text); +/*%< + * Act on a "notify" command from the command channel. + */ + +isc_result_t ns_server_refreshcommand(ns_server_t *server, char *args, isc_buffer_t *text); -/* +/*%< * Act on a "refresh" command from the command channel. */ isc_result_t ns_server_retransfercommand(ns_server_t *server, char *args); -/* +/*%< * Act on a "retransfer" command from the command channel. */ isc_result_t ns_server_togglequerylog(ns_server_t *server); -/* +/*%< * Toggle logging of queries, as in BIND 8. */ -/* +/*% * Dump the current statistics to the statistics file. */ isc_result_t ns_server_dumpstats(ns_server_t *server); -/* +/*% * Dump the current cache to the dump file. */ isc_result_t ns_server_dumpdb(ns_server_t *server, char *args); -/* +/*% * Change or increment the server debug level. */ isc_result_t ns_server_setdebuglevel(ns_server_t *server, char *args); -/* +/*% * Flush the server's cache(s) */ isc_result_t ns_server_flushcache(ns_server_t *server, char *args); -/* +/*% * Flush a particular name from the server's cache(s) */ isc_result_t ns_server_flushname(ns_server_t *server, char *args); -/* +/*% * Report the server's status. */ isc_result_t ns_server_status(ns_server_t *server, isc_buffer_t *text); -/* +/*% * Enable or disable updates for a zone. */ isc_result_t ns_server_freeze(ns_server_t *server, isc_boolean_t freeze, char *args); -/* +/*% * Dump the current recursive queries. */ isc_result_t ns_server_dumprecursing(ns_server_t *server); -/* +/*% * Maintain a list of dispatches that require reserved ports. */ void ns_add_reserved_dispatch(ns_server_t *server, const isc_sockaddr_t *addr); +/*% + * Enable or disable dnssec validation. + */ +isc_result_t +ns_server_validation(ns_server_t *server, char *args); + #endif /* NAMED_SERVER_H */ diff --git a/usr.sbin/bind/bin/named/include/named/sortlist.h b/usr.sbin/bind/bin/named/include/named/sortlist.h index d716f0a2fc2..e49f89514d0 100644 --- a/usr.sbin/bind/bin/named/include/named/sortlist.h +++ b/usr.sbin/bind/bin/named/include/named/sortlist.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,22 +15,24 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: sortlist.h,v 1.4.208.3 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: sortlist.h,v 1.5.18.4 2006/03/02 00:37:21 marka Exp $ */ #ifndef NAMED_SORTLIST_H #define NAMED_SORTLIST_H 1 +/*! \file */ + #include <isc/types.h> #include <dns/types.h> -/* +/*% * Type for callback functions that rank addresses. */ typedef int (*dns_addressorderfunc_t)(const isc_netaddr_t *address, const void *arg); -/* +/*% * Return value type for setup_sortlist. */ typedef enum { @@ -42,7 +44,7 @@ typedef enum { ns_sortlisttype_t ns_sortlist_setup(dns_acl_t *acl, isc_netaddr_t *clientaddr, const void **argp); -/* +/*%< * Find the sortlist statement in 'acl' that applies to 'clientaddr', if any. * * If a 1-element sortlist item applies, return NS_SORTLISTTYPE_1ELEMENT and @@ -57,14 +59,14 @@ ns_sortlist_setup(dns_acl_t *acl, isc_netaddr_t *clientaddr, int ns_sortlist_addrorder1(const isc_netaddr_t *addr, const void *arg); -/* +/*%< * Find the sort order of 'addr' in 'arg', the matching element * of a 1-element top-level sortlist statement. */ int ns_sortlist_addrorder2(const isc_netaddr_t *addr, const void *arg); -/* +/*%< * Find the sort order of 'addr' in 'arg', a topology-like * ACL forming the second element in a 2-element top-level * sortlist statement. @@ -74,7 +76,7 @@ void ns_sortlist_byaddrsetup(dns_acl_t *sortlist_acl, isc_netaddr_t *client_addr, dns_addressorderfunc_t *orderp, const void **argp); -/* +/*%< * Find the sortlist statement in 'acl' that applies to 'clientaddr', if any. * If a sortlist statement applies, return in '*orderp' a pointer to a function * for ranking network addresses based on that sortlist statement, and in diff --git a/usr.sbin/bind/bin/named/include/named/tkeyconf.h b/usr.sbin/bind/bin/named/include/named/tkeyconf.h index 10c251b8081..45cb0af28bb 100644 --- a/usr.sbin/bind/bin/named/include/named/tkeyconf.h +++ b/usr.sbin/bind/bin/named/include/named/tkeyconf.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: tkeyconf.h,v 1.9.208.3 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: tkeyconf.h,v 1.10.18.4 2006/03/02 00:37:21 marka Exp $ */ #ifndef NS_TKEYCONF_H #define NS_TKEYCONF_H 1 +/*! \file */ + #include <isc/types.h> #include <isc/lang.h> @@ -30,20 +32,20 @@ ISC_LANG_BEGINDECLS isc_result_t ns_tkeyctx_fromconfig(const cfg_obj_t *options, isc_mem_t *mctx, isc_entropy_t *ectx, dns_tkeyctx_t **tctxp); -/* +/*%< * Create a TKEY context and configure it, including the default DH key * and default domain, according to 'options'. * * Requires: - * 'cfg' is a valid configuration options object. - * 'mctx' is not NULL - * 'ectx' is not NULL - * 'tctx' is not NULL - * '*tctx' is NULL + *\li 'cfg' is a valid configuration options object. + *\li 'mctx' is not NULL + *\li 'ectx' is not NULL + *\li 'tctx' is not NULL + *\li '*tctx' is NULL * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + *\li ISC_R_SUCCESS + *\li ISC_R_NOMEMORY */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/bin/named/include/named/tsigconf.h b/usr.sbin/bind/bin/named/include/named/tsigconf.h index e623309673c..6c845f9ecfe 100644 --- a/usr.sbin/bind/bin/named/include/named/tsigconf.h +++ b/usr.sbin/bind/bin/named/include/named/tsigconf.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: tsigconf.h,v 1.9.208.3 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: tsigconf.h,v 1.10.18.4 2006/03/02 00:37:21 marka Exp $ */ #ifndef NS_TSIGCONF_H #define NS_TSIGCONF_H 1 +/*! \file */ + #include <isc/types.h> #include <isc/lang.h> @@ -28,18 +30,18 @@ ISC_LANG_BEGINDECLS isc_result_t ns_tsigkeyring_fromconfig(const cfg_obj_t *config, const cfg_obj_t *vconfig, isc_mem_t *mctx, dns_tsig_keyring_t **ringp); -/* +/*%< * Create a TSIG key ring and configure it according to the 'key' * statements in the global and view configuration objects. * * Requires: - * 'config' is not NULL. - * 'mctx' is not NULL - * 'ring' is not NULL, and '*ring' is NULL + * \li 'config' is not NULL. + * \li 'mctx' is not NULL + * \li 'ring' is not NULL, and '*ring' is NULL * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + * \li ISC_R_SUCCESS + * \li ISC_R_NOMEMORY */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/bin/named/include/named/types.h b/usr.sbin/bind/bin/named/include/named/types.h index 62a625b0113..61971c78faf 100644 --- a/usr.sbin/bind/bin/named/include/named/types.h +++ b/usr.sbin/bind/bin/named/include/named/types.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: types.h,v 1.19.208.2 2004/03/06 10:21:26 marka Exp $ */ +/* $ISC: types.h,v 1.21.18.2 2005/04/29 00:15:38 marka Exp $ */ #ifndef NAMED_TYPES_H #define NAMED_TYPES_H 1 +/*! \file */ + #include <dns/types.h> typedef struct ns_client ns_client_t; diff --git a/usr.sbin/bind/bin/named/include/named/update.h b/usr.sbin/bind/bin/named/include/named/update.h index 645e6626f50..430e5c45e35 100644 --- a/usr.sbin/bind/bin/named/include/named/update.h +++ b/usr.sbin/bind/bin/named/include/named/update.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: update.h,v 1.8.208.1 2004/03/06 10:21:26 marka Exp $ */ +/* $ISC: update.h,v 1.9.18.2 2005/04/29 00:15:39 marka Exp $ */ #ifndef NAMED_UPDATE_H #define NAMED_UPDATE_H 1 @@ -24,7 +24,8 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * RFC2136 Dynamic Update */ diff --git a/usr.sbin/bind/bin/named/include/named/xfrout.h b/usr.sbin/bind/bin/named/include/named/xfrout.h index 59460af07cf..d8d32843849 100644 --- a/usr.sbin/bind/bin/named/include/named/xfrout.h +++ b/usr.sbin/bind/bin/named/include/named/xfrout.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: xfrout.h,v 1.7.208.1 2004/03/06 10:21:27 marka Exp $ */ +/* $ISC: xfrout.h,v 1.8.18.2 2005/04/29 00:15:39 marka Exp $ */ #ifndef NAMED_XFROUT_H #define NAMED_XFROUT_H 1 @@ -24,7 +24,8 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * Outgoing zone transfers (AXFR + IXFR). */ diff --git a/usr.sbin/bind/bin/named/include/named/zoneconf.h b/usr.sbin/bind/bin/named/include/named/zoneconf.h index 03221929873..fd23243e8dc 100644 --- a/usr.sbin/bind/bin/named/include/named/zoneconf.h +++ b/usr.sbin/bind/bin/named/include/named/zoneconf.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,25 +15,26 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: zoneconf.h,v 1.16.2.2.8.3 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: zoneconf.h,v 1.19.18.5 2006/03/02 00:37:21 marka Exp $ */ #ifndef NS_ZONECONF_H #define NS_ZONECONF_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/types.h> +#include <isccfg/aclconf.h> #include <isccfg/cfg.h> -#include <named/aclconf.h> - ISC_LANG_BEGINDECLS isc_result_t ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, - const cfg_obj_t *zconfig, ns_aclconfctx_t *ac, + const cfg_obj_t *zconfig, cfg_aclconfctx_t *ac, dns_zone_t *zone); -/* +/*%< * Configure or reconfigure a zone according to the named.conf * data in 'cctx' and 'czone'. * @@ -41,16 +42,16 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, * at zone creation time. * * Require: - * 'lctx' to be initialized or NULL. - * 'cctx' to be initialized or NULL. - * 'ac' to point to an initialized ns_aclconfctx_t. - * 'czone' to be initialized. - * 'zone' to be initialized. + * \li 'lctx' to be initialized or NULL. + * \li 'cctx' to be initialized or NULL. + * \li 'ac' to point to an initialized ns_aclconfctx_t. + * \li 'czone' to be initialized. + * \li 'zone' to be initialized. */ isc_boolean_t ns_zone_reusable(dns_zone_t *zone, const cfg_obj_t *zconfig); -/* +/*%< * If 'zone' can be safely reconfigured according to the configuration * data in 'zconfig', return ISC_TRUE. If the configuration data is so * different from the current zone state that the zone needs to be destroyed diff --git a/usr.sbin/bind/bin/named/listenlist.c b/usr.sbin/bind/bin/named/listenlist.c index c8e069f3822..68c2e0e8d8b 100644 --- a/usr.sbin/bind/bin/named/listenlist.c +++ b/usr.sbin/bind/bin/named/listenlist.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: listenlist.c,v 1.9.208.1 2004/03/06 10:21:18 marka Exp $ */ +/* $ISC: listenlist.c,v 1.10.18.2 2005/04/29 00:15:22 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/bin/named/log.c b/usr.sbin/bind/bin/named/log.c index 40d84e3b4f1..d6a2bf8ed38 100644 --- a/usr.sbin/bind/bin/named/log.c +++ b/usr.sbin/bind/bin/named/log.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: log.c,v 1.33.2.1.10.6 2005/05/24 23:58:17 marka Exp $ */ +/* $ISC: log.c,v 1.37.18.6 2006/06/09 00:54:08 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -29,9 +31,10 @@ #define ISC_FACILITY LOG_DAEMON #endif -/* +/*% * When adding a new category, be sure to add the appropriate - * #define to <named/log.h>. + * #define to <named/log.h> and to update the list in + * bin/check/check-tool.c. */ static isc_logcategory_t categories[] = { { "", 0 }, @@ -44,7 +47,7 @@ static isc_logcategory_t categories[] = { { NULL, 0 } }; -/* +/*% * When adding a new module, be sure to add the appropriate * #define to <dns/log.h>. */ @@ -78,6 +81,9 @@ ns_log_init(isc_boolean_t safe) { if (result != ISC_R_SUCCESS) return (result); + /* + * named-checktool.c:setup_logging() needs to be kept in sync. + */ isc_log_registercategories(ns_g_lctx, ns_g_categories); isc_log_registermodules(ns_g_lctx, ns_g_modules); isc_log_setcontext(ns_g_lctx); diff --git a/usr.sbin/bind/bin/named/logconf.c b/usr.sbin/bind/bin/named/logconf.c index e7f0ff213eb..572edda5087 100644 --- a/usr.sbin/bind/bin/named/logconf.c +++ b/usr.sbin/bind/bin/named/logconf.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: logconf.c,v 1.30.2.3.10.4 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: logconf.c,v 1.35.18.5 2006/03/02 00:37:21 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -36,7 +38,7 @@ if (result != ISC_R_SUCCESS) goto cleanup; \ } while (0) -/* +/*% * Set up a logging category according to the named.conf data * in 'ccat' and add it to 'lctx'. */ @@ -84,7 +86,7 @@ category_fromconf(const cfg_obj_t *ccat, isc_logconfig_t *lctx) { return (ISC_R_SUCCESS); } -/* +/*% * Set up a logging channel according to the named.conf data * in 'cchan' and add it to 'lctx'. */ diff --git a/usr.sbin/bind/bin/named/lwaddr.c b/usr.sbin/bind/bin/named/lwaddr.c index 4207bf88735..cb8445b5e14 100644 --- a/usr.sbin/bind/bin/named/lwaddr.c +++ b/usr.sbin/bind/bin/named/lwaddr.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwaddr.c,v 1.3.208.1 2004/03/06 10:21:18 marka Exp $ */ +/* $ISC: lwaddr.c,v 1.4.18.2 2005/04/29 00:15:23 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -29,7 +31,7 @@ #include <named/lwaddr.h> -/* +/*% * Convert addresses from lwres to isc format. */ isc_result_t @@ -63,7 +65,7 @@ lwaddr_sockaddr_fromlwresaddr(isc_sockaddr_t *sa, lwres_addr_t *la, return (ISC_R_SUCCESS); } -/* +/*% * Convert addresses from isc to lwres format. */ diff --git a/usr.sbin/bind/bin/named/lwdclient.c b/usr.sbin/bind/bin/named/lwdclient.c index 479a730fc0b..0ccf5420aa4 100644 --- a/usr.sbin/bind/bin/named/lwdclient.c +++ b/usr.sbin/bind/bin/named/lwdclient.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwdclient.c,v 1.13.12.5 2004/03/08 09:04:15 marka Exp $ */ +/* $ISC: lwdclient.c,v 1.17.18.2 2005/04/29 00:15:23 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/bin/named/lwderror.c b/usr.sbin/bind/bin/named/lwderror.c index 8dd239c400e..922e81f0e98 100644 --- a/usr.sbin/bind/bin/named/lwderror.c +++ b/usr.sbin/bind/bin/named/lwderror.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwderror.c,v 1.7.208.1 2004/03/06 10:21:18 marka Exp $ */ +/* $ISC: lwderror.c,v 1.8.18.2 2005/04/29 00:15:24 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -25,7 +27,7 @@ #include <named/types.h> #include <named/lwdclient.h> -/* +/*% * Generate an error packet for the client, schedule a send, and put us in * the SEND state. * diff --git a/usr.sbin/bind/bin/named/lwdgabn.c b/usr.sbin/bind/bin/named/lwdgabn.c index a1b8e4a85bd..b8f0f84df2d 100644 --- a/usr.sbin/bind/bin/named/lwdgabn.c +++ b/usr.sbin/bind/bin/named/lwdgabn.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwdgabn.c,v 1.13.12.5 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: lwdgabn.c,v 1.15.18.5 2006/03/02 00:37:21 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -47,7 +49,7 @@ static isc_result_t start_find(ns_lwdclient_t *); static void restart_find(ns_lwdclient_t *); static void init_gabn(ns_lwdclient_t *); -/* +/*% * Destroy any finds. This can be used to "start over from scratch" and * should only be called when events are _not_ being generated by the finds. */ @@ -432,7 +434,7 @@ restart_find(ns_lwdclient_t *client) { client->clientmgr->task, process_gabn_finddone, client, dns_fixedname_name(&client->target_name), - dns_rootname, options, 0, + dns_rootname, 0, options, 0, dns_fixedname_name(&client->target_name), client->clientmgr->view->dstport, &client->find); diff --git a/usr.sbin/bind/bin/named/lwdgrbn.c b/usr.sbin/bind/bin/named/lwdgrbn.c index d3b8ab1a736..8b2d266dbc2 100644 --- a/usr.sbin/bind/bin/named/lwdgrbn.c +++ b/usr.sbin/bind/bin/named/lwdgrbn.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwdgrbn.c,v 1.11.208.5 2006/01/04 23:50:19 marka Exp $ */ +/* $ISC: lwdgrbn.c,v 1.13.18.5 2006/12/07 23:57:58 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -183,8 +185,6 @@ iterate_node(lwres_grbnresponse_t *grbn, dns_db_t *db, dns_dbnode_t *node, isc_mem_put(mctx, oldlens, oldsize * sizeof(*oldlens)); if (newrdatas != NULL) isc_mem_put(mctx, newrdatas, used * sizeof(*oldrdatas)); - if (newlens != NULL) - isc_mem_put(mctx, newlens, used * sizeof(*oldlens)); return (result); } diff --git a/usr.sbin/bind/bin/named/lwdnoop.c b/usr.sbin/bind/bin/named/lwdnoop.c index 3c2daaa34d2..ca37ac76bb0 100644 --- a/usr.sbin/bind/bin/named/lwdnoop.c +++ b/usr.sbin/bind/bin/named/lwdnoop.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwdnoop.c,v 1.6.208.1 2004/03/06 10:21:19 marka Exp $ */ +/* $ISC: lwdnoop.c,v 1.7.18.2 2005/04/29 00:15:25 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/bin/named/lwresd.8 b/usr.sbin/bind/bin/named/lwresd.8 index 6e6a52952a8..8a7d6eb6b97 100644 --- a/usr.sbin/bind/bin/named/lwresd.8 +++ b/usr.sbin/bind/bin/named/lwresd.8 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwresd.8,v 1.13.208.6 2006/06/29 13:02:30 marka Exp $ +.\" $ISC: lwresd.8,v 1.15.18.12 2007/05/16 06:11:27 marka Exp $ .\" .hy 0 .ad l .\" Title: lwresd .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: June 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -33,7 +33,7 @@ lwresd \- lightweight resolver daemon .SH "SYNOPSIS" .HP 7 -\fBlwresd\fR [\fB\-C\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-i\ \fR\fB\fIpid\-file\fR\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-P\ \fR\fB\fIport\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] +\fBlwresd\fR [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-C\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-i\ \fR\fB\fIpid\-file\fR\fR] [\fB\-m\ \fR\fB\fIflag\fR\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-P\ \fR\fB\fIport\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-4\fR] [\fB\-6\fR] .SH "DESCRIPTION" .PP \fBlwresd\fR @@ -60,42 +60,108 @@ entries are present, or if forwarding fails, \fBlwresd\fR resolves the queries autonomously starting at the root name servers, using a built\-in list of root server hints. .SH "OPTIONS" -.TP 3n +.PP +\-4 +.RS 4 +Use IPv4 only even if the host machine is capable of IPv6. +\fB\-4\fR +and +\fB\-6\fR +are mutually exclusive. +.RE +.PP +\-6 +.RS 4 +Use IPv6 only even if the host machine is capable of IPv4. +\fB\-4\fR +and +\fB\-6\fR +are mutually exclusive. +.RE +.PP +\-c \fIconfig\-file\fR +.RS 4 +Use +\fIconfig\-file\fR +as the configuration file instead of the default, +\fI/etc/lwresd.conf\fR. +<term>\-c</term> +can not be used with +<term>\-C</term>. +.RE +.PP \-C \fIconfig\-file\fR +.RS 4 Use \fIconfig\-file\fR as the configuration file instead of the default, \fI/etc/resolv.conf\fR. -.TP 3n +<term>\-C</term> +can not be used with +<term>\-c</term>. +.RE +.PP \-d \fIdebug\-level\fR +.RS 4 Set the daemon's debug level to \fIdebug\-level\fR. Debugging traces from \fBlwresd\fR become more verbose as the debug level increases. -.TP 3n +.RE +.PP \-f +.RS 4 Run the server in the foreground (i.e. do not daemonize). -.TP 3n +.RE +.PP \-g +.RS 4 Run the server in the foreground and force all logging to \fIstderr\fR. -.TP 3n +.RE +.PP +\-i \fIpid\-file\fR +.RS 4 +Use +\fIpid\-file\fR +as the PID file instead of the default, +\fI/var/run/lwresd.pid\fR. +.RE +.PP +\-m \fIflag\fR +.RS 4 +Turn on memory usage debugging flags. Possible flags are +\fIusage\fR, +\fItrace\fR, +\fIrecord\fR, +\fIsize\fR, and +\fImctx\fR. These correspond to the ISC_MEM_DEBUGXXXX flags described in +\fI<isc/mem.h>\fR. +.RE +.PP \-n \fI#cpus\fR +.RS 4 Create \fI#cpus\fR worker threads to take advantage of multiple CPUs. If not specified, \fBlwresd\fR will try to determine the number of CPUs present and create one thread per CPU. If it is unable to determine the number of CPUs, a single worker thread will be created. -.TP 3n +.RE +.PP \-P \fIport\fR +.RS 4 Listen for lightweight resolver queries on port \fIport\fR. If not specified, the default is port 921. -.TP 3n +.RE +.PP \-p \fIport\fR +.RS 4 Send DNS lookups to port \fIport\fR. If not specified, the default is port 53. This provides a way of testing the lightweight resolver daemon with a name server that listens for queries on a non\-standard port number. -.TP 3n +.RE +.PP \-s +.RS 4 Write memory usage statistics to \fIstdout\fR on exit. @@ -103,10 +169,11 @@ on exit. .B "Note:" This option is mainly of interest to BIND 9 developers and may be removed or changed in a future release. .RE -.TP 3n +.RE +.PP \-t \fIdirectory\fR -\fBchroot()\fR -to +.RS 4 +Chroot to \fIdirectory\fR after processing the command line arguments, but before reading the configuration file. .RS @@ -114,25 +181,33 @@ after processing the command line arguments, but before reading the configuratio This option should be used in conjunction with the \fB\-u\fR option, as chrooting a process running as root doesn't enhance security on most systems; the way -\fBchroot()\fR +\fBchroot(2)\fR is defined allows a process with root privileges to escape a chroot jail. .RE -.TP 3n +.RE +.PP \-u \fIuser\fR -\fBsetuid()\fR -to +.RS 4 +Setuid to \fIuser\fR after completing privileged operations, such as creating sockets that listen on privileged ports. -.TP 3n +.RE +.PP \-v +.RS 4 Report the version number and exit. +.RE .SH "FILES" -.TP 3n +.PP \fI/etc/resolv.conf\fR +.RS 4 The default configuration file. -.TP 3n +.RE +.PP \fI/var/run/lwresd.pid\fR +.RS 4 The default process\-id file. +.RE .SH "SEE ALSO" .PP \fBnamed\fR(8), @@ -142,4 +217,7 @@ The default process\-id file. .PP Internet Systems Consortium .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/bin/named/lwresd.docbook b/usr.sbin/bind/bin/named/lwresd.docbook index 6743b090610..368648b495e 100644 --- a/usr.sbin/bind/bin/named/lwresd.docbook +++ b/usr.sbin/bind/bin/named/lwresd.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,8 +18,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwresd.docbook,v 1.6.208.4 2005/05/13 01:22:33 marka Exp $ --> - +<!-- $ISC: lwresd.docbook,v 1.7.18.8 2007/08/28 07:20:01 tbox Exp $ --> <refentry> <refentryinfo> <date>June 30, 2000</date> @@ -31,10 +30,16 @@ <refmiscinfo>BIND9</refmiscinfo> </refmeta> + <refnamediv> + <refname><application>lwresd</application></refname> + <refpurpose>lightweight resolver daemon</refpurpose> + </refnamediv> + <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -44,19 +49,16 @@ </copyright> </docinfo> - <refnamediv> - <refname><application>lwresd</application></refname> - <refpurpose>lightweight resolver daemon</refpurpose> - </refnamediv> - <refsynopsisdiv> <cmdsynopsis> <command>lwresd</command> + <arg><option>-c <replaceable class="parameter">config-file</replaceable></option></arg> <arg><option>-C <replaceable class="parameter">config-file</replaceable></option></arg> <arg><option>-d <replaceable class="parameter">debug-level</replaceable></option></arg> <arg><option>-f</option></arg> <arg><option>-g</option></arg> <arg><option>-i <replaceable class="parameter">pid-file</replaceable></option></arg> + <arg><option>-m <replaceable class="parameter">flag</replaceable></option></arg> <arg><option>-n <replaceable class="parameter">#cpus</replaceable></option></arg> <arg><option>-P <replaceable class="parameter">port</replaceable></option></arg> <arg><option>-p <replaceable class="parameter">port</replaceable></option></arg> @@ -64,42 +66,46 @@ <arg><option>-t <replaceable class="parameter">directory</replaceable></option></arg> <arg><option>-u <replaceable class="parameter">user</replaceable></option></arg> <arg><option>-v</option></arg> + <arg><option>-4</option></arg> + <arg><option>-6</option></arg> </cmdsynopsis> </refsynopsisdiv> <refsect1> <title>DESCRIPTION</title> - <para> - <command>lwresd</command> is the daemon providing name lookup - services to clients that use the BIND 9 lightweight resolver - library. It is essentially a stripped-down, caching-only name - server that answers queries using the BIND 9 lightweight - resolver protocol rather than the DNS protocol. + + <para><command>lwresd</command> + is the daemon providing name lookup + services to clients that use the BIND 9 lightweight resolver + library. It is essentially a stripped-down, caching-only name + server that answers queries using the BIND 9 lightweight + resolver protocol rather than the DNS protocol. </para> - <para> - <command>lwresd</command> listens for resolver queries on a - UDP port on the IPv4 loopback interface, 127.0.0.1. This - means that <command>lwresd</command> can only be used by - processes running on the local machine. By default UDP port - number 921 is used for lightweight resolver requests and - responses. + + <para><command>lwresd</command> + listens for resolver queries on a + UDP port on the IPv4 loopback interface, 127.0.0.1. This + means that <command>lwresd</command> can only be used by + processes running on the local machine. By default UDP port + number 921 is used for lightweight resolver requests and + responses. </para> <para> - Incoming lightweight resolver requests are decoded by the - server which then resolves them using the DNS protocol. When - the DNS lookup completes, <command>lwresd</command> encodes - the answers in the lightweight resolver format and returns - them to the client that made the request. + Incoming lightweight resolver requests are decoded by the + server which then resolves them using the DNS protocol. When + the DNS lookup completes, <command>lwresd</command> encodes + the answers in the lightweight resolver format and returns + them to the client that made the request. </para> <para> - If <filename>/etc/resolv.conf</filename> contains any - <option>nameserver</option> entries, <command>lwresd</command> - sends recursive DNS queries to those servers. This is similar - to the use of forwarders in a caching name server. If no - <option>nameserver</option> entries are present, or if - forwarding fails, <command>lwresd</command> resolves the - queries autonomously starting at the root name servers, using - a built-in list of root server hints. + If <filename>/etc/resolv.conf</filename> contains any + <option>nameserver</option> entries, <command>lwresd</command> + sends recursive DNS queries to those servers. This is similar + to the use of forwarders in a caching name server. If no + <option>nameserver</option> entries are present, or if + forwarding fails, <command>lwresd</command> resolves the + queries autonomously starting at the root name servers, using + a built-in list of root server hints. </para> </refsect1> @@ -107,146 +113,205 @@ <title>OPTIONS</title> <variablelist> + <varlistentry> - <term>-C <replaceable class="parameter">config-file</replaceable></term> - <listitem> - <para> - Use <replaceable - class="parameter">config-file</replaceable> as the - configuration file instead of the default, - <filename>/etc/resolv.conf</filename>. + <term>-4</term> + <listitem> + <para> + Use IPv4 only even if the host machine is capable of IPv6. + <option>-4</option> and <option>-6</option> are mutually + exclusive. </para> - </listitem> + </listitem> </varlistentry> <varlistentry> - <term>-d <replaceable class="parameter">debug-level</replaceable></term> - <listitem> - <para> - Set the daemon's debug level to <replaceable - class="parameter">debug-level</replaceable>. - Debugging traces from <command>lwresd</command> become - more verbose as the debug level increases. + <term>-6</term> + <listitem> + <para> + Use IPv6 only even if the host machine is capable of IPv4. + <option>-4</option> and <option>-6</option> are mutually + exclusive. </para> - </listitem> + </listitem> </varlistentry> + <!-- this is in source but not mentioned? does this matter? --> <varlistentry> - <term>-f</term> - <listitem> - <para> - Run the server in the foreground (i.e. do not daemonize). + <term>-c <replaceable class="parameter">config-file</replaceable></term> + <listitem> + <para> + Use <replaceable class="parameter">config-file</replaceable> as the + configuration file instead of the default, + <filename>/etc/lwresd.conf</filename>. + <!-- Should this be an absolute path name? --> + <term>-c</term> can not be used with <term>-C</term>. </para> - </listitem> + </listitem> </varlistentry> <varlistentry> - <term>-g</term> - <listitem> - <para> - Run the server in the foreground and force all logging - to <filename>stderr</filename>. + <term>-C <replaceable class="parameter">config-file</replaceable></term> + <listitem> + <para> + Use <replaceable class="parameter">config-file</replaceable> as the + configuration file instead of the default, + <filename>/etc/resolv.conf</filename>. + <term>-C</term> can not be used with <term>-c</term>. </para> - </listitem> + </listitem> </varlistentry> <varlistentry> - <term>-n <replaceable class="parameter">#cpus</replaceable></term> - <listitem> - <para> - Create <replaceable - class="parameter">#cpus</replaceable> worker threads - to take advantage of multiple CPUs. If not specified, - <command>lwresd</command> will try to determine the - number of CPUs present and create one thread per CPU. - If it is unable to determine the number of CPUs, a - single worker thread will be created. + <term>-d <replaceable class="parameter">debug-level</replaceable></term> + <listitem> + <para> + Set the daemon's debug level to <replaceable class="parameter">debug-level</replaceable>. + Debugging traces from <command>lwresd</command> become + more verbose as the debug level increases. </para> - </listitem> + </listitem> </varlistentry> <varlistentry> - <term>-P <replaceable class="parameter">port</replaceable></term> - <listitem> - <para> - Listen for lightweight resolver queries on port - <replaceable class="parameter">port</replaceable>. If - not specified, the default is port 921. + <term>-f</term> + <listitem> + <para> + Run the server in the foreground (i.e. do not daemonize). </para> - </listitem> + </listitem> </varlistentry> <varlistentry> - <term>-p <replaceable class="parameter">port</replaceable></term> - <listitem> - <para> - Send DNS lookups to port <replaceable - class="parameter">port</replaceable>. If not - specified, the default is port 53. This provides a - way of testing the lightweight resolver daemon with a - name server that listens for queries on a non-standard - port number. + <term>-g</term> + <listitem> + <para> + Run the server in the foreground and force all logging + to <filename>stderr</filename>. </para> - </listitem> + </listitem> </varlistentry> <varlistentry> - <term>-s</term> - <listitem> - <para> - Write memory usage statistics to <filename>stdout</filename> - on exit. + <term>-i <replaceable class="parameter">pid-file</replaceable></term> + <listitem> + <para> + Use <replaceable class="parameter">pid-file</replaceable> as the + PID file instead of the default, + <filename>/var/run/lwresd.pid</filename>. </para> - <note> - <para> - This option is mainly of interest to BIND 9 developers - and may be removed or changed in a future release. - </para> - </note> - </listitem> + </listitem> </varlistentry> <varlistentry> - <term>-t <replaceable class="parameter">directory</replaceable></term> - <listitem> - <para> - <function>chroot()</function> to <replaceable - class="parameter">directory</replaceable> after - processing the command line arguments, but before - reading the configuration file. + <term>-m <replaceable class="parameter">flag</replaceable></term> + <listitem> + <para> + Turn on memory usage debugging flags. Possible flags are + <replaceable class="parameter">usage</replaceable>, + <replaceable class="parameter">trace</replaceable>, + <replaceable class="parameter">record</replaceable>, + <replaceable class="parameter">size</replaceable>, and + <replaceable class="parameter">mctx</replaceable>. + These correspond to the ISC_MEM_DEBUGXXXX flags described in + <filename><isc/mem.h></filename>. </para> - <warning> - <para> - This option should be used in conjunction with the - <option>-u</option> option, as chrooting a process - running as root doesn't enhance security on most - systems; the way <function>chroot()</function> is - defined allows a process with root privileges to - escape a chroot jail. - </para> - </warning> - </listitem> + </listitem> </varlistentry> <varlistentry> - <term>-u <replaceable class="parameter">user</replaceable></term> - <listitem> - <para> - <function>setuid()</function> to <replaceable - class="parameter">user</replaceable> after completing - privileged operations, such as creating sockets that - listen on privileged ports. + <term>-n <replaceable class="parameter">#cpus</replaceable></term> + <listitem> + <para> + Create <replaceable class="parameter">#cpus</replaceable> worker threads + to take advantage of multiple CPUs. If not specified, + <command>lwresd</command> will try to determine the + number of CPUs present and create one thread per CPU. + If it is unable to determine the number of CPUs, a + single worker thread will be created. </para> - </listitem> + </listitem> </varlistentry> <varlistentry> - <term>-v</term> - <listitem> - <para> - Report the version number and exit. + <term>-P <replaceable class="parameter">port</replaceable></term> + <listitem> + <para> + Listen for lightweight resolver queries on port + <replaceable class="parameter">port</replaceable>. If + not specified, the default is port 921. </para> - </listitem> + </listitem> + </varlistentry> + + <varlistentry> + <term>-p <replaceable class="parameter">port</replaceable></term> + <listitem> + <para> + Send DNS lookups to port <replaceable class="parameter">port</replaceable>. If not + specified, the default is port 53. This provides a + way of testing the lightweight resolver daemon with a + name server that listens for queries on a non-standard + port number. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-s</term> + <listitem> + <para> + Write memory usage statistics to <filename>stdout</filename> + on exit. + </para> + <note> + <para> + This option is mainly of interest to BIND 9 developers + and may be removed or changed in a future release. + </para> + </note> + </listitem> + </varlistentry> + + <varlistentry> + <term>-t <replaceable class="parameter">directory</replaceable></term> + <listitem> + <para>Chroot + to <replaceable class="parameter">directory</replaceable> after + processing the command line arguments, but before + reading the configuration file. + </para> + <warning> + <para> + This option should be used in conjunction with the + <option>-u</option> option, as chrooting a process + running as root doesn't enhance security on most + systems; the way <function>chroot(2)</function> is + defined allows a process with root privileges to + escape a chroot jail. + </para> + </warning> + </listitem> + </varlistentry> + + <varlistentry> + <term>-u <replaceable class="parameter">user</replaceable></term> + <listitem> + <para>Setuid + to <replaceable class="parameter">user</replaceable> after completing + privileged operations, such as creating sockets that + listen on privileged ports. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>-v</term> + <listitem> + <para> + Report the version number and exit. + </para> + </listitem> </varlistentry> </variablelist> @@ -259,21 +324,21 @@ <variablelist> <varlistentry> - <term><filename>/etc/resolv.conf</filename></term> - <listitem> - <para> - The default configuration file. + <term><filename>/etc/resolv.conf</filename></term> + <listitem> + <para> + The default configuration file. </para> - </listitem> + </listitem> </varlistentry> <varlistentry> - <term><filename>/var/run/lwresd.pid</filename></term> - <listitem> - <para> - The default process-id file. + <term><filename>/var/run/lwresd.pid</filename></term> + <listitem> + <para> + The default process-id file. </para> - </listitem> + </listitem> </varlistentry> </variablelist> @@ -282,33 +347,25 @@ <refsect1> <title>SEE ALSO</title> - <para> - <citerefentry> - <refentrytitle>named</refentrytitle> - <manvolnum>8</manvolnum> - </citerefentry>, - <citerefentry> - <refentrytitle>lwres</refentrytitle> - <manvolnum>3</manvolnum> - </citerefentry>, - <citerefentry> - <refentrytitle>resolver</refentrytitle> - <manvolnum>5</manvolnum> - </citerefentry>. + <para><citerefentry> + <refentrytitle>named</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>lwres</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>resolver</refentrytitle><manvolnum>5</manvolnum> + </citerefentry>. </para> </refsect1> <refsect1> <title>AUTHOR</title> - <para> - <corpauthor>Internet Systems Consortium</corpauthor> + <para><corpauthor>Internet Systems Consortium</corpauthor> </para> </refsect1> -</refentry> - - -<!-- +</refentry><!-- - Local variables: - mode: sgml - End: diff --git a/usr.sbin/bind/bin/named/lwsearch.c b/usr.sbin/bind/bin/named/lwsearch.c index 7c38c580d64..5d82a2a33db 100644 --- a/usr.sbin/bind/bin/named/lwsearch.c +++ b/usr.sbin/bind/bin/named/lwsearch.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwsearch.c,v 1.7.208.1 2004/03/06 10:21:20 marka Exp $ */ +/* $ISC: lwsearch.c,v 1.8.18.3 2005/07/12 01:22:17 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -38,6 +40,7 @@ isc_result_t ns_lwsearchlist_create(isc_mem_t *mctx, ns_lwsearchlist_t **listp) { ns_lwsearchlist_t *list; + isc_result_t result; REQUIRE(mctx != NULL); REQUIRE(listp != NULL && *listp == NULL); @@ -46,7 +49,11 @@ ns_lwsearchlist_create(isc_mem_t *mctx, ns_lwsearchlist_t **listp) { if (list == NULL) return (ISC_R_NOMEMORY); - RUNTIME_CHECK(isc_mutex_init(&list->lock) == ISC_R_SUCCESS); + result = isc_mutex_init(&list->lock); + if (result != ISC_R_SUCCESS) { + isc_mem_put(mctx, list, sizeof(ns_lwsearchlist_t)); + return (result); + } list->mctx = NULL; isc_mem_attach(mctx, &list->mctx); list->refs = 1; diff --git a/usr.sbin/bind/bin/named/named.conf.5 b/usr.sbin/bind/bin/named/named.conf.5 index 3e66cb89831..2147ceea32b 100644 --- a/usr.sbin/bind/bin/named/named.conf.5 +++ b/usr.sbin/bind/bin/named/named.conf.5 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -12,13 +12,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: named.conf.5,v 1.1.4.10 2006/09/13 02:56:20 marka Exp $ +.\" $ISC: named.conf.5,v 1.1.2.26 2007/08/19 23:26:13 marka Exp $ .\" .hy 0 .ad l .\" Title: \fInamed.conf\fR .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Aug 13, 2004 .\" Manual: BIND9 .\" Source: BIND9 @@ -46,14 +46,14 @@ C++ style: // to end of line Unix style: # to end of line .SH "ACL" .sp -.RS 3n +.RS 4 .nf acl \fIstring\fR { \fIaddress_match_element\fR; ... }; .fi .RE .SH "KEY" .sp -.RS 3n +.RS 4 .nf key \fIdomain_name\fR { algorithm \fIstring\fR; @@ -63,7 +63,7 @@ key \fIdomain_name\fR { .RE .SH "MASTERS" .sp -.RS 3n +.RS 4 .nf masters \fIstring\fR [ port \fIinteger\fR ] { ( \fImasters\fR | \fIipv4_address\fR [port \fIinteger\fR] | @@ -73,11 +73,13 @@ masters \fIstring\fR [ port \fIinteger\fR ] { .RE .SH "SERVER" .sp -.RS 3n +.RS 4 .nf -server ( \fIipv4_address\fR | \fIipv6_address\fR ) { +server ( \fIipv4_address\fR\fI[/prefixlen]\fR | \fIipv6_address\fR\fI[/prefixlen]\fR ) { bogus \fIboolean\fR; edns \fIboolean\fR; + edns\-udp\-size \fIinteger\fR; + max\-udp\-size \fIinteger\fR; provide\-ixfr \fIboolean\fR; request\-ixfr \fIboolean\fR; keys \fIserver_key\fR; @@ -93,7 +95,7 @@ server ( \fIipv4_address\fR | \fIipv6_address\fR ) { .RE .SH "TRUSTED\-KEYS" .sp -.RS 3n +.RS 4 .nf trusted\-keys { \fIdomain_name\fR \fIflags\fR \fIprotocol\fR \fIalgorithm\fR \fIkey\fR; ... @@ -102,7 +104,7 @@ trusted\-keys { .RE .SH "CONTROLS" .sp -.RS 3n +.RS 4 .nf controls { inet ( \fIipv4_address\fR | \fIipv6_address\fR | * ) @@ -115,7 +117,7 @@ controls { .RE .SH "LOGGING" .sp -.RS 3n +.RS 4 .nf logging { channel \fIstring\fR { @@ -134,7 +136,7 @@ logging { .RE .SH "LWRES" .sp -.RS 3n +.RS 4 .nf lwres { listen\-on [ port \fIinteger\fR ] { @@ -148,7 +150,7 @@ lwres { .RE .SH "OPTIONS" .sp -.RS 3n +.RS 4 .nf options { avoid\-v4\-udp\-ports { \fIport\fR; ... }; @@ -157,7 +159,6 @@ options { coresize \fIsize\fR; datasize \fIsize\fR; directory \fIquoted_string\fR; - cache\-file \fIquoted_string\fR; // test option dump\-file \fIquoted_string\fR; files \fIsize\fR; heartbeat\-interval \fIinteger\fR; @@ -205,8 +206,8 @@ options { rfc2308\-type1 \fIboolean\fR; // not yet implemented additional\-from\-auth \fIboolean\fR; additional\-from\-cache \fIboolean\fR; - query\-source [ address ( \fIipv4_address\fR | * ) ] [ port ( \fIinteger\fR | * ) ]; - query\-source\-v6 [ address ( \fIipv6_address\fR | * ) ] [ port ( \fIinteger\fR | * ) ]; + query\-source ( ( \fIipv4_address\fR | * ) | [ address ( \fIipv4_address\fR | * ) ] ) [ port ( \fIinteger\fR | * ) ]; + query\-source\-v6 ( ( \fIipv6_address\fR | * ) | [ address ( \fIipv6_address\fR | * ) ] ) [ port ( \fIinteger\fR | * ) ]; cleaning\-interval \fIinteger\fR; min\-roots \fIinteger\fR; // not implemented lame\-ttl \fIinteger\fR; @@ -214,30 +215,49 @@ options { max\-cache\-ttl \fIinteger\fR; transfer\-format ( many\-answers | one\-answer ); max\-cache\-size \fIsize_no_default\fR; + max\-acache\-size \fIsize_no_default\fR; + clients\-per\-query \fInumber\fR; + max\-clients\-per\-query \fInumber\fR; check\-names ( master | slave | response ) ( fail | warn | ignore ); - cache\-file \fIquoted_string\fR; + check\-mx ( fail | warn | ignore ); + check\-integrity \fIboolean\fR; + check\-mx\-cname ( fail | warn | ignore ); + check\-srv\-cname ( fail | warn | ignore ); + cache\-file \fIquoted_string\fR; // test option suppress\-initial\-notify \fIboolean\fR; // not yet implemented preferred\-glue \fIstring\fR; dual\-stack\-servers [ port \fIinteger\fR ] { ( \fIquoted_string\fR [port \fIinteger\fR] | \fIipv4_address\fR [port \fIinteger\fR] | \fIipv6_address\fR [port \fIinteger\fR] ); ... - } + }; edns\-udp\-size \fIinteger\fR; + max\-udp\-size \fIinteger\fR; root\-delegation\-only [ exclude { \fIquoted_string\fR; ... } ]; disable\-algorithms \fIstring\fR { \fIstring\fR; ... }; dnssec\-enable \fIboolean\fR; + dnssec\-validation \fIboolean\fR; dnssec\-lookaside \fIstring\fR trust\-anchor \fIstring\fR; dnssec\-must\-be\-secure \fIstring\fR \fIboolean\fR; + dnssec\-accept\-expired \fIboolean\fR; + empty\-server \fIstring\fR; + empty\-contact \fIstring\fR; + empty\-zones\-enable \fIboolean\fR; + disable\-empty\-zone \fIstring\fR; dialup \fIdialuptype\fR; ixfr\-from\-differences \fIixfrdiff\fR; allow\-query { \fIaddress_match_element\fR; ... }; + allow\-query\-cache { \fIaddress_match_element\fR; ... }; allow\-transfer { \fIaddress_match_element\fR; ... }; + allow\-update { \fIaddress_match_element\fR; ... }; allow\-update\-forwarding { \fIaddress_match_element\fR; ... }; + update\-check\-ksk \fIboolean\fR; + masterfile\-format ( text | raw ); notify \fInotifytype\fR; notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; + notify\-delay \fIseconds\fR; also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ... }; allow\-notify { \fIaddress_match_element\fR; ... }; @@ -267,6 +287,8 @@ options { use\-alt\-transfer\-source \fIboolean\fR; zone\-statistics \fIboolean\fR; key\-directory \fIquoted_string\fR; + zero\-no\-soa\-ttl \fIboolean\fR; + zero\-no\-soa\-ttl\-cache \fIboolean\fR; allow\-v6\-synthesis { \fIaddress_match_element\fR; ... }; // obsolete deallocate\-on\-exit \fIboolean\fR; // obsolete fake\-iquery \fIboolean\fR; // obsolete @@ -284,7 +306,7 @@ options { .RE .SH "VIEW" .sp -.RS 3n +.RS 4 .nf view \fIstring\fR \fIoptional_class\fR { match\-clients { \fIaddress_match_element\fR; ... }; @@ -297,7 +319,7 @@ view \fIstring\fR \fIoptional_class\fR { zone \fIstring\fR \fIoptional_class\fR { ... }; - server ( \fIipv4_address\fR | \fIipv6_address\fR ) { + server ( \fIipv4_address\fR\fI[/prefixlen]\fR | \fIipv6_address\fR\fI[/prefixlen]\fR ) { ... }; trusted\-keys { @@ -318,8 +340,8 @@ view \fIstring\fR \fIoptional_class\fR { rfc2308\-type1 \fIboolean\fR; // not yet implemented additional\-from\-auth \fIboolean\fR; additional\-from\-cache \fIboolean\fR; - query\-source [ address ( \fIipv4_address\fR | * ) ] [ port ( \fIinteger\fR | * ) ]; - query\-source\-v6 [ address ( \fIipv6_address\fR | * ) ] [ port ( \fIinteger\fR | * ) ]; + query\-source ( ( \fIipv4_address\fR | * ) | [ address ( \fIipv4_address\fR | * ) ] ) [ port ( \fIinteger\fR | * ) ]; + query\-source\-v6 ( ( \fIipv6_address\fR | * ) | [ address ( \fIipv6_address\fR | * ) ] ) [ port ( \fIinteger\fR | * ) ]; cleaning\-interval \fIinteger\fR; min\-roots \fIinteger\fR; // not implemented lame\-ttl \fIinteger\fR; @@ -327,9 +349,16 @@ view \fIstring\fR \fIoptional_class\fR { max\-cache\-ttl \fIinteger\fR; transfer\-format ( many\-answers | one\-answer ); max\-cache\-size \fIsize_no_default\fR; + max\-acache\-size \fIsize_no_default\fR; + clients\-per\-query \fInumber\fR; + max\-clients\-per\-query \fInumber\fR; check\-names ( master | slave | response ) ( fail | warn | ignore ); - cache\-file \fIquoted_string\fR; + check\-mx ( fail | warn | ignore ); + check\-integrity \fIboolean\fR; + check\-mx\-cname ( fail | warn | ignore ); + check\-srv\-cname ( fail | warn | ignore ); + cache\-file \fIquoted_string\fR; // test option suppress\-initial\-notify \fIboolean\fR; // not yet implemented preferred\-glue \fIstring\fR; dual\-stack\-servers [ port \fIinteger\fR ] { @@ -338,19 +367,31 @@ view \fIstring\fR \fIoptional_class\fR { \fIipv6_address\fR [port \fIinteger\fR] ); ... }; edns\-udp\-size \fIinteger\fR; + max\-udp\-size \fIinteger\fR; root\-delegation\-only [ exclude { \fIquoted_string\fR; ... } ]; disable\-algorithms \fIstring\fR { \fIstring\fR; ... }; dnssec\-enable \fIboolean\fR; + dnssec\-validation \fIboolean\fR; dnssec\-lookaside \fIstring\fR trust\-anchor \fIstring\fR; dnssec\-must\-be\-secure \fIstring\fR \fIboolean\fR; + dnssec\-accept\-expired \fIboolean\fR; + empty\-server \fIstring\fR; + empty\-contact \fIstring\fR; + empty\-zones\-enable \fIboolean\fR; + disable\-empty\-zone \fIstring\fR; dialup \fIdialuptype\fR; ixfr\-from\-differences \fIixfrdiff\fR; allow\-query { \fIaddress_match_element\fR; ... }; + allow\-query\-cache { \fIaddress_match_element\fR; ... }; allow\-transfer { \fIaddress_match_element\fR; ... }; + allow\-update { \fIaddress_match_element\fR; ... }; allow\-update\-forwarding { \fIaddress_match_element\fR; ... }; + update\-check\-ksk \fIboolean\fR; + masterfile\-format ( text | raw ); notify \fInotifytype\fR; notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; + notify\-delay \fIseconds\fR; also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ... }; allow\-notify { \fIaddress_match_element\fR; ... }; @@ -380,6 +421,8 @@ view \fIstring\fR \fIoptional_class\fR { use\-alt\-transfer\-source \fIboolean\fR; zone\-statistics \fIboolean\fR; key\-directory \fIquoted_string\fR; + zero\-no\-soa\-ttl \fIboolean\fR; + zero\-no\-soa\-ttl\-cache \fIboolean\fR; allow\-v6\-synthesis { \fIaddress_match_element\fR; ... }; // obsolete fetch\-glue \fIboolean\fR; // obsolete maintain\-ixfr\-base \fIboolean\fR; // obsolete @@ -389,7 +432,7 @@ view \fIstring\fR \fIoptional_class\fR { .RE .SH "ZONE" .sp -.RS 3n +.RS 4 .nf zone \fIstring\fR \fIoptional_class\fR { type ( master | slave | stub | hint | @@ -403,8 +446,14 @@ zone \fIstring\fR \fIoptional_class\fR { database \fIstring\fR; delegation\-only \fIboolean\fR; check\-names ( fail | warn | ignore ); + check\-mx ( fail | warn | ignore ); + check\-integrity \fIboolean\fR; + check\-mx\-cname ( fail | warn | ignore ); + check\-srv\-cname ( fail | warn | ignore ); dialup \fIdialuptype\fR; ixfr\-from\-differences \fIboolean\fR; + journal \fIquoted_string\fR; + zero\-no\-soa\-ttl \fIboolean\fR; allow\-query { \fIaddress_match_element\fR; ... }; allow\-transfer { \fIaddress_match_element\fR; ... }; allow\-update { \fIaddress_match_element\fR; ... }; @@ -414,9 +463,12 @@ zone \fIstring\fR \fIoptional_class\fR { ( name | subdomain | wildcard | self ) \fIstring\fR \fIrrtypelist\fR; ... }; + update\-check\-ksk \fIboolean\fR; + masterfile\-format ( text | raw ); notify \fInotifytype\fR; notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ]; + notify\-delay \fIseconds\fR; also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ... }; allow\-notify { \fIaddress_match_element\fR; ... }; @@ -460,7 +512,9 @@ zone \fIstring\fR \fIoptional_class\fR { .SH "SEE ALSO" .PP \fBnamed\fR(8), +\fBnamed\-checkconf\fR(8), \fBrndc\fR(8), -\fBBIND 9 Administrator Reference Manual\fR(). +BIND 9 Administrator Reference Manual. .SH "COPYRIGHT" -Copyright \(co 2004\-2006 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004\-2007 Internet Systems Consortium, Inc. ("ISC") +.br diff --git a/usr.sbin/bind/bin/named/named.conf.html b/usr.sbin/bind/bin/named/named.conf.html index 45cb11aae8c..ff0cf5c51d4 100644 --- a/usr.sbin/bind/bin/named/named.conf.html +++ b/usr.sbin/bind/bin/named/named.conf.html @@ -1,5 +1,5 @@ <!-- - - Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") - - Permission to use, copy, modify, and distribute this software for any - purpose with or without fee is hereby granted, provided that the above @@ -13,15 +13,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: named.conf.html,v 1.1.4.15 2006/09/13 02:56:21 marka Exp $ --> +<!-- $ISC: named.conf.html,v 1.1.2.35 2007/08/19 23:26:13 marka Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>named.conf</title> -<meta name="generator" content="DocBook XSL Stylesheets V1.70.1"> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2482688"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p><code class="filename">named.conf</code> — configuration file for named</p> @@ -31,33 +31,33 @@ <div class="cmdsynopsis"><p><code class="command">named.conf</code> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2549388"></a><h2>DESCRIPTION</h2> -<p> - <code class="filename">named.conf</code> is the configuration file for - <span><strong class="command">named</strong></span>. Statements are enclosed - in braces and terminated with a semi-colon. Clauses in - the statements are also semi-colon terminated. The usual - comment styles are supported: +<a name="id2542042"></a><h2>DESCRIPTION</h2> +<p><code class="filename">named.conf</code> is the configuration file + for + <span><strong class="command">named</strong></span>. Statements are enclosed + in braces and terminated with a semi-colon. Clauses in + the statements are also semi-colon terminated. The usual + comment styles are supported: </p> <p> - C style: /* */ + C style: /* */ </p> <p> - C++ style: // to end of line + C++ style: // to end of line </p> <p> - Unix style: # to end of line + Unix style: # to end of line </p> </div> <div class="refsect1" lang="en"> -<a name="id2549417"></a><h2>ACL</h2> +<a name="id2543367"></a><h2>ACL</h2> <div class="literallayout"><p><br> acl <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> <br> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2549433"></a><h2>KEY</h2> +<a name="id2543383"></a><h2>KEY</h2> <div class="literallayout"><p><br> key <em class="replaceable"><code>domain_name</code></em> {<br> algorithm <em class="replaceable"><code>string</code></em>;<br> @@ -66,7 +66,7 @@ key <em class="replaceable"><code>domain_name</code></em> {<br> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2549452"></a><h2>MASTERS</h2> +<a name="id2543402"></a><h2>MASTERS</h2> <div class="literallayout"><p><br> masters <em class="replaceable"><code>string</code></em> [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br> ( <em class="replaceable"><code>masters</code></em> | <em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br> @@ -75,11 +75,13 @@ masters <em class="replaceable"><code>string</code></em> [<span class="optional" </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2549498"></a><h2>SERVER</h2> +<a name="id2543448"></a><h2>SERVER</h2> <div class="literallayout"><p><br> -server ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> ) {<br> +server ( <em class="replaceable"><code>ipv4_address[<span class="optional">/prefixlen</span>]</code></em> | <em class="replaceable"><code>ipv6_address[<span class="optional">/prefixlen</span>]</code></em> ) {<br> bogus <em class="replaceable"><code>boolean</code></em>;<br> edns <em class="replaceable"><code>boolean</code></em>;<br> + edns-udp-size <em class="replaceable"><code>integer</code></em>;<br> + max-udp-size <em class="replaceable"><code>integer</code></em>;<br> provide-ixfr <em class="replaceable"><code>boolean</code></em>;<br> request-ixfr <em class="replaceable"><code>boolean</code></em>;<br> keys <em class="replaceable"><code>server_key</code></em>;<br> @@ -95,7 +97,7 @@ server ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="rep </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2549556"></a><h2>TRUSTED-KEYS</h2> +<a name="id2543516"></a><h2>TRUSTED-KEYS</h2> <div class="literallayout"><p><br> trusted-keys {<br> <em class="replaceable"><code>domain_name</code></em> <em class="replaceable"><code>flags</code></em> <em class="replaceable"><code>protocol</code></em> <em class="replaceable"><code>algorithm</code></em> <em class="replaceable"><code>key</code></em>; ... <br> @@ -103,7 +105,7 @@ trusted-keys {<br> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2549581"></a><h2>CONTROLS</h2> +<a name="id2543542"></a><h2>CONTROLS</h2> <div class="literallayout"><p><br> controls {<br> inet ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> | * )<br> @@ -115,7 +117,7 @@ controls {<br> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2549617"></a><h2>LOGGING</h2> +<a name="id2543577"></a><h2>LOGGING</h2> <div class="literallayout"><p><br> logging {<br> channel <em class="replaceable"><code>string</code></em> {<br> @@ -133,7 +135,7 @@ logging {<br> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2549655"></a><h2>LWRES</h2> +<a name="id2543616"></a><h2>LWRES</h2> <div class="literallayout"><p><br> lwres {<br> listen-on [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br> @@ -146,7 +148,7 @@ lwres {<br> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2549697"></a><h2>OPTIONS</h2> +<a name="id2543657"></a><h2>OPTIONS</h2> <div class="literallayout"><p><br> options {<br> avoid-v4-udp-ports { <em class="replaceable"><code>port</code></em>; ... };<br> @@ -155,7 +157,6 @@ options {<br> coresize <em class="replaceable"><code>size</code></em>;<br> datasize <em class="replaceable"><code>size</code></em>;<br> directory <em class="replaceable"><code>quoted_string</code></em>;<br> - cache-file <em class="replaceable"><code>quoted_string</code></em>; // test option<br> dump-file <em class="replaceable"><code>quoted_string</code></em>;<br> files <em class="replaceable"><code>size</code></em>;<br> heartbeat-interval <em class="replaceable"><code>integer</code></em>;<br> @@ -203,8 +204,8 @@ options {<br> rfc2308-type1 <em class="replaceable"><code>boolean</code></em>; // not yet implemented<br> additional-from-auth <em class="replaceable"><code>boolean</code></em>;<br> additional-from-cache <em class="replaceable"><code>boolean</code></em>;<br> - query-source [<span class="optional"> address ( <em class="replaceable"><code>ipv4_address</code></em> | * ) </span>] [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> - query-source-v6 [<span class="optional"> address ( <em class="replaceable"><code>ipv6_address</code></em> | * ) </span>] [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> + query-source ( ( <em class="replaceable"><code>ipv4_address</code></em> | * ) | [<span class="optional"> address ( <em class="replaceable"><code>ipv4_address</code></em> | * ) </span>] ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> + query-source-v6 ( ( <em class="replaceable"><code>ipv6_address</code></em> | * ) | [<span class="optional"> address ( <em class="replaceable"><code>ipv6_address</code></em> | * ) </span>] ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> cleaning-interval <em class="replaceable"><code>integer</code></em>;<br> min-roots <em class="replaceable"><code>integer</code></em>; // not implemented<br> lame-ttl <em class="replaceable"><code>integer</code></em>;<br> @@ -212,33 +213,53 @@ options {<br> max-cache-ttl <em class="replaceable"><code>integer</code></em>;<br> transfer-format ( many-answers | one-answer );<br> max-cache-size <em class="replaceable"><code>size_no_default</code></em>;<br> + max-acache-size <em class="replaceable"><code>size_no_default</code></em>;<br> + clients-per-query <em class="replaceable"><code>number</code></em>;<br> + max-clients-per-query <em class="replaceable"><code>number</code></em>;<br> check-names ( master | slave | response )<br> ( fail | warn | ignore );<br> - cache-file <em class="replaceable"><code>quoted_string</code></em>;<br> + check-mx ( fail | warn | ignore );<br> + check-integrity <em class="replaceable"><code>boolean</code></em>;<br> + check-mx-cname ( fail | warn | ignore );<br> + check-srv-cname ( fail | warn | ignore );<br> + cache-file <em class="replaceable"><code>quoted_string</code></em>; // test option<br> suppress-initial-notify <em class="replaceable"><code>boolean</code></em>; // not yet implemented<br> preferred-glue <em class="replaceable"><code>string</code></em>;<br> dual-stack-servers [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br> ( <em class="replaceable"><code>quoted_string</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br> <em class="replaceable"><code>ipv4_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] |<br> <em class="replaceable"><code>ipv6_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] ); ...<br> - }<br> + };<br> edns-udp-size <em class="replaceable"><code>integer</code></em>;<br> + max-udp-size <em class="replaceable"><code>integer</code></em>;<br> root-delegation-only [<span class="optional"> exclude { <em class="replaceable"><code>quoted_string</code></em>; ... } </span>];<br> disable-algorithms <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>string</code></em>; ... };<br> dnssec-enable <em class="replaceable"><code>boolean</code></em>;<br> + dnssec-validation <em class="replaceable"><code>boolean</code></em>;<br> dnssec-lookaside <em class="replaceable"><code>string</code></em> trust-anchor <em class="replaceable"><code>string</code></em>;<br> dnssec-must-be-secure <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>boolean</code></em>;<br> + dnssec-accept-expired <em class="replaceable"><code>boolean</code></em>;<br> +<br> + empty-server <em class="replaceable"><code>string</code></em>;<br> + empty-contact <em class="replaceable"><code>string</code></em>;<br> + empty-zones-enable <em class="replaceable"><code>boolean</code></em>;<br> + disable-empty-zone <em class="replaceable"><code>string</code></em>;<br> <br> dialup <em class="replaceable"><code>dialuptype</code></em>;<br> ixfr-from-differences <em class="replaceable"><code>ixfrdiff</code></em>;<br> <br> allow-query { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> + allow-query-cache { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> allow-transfer { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> + allow-update { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> allow-update-forwarding { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> + update-check-ksk <em class="replaceable"><code>boolean</code></em>;<br> <br> + masterfile-format ( text | raw );<br> notify <em class="replaceable"><code>notifytype</code></em>;<br> notify-source ( <em class="replaceable"><code>ipv4_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> notify-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> + notify-delay <em class="replaceable"><code>seconds</code></em>;<br> also-notify [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] { ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> )<br> [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ... };<br> allow-notify { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> @@ -273,6 +294,8 @@ options {<br> <br> zone-statistics <em class="replaceable"><code>boolean</code></em>;<br> key-directory <em class="replaceable"><code>quoted_string</code></em>;<br> + zero-no-soa-ttl <em class="replaceable"><code>boolean</code></em>;<br> + zero-no-soa-ttl-cache <em class="replaceable"><code>boolean</code></em>;<br> <br> allow-v6-synthesis { <em class="replaceable"><code>address_match_element</code></em>; ... }; // obsolete<br> deallocate-on-exit <em class="replaceable"><code>boolean</code></em>; // obsolete<br> @@ -290,7 +313,7 @@ options {<br> </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2550312"></a><h2>VIEW</h2> +<a name="id2544401"></a><h2>VIEW</h2> <div class="literallayout"><p><br> view <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br> match-clients { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> @@ -306,7 +329,7 @@ view <em class="replaceable"><code>string</code></em> <em class="replaceable"><c ...<br> };<br> <br> - server ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> ) {<br> + server ( <em class="replaceable"><code>ipv4_address[<span class="optional">/prefixlen</span>]</code></em> | <em class="replaceable"><code>ipv6_address[<span class="optional">/prefixlen</span>]</code></em> ) {<br> ...<br> };<br> <br> @@ -329,8 +352,8 @@ view <em class="replaceable"><code>string</code></em> <em class="replaceable"><c rfc2308-type1 <em class="replaceable"><code>boolean</code></em>; // not yet implemented<br> additional-from-auth <em class="replaceable"><code>boolean</code></em>;<br> additional-from-cache <em class="replaceable"><code>boolean</code></em>;<br> - query-source [<span class="optional"> address ( <em class="replaceable"><code>ipv4_address</code></em> | * ) </span>] [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> - query-source-v6 [<span class="optional"> address ( <em class="replaceable"><code>ipv6_address</code></em> | * ) </span>] [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> + query-source ( ( <em class="replaceable"><code>ipv4_address</code></em> | * ) | [<span class="optional"> address ( <em class="replaceable"><code>ipv4_address</code></em> | * ) </span>] ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> + query-source-v6 ( ( <em class="replaceable"><code>ipv6_address</code></em> | * ) | [<span class="optional"> address ( <em class="replaceable"><code>ipv6_address</code></em> | * ) </span>] ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> cleaning-interval <em class="replaceable"><code>integer</code></em>;<br> min-roots <em class="replaceable"><code>integer</code></em>; // not implemented<br> lame-ttl <em class="replaceable"><code>integer</code></em>;<br> @@ -338,9 +361,16 @@ view <em class="replaceable"><code>string</code></em> <em class="replaceable"><c max-cache-ttl <em class="replaceable"><code>integer</code></em>;<br> transfer-format ( many-answers | one-answer );<br> max-cache-size <em class="replaceable"><code>size_no_default</code></em>;<br> + max-acache-size <em class="replaceable"><code>size_no_default</code></em>;<br> + clients-per-query <em class="replaceable"><code>number</code></em>;<br> + max-clients-per-query <em class="replaceable"><code>number</code></em>;<br> check-names ( master | slave | response )<br> ( fail | warn | ignore );<br> - cache-file <em class="replaceable"><code>quoted_string</code></em>;<br> + check-mx ( fail | warn | ignore );<br> + check-integrity <em class="replaceable"><code>boolean</code></em>;<br> + check-mx-cname ( fail | warn | ignore );<br> + check-srv-cname ( fail | warn | ignore );<br> + cache-file <em class="replaceable"><code>quoted_string</code></em>; // test option<br> suppress-initial-notify <em class="replaceable"><code>boolean</code></em>; // not yet implemented<br> preferred-glue <em class="replaceable"><code>string</code></em>;<br> dual-stack-servers [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] {<br> @@ -349,22 +379,35 @@ view <em class="replaceable"><code>string</code></em> <em class="replaceable"><c <em class="replaceable"><code>ipv6_address</code></em> [<span class="optional">port <em class="replaceable"><code>integer</code></em></span>] ); ...<br> };<br> edns-udp-size <em class="replaceable"><code>integer</code></em>;<br> + max-udp-size <em class="replaceable"><code>integer</code></em>;<br> root-delegation-only [<span class="optional"> exclude { <em class="replaceable"><code>quoted_string</code></em>; ... } </span>];<br> disable-algorithms <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>string</code></em>; ... };<br> dnssec-enable <em class="replaceable"><code>boolean</code></em>;<br> + dnssec-validation <em class="replaceable"><code>boolean</code></em>;<br> dnssec-lookaside <em class="replaceable"><code>string</code></em> trust-anchor <em class="replaceable"><code>string</code></em>;<br> -<br> dnssec-must-be-secure <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>boolean</code></em>;<br> + dnssec-accept-expired <em class="replaceable"><code>boolean</code></em>;<br> +<br> + empty-server <em class="replaceable"><code>string</code></em>;<br> + empty-contact <em class="replaceable"><code>string</code></em>;<br> + empty-zones-enable <em class="replaceable"><code>boolean</code></em>;<br> + disable-empty-zone <em class="replaceable"><code>string</code></em>;<br> +<br> dialup <em class="replaceable"><code>dialuptype</code></em>;<br> ixfr-from-differences <em class="replaceable"><code>ixfrdiff</code></em>;<br> <br> allow-query { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> + allow-query-cache { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> allow-transfer { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> + allow-update { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> allow-update-forwarding { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> + update-check-ksk <em class="replaceable"><code>boolean</code></em>;<br> <br> + masterfile-format ( text | raw );<br> notify <em class="replaceable"><code>notifytype</code></em>;<br> notify-source ( <em class="replaceable"><code>ipv4_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> notify-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> + notify-delay <em class="replaceable"><code>seconds</code></em>;<br> also-notify [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] { ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> )<br> [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ... };<br> allow-notify { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> @@ -399,6 +442,8 @@ view <em class="replaceable"><code>string</code></em> <em class="replaceable"><c <br> zone-statistics <em class="replaceable"><code>boolean</code></em>;<br> key-directory <em class="replaceable"><code>quoted_string</code></em>;<br> + zero-no-soa-ttl <em class="replaceable"><code>boolean</code></em>;<br> + zero-no-soa-ttl-cache <em class="replaceable"><code>boolean</code></em>;<br> <br> allow-v6-synthesis { <em class="replaceable"><code>address_match_element</code></em>; ... }; // obsolete<br> fetch-glue <em class="replaceable"><code>boolean</code></em>; // obsolete<br> @@ -408,7 +453,7 @@ view <em class="replaceable"><code>string</code></em> <em class="replaceable"><c </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2550878"></a><h2>ZONE</h2> +<a name="id2544966"></a><h2>ZONE</h2> <div class="literallayout"><p><br> zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>optional_class</code></em> {<br> type ( master | slave | stub | hint |<br> @@ -424,8 +469,14 @@ zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><c database <em class="replaceable"><code>string</code></em>;<br> delegation-only <em class="replaceable"><code>boolean</code></em>;<br> check-names ( fail | warn | ignore );<br> + check-mx ( fail | warn | ignore );<br> + check-integrity <em class="replaceable"><code>boolean</code></em>;<br> + check-mx-cname ( fail | warn | ignore );<br> + check-srv-cname ( fail | warn | ignore );<br> dialup <em class="replaceable"><code>dialuptype</code></em>;<br> ixfr-from-differences <em class="replaceable"><code>boolean</code></em>;<br> + journal <em class="replaceable"><code>quoted_string</code></em>;<br> + zero-no-soa-ttl <em class="replaceable"><code>boolean</code></em>;<br> <br> allow-query { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> allow-transfer { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> @@ -436,10 +487,13 @@ zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><c ( name | subdomain | wildcard | self ) <em class="replaceable"><code>string</code></em><br> <em class="replaceable"><code>rrtypelist</code></em>; ...<br> };<br> + update-check-ksk <em class="replaceable"><code>boolean</code></em>;<br> <br> + masterfile-format ( text | raw );<br> notify <em class="replaceable"><code>notifytype</code></em>;<br> notify-source ( <em class="replaceable"><code>ipv4_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> notify-source-v6 ( <em class="replaceable"><code>ipv6_address</code></em> | * ) [<span class="optional"> port ( <em class="replaceable"><code>integer</code></em> | * ) </span>];<br> + notify-delay <em class="replaceable"><code>seconds</code></em>;<br> also-notify [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>] { ( <em class="replaceable"><code>ipv4_address</code></em> | <em class="replaceable"><code>ipv6_address</code></em> )<br> [<span class="optional"> port <em class="replaceable"><code>integer</code></em> </span>]; ... };<br> allow-notify { <em class="replaceable"><code>address_match_element</code></em>; ... };<br> @@ -484,18 +538,17 @@ zone <em class="replaceable"><code>string</code></em> <em class="replaceable"><c </p></div> </div> <div class="refsect1" lang="en"> -<a name="id2551216"></a><h2>FILES</h2> -<p> -<code class="filename">/etc/named.conf</code> -</p> +<a name="id2545319"></a><h2>FILES</h2> +<p><code class="filename">/etc/named.conf</code> + </p> </div> <div class="refsect1" lang="en"> -<a name="id2551228"></a><h2>SEE ALSO</h2> -<p> -<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, -<span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>, -<span class="citerefentry"><span class="refentrytitle">BIND 9 Administrator Reference Manual</span></span>. -</p> +<a name="id2545331"></a><h2>SEE ALSO</h2> +<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>, + <em class="citetitle">BIND 9 Administrator Reference Manual</em>. + </p> </div> </div></body> </html> diff --git a/usr.sbin/bind/bin/named/sortlist.c b/usr.sbin/bind/bin/named/sortlist.c index 419db5c59f2..e650e008b96 100644 --- a/usr.sbin/bind/bin/named/sortlist.c +++ b/usr.sbin/bind/bin/named/sortlist.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: sortlist.c,v 1.5.12.6 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: sortlist.c,v 1.9.18.4 2006/03/02 00:37:21 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/bin/named/tkeyconf.c b/usr.sbin/bind/bin/named/tkeyconf.c index b6c8d56a34f..27d82088acf 100644 --- a/usr.sbin/bind/bin/named/tkeyconf.c +++ b/usr.sbin/bind/bin/named/tkeyconf.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: tkeyconf.c,v 1.19.208.4 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: tkeyconf.c,v 1.20.18.6 2006/03/02 00:37:21 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/bin/named/tsigconf.c b/usr.sbin/bind/bin/named/tsigconf.c index b73b4630380..5e251ff73af 100644 --- a/usr.sbin/bind/bin/named/tsigconf.c +++ b/usr.sbin/bind/bin/named/tsigconf.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: tsigconf.c,v 1.21.208.6 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: tsigconf.c,v 1.22.18.6 2006/02/28 03:10:47 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -38,6 +40,7 @@ static isc_result_t add_initial_keys(const cfg_obj_t *list, dns_tsig_keyring_t *ring, isc_mem_t *mctx) { + dns_tsigkey_t *tsigkey = NULL; const cfg_listelt_t *element; const cfg_obj_t *key = NULL; const char *keyid = NULL; @@ -46,6 +49,7 @@ add_initial_keys(const cfg_obj_t *list, dns_tsig_keyring_t *ring, int secretlen = 0; isc_result_t ret; isc_stdtime_t now; + isc_uint16_t bits; for (element = cfg_list_first(list); element != NULL; @@ -86,10 +90,11 @@ add_initial_keys(const cfg_obj_t *list, dns_tsig_keyring_t *ring, * Create the algorithm. */ algstr = cfg_obj_asstring(algobj); - if (ns_config_getkeyalgorithm(algstr, &alg) != ISC_R_SUCCESS) { + if (ns_config_getkeyalgorithm(algstr, &alg, &bits) + != ISC_R_SUCCESS) { cfg_obj_log(algobj, ns_g_lctx, ISC_LOG_ERROR, - "key '%s': the only supported algorithm " - "is hmac-md5", keyid); + "key '%s': has a unsupported algorithm '%s'", + keyid, algstr); ret = DNS_R_BADALG; goto failure; } @@ -110,11 +115,16 @@ add_initial_keys(const cfg_obj_t *list, dns_tsig_keyring_t *ring, isc_stdtime_get(&now); ret = dns_tsigkey_create(&keyname, alg, secret, secretlen, ISC_FALSE, NULL, now, now, - mctx, ring, NULL); + mctx, ring, &tsigkey); isc_mem_put(mctx, secret, secretalloc); secret = NULL; if (ret != ISC_R_SUCCESS) goto failure; + /* + * Set digest bits. + */ + dst_key_setbits(tsigkey->key, bits); + dns_tsigkey_detach(&tsigkey); } return (ISC_R_SUCCESS); @@ -127,7 +137,6 @@ add_initial_keys(const cfg_obj_t *list, dns_tsig_keyring_t *ring, if (secret != NULL) isc_mem_put(mctx, secret, secretalloc); return (ret); - } isc_result_t diff --git a/usr.sbin/bind/bin/named/unix/Makefile.in b/usr.sbin/bind/bin/named/unix/Makefile.in index 8c5307beeb9..f29e852bdae 100644 --- a/usr.sbin/bind/bin/named/unix/Makefile.in +++ b/usr.sbin/bind/bin/named/unix/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.6.12.3 2004/03/08 09:04:15 marka Exp $ +# $ISC: Makefile.in,v 1.8 2004/03/05 04:58:01 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/bin/named/zoneconf.c b/usr.sbin/bind/bin/named/zoneconf.c index 45570ffeb24..47a427254f5 100644 --- a/usr.sbin/bind/bin/named/zoneconf.c +++ b/usr.sbin/bind/bin/named/zoneconf.c @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: zoneconf.c,v 1.87.2.4.10.19 2006/02/28 06:32:53 marka Exp $ */ +/* $ISC: zoneconf.c,v 1.110.18.23 2006/05/16 03:39:57 marka Exp $ */ + +/*% */ #include <config.h> @@ -35,13 +37,14 @@ #include <dns/view.h> #include <dns/zone.h> +#include <named/client.h> #include <named/config.h> #include <named/globals.h> #include <named/log.h> #include <named/server.h> #include <named/zoneconf.h> -/* +/*% * These are BIND9 server defaults, not necessarily identical to the * library defaults defined in zone.c. */ @@ -51,18 +54,18 @@ return (_r); \ } while (0) -/* +/*% * Convenience function for configuring a single zone ACL. */ static isc_result_t configure_zone_acl(const cfg_obj_t *zconfig, const cfg_obj_t *vconfig, const cfg_obj_t *config, const char *aclname, - ns_aclconfctx_t *actx, dns_zone_t *zone, + cfg_aclconfctx_t *actx, dns_zone_t *zone, void (*setzacl)(dns_zone_t *, dns_acl_t *), void (*clearzacl)(dns_zone_t *)) { isc_result_t result; - const cfg_obj_t *maps[4]; + const cfg_obj_t *maps[5]; const cfg_obj_t *aclobj = NULL; int i = 0; dns_acl_t *dacl = NULL; @@ -77,6 +80,7 @@ configure_zone_acl(const cfg_obj_t *zconfig, const cfg_obj_t *vconfig, if (options != NULL) maps[i++] = options; } + maps[i++] = ns_g_defaults; maps[i] = NULL; result = ns_config_get(maps, aclname, &aclobj); @@ -85,8 +89,8 @@ configure_zone_acl(const cfg_obj_t *zconfig, const cfg_obj_t *vconfig, return (ISC_R_SUCCESS); } - result = ns_acl_fromconfig(aclobj, config, actx, - dns_zone_getmctx(zone), &dacl); + result = cfg_acl_fromconfig(aclobj, config, ns_g_lctx, actx, + dns_zone_getmctx(zone), &dacl); if (result != ISC_R_SUCCESS) return (result); (*setzacl)(zone, dacl); @@ -94,7 +98,7 @@ configure_zone_acl(const cfg_obj_t *zconfig, const cfg_obj_t *vconfig, return (ISC_R_SUCCESS); } -/* +/*% * Parse the zone update-policy statement. */ static isc_result_t @@ -150,6 +154,10 @@ configure_zone_ssutable(const cfg_obj_t *zconfig, dns_zone_t *zone) { mtype = DNS_SSUMATCHTYPE_WILDCARD; else if (strcasecmp(str, "self") == 0) mtype = DNS_SSUMATCHTYPE_SELF; + else if (strcasecmp(str, "selfsub") == 0) + mtype = DNS_SSUMATCHTYPE_SELFSUB; + else if (strcasecmp(str, "selfwild") == 0) + mtype = DNS_SSUMATCHTYPE_SELFWILD; else INSIST(0); @@ -235,7 +243,7 @@ configure_zone_ssutable(const cfg_obj_t *zconfig, dns_zone_t *zone) { return (result); } -/* +/*% * Convert a config file zone type into a server zone type. */ static inline dns_zonetype_t @@ -248,7 +256,7 @@ zonetype_fromconfig(const cfg_obj_t *map) { return (ns_config_getzonetype(obj)); } -/* +/*% * Helper function for strtoargv(). Pardon the gratuitous recursion. */ static isc_result_t @@ -282,7 +290,7 @@ strtoargvsub(isc_mem_t *mctx, char *s, unsigned int *argcp, return (ISC_R_SUCCESS); } -/* +/*% * Tokenize the string "s" into whitespace-separated words, * return the number of words in '*argcp' and an array * of pointers to the words in '*argvp'. The caller @@ -313,7 +321,7 @@ checknames(dns_zonetype_t ztype, const cfg_obj_t **maps, isc_result_t ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, - const cfg_obj_t *zconfig, ns_aclconfctx_t *ac, + const cfg_obj_t *zconfig, cfg_aclconfctx_t *ac, dns_zone_t *zone) { isc_result_t result; @@ -342,6 +350,9 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, isc_boolean_t alt; dns_view_t *view; isc_boolean_t check = ISC_FALSE, fail = ISC_FALSE; + isc_boolean_t warn = ISC_FALSE, ignore = ISC_FALSE; + isc_boolean_t ixfrdiff; + dns_masterformat_t masterformat; i = 0; if (zconfig != NULL) { @@ -409,7 +420,26 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, result = cfg_map_get(zoptions, "file", &obj); if (result == ISC_R_SUCCESS) filename = cfg_obj_asstring(obj); - RETERR(dns_zone_setfile(zone, filename)); + + masterformat = dns_masterformat_text; + obj = NULL; + result= ns_config_get(maps, "masterfile-format", &obj); + if (result == ISC_R_SUCCESS) { + const char *masterformatstr = cfg_obj_asstring(obj); + + if (strcasecmp(masterformatstr, "text") == 0) + masterformat = dns_masterformat_text; + else if (strcasecmp(masterformatstr, "raw") == 0) + masterformat = dns_masterformat_raw; + else + INSIST(0); + } + RETERR(dns_zone_setfile2(zone, filename, masterformat)); + + obj = NULL; + result = cfg_map_get(zoptions, "journal", &obj); + if (result == ISC_R_SUCCESS) + RETERR(dns_zone_setjournal(zone, cfg_obj_asstring(obj))); if (ztype == dns_zone_slave) RETERR(configure_zone_acl(zconfig, vconfig, config, @@ -470,6 +500,8 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, const char *notifystr = cfg_obj_asstring(obj); if (strcasecmp(notifystr, "explicit") == 0) notifytype = dns_notifytype_explicit; + else if (strcasecmp(notifystr, "master-only") == 0) + notifytype = dns_notifytype_masteronly; else INSIST(0); } @@ -504,6 +536,8 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, RETERR(dns_zone_setnotifysrc6(zone, cfg_obj_assockaddr(obj))); ns_add_reserved_dispatch(ns_g_server, cfg_obj_assockaddr(obj)); + dns_zone_setisself(zone, ns_client_isself, NULL); + RETERR(configure_zone_acl(zconfig, vconfig, config, "allow-transfer", ac, zone, dns_zone_setxfracl, @@ -546,8 +580,17 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, obj = NULL; result = ns_config_get(maps, "ixfr-from-differences", &obj); INSIST(result == ISC_R_SUCCESS); - dns_zone_setoption(zone, DNS_ZONEOPT_IXFRFROMDIFFS, - cfg_obj_asboolean(obj)); + if (cfg_obj_isboolean(obj)) + ixfrdiff = cfg_obj_asboolean(obj); + else if (strcasecmp(cfg_obj_asstring(obj), "master") && + ztype == dns_zone_master) + ixfrdiff = ISC_TRUE; + else if (strcasecmp(cfg_obj_asstring(obj), "slave") && + ztype == dns_zone_slave) + ixfrdiff = ISC_TRUE; + else + ixfrdiff = ISC_FALSE; + dns_zone_setoption(zone, DNS_ZONEOPT_IXFRFROMDIFFS, ixfrdiff); checknames(ztype, maps, &obj); INSIST(obj != NULL); @@ -562,6 +605,128 @@ ns_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, INSIST(0); dns_zone_setoption(zone, DNS_ZONEOPT_CHECKNAMES, check); dns_zone_setoption(zone, DNS_ZONEOPT_CHECKNAMESFAIL, fail); + + obj = NULL; + result = ns_config_get(maps, "notify-delay", &obj); + INSIST(result == ISC_R_SUCCESS); + dns_zone_setnotifydelay(zone, cfg_obj_asuint32(obj)); + + obj = NULL; + result = ns_config_get(maps, "check-sibling", &obj); + INSIST(result == ISC_R_SUCCESS); + dns_zone_setoption(zone, DNS_ZONEOPT_CHECKSIBLING, + cfg_obj_asboolean(obj)); + + obj = NULL; + result = ns_config_get(maps, "zero-no-soa-ttl", &obj); + INSIST(result == ISC_R_SUCCESS); + dns_zone_setzeronosoattl(zone, cfg_obj_asboolean(obj)); + } + + /* + * Configure update-related options. These apply to + * primary masters only. + */ + if (ztype == dns_zone_master) { + dns_acl_t *updateacl; + RETERR(configure_zone_acl(zconfig, vconfig, config, + "allow-update", ac, zone, + dns_zone_setupdateacl, + dns_zone_clearupdateacl)); + + updateacl = dns_zone_getupdateacl(zone); + if (updateacl != NULL && dns_acl_isinsecure(updateacl)) + isc_log_write(ns_g_lctx, DNS_LOGCATEGORY_SECURITY, + NS_LOGMODULE_SERVER, ISC_LOG_WARNING, + "zone '%s' allows updates by IP " + "address, which is insecure", + zname); + + RETERR(configure_zone_ssutable(zoptions, zone)); + + obj = NULL; + result = ns_config_get(maps, "sig-validity-interval", &obj); + INSIST(result == ISC_R_SUCCESS); + dns_zone_setsigvalidityinterval(zone, + cfg_obj_asuint32(obj) * 86400); + + obj = NULL; + result = ns_config_get(maps, "key-directory", &obj); + if (result == ISC_R_SUCCESS) { + filename = cfg_obj_asstring(obj); + if (!isc_file_isabsolute(filename)) { + cfg_obj_log(obj, ns_g_lctx, ISC_LOG_ERROR, + "key-directory '%s' " + "is not absolute", filename); + return (ISC_R_FAILURE); + } + RETERR(dns_zone_setkeydirectory(zone, filename)); + } + + obj = NULL; + result = ns_config_get(maps, "check-wildcard", &obj); + if (result == ISC_R_SUCCESS) + check = cfg_obj_asboolean(obj); + else + check = ISC_FALSE; + dns_zone_setoption(zone, DNS_ZONEOPT_CHECKWILDCARD, check); + + obj = NULL; + result = ns_config_get(maps, "check-mx", &obj); + INSIST(obj != NULL); + if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) { + fail = ISC_FALSE; + check = ISC_TRUE; + } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) { + fail = check = ISC_TRUE; + } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) { + fail = check = ISC_FALSE; + } else + INSIST(0); + dns_zone_setoption(zone, DNS_ZONEOPT_CHECKMX, check); + dns_zone_setoption(zone, DNS_ZONEOPT_CHECKMXFAIL, fail); + + obj = NULL; + result = ns_config_get(maps, "check-integrity", &obj); + INSIST(obj != NULL); + dns_zone_setoption(zone, DNS_ZONEOPT_CHECKINTEGRITY, + cfg_obj_asboolean(obj)); + + obj = NULL; + result = ns_config_get(maps, "check-mx-cname", &obj); + INSIST(obj != NULL); + if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) { + warn = ISC_TRUE; + ignore = ISC_FALSE; + } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) { + warn = ignore = ISC_FALSE; + } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) { + warn = ignore = ISC_TRUE; + } else + INSIST(0); + dns_zone_setoption(zone, DNS_ZONEOPT_WARNMXCNAME, warn); + dns_zone_setoption(zone, DNS_ZONEOPT_IGNOREMXCNAME, ignore); + + obj = NULL; + result = ns_config_get(maps, "check-srv-cname", &obj); + INSIST(obj != NULL); + if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) { + warn = ISC_TRUE; + ignore = ISC_FALSE; + } else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) { + warn = ignore = ISC_FALSE; + } else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) { + warn = ignore = ISC_TRUE; + } else + INSIST(0); + dns_zone_setoption(zone, DNS_ZONEOPT_WARNSRVCNAME, warn); + dns_zone_setoption(zone, DNS_ZONEOPT_IGNORESRVCNAME, ignore); + + obj = NULL; + result = ns_config_get(maps, "update-check-ksk", &obj); + INSIST(result == ISC_R_SUCCESS); + dns_zone_setoption(zone, DNS_ZONEOPT_UPDATECHECKKSK, + cfg_obj_asboolean(obj)); } /* diff --git a/usr.sbin/bind/bin/nsupdate/Makefile.in b/usr.sbin/bind/bin/nsupdate/Makefile.in index 44788cd0e0f..2f546cdfc8e 100644 --- a/usr.sbin/bind/bin/nsupdate/Makefile.in +++ b/usr.sbin/bind/bin/nsupdate/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.15.12.10 2004/07/20 07:01:49 marka Exp $ +# $ISC: Makefile.in,v 1.22.18.1 2004/07/20 07:03:20 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/bin/rndc/Makefile.in b/usr.sbin/bind/bin/rndc/Makefile.in index 474bc7dbd45..4a2b7104ada 100644 --- a/usr.sbin/bind/bin/rndc/Makefile.in +++ b/usr.sbin/bind/bin/rndc/Makefile.in @@ -1,7 +1,7 @@ -# Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2007 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2000-2002 Internet Software Consortium. # -# Permission to use, copy, modify, and distribute this software for any +# Permission to use, copy, modify, and/or distribute this software for any # purpose with or without fee is hereby granted, provided that the above # copyright notice and this permission notice appear in all copies. # @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.32.2.3.8.8 2004/07/20 07:01:50 marka Exp $ +# $ISC: Makefile.in,v 1.40.18.4 2007/08/28 07:20:01 tbox Exp $ srcdir = @srcdir@ VPATH = @srcdir@ @@ -47,6 +47,8 @@ RNDCDEPLIBS = ${ISCCFGDEPLIBS} ${ISCCCDEPLIBS} ${BIND9DEPLIBS} ${DNSDEPLIBS} ${I CONFLIBS = ${DNSLIBS} ${ISCLIBS} @LIBS@ CONFDEPLIBS = ${DNSDEPLIBS} ${ISCDEPLIBS} +SRCS= rndc.c rndc-confgen.c + SUBDIRS = unix TARGETS = rndc@EXEEXT@ rndc-confgen@EXEEXT@ diff --git a/usr.sbin/bind/bin/rndc/include/rndc/os.h b/usr.sbin/bind/bin/rndc/include/rndc/os.h index 70665820b10..c958540bae2 100644 --- a/usr.sbin/bind/bin/rndc/include/rndc/os.h +++ b/usr.sbin/bind/bin/rndc/include/rndc/os.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: os.h,v 1.4.206.1 2004/03/06 10:21:33 marka Exp $ */ +/* $ISC: os.h,v 1.5.18.2 2005/04/29 00:15:41 marka Exp $ */ + +/*! \file */ #ifndef RNDC_OS_H #define RNDC_OS_H 1 @@ -26,13 +28,13 @@ ISC_LANG_BEGINDECLS FILE *safe_create(const char *filename); -/* +/*%< * Open 'filename' for writing, truncate if necessary. If the file was * created ensure that only the owner can read/write it. */ int set_user(FILE *fd, const char *user); -/* +/*%< * Set the owner of the file refernced by 'fd' to 'user'. * Returns: * 0 success diff --git a/usr.sbin/bind/bin/rndc/rndc.conf b/usr.sbin/bind/bin/rndc/rndc.conf index 1629a92e30d..045391156b0 100644 --- a/usr.sbin/bind/bin/rndc/rndc.conf +++ b/usr.sbin/bind/bin/rndc/rndc.conf @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rndc.conf,v 1.7.206.1 2004/03/06 10:21:32 marka Exp $ */ +/* $ISC: rndc.conf,v 1.8.18.1 2004/06/18 04:39:39 marka Exp $ */ /* * Sample rndc configuration file. @@ -30,6 +30,17 @@ server localhost { key "key"; }; +key "cc64b3d1db63fc88d7cb5d2f9f57d258" { + algorithm hmac-md5; + secret "34f88008d07deabbe65bd01f1d233d47"; +}; + +server "test1" { + key "cc64b3d1db63fc88d7cb5d2f9f57d258"; + port 5353; + addresses { 10.53.0.1; }; +}; + key "key" { algorithm hmac-md5; secret "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K"; diff --git a/usr.sbin/bind/bin/rndc/rndc.conf.5 b/usr.sbin/bind/bin/rndc/rndc.conf.5 index dbb2fbae3d7..23a1c6b9ccf 100644 --- a/usr.sbin/bind/bin/rndc/rndc.conf.5 +++ b/usr.sbin/bind/bin/rndc/rndc.conf.5 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: rndc.conf.5,v 1.21.206.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: rndc.conf.5,v 1.23.18.15 2007/05/09 13:35:47 marka Exp $ .\" .hy 0 .ad l .\" Title: \fIrndc.conf\fR .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: June 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -53,7 +53,7 @@ is much simpler than .PP The \fBoptions\fR -statement contains three clauses. The +statement contains five clauses. The \fBdefault\-server\fR clause is followed by the name or address of a name server. This host will be used when no name server is given as an argument to \fBrndc\fR. The @@ -74,14 +74,25 @@ option is provided on the rndc command line, and no \fBport\fR clause is found in a matching \fBserver\fR -statement, this default port will be used to connect. +statement, this default port will be used to connect. The +\fBdefault\-source\-address\fR +and +\fBdefault\-source\-address\-v6\fR +clauses which can be used to set the IPv4 and IPv6 source addresses respectively. .PP After the \fBserver\fR -keyword, the server statement includes a string which is the hostname or address for a name server. The statement has two possible clauses: -\fBkey\fR +keyword, the server statement includes a string which is the hostname or address for a name server. The statement has three possible clauses: +\fBkey\fR, +\fBport\fR and -\fBport\fR. The key name must match the name of a key statement in the file. The port number specifies the port to connect to. +\fBaddresses\fR. The key name must match the name of a key statement in the file. The port number specifies the port to connect to. If an +\fBaddresses\fR +clause is supplied these addresses will be used instead of the server name. Each address can take an optional port. If an +\fBsource\-address\fR +or +\fBsource\-address\-v6\fR +of supplied then these will be used to specify the IPv4 and IPv6 source addresses respectively. .PP The \fBkey\fR @@ -100,27 +111,66 @@ program, also known as \fBmmencode\fR does not ship with BIND 9 but is available on many systems. See the EXAMPLE section for sample command lines for each. .SH "EXAMPLE" -.sp -.RS 3n +.PP +.RS 4 .nf - options { + options { default\-server localhost; default\-key samplekey; }; +.fi +.RE +.sp +.PP +.RS 4 +.nf server localhost { key samplekey; }; +.fi +.RE +.sp +.PP +.RS 4 +.nf + server testserver { + key testkey; + addresses { localhost port 5353; }; + }; +.fi +.RE +.sp +.PP +.RS 4 +.nf key samplekey { algorithm hmac\-md5; - secret "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K"; + secret "6FMfj43Osz4lyb24OIe2iGEz9lf1llJO+lz"; }; .fi .RE +.sp +.PP +.RS 4 +.nf + key testkey { + algorithm hmac\-md5; + secret "R3HI8P6BKw9ZwXwN3VZKuQ=="; + }; +.fi +.RE +.sp .PP In the above example, \fBrndc\fR will by default use the server at localhost (127.0.0.1) and the key called samplekey. Commands to the localhost server will use the samplekey key, which must also be defined in the server's configuration file with the same name and secret. The key statement indicates that samplekey uses the HMAC\-MD5 algorithm and its secret clause contains the base\-64 encoding of the HMAC\-MD5 secret enclosed in double quotes. .PP +If +\fBrndc \-s testserver\fR +is used then +\fBrndc\fR +will connect to server on localhost port 5353 using the key testkey. +.PP To generate a random secret with \fBrndc\-confgen\fR: .PP @@ -128,7 +178,7 @@ To generate a random secret with .PP A complete \fIrndc.conf\fR -file, including the randomly generated key, will be written to the standard output. Commented out +file, including the randomly generated key, will be written to the standard output. Commented\-out \fBkey\fR and \fBcontrols\fR @@ -158,4 +208,7 @@ BIND 9 Administrator Reference Manual. .PP Internet Systems Consortium .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/bin/rndc/rndc.conf.docbook b/usr.sbin/bind/bin/rndc/rndc.conf.docbook index 78738688fe7..617cf2b8801 100644 --- a/usr.sbin/bind/bin/rndc/rndc.conf.docbook +++ b/usr.sbin/bind/bin/rndc/rndc.conf.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,9 +18,8 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: rndc.conf.docbook,v 1.4.206.4 2005/05/12 21:36:04 sra Exp $ --> - -<refentry> +<!-- $ISC: rndc.conf.docbook,v 1.5.18.12 2007/08/28 07:20:01 tbox Exp $ --> +<refentry id="man.rndc.conf"> <refentryinfo> <date>June 30, 2000</date> </refentryinfo> @@ -31,10 +30,16 @@ <refmiscinfo>BIND9</refmiscinfo> </refmeta> + <refnamediv> + <refname><filename>rndc.conf</filename></refname> + <refpurpose>rndc configuration file</refpurpose> + </refnamediv> + <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -44,11 +49,6 @@ </copyright> </docinfo> - <refnamediv> - <refname><filename>rndc.conf</filename></refname> - <refpurpose>rndc configuration file</refpurpose> - </refnamediv> - <refsynopsisdiv> <cmdsynopsis> <command>rndc.conf</command> @@ -57,152 +57,183 @@ <refsect1> <title>DESCRIPTION</title> - <para> - <filename>rndc.conf</filename> is the configuration file - for <command>rndc</command>, the BIND 9 name server control - utility. This file has a similar structure and syntax to - <filename>named.conf</filename>. Statements are enclosed - in braces and terminated with a semi-colon. Clauses in - the statements are also semi-colon terminated. The usual - comment styles are supported: - </para> - <para> - C style: /* */ - </para> - <para> - C++ style: // to end of line - </para> - <para> - Unix style: # to end of line - </para> - <para> - <filename>rndc.conf</filename> is much simpler than - <filename>named.conf</filename>. The file uses three - statements: an options statement, a server statement - and a key statement. - </para> - <para> - The <option>options</option> statement contains three clauses. - The <option>default-server</option> clause is followed by the - name or address of a name server. This host will be used when - no name server is given as an argument to - <command>rndc</command>. The <option>default-key</option> - clause is followed by the name of a key which is identified by - a <option>key</option> statement. If no - <option>keyid</option> is provided on the rndc command line, - and no <option>key</option> clause is found in a matching - <option>server</option> statement, this default key will be - used to authenticate the server's commands and responses. The - <option>default-port</option> clause is followed by the port - to connect to on the remote name server. If no - <option>port</option> option is provided on the rndc command - line, and no <option>port</option> clause is found in a - matching <option>server</option> statement, this default port - will be used to connect. - </para> - <para> - After the <option>server</option> keyword, the server statement - includes a string which is the hostname or address for a name - server. The statement has two possible clauses: - <option>key</option> and <option>port</option>. The key name must - match the name of a key statement in the file. The port number - specifies the port to connect to. - </para> - <para> - The <option>key</option> statement begins with an identifying - string, the name of the key. The statement has two clauses. - <option>algorithm</option> identifies the encryption algorithm - for <command>rndc</command> to use; currently only HMAC-MD5 is - supported. This is followed by a secret clause which contains - the base-64 encoding of the algorithm's encryption key. The - base-64 string is enclosed in double quotes. - </para> - <para> - There are two common ways to generate the base-64 string for the - secret. The BIND 9 program <command>rndc-confgen</command> can - be used to generate a random key, or the - <command>mmencode</command> program, also known as - <command>mimencode</command>, can be used to generate a base-64 - string from known input. <command>mmencode</command> does not - ship with BIND 9 but is available on many systems. See the - EXAMPLE section for sample command lines for each. + <para><filename>rndc.conf</filename> is the configuration file + for <command>rndc</command>, the BIND 9 name server control + utility. This file has a similar structure and syntax to + <filename>named.conf</filename>. Statements are enclosed + in braces and terminated with a semi-colon. Clauses in + the statements are also semi-colon terminated. The usual + comment styles are supported: + </para> + <para> + C style: /* */ + </para> + <para> + C++ style: // to end of line + </para> + <para> + Unix style: # to end of line + </para> + <para><filename>rndc.conf</filename> is much simpler than + <filename>named.conf</filename>. The file uses three + statements: an options statement, a server statement + and a key statement. + </para> + <para> + The <option>options</option> statement contains five clauses. + The <option>default-server</option> clause is followed by the + name or address of a name server. This host will be used when + no name server is given as an argument to + <command>rndc</command>. The <option>default-key</option> + clause is followed by the name of a key which is identified by + a <option>key</option> statement. If no + <option>keyid</option> is provided on the rndc command line, + and no <option>key</option> clause is found in a matching + <option>server</option> statement, this default key will be + used to authenticate the server's commands and responses. The + <option>default-port</option> clause is followed by the port + to connect to on the remote name server. If no + <option>port</option> option is provided on the rndc command + line, and no <option>port</option> clause is found in a + matching <option>server</option> statement, this default port + will be used to connect. + The <option>default-source-address</option> and + <option>default-source-address-v6</option> clauses which + can be used to set the IPv4 and IPv6 source addresses + respectively. + </para> + <para> + After the <option>server</option> keyword, the server + statement includes a string which is the hostname or address + for a name server. The statement has three possible clauses: + <option>key</option>, <option>port</option> and + <option>addresses</option>. The key name must match the + name of a key statement in the file. The port number + specifies the port to connect to. If an <option>addresses</option> + clause is supplied these addresses will be used instead of + the server name. Each address can take an optional port. + If an <option>source-address</option> or <option>source-address-v6</option> + of supplied then these will be used to specify the IPv4 and IPv6 + source addresses respectively. + </para> + <para> + The <option>key</option> statement begins with an identifying + string, the name of the key. The statement has two clauses. + <option>algorithm</option> identifies the encryption algorithm + for <command>rndc</command> to use; currently only HMAC-MD5 + is + supported. This is followed by a secret clause which contains + the base-64 encoding of the algorithm's encryption key. The + base-64 string is enclosed in double quotes. + </para> + <para> + There are two common ways to generate the base-64 string for the + secret. The BIND 9 program <command>rndc-confgen</command> + can + be used to generate a random key, or the + <command>mmencode</command> program, also known as + <command>mimencode</command>, can be used to generate a + base-64 + string from known input. <command>mmencode</command> does + not + ship with BIND 9 but is available on many systems. See the + EXAMPLE section for sample command lines for each. </para> </refsect1> <refsect1> <title>EXAMPLE</title> - <programlisting> - options { + <para><programlisting> + options { default-server localhost; default-key samplekey; }; - +</programlisting> + </para> + <para><programlisting> server localhost { key samplekey; }; - +</programlisting> + </para> + <para><programlisting> + server testserver { + key testkey; + addresses { localhost port 5353; }; + }; +</programlisting> + </para> + <para><programlisting> key samplekey { algorithm hmac-md5; - secret "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K"; + secret "6FMfj43Osz4lyb24OIe2iGEz9lf1llJO+lz"; + }; +</programlisting> + </para> + <para><programlisting> + key testkey { + algorithm hmac-md5; + secret "R3HI8P6BKw9ZwXwN3VZKuQ=="; }; </programlisting> + </para> <para> - In the above example, <command>rndc</command> will by default use - the server at localhost (127.0.0.1) and the key called samplekey. - Commands to the localhost server will use the samplekey key, which - must also be defined in the server's configuration file with the - same name and secret. The key statement indicates that samplekey - uses the HMAC-MD5 algorithm and its secret clause contains the - base-64 encoding of the HMAC-MD5 secret enclosed in double quotes. + In the above example, <command>rndc</command> will by + default use + the server at localhost (127.0.0.1) and the key called samplekey. + Commands to the localhost server will use the samplekey key, which + must also be defined in the server's configuration file with the + same name and secret. The key statement indicates that samplekey + uses the HMAC-MD5 algorithm and its secret clause contains the + base-64 encoding of the HMAC-MD5 secret enclosed in double quotes. </para> <para> - To generate a random secret with <command>rndc-confgen</command>: + If <command>rndc -s testserver</command> is used then <command>rndc</command> will + connect to server on localhost port 5353 using the key testkey. </para> <para> - <userinput>rndc-confgen</userinput> + To generate a random secret with <command>rndc-confgen</command>: </para> - <para> - A complete <filename>rndc.conf</filename> file, including the - randomly generated key, will be written to the standard - output. Commented out <option>key</option> and - <option>controls</option> statements for - <filename>named.conf</filename> are also printed. + <para><userinput>rndc-confgen</userinput> </para> <para> - To generate a base-64 secret with <command>mmencode</command>: + A complete <filename>rndc.conf</filename> file, including + the + randomly generated key, will be written to the standard + output. Commented-out <option>key</option> and + <option>controls</option> statements for + <filename>named.conf</filename> are also printed. </para> <para> - <userinput>echo "known plaintext for a secret" | mmencode</userinput> + To generate a base-64 secret with <command>mmencode</command>: + </para> + <para><userinput>echo "known plaintext for a secret" | mmencode</userinput> </para> </refsect1> <refsect1> <title>NAME SERVER CONFIGURATION</title> <para> - The name server must be configured to accept rndc connections and - to recognize the key specified in the <filename>rndc.conf</filename> - file, using the controls statement in <filename>named.conf</filename>. - See the sections on the <option>controls</option> statement in the - BIND 9 Administrator Reference Manual for details. + The name server must be configured to accept rndc connections and + to recognize the key specified in the <filename>rndc.conf</filename> + file, using the controls statement in <filename>named.conf</filename>. + See the sections on the <option>controls</option> statement in the + BIND 9 Administrator Reference Manual for details. </para> </refsect1> <refsect1> <title>SEE ALSO</title> - <para> - <citerefentry> - <refentrytitle>rndc</refentrytitle> - <manvolnum>8</manvolnum> + <para><citerefentry> + <refentrytitle>rndc</refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> - <refentrytitle>rndc-confgen</refentrytitle> - <manvolnum>8</manvolnum> + <refentrytitle>rndc-confgen</refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> - <refentrytitle>mmencode</refentrytitle> - <manvolnum>1</manvolnum> + <refentrytitle>mmencode</refentrytitle><manvolnum>1</manvolnum> </citerefentry>, <citetitle>BIND 9 Administrator Reference Manual</citetitle>. </para> @@ -210,16 +241,12 @@ <refsect1> <title>AUTHOR</title> - <para> - <corpauthor>Internet Systems Consortium</corpauthor> + <para><corpauthor>Internet Systems Consortium</corpauthor> </para> </refsect1> -</refentry> - -<!-- +</refentry><!-- - Local variables: - mode: sgml - End: --> - diff --git a/usr.sbin/bind/bin/rndc/unix/Makefile.in b/usr.sbin/bind/bin/rndc/unix/Makefile.in index 8b0607bfd1e..30550e42c54 100644 --- a/usr.sbin/bind/bin/rndc/unix/Makefile.in +++ b/usr.sbin/bind/bin/rndc/unix/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.1.12.3 2004/03/08 04:04:24 marka Exp $ +# $ISC: Makefile.in,v 1.3 2004/03/05 04:58:29 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/bin/rndc/util.c b/usr.sbin/bind/bin/rndc/util.c index 46c0d3016ae..596fb0bda2b 100644 --- a/usr.sbin/bind/bin/rndc/util.c +++ b/usr.sbin/bind/bin/rndc/util.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: util.c,v 1.2.206.1 2004/03/06 10:21:32 marka Exp $ */ +/* $ISC: util.c,v 1.3.18.2 2005/04/29 00:15:40 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/bin/rndc/util.h b/usr.sbin/bind/bin/rndc/util.h index ca4242a62e7..81d352791c7 100644 --- a/usr.sbin/bind/bin/rndc/util.h +++ b/usr.sbin/bind/bin/rndc/util.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: util.h,v 1.5.206.1 2004/03/06 10:21:32 marka Exp $ */ +/* $ISC: util.h,v 1.6.18.2 2005/04/29 00:15:41 marka Exp $ */ #ifndef RNDC_UTIL_H #define RNDC_UTIL_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/formatcheck.h> diff --git a/usr.sbin/bind/bin/tests/system/masterformat/clean.sh b/usr.sbin/bind/bin/tests/system/masterformat/clean.sh new file mode 100644 index 00000000000..eba7eddb478 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/masterformat/clean.sh @@ -0,0 +1,22 @@ +#!/bin/sh +# +# Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: clean.sh,v 1.2.2.1 2005/06/20 01:19:29 marka Exp $ + +rm -f named-compilezone +rm -f ns1/example.db.raw +rm -f ns2/example.db +rm -f dig.out.* diff --git a/usr.sbin/bind/bin/tests/system/masterformat/ns1/compile.sh b/usr.sbin/bind/bin/tests/system/masterformat/ns1/compile.sh new file mode 100644 index 00000000000..b5fca5cddf3 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/masterformat/ns1/compile.sh @@ -0,0 +1,17 @@ +# Copyright (C) 2005, 2006 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: compile.sh,v 1.2.2.3 2006/01/07 00:23:34 marka Exp $ + +../named-compilezone -D -F raw -o example.db.raw example example.db diff --git a/usr.sbin/bind/bin/tests/system/masterformat/ns1/example.db b/usr.sbin/bind/bin/tests/system/masterformat/ns1/example.db new file mode 100644 index 00000000000..ceebcba1e1c --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/masterformat/ns1/example.db @@ -0,0 +1,54 @@ +; Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $ISC: example.db,v 1.2.2.2 2005/06/22 00:13:09 marka Exp $ + +$TTL 1D + +@ IN SOA ns hostmaster ( + 1 + 3600 + 1800 + 1814400 + 3 + ) + NS ns +ns A 10.53.0.1 +mx MX 10 mail +a A 10.53.0.1 + A 10.53.0.2 +aaaa AAAA 2001:db8::53 +cname CNAME cname-target +dname DNAME dname-target +txt TXT "this is text" + +;; +;; we are not testing DNSSEC behavior, so we don't care about the semantics +;; of the following records. +dnskey 300 DNSKEY 256 3 1 ( + AQPTpWyReB/e9Ii6mVGnakS8hX2zkh/iUYAg + +Ge4noWROpTWOIBvm76zeJPWs4Zfqa1IsswD + Ix5Mqeg0zwclz59uecKsKyx5w9IhtZ8plc4R + b9VIE5x7KNHAYTvTO5d4S8M= + ) +ds 300 DS 30795 1 1 ( + 310D27F4D82C1FC2400704EA9939FE6E1CEA + A3B9 ) +nsec 600 NSEC nsecnext NS DS RRSIG NSEC +rrsig 300 RRSIG SOA 1 0 300 20050714214747 ( + 20050614214747 30795 . + yi/RRPAQmn6rnjDQaCqVValBa+ICF00ZldKf + ZSDaoew5mMUh83DlrrPPNeAxrzMSNzDGlJ6P + fdyIFgzPn/CvthF4kjBUAiJTp4r2zhlaUJQ+ + QFo+drYXYgVJo6aA36fj ) diff --git a/usr.sbin/bind/bin/tests/system/masterformat/ns1/named.conf b/usr.sbin/bind/bin/tests/system/masterformat/ns1/named.conf new file mode 100644 index 00000000000..9b1e92494d0 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/masterformat/ns1/named.conf @@ -0,0 +1,36 @@ +/* + * Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: named.conf,v 1.2.2.1 2005/06/20 01:19:32 marka Exp $ */ + +// NS1 + +controls { /* empty */ }; + +options { + pid-file "named.pid"; + listen-on port 5300 { 10.53.0.1; }; + listen-on-v6 { none; }; + recursion no; + notify no; + dnssec-enable yes; +}; + +zone "example" { + type master; + masterfile-format raw; + file "example.db.raw"; +}; diff --git a/usr.sbin/bind/bin/tests/system/masterformat/ns2/named.conf b/usr.sbin/bind/bin/tests/system/masterformat/ns2/named.conf new file mode 100644 index 00000000000..8777116f8b2 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/masterformat/ns2/named.conf @@ -0,0 +1,35 @@ +/* + * Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: named.conf,v 1.2.2.1 2005/06/20 01:19:33 marka Exp $ */ + +// NS2 + +controls { /* empty */ }; + +options { + pid-file "named.pid"; + listen-on port 5300 { 10.53.0.2; }; + listen-on-v6 { none; }; + recursion no; + notify no; + dnssec-enable yes; +}; + +zone "example" { + type master; + file "example.db"; +}; diff --git a/usr.sbin/bind/bin/tests/system/masterformat/setup.sh b/usr.sbin/bind/bin/tests/system/masterformat/setup.sh new file mode 100644 index 00000000000..37ef16d78b7 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/masterformat/setup.sh @@ -0,0 +1,20 @@ +# Copyright (C) 2005, 2006 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: setup.sh,v 1.2.2.3 2006/01/07 00:23:34 marka Exp $ + +ln -s $CHECKZONE named-compilezone +rm -f ns1/example.db.raw +cp ns1/example.db ns2/ +cd ns1 && sh compile.sh diff --git a/usr.sbin/bind/bin/tests/system/masterformat/tests.sh b/usr.sbin/bind/bin/tests/system/masterformat/tests.sh new file mode 100644 index 00000000000..4a6b202c54a --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/masterformat/tests.sh @@ -0,0 +1,80 @@ +#!/bin/sh +# +# Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: tests.sh,v 1.2.2.1 2005/06/20 01:19:30 marka Exp $ + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +DIGOPTS="+tcp +noauth +noadd +nosea +nostat +noquest +nocomm +nocmd" + +status=0 + +echo "I:checking that master file in the raw format worked" + +for server in 1 2 +do + for name in ns mx a aaaa cname dname txt rrsig nsec dnskey ds + do + $DIG $DIGOPTS $name.example. $name @10.53.0.$server -p 5300 + echo + done > dig.out.$server +done + +diff dig.out.1 dig.out.2 || status=1 + +echo "I:exit status: $status" +exit $status +#!/bin/sh +# +# Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: tests.sh,v 1.2.2.1 2005/06/20 01:19:30 marka Exp $ + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +DIGOPTS="+tcp +noauth +noadd +nosea +nostat +noquest +nocomm +nocmd" + +status=0 + +echo "I:checking that master file in the raw format worked" + +for server in 1 2 +do + for name in ns mx a aaaa cname dname txt rrsig nsec dnskey ds + do + $DIG $DIGOPTS $name.example. $name @10.53.0.$server -p 5300 + echo + done > dig.out.$server +done + +diff dig.out.1 dig.out.2 || status=1 + +echo "I:exit status: $status" +exit $status diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/clean.sh b/usr.sbin/bind/bin/tests/system/rrsetorder/clean.sh new file mode 100644 index 00000000000..a44f5d517a8 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/clean.sh @@ -0,0 +1,22 @@ +#!/bin/sh +# +# Copyright (C) 2006 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: clean.sh,v 1.2.2.2 2006/03/05 23:58:51 marka Exp $ + +rm -f dig.out.cyclic dig.out.fixed dig.out.random +rm -f ns2/root.bk +rm -f ns?/named.run ns?/named.core + diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.cyclic.good1 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.cyclic.good1 new file mode 100644 index 00000000000..d2ca6fc3661 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.cyclic.good1 @@ -0,0 +1,4 @@ +1.2.3.1 +1.2.3.4 +1.2.3.3 +1.2.3.2 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.cyclic.good2 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.cyclic.good2 new file mode 100644 index 00000000000..c25c75601e9 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.cyclic.good2 @@ -0,0 +1,4 @@ +1.2.3.4 +1.2.3.3 +1.2.3.2 +1.2.3.1 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.cyclic.good3 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.cyclic.good3 new file mode 100644 index 00000000000..e8deb6717db --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.cyclic.good3 @@ -0,0 +1,4 @@ +1.2.3.3 +1.2.3.2 +1.2.3.1 +1.2.3.4 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.cyclic.good4 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.cyclic.good4 new file mode 100644 index 00000000000..3b276939588 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.cyclic.good4 @@ -0,0 +1,4 @@ +1.2.3.2 +1.2.3.1 +1.2.3.4 +1.2.3.3 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.fixed.good b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.fixed.good new file mode 100644 index 00000000000..eaf9c631524 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.fixed.good @@ -0,0 +1,4 @@ +1.2.3.4 +1.2.3.3 +1.2.3.1 +1.2.3.2 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good1 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good1 new file mode 100644 index 00000000000..c272c756e22 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good1 @@ -0,0 +1,4 @@ +1.2.3.1 +1.2.3.2 +1.2.3.3 +1.2.3.4 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good10 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good10 new file mode 100644 index 00000000000..6a39e3f3eb6 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good10 @@ -0,0 +1,4 @@ +1.2.3.2 +1.2.3.3 +1.2.3.4 +1.2.3.1 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good11 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good11 new file mode 100644 index 00000000000..efbc79247e9 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good11 @@ -0,0 +1,4 @@ +1.2.3.2 +1.2.3.4 +1.2.3.1 +1.2.3.3 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good12 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good12 new file mode 100644 index 00000000000..c859a2e6d8e --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good12 @@ -0,0 +1,4 @@ +1.2.3.2 +1.2.3.4 +1.2.3.3 +1.2.3.1 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good13 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good13 new file mode 100644 index 00000000000..49bf54b2a91 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good13 @@ -0,0 +1,4 @@ +1.2.3.3 +1.2.3.1 +1.2.3.2 +1.2.3.4 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good14 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good14 new file mode 100644 index 00000000000..974aa898ee4 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good14 @@ -0,0 +1,4 @@ +1.2.3.3 +1.2.3.1 +1.2.3.4 +1.2.3.2 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good15 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good15 new file mode 100644 index 00000000000..e8deb6717db --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good15 @@ -0,0 +1,4 @@ +1.2.3.3 +1.2.3.2 +1.2.3.1 +1.2.3.4 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good16 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good16 new file mode 100644 index 00000000000..f4670876fef --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good16 @@ -0,0 +1,4 @@ +1.2.3.3 +1.2.3.2 +1.2.3.4 +1.2.3.1 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good17 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good17 new file mode 100644 index 00000000000..6082a255fca --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good17 @@ -0,0 +1,4 @@ +1.2.3.3 +1.2.3.4 +1.2.3.1 +1.2.3.2 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good18 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good18 new file mode 100644 index 00000000000..07eefa0ec3d --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good18 @@ -0,0 +1,4 @@ +1.2.3.3 +1.2.3.4 +1.2.3.2 +1.2.3.1 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good19 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good19 new file mode 100644 index 00000000000..a5530c658ff --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good19 @@ -0,0 +1,4 @@ +1.2.3.4 +1.2.3.1 +1.2.3.2 +1.2.3.3 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good2 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good2 new file mode 100644 index 00000000000..00da93a4d44 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good2 @@ -0,0 +1,4 @@ +1.2.3.1 +1.2.3.2 +1.2.3.4 +1.2.3.3 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good20 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good20 new file mode 100644 index 00000000000..6dcf6daf9dd --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good20 @@ -0,0 +1,4 @@ +1.2.3.4 +1.2.3.1 +1.2.3.3 +1.2.3.2 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good21 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good21 new file mode 100644 index 00000000000..9dcc63f21a1 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good21 @@ -0,0 +1,4 @@ +1.2.3.4 +1.2.3.2 +1.2.3.1 +1.2.3.3 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good22 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good22 new file mode 100644 index 00000000000..4c51aa60758 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good22 @@ -0,0 +1,4 @@ +1.2.3.4 +1.2.3.2 +1.2.3.3 +1.2.3.1 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good23 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good23 new file mode 100644 index 00000000000..eaf9c631524 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good23 @@ -0,0 +1,4 @@ +1.2.3.4 +1.2.3.3 +1.2.3.1 +1.2.3.2 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good24 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good24 new file mode 100644 index 00000000000..c25c75601e9 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good24 @@ -0,0 +1,4 @@ +1.2.3.4 +1.2.3.3 +1.2.3.2 +1.2.3.1 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good3 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good3 new file mode 100644 index 00000000000..4d50059a556 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good3 @@ -0,0 +1,4 @@ +1.2.3.1 +1.2.3.3 +1.2.3.2 +1.2.3.4 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good4 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good4 new file mode 100644 index 00000000000..0b34afab174 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good4 @@ -0,0 +1,4 @@ +1.2.3.1 +1.2.3.3 +1.2.3.4 +1.2.3.2 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good5 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good5 new file mode 100644 index 00000000000..efe0e253d40 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good5 @@ -0,0 +1,4 @@ +1.2.3.1 +1.2.3.4 +1.2.3.2 +1.2.3.3 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good6 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good6 new file mode 100644 index 00000000000..d2ca6fc3661 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good6 @@ -0,0 +1,4 @@ +1.2.3.1 +1.2.3.4 +1.2.3.3 +1.2.3.2 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good7 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good7 new file mode 100644 index 00000000000..0d8312a2140 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good7 @@ -0,0 +1,4 @@ +1.2.3.2 +1.2.3.1 +1.2.3.3 +1.2.3.4 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good8 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good8 new file mode 100644 index 00000000000..3b276939588 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good8 @@ -0,0 +1,4 @@ +1.2.3.2 +1.2.3.1 +1.2.3.4 +1.2.3.3 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good9 b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good9 new file mode 100644 index 00000000000..61192afb513 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/dig.out.random.good9 @@ -0,0 +1,4 @@ +1.2.3.2 +1.2.3.3 +1.2.3.1 +1.2.3.4 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/ns1/named.conf b/usr.sbin/bind/bin/tests/system/rrsetorder/ns1/named.conf new file mode 100644 index 00000000000..6f618556ec7 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/ns1/named.conf @@ -0,0 +1,43 @@ +/* + * Copyright (C) 2006 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: named.conf,v 1.2.2.1 2006/03/03 00:56:53 marka Exp $ */ + +controls { /* empty */ }; + +options { + query-source address 10.53.0.1; + notify-source 10.53.0.1; + transfer-source 10.53.0.1; + port 5300; + pid-file "named.pid"; + listen-on { 10.53.0.1; }; + listen-on-v6 { none; }; + recursion no; + notify yes; + rrset-order { + name "fixed.example" order fixed; + name "random.example" order random; + name "cyclic.example" order cyclic; + type NS order random; + order cyclic; + }; +}; + +zone "." { + type master; + file "root.db"; +}; diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/ns1/root.db b/usr.sbin/bind/bin/tests/system/rrsetorder/ns1/root.db new file mode 100644 index 00000000000..e9728899bdf --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/ns1/root.db @@ -0,0 +1,40 @@ +; Copyright (C) 2006 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $ISC: root.db,v 1.2.2.1 2006/03/03 00:56:53 marka Exp $ + +$TTL 3600 +. SOA hostmaster.isc.org. a.root-servers.nil. ( + 2000042100 + 600 + 600 + 1200 + 600 ) +. NS a.root-servers.nil. +a.root-servers.nil A 10.53.0.1 +; +fixed.example. A 1.2.3.4 +fixed.example. A 1.2.3.3 +fixed.example. A 1.2.3.1 +fixed.example. A 1.2.3.2 +; +random.example. A 1.2.3.1 +random.example. A 1.2.3.2 +random.example. A 1.2.3.3 +random.example. A 1.2.3.4 +; +cyclic.example. A 1.2.3.4 +cyclic.example. A 1.2.3.3 +cyclic.example. A 1.2.3.2 +cyclic.example. A 1.2.3.1 diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/ns2/named.conf b/usr.sbin/bind/bin/tests/system/rrsetorder/ns2/named.conf new file mode 100644 index 00000000000..56607af7fc2 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/ns2/named.conf @@ -0,0 +1,45 @@ +/* + * Copyright (C) 2006 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: named.conf,v 1.2.2.1 2006/03/03 00:56:53 marka Exp $ */ + +controls { /* empty */ }; + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port 5300; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { none; }; + recursion no; + notify yes; + // flush-zones-on-shutdown yes; + rrset-order { + name "fixed.example" order fixed; + name "random.example" order random; + name "cyclic.example" order cyclic; + type NS order random; + order cyclic; + }; +}; + +zone "." { + type slave; + masters { 10.53.0.1; }; + file "root.bk"; +}; diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/ns3/named.conf b/usr.sbin/bind/bin/tests/system/rrsetorder/ns3/named.conf new file mode 100644 index 00000000000..eac6319f4a4 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/ns3/named.conf @@ -0,0 +1,45 @@ +/* + * Copyright (C) 2006, 2007 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: named.conf,v 1.2.2.4 2007/08/28 07:20:02 tbox Exp $ */ + +controls { /* empty */ }; + +options { + query-source address 10.53.0.3; + notify-source 10.53.0.3; + transfer-source 10.53.0.3; + port 5300; + pid-file "named.pid"; + listen-on { 10.53.0.3; }; + listen-on-v6 { none; }; + recursion yes; + acache-enable yes; + notify yes; + rrset-order { + name "fixed.example" order fixed; + name "random.example" order random; + name "cyclic.example" order cyclic; + type NS order random; + order cyclic; + }; +}; + +zone "." { + type hint; + file "../../common/root.hint"; +}; + diff --git a/usr.sbin/bind/bin/tests/system/rrsetorder/tests.sh b/usr.sbin/bind/bin/tests/system/rrsetorder/tests.sh new file mode 100644 index 00000000000..ec6c4434844 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/rrsetorder/tests.sh @@ -0,0 +1,329 @@ +#!/bin/sh +# +# Copyright (C) 2006 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: tests.sh,v 1.2.2.2 2006/03/05 23:58:51 marka Exp $ + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +status=0 + +# +# +# +echo "I: Checking order fixed (master)" +ret=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 +do +$DIG +nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm +nostat +short \ + -p 5300 @10.53.0.1 fixed.example > dig.out.fixed || ret=1 +cmp -s dig.out.fixed dig.out.fixed.good || ret=1 +done +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + +# +# +# +echo "I: Checking order cyclic (master)" +ret=0 +match1=0 +match2=0 +match3=0 +match4=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 +do +$DIG +nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm +nostat +short \ + -p 5300 @10.53.0.1 cyclic.example > dig.out.cyclic || ret=1 +cmp -s dig.out.cyclic dig.out.cyclic.good1 || \ +cmp -s dig.out.cyclic dig.out.cyclic.good2 || \ +cmp -s dig.out.cyclic dig.out.cyclic.good3 || \ +cmp -s dig.out.cyclic dig.out.cyclic.good4 || \ +ret=1 + +cmp -s dig.out.cyclic dig.out.cyclic.good1 && match1=1 +cmp -s dig.out.cyclic dig.out.cyclic.good2 && match2=1 +cmp -s dig.out.cyclic dig.out.cyclic.good3 && match3=1 +cmp -s dig.out.cyclic dig.out.cyclic.good4 && match4=1 + +done +match=`expr $match1 + $match2 + $match3 + $match4` +if [ $match != 4 ]; then ret=1; fi +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + +echo "I: Checking order random (master)" +ret=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 +do + eval match$i=0 +done +for i in a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 9 +do +$DIG +nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm +nostat +short \ + -p 5300 @10.53.0.1 random.example > dig.out.random || ret=1 + match=0 + for j in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 + do + eval "cmp -s dig.out.random dig.out.random.good$j && match$j=1 match=1" + if [ $match -eq 1 ]; then break; fi + done + if [ $match -eq 0 ]; then ret=1; fi +done +match=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 +do + eval "match=\`expr \$match + \$match$i\`" +done +echo "I: Random selection return $match of 24 possible orders in 36 samples" +if [ $match -lt 8 ]; then echo ret=1; fi +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + +# +# +# +echo "I: Checking order fixed (slave)" +ret=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 +do +$DIG +nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm +nostat +short \ + -p 5300 @10.53.0.2 fixed.example > dig.out.fixed || ret=1 +cmp -s dig.out.fixed dig.out.fixed.good || ret=1 +done +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + +# +# +# +echo "I: Checking order cyclic (slave)" +ret=0 +match1=0 +match2=0 +match3=0 +match4=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 +do +$DIG +nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm +nostat +short \ + -p 5300 @10.53.0.2 cyclic.example > dig.out.cyclic || ret=1 +cmp -s dig.out.cyclic dig.out.cyclic.good1 || \ +cmp -s dig.out.cyclic dig.out.cyclic.good2 || \ +cmp -s dig.out.cyclic dig.out.cyclic.good3 || \ +cmp -s dig.out.cyclic dig.out.cyclic.good4 || \ +ret=1 + +cmp -s dig.out.cyclic dig.out.cyclic.good1 && match1=1 +cmp -s dig.out.cyclic dig.out.cyclic.good2 && match2=1 +cmp -s dig.out.cyclic dig.out.cyclic.good3 && match3=1 +cmp -s dig.out.cyclic dig.out.cyclic.good4 && match4=1 + +done +match=`expr $match1 + $match2 + $match3 + $match4` +if [ $match != 4 ]; then ret=1; fi +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + +echo "I: Checking order random (slave)" +ret=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 +do + eval match$i=0 +done +for i in a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 9 +do +$DIG +nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm +nostat +short \ + -p 5300 @10.53.0.2 random.example > dig.out.random || ret=1 + match=0 + for j in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 + do + eval "cmp -s dig.out.random dig.out.random.good$j && match$j=1 match=1" + if [ $match -eq 1 ]; then break; fi + done + if [ $match -eq 0 ]; then ret=1; fi +done +match=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 +do +eval "match=\`expr \$match + \$match$i\`" +done +echo "I: Random selection return $match of 24 possible orders in 36 samples" +if [ $match -lt 8 ]; then echo ret=1; fi +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + +echo "I: Shutting down slave" + +(cd ..; sh stop.sh rrsetorder ns2 ) + +echo "I: Checking for slave's on disk copy of zone" + +if [ ! -f ns2/root.bk ] +then + echo "I:failed"; + status=`expr $status + 1` +fi + +echo "I: Re-starting slave" + +(cd ..; sh start.sh --noclean rrsetorder ns2 ) + +# +# +# +echo "I: Checking order fixed (slave loaded from disk)" +ret=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 +do +$DIG +nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm +nostat +short \ + -p 5300 @10.53.0.2 fixed.example > dig.out.fixed || ret=1 +cmp -s dig.out.fixed dig.out.fixed.good || ret=1 +done +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + +# +# +# +echo "I: Checking order cyclic (slave loaded from disk)" +ret=0 +match1=0 +match2=0 +match3=0 +match4=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 +do +$DIG +nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm +nostat +short \ + -p 5300 @10.53.0.2 cyclic.example > dig.out.cyclic || ret=1 +cmp -s dig.out.cyclic dig.out.cyclic.good1 || \ +cmp -s dig.out.cyclic dig.out.cyclic.good2 || \ +cmp -s dig.out.cyclic dig.out.cyclic.good3 || \ +cmp -s dig.out.cyclic dig.out.cyclic.good4 || \ +ret=1 + +cmp -s dig.out.cyclic dig.out.cyclic.good1 && match1=1 +cmp -s dig.out.cyclic dig.out.cyclic.good2 && match2=1 +cmp -s dig.out.cyclic dig.out.cyclic.good3 && match3=1 +cmp -s dig.out.cyclic dig.out.cyclic.good4 && match4=1 + +done +match=`expr $match1 + $match2 + $match3 + $match4` +if [ $match != 4 ]; then ret=1; fi +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + +echo "I: Checking order random (slave loaded from disk)" +ret=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 +do + eval match$i=0 +done +for i in a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 9 +do +$DIG +nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm +nostat +short \ + -p 5300 @10.53.0.2 random.example > dig.out.random || ret=1 + match=0 + for j in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 + do + eval "cmp -s dig.out.random dig.out.random.good$j && match$j=1 match=1" + if [ $match -eq 1 ]; then break; fi + done + if [ $match -eq 0 ]; then ret=1; fi +done +match=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 +do +eval "match=\`expr \$match + \$match$i\`" +done +echo "I: Random selection return $match of 24 possible orders in 36 samples" +if [ $match -lt 8 ]; then echo ret=1; fi +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + +# +# +# +echo "I: Checking order fixed (cache)" +ret=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 +do +$DIG +nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm +nostat +short \ + -p 5300 @10.53.0.3 fixed.example > dig.out.fixed || ret=1 +cmp -s dig.out.fixed dig.out.fixed.good || ret=1 +done +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + +# +# +# +echo "I: Checking order cyclic (cache)" +ret=0 +match1=0 +match2=0 +match3=0 +match4=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 +do +$DIG +nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm +nostat +short \ + -p 5300 @10.53.0.3 cyclic.example > dig.out.cyclic || ret=1 +cmp -s dig.out.cyclic dig.out.cyclic.good1 || \ +cmp -s dig.out.cyclic dig.out.cyclic.good2 || \ +cmp -s dig.out.cyclic dig.out.cyclic.good3 || \ +cmp -s dig.out.cyclic dig.out.cyclic.good4 || \ +ret=1 + +cmp -s dig.out.cyclic dig.out.cyclic.good1 && match1=1 +cmp -s dig.out.cyclic dig.out.cyclic.good2 && match2=1 +cmp -s dig.out.cyclic dig.out.cyclic.good3 && match3=1 +cmp -s dig.out.cyclic dig.out.cyclic.good4 && match4=1 + +done +match=`expr $match1 + $match2 + $match3 + $match4` +if [ $match != 4 ]; then ret=1; fi +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + +echo "I: Checking order random (cache)" +ret=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 +do + eval match$i=0 +done +for i in a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 9 +do +$DIG +nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm +nostat +short \ + -p 5300 @10.53.0.3 random.example > dig.out.random || ret=1 + match=0 + for j in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 + do + eval "cmp -s dig.out.random dig.out.random.good$j && match$j=1 match=1" + if [ $match -eq 1 ]; then break; fi + done + if [ $match -eq 0 ]; then ret=1; fi +done +match=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 +do +eval "match=\`expr \$match + \$match$i\`" +done +echo "I: Random selection return $match of 24 possible orders in 36 samples" +if [ $match -lt 8 ]; then echo ret=1; fi +if [ $ret != 0 ]; then echo "I:failed"; fi + +status=`expr $status + $ret` +echo "I:exit status: $status" +exit $status diff --git a/usr.sbin/bind/bin/tests/system/tsig/clean.sh b/usr.sbin/bind/bin/tests/system/tsig/clean.sh new file mode 100644 index 00000000000..3fc74366491 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/tsig/clean.sh @@ -0,0 +1,23 @@ +#!/bin/sh +# +# Copyright (C) 2005, 2006 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: clean.sh,v 1.2.2.2 2006/01/27 23:57:44 marka Exp $ + +# +# Clean up after tsig tests. +# + +rm -f dig.out.* diff --git a/usr.sbin/bind/bin/tests/system/tsig/ns1/example.db b/usr.sbin/bind/bin/tests/system/tsig/ns1/example.db new file mode 100644 index 00000000000..3b8002580b9 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/tsig/ns1/example.db @@ -0,0 +1,151 @@ +; Copyright (C) 2005, 2006 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $ISC: example.db,v 1.2.2.2 2006/01/27 23:57:44 marka Exp $ + +$ORIGIN . +$TTL 300 ; 5 minutes +example.nil IN SOA ns1.example.nil. hostmaster.example.nil. ( + 1 ; serial + 2000 ; refresh (2000 seconds) + 2000 ; retry (2000 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) +example.nil. NS ns1.example.nil. +ns1.example.nil. A 10.53.0.1 +example.nil. NS ns2.example.nil. +ns2.example.nil. A 10.53.0.2 + +$ORIGIN example.nil. +* MX 10 mail +a TXT "foo foo foo" + PTR foo.net. +$TTL 3600 ; 1 hour +a01 A 0.0.0.0 +a02 A 255.255.255.255 +a601 AAAA ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff +afsdb01 AFSDB 0 hostname +afsdb02 AFSDB 65535 . +$TTL 300 ; 5 minutes +b CNAME foo.net. +c A 73.80.65.49 +$TTL 3600 ; 1 hour +cert01 CERT 65534 65535 PRIVATEOID ( + MxFcby9k/yvedMfQgKzhH5er0Mu/vILz45IkskceFGgi + WCn/GxHhai6VAuHAoNUz4YoU1tVfSCSqQYn6//11U6Nl + d80jEeC8aTrO+KKmCaY= ) +cname01 CNAME cname-target. +cname02 CNAME cname-target +cname03 CNAME . +$TTL 300 ; 5 minutes +d A 73.80.65.49 +$TTL 3600 ; 1 hour +dname01 DNAME dname-target. +dname02 DNAME dname-target +dname03 DNAME . +$TTL 300 ; 5 minutes +e MX 10 mail + TXT "one" + TXT "three" + TXT "two" + A 73.80.65.49 + A 73.80.65.50 + A 73.80.65.52 + A 73.80.65.51 +f A 73.80.65.52 +$TTL 3600 ; 1 hour +gpos01 GPOS "-22.6882" "116.8652" "250.0" +gpos02 GPOS "" "" "" +hinfo01 HINFO "Generic PC clone" "NetBSD-1.4" +hinfo02 HINFO "PC" "NetBSD" +isdn01 ISDN "isdn-address" +isdn02 ISDN "isdn-address" "subaddress" +isdn03 ISDN "isdn-address" +isdn04 ISDN "isdn-address" "subaddress" +key01 KEY 512 255 1 ( + AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aR + yzWZriO6i2odGWWQVucZqKVsENW91IOW4vqudngPZsY3 + GvQ/xVA8/7pyFj6b7Esga60zyGW6LFe9r8n6paHrlG5o + jqf0BaqHT+8= ) +kx01 KX 10 kdc +kx02 KX 10 . +loc01 LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m +loc02 LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m +mb01 MG madname +mb02 MG . +mg01 MG mgmname +mg02 MG . +minfo01 MINFO rmailbx emailbx +minfo02 MINFO . . +mr01 MR mrname +mr02 MR . +mx01 MX 10 mail +mx02 MX 10 . +naptr01 NAPTR 0 0 "" "" "" . +naptr02 NAPTR 65535 65535 "blurgh" "blorf" "blegh" foo. +nsap-ptr01 NSAP-PTR foo. + NSAP-PTR . +nsap01 NSAP 0x47000580005a0000000001e133ffffff00016100 +nsap02 NSAP 0x47000580005a0000000001e133ffffff00016100 +nxt01 NXT a.secure ( NS SOA MX SIG KEY LOC NXT ) +nxt02 NXT . ( NSAP-PTR NXT ) +nxt03 NXT . ( A ) +nxt04 NXT . ( 127 ) +ptr01 PTR example.nil. +px01 PX 65535 foo. bar. +px02 PX 65535 . . +rp01 RP mbox-dname txt-dname +rp02 RP . . +rt01 RT 0 intermediate-host +rt02 RT 65535 . +$TTL 300 ; 5 minutes +s NS ns.s +$ORIGIN s.example.nil. +ns A 73.80.65.49 +$ORIGIN example.nil. +$TTL 3600 ; 1 hour +sig01 SIG NXT 1 3 3600 20000102030405 ( + 19961211100908 2143 foo + MxFcby9k/yvedMfQgKzhH5er0Mu/vILz45IkskceFGgi + WCn/GxHhai6VAuHAoNUz4YoU1tVfSCSqQYn6//11U6Nl + d80jEeC8aTrO+KKmCaY= ) +srv01 SRV 0 0 0 . +srv02 SRV 65535 65535 65535 old-slow-box.example.com. +$TTL 301 ; 5 minutes 1 second +t A 73.80.65.49 +$TTL 3600 ; 1 hour +txt01 TXT "foo" +txt02 TXT "foo" "bar" +txt03 TXT "foo" +txt04 TXT "foo" "bar" +txt05 TXT "foo bar" +txt06 TXT "foo bar" +txt07 TXT "foo bar" +txt08 TXT "foo\010bar" +txt09 TXT "foo\010bar" +txt10 TXT "foo bar" +txt11 TXT "\"foo\"" +txt12 TXT "\"foo\"" +$TTL 300 ; 5 minutes +u TXT "txt-not-in-nxt" +$ORIGIN u.example.nil. +a A 73.80.65.49 +b A 73.80.65.49 +$ORIGIN example.nil. +$TTL 3600 ; 1 hour +wks01 WKS 10.0.0.1 6 ( 0 1 2 21 23 ) +wks02 WKS 10.0.0.1 17 ( 0 1 2 53 ) +wks03 WKS 10.0.0.2 6 ( 65535 ) +x2501 X25 "123456789" diff --git a/usr.sbin/bind/bin/tests/system/tsig/ns1/named.conf b/usr.sbin/bind/bin/tests/system/tsig/ns1/named.conf new file mode 100644 index 00000000000..7a4a3b88192 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/tsig/ns1/named.conf @@ -0,0 +1,96 @@ +/* + * Copyright (C) 2005, 2006 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: named.conf,v 1.2.2.2 2006/01/27 23:57:44 marka Exp $ */ + +controls { /* empty */ }; + +options { + query-source address 10.53.0.1; + notify-source 10.53.0.1; + transfer-source 10.53.0.1; + port 5300; + pid-file "named.pid"; + listen-on { 10.53.0.1; }; + listen-on-v6 { none; }; + recursion no; + notify no; +}; + +key "md5" { + secret "97rnFx24Tfna4mHPfgnerA=="; + algorithm hmac-md5; +}; + +key "sha1" { + secret "FrSt77yPTFx6hTs4i2tKLB9LmE0="; + algorithm hmac-sha1; +}; + +key "sha224" { + secret "hXfwwwiag2QGqblopofai9NuW28q/1rH4CaTnA=="; + algorithm hmac-sha224; +}; + +key "sha256" { + secret "R16NojROxtxH/xbDl//ehDsHm5DjWTQ2YXV+hGC2iBY="; + algorithm hmac-sha256; +}; + +key "sha384" { + secret "OaDdoAk2LAcLtYeUnsT7A9XHjsb6ZEma7OCvUpMraQIJX6HetGrlKmF7yglO1G2h"; + algorithm hmac-sha384; +}; + +key "sha512" { + secret "jI/Pa4qRu96t76Pns5Z/Ndxbn3QCkwcxLOgt9vgvnJw5wqTRvNyk3FtD6yIMd1dWVlqZ+Y4fe6Uasc0ckctEmg=="; + algorithm hmac-sha512; +}; + +key "md5-trunc" { + secret "97rnFx24Tfna4mHPfgnerA=="; + algorithm hmac-md5-80; +}; + +key "sha1-trunc" { + secret "FrSt77yPTFx6hTs4i2tKLB9LmE0="; + algorithm hmac-sha1-80; +}; + +key "sha224-trunc" { + secret "hXfwwwiag2QGqblopofai9NuW28q/1rH4CaTnA=="; + algorithm hmac-sha224-112; +}; + +key "sha256-trunc" { + secret "R16NojROxtxH/xbDl//ehDsHm5DjWTQ2YXV+hGC2iBY="; + algorithm hmac-sha256-128; +}; + +key "sha384-trunc" { + secret "OaDdoAk2LAcLtYeUnsT7A9XHjsb6ZEma7OCvUpMraQIJX6HetGrlKmF7yglO1G2h"; + algorithm hmac-sha384-192; +}; + +key "sha512-trunc" { + secret "jI/Pa4qRu96t76Pns5Z/Ndxbn3QCkwcxLOgt9vgvnJw5wqTRvNyk3FtD6yIMd1dWVlqZ+Y4fe6Uasc0ckctEmg=="; + algorithm hmac-sha512-256; +}; + +zone "example.nil" { + type master; + file "example.db"; +}; diff --git a/usr.sbin/bind/bin/tests/system/tsig/tests.sh b/usr.sbin/bind/bin/tests/system/tsig/tests.sh new file mode 100644 index 00000000000..90992b52309 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/tsig/tests.sh @@ -0,0 +1,218 @@ +#!/bin/sh +# +# Copyright (C) 2005, 2006 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: tests.sh,v 1.2.2.2 2006/01/27 23:57:44 marka Exp $ + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +# +# Shared secrets. +# +md5="97rnFx24Tfna4mHPfgnerA==" +sha1="FrSt77yPTFx6hTs4i2tKLB9LmE0=" +sha224="hXfwwwiag2QGqblopofai9NuW28q/1rH4CaTnA==" +sha256="R16NojROxtxH/xbDl//ehDsHm5DjWTQ2YXV+hGC2iBY=" +sha384="OaDdoAk2LAcLtYeUnsT7A9XHjsb6ZEma7OCvUpMraQIJX6HetGrlKmF7yglO1G2h" +sha512="jI/Pa4qRu96t76Pns5Z/Ndxbn3QCkwcxLOgt9vgvnJw5wqTRvNyk3FtD6yIMd1dWVlqZ+Y4fe6Uasc0ckctEmg==" + +status=0 + +echo "I:fetching using hmac-md5 (old form)" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "md5:$md5" @10.53.0.1 soa -p 5300 > dig.out.md5.old || ret=1 +grep -i "md5.*TSIG.*NOERROR" dig.out.md5.old > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-md5 (new form)" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-md5:md5:$md5" @10.53.0.1 soa -p 5300 > dig.out.md5.new || ret=1 +grep -i "md5.*TSIG.*NOERROR" dig.out.md5.new > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha1" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha1:sha1:$sha1" @10.53.0.1 soa -p 5300 > dig.out.sha1 || ret=1 +grep -i "sha1.*TSIG.*NOERROR" dig.out.sha1 > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha224" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha224:sha224:$sha224" @10.53.0.1 soa -p 5300 > dig.out.sha224 || ret=1 +grep -i "sha224.*TSIG.*NOERROR" dig.out.sha224 > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha256" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha256:sha256:$sha256" @10.53.0.1 soa -p 5300 > dig.out.sha256 || ret=1 +grep -i "sha256.*TSIG.*NOERROR" dig.out.sha256 > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha384" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha384:sha384:$sha384" @10.53.0.1 soa -p 5300 > dig.out.sha384 || ret=1 +grep -i "sha384.*TSIG.*NOERROR" dig.out.sha384 > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha512" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha512:sha512:$sha512" @10.53.0.1 soa -p 5300 > dig.out.sha512 || ret=1 +grep -i "sha512.*TSIG.*NOERROR" dig.out.sha512 > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +# +# +# Truncated TSIG +# +# +echo "I:fetching using hmac-md5 (trunc)" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-md5-80:md5-trunc:$md5" @10.53.0.1 soa -p 5300 > dig.out.md5.trunc || ret=1 +grep -i "md5-trunc.*TSIG.*NOERROR" dig.out.md5.trunc > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha1 (trunc)" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha1-80:sha1-trunc:$sha1" @10.53.0.1 soa -p 5300 > dig.out.sha1.trunc || ret=1 +grep -i "sha1.*TSIG.*NOERROR" dig.out.sha1.trunc > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha224 (trunc)" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha224-112:sha224-trunc:$sha224" @10.53.0.1 soa -p 5300 > dig.out.sha224.trunc || ret=1 +grep -i "sha224-trunc.*TSIG.*NOERROR" dig.out.sha224.trunc > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha256 (trunc)" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha256-128:sha256-trunc:$sha256" @10.53.0.1 soa -p 5300 > dig.out.sha256.trunc || ret=1 +grep -i "sha256-trunc.*TSIG.*NOERROR" dig.out.sha256.trunc > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha384 (trunc)" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha384-192:sha384-trunc:$sha384" @10.53.0.1 soa -p 5300 > dig.out.sha384.trunc || ret=1 +grep -i "sha384-trunc.*TSIG.*NOERROR" dig.out.sha384.trunc > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha512-256 (trunc)" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha512-256:sha512-trunc:$sha512" @10.53.0.1 soa -p 5300 > dig.out.sha512.trunc || ret=1 +grep -i "sha512-trunc.*TSIG.*NOERROR" dig.out.sha512.trunc > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + + +# +# +# Check for bad truncation. +# +# +echo "I:fetching using hmac-md5-80 (BADTRUNC)" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-md5-80:md5:$md5" @10.53.0.1 soa -p 5300 > dig.out.md5-80 || ret=1 +grep -i "md5.*TSIG.*BADTRUNC" dig.out.md5-80 > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha1-80 (BADTRUNC)" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha1-80:sha1:$sha1" @10.53.0.1 soa -p 5300 > dig.out.sha1-80 || ret=1 +grep -i "sha1.*TSIG.*BADTRUNC" dig.out.sha1-80 > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha224-112 (BADTRUNC)" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha224-112:sha224:$sha224" @10.53.0.1 soa -p 5300 > dig.out.sha224-112 || ret=1 +grep -i "sha224.*TSIG.*BADTRUNC" dig.out.sha224-112 > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha256-128 (BADTRUNC)" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha256-128:sha256:$sha256" @10.53.0.1 soa -p 5300 > dig.out.sha256-128 || ret=1 +grep -i "sha256.*TSIG.*BADTRUNC" dig.out.sha256-128 > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha384-192 (BADTRUNC)" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha384-192:sha384:$sha384" @10.53.0.1 soa -p 5300 > dig.out.sha384-192 || ret=1 +grep -i "sha384.*TSIG.*BADTRUNC" dig.out.sha384-192 > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +echo "I:fetching using hmac-sha512-256 (BADTRUNC)" +ret=0 +$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + -y "hmac-sha512-256:sha512:$sha512" @10.53.0.1 soa -p 5300 > dig.out.sha512-256 || ret=1 +grep -i "sha512.*TSIG.*BADTRUNC" dig.out.sha512-256 > /dev/null || ret=1 +if [ $ret -eq 1 ] ; then + echo "I: failed"; status=1 +fi + +exit $status + + diff --git a/usr.sbin/bind/bin/tests/system/zonechecks/a.db b/usr.sbin/bind/bin/tests/system/zonechecks/a.db new file mode 100644 index 00000000000..03b0dc50703 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/zonechecks/a.db @@ -0,0 +1,19 @@ +; Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $ISC: a.db,v 1.2.2.2 2004/11/24 23:49:16 marka Exp $ + +@ 3600 IN SOA ns hostmaster 1 3600 1200 604800 3600 +@ 3600 IN NS 127.0.0.1 +127.0.0.1 3600 IN A 127.0.0.1 diff --git a/usr.sbin/bind/bin/tests/system/zonechecks/aaaa.db b/usr.sbin/bind/bin/tests/system/zonechecks/aaaa.db new file mode 100644 index 00000000000..960961ec517 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/zonechecks/aaaa.db @@ -0,0 +1,19 @@ +; Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $ISC: aaaa.db,v 1.2.2.2 2004/11/24 23:49:16 marka Exp $ + +@ 3600 IN SOA ns hostmaster 1 3600 1200 604800 3600 +@ 3600 IN NS ::1 +::1 3600 IN AAAA ::1 diff --git a/usr.sbin/bind/bin/tests/system/zonechecks/clean.sh b/usr.sbin/bind/bin/tests/system/zonechecks/clean.sh new file mode 100644 index 00000000000..992db941a65 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/zonechecks/clean.sh @@ -0,0 +1,19 @@ +#!/bin/sh +# +# Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: clean.sh,v 1.2.2.2 2004/11/24 23:49:17 marka Exp $ + +rm -f *.out diff --git a/usr.sbin/bind/bin/tests/system/zonechecks/cname.db b/usr.sbin/bind/bin/tests/system/zonechecks/cname.db new file mode 100644 index 00000000000..f7226332395 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/zonechecks/cname.db @@ -0,0 +1,19 @@ +; Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $ISC: cname.db,v 1.2.2.2 2004/11/24 23:49:17 marka Exp $ + +@ 3600 IN SOA ns hostmaster 1 3600 1200 604800 3600 +@ 3600 IN NS ns +ns 3600 IN CNAME @ diff --git a/usr.sbin/bind/bin/tests/system/zonechecks/dname.db b/usr.sbin/bind/bin/tests/system/zonechecks/dname.db new file mode 100644 index 00000000000..27cb320c6d9 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/zonechecks/dname.db @@ -0,0 +1,19 @@ +; Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $ISC: dname.db,v 1.2.2.2 2004/11/24 23:49:17 marka Exp $ + +@ 3600 IN SOA ns hostmaster 1 3600 1200 604800 3600 +@ 3600 IN NS ns +@ 3600 IN DNAME . diff --git a/usr.sbin/bind/bin/tests/system/zonechecks/noaddress.db b/usr.sbin/bind/bin/tests/system/zonechecks/noaddress.db new file mode 100644 index 00000000000..6db58e85d4e --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/zonechecks/noaddress.db @@ -0,0 +1,19 @@ +; Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $ISC: noaddress.db,v 1.2.2.2 2004/11/24 23:49:17 marka Exp $ + +@ 3600 IN SOA ns hostmaster 1 3600 1200 604800 3600 +@ 3600 IN NS ns +ns 3600 IN TXT this name has no address records diff --git a/usr.sbin/bind/bin/tests/system/zonechecks/nxdomain.db b/usr.sbin/bind/bin/tests/system/zonechecks/nxdomain.db new file mode 100644 index 00000000000..1451ce76196 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/zonechecks/nxdomain.db @@ -0,0 +1,19 @@ +; Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $ISC: nxdomain.db,v 1.2.2.2 2004/11/24 23:49:17 marka Exp $ + +@ 3600 IN SOA ns hostmaster 1 3600 1200 604800 3600 +@ 3600 IN NS ns +; There are no records at all with the ownername of "ns". diff --git a/usr.sbin/bind/bin/tests/system/zonechecks/tests.sh b/usr.sbin/bind/bin/tests/system/zonechecks/tests.sh new file mode 100644 index 00000000000..23a7df36a07 --- /dev/null +++ b/usr.sbin/bind/bin/tests/system/zonechecks/tests.sh @@ -0,0 +1,164 @@ +#!/bin/sh +# +# Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: tests.sh,v 1.2.2.1 2004/11/23 05:24:49 marka Exp $ + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +status=0 + +# +echo "I: checking that we detect a NS which refers to a CNAME" +if $CHECKZONE . cname.db > cname.out 2>&1 +then + echo "I:failed (status)"; status=1 +else + if grep "is a CNAME" cname.out > /dev/null + then + : + else + echo "I:failed (message)"; status=1 + fi +fi + +# +echo "I: checking that we detect a NS which is below a DNAME" +if $CHECKZONE . dname.db > dname.out 2>&1 +then + echo "I:failed (status)"; status=1 +else + if grep "is below a DNAME" dname.out > /dev/null + then + : + else + echo "I:failed (message)"; status=1 + fi +fi + +# +echo "I: checking that we detect a NS which has no address records (A/AAAA)" +if $CHECKZONE . noaddress.db > noaddress.out +then + echo "I:failed (status)"; status=1 +else + if grep "has no address records" noaddress.out > /dev/null + then + : + else + echo "I:failed (message)"; status=1 + fi +fi + +# +echo "I: checking that we detect a NS which has no records" +if $CHECKZONE . nxdomain.db > nxdomain.out +then + echo "I:failed (status)"; status=1 +else + if grep "has no address records" noaddress.out > /dev/null + then + : + else + echo "I:failed (message)"; status=1 + fi +fi + +# +echo "I: checking that we detect a NS which looks like a A record (fail)" +if $CHECKZONE -n fail . a.db > a.out 2>&1 +then + echo "I:failed (status)"; status=1 +else + if grep "appears to be an address" a.out > /dev/null + then + : + else + echo "I:failed (message)"; status=1 + fi +fi + +# +echo "I: checking that we detect a NS which looks like a A record (warn=default)" +if $CHECKZONE . a.db > a.out 2>&1 +then + if grep "appears to be an address" a.out > /dev/null + then + : + else + echo "I:failed (message)"; status=1 + fi +else + echo "I:failed (status)"; status=1 +fi + +# +echo "I: checking that we detect a NS which looks like a A record (ignore)" +if $CHECKZONE -n ignore . a.db > a.out 2>&1 +then + if grep "appears to be an address" a.out > /dev/null + then + echo "I:failed (message)"; status=1 + else + : + fi +else + echo "I:failed (status)"; status=1 +fi + +# +echo "I: checking that we detect a NS which looks like a AAAA record (fail)" +if $CHECKZONE -n fail . aaaa.db > aaaa.out 2>&1 +then + echo "I:failed (status)"; status=1 +else + if grep "appears to be an address" aaaa.out > /dev/null + then + : + else + echo "I:failed (message)"; status=1 + fi +fi + +# +echo "I: checking that we detect a NS which looks like a AAAA record (warn=default)" +if $CHECKZONE . aaaa.db > aaaa.out 2>&1 +then + if grep "appears to be an address" aaaa.out > /dev/null + then + : + else + echo "I:failed (message)"; status=1 + fi +else + echo "I:failed (status)"; status=1 +fi + +# +echo "I: checking that we detect a NS which looks like a AAAA record (ignore)" +if $CHECKZONE -n ignore . aaaa.db > aaaa.out 2>&1 +then + if grep "appears to be an address" aaaa.out > /dev/null + then + echo "I:failed (message)"; status=1 + else + : + fi +else + echo "I:failed (status)"; status=1 +fi +echo "I:exit status: $status" +exit $? diff --git a/usr.sbin/bind/doc/Makefile.in b/usr.sbin/bind/doc/Makefile.in index 1088a1f1d0b..b6a753bae3c 100644 --- a/usr.sbin/bind/doc/Makefile.in +++ b/usr.sbin/bind/doc/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.4.206.3 2005/09/13 00:34:54 marka Exp $ +# $ISC: Makefile.in,v 1.5.18.2 2005/07/23 04:35:12 marka Exp $ # This Makefile is a placeholder. It exists merely to make # sure that its directory gets created in the object directory diff --git a/usr.sbin/bind/doc/arm/Bv9ARM.ch01.html b/usr.sbin/bind/doc/arm/Bv9ARM.ch01.html index ded6183372f..44b706049ca 100644 --- a/usr.sbin/bind/doc/arm/Bv9ARM.ch01.html +++ b/usr.sbin/bind/doc/arm/Bv9ARM.ch01.html @@ -1,5 +1,5 @@ <!-- - - Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000-2003 Internet Software Consortium. - - Permission to use, copy, modify, and distribute this software for any @@ -14,12 +14,12 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: Bv9ARM.ch01.html,v 1.12.2.2.8.15 2006/07/20 02:33:31 marka Exp $ --> +<!-- $ISC: Bv9ARM.ch01.html,v 1.16.18.21 2007/10/31 01:35:57 marka Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> -<title>Chapter 1. Introduction </title> -<meta name="generator" content="DocBook XSL Stylesheets V1.70.1"> +<title>Chapter 1. Introduction</title> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> <link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> <link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> <link rel="prev" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> @@ -28,7 +28,7 @@ <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> <div class="navheader"> <table width="100%" summary="Navigation header"> -<tr><th colspan="3" align="center">Chapter 1. Introduction </th></tr> +<tr><th colspan="3" align="center">Chapter 1. Introduction</th></tr> <tr> <td width="20%" align="left"> <a accesskey="p" href="Bv9ARM.html">Prev</a> </td> @@ -41,71 +41,86 @@ </div> <div class="chapter" lang="en"> <div class="titlepage"><div><div><h2 class="title"> -<a name="Bv9ARM.ch01"></a>Chapter 1. Introduction </h2></div></div></div> +<a name="Bv9ARM.ch01"></a>Chapter 1. Introduction</h2></div></div></div> <div class="toc"> <p><b>Table of Contents</b></p> <dl> -<dt><span class="sect1"><a href="Bv9ARM.ch01.html#id2569434">Scope of Document</a></span></dt> -<dt><span class="sect1"><a href="Bv9ARM.ch01.html#id2569460">Organization of This Document</a></span></dt> -<dt><span class="sect1"><a href="Bv9ARM.ch01.html#id2569736">Conventions Used in This Document</a></span></dt> -<dt><span class="sect1"><a href="Bv9ARM.ch01.html#id2569994">The Domain Name System (<acronym class="acronym">DNS</acronym>)</a></span></dt> +<dt><span class="sect1"><a href="Bv9ARM.ch01.html#id2564117">Scope of Document</a></span></dt> +<dt><span class="sect1"><a href="Bv9ARM.ch01.html#id2564140">Organization of This Document</a></span></dt> +<dt><span class="sect1"><a href="Bv9ARM.ch01.html#id2563474">Conventions Used in This Document</a></span></dt> +<dt><span class="sect1"><a href="Bv9ARM.ch01.html#id2564816">The Domain Name System (<acronym class="acronym">DNS</acronym>)</a></span></dt> <dd><dl> -<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2570014">DNS Fundamentals</a></span></dt> -<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2570323">Domains and Domain Names</a></span></dt> -<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2570407">Zones</a></span></dt> -<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2570550">Authoritative Name Servers</a></span></dt> -<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2570642">Caching Name Servers</a></span></dt> -<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2570699">Name Servers in Multiple Roles</a></span></dt> +<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2564837">DNS Fundamentals</a></span></dt> +<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2564871">Domains and Domain Names</a></span></dt> +<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2567208">Zones</a></span></dt> +<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2567285">Authoritative Name Servers</a></span></dt> +<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2567526">Caching Name Servers</a></span></dt> +<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2567588">Name Servers in Multiple Roles</a></span></dt> </dl></dd> </dl> </div> -<p>The Internet Domain Name System (<acronym class="acronym">DNS</acronym>) consists of the syntax - to specify the names of entities in the Internet in a hierarchical - manner, the rules used for delegating authority over names, and the - system implementation that actually maps names to Internet - addresses. <acronym class="acronym">DNS</acronym> data is maintained in a group of distributed - hierarchical databases.</p> +<p> + The Internet Domain Name System (<acronym class="acronym">DNS</acronym>) + consists of the syntax + to specify the names of entities in the Internet in a hierarchical + manner, the rules used for delegating authority over names, and the + system implementation that actually maps names to Internet + addresses. <acronym class="acronym">DNS</acronym> data is maintained in a + group of distributed + hierarchical databases. + </p> <div class="sect1" lang="en"> <div class="titlepage"><div><div><h2 class="title" style="clear: both"> -<a name="id2569434"></a>Scope of Document</h2></div></div></div> -<p>The Berkeley Internet Name Domain (<acronym class="acronym">BIND</acronym>) implements a - domain name server for a number of operating systems. This - document provides basic information about the installation and - care of the Internet Software Consortium (<acronym class="acronym">ISC</acronym>) - <acronym class="acronym">BIND</acronym> version 9 software package for system - administrators.</p> -<p>This version of the manual corresponds to BIND version 9.3.</p> +<a name="id2564117"></a>Scope of Document</h2></div></div></div> +<p> + The Berkeley Internet Name Domain + (<acronym class="acronym">BIND</acronym>) implements a + domain name server for a number of operating systems. This + document provides basic information about the installation and + care of the Internet Systems Consortium (<acronym class="acronym">ISC</acronym>) + <acronym class="acronym">BIND</acronym> version 9 software package for + system administrators. + </p> +<p> + This version of the manual corresponds to BIND version 9.4. + </p> </div> <div class="sect1" lang="en"> <div class="titlepage"><div><div><h2 class="title" style="clear: both"> -<a name="id2569460"></a>Organization of This Document</h2></div></div></div> -<p>In this document, <span class="emphasis"><em>Section 1</em></span> introduces - the basic <acronym class="acronym">DNS</acronym> and <acronym class="acronym">BIND</acronym> concepts. <span class="emphasis"><em>Section 2</em></span> - describes resource requirements for running <acronym class="acronym">BIND</acronym> in various - environments. Information in <span class="emphasis"><em>Section 3</em></span> is - <span class="emphasis"><em>task-oriented</em></span> in its presentation and is - organized functionally, to aid in the process of installing the - <acronym class="acronym">BIND</acronym> 9 software. The task-oriented section is followed by - <span class="emphasis"><em>Section 4</em></span>, which contains more advanced - concepts that the system administrator may need for implementing - certain options. <span class="emphasis"><em>Section 5</em></span> - describes the <acronym class="acronym">BIND</acronym> 9 lightweight - resolver. The contents of <span class="emphasis"><em>Section 6</em></span> are - organized as in a reference manual to aid in the ongoing - maintenance of the software. <span class="emphasis"><em>Section 7 - </em></span>addresses security considerations, and - <span class="emphasis"><em>Section 8</em></span> contains troubleshooting help. The - main body of the document is followed by several - <span class="emphasis"><em>Appendices</em></span> which contain useful reference - information, such as a <span class="emphasis"><em>Bibliography</em></span> and - historic information related to <acronym class="acronym">BIND</acronym> and the Domain Name - System.</p> +<a name="id2564140"></a>Organization of This Document</h2></div></div></div> +<p> + In this document, <span class="emphasis"><em>Section 1</em></span> introduces + the basic <acronym class="acronym">DNS</acronym> and <acronym class="acronym">BIND</acronym> concepts. <span class="emphasis"><em>Section 2</em></span> + describes resource requirements for running <acronym class="acronym">BIND</acronym> in various + environments. Information in <span class="emphasis"><em>Section 3</em></span> is + <span class="emphasis"><em>task-oriented</em></span> in its presentation and is + organized functionally, to aid in the process of installing the + <acronym class="acronym">BIND</acronym> 9 software. The task-oriented + section is followed by + <span class="emphasis"><em>Section 4</em></span>, which contains more advanced + concepts that the system administrator may need for implementing + certain options. <span class="emphasis"><em>Section 5</em></span> + describes the <acronym class="acronym">BIND</acronym> 9 lightweight + resolver. The contents of <span class="emphasis"><em>Section 6</em></span> are + organized as in a reference manual to aid in the ongoing + maintenance of the software. <span class="emphasis"><em>Section 7</em></span> addresses + security considerations, and + <span class="emphasis"><em>Section 8</em></span> contains troubleshooting help. The + main body of the document is followed by several + <span class="emphasis"><em>appendices</em></span> which contain useful reference + information, such as a <span class="emphasis"><em>bibliography</em></span> and + historic information related to <acronym class="acronym">BIND</acronym> + and the Domain Name + System. + </p> </div> <div class="sect1" lang="en"> <div class="titlepage"><div><div><h2 class="title" style="clear: both"> -<a name="id2569736"></a>Conventions Used in This Document</h2></div></div></div> -<p>In this document, we use the following general typographic - conventions:</p> +<a name="id2563474"></a>Conventions Used in This Document</h2></div></div></div> +<p> + In this document, we use the following general typographic + conventions: + </p> <div class="informaltable"><table border="1"> <colgroup> <col> @@ -114,33 +129,59 @@ <tbody> <tr> <td> -<p><span class="emphasis"><em>To -describe:</em></span></p> -</td> + <p> + <span class="emphasis"><em>To describe:</em></span> + </p> + </td> <td> -<p><span class="emphasis"><em>We use the style:</em></span></p> -</td> + <p> + <span class="emphasis"><em>We use the style:</em></span> + </p> + </td> </tr> <tr> <td> -<p>a pathname, filename, URL, hostname, -mailing list name, or new term or concept</p> -</td> -<td><p><code class="filename">Fixed width</code></p></td> + <p> + a pathname, filename, URL, hostname, + mailing list name, or new term or concept + </p> + </td> +<td> + <p> + <code class="filename">Fixed width</code> + </p> + </td> </tr> <tr> -<td><p>literal user -input</p></td> -<td><p><strong class="userinput"><code>Fixed Width Bold</code></strong></p></td> +<td> + <p> + literal user + input + </p> + </td> +<td> + <p> + <strong class="userinput"><code>Fixed Width Bold</code></strong> + </p> + </td> </tr> <tr> -<td><p>program output</p></td> -<td><p><code class="computeroutput">Fixed Width</code></p></td> +<td> + <p> + program output + </p> + </td> +<td> + <p> + <code class="computeroutput">Fixed Width</code> + </p> + </td> </tr> </tbody> </table></div> -<p>The following conventions are used in descriptions of the -<acronym class="acronym">BIND</acronym> configuration file:</p> +<p> + The following conventions are used in descriptions of the + <acronym class="acronym">BIND</acronym> configuration file:</p> <div class="informaltable"><table border="1"> <colgroup> <col> @@ -148,246 +189,353 @@ input</p></td> </colgroup> <tbody> <tr> -<td><p><span class="emphasis"><em>To -describe:</em></span></p></td> -<td><p><span class="emphasis"><em>We use the style:</em></span></p></td> +<td> + <p> + <span class="emphasis"><em>To describe:</em></span> + </p> + </td> +<td> + <p> + <span class="emphasis"><em>We use the style:</em></span> + </p> + </td> </tr> <tr> -<td><p>keywords</p></td> -<td><p><code class="literal">Fixed Width</code></p></td> +<td> + <p> + keywords + </p> + </td> +<td> + <p> + <code class="literal">Fixed Width</code> + </p> + </td> </tr> <tr> -<td><p>variables</p></td> -<td><p><code class="varname">Fixed Width</code></p></td> +<td> + <p> + variables + </p> + </td> +<td> + <p> + <code class="varname">Fixed Width</code> + </p> + </td> </tr> <tr> -<td><p>Optional input</p></td> -<td><p>[<span class="optional">Text is enclosed in square brackets</span>]</p></td> +<td> + <p> + Optional input + </p> + </td> +<td> + <p> + [<span class="optional">Text is enclosed in square brackets</span>] + </p> + </td> </tr> </tbody> </table></div> +<p> + </p> </div> <div class="sect1" lang="en"> <div class="titlepage"><div><div><h2 class="title" style="clear: both"> -<a name="id2569994"></a>The Domain Name System (<acronym class="acronym">DNS</acronym>)</h2></div></div></div> -<p>The purpose of this document is to explain the installation -and upkeep of the <acronym class="acronym">BIND</acronym> software package, and we -begin by reviewing the fundamentals of the Domain Name System -(<acronym class="acronym">DNS</acronym>) as they relate to <acronym class="acronym">BIND</acronym>. -</p> +<a name="id2564816"></a>The Domain Name System (<acronym class="acronym">DNS</acronym>)</h2></div></div></div> +<p> + The purpose of this document is to explain the installation + and upkeep of the <acronym class="acronym">BIND</acronym> (Berkeley Internet + Name Domain) software package, and we + begin by reviewing the fundamentals of the Domain Name System + (<acronym class="acronym">DNS</acronym>) as they relate to <acronym class="acronym">BIND</acronym>. + </p> <div class="sect2" lang="en"> <div class="titlepage"><div><div><h3 class="title"> -<a name="id2570014"></a>DNS Fundamentals</h3></div></div></div> -<p>The Domain Name System (DNS) is the hierarchical, distributed -database. It stores information for mapping Internet host names to IP -addresses and vice versa, mail routing information, and other data -used by Internet applications.</p> -<p>Clients look up information in the DNS by calling a -<span class="emphasis"><em>resolver</em></span> library, which sends queries to one or -more <span class="emphasis"><em>name servers</em></span> and interprets the responses. -The <acronym class="acronym">BIND</acronym> 9 software distribution contains a -name server, <span><strong class="command">named</strong></span>, and two resolver -libraries, <span><strong class="command">liblwres</strong></span> and <span><strong class="command">libbind</strong></span>. -</p> +<a name="id2564837"></a>DNS Fundamentals</h3></div></div></div> +<p> + The Domain Name System (DNS) is a hierarchical, distributed + database. It stores information for mapping Internet host names to + IP + addresses and vice versa, mail routing information, and other data + used by Internet applications. + </p> +<p> + Clients look up information in the DNS by calling a + <span class="emphasis"><em>resolver</em></span> library, which sends queries to one or + more <span class="emphasis"><em>name servers</em></span> and interprets the responses. + The <acronym class="acronym">BIND</acronym> 9 software distribution + contains a + name server, <span><strong class="command">named</strong></span>, and two resolver + libraries, <span><strong class="command">liblwres</strong></span> and <span><strong class="command">libbind</strong></span>. + </p> </div> <div class="sect2" lang="en"> <div class="titlepage"><div><div><h3 class="title"> -<a name="id2570323"></a>Domains and Domain Names</h3></div></div></div> -<p>The data stored in the DNS is identified by <span class="emphasis"><em>domain -names</em></span> that are organized as a tree according to -organizational or administrative boundaries. Each node of the tree, -called a <span class="emphasis"><em>domain</em></span>, is given a label. The domain name of the -node is the concatenation of all the labels on the path from the -node to the <span class="emphasis"><em>root</em></span> node. This is represented -in written form as a string of labels listed from right to left and -separated by dots. A label need only be unique within its parent -domain.</p> -<p>For example, a domain name for a host at the -company <span class="emphasis"><em>Example, Inc.</em></span> could be -<code class="literal">mail.example.com</code>, -where <code class="literal">com</code> is the -top level domain to which -<code class="literal">ourhost.example.com</code> belongs, -<code class="literal">example</code> is -a subdomain of <code class="literal">com</code>, and -<code class="literal">ourhost</code> is the -name of the host.</p> -<p>For administrative purposes, the name space is partitioned into -areas called <span class="emphasis"><em>zones</em></span>, each starting at a node and -extending down to the leaf nodes or to nodes where other zones start. -The data for each zone is stored in a <span class="emphasis"><em>name -server</em></span>, which answers queries about the zone using the -<span class="emphasis"><em>DNS protocol</em></span>. -</p> -<p>The data associated with each domain name is stored in the -form of <span class="emphasis"><em>resource records</em></span> (<acronym class="acronym">RR</acronym>s). -Some of the supported resource record types are described in -<a href="Bv9ARM.ch06.html#types_of_resource_records_and_when_to_use_them" title="Types of Resource Records and When to Use Them">the section called “Types of Resource Records and When to Use Them”</a>.</p> -<p>For more detailed information about the design of the DNS and -the DNS protocol, please refer to the standards documents listed in -<a href="Bv9ARM.ch09.html#rfcs" title="Request for Comments (RFCs)">the section called “Request for Comments (RFCs)”</a>.</p> +<a name="id2564871"></a>Domains and Domain Names</h3></div></div></div> +<p> + The data stored in the DNS is identified by <span class="emphasis"><em>domain names</em></span> that are organized as a tree according to + organizational or administrative boundaries. Each node of the tree, + called a <span class="emphasis"><em>domain</em></span>, is given a label. The domain + name of the + node is the concatenation of all the labels on the path from the + node to the <span class="emphasis"><em>root</em></span> node. This is represented + in written form as a string of labels listed from right to left and + separated by dots. A label need only be unique within its parent + domain. + </p> +<p> + For example, a domain name for a host at the + company <span class="emphasis"><em>Example, Inc.</em></span> could be + <code class="literal">ourhost.example.com</code>, + where <code class="literal">com</code> is the + top level domain to which + <code class="literal">ourhost.example.com</code> belongs, + <code class="literal">example</code> is + a subdomain of <code class="literal">com</code>, and + <code class="literal">ourhost</code> is the + name of the host. + </p> +<p> + For administrative purposes, the name space is partitioned into + areas called <span class="emphasis"><em>zones</em></span>, each starting at a node and + extending down to the leaf nodes or to nodes where other zones + start. + The data for each zone is stored in a <span class="emphasis"><em>name server</em></span>, which answers queries about the zone using the + <span class="emphasis"><em>DNS protocol</em></span>. + </p> +<p> + The data associated with each domain name is stored in the + form of <span class="emphasis"><em>resource records</em></span> (<acronym class="acronym">RR</acronym>s). + Some of the supported resource record types are described in + <a href="Bv9ARM.ch06.html#types_of_resource_records_and_when_to_use_them" title="Types of Resource Records and When to Use Them">the section called “Types of Resource Records and When to Use Them”</a>. + </p> +<p> + For more detailed information about the design of the DNS and + the DNS protocol, please refer to the standards documents listed in + <a href="Bv9ARM.ch09.html#rfcs" title="Request for Comments (RFCs)">the section called “Request for Comments (RFCs)”</a>. + </p> </div> <div class="sect2" lang="en"> <div class="titlepage"><div><div><h3 class="title"> -<a name="id2570407"></a>Zones</h3></div></div></div> -<p>To properly operate a name server, it is important to understand -the difference between a <span class="emphasis"><em>zone</em></span> -and a <span class="emphasis"><em>domain</em></span>.</p> -<p>As we stated previously, a zone is a point of delegation in -the <acronym class="acronym">DNS</acronym> tree. A zone consists of -those contiguous parts of the domain -tree for which a name server has complete information and over which -it has authority. It contains all domain names from a certain point -downward in the domain tree except those which are delegated to -other zones. A delegation point is marked by one or more -<span class="emphasis"><em>NS records</em></span> in the -parent zone, which should be matched by equivalent NS records at -the root of the delegated zone.</p> -<p>For instance, consider the <code class="literal">example.com</code> -domain which includes names -such as <code class="literal">host.aaa.example.com</code> and -<code class="literal">host.bbb.example.com</code> even though -the <code class="literal">example.com</code> zone includes -only delegations for the <code class="literal">aaa.example.com</code> and -<code class="literal">bbb.example.com</code> zones. A zone can map -exactly to a single domain, but could also include only part of a -domain, the rest of which could be delegated to other -name servers. Every name in the <acronym class="acronym">DNS</acronym> tree is a -<span class="emphasis"><em>domain</em></span>, even if it is -<span class="emphasis"><em>terminal</em></span>, that is, has no -<span class="emphasis"><em>subdomains</em></span>. Every subdomain is a domain and -every domain except the root is also a subdomain. The terminology is -not intuitive and we suggest that you read RFCs 1033, 1034 and 1035 to -gain a complete understanding of this difficult and subtle -topic.</p> -<p>Though <acronym class="acronym">BIND</acronym> is called a "domain name server", -it deals primarily in terms of zones. The master and slave -declarations in the <code class="filename">named.conf</code> file specify -zones, not domains. When you ask some other site if it is willing to -be a slave server for your <span class="emphasis"><em>domain</em></span>, you are -actually asking for slave service for some collection of zones.</p> +<a name="id2567208"></a>Zones</h3></div></div></div> +<p> + To properly operate a name server, it is important to understand + the difference between a <span class="emphasis"><em>zone</em></span> + and a <span class="emphasis"><em>domain</em></span>. + </p> +<p> + As stated previously, a zone is a point of delegation in + the <acronym class="acronym">DNS</acronym> tree. A zone consists of + those contiguous parts of the domain + tree for which a name server has complete information and over which + it has authority. It contains all domain names from a certain point + downward in the domain tree except those which are delegated to + other zones. A delegation point is marked by one or more + <span class="emphasis"><em>NS records</em></span> in the + parent zone, which should be matched by equivalent NS records at + the root of the delegated zone. + </p> +<p> + For instance, consider the <code class="literal">example.com</code> + domain which includes names + such as <code class="literal">host.aaa.example.com</code> and + <code class="literal">host.bbb.example.com</code> even though + the <code class="literal">example.com</code> zone includes + only delegations for the <code class="literal">aaa.example.com</code> and + <code class="literal">bbb.example.com</code> zones. A zone can + map + exactly to a single domain, but could also include only part of a + domain, the rest of which could be delegated to other + name servers. Every name in the <acronym class="acronym">DNS</acronym> + tree is a + <span class="emphasis"><em>domain</em></span>, even if it is + <span class="emphasis"><em>terminal</em></span>, that is, has no + <span class="emphasis"><em>subdomains</em></span>. Every subdomain is a domain and + every domain except the root is also a subdomain. The terminology is + not intuitive and we suggest that you read RFCs 1033, 1034 and 1035 + to + gain a complete understanding of this difficult and subtle + topic. + </p> +<p> + Though <acronym class="acronym">BIND</acronym> is called a "domain name + server", + it deals primarily in terms of zones. The master and slave + declarations in the <code class="filename">named.conf</code> file + specify + zones, not domains. When you ask some other site if it is willing to + be a slave server for your <span class="emphasis"><em>domain</em></span>, you are + actually asking for slave service for some collection of zones. + </p> </div> <div class="sect2" lang="en"> <div class="titlepage"><div><div><h3 class="title"> -<a name="id2570550"></a>Authoritative Name Servers</h3></div></div></div> -<p>Each zone is served by at least -one <span class="emphasis"><em>authoritative name server</em></span>, -which contains the complete data for the zone. -To make the DNS tolerant of server and network failures, -most zones have two or more authoritative servers. -</p> -<p>Responses from authoritative servers have the "authoritative -answer" (AA) bit set in the response packets. This makes them -easy to identify when debugging DNS configurations using tools like -<span><strong class="command">dig</strong></span> (<a href="Bv9ARM.ch03.html#diagnostic_tools" title="Diagnostic Tools">the section called “Diagnostic Tools”</a>).</p> +<a name="id2567285"></a>Authoritative Name Servers</h3></div></div></div> +<p> + Each zone is served by at least + one <span class="emphasis"><em>authoritative name server</em></span>, + which contains the complete data for the zone. + To make the DNS tolerant of server and network failures, + most zones have two or more authoritative servers, on + different networks. + </p> +<p> + Responses from authoritative servers have the "authoritative + answer" (AA) bit set in the response packets. This makes them + easy to identify when debugging DNS configurations using tools like + <span><strong class="command">dig</strong></span> (<a href="Bv9ARM.ch03.html#diagnostic_tools" title="Diagnostic Tools">the section called “Diagnostic Tools”</a>). + </p> <div class="sect3" lang="en"> <div class="titlepage"><div><div><h4 class="title"> -<a name="id2570572"></a>The Primary Master</h4></div></div></div> -<p> -The authoritative server where the master copy of the zone data is maintained is -called the <span class="emphasis"><em>primary master</em></span> server, or simply the -<span class="emphasis"><em>primary</em></span>. It loads the zone contents from some -local file edited by humans or perhaps generated mechanically from -some other local file which is edited by humans. This file is called -the <span class="emphasis"><em>zone file</em></span> or <span class="emphasis"><em>master file</em></span>.</p> +<a name="id2567308"></a>The Primary Master</h4></div></div></div> +<p> + The authoritative server where the master copy of the zone + data is maintained is called the + <span class="emphasis"><em>primary master</em></span> server, or simply the + <span class="emphasis"><em>primary</em></span>. Typically it loads the zone + contents from some local file edited by humans or perhaps + generated mechanically from some other local file which is + edited by humans. This file is called the + <span class="emphasis"><em>zone file</em></span> or + <span class="emphasis"><em>master file</em></span>. + </p> +<p> + In some cases, however, the master file may not be edited + by humans at all, but may instead be the result of + <span class="emphasis"><em>dynamic update</em></span> operations. + </p> </div> <div class="sect3" lang="en"> <div class="titlepage"><div><div><h4 class="title"> -<a name="id2570594"></a>Slave Servers</h4></div></div></div> -<p>The other authoritative servers, the <span class="emphasis"><em>slave</em></span> -servers (also known as <span class="emphasis"><em>secondary</em></span> servers) load -the zone contents from another server using a replication process -known as a <span class="emphasis"><em>zone transfer</em></span>. Typically the data are -transferred directly from the primary master, but it is also possible -to transfer it from another slave. In other words, a slave server -may itself act as a master to a subordinate slave server.</p> +<a name="id2567338"></a>Slave Servers</h4></div></div></div> +<p> + The other authoritative servers, the <span class="emphasis"><em>slave</em></span> + servers (also known as <span class="emphasis"><em>secondary</em></span> servers) + load + the zone contents from another server using a replication process + known as a <span class="emphasis"><em>zone transfer</em></span>. Typically the data + are + transferred directly from the primary master, but it is also + possible + to transfer it from another slave. In other words, a slave server + may itself act as a master to a subordinate slave server. + </p> </div> <div class="sect3" lang="en"> <div class="titlepage"><div><div><h4 class="title"> -<a name="id2570613"></a>Stealth Servers</h4></div></div></div> -<p>Usually all of the zone's authoritative servers are listed in -NS records in the parent zone. These NS records constitute -a <span class="emphasis"><em>delegation</em></span> of the zone from the parent. -The authoritative servers are also listed in the zone file itself, -at the <span class="emphasis"><em>top level</em></span> or <span class="emphasis"><em>apex</em></span> -of the zone. You can list servers in the zone's top-level NS -records that are not in the parent's NS delegation, but you cannot -list servers in the parent's delegation that are not present at -the zone's top level.</p> -<p>A <span class="emphasis"><em>stealth server</em></span> is a server that is -authoritative for a zone but is not listed in that zone's NS -records. Stealth servers can be used for keeping a local copy of a -zone to speed up access to the zone's records or to make sure that the -zone is available even if all the "official" servers for the zone are -inaccessible.</p> -<p>A configuration where the primary master server itself is a -stealth server is often referred to as a "hidden primary" -configuration. One use for this configuration is when the primary master -is behind a firewall and therefore unable to communicate directly -with the outside world.</p> +<a name="id2567360"></a>Stealth Servers</h4></div></div></div> +<p> + Usually all of the zone's authoritative servers are listed in + NS records in the parent zone. These NS records constitute + a <span class="emphasis"><em>delegation</em></span> of the zone from the parent. + The authoritative servers are also listed in the zone file itself, + at the <span class="emphasis"><em>top level</em></span> or <span class="emphasis"><em>apex</em></span> + of the zone. You can list servers in the zone's top-level NS + records that are not in the parent's NS delegation, but you cannot + list servers in the parent's delegation that are not present at + the zone's top level. + </p> +<p> + A <span class="emphasis"><em>stealth server</em></span> is a server that is + authoritative for a zone but is not listed in that zone's NS + records. Stealth servers can be used for keeping a local copy of + a + zone to speed up access to the zone's records or to make sure that + the + zone is available even if all the "official" servers for the zone + are + inaccessible. + </p> +<p> + A configuration where the primary master server itself is a + stealth server is often referred to as a "hidden primary" + configuration. One use for this configuration is when the primary + master + is behind a firewall and therefore unable to communicate directly + with the outside world. + </p> </div> </div> <div class="sect2" lang="en"> <div class="titlepage"><div><div><h3 class="title"> -<a name="id2570642"></a>Caching Name Servers</h3></div></div></div> -<p>The resolver libraries provided by most operating systems are -<span class="emphasis"><em>stub resolvers</em></span>, meaning that they are not capable of -performing the full DNS resolution process by themselves by talking -directly to the authoritative servers. Instead, they rely on a local -name server to perform the resolution on their behalf. Such a server -is called a <span class="emphasis"><em>recursive</em></span> name server; it performs -<span class="emphasis"><em>recursive lookups</em></span> for local clients.</p> -<p>To improve performance, recursive servers cache the results of -the lookups they perform. Since the processes of recursion and -caching are intimately connected, the terms -<span class="emphasis"><em>recursive server</em></span> and -<span class="emphasis"><em>caching server</em></span> are often used synonymously.</p> -<p>The length of time for which a record may be retained in -the cache of a caching name server is controlled by the -Time To Live (TTL) field associated with each resource record. -</p> +<a name="id2567526"></a>Caching Name Servers</h3></div></div></div> +<p> + The resolver libraries provided by most operating systems are + <span class="emphasis"><em>stub resolvers</em></span>, meaning that they are not + capable of + performing the full DNS resolution process by themselves by talking + directly to the authoritative servers. Instead, they rely on a + local + name server to perform the resolution on their behalf. Such a + server + is called a <span class="emphasis"><em>recursive</em></span> name server; it performs + <span class="emphasis"><em>recursive lookups</em></span> for local clients. + </p> +<p> + To improve performance, recursive servers cache the results of + the lookups they perform. Since the processes of recursion and + caching are intimately connected, the terms + <span class="emphasis"><em>recursive server</em></span> and + <span class="emphasis"><em>caching server</em></span> are often used synonymously. + </p> +<p> + The length of time for which a record may be retained in + the cache of a caching name server is controlled by the + Time To Live (TTL) field associated with each resource record. + </p> <div class="sect3" lang="en"> <div class="titlepage"><div><div><h4 class="title"> -<a name="id2570674"></a>Forwarding</h4></div></div></div> -<p>Even a caching name server does not necessarily perform -the complete recursive lookup itself. Instead, it can -<span class="emphasis"><em>forward</em></span> some or all of the queries -that it cannot satisfy from its cache to another caching name server, -commonly referred to as a <span class="emphasis"><em>forwarder</em></span>. -</p> -<p>There may be one or more forwarders, -and they are queried in turn until the list is exhausted or an answer -is found. Forwarders are typically used when you do not -wish all the servers at a given site to interact directly with the rest of -the Internet servers. A typical scenario would involve a number -of internal <acronym class="acronym">DNS</acronym> servers and an Internet firewall. Servers unable -to pass packets through the firewall would forward to the server -that can do it, and that server would query the Internet <acronym class="acronym">DNS</acronym> servers -on the internal server's behalf. An added benefit of using the forwarding -feature is that the central machine develops a much more complete -cache of information that all the clients can take advantage -of.</p> +<a name="id2567561"></a>Forwarding</h4></div></div></div> +<p> + Even a caching name server does not necessarily perform + the complete recursive lookup itself. Instead, it can + <span class="emphasis"><em>forward</em></span> some or all of the queries + that it cannot satisfy from its cache to another caching name + server, + commonly referred to as a <span class="emphasis"><em>forwarder</em></span>. + </p> +<p> + There may be one or more forwarders, + and they are queried in turn until the list is exhausted or an + answer + is found. Forwarders are typically used when you do not + wish all the servers at a given site to interact directly with the + rest of + the Internet servers. A typical scenario would involve a number + of internal <acronym class="acronym">DNS</acronym> servers and an + Internet firewall. Servers unable + to pass packets through the firewall would forward to the server + that can do it, and that server would query the Internet <acronym class="acronym">DNS</acronym> servers + on the internal server's behalf. + </p> </div> </div> <div class="sect2" lang="en"> <div class="titlepage"><div><div><h3 class="title"> -<a name="id2570699"></a>Name Servers in Multiple Roles</h3></div></div></div> -<p>The <acronym class="acronym">BIND</acronym> name server can simultaneously act as -a master for some zones, a slave for other zones, and as a caching -(recursive) server for a set of local clients.</p> -<p>However, since the functions of authoritative name service -and caching/recursive name service are logically separate, it is -often advantageous to run them on separate server machines. +<a name="id2567588"></a>Name Servers in Multiple Roles</h3></div></div></div> +<p> + The <acronym class="acronym">BIND</acronym> name server can + simultaneously act as + a master for some zones, a slave for other zones, and as a caching + (recursive) server for a set of local clients. + </p> +<p> + However, since the functions of authoritative name service + and caching/recursive name service are logically separate, it is + often advantageous to run them on separate server machines. -A server that only provides authoritative name service -(an <span class="emphasis"><em>authoritative-only</em></span> server) can run with -recursion disabled, improving reliability and security. + A server that only provides authoritative name service + (an <span class="emphasis"><em>authoritative-only</em></span> server) can run with + recursion disabled, improving reliability and security. -A server that is not authoritative for any zones and only provides -recursive service to local -clients (a <span class="emphasis"><em>caching-only</em></span> server) -does not need to be reachable from the Internet at large and can -be placed inside a firewall.</p> + A server that is not authoritative for any zones and only provides + recursive service to local + clients (a <span class="emphasis"><em>caching-only</em></span> server) + does not need to be reachable from the Internet at large and can + be placed inside a firewall. + </p> </div> </div> </div> diff --git a/usr.sbin/bind/doc/arm/Bv9ARM.ch02.html b/usr.sbin/bind/doc/arm/Bv9ARM.ch02.html index 2045cbf4e05..3df4df6a8a1 100644 --- a/usr.sbin/bind/doc/arm/Bv9ARM.ch02.html +++ b/usr.sbin/bind/doc/arm/Bv9ARM.ch02.html @@ -1,5 +1,5 @@ <!-- - - Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000-2003 Internet Software Consortium. - - Permission to use, copy, modify, and distribute this software for any @@ -14,15 +14,15 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: Bv9ARM.ch02.html,v 1.10.2.1.8.12 2006/06/29 13:02:31 marka Exp $ --> +<!-- $ISC: Bv9ARM.ch02.html,v 1.13.18.21 2007/10/31 01:35:57 marka Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>Chapter 2. BIND Resource Requirements</title> -<meta name="generator" content="DocBook XSL Stylesheets V1.70.1"> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> <link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> <link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> -<link rel="prev" href="Bv9ARM.ch01.html" title="Chapter 1. Introduction "> +<link rel="prev" href="Bv9ARM.ch01.html" title="Chapter 1. Introduction"> <link rel="next" href="Bv9ARM.ch03.html" title="Chapter 3. Name Server Configuration"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> @@ -45,68 +45,96 @@ <div class="toc"> <p><b>Table of Contents</b></p> <dl> -<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2570868">Hardware requirements</a></span></dt> -<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2570892">CPU Requirements</a></span></dt> -<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2570903">Memory Requirements</a></span></dt> -<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2570918">Name Server Intensive Environment Issues</a></span></dt> -<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2570995">Supported Operating Systems</a></span></dt> +<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567622">Hardware requirements</a></span></dt> +<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567649">CPU Requirements</a></span></dt> +<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567661">Memory Requirements</a></span></dt> +<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567688">Name Server Intensive Environment Issues</a></span></dt> +<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567699">Supported Operating Systems</a></span></dt> </dl> </div> <div class="sect1" lang="en"> <div class="titlepage"><div><div><h2 class="title" style="clear: both"> -<a name="id2570868"></a>Hardware requirements</h2></div></div></div> -<p><acronym class="acronym">DNS</acronym> hardware requirements have traditionally been quite modest. -For many installations, servers that have been pensioned off from -active duty have performed admirably as <acronym class="acronym">DNS</acronym> servers.</p> -<p>The DNSSEC and IPv6 features of <acronym class="acronym">BIND</acronym> 9 may prove to be quite -CPU intensive however, so organizations that make heavy use of these -features may wish to consider larger systems for these applications. -<acronym class="acronym">BIND</acronym> 9 is fully multithreaded, allowing full utilization of -multiprocessor systems for installations that need it.</p> +<a name="id2567622"></a>Hardware requirements</h2></div></div></div> +<p> + <acronym class="acronym">DNS</acronym> hardware requirements have + traditionally been quite modest. + For many installations, servers that have been pensioned off from + active duty have performed admirably as <acronym class="acronym">DNS</acronym> servers. + </p> +<p> + The DNSSEC features of <acronym class="acronym">BIND</acronym> 9 + may prove to be quite + CPU intensive however, so organizations that make heavy use of these + features may wish to consider larger systems for these applications. + <acronym class="acronym">BIND</acronym> 9 is fully multithreaded, allowing + full utilization of + multiprocessor systems for installations that need it. + </p> </div> <div class="sect1" lang="en"> <div class="titlepage"><div><div><h2 class="title" style="clear: both"> -<a name="id2570892"></a>CPU Requirements</h2></div></div></div> -<p>CPU requirements for <acronym class="acronym">BIND</acronym> 9 range from i486-class machines -for serving of static zones without caching, to enterprise-class -machines if you intend to process many dynamic updates and DNSSEC -signed zones, serving many thousands of queries per second.</p> +<a name="id2567649"></a>CPU Requirements</h2></div></div></div> +<p> + CPU requirements for <acronym class="acronym">BIND</acronym> 9 range from + i486-class machines + for serving of static zones without caching, to enterprise-class + machines if you intend to process many dynamic updates and DNSSEC + signed zones, serving many thousands of queries per second. + </p> </div> <div class="sect1" lang="en"> <div class="titlepage"><div><div><h2 class="title" style="clear: both"> -<a name="id2570903"></a>Memory Requirements</h2></div></div></div> -<p>The memory of the server has to be large enough to fit the -cache and zones loaded off disk. The <span><strong class="command">max-cache-size</strong></span> -option can be used to limit the amount of memory used by the cache, -at the expense of reducing cache hit rates and causing more <acronym class="acronym">DNS</acronym> -traffic. It is still good practice to have enough memory to load -all zone and cache data into memory — unfortunately, the best way -to determine this for a given installation is to watch the name server -in operation. After a few weeks the server process should reach -a relatively stable size where entries are expiring from the cache as -fast as they are being inserted.</p> +<a name="id2567661"></a>Memory Requirements</h2></div></div></div> +<p> + The memory of the server has to be large enough to fit the + cache and zones loaded off disk. The <span><strong class="command">max-cache-size</strong></span> + option can be used to limit the amount of memory used by the cache, + at the expense of reducing cache hit rates and causing more <acronym class="acronym">DNS</acronym> + traffic. + Additionally, if additional section caching + (<a href="Bv9ARM.ch06.html#acache" title="Additional Section Caching">the section called “Additional Section Caching”</a>) is enabled, + the <span><strong class="command">max-acache-size</strong></span> option can be used to + limit the amount + of memory used by the mechanism. + It is still good practice to have enough memory to load + all zone and cache data into memory — unfortunately, the best + way + to determine this for a given installation is to watch the name server + in operation. After a few weeks the server process should reach + a relatively stable size where entries are expiring from the cache as + fast as they are being inserted. + </p> </div> <div class="sect1" lang="en"> <div class="titlepage"><div><div><h2 class="title" style="clear: both"> -<a name="id2570918"></a>Name Server Intensive Environment Issues</h2></div></div></div> -<p>For name server intensive environments, there are two alternative -configurations that may be used. The first is where clients and -any second-level internal name servers query a main name server, which -has enough memory to build a large cache. This approach minimizes -the bandwidth used by external name lookups. The second alternative -is to set up second-level internal name servers to make queries independently. -In this configuration, none of the individual machines needs to -have as much memory or CPU power as in the first alternative, but -this has the disadvantage of making many more external queries, -as none of the name servers share their cached data.</p> +<a name="id2567688"></a>Name Server Intensive Environment Issues</h2></div></div></div> +<p> + For name server intensive environments, there are two alternative + configurations that may be used. The first is where clients and + any second-level internal name servers query a main name server, which + has enough memory to build a large cache. This approach minimizes + the bandwidth used by external name lookups. The second alternative + is to set up second-level internal name servers to make queries + independently. + In this configuration, none of the individual machines needs to + have as much memory or CPU power as in the first alternative, but + this has the disadvantage of making many more external queries, + as none of the name servers share their cached data. + </p> </div> <div class="sect1" lang="en"> <div class="titlepage"><div><div><h2 class="title" style="clear: both"> -<a name="id2570995"></a>Supported Operating Systems</h2></div></div></div> -<p>ISC <acronym class="acronym">BIND</acronym> 9 compiles and runs on a large number -of Unix-like operating system and on Windows NT / 2000. For an up-to-date -list of supported systems, see the README file in the top level directory -of the BIND 9 source distribution.</p> +<a name="id2567699"></a>Supported Operating Systems</h2></div></div></div> +<p> + ISC <acronym class="acronym">BIND</acronym> 9 compiles and runs on a large + number + of Unix-like operating system and on NT-derived versions of + Microsoft Windows such as Windows 2000 and Windows XP. For an + up-to-date + list of supported systems, see the README file in the top level + directory + of the BIND 9 source distribution. + </p> </div> </div> <div class="navfooter"> @@ -120,7 +148,7 @@ of the BIND 9 source distribution.</p> </td> </tr> <tr> -<td width="40%" align="left" valign="top">Chapter 1. Introduction </td> +<td width="40%" align="left" valign="top">Chapter 1. Introduction </td> <td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td> <td width="40%" align="right" valign="top"> Chapter 3. Name Server Configuration</td> </tr> diff --git a/usr.sbin/bind/doc/arm/Bv9ARM.ch10.html b/usr.sbin/bind/doc/arm/Bv9ARM.ch10.html new file mode 100644 index 00000000000..badc692a2ff --- /dev/null +++ b/usr.sbin/bind/doc/arm/Bv9ARM.ch10.html @@ -0,0 +1,102 @@ +<!-- + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2000-2003 Internet Software Consortium. + - + - Permission to use, copy, modify, and distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> +<!-- $ISC: Bv9ARM.ch10.html,v 1.2.2.6 2007/01/30 00:23:46 marka Exp $ --> +<html> +<head> +<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> +<title>Manual pages</title> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> +<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> +<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> +<link rel="prev" href="Bv9ARM.ch09.html" title="Appendix A. Appendices"> +<link rel="next" href="man.dig.html" title="dig"> +</head> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<div class="navheader"> +<table width="100%" summary="Navigation header"> +<tr><th colspan="3" align="center">Manual pages</th></tr> +<tr> +<td width="20%" align="left"> +<a accesskey="p" href="Bv9ARM.ch09.html">Prev</a> </td> +<th width="60%" align="center"> </th> +<td width="20%" align="right"> <a accesskey="n" href="man.dig.html">Next</a> +</td> +</tr> +</table> +<hr> +</div> +<div class="reference" lang="en"> +<div class="titlepage"> +<div><div><h1 class="title"> +<a name="Bv9ARM.ch10"></a>Manual pages</h1></div></div> +<hr> +</div> +<div class="toc"> +<p><b>Table of Contents</b></p> +<dl> +<dt> +<span class="refentrytitle"><a href="man.dig.html">dig</a></span><span class="refpurpose"> — DNS lookup utility</span> +</dt> +<dt> +<span class="refentrytitle"><a href="man.host.html">host</a></span><span class="refpurpose"> — DNS lookup utility</span> +</dt> +<dt> +<span class="refentrytitle"><a href="man.dnssec-keygen.html"><span class="application">dnssec-keygen</span></a></span><span class="refpurpose"> — DNSSEC key generation tool</span> +</dt> +<dt> +<span class="refentrytitle"><a href="man.dnssec-signzone.html"><span class="application">dnssec-signzone</span></a></span><span class="refpurpose"> — DNSSEC zone signing tool</span> +</dt> +<dt> +<span class="refentrytitle"><a href="man.named-checkconf.html"><span class="application">named-checkconf</span></a></span><span class="refpurpose"> — named configuration file syntax checking tool</span> +</dt> +<dt> +<span class="refentrytitle"><a href="man.named-checkzone.html"><span class="application">named-checkzone</span></a></span><span class="refpurpose"> — zone file validity checking or converting tool</span> +</dt> +<dt> +<span class="refentrytitle"><a href="man.named.html"><span class="application">named</span></a></span><span class="refpurpose"> — Internet domain name server</span> +</dt> +<dt> +<span class="refentrytitle"><a href="man.rndc.html"><span class="application">rndc</span></a></span><span class="refpurpose"> — name server control utility</span> +</dt> +<dt> +<span class="refentrytitle"><a href="man.rndc.conf.html"><code class="filename">rndc.conf</code></a></span><span class="refpurpose"> — rndc configuration file</span> +</dt> +<dt> +<span class="refentrytitle"><a href="man.rndc-confgen.html"><span class="application">rndc-confgen</span></a></span><span class="refpurpose"> — rndc key generation tool</span> +</dt> +</dl> +</div> +</div> +<div class="navfooter"> +<hr> +<table width="100%" summary="Navigation footer"> +<tr> +<td width="40%" align="left"> +<a accesskey="p" href="Bv9ARM.ch09.html">Prev</a> </td> +<td width="20%" align="center"> </td> +<td width="40%" align="right"> <a accesskey="n" href="man.dig.html">Next</a> +</td> +</tr> +<tr> +<td width="40%" align="left" valign="top">Appendix A. Appendices </td> +<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td> +<td width="40%" align="right" valign="top"> dig</td> +</tr> +</table> +</div> +</body> +</html> diff --git a/usr.sbin/bind/doc/arm/Makefile.in b/usr.sbin/bind/doc/arm/Makefile.in index 066d77f84a4..abd32aeacdb 100644 --- a/usr.sbin/bind/doc/arm/Makefile.in +++ b/usr.sbin/bind/doc/arm/Makefile.in @@ -1,7 +1,7 @@ -# Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2001, 2002 Internet Software Consortium. # -# Permission to use, copy, modify, and distribute this software for any +# Permission to use, copy, modify, and/or distribute this software for any # purpose with or without fee is hereby granted, provided that the above # copyright notice and this permission notice appear in all copies. # @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.8.2.2.8.5 2005/05/13 01:22:35 marka Exp $ +# $ISC: Makefile.in,v 1.12.18.8 2007/08/28 07:20:03 tbox Exp $ srcdir = @srcdir@ VPATH = @srcdir@ @@ -21,43 +21,47 @@ top_srcdir = @top_srcdir@ @BIND9_MAKE_RULES@ +@BIND9_VERSION@ + MANOBJS = Bv9ARM.html PDFOBJS = Bv9ARM.pdf -distclean:: - rm -f validate.sh - rm -f nominum-docbook-html.dsl nominum-docbook-print.dsl - rm -f HTML.index HTML.manifest - doc man:: ${MANOBJS} ${PDFOBJS} clean:: - rm -f Bv9ARM.aux Bv9ARM.brf Bv9ARM.glo Bv9ARM.idx + rm -f Bv9ARM.aux Bv9ARM.brf Bv9ARM.glo Bv9ARM.idx Bv9ARM.toc rm -f Bv9ARM.log Bv9ARM.out Bv9ARM.tex Bv9ARM.tex.tmp docclean manclean maintainer-clean:: clean - rm -f *.html *.pdf + rm -f *.html ${PDFOBJS} -Bv9ARM.html: Bv9ARM-book.xml +docclean manclean maintainer-clean distclean:: + rm -f releaseinfo.xml + +Bv9ARM.html: Bv9ARM-book.xml releaseinfo.xml + expand Bv9ARM-book.xml | \ ${XSLTPROC} --stringparam root.filename Bv9ARM \ - ${top_srcdir}/doc/xsl/isc-docbook-chunk.xsl \ - Bv9ARM-book.xml + ${top_srcdir}/doc/xsl/isc-docbook-chunk.xsl - -Bv9ARM.tex: Bv9ARM-book.xml - ${XSLTPROC} ${top_srcdir}/doc/xsl/pre-latex.xsl Bv9ARM-book.xml | \ +Bv9ARM.tex: Bv9ARM-book.xml releaseinfo.xml + expand Bv9ARM-book.xml | \ + ${XSLTPROC} ${top_srcdir}/doc/xsl/pre-latex.xsl - | \ ${XSLTPROC} ${top_srcdir}/doc/xsl/isc-docbook-latex.xsl - | \ @PERL@ latex-fixup.pl >$@.tmp if test -s $@.tmp; then mv $@.tmp $@; else rm -f $@.tmp; exit 1; fi -Bv9ARM.dvi: Bv9ARM.tex +Bv9ARM.dvi: Bv9ARM.tex releaseinfo.xml rm -f Bv9ARM-book.aux Bv9ARM-book.dvi Bv9ARM-book.log - ${LATEX} '\batchmode\input Bv9ARM.tex' || rm -f $@ - ${LATEX} '\batchmode\input Bv9ARM.tex' || rm -f $@ - ${LATEX} '\batchmode\input Bv9ARM.tex' || rm -f $@ + ${LATEX} '\batchmode\input Bv9ARM.tex' || (rm -f $@ ; exit 1) + ${LATEX} '\batchmode\input Bv9ARM.tex' || (rm -f $@ ; exit 1) + ${LATEX} '\batchmode\input Bv9ARM.tex' || (rm -f $@ ; exit 1) -Bv9ARM.pdf: Bv9ARM.tex +Bv9ARM.pdf: Bv9ARM.tex releaseinfo.xml rm -f Bv9ARM-book.aux Bv9ARM-book.pdf Bv9ARM-book.log - ${PDFLATEX} '\batchmode\input Bv9ARM.tex' || rm -f $@ - ${PDFLATEX} '\batchmode\input Bv9ARM.tex' || rm -f $@ - ${PDFLATEX} '\batchmode\input Bv9ARM.tex' || rm -f $@ + ${PDFLATEX} '\batchmode\input Bv9ARM.tex' || (rm -f $@ ; exit 1) + ${PDFLATEX} '\batchmode\input Bv9ARM.tex' || (rm -f $@ ; exit 1) + ${PDFLATEX} '\batchmode\input Bv9ARM.tex' || (rm -f $@ ; exit 1) + +releaseinfo.xml: + echo >$@ '<releaseinfo>BIND Version ${VERSION}</releaseinfo>' diff --git a/usr.sbin/bind/doc/arm/README-SGML b/usr.sbin/bind/doc/arm/README-SGML index 02f9dc23834..0f38334b178 100644 --- a/usr.sbin/bind/doc/arm/README-SGML +++ b/usr.sbin/bind/doc/arm/README-SGML @@ -4,7 +4,7 @@ See COPYRIGHT in the source root or http://isc.org/copyright.html for terms. The BIND v9 ARM master document is now kept in DocBook XML format. -Version: $ISC: README-SGML,v 1.16.206.1 2004/03/06 13:16:14 marka Exp $ +Version: $ISC: README-SGML,v 1.17 2004/03/05 05:04:43 marka Exp $ The entire ARM is in the single file: diff --git a/usr.sbin/bind/doc/arm/isc-logo.eps b/usr.sbin/bind/doc/arm/isc-logo.eps new file mode 100644 index 00000000000..c6a1d7a5af3 --- /dev/null +++ b/usr.sbin/bind/doc/arm/isc-logo.eps @@ -0,0 +1,12253 @@ +%!PS-Adobe-3.1 EPSF-3.0 +%%Title: Alternate-ISC-logo-v2.ai +%%Creator: Adobe Illustrator(R) 11 +%%AI8_CreatorVersion: 11.0.0 +%AI9_PrintingDataBegin +%%For: Douglas E. Appelt +%%CreationDate: 10/22/04 +%%BoundingBox: 0 0 255 149 +%%HiResBoundingBox: 0 0 254.8672 148.7520 +%%CropBox: 0 0 254.8672 148.7520 +%%LanguageLevel: 2 +%%DocumentData: Clean7Bit +%%Pages: 1 +%%DocumentNeededResources: +%%DocumentSuppliedResources: procset Adobe_AGM_Image (1.0 0) +%%+ procset Adobe_CoolType_Utility_T42 (1.0 0) +%%+ procset Adobe_CoolType_Utility_MAKEOCF (1.19 0) +%%+ procset Adobe_CoolType_Core (2.23 0) +%%+ procset Adobe_AGM_Core (2.0 0) +%%+ procset Adobe_AGM_Utils (1.0 0) +%%DocumentFonts: +%%DocumentNeededFonts: +%%DocumentNeededFeatures: +%%DocumentSuppliedFeatures: +%%DocumentProcessColors: Cyan Magenta Yellow Black +%%DocumentCustomColors: (PANTONE 1805 C) +%%+ (PANTONE 871 C) +%%+ (PANTONE 301 C) +%%+ (PANTONE 7506 C) +%%CMYKCustomColor: 0 0.9100 1 0.2300 (PANTONE 1805 C) +%%+ 0.3569 0.3608 0.6353 0.1882 (PANTONE 871 C) +%%+ 1 0.4500 0 0.1800 (PANTONE 301 C) +%%+ 0 0.0500 0.1500 0 (PANTONE 7506 C) +%%RGBCustomColor: +%ADO_ContainsXMP: MainFirst +%AI7_Thumbnail: 128 76 8 +%%BeginData: 10692 Hex Bytes +%0000330000660000990000CC0033000033330033660033990033CC0033FF +%0066000066330066660066990066CC0066FF009900009933009966009999 +%0099CC0099FF00CC0000CC3300CC6600CC9900CCCC00CCFF00FF3300FF66 +%00FF9900FFCC3300003300333300663300993300CC3300FF333300333333 +%3333663333993333CC3333FF3366003366333366663366993366CC3366FF +%3399003399333399663399993399CC3399FF33CC0033CC3333CC6633CC99 +%33CCCC33CCFF33FF0033FF3333FF6633FF9933FFCC33FFFF660000660033 +%6600666600996600CC6600FF6633006633336633666633996633CC6633FF +%6666006666336666666666996666CC6666FF669900669933669966669999 +%6699CC6699FF66CC0066CC3366CC6666CC9966CCCC66CCFF66FF0066FF33 +%66FF6666FF9966FFCC66FFFF9900009900339900669900999900CC9900FF +%9933009933339933669933999933CC9933FF996600996633996666996699 +%9966CC9966FF9999009999339999669999999999CC9999FF99CC0099CC33 +%99CC6699CC9999CCCC99CCFF99FF0099FF3399FF6699FF9999FFCC99FFFF +%CC0000CC0033CC0066CC0099CC00CCCC00FFCC3300CC3333CC3366CC3399 +%CC33CCCC33FFCC6600CC6633CC6666CC6699CC66CCCC66FFCC9900CC9933 +%CC9966CC9999CC99CCCC99FFCCCC00CCCC33CCCC66CCCC99CCCCCCCCCCFF +%CCFF00CCFF33CCFF66CCFF99CCFFCCCCFFFFFF0033FF0066FF0099FF00CC +%FF3300FF3333FF3366FF3399FF33CCFF33FFFF6600FF6633FF6666FF6699 +%FF66CCFF66FFFF9900FF9933FF9966FF9999FF99CCFF99FFFFCC00FFCC33 +%FFCC66FFCC99FFCCCCFFCCFFFFFF33FFFF66FFFF99FFFFCC110000001100 +%000011111111220000002200000022222222440000004400000044444444 +%550000005500000055555555770000007700000077777777880000008800 +%000088888888AA000000AA000000AAAAAAAABB000000BB000000BBBBBBBB +%DD000000DD000000DDDDDDDDEE000000EE000000EEEEEEEE0000000000FF +%00FF0000FFFFFF0000FF00FFFFFF00FFFFFF +%524C45FD1CF852FD63FFF820272726272727264B27272627272726272727 +%26272727264B20F827FD63FFF827FFFFFFCFFF84365AFFFFFFCFFFFFFFCF +%FFFFFFCFFD04FFCAF852FD63FFF827CFCFCACFCA2F0607A8CFCACFCACFCA +%CFCACFCACFCACFCACF7CF827FD63FFF800FFCFFFA8A8070D06A8CFFFCFFF +%CFFFCFFFCFFFCFFFCFFFCFA7F852FD63FFF800077E2F0D060D060706537D +%CF7D2FA8CFCACFCACFCACFCAFF7CF827FD63FFF8000D062F070D062F070D +%062F2F0D062FCACFCFFFCFCFCFFFCFA1F852FD63FFF8050707062E517651 +%522807060706072ECFCACFCACFCACFCAFF7CF827FD63FFF8002F067C757B +%757C757B512F072F2FFFCFCFCFFFCFFFCFFFCFA1F852FD63FFF805075251 +%75517551755175512F062FCACFCACFCACFCACFCAFF7CF827FD63FFF8F859 +%75765176757C517C757B2E2F07A8CFFFCFCFCFFFCFCFCFA1F852FD63FFF8 +%00517551757CCFCAA751755175060753CFCACFCACFCACFCACF7CF827FD63 +%FFF8F87C75757CFFCFFFCFA7517C752F072F59A8CFCFCFFFCFFFCFA7F852 +%FD04FFA87D527DA8FD5AFFF827757551A1CFCFCAFFA0755175280D060706 +%A8CFCFCACFCAFF7CF827FD05FF27F827FD5BFFF8F87C51767CFFCFFFCFA0 +%517C752F062F060D84FFCFFFCFFFCFA1F852FD05FF7DF87DFD5BFFF80552 +%7551757CC9A7A05175517606072F7E7DCFCACFC9CFCAFF6FF827FD05FF52 +%F852FD27FFA8FD33FFF80059757C7575517C517C517C2E2F06CFCFFFCFCF +%9293CAFFCF6FF852FD05FF7DF87DFD04FFA8FD05FF7D7DA8FF527D7D7D52 +%7D52A8FFA8527D527DA8FF7D7D527D52FD05FFA8FD05FFA87D7DFFFFA852 +%7D527DA8FF527D7D7D527D52A8FD19FFF805075275755175517551752D0D +%0653CFFFCFFFA78C6899939344F827FD05FF52F852FFFFFFA8F87DFD04FF +%7D27FFA87D7DA8F827A87D7DFFA8F827A8527DFFA8F852A827F8A8FFFFFF +%7DF8FD05FF2752FFFFA8F827A8527DA87D7DA8F827A87D7DFD19FFF8F82F +%0752517C757B757C2E0D062FA8C999CFCFC28C928C8C8C6EF852FD05FF7D +%F87DFD04FFF8F87DFFFFFF7D52FD05FFF852FD05FFF87DFD05FFF852FFFF +%F852FFFFFF7DF8F8FD04FF7D52FFFFFFF87DFD07FFF852FD1CFFF8000607 +%062F2852282E060D0607067D928C9293688C6892688C44F827FD05FF52F8 +%52FFFFFFA85252F852FFFF7D27FD05FFF87DFD04FFA8F852FD05FFF852FF +%FFF8A8FFFFFF7D5227F8A8FFFF527DFFFFA8F852FD07FFF87DFD1CFFF800 +%852F2F062F070D062F072F062F0D9A8C928C928C928C928C6EF852FD05FF +%7DF87DFD04FF27FF52F852FF7D52FD05FFF852FD05FFF82752527DFFFFF8 +%52FF527DFD04FF527DFF27F8A8FF7D7DFFFFFFF82752527DFD04FFF852FD +%1CFFF827CFCF7D2F060D062F2F7EA82F062F938C68928C8C68926E994AF8 +%27FD05FF52F852FFFFFFA827FFFF52F852A852FD05FFF87DFD04FFA8F852 +%FF7DA8FFFFF82752F8A8FD04FF7D52FFA827F8A87D7DFFFFA8F852FF7DA8 +%FD04FFF87DFD1CFFF827FFCFFFA80D062FA8CFCFCA927693928C928C9292 +%75517C7B51F852FD05FF7DF87DFFFFFFA827FFFFFF52F8F87DFD05FFF852 +%FD05FFF87DFD05FFF852FF52F8A8FFFFFF5252FFFFFF27F8277DFFFFFFF8 +%7DFD07FFF852FD1CFFF827CFCFCACF06062ECFCAFF928C688C6892688C6E +%765175517C26F827FD05FF52F852FFFFFFA827FD04FF52F852FD05FFF852 +%FD04FFA8F852FFFFA8A8FFF87DFFFFF8F8A8FFFF5227FD04FF27F8A8FFFF +%A8F852FFFFA8A8FFFFFFF852FD1CFFF827FFCFFFCF7E53A8CFFFCFC99292 +%8C928C92757C757C517C7551F852FD04FFA852F852A8FFFFA8F8A8FD04FF +%527DFD04FF7DF827FD04FFA8F827525252FF7DF827FFFFFF2727A8FF5227 +%A8FD04FF52A8FFFFA8F827525252FFFFFF7DF827FD1CFFF827CFCFCACFCF +%CFCAFD04CF93688C688C6F7651755175517C4BF827FD05FFA8FFA8FFFFFF +%A8FFA8FD0BFFA8FFA8FFFFFFA8FFA8A8A8FFFFFFA8FFA8FFFFFFA8FFA8FF +%A8FD09FFA8FFA8A8A8FD05FFA8FFA8FD1BFFF827FFCFCFCFFFCFCFCFFFCF +%C38C928C8C6E7C7576517C75767551F852FD63FFF827CFCFCACFCACFCACF +%92928C8C688C6875517551755175517526F827FD63FFF827FFCFFFCFFFCF +%FFCA938C928C928C99517C757C517C757C7551F852FD63FFF827CFCFCACF +%CACFCACFA093688C6892757551755175517551754BF827FD63FFF827FFCF +%FFCFCFCFFFCFFF998C8C926E7C7576517C7576517CA7A1F852FD06FFA87D +%527DA8FD58FFF827CFCFCACFCACFCAFFCF996892686F5175517551755175 +%7CFF7CF827FD05FF7D2752A82727A8FD57FFF827FFCFFFCFFFCFFFC2BB8C +%928C8C6E7C757C517C757C51CFFFA1F852FD05FF2752FFFFFF52FD58FFF8 +%27CFCFCACFCACFCF99688C68928C6F5175517551755175CAFF7CF827FD04 +%FFA8F852FD5CFFF827FFCFCFCFFFCFFFA0998C928C926E7C517C7576517C +%51CACFA1F852FD04FFA827F87DFFFFFFA8527DFD04FF527DFFFFA87D52A8 +%FF7D527D527D527D7DFF7D7D527D527DFFFFFFA8FD06FFA8FD04FFA87D7D +%7DFD26FFF827CFCFCACFCACFCACFCF99688C6893517551755175517575FF +%7CF827FD05FF52F8F852FFFFFF52F8A8FFFF7D27A8FF5252A8A852A852A8 +%7DF827A87D7DFFA8F852A87D52FFFFFFF8A8FD04FF5227FFFFFF7D27A8A8 +%52A8FD25FFF827FFCFFFCFFFCFFFCFFFA08C8C92927C517C757C517C7575 +%7C7CF852FD06FF52F8F852FFFFFF27F8FFFF52A8FFFFF87DFD07FFF87DFD +%05FFF852FD06FFF827FD04FF2727FFFFFF2752FD29FFF827CFCFCACFCACF +%CACFA799688C68927575517551755175517526F84BFD07FF52F8F87DFFFF +%A8F87D7D52FFFFFFF8F87DFD05FFA8F852FD05FFF87DFD05FFA8F8F8A8FF +%FF7DF8F8A8FFFF52F852A8FD27FFF827FFCFFFCFCFCFFFCF9368928C928C +%995176517C7576517C7551F852FD08FF7DF8F8FFFFFF52F827FD05FFF8F8 +%27FD05FFF87DFD05FFF8277D527DFFFF7D52F852FFFF277DF8A8FFFFFF52 +%F8F87DFD26FFF827CFCFCACFCACFCAFF938C688C688C6875517551755175 +%517C26F827FD09FF27F8A8FFFFFFF852FD06FF52F827FFFFFFA8F852FD05 +%FFF852A8A87DFFFF527D7DF8FF7D52A8F87DFD04FF7DF8F8A8FD25FFF827 +%FFCFFFCFFFCFFFCFCFCFC98C928C92927C517C757C517C7551F852FD04FF +%7DFD04FF7DF8FD04FFF852FD07FF7DF8A8FFFFFFF87DFD05FFF852FD05FF +%52A8FF272752A8FFF87DFD06FFF8A8FD25FFF827CFCFCACFCACFCAFD04CF +%99688C688C6E7651755175517C4BF827FD04FF5227FFFFA8F852FD04FFF8 +%7DFFFFFF7D7DFFFF7D27FD04FFF852FD05FFF852FFFFA8FFFF27A8FF7DF8 +%52FFFFF852FFA852FFFF7D27A8FD25FFF827FFCFCFCFFFCFCFCFFFCFCF92 +%928C928C926E7C517C75767551F852FD04FF7D272752277DFD04FF7DF827 +%FFFFFF7D27525227FD04FFA8F852A8FFFFFF7D2727525252FFA8F8A8FFFF +%52FFFFFF2727A8FF275252527DFD26FFF827CFCFCACFCACFCACFCAFF998C +%688C688C688C68755176517526F827FD07FFA8FD07FFA8FFA8FFFFFFA8A8 +%A8FD05FFA8FFA8FD05FFA8FFA8A8A8FFA8FFA8FD07FFA8FFFFFFA8A8FD28 +%FFF827FFCFFFCFFFCFFFCFFFCFCF92C29A928C928C928C99757C7551F852 +%FD63FFF827CFCFCACFCACFCACFCAFD04CFFF998C68928C8C6892689344F8 +%27FD63FFF827FFCFFFCFCFCFFFCFCFCFFFCFCFCFC98C928C928C928C928C +%68F852FD63FFF827CFCFCACFCACFCAA8537ECACFCAFF938C6899688C688C +%689244F827FD63FFF827FFCFFFCFFFCFA8072F07FFCFFFCFCF992F0D5992 +%928C928C68F852FD08FF7D7D527D52A8A8FD54FFF827CFCFCACFCACFA70D +%060753A87DA8CA5A0607069368929AC244F827FD06FF7DF8527D7D7D52F8 +%27FD54FFF827FFCFCFCFFFCFCF2F2F070D062F072F062F07539993C2FFFF +%76F852FD05FF7DF87DFD06FF27FD54FFF827CFCFCACFCACF7D0D060D0607 +%060D0607060753FFCACFCAFF76F827FD04FFA8F827FD07FFA8A8FD15FFA8 +%FD3DFFF827FFCFFFCFFF592F062F072F2852282F072F072F7DFFCFFFCFA7 +%F852FD04FF52F87DFD0CFFA87D7D7DFD05FFA8FD05FF7D7DA8FFFFA87D7D +%7DFFFFFFA87D527D7DFD04FFA8527D527DA8FFFF7D527D527D527D7DFF7D +%7D7DFFFFA8527DA8FFFFA8527DFFFFFFA8FD06FFA8FFFFF827CF5959CA53 +%07060D066F688C6892684B060D06077DCFCFCF7CF827FD04FF27F8A8FD0A +%FFA82752A87D52F852FFFFA8F87DFD04FF7D27FFFF7D27A87D52FFFF5227 +%7DA87D27F8A8FFFFA8F827A827F8A8A852A87DF827A87D7DFFA8F852FFFF +%A8F827FD04FF2727FFFFFFF8A8FD04FF5227FFFFF827A9062F070D062F28 +%928C928C928C928C92282F072F847E5953F852FD04FFF8F8A8FD0AFF2752 +%FD04FF7DF87DFFFFF8F852FFFFFF7D52FFFFF8A8FFFFA8FF7DF8A8FD04FF +%27F8FFFFFFF87DFFFFF87DFD04FFF87DFD05FFF852FFFFFFF87DFD04FF27 +%52FFFFFFF827FD04FF2727FFFFF8272F07060D060D278C688C68928C8C68 +%8C688C060D0607060D06F827FFFFFFA827F87DFD09FF7DF8FD06FF27F8FF +%A85252F852FFFF7D27FFFF27F87DFFFFFF2727FD05FF7DF852FFA8F852FF +%A8F87DFFFFFFA8F852FD05FFF852FFFFA8F852FD04FF5252FFFFA8F8F8A8 +%FFFF7DF827A8FFF827FF2F2F070D06938C928CBCC9CFC9BB8C928C6F070D +%062F0706F852FD04FF27F852FD09FF52F8FD06FF52F8FFFF27FF52F852FF +%7D52FFFFA827F827A8FFF852FD06FFF852FFFFF852FF7D7DFD05FFF87DFD +%05FFF852FFFFFFF87DFD04FF2752FFFF7D52F852FFFF277DF8A8FFF827CF +%CF2F0D064C689268C2CFFFCFFFCFC2688C682E0607062F52F827FD04FF7D +%F8F8A8FD08FF52F8A8FD05FF52F8FFA827FFFF52F852A852FD04FF7DF827 +%FF2727FD05FFA8F852FFA8F82752F8A8FD04FFA8F852FD05FFF852FFFFA8 +%F852FD04FF5252FFFF7D7D7DF8FF7D52A8F87DFFF827FFCF59062F6F8C8C +%99CFFFCFFFCFFFCF938C8C4B2F0759CFA7F852FD05FF52F827FD06FF7DFF +%A8F852FD05FFF852FFA827FFFFFF52F8F87DFD05FF7DF8FF52F8A8FD04FF +%A8F8A8FFFFF87DFF52F8FD05FFF87DFD05FFF852FFFFFFF852FD04FF277D +%FFFF27A8FF272752FFFFF87DFFF827CFCF2F070693688C99FFCACFCACFCA +%FF998C686F060759CF7CF827FD05FFA852F8F87DFFFFFF5227FFFF52F87D +%FFFFFF5227A8FFA827FD04FF52F852FF527DFFFF5227FFFFF827A8FFFFFF +%2752FFFFFFF852FFFF27F8FFFFFFA8F852FD05FFF87DFFFFFF52F8A8FFFF +%7D27A8FFFF27A8FF7DF852FFFFF827FFF827FFCF53062F6E928CC2FFFFCF +%FFCFFFCFC28C926F2F077ECFA7F852FD07FFA8FD06277DFFFFFF7D27277D +%527DFFFFFF7DF8A8FD04FF527DFFA827525252A8FFFFFF5227527D52A8FF +%FFFFA8F852A8FFA82727A8FFA8F852A8FFFFFF7DF827FD04FF52277D5252 +%A8FFFFA8F8A8FFFF52FFFFFF2727A8F827CFCF2F07066F8C8C92FFCFCFCA +%CFCFCF8C8C8C4B060D59CF7CF827FD0BFFA8FD09FFA8FD05FFA8FFA8FD09 +%FFA8A8FD07FFA8A8FD05FFA8FFA8FD05FFA8FFA8FFA8FD05FFA8FFA8FD05 +%FFA8FD05FFA8FFA8FD07FFA8FFF827AF2F2F070D4B928C8CA0FFCFFFCFFF +%998C8C92280D067ECFA1F852FD63FFF8270707060D0607688C688C99C9CA +%C9938C688C680D0607065A76F827FD63FFF8275A062F070D07528C928C92 +%8C928C928C928C2F070D062F072EF852FD63FFF84B842F597E0607064C8C +%8C68928C8C688C6828060D0607060D52F827FD63FFF827FFCFCFCF7E060D +%062F6F928C928C934B2F070D0684A85A59A1F852FD63FFF827CFCFCACFCA +%590607060D06282728060D0607067ECACFCFCF7CF827FD63FFF827FFCFFF +%CFFFCF59062F070D072F070D062F2FA8CFFFCFFFCFA7F852FD63FFF827CF +%CFCACFCACF2F07060D0607060D06070653CFCFCACFCAFF7CF827FD63FFF8 +%27FFCFFFCFCFA82F070D59CFA8A8A859060D07FD04CFFFCFA1F852FD63FF +%F827CFCFCACFCFA82F0D2FCFCACFCFCFA80D060DA8CFCACFCAFF7CF827FD +%63FFF827FFCFFFCFFFCFFFA8FFCFFFCFFFCFFF7E7EA8FFCFFFCFFFFFA7F8 +%52FD63FFFD09F820FD07F820FD07F820F8F827FD63FF27F827F820F827F8 +%20F827F820F827F820F827F820F827F820F827F87CFDE2FFFF +%%EndData +%%EndComments +%%BeginDefaults +%%ViewingOrientation: 1 0 0 1 +%%EndDefaults +%%BeginProlog +%%BeginResource: procset Adobe_AGM_Utils 1.0 0 +%%Version: 1.0 0 +%%Copyright: Copyright (C) 2000-2003 Adobe Systems, Inc. All Rights Reserved. +systemdict /setpacking known +{ + currentpacking + true setpacking +} if +userdict /Adobe_AGM_Utils 68 dict dup begin put +/bdf +{ + bind def +} bind def +/nd{ + null def +}bdf +/xdf +{ + exch def +}bdf +/ldf +{ + load def +}bdf +/ddf +{ + put +}bdf +/xddf +{ + 3 -1 roll put +}bdf +/xpt +{ + exch put +}bdf +/ndf +{ + exch dup where{ + pop pop pop + }{ + xdf + }ifelse +}def +/cdndf +{ + exch dup currentdict exch known{ + pop pop + }{ + exch def + }ifelse +}def +/bdict +{ + mark +}bdf +/edict +{ + counttomark 2 idiv dup dict begin {def} repeat pop currentdict end +}def +/ps_level + /languagelevel where{ + pop systemdict /languagelevel get exec + }{ + 1 + }ifelse +def +/level2 + ps_level 2 ge +def +/level3 + ps_level 3 ge +def +/ps_version + {version cvr} stopped { + -1 + }if +def +/makereadonlyarray +{ + /packedarray where{ + pop packedarray + }{ + array astore readonly + }ifelse +}bdf +/map_reserved_ink_name +{ + dup type /stringtype eq{ + dup /Red eq{ + pop (_Red_) + }{ + dup /Green eq{ + pop (_Green_) + }{ + dup /Blue eq{ + pop (_Blue_) + }{ + dup () cvn eq{ + pop (Process) + }if + }ifelse + }ifelse + }ifelse + }if +}bdf +/AGMUTIL_GSTATE 22 dict def +/get_gstate +{ + AGMUTIL_GSTATE begin + /AGMUTIL_GSTATE_clr_spc currentcolorspace def + /AGMUTIL_GSTATE_clr_indx 0 def + /AGMUTIL_GSTATE_clr_comps 12 array def + mark currentcolor counttomark + {AGMUTIL_GSTATE_clr_comps AGMUTIL_GSTATE_clr_indx 3 -1 roll put + /AGMUTIL_GSTATE_clr_indx AGMUTIL_GSTATE_clr_indx 1 add def} repeat pop + /AGMUTIL_GSTATE_fnt rootfont def + /AGMUTIL_GSTATE_lw currentlinewidth def + /AGMUTIL_GSTATE_lc currentlinecap def + /AGMUTIL_GSTATE_lj currentlinejoin def + /AGMUTIL_GSTATE_ml currentmiterlimit def + currentdash /AGMUTIL_GSTATE_do xdf /AGMUTIL_GSTATE_da xdf + /AGMUTIL_GSTATE_sa currentstrokeadjust def + /AGMUTIL_GSTATE_clr_rnd currentcolorrendering def + /AGMUTIL_GSTATE_op currentoverprint def + /AGMUTIL_GSTATE_bg currentblackgeneration cvlit def + /AGMUTIL_GSTATE_ucr currentundercolorremoval cvlit def + currentcolortransfer cvlit /AGMUTIL_GSTATE_gy_xfer xdf cvlit /AGMUTIL_GSTATE_b_xfer xdf + cvlit /AGMUTIL_GSTATE_g_xfer xdf cvlit /AGMUTIL_GSTATE_r_xfer xdf + /AGMUTIL_GSTATE_ht currenthalftone def + /AGMUTIL_GSTATE_flt currentflat def + end +}def +/set_gstate +{ + AGMUTIL_GSTATE begin + AGMUTIL_GSTATE_clr_spc setcolorspace + AGMUTIL_GSTATE_clr_indx {AGMUTIL_GSTATE_clr_comps AGMUTIL_GSTATE_clr_indx 1 sub get + /AGMUTIL_GSTATE_clr_indx AGMUTIL_GSTATE_clr_indx 1 sub def} repeat setcolor + AGMUTIL_GSTATE_fnt setfont + AGMUTIL_GSTATE_lw setlinewidth + AGMUTIL_GSTATE_lc setlinecap + AGMUTIL_GSTATE_lj setlinejoin + AGMUTIL_GSTATE_ml setmiterlimit + AGMUTIL_GSTATE_da AGMUTIL_GSTATE_do setdash + AGMUTIL_GSTATE_sa setstrokeadjust + AGMUTIL_GSTATE_clr_rnd setcolorrendering + AGMUTIL_GSTATE_op setoverprint + AGMUTIL_GSTATE_bg cvx setblackgeneration + AGMUTIL_GSTATE_ucr cvx setundercolorremoval + AGMUTIL_GSTATE_r_xfer cvx AGMUTIL_GSTATE_g_xfer cvx AGMUTIL_GSTATE_b_xfer cvx + AGMUTIL_GSTATE_gy_xfer cvx setcolortransfer + AGMUTIL_GSTATE_ht /HalftoneType get dup 9 eq exch 100 eq or + { + currenthalftone /HalftoneType get AGMUTIL_GSTATE_ht /HalftoneType get ne + { + mark AGMUTIL_GSTATE_ht {sethalftone} stopped cleartomark + } if + }{ + AGMUTIL_GSTATE_ht sethalftone + } ifelse + AGMUTIL_GSTATE_flt setflat + end +}def +/get_gstate_and_matrix +{ + AGMUTIL_GSTATE begin + /AGMUTIL_GSTATE_ctm matrix currentmatrix def + end + get_gstate +}def +/set_gstate_and_matrix +{ + set_gstate + AGMUTIL_GSTATE begin + AGMUTIL_GSTATE_ctm setmatrix + end +}def +/AGMUTIL_str256 256 string def +/AGMUTIL_src256 256 string def +/AGMUTIL_dst64 64 string def +/AGMUTIL_srcLen nd +/AGMUTIL_ndx nd +/agm_sethalftone +{ + dup + begin + /_Data load + /Thresholds xdf + end + level3 + { sethalftone }{ + dup /HalftoneType get 3 eq { + sethalftone + } {pop} ifelse + }ifelse +} def +/rdcmntline +{ + currentfile AGMUTIL_str256 readline pop + (%) anchorsearch {pop} if +} bdf +/filter_cmyk +{ + dup type /filetype ne{ + exch () /SubFileDecode filter + } + { + exch pop + } + ifelse + [ + exch + { + AGMUTIL_src256 readstring pop + dup length /AGMUTIL_srcLen exch def + /AGMUTIL_ndx 0 def + AGMCORE_plate_ndx 4 AGMUTIL_srcLen 1 sub{ + 1 index exch get + AGMUTIL_dst64 AGMUTIL_ndx 3 -1 roll put + /AGMUTIL_ndx AGMUTIL_ndx 1 add def + }for + pop + AGMUTIL_dst64 0 AGMUTIL_ndx getinterval + } + bind + /exec cvx + ] cvx +} bdf +/filter_indexed_devn +{ + cvi Names length mul names_index add Lookup exch get +} bdf +/filter_devn +{ + 4 dict begin + /srcStr xdf + /dstStr xdf + dup type /filetype ne{ + 0 () /SubFileDecode filter + }if + [ + exch + [ + /devicen_colorspace_dict /AGMCORE_gget cvx /begin cvx + currentdict /srcStr get /readstring cvx /pop cvx + /dup cvx /length cvx 0 /gt cvx [ + Adobe_AGM_Utils /AGMUTIL_ndx 0 /ddf cvx + names_index Names length currentdict /srcStr get length 1 sub { + 1 /index cvx /exch cvx /get cvx + currentdict /dstStr get /AGMUTIL_ndx /load cvx 3 -1 /roll cvx /put cvx + Adobe_AGM_Utils /AGMUTIL_ndx /AGMUTIL_ndx /load cvx 1 /add cvx /ddf cvx + } for + currentdict /dstStr get 0 /AGMUTIL_ndx /load cvx /getinterval cvx + ] cvx /if cvx + /end cvx + ] cvx + bind + /exec cvx + ] cvx + end +} bdf +/AGMUTIL_imagefile nd +/read_image_file +{ + AGMUTIL_imagefile 0 setfileposition + 10 dict begin + /imageDict xdf + /imbufLen Width BitsPerComponent mul 7 add 8 idiv def + /imbufIdx 0 def + /origDataSource imageDict /DataSource get def + /origMultipleDataSources imageDict /MultipleDataSources get def + /origDecode imageDict /Decode get def + /dstDataStr imageDict /Width get colorSpaceElemCnt mul string def + /srcDataStrs [ imageDict begin + currentdict /MultipleDataSources known {MultipleDataSources {DataSource length}{1}ifelse}{1} ifelse + { + Width Decode length 2 div mul cvi string + } repeat + end ] def + imageDict /MultipleDataSources known {MultipleDataSources}{false} ifelse + { + /imbufCnt imageDict /DataSource get length def + /imbufs imbufCnt array def + 0 1 imbufCnt 1 sub { + /imbufIdx xdf + imbufs imbufIdx imbufLen string put + imageDict /DataSource get imbufIdx [ AGMUTIL_imagefile imbufs imbufIdx get /readstring cvx /pop cvx ] cvx put + } for + DeviceN_PS2 { + imageDict begin + /DataSource [ DataSource /devn_sep_datasource cvx ] cvx def + /MultipleDataSources false def + /Decode [0 1] def + end + } if + }{ + /imbuf imbufLen string def + Indexed_DeviceN level3 not and DeviceN_NoneName or { + imageDict begin + /DataSource [AGMUTIL_imagefile Decode BitsPerComponent false 1 /filter_indexed_devn load dstDataStr srcDataStrs devn_alt_datasource /exec cvx] cvx def + /Decode [0 1] def + end + }{ + imageDict /DataSource {AGMUTIL_imagefile imbuf readstring pop} put + } ifelse + } ifelse + imageDict exch + load exec + imageDict /DataSource origDataSource put + imageDict /MultipleDataSources origMultipleDataSources put + imageDict /Decode origDecode put + end +} bdf +/write_image_file +{ + begin + { (AGMUTIL_imagefile) (w+) file } stopped{ + false + }{ + Adobe_AGM_Utils/AGMUTIL_imagefile xddf + 2 dict begin + /imbufLen Width BitsPerComponent mul 7 add 8 idiv def + MultipleDataSources {DataSource 0 get}{DataSource}ifelse type /filetype eq { + /imbuf imbufLen string def + }if + 1 1 Height { + pop + MultipleDataSources { + 0 1 DataSource length 1 sub { + DataSource type dup + /arraytype eq { + pop DataSource exch get exec + }{ + /filetype eq { + DataSource exch get imbuf readstring pop + }{ + DataSource exch get + } ifelse + } ifelse + AGMUTIL_imagefile exch writestring + } for + }{ + DataSource type dup + /arraytype eq { + pop DataSource exec + }{ + /filetype eq { + DataSource imbuf readstring pop + }{ + DataSource + } ifelse + } ifelse + AGMUTIL_imagefile exch writestring + } ifelse + }for + end + true + }ifelse + end +} bdf +/close_image_file +{ + AGMUTIL_imagefile closefile (AGMUTIL_imagefile) deletefile +}def +statusdict /product known userdict /AGMP_current_show known not and{ + /pstr statusdict /product get def + pstr (HP LaserJet 2200) eq + pstr (HP LaserJet 4000 Series) eq or + pstr (HP LaserJet 4050 Series ) eq or + pstr (HP LaserJet 8000 Series) eq or + pstr (HP LaserJet 8100 Series) eq or + pstr (HP LaserJet 8150 Series) eq or + pstr (HP LaserJet 5000 Series) eq or + pstr (HP LaserJet 5100 Series) eq or + pstr (HP Color LaserJet 4500) eq or + pstr (HP Color LaserJet 4600) eq or + pstr (HP LaserJet 5Si) eq or + pstr (HP LaserJet 1200 Series) eq or + pstr (HP LaserJet 1300 Series) eq or + pstr (HP LaserJet 4100 Series) eq or + { + userdict /AGMP_current_show /show load put + userdict /show { + currentcolorspace 0 get + /Pattern eq + {false charpath f} + {AGMP_current_show} ifelse + } put + }if + currentdict /pstr undef +} if +/consumeimagedata +{ + begin + currentdict /MultipleDataSources known not + {/MultipleDataSources false def} if + MultipleDataSources + { + 1 dict begin + /flushbuffer Width cvi string def + 1 1 Height cvi + { + pop + 0 1 DataSource length 1 sub + { + DataSource exch get + dup type dup + /filetype eq + { + exch flushbuffer readstring pop pop + }if + /arraytype eq + { + exec pop + }if + }for + }for + end + } + { + /DataSource load type dup + /filetype eq + { + 1 dict begin + /flushbuffer Width Decode length 2 div mul cvi string def + 1 1 Height { pop DataSource flushbuffer readstring pop pop} for + end + }if + /arraytype eq + { + 1 1 Height { pop DataSource pop } for + }if + }ifelse + end +}bdf +/addprocs +{ + 2{/exec load}repeat + 3 1 roll + [ 5 1 roll ] bind cvx +}def +/modify_halftone_xfer +{ + currenthalftone dup length dict copy begin + currentdict 2 index known{ + 1 index load dup length dict copy begin + currentdict/TransferFunction known{ + /TransferFunction load + }{ + currenttransfer + }ifelse + addprocs /TransferFunction xdf + currentdict end def + currentdict end sethalftone + }{ + currentdict/TransferFunction known{ + /TransferFunction load + }{ + currenttransfer + }ifelse + addprocs /TransferFunction xdf + currentdict end sethalftone + pop + }ifelse +}def +/clonearray +{ + dup xcheck exch + dup length array exch + Adobe_AGM_Core/AGMCORE_tmp -1 ddf + { + Adobe_AGM_Core/AGMCORE_tmp AGMCORE_tmp 1 add ddf + dup type /dicttype eq + { + AGMCORE_tmp + exch + clonedict + Adobe_AGM_Core/AGMCORE_tmp 4 -1 roll ddf + } if + dup type /arraytype eq + { + AGMCORE_tmp exch + clonearray + Adobe_AGM_Core/AGMCORE_tmp 4 -1 roll ddf + } if + exch dup + AGMCORE_tmp 4 -1 roll put + }forall + exch {cvx} if +}bdf +/clonedict +{ + dup length dict + begin + { + dup type /dicttype eq + { + clonedict + } if + dup type /arraytype eq + { + clonearray + } if + def + }forall + currentdict + end +}bdf +/DeviceN_PS2 +{ + /currentcolorspace AGMCORE_gget 0 get /DeviceN eq level3 not and +} bdf +/Indexed_DeviceN +{ + /indexed_colorspace_dict AGMCORE_gget dup null ne { + /CSD known + }{ + pop false + } ifelse +} bdf +/DeviceN_NoneName +{ + /Names where { + pop + false Names + { + (None) eq or + } forall + }{ + false + }ifelse +} bdf +/DeviceN_PS2_inRip_seps +{ + /AGMCORE_in_rip_sep where + { + pop dup type dup /arraytype eq exch /packedarraytype eq or + { + dup 0 get /DeviceN eq level3 not and AGMCORE_in_rip_sep and + { + /currentcolorspace exch AGMCORE_gput + false + } + { + true + }ifelse + } + { + true + } ifelse + } + { + true + } ifelse +} bdf +/base_colorspace_type +{ + dup type /arraytype eq {0 get} if +} bdf +/doc_setup{ + Adobe_AGM_Utils begin +}bdf +/doc_trailer{ + currentdict Adobe_AGM_Utils eq{ + end + }if +}bdf +systemdict /setpacking known +{ + setpacking +} if +%%EndResource +%%BeginResource: procset Adobe_AGM_Core 2.0 0 +%%Version: 2.0 0 +%%Copyright: Copyright (C) 1997-2003 Adobe Systems, Inc. All Rights Reserved. +systemdict /setpacking known +{ + currentpacking + true setpacking +} if +userdict /Adobe_AGM_Core 216 dict dup begin put +/nd{ + null def +}bind def +/Adobe_AGM_Core_Id /Adobe_AGM_Core_2.0_0 def +/AGMCORE_str256 256 string def +/AGMCORE_save nd +/AGMCORE_graphicsave nd +/AGMCORE_c 0 def +/AGMCORE_m 0 def +/AGMCORE_y 0 def +/AGMCORE_k 0 def +/AGMCORE_cmykbuf 4 array def +/AGMCORE_screen [currentscreen] cvx def +/AGMCORE_tmp 0 def +/AGMCORE_&setgray nd +/AGMCORE_&setcolor nd +/AGMCORE_&setcolorspace nd +/AGMCORE_&setcmykcolor nd +/AGMCORE_cyan_plate nd +/AGMCORE_magenta_plate nd +/AGMCORE_yellow_plate nd +/AGMCORE_black_plate nd +/AGMCORE_plate_ndx nd +/AGMCORE_get_ink_data nd +/AGMCORE_is_cmyk_sep nd +/AGMCORE_host_sep nd +/AGMCORE_avoid_L2_sep_space nd +/AGMCORE_distilling nd +/AGMCORE_composite_job nd +/AGMCORE_producing_seps nd +/AGMCORE_ps_level -1 def +/AGMCORE_ps_version -1 def +/AGMCORE_environ_ok nd +/AGMCORE_CSA_cache 0 dict def +/AGMCORE_CSD_cache 0 dict def +/AGMCORE_pattern_cache 0 dict def +/AGMCORE_currentoverprint false def +/AGMCORE_deltaX nd +/AGMCORE_deltaY nd +/AGMCORE_name nd +/AGMCORE_sep_special nd +/AGMCORE_err_strings 4 dict def +/AGMCORE_cur_err nd +/AGMCORE_ovp nd +/AGMCORE_current_spot_alias false def +/AGMCORE_inverting false def +/AGMCORE_feature_dictCount nd +/AGMCORE_feature_opCount nd +/AGMCORE_feature_ctm nd +/AGMCORE_ConvertToProcess false def +/AGMCORE_Default_CTM matrix def +/AGMCORE_Default_PageSize nd +/AGMCORE_currentbg nd +/AGMCORE_currentucr nd +/AGMCORE_gradientcache 32 dict def +/AGMCORE_in_pattern false def +/knockout_unitsq nd +/AGMCORE_CRD_cache where{ + pop +}{ + /AGMCORE_CRD_cache 0 dict def +}ifelse +/AGMCORE_key_known +{ + where{ + /Adobe_AGM_Core_Id known + }{ + false + }ifelse +}ndf +/flushinput +{ + save + 2 dict begin + /CompareBuffer 3 -1 roll def + /readbuffer 256 string def + mark + { + currentfile readbuffer {readline} stopped + {cleartomark mark} + { + not + {pop exit} + if + CompareBuffer eq + {exit} + if + }ifelse + }loop + cleartomark + end + restore +}bdf +/getspotfunction +{ + AGMCORE_screen exch pop exch pop + dup type /dicttype eq{ + dup /HalftoneType get 1 eq{ + /SpotFunction get + }{ + dup /HalftoneType get 2 eq{ + /GraySpotFunction get + }{ + pop + { + abs exch abs 2 copy add 1 gt{ + 1 sub dup mul exch 1 sub dup mul add 1 sub + }{ + dup mul exch dup mul add 1 exch sub + }ifelse + }bind + }ifelse + }ifelse + }if +} def +/clp_npth +{ + clip newpath +} def +/eoclp_npth +{ + eoclip newpath +} def +/npth_clp +{ + newpath clip +} def +/add_grad +{ + AGMCORE_gradientcache 3 1 roll put +}bdf +/exec_grad +{ + AGMCORE_gradientcache exch get exec +}bdf +/graphic_setup +{ + /AGMCORE_graphicsave save def + concat + 0 setgray + 0 setlinecap + 0 setlinejoin + 1 setlinewidth + [] 0 setdash + 10 setmiterlimit + newpath + false setoverprint + false setstrokeadjust + Adobe_AGM_Core/spot_alias get exec + /Adobe_AGM_Image where { + pop + Adobe_AGM_Image/spot_alias 2 copy known{ + get exec + }{ + pop pop + }ifelse + } if + 100 dict begin + /dictstackcount countdictstack def + /showpage {} def + mark +} def +/graphic_cleanup +{ + cleartomark + dictstackcount 1 countdictstack 1 sub {end}for + end + AGMCORE_graphicsave restore +} def +/compose_error_msg +{ + grestoreall initgraphics + /Helvetica findfont 10 scalefont setfont + /AGMCORE_deltaY 100 def + /AGMCORE_deltaX 310 def + clippath pathbbox newpath pop pop 36 add exch 36 add exch moveto + 0 AGMCORE_deltaY rlineto AGMCORE_deltaX 0 rlineto + 0 AGMCORE_deltaY neg rlineto AGMCORE_deltaX neg 0 rlineto closepath + 0 AGMCORE_&setgray + gsave 1 AGMCORE_&setgray fill grestore + 1 setlinewidth gsave stroke grestore + currentpoint AGMCORE_deltaY 15 sub add exch 8 add exch moveto + /AGMCORE_deltaY 12 def + /AGMCORE_tmp 0 def + AGMCORE_err_strings exch get + { + dup 32 eq + { + pop + AGMCORE_str256 0 AGMCORE_tmp getinterval + stringwidth pop currentpoint pop add AGMCORE_deltaX 28 add gt + { + currentpoint AGMCORE_deltaY sub exch pop + clippath pathbbox pop pop pop 44 add exch moveto + } if + AGMCORE_str256 0 AGMCORE_tmp getinterval show ( ) show + 0 1 AGMCORE_str256 length 1 sub + { + AGMCORE_str256 exch 0 put + }for + /AGMCORE_tmp 0 def + } + { + AGMCORE_str256 exch AGMCORE_tmp xpt + /AGMCORE_tmp AGMCORE_tmp 1 add def + } ifelse + } forall +} bdf +/doc_setup{ + Adobe_AGM_Core begin + /AGMCORE_ps_version xdf + /AGMCORE_ps_level xdf + errordict /AGM_handleerror known not{ + errordict /AGM_handleerror errordict /handleerror get put + errordict /handleerror { + Adobe_AGM_Core begin + $error /newerror get AGMCORE_cur_err null ne and{ + $error /newerror false put + AGMCORE_cur_err compose_error_msg + }if + $error /newerror true put + end + errordict /AGM_handleerror get exec + } bind put + }if + /AGMCORE_environ_ok + ps_level AGMCORE_ps_level ge + ps_version AGMCORE_ps_version ge and + AGMCORE_ps_level -1 eq or + def + AGMCORE_environ_ok not + {/AGMCORE_cur_err /AGMCORE_bad_environ def} if + /AGMCORE_&setgray systemdict/setgray get def + level2{ + /AGMCORE_&setcolor systemdict/setcolor get def + /AGMCORE_&setcolorspace systemdict/setcolorspace get def + }if + /AGMCORE_currentbg currentblackgeneration def + /AGMCORE_currentucr currentundercolorremoval def + /AGMCORE_distilling + /product where{ + pop systemdict/setdistillerparams known product (Adobe PostScript Parser) ne and + }{ + false + }ifelse + def + level2 not{ + /xput{ + dup load dup length exch maxlength eq{ + dup dup load dup + length dup 0 eq {pop 1} if 2 mul dict copy def + }if + load begin + def + end + }def + }{ + /xput{ + load 3 1 roll put + }def + }ifelse + /AGMCORE_GSTATE AGMCORE_key_known not{ + /AGMCORE_GSTATE 21 dict def + /AGMCORE_tmpmatrix matrix def + /AGMCORE_gstack 32 array def + /AGMCORE_gstackptr 0 def + /AGMCORE_gstacksaveptr 0 def + /AGMCORE_gstackframekeys 10 def + /AGMCORE_&gsave /gsave ldf + /AGMCORE_&grestore /grestore ldf + /AGMCORE_&grestoreall /grestoreall ldf + /AGMCORE_&save /save ldf + /AGMCORE_gdictcopy { + begin + { def } forall + end + }def + /AGMCORE_gput { + AGMCORE_gstack AGMCORE_gstackptr get + 3 1 roll + put + }def + /AGMCORE_gget { + AGMCORE_gstack AGMCORE_gstackptr get + exch + get + }def + /gsave { + AGMCORE_&gsave + AGMCORE_gstack AGMCORE_gstackptr get + AGMCORE_gstackptr 1 add + dup 32 ge {limitcheck} if + Adobe_AGM_Core exch + /AGMCORE_gstackptr xpt + AGMCORE_gstack AGMCORE_gstackptr get + AGMCORE_gdictcopy + }def + /grestore { + AGMCORE_&grestore + AGMCORE_gstackptr 1 sub + dup AGMCORE_gstacksaveptr lt {1 add} if + Adobe_AGM_Core exch + /AGMCORE_gstackptr xpt + }def + /grestoreall { + AGMCORE_&grestoreall + Adobe_AGM_Core + /AGMCORE_gstackptr AGMCORE_gstacksaveptr put + }def + /save { + AGMCORE_&save + AGMCORE_gstack AGMCORE_gstackptr get + AGMCORE_gstackptr 1 add + dup 32 ge {limitcheck} if + Adobe_AGM_Core begin + /AGMCORE_gstackptr exch def + /AGMCORE_gstacksaveptr AGMCORE_gstackptr def + end + AGMCORE_gstack AGMCORE_gstackptr get + AGMCORE_gdictcopy + }def + 0 1 AGMCORE_gstack length 1 sub { + AGMCORE_gstack exch AGMCORE_gstackframekeys dict put + } for + }if + level3 /AGMCORE_&sysshfill AGMCORE_key_known not and + { + /AGMCORE_&sysshfill systemdict/shfill get def + /AGMCORE_&usrshfill /shfill load def + /AGMCORE_&sysmakepattern systemdict/makepattern get def + /AGMCORE_&usrmakepattern /makepattern load def + }if + /currentcmykcolor [0 0 0 0] AGMCORE_gput + /currentstrokeadjust false AGMCORE_gput + /currentcolorspace [/DeviceGray] AGMCORE_gput + /sep_tint 0 AGMCORE_gput + /devicen_tints [0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0] AGMCORE_gput + /sep_colorspace_dict null AGMCORE_gput + /devicen_colorspace_dict null AGMCORE_gput + /indexed_colorspace_dict null AGMCORE_gput + /currentcolor_intent () AGMCORE_gput + /customcolor_tint 1 AGMCORE_gput + << + /MaxPatternItem currentsystemparams /MaxPatternCache get + >> + setuserparams + end +}def +/page_setup +{ + /setcmykcolor where{ + pop + Adobe_AGM_Core/AGMCORE_&setcmykcolor /setcmykcolor load put + }if + Adobe_AGM_Core begin + /setcmykcolor + { + 4 copy AGMCORE_cmykbuf astore /currentcmykcolor exch AGMCORE_gput + 1 sub 4 1 roll + 3 { + 3 index add neg dup 0 lt { + pop 0 + } if + 3 1 roll + } repeat + setrgbcolor pop + }ndf + /currentcmykcolor + { + /currentcmykcolor AGMCORE_gget aload pop + }ndf + /setoverprint + { + pop + }ndf + /currentoverprint + { + false + }ndf + /AGMCORE_deviceDPI 72 0 matrix defaultmatrix dtransform dup mul exch dup mul add sqrt def + /AGMCORE_cyan_plate 1 0 0 0 test_cmyk_color_plate def + /AGMCORE_magenta_plate 0 1 0 0 test_cmyk_color_plate def + /AGMCORE_yellow_plate 0 0 1 0 test_cmyk_color_plate def + /AGMCORE_black_plate 0 0 0 1 test_cmyk_color_plate def + /AGMCORE_plate_ndx + AGMCORE_cyan_plate{ + 0 + }{ + AGMCORE_magenta_plate{ + 1 + }{ + AGMCORE_yellow_plate{ + 2 + }{ + AGMCORE_black_plate{ + 3 + }{ + 4 + }ifelse + }ifelse + }ifelse + }ifelse + def + /AGMCORE_have_reported_unsupported_color_space false def + /AGMCORE_report_unsupported_color_space + { + AGMCORE_have_reported_unsupported_color_space false eq + { + (Warning: Job contains content that cannot be separated with on-host methods. This content appears on the black plate, and knocks out all other plates.) == + Adobe_AGM_Core /AGMCORE_have_reported_unsupported_color_space true ddf + } if + }def + /AGMCORE_composite_job + AGMCORE_cyan_plate AGMCORE_magenta_plate and AGMCORE_yellow_plate and AGMCORE_black_plate and def + /AGMCORE_in_rip_sep + /AGMCORE_in_rip_sep where{ + pop AGMCORE_in_rip_sep + }{ + AGMCORE_distilling + { + false + }{ + userdict/Adobe_AGM_OnHost_Seps known{ + false + }{ + level2{ + currentpagedevice/Separations 2 copy known{ + get + }{ + pop pop false + }ifelse + }{ + false + }ifelse + }ifelse + }ifelse + }ifelse + def + /AGMCORE_producing_seps AGMCORE_composite_job not AGMCORE_in_rip_sep or def + /AGMCORE_host_sep AGMCORE_producing_seps AGMCORE_in_rip_sep not and def + /AGM_preserve_spots + /AGM_preserve_spots where{ + pop AGM_preserve_spots + }{ + AGMCORE_distilling AGMCORE_producing_seps or + }ifelse + def + /AGM_is_distiller_preserving_spotimages + { + currentdistillerparams/PreserveOverprintSettings known + { + currentdistillerparams/PreserveOverprintSettings get + { + currentdistillerparams/ColorConversionStrategy known + { + currentdistillerparams/ColorConversionStrategy get + /LeaveColorUnchanged eq + }{ + true + }ifelse + }{ + false + }ifelse + }{ + false + }ifelse + }def + /convert_spot_to_process where {pop}{ + /convert_spot_to_process + { + dup map_alias { + /Name get exch pop + } if + dup dup (None) eq exch (All) eq or + { + pop false + }{ + AGMCORE_host_sep + { + gsave + 1 0 0 0 setcmykcolor currentgray 1 exch sub + 0 1 0 0 setcmykcolor currentgray 1 exch sub + 0 0 1 0 setcmykcolor currentgray 1 exch sub + 0 0 0 1 setcmykcolor currentgray 1 exch sub + add add add 0 eq + { + pop false + }{ + false setoverprint + 1 1 1 1 5 -1 roll findcmykcustomcolor 1 setcustomcolor + currentgray 0 eq + }ifelse + grestore + }{ + AGMCORE_distilling + { + pop AGM_is_distiller_preserving_spotimages not + }{ + Adobe_AGM_Core/AGMCORE_name xddf + false + Adobe_AGM_Core/AGMCORE_in_pattern known {Adobe_AGM_Core/AGMCORE_in_pattern get}{false} ifelse + not currentpagedevice/OverrideSeparations known and + { + currentpagedevice/OverrideSeparations get + { + /HqnSpots /ProcSet resourcestatus + { + pop pop pop true + }if + }if + }if + { + AGMCORE_name /HqnSpots /ProcSet findresource /TestSpot get exec not + }{ + gsave + [/Separation AGMCORE_name /DeviceGray {}]setcolorspace + false + currentpagedevice/SeparationColorNames 2 copy known + { + get + { AGMCORE_name eq or}forall + not + }{ + pop pop pop true + }ifelse + grestore + }ifelse + }ifelse + }ifelse + }ifelse + }def + }ifelse + /convert_to_process where {pop}{ + /convert_to_process + { + dup length 0 eq + { + pop false + }{ + AGMCORE_host_sep + { + dup true exch + { + dup (Cyan) eq exch + dup (Magenta) eq 3 -1 roll or exch + dup (Yellow) eq 3 -1 roll or exch + dup (Black) eq 3 -1 roll or + {pop} + {convert_spot_to_process and}ifelse + } + forall + { + true exch + { + dup (Cyan) eq exch + dup (Magenta) eq 3 -1 roll or exch + dup (Yellow) eq 3 -1 roll or exch + (Black) eq or and + }forall + not + }{pop false}ifelse + }{ + false exch + { + dup (Cyan) eq exch + dup (Magenta) eq 3 -1 roll or exch + dup (Yellow) eq 3 -1 roll or exch + dup (Black) eq 3 -1 roll or + {pop} + {convert_spot_to_process or}ifelse + } + forall + }ifelse + }ifelse + }def + }ifelse + /AGMCORE_avoid_L2_sep_space + version cvr 2012 lt + level2 and + AGMCORE_producing_seps not and + def + /AGMCORE_is_cmyk_sep + AGMCORE_cyan_plate AGMCORE_magenta_plate or AGMCORE_yellow_plate or AGMCORE_black_plate or + def + /AGM_avoid_0_cmyk where{ + pop AGM_avoid_0_cmyk + }{ + AGM_preserve_spots + userdict/Adobe_AGM_OnHost_Seps known + userdict/Adobe_AGM_InRip_Seps known or + not and + }ifelse + { + /setcmykcolor[ + { + 4 copy add add add 0 eq currentoverprint and{ + pop 0.0005 + }if + }/exec cvx + /AGMCORE_&setcmykcolor load dup type/operatortype ne{ + /exec cvx + }if + ]cvx def + }if + AGMCORE_host_sep{ + /setcolortransfer + { + AGMCORE_cyan_plate{ + pop pop pop + }{ + AGMCORE_magenta_plate{ + 4 3 roll pop pop pop + }{ + AGMCORE_yellow_plate{ + 4 2 roll pop pop pop + }{ + 4 1 roll pop pop pop + }ifelse + }ifelse + }ifelse + settransfer + } + def + /AGMCORE_get_ink_data + AGMCORE_cyan_plate{ + {pop pop pop} + }{ + AGMCORE_magenta_plate{ + {4 3 roll pop pop pop} + }{ + AGMCORE_yellow_plate{ + {4 2 roll pop pop pop} + }{ + {4 1 roll pop pop pop} + }ifelse + }ifelse + }ifelse + def + /AGMCORE_RemoveProcessColorNames + { + 1 dict begin + /filtername + { + dup /Cyan eq 1 index (Cyan) eq or + {pop (_cyan_)}if + dup /Magenta eq 1 index (Magenta) eq or + {pop (_magenta_)}if + dup /Yellow eq 1 index (Yellow) eq or + {pop (_yellow_)}if + dup /Black eq 1 index (Black) eq or + {pop (_black_)}if + }def + dup type /arraytype eq + {[exch {filtername}forall]} + {filtername}ifelse + end + }def + /AGMCORE_IsSeparationAProcessColor + { + dup (Cyan) eq exch dup (Magenta) eq exch dup (Yellow) eq exch (Black) eq or or or + }def + level3 { + /AGMCORE_IsCurrentColor + { + gsave + false setoverprint + 1 1 1 1 5 -1 roll findcmykcustomcolor 1 setcustomcolor + currentgray 0 eq + grestore + }def + /AGMCORE_filter_functiondatasource + { + 5 dict begin + /data_in xdf + data_in type /stringtype eq + { + /ncomp xdf + /comp xdf + /string_out data_in length ncomp idiv string def + 0 ncomp data_in length 1 sub + { + string_out exch dup ncomp idiv exch data_in exch ncomp getinterval comp get 255 exch sub put + }for + string_out + }{ + string /string_in xdf + /string_out 1 string def + /component xdf + [ + data_in string_in /readstring cvx + [component /get cvx 255 /exch cvx /sub cvx string_out /exch cvx 0 /exch cvx /put cvx string_out]cvx + [/pop cvx ()]cvx /ifelse cvx + ]cvx /ReusableStreamDecode filter + }ifelse + end + }def + /AGMCORE_separateShadingFunction + { + 2 dict begin + /paint? xdf + /channel xdf + begin + FunctionType 0 eq + { + /DataSource channel Range length 2 idiv DataSource AGMCORE_filter_functiondatasource def + currentdict /Decode known + {/Decode Decode channel 2 mul 2 getinterval def}if + paint? not + {/Decode [1 1]def}if + }if + FunctionType 2 eq + { + paint? + { + /C0 [C0 channel get 1 exch sub] def + /C1 [C1 channel get 1 exch sub] def + }{ + /C0 [1] def + /C1 [1] def + }ifelse + }if + FunctionType 3 eq + { + /Functions [Functions {channel paint? AGMCORE_separateShadingFunction} forall] def + }if + currentdict /Range known + {/Range [0 1] def}if + currentdict + end + end + }def + /AGMCORE_separateShading + { + 3 -1 roll begin + currentdict /Function known + { + currentdict /Background known + {[1 index{Background 3 index get 1 exch sub}{1}ifelse]/Background xdf}if + Function 3 1 roll AGMCORE_separateShadingFunction /Function xdf + /ColorSpace [/DeviceGray] def + }{ + ColorSpace dup type /arraytype eq {0 get}if /DeviceCMYK eq + { + /ColorSpace [/DeviceN [/_cyan_ /_magenta_ /_yellow_ /_black_] /DeviceCMYK {}] def + }{ + ColorSpace dup 1 get AGMCORE_RemoveProcessColorNames 1 exch put + }ifelse + ColorSpace 0 get /Separation eq + { + { + [1 /exch cvx /sub cvx]cvx + }{ + [/pop cvx 1]cvx + }ifelse + ColorSpace 3 3 -1 roll put + pop + }{ + { + [exch ColorSpace 1 get length 1 sub exch sub /index cvx 1 /exch cvx /sub cvx ColorSpace 1 get length 1 add 1 /roll cvx ColorSpace 1 get length{/pop cvx} repeat]cvx + }{ + pop [ColorSpace 1 get length {/pop cvx} repeat cvx 1]cvx + }ifelse + ColorSpace 3 3 -1 roll bind put + }ifelse + ColorSpace 2 /DeviceGray put + }ifelse + end + }def + /AGMCORE_separateShadingDict + { + dup /ColorSpace get + dup type /arraytype ne + {[exch]}if + dup 0 get /DeviceCMYK eq + { + exch begin + currentdict + AGMCORE_cyan_plate + {0 true}if + AGMCORE_magenta_plate + {1 true}if + AGMCORE_yellow_plate + {2 true}if + AGMCORE_black_plate + {3 true}if + AGMCORE_plate_ndx 4 eq + {0 false}if + dup not currentoverprint and + {/AGMCORE_ignoreshade true def}if + AGMCORE_separateShading + currentdict + end exch + }if + dup 0 get /Separation eq + { + exch begin + ColorSpace 1 get dup /None ne exch /All ne and + { + ColorSpace 1 get AGMCORE_IsCurrentColor AGMCORE_plate_ndx 4 lt and ColorSpace 1 get AGMCORE_IsSeparationAProcessColor not and + { + ColorSpace 2 get dup type /arraytype eq {0 get}if /DeviceCMYK eq + { + /ColorSpace + [ + /Separation + ColorSpace 1 get + /DeviceGray + [ + ColorSpace 3 get /exec cvx + 4 AGMCORE_plate_ndx sub -1 /roll cvx + 4 1 /roll cvx + 3 [/pop cvx]cvx /repeat cvx + 1 /exch cvx /sub cvx + ]cvx + ]def + }{ + AGMCORE_report_unsupported_color_space + AGMCORE_black_plate not + { + currentdict 0 false AGMCORE_separateShading + }if + }ifelse + }{ + currentdict ColorSpace 1 get AGMCORE_IsCurrentColor + 0 exch + dup not currentoverprint and + {/AGMCORE_ignoreshade true def}if + AGMCORE_separateShading + }ifelse + }if + currentdict + end exch + }if + dup 0 get /DeviceN eq + { + exch begin + ColorSpace 1 get convert_to_process + { + ColorSpace 2 get dup type /arraytype eq {0 get}if /DeviceCMYK eq + { + /ColorSpace + [ + /DeviceN + ColorSpace 1 get + /DeviceGray + [ + ColorSpace 3 get /exec cvx + 4 AGMCORE_plate_ndx sub -1 /roll cvx + 4 1 /roll cvx + 3 [/pop cvx]cvx /repeat cvx + 1 /exch cvx /sub cvx + ]cvx + ]def + }{ + AGMCORE_report_unsupported_color_space + AGMCORE_black_plate not + { + currentdict 0 false AGMCORE_separateShading + /ColorSpace [/DeviceGray] def + }if + }ifelse + }{ + currentdict + false -1 ColorSpace 1 get + { + AGMCORE_IsCurrentColor + { + 1 add + exch pop true exch exit + }if + 1 add + }forall + exch + dup not currentoverprint and + {/AGMCORE_ignoreshade true def}if + AGMCORE_separateShading + }ifelse + currentdict + end exch + }if + dup 0 get dup /DeviceCMYK eq exch dup /Separation eq exch /DeviceN eq or or not + { + exch begin + ColorSpace dup type /arraytype eq + {0 get}if + /DeviceGray ne + { + AGMCORE_report_unsupported_color_space + AGMCORE_black_plate not + { + ColorSpace 0 get /CIEBasedA eq + { + /ColorSpace [/Separation /_ciebaseda_ /DeviceGray {}] def + }if + ColorSpace 0 get dup /CIEBasedABC eq exch dup /CIEBasedDEF eq exch /DeviceRGB eq or or + { + /ColorSpace [/DeviceN [/_red_ /_green_ /_blue_] /DeviceRGB {}] def + }if + ColorSpace 0 get /CIEBasedDEFG eq + { + /ColorSpace [/DeviceN [/_cyan_ /_magenta_ /_yellow_ /_black_] /DeviceCMYK {}] + }if + currentdict 0 false AGMCORE_separateShading + }if + }if + currentdict + end exch + }if + pop + dup /AGMCORE_ignoreshade known + { + begin + /ColorSpace [/Separation (None) /DeviceGray {}] def + currentdict end + }if + }def + /shfill + { + clonedict + AGMCORE_separateShadingDict + dup /AGMCORE_ignoreshade known + {pop} + {AGMCORE_&sysshfill}ifelse + }def + /makepattern + { + exch + dup /PatternType get 2 eq + { + clonedict + begin + /Shading Shading AGMCORE_separateShadingDict def + currentdict end + exch AGMCORE_&sysmakepattern + }{ + exch AGMCORE_&usrmakepattern + }ifelse + }def + }if + }if + AGMCORE_in_rip_sep{ + /setcustomcolor + { + exch aload pop + dup 7 1 roll inRip_spot_has_ink not { + 4 {4 index mul 4 1 roll} + repeat + /DeviceCMYK setcolorspace + 6 -2 roll pop pop + }{ + Adobe_AGM_Core begin + /AGMCORE_k xdf /AGMCORE_y xdf /AGMCORE_m xdf /AGMCORE_c xdf + end + [/Separation 4 -1 roll /DeviceCMYK + {dup AGMCORE_c mul exch dup AGMCORE_m mul exch dup AGMCORE_y mul exch AGMCORE_k mul} + ] + setcolorspace + }ifelse + setcolor + }ndf + /setseparationgray + { + [/Separation (All) /DeviceGray {}] setcolorspace_opt + 1 exch sub setcolor + }ndf + }{ + /setseparationgray + { + AGMCORE_&setgray + }ndf + }ifelse + /findcmykcustomcolor + { + 5 makereadonlyarray + }ndf + /setcustomcolor + { + exch aload pop pop + 4 {4 index mul 4 1 roll} repeat + setcmykcolor pop + }ndf + /has_color + /colorimage where{ + AGMCORE_producing_seps{ + pop true + }{ + systemdict eq + }ifelse + }{ + false + }ifelse + def + /map_index + { + 1 index mul exch getinterval {255 div} forall + } bdf + /map_indexed_devn + { + Lookup Names length 3 -1 roll cvi map_index + } bdf + /n_color_components + { + base_colorspace_type + dup /DeviceGray eq{ + pop 1 + }{ + /DeviceCMYK eq{ + 4 + }{ + 3 + }ifelse + }ifelse + }bdf + level2{ + /mo /moveto ldf + /li /lineto ldf + /cv /curveto ldf + /knockout_unitsq + { + 1 setgray + 0 0 1 1 rectfill + }def + /level2ScreenFreq{ + begin + 60 + HalftoneType 1 eq{ + pop Frequency + }if + HalftoneType 2 eq{ + pop GrayFrequency + }if + HalftoneType 5 eq{ + pop Default level2ScreenFreq + }if + end + }def + /currentScreenFreq{ + currenthalftone level2ScreenFreq + }def + level2 /setcolorspace AGMCORE_key_known not and{ + /AGMCORE_&&&setcolorspace /setcolorspace ldf + /AGMCORE_ReplaceMappedColor + { + dup type dup /arraytype eq exch /packedarraytype eq or + { + dup 0 get dup /Separation eq + { + pop + dup length array copy + dup dup 1 get + current_spot_alias + { + dup map_alias + { + begin + /sep_colorspace_dict currentdict AGMCORE_gput + pop pop pop + [ + /Separation Name + CSA map_csa + dup /MappedCSA xdf + /sep_colorspace_proc load + ] + dup Name + end + }if + }if + map_reserved_ink_name 1 xpt + }{ + /DeviceN eq + { + dup length array copy + dup dup 1 get [ + exch { + current_spot_alias{ + dup map_alias{ + /Name get exch pop + }if + }if + map_reserved_ink_name + } forall + ] 1 xpt + }if + }ifelse + }if + }def + /setcolorspace + { + dup type dup /arraytype eq exch /packedarraytype eq or + { + dup 0 get /Indexed eq + { + AGMCORE_distilling + { + /PhotoshopDuotoneList where + { + pop false + }{ + true + }ifelse + }{ + true + }ifelse + { + aload pop 3 -1 roll + AGMCORE_ReplaceMappedColor + 3 1 roll 4 array astore + }if + }{ + AGMCORE_ReplaceMappedColor + }ifelse + }if + DeviceN_PS2_inRip_seps {AGMCORE_&&&setcolorspace} if + }def + }if + }{ + /adj + { + currentstrokeadjust{ + transform + 0.25 sub round 0.25 add exch + 0.25 sub round 0.25 add exch + itransform + }if + }def + /mo{ + adj moveto + }def + /li{ + adj lineto + }def + /cv{ + 6 2 roll adj + 6 2 roll adj + 6 2 roll adj curveto + }def + /knockout_unitsq + { + 1 setgray + 8 8 1 [8 0 0 8 0 0] {<ffffffffffffffff>} image + }def + /currentstrokeadjust{ + /currentstrokeadjust AGMCORE_gget + }def + /setstrokeadjust{ + /currentstrokeadjust exch AGMCORE_gput + }def + /currentScreenFreq{ + currentscreen pop pop + }def + /setcolorspace + { + /currentcolorspace exch AGMCORE_gput + } def + /currentcolorspace + { + /currentcolorspace AGMCORE_gget + } def + /setcolor_devicecolor + { + base_colorspace_type + dup /DeviceGray eq{ + pop setgray + }{ + /DeviceCMYK eq{ + setcmykcolor + }{ + setrgbcolor + }ifelse + }ifelse + }def + /setcolor + { + currentcolorspace 0 get + dup /DeviceGray ne{ + dup /DeviceCMYK ne{ + dup /DeviceRGB ne{ + dup /Separation eq{ + pop + currentcolorspace 3 get exec + currentcolorspace 2 get + }{ + dup /Indexed eq{ + pop + currentcolorspace 3 get dup type /stringtype eq{ + currentcolorspace 1 get n_color_components + 3 -1 roll map_index + }{ + exec + }ifelse + currentcolorspace 1 get + }{ + /AGMCORE_cur_err /AGMCORE_invalid_color_space def + AGMCORE_invalid_color_space + }ifelse + }ifelse + }if + }if + }if + setcolor_devicecolor + } def + }ifelse + /sop /setoverprint ldf + /lw /setlinewidth ldf + /lc /setlinecap ldf + /lj /setlinejoin ldf + /ml /setmiterlimit ldf + /dsh /setdash ldf + /sadj /setstrokeadjust ldf + /gry /setgray ldf + /rgb /setrgbcolor ldf + /cmyk /setcmykcolor ldf + /sep /setsepcolor ldf + /devn /setdevicencolor ldf + /idx /setindexedcolor ldf + /colr /setcolor ldf + /csacrd /set_csa_crd ldf + /sepcs /setsepcolorspace ldf + /devncs /setdevicencolorspace ldf + /idxcs /setindexedcolorspace ldf + /cp /closepath ldf + /clp /clp_npth ldf + /eclp /eoclp_npth ldf + /f /fill ldf + /ef /eofill ldf + /@ /stroke ldf + /nclp /npth_clp ldf + /gset /graphic_setup ldf + /gcln /graphic_cleanup ldf + currentdict{ + dup xcheck 1 index type dup /arraytype eq exch /packedarraytype eq or and { + bind + }if + def + }forall + /currentpagedevice currentpagedevice def +/getrampcolor { +/indx exch def +0 1 NumComp 1 sub { +dup +Samples exch get +dup type /stringtype eq { indx get } if +exch +Scaling exch get aload pop +3 1 roll +mul add +} for +ColorSpaceFamily /Separation eq + { + sep + } + { + ColorSpaceFamily /DeviceN eq + { + devn + } + { + setcolor + }ifelse + }ifelse +} bind def +/sssetbackground { aload pop setcolor } bind def +/RadialShade { +40 dict begin +/ColorSpaceFamily exch def +/background exch def +/ext1 exch def +/ext0 exch def +/BBox exch def +/r2 exch def +/c2y exch def +/c2x exch def +/r1 exch def +/c1y exch def +/c1x exch def +/rampdict exch def +/setinkoverprint where {pop /setinkoverprint{pop}def}if +gsave +BBox length 0 gt { +newpath +BBox 0 get BBox 1 get moveto +BBox 2 get BBox 0 get sub 0 rlineto +0 BBox 3 get BBox 1 get sub rlineto +BBox 2 get BBox 0 get sub neg 0 rlineto +closepath +clip +newpath +} if +c1x c2x eq +{ +c1y c2y lt {/theta 90 def}{/theta 270 def} ifelse +} +{ +/slope c2y c1y sub c2x c1x sub div def +/theta slope 1 atan def +c2x c1x lt c2y c1y ge and { /theta theta 180 sub def} if +c2x c1x lt c2y c1y lt and { /theta theta 180 add def} if +} +ifelse +gsave +clippath +c1x c1y translate +theta rotate +-90 rotate +{ pathbbox } stopped +{ 0 0 0 0 } if +/yMax exch def +/xMax exch def +/yMin exch def +/xMin exch def +grestore +xMax xMin eq yMax yMin eq or +{ +grestore +end +} +{ +/max { 2 copy gt { pop } {exch pop} ifelse } bind def +/min { 2 copy lt { pop } {exch pop} ifelse } bind def +rampdict begin +40 dict begin +background length 0 gt { background sssetbackground gsave clippath fill grestore } if +gsave +c1x c1y translate +theta rotate +-90 rotate +/c2y c1x c2x sub dup mul c1y c2y sub dup mul add sqrt def +/c1y 0 def +/c1x 0 def +/c2x 0 def +ext0 { +0 getrampcolor +c2y r2 add r1 sub 0.0001 lt +{ +c1x c1y r1 360 0 arcn +pathbbox +/aymax exch def +/axmax exch def +/aymin exch def +/axmin exch def +/bxMin xMin axmin min def +/byMin yMin aymin min def +/bxMax xMax axmax max def +/byMax yMax aymax max def +bxMin byMin moveto +bxMax byMin lineto +bxMax byMax lineto +bxMin byMax lineto +bxMin byMin lineto +eofill +} +{ +c2y r1 add r2 le +{ +c1x c1y r1 0 360 arc +fill +} +{ +c2x c2y r2 0 360 arc fill +r1 r2 eq +{ +/p1x r1 neg def +/p1y c1y def +/p2x r1 def +/p2y c1y def +p1x p1y moveto p2x p2y lineto p2x yMin lineto p1x yMin lineto +fill +} +{ +/AA r2 r1 sub c2y div def +/theta AA 1 AA dup mul sub sqrt div 1 atan def +/SS1 90 theta add dup sin exch cos div def +/p1x r1 SS1 SS1 mul SS1 SS1 mul 1 add div sqrt mul neg def +/p1y p1x SS1 div neg def +/SS2 90 theta sub dup sin exch cos div def +/p2x r1 SS2 SS2 mul SS2 SS2 mul 1 add div sqrt mul def +/p2y p2x SS2 div neg def +r1 r2 gt +{ +/L1maxX p1x yMin p1y sub SS1 div add def +/L2maxX p2x yMin p2y sub SS2 div add def +} +{ +/L1maxX 0 def +/L2maxX 0 def +}ifelse +p1x p1y moveto p2x p2y lineto L2maxX L2maxX p2x sub SS2 mul p2y add lineto +L1maxX L1maxX p1x sub SS1 mul p1y add lineto +fill +} +ifelse +} +ifelse +} ifelse +} if +c1x c2x sub dup mul +c1y c2y sub dup mul +add 0.5 exp +0 dtransform +dup mul exch dup mul add 0.5 exp 72 div +0 72 matrix defaultmatrix dtransform dup mul exch dup mul add sqrt +72 0 matrix defaultmatrix dtransform dup mul exch dup mul add sqrt +1 index 1 index lt { exch } if pop +/hires exch def +hires mul +/numpix exch def +/numsteps NumSamples def +/rampIndxInc 1 def +/subsampling false def +numpix 0 ne +{ +NumSamples numpix div 0.5 gt +{ +/numsteps numpix 2 div round cvi dup 1 le { pop 2 } if def +/rampIndxInc NumSamples 1 sub numsteps div def +/subsampling true def +} if +} if +/xInc c2x c1x sub numsteps div def +/yInc c2y c1y sub numsteps div def +/rInc r2 r1 sub numsteps div def +/cx c1x def +/cy c1y def +/radius r1 def +newpath +xInc 0 eq yInc 0 eq rInc 0 eq and and +{ +0 getrampcolor +cx cy radius 0 360 arc +stroke +NumSamples 1 sub getrampcolor +cx cy radius 72 hires div add 0 360 arc +0 setlinewidth +stroke +} +{ +0 +numsteps +{ +dup +subsampling { round cvi } if +getrampcolor +cx cy radius 0 360 arc +/cx cx xInc add def +/cy cy yInc add def +/radius radius rInc add def +cx cy radius 360 0 arcn +eofill +rampIndxInc add +} +repeat +pop +} ifelse +ext1 { +c2y r2 add r1 lt +{ +c2x c2y r2 0 360 arc +fill +} +{ +c2y r1 add r2 sub 0.0001 le +{ +c2x c2y r2 360 0 arcn +pathbbox +/aymax exch def +/axmax exch def +/aymin exch def +/axmin exch def +/bxMin xMin axmin min def +/byMin yMin aymin min def +/bxMax xMax axmax max def +/byMax yMax aymax max def +bxMin byMin moveto +bxMax byMin lineto +bxMax byMax lineto +bxMin byMax lineto +bxMin byMin lineto +eofill +} +{ +c2x c2y r2 0 360 arc fill +r1 r2 eq +{ +/p1x r2 neg def +/p1y c2y def +/p2x r2 def +/p2y c2y def +p1x p1y moveto p2x p2y lineto p2x yMax lineto p1x yMax lineto +fill +} +{ +/AA r2 r1 sub c2y div def +/theta AA 1 AA dup mul sub sqrt div 1 atan def +/SS1 90 theta add dup sin exch cos div def +/p1x r2 SS1 SS1 mul SS1 SS1 mul 1 add div sqrt mul neg def +/p1y c2y p1x SS1 div sub def +/SS2 90 theta sub dup sin exch cos div def +/p2x r2 SS2 SS2 mul SS2 SS2 mul 1 add div sqrt mul def +/p2y c2y p2x SS2 div sub def +r1 r2 lt +{ +/L1maxX p1x yMax p1y sub SS1 div add def +/L2maxX p2x yMax p2y sub SS2 div add def +} +{ +/L1maxX 0 def +/L2maxX 0 def +}ifelse +p1x p1y moveto p2x p2y lineto L2maxX L2maxX p2x sub SS2 mul p2y add lineto +L1maxX L1maxX p1x sub SS1 mul p1y add lineto +fill +} +ifelse +} +ifelse +} ifelse +} if +grestore +grestore +end +end +end +} ifelse +} bind def +/GenStrips { +40 dict begin +/ColorSpaceFamily exch def +/background exch def +/ext1 exch def +/ext0 exch def +/BBox exch def +/y2 exch def +/x2 exch def +/y1 exch def +/x1 exch def +/rampdict exch def +/setinkoverprint where {pop /setinkoverprint{pop}def}if +gsave +BBox length 0 gt { +newpath +BBox 0 get BBox 1 get moveto +BBox 2 get BBox 0 get sub 0 rlineto +0 BBox 3 get BBox 1 get sub rlineto +BBox 2 get BBox 0 get sub neg 0 rlineto +closepath +clip +newpath +} if +x1 x2 eq +{ +y1 y2 lt {/theta 90 def}{/theta 270 def} ifelse +} +{ +/slope y2 y1 sub x2 x1 sub div def +/theta slope 1 atan def +x2 x1 lt y2 y1 ge and { /theta theta 180 sub def} if +x2 x1 lt y2 y1 lt and { /theta theta 180 add def} if +} +ifelse +gsave +clippath +x1 y1 translate +theta rotate +{ pathbbox } stopped +{ 0 0 0 0 } if +/yMax exch def +/xMax exch def +/yMin exch def +/xMin exch def +grestore +xMax xMin eq yMax yMin eq or +{ +grestore +end +} +{ +rampdict begin +20 dict begin +background length 0 gt { background sssetbackground gsave clippath fill grestore } if +gsave +x1 y1 translate +theta rotate +/xStart 0 def +/xEnd x2 x1 sub dup mul y2 y1 sub dup mul add 0.5 exp def +/ySpan yMax yMin sub def +/numsteps NumSamples def +/rampIndxInc 1 def +/subsampling false def +xStart 0 transform +xEnd 0 transform +3 -1 roll +sub dup mul +3 1 roll +sub dup mul +add 0.5 exp 72 div +0 72 matrix defaultmatrix dtransform dup mul exch dup mul add sqrt +72 0 matrix defaultmatrix dtransform dup mul exch dup mul add sqrt +1 index 1 index lt { exch } if pop +mul +/numpix exch def +numpix 0 ne +{ +NumSamples numpix div 0.5 gt +{ +/numsteps numpix 2 div round cvi dup 1 le { pop 2 } if def +/rampIndxInc NumSamples 1 sub numsteps div def +/subsampling true def +} if +} if +ext0 { +0 getrampcolor +xMin xStart lt +{ xMin yMin xMin neg ySpan rectfill } if +} if +/xInc xEnd xStart sub numsteps div def +/x xStart def +0 +numsteps +{ +dup +subsampling { round cvi } if +getrampcolor +x yMin xInc ySpan rectfill +/x x xInc add def +rampIndxInc add +} +repeat +pop +ext1 { +xMax xEnd gt +{ xEnd yMin xMax xEnd sub ySpan rectfill } if +} if +grestore +grestore +end +end +end +} ifelse +} bind def +}def +/page_trailer +{ + end +}def +/doc_trailer{ +}def +systemdict /findcolorrendering known{ + /findcolorrendering systemdict /findcolorrendering get def +}if +systemdict /setcolorrendering known{ + /setcolorrendering systemdict /setcolorrendering get def +}if +/test_cmyk_color_plate +{ + gsave + setcmykcolor currentgray 1 ne + grestore +}def +/inRip_spot_has_ink +{ + dup Adobe_AGM_Core/AGMCORE_name xddf + convert_spot_to_process not +}def +/map255_to_range +{ + 1 index sub + 3 -1 roll 255 div mul add +}def +/set_csa_crd +{ + /sep_colorspace_dict null AGMCORE_gput + begin + CSA map_csa setcolorspace_opt + set_crd + end +} +def +/setsepcolor +{ + /sep_colorspace_dict AGMCORE_gget begin + dup /sep_tint exch AGMCORE_gput + TintProc + end +} def +/setdevicencolor +{ + /devicen_colorspace_dict AGMCORE_gget begin + Names length copy + Names length 1 sub -1 0 + { + /devicen_tints AGMCORE_gget 3 1 roll xpt + } for + TintProc + end +} def +/sep_colorspace_proc +{ + Adobe_AGM_Core/AGMCORE_tmp xddf + /sep_colorspace_dict AGMCORE_gget begin + currentdict/Components known{ + Components aload pop + TintMethod/Lab eq{ + 2 {AGMCORE_tmp mul NComponents 1 roll} repeat + LMax sub AGMCORE_tmp mul LMax add NComponents 1 roll + }{ + TintMethod/Subtractive eq{ + NComponents{ + AGMCORE_tmp mul NComponents 1 roll + }repeat + }{ + NComponents{ + 1 sub AGMCORE_tmp mul 1 add NComponents 1 roll + } repeat + }ifelse + }ifelse + }{ + ColorLookup AGMCORE_tmp ColorLookup length 1 sub mul round cvi get + aload pop + }ifelse + end +} def +/sep_colorspace_gray_proc +{ + Adobe_AGM_Core/AGMCORE_tmp xddf + /sep_colorspace_dict AGMCORE_gget begin + GrayLookup AGMCORE_tmp GrayLookup length 1 sub mul round cvi get + end +} def +/sep_proc_name +{ + dup 0 get + dup /DeviceRGB eq exch /DeviceCMYK eq or level2 not and has_color not and{ + pop [/DeviceGray] + /sep_colorspace_gray_proc + }{ + /sep_colorspace_proc + }ifelse +} def +/setsepcolorspace +{ + current_spot_alias{ + dup begin + Name map_alias{ + exch pop + }if + end + }if + dup /sep_colorspace_dict exch AGMCORE_gput + begin + /MappedCSA CSA map_csa def + Adobe_AGM_Core/AGMCORE_sep_special Name dup () eq exch (All) eq or ddf + AGMCORE_avoid_L2_sep_space{ + [/Indexed MappedCSA sep_proc_name 255 exch + { 255 div } /exec cvx 3 -1 roll [ 4 1 roll load /exec cvx ] cvx + ] setcolorspace_opt + /TintProc { + 255 mul round cvi setcolor + }bdf + }{ + MappedCSA 0 get /DeviceCMYK eq + currentdict/Components known and + AGMCORE_sep_special not and{ + /TintProc [ + Components aload pop Name findcmykcustomcolor + /exch cvx /setcustomcolor cvx + ] cvx bdf + }{ + AGMCORE_host_sep Name (All) eq and{ + /TintProc { + 1 exch sub setseparationgray + }bdf + }{ + AGMCORE_in_rip_sep MappedCSA 0 get /DeviceCMYK eq and + AGMCORE_host_sep or + Name () eq and{ + /TintProc [ + MappedCSA sep_proc_name exch 0 get /DeviceCMYK eq{ + cvx /setcmykcolor cvx + }{ + cvx /setgray cvx + }ifelse + ] cvx bdf + }{ + AGMCORE_producing_seps MappedCSA 0 get dup /DeviceCMYK eq exch /DeviceGray eq or and AGMCORE_sep_special not and{ + /TintProc [ + /dup cvx + MappedCSA sep_proc_name cvx exch + 0 get /DeviceGray eq{ + 1 /exch cvx /sub cvx 0 0 0 4 -1 /roll cvx + }if + /Name cvx /findcmykcustomcolor cvx /exch cvx + AGMCORE_host_sep{ + AGMCORE_is_cmyk_sep + /Name cvx + /AGMCORE_IsSeparationAProcessColor load /exec cvx + /not cvx /and cvx + }{ + Name inRip_spot_has_ink not + }ifelse + [ + /pop cvx 1 + ] cvx /if cvx + /setcustomcolor cvx + ] cvx bdf + }{ + /TintProc /setcolor ldf + [/Separation Name MappedCSA sep_proc_name load ] setcolorspace_opt + }ifelse + }ifelse + }ifelse + }ifelse + }ifelse + set_crd + setsepcolor + end +} def +/additive_blend +{ + 3 dict begin + /numarrays xdf + /numcolors xdf + 0 1 numcolors 1 sub + { + /c1 xdf + 1 + 0 1 numarrays 1 sub + { + 1 exch add /index cvx + c1 /get cvx /mul cvx + }for + numarrays 1 add 1 /roll cvx + }for + numarrays [/pop cvx] cvx /repeat cvx + end +}def +/subtractive_blend +{ + 3 dict begin + /numarrays xdf + /numcolors xdf + 0 1 numcolors 1 sub + { + /c1 xdf + 1 1 + 0 1 numarrays 1 sub + { + 1 3 3 -1 roll add /index cvx + c1 /get cvx /sub cvx /mul cvx + }for + /sub cvx + numarrays 1 add 1 /roll cvx + }for + numarrays [/pop cvx] cvx /repeat cvx + end +}def +/exec_tint_transform +{ + /TintProc [ + /TintTransform cvx /setcolor cvx + ] cvx bdf + MappedCSA setcolorspace_opt +} bdf +/devn_makecustomcolor +{ + 2 dict begin + /names_index xdf + /Names xdf + 1 1 1 1 Names names_index get findcmykcustomcolor + /devicen_tints AGMCORE_gget names_index get setcustomcolor + Names length {pop} repeat + end +} bdf +/setdevicencolorspace +{ + dup /AliasedColorants known {false}{true}ifelse + current_spot_alias and { + 6 dict begin + /names_index 0 def + dup /names_len exch /Names get length def + /new_names names_len array def + /new_LookupTables names_len array def + /alias_cnt 0 def + dup /Names get + { + dup map_alias { + exch pop + dup /ColorLookup known { + dup begin + new_LookupTables names_index ColorLookup put + end + }{ + dup /Components known { + dup begin + new_LookupTables names_index Components put + end + }{ + dup begin + new_LookupTables names_index [null null null null] put + end + } ifelse + } ifelse + new_names names_index 3 -1 roll /Name get put + /alias_cnt alias_cnt 1 add def + }{ + /name xdf + new_names names_index name put + dup /LookupTables known { + dup begin + new_LookupTables names_index LookupTables names_index get put + end + }{ + dup begin + new_LookupTables names_index [null null null null] put + end + } ifelse + } ifelse + /names_index names_index 1 add def + } forall + alias_cnt 0 gt { + /AliasedColorants true def + 0 1 names_len 1 sub { + /names_index xdf + new_LookupTables names_index get 0 get null eq { + dup /Names get names_index get /name xdf + name (Cyan) eq name (Magenta) eq name (Yellow) eq name (Black) eq + or or or not { + /AliasedColorants false def + exit + } if + } if + } for + AliasedColorants { + dup begin + /Names new_names def + /AliasedColorants true def + /LookupTables new_LookupTables def + currentdict /TTTablesIdx known not { + /TTTablesIdx -1 def + } if + currentdict /NComponents known not { + /NComponents TintMethod /Subtractive eq {4}{3}ifelse def + } if + end + } if + }if + end + } if + dup /devicen_colorspace_dict exch AGMCORE_gput + begin + /MappedCSA CSA map_csa def + currentdict /AliasedColorants known { + AliasedColorants + }{ + false + } ifelse + /TintTransform load type /nulltype eq or { + /TintTransform [ + 0 1 Names length 1 sub + { + /TTTablesIdx TTTablesIdx 1 add def + dup LookupTables exch get dup 0 get null eq + { + 1 index + Names exch get + dup (Cyan) eq + { + pop exch + LookupTables length exch sub + /index cvx + 0 0 0 + } + { + dup (Magenta) eq + { + pop exch + LookupTables length exch sub + /index cvx + 0 /exch cvx 0 0 + } + { + (Yellow) eq + { + exch + LookupTables length exch sub + /index cvx + 0 0 3 -1 /roll cvx 0 + } + { + exch + LookupTables length exch sub + /index cvx + 0 0 0 4 -1 /roll cvx + } ifelse + } ifelse + } ifelse + 5 -1 /roll cvx /astore cvx + } + { + dup length 1 sub + LookupTables length 4 -1 roll sub 1 add + /index cvx /mul cvx /round cvx /cvi cvx /get cvx + } ifelse + Names length TTTablesIdx add 1 add 1 /roll cvx + } for + Names length [/pop cvx] cvx /repeat cvx + NComponents Names length + TintMethod /Subtractive eq + { + subtractive_blend + } + { + additive_blend + } ifelse + ] cvx bdf + } if + AGMCORE_host_sep { + Names convert_to_process { + exec_tint_transform + } + { + currentdict /AliasedColorants known { + AliasedColorants not + }{ + false + } ifelse + 5 dict begin + /AvoidAliasedColorants xdf + /painted? false def + /names_index 0 def + /names_len Names length def + Names { + AvoidAliasedColorants { + /currentspotalias current_spot_alias def + false set_spot_alias + } if + AGMCORE_is_cmyk_sep { + dup (Cyan) eq AGMCORE_cyan_plate and exch + dup (Magenta) eq AGMCORE_magenta_plate and exch + dup (Yellow) eq AGMCORE_yellow_plate and exch + (Black) eq AGMCORE_black_plate and or or or { + /devicen_colorspace_dict AGMCORE_gget /TintProc [ + Names names_index /devn_makecustomcolor cvx + ] cvx ddf + /painted? true def + } if + painted? {exit} if + }{ + 0 0 0 0 5 -1 roll findcmykcustomcolor 1 setcustomcolor currentgray 0 eq { + /devicen_colorspace_dict AGMCORE_gget /TintProc [ + Names names_index /devn_makecustomcolor cvx + ] cvx ddf + /painted? true def + exit + } if + } ifelse + AvoidAliasedColorants { + currentspotalias set_spot_alias + } if + /names_index names_index 1 add def + } forall + painted? { + /devicen_colorspace_dict AGMCORE_gget /names_index names_index put + }{ + /devicen_colorspace_dict AGMCORE_gget /TintProc [ + names_len [/pop cvx] cvx /repeat cvx 1 /setseparationgray cvx + 0 0 0 0 () /findcmykcustomcolor cvx 0 /setcustomcolor cvx + ] cvx ddf + } ifelse + end + } ifelse + } + { + AGMCORE_in_rip_sep { + Names convert_to_process not + }{ + level3 + } ifelse + { + [/DeviceN Names MappedCSA /TintTransform load] setcolorspace_opt + /TintProc level3 not AGMCORE_in_rip_sep and { + [ + Names /length cvx [/pop cvx] cvx /repeat cvx + ] cvx bdf + }{ + /setcolor ldf + } ifelse + }{ + exec_tint_transform + } ifelse + } ifelse + set_crd + /AliasedColorants false def + end +} def +/setindexedcolorspace +{ + dup /indexed_colorspace_dict exch AGMCORE_gput + begin + currentdict /CSD known { + CSD get_csd /Names known { + CSD get_csd begin + currentdict devncs + AGMCORE_host_sep{ + 4 dict begin + /devnCompCnt Names length def + /NewLookup HiVal 1 add string def + 0 1 HiVal { + /tableIndex xdf + Lookup dup type /stringtype eq { + devnCompCnt tableIndex map_index + }{ + exec + } ifelse + setdevicencolor + currentgray + tableIndex exch + HiVal mul cvi + NewLookup 3 1 roll put + } for + [/Indexed currentcolorspace HiVal NewLookup] setcolorspace_opt + end + }{ + level3 + { + [/Indexed [/DeviceN Names MappedCSA /TintTransform load] HiVal Lookup] setcolorspace_opt + }{ + [/Indexed MappedCSA HiVal + [ + Lookup dup type /stringtype eq + {/exch cvx CSD get_csd /Names get length dup /mul cvx exch /getinterval cvx {255 div} /forall cvx} + {/exec cvx}ifelse + /TintTransform load /exec cvx + ]cvx + ]setcolorspace_opt + }ifelse + } ifelse + end + }{ + } ifelse + set_crd + } + { + /MappedCSA CSA map_csa def + AGMCORE_host_sep level2 not and{ + 0 0 0 0 setcmykcolor + }{ + [/Indexed MappedCSA + level2 not has_color not and{ + dup 0 get dup /DeviceRGB eq exch /DeviceCMYK eq or{ + pop [/DeviceGray] + }if + HiVal GrayLookup + }{ + HiVal + currentdict/RangeArray known{ + { + /indexed_colorspace_dict AGMCORE_gget begin + Lookup exch + dup HiVal gt{ + pop HiVal + }if + NComponents mul NComponents getinterval {} forall + NComponents 1 sub -1 0{ + RangeArray exch 2 mul 2 getinterval aload pop map255_to_range + NComponents 1 roll + }for + end + } bind + }{ + Lookup + }ifelse + }ifelse + ] setcolorspace_opt + set_crd + }ifelse + }ifelse + end +}def +/setindexedcolor +{ + AGMCORE_host_sep { + /indexed_colorspace_dict AGMCORE_gget dup /CSD known { + begin + CSD get_csd begin + map_indexed_devn + devn + end + end + }{ + AGMCORE_gget/Lookup get 4 3 -1 roll map_index + pop setcmykcolor + } ifelse + }{ + level3 not AGMCORE_in_rip_sep and /indexed_colorspace_dict AGMCORE_gget /CSD known and { + /indexed_colorspace_dict AGMCORE_gget /CSD get get_csd begin + map_indexed_devn + devn + end + } + { + setcolor + } ifelse + }ifelse +} def +/ignoreimagedata +{ + currentoverprint not{ + gsave + dup clonedict begin + 1 setgray + /Decode [0 1] def + /DataSource <FF> def + /MultipleDataSources false def + /BitsPerComponent 8 def + currentdict end + systemdict /image get exec + grestore + }if + consumeimagedata +}def +/add_csa +{ + Adobe_AGM_Core begin + /AGMCORE_CSA_cache xput + end +}def +/get_csa_by_name +{ + dup type dup /nametype eq exch /stringtype eq or{ + Adobe_AGM_Core begin + 1 dict begin + /name xdf + AGMCORE_CSA_cache + { + 0 get name eq { + exit + }{ + pop + } ifelse + }forall + end + end + }{ + pop + } ifelse +}def +/map_csa +{ + dup type /nametype eq{ + Adobe_AGM_Core/AGMCORE_CSA_cache get exch get + }if +}def +/add_csd +{ + Adobe_AGM_Core begin + /AGMCORE_CSD_cache xput + end +}def +/get_csd +{ + dup type /nametype eq{ + Adobe_AGM_Core/AGMCORE_CSD_cache get exch get + }if +}def +/pattern_buf_init +{ + /count get 0 0 put +} def +/pattern_buf_next +{ + dup /count get dup 0 get + dup 3 1 roll + 1 add 0 xpt + get +} def +/cachepattern_compress +{ + 5 dict begin + currentfile exch 0 exch /SubFileDecode filter /ReadFilter exch def + /patarray 20 dict def + /string_size 16000 def + /readbuffer string_size string def + currentglobal true setglobal + patarray 1 array dup 0 1 put /count xpt + setglobal + /LZWFilter + { + exch + dup length 0 eq { + pop + }{ + patarray dup length 1 sub 3 -1 roll put + } ifelse + {string_size}{0}ifelse string + } /LZWEncode filter def + { + ReadFilter readbuffer readstring + exch LZWFilter exch writestring + not {exit} if + } loop + LZWFilter closefile + patarray + end +}def +/cachepattern +{ + 2 dict begin + currentfile exch 0 exch /SubFileDecode filter /ReadFilter exch def + /patarray 20 dict def + currentglobal true setglobal + patarray 1 array dup 0 1 put /count xpt + setglobal + { + ReadFilter 16000 string readstring exch + patarray dup length 1 sub 3 -1 roll put + not {exit} if + } loop + patarray dup dup length 1 sub () put + end +}def +/add_pattern +{ + Adobe_AGM_Core begin + /AGMCORE_pattern_cache xput + end +}def +/get_pattern +{ + dup type /nametype eq{ + Adobe_AGM_Core/AGMCORE_pattern_cache get exch get + dup wrap_paintproc + }if +}def +/wrap_paintproc +{ + statusdict /currentfilenameextend known{ + begin + /OldPaintProc /PaintProc load def + /PaintProc + { + mark exch + dup /OldPaintProc get stopped + {closefile restore end} if + cleartomark + } def + end + } {pop} ifelse +} def +/make_pattern +{ + dup matrix currentmatrix matrix concatmatrix 0 0 3 2 roll itransform + exch 3 index /XStep get 1 index exch 2 copy div cvi mul sub sub + exch 3 index /YStep get 1 index exch 2 copy div cvi mul sub sub + matrix translate exch matrix concatmatrix + 1 index begin + BBox 0 get XStep div cvi XStep mul /xshift exch neg def + BBox 1 get YStep div cvi YStep mul /yshift exch neg def + BBox 0 get xshift add + BBox 1 get yshift add + BBox 2 get xshift add + BBox 3 get yshift add + 4 array astore + /BBox exch def + [ xshift yshift /translate load null /exec load ] dup + 3 /PaintProc load put cvx /PaintProc exch def + end + gsave 0 setgray + makepattern + grestore +}def +/set_pattern +{ + dup /PatternType get 1 eq{ + dup /PaintType get 1 eq{ + currentoverprint sop [/DeviceGray] setcolorspace 0 setgray + }if + }if + setpattern +}def +/setcolorspace_opt +{ + dup currentcolorspace eq{ + pop + }{ + setcolorspace + }ifelse +}def +/updatecolorrendering +{ + currentcolorrendering/Intent known{ + currentcolorrendering/Intent get + }{ + null + }ifelse + Intent ne{ + false + Intent + AGMCORE_CRD_cache { + exch pop + begin + dup Intent eq{ + currentdict setcolorrendering_opt + end + exch pop true exch + exit + }if + end + } forall + pop + not{ + systemdict /findcolorrendering known{ + Intent findcolorrendering pop + /ColorRendering findresource + dup length dict copy + setcolorrendering_opt + }if + }if + }if +} def +/add_crd +{ + AGMCORE_CRD_cache 3 1 roll put +}def +/set_crd +{ + AGMCORE_host_sep not level2 and{ + currentdict/CRD known{ + AGMCORE_CRD_cache CRD get dup null ne{ + setcolorrendering_opt + }{ + pop + }ifelse + }{ + currentdict/Intent known{ + updatecolorrendering + }if + }ifelse + currentcolorspace dup type /arraytype eq + {0 get}if + /DeviceRGB eq + { + currentdict/UCR known + {/UCR}{/AGMCORE_currentucr}ifelse + load setundercolorremoval + currentdict/BG known + {/BG}{/AGMCORE_currentbg}ifelse + load setblackgeneration + }if + }if +}def +/setcolorrendering_opt +{ + dup currentcolorrendering eq{ + pop + }{ + begin + /Intent Intent def + currentdict + end + setcolorrendering + }ifelse +}def +/cpaint_gcomp +{ + convert_to_process Adobe_AGM_Core/AGMCORE_ConvertToProcess xddf + Adobe_AGM_Core/AGMCORE_ConvertToProcess get not + { + (%end_cpaint_gcomp) flushinput + }if +}def +/cpaint_gsep +{ + Adobe_AGM_Core/AGMCORE_ConvertToProcess get + { + (%end_cpaint_gsep) flushinput + }if +}def +/cpaint_gend +{ + newpath +}def +/path_rez +{ + dup 0 ne{ + AGMCORE_deviceDPI exch div + dup 1 lt{ + pop 1 + }if + setflat + }{ + pop + }ifelse +}def +/set_spot_alias_ary +{ + /AGMCORE_SpotAliasAry where{ + pop pop + }{ + Adobe_AGM_Core/AGMCORE_SpotAliasAry xddf + true set_spot_alias + }ifelse +}def +/set_spot_alias +{ + /AGMCORE_SpotAliasAry where{ + /AGMCORE_current_spot_alias 3 -1 roll put + }{ + pop + }ifelse +}def +/current_spot_alias +{ + /AGMCORE_SpotAliasAry where{ + /AGMCORE_current_spot_alias get + }{ + false + }ifelse +}def +/map_alias +{ + /AGMCORE_SpotAliasAry where{ + begin + /AGMCORE_name xdf + false + AGMCORE_SpotAliasAry{ + dup/Name get AGMCORE_name eq{ + save exch + /Adobe_AGM_Core currentdict def + /CSD get get_csd + exch restore + exch pop true + exit + }{ + pop + }ifelse + }forall + end + }{ + pop false + }ifelse +}bdf +/spot_alias +{ + true set_spot_alias + /AGMCORE_&setcustomcolor AGMCORE_key_known not { + Adobe_AGM_Core/AGMCORE_&setcustomcolor /setcustomcolor load put + } if + /customcolor_tint 1 AGMCORE_gput + Adobe_AGM_Core begin + /setcustomcolor + { + dup /customcolor_tint exch AGMCORE_gput + current_spot_alias{ + 1 index 4 get map_alias{ + mark 3 1 roll + setsepcolorspace + counttomark 0 ne{ + setsepcolor + }if + pop + pop + }{ + AGMCORE_&setcustomcolor + }ifelse + }{ + AGMCORE_&setcustomcolor + }ifelse + }bdf + end +}def +/begin_feature +{ + Adobe_AGM_Core/AGMCORE_feature_dictCount countdictstack put + count Adobe_AGM_Core/AGMCORE_feature_opCount 3 -1 roll put + {Adobe_AGM_Core/AGMCORE_feature_ctm matrix currentmatrix put}if +}def +/end_feature +{ + 2 dict begin + /spd /setpagedevice load def + /setpagedevice { get_gstate spd set_gstate } def + stopped{$error/newerror false put}if + end + count Adobe_AGM_Core/AGMCORE_feature_opCount get sub dup 0 gt{{pop}repeat}{pop}ifelse + countdictstack Adobe_AGM_Core/AGMCORE_feature_dictCount get sub dup 0 gt{{end}repeat}{pop}ifelse + {Adobe_AGM_Core/AGMCORE_feature_ctm get setmatrix}if +}def +/set_negative +{ + Adobe_AGM_Core begin + /AGMCORE_inverting exch def + level2{ + currentpagedevice/NegativePrint known{ + currentpagedevice/NegativePrint get Adobe_AGM_Core/AGMCORE_inverting get ne{ + true begin_feature true{ + bdict /NegativePrint Adobe_AGM_Core/AGMCORE_inverting get edict setpagedevice + }end_feature + }if + /AGMCORE_inverting false def + }if + }if + AGMCORE_inverting{ + [{1 exch sub}/exec load dup currenttransfer exch]cvx bind settransfer + gsave newpath clippath 1 /setseparationgray where{pop setseparationgray}{setgray}ifelse + /AGMIRS_&fill where {pop AGMIRS_&fill}{fill} ifelse grestore + }if + end +}def +/lw_save_restore_override { + /md where { + pop + md begin + initializepage + /initializepage{}def + /pmSVsetup{} def + /endp{}def + /pse{}def + /psb{}def + /orig_showpage where + {pop} + {/orig_showpage /showpage load def} + ifelse + /showpage {orig_showpage gR} def + end + }if +}def +/pscript_showpage_override { + /NTPSOct95 where + { + begin + showpage + save + /showpage /restore load def + /restore {exch pop}def + end + }if +}def +/driver_media_override +{ + /md where { + pop + md /initializepage known { + md /initializepage {} put + } if + md /rC known { + md /rC {4{pop}repeat} put + } if + }if + /mysetup where { + /mysetup [1 0 0 1 0 0] put + }if + Adobe_AGM_Core /AGMCORE_Default_CTM matrix currentmatrix put + level2 + {Adobe_AGM_Core /AGMCORE_Default_PageSize currentpagedevice/PageSize get put}if +}def +/driver_check_media_override +{ + /PrepsDict where + {pop} + { + Adobe_AGM_Core /AGMCORE_Default_CTM get matrix currentmatrix ne + Adobe_AGM_Core /AGMCORE_Default_PageSize get type /arraytype eq + { + Adobe_AGM_Core /AGMCORE_Default_PageSize get 0 get currentpagedevice/PageSize get 0 get eq and + Adobe_AGM_Core /AGMCORE_Default_PageSize get 1 get currentpagedevice/PageSize get 1 get eq and + }if + { + Adobe_AGM_Core /AGMCORE_Default_CTM get setmatrix + }if + }ifelse +}def +AGMCORE_err_strings begin + /AGMCORE_bad_environ (Environment not satisfactory for this job. Ensure that the PPD is correct or that the PostScript level requested is supported by this printer. ) def + /AGMCORE_color_space_onhost_seps (This job contains colors that will not separate with on-host methods. ) def + /AGMCORE_invalid_color_space (This job contains an invalid color space. ) def +end +end +systemdict /setpacking known +{ + setpacking +} if +%%EndResource +%%BeginResource: procset Adobe_CoolType_Core 2.23 0 +%%Copyright: Copyright 1997-2003 Adobe Systems Incorporated. All Rights Reserved. +%%Version: 2.23 0 +10 dict begin +/Adobe_CoolType_Passthru currentdict def +/Adobe_CoolType_Core_Defined userdict /Adobe_CoolType_Core known def +Adobe_CoolType_Core_Defined + { /Adobe_CoolType_Core userdict /Adobe_CoolType_Core get def } +if +userdict /Adobe_CoolType_Core 60 dict dup begin put +/Adobe_CoolType_Version 2.23 def +/Level2? + systemdict /languagelevel known dup + { pop systemdict /languagelevel get 2 ge } + if def +Level2? not + { + /currentglobal false def + /setglobal /pop load def + /gcheck { pop false } bind def + /currentpacking false def + /setpacking /pop load def + /SharedFontDirectory 0 dict def + } +if +currentpacking +true setpacking +/@_SaveStackLevels + { + Adobe_CoolType_Data + begin + @opStackCountByLevel @opStackLevel + 2 copy known not + { 2 copy 3 dict dup /args 7 index 5 add array put put get } + { + get dup /args get dup length 3 index lt + { + dup length 5 add array exch + 1 index exch 0 exch putinterval + 1 index exch /args exch put + } + { pop } + ifelse + } + ifelse + begin + count 2 sub 1 index lt + { pop count 1 sub } + if + dup /argCount exch def + dup 0 gt + { + exch 1 index 2 add 1 roll + args exch 0 exch getinterval + astore pop + } + { pop } + ifelse + count 1 sub /restCount exch def + end + /@opStackLevel @opStackLevel 1 add def + countdictstack 1 sub + @dictStackCountByLevel exch @dictStackLevel exch put + /@dictStackLevel @dictStackLevel 1 add def + end + } bind def +/@_RestoreStackLevels + { + Adobe_CoolType_Data + begin + /@opStackLevel @opStackLevel 1 sub def + @opStackCountByLevel @opStackLevel get + begin + count restCount sub dup 0 gt + { { pop } repeat } + { pop } + ifelse + args 0 argCount getinterval {} forall + end + /@dictStackLevel @dictStackLevel 1 sub def + @dictStackCountByLevel @dictStackLevel get + end + countdictstack exch sub dup 0 gt + { { end } repeat } + { pop } + ifelse + } bind def +/@_PopStackLevels + { + Adobe_CoolType_Data + begin + /@opStackLevel @opStackLevel 1 sub def + /@dictStackLevel @dictStackLevel 1 sub def + end + } bind def +/@Raise + { + exch cvx exch errordict exch get exec + stop + } bind def +/@ReRaise + { + cvx $error /errorname get errordict exch get exec + stop + } bind def +/@Stopped + { + 0 @#Stopped + } bind def +/@#Stopped + { + @_SaveStackLevels + stopped + { @_RestoreStackLevels true } + { @_PopStackLevels false } + ifelse + } bind def +/@Arg + { + Adobe_CoolType_Data + begin + @opStackCountByLevel @opStackLevel 1 sub get /args get exch get + end + } bind def +currentglobal true setglobal +/CTHasResourceForAllBug + Level2? + { + 1 dict dup begin + mark + { + (*) { pop stop } 128 string /Category + resourceforall + } + stopped + cleartomark + currentdict eq dup + { end } + if + not + } + { false } + ifelse + def +/CTHasResourceStatusBug + Level2? + { + mark + { /steveamerige /Category resourcestatus } + stopped + { cleartomark true } + { cleartomark currentglobal not } + ifelse + } + { false } + ifelse + def +setglobal +/CTResourceStatus + { + mark 3 1 roll + /Category findresource + begin + ({ResourceStatus} stopped) 0 () /SubFileDecode filter cvx exec + { cleartomark false } + { { 3 2 roll pop true } { cleartomark false } ifelse } + ifelse + end + } bind def +/CTWorkAroundBugs + { + Level2? + { + /cid_PreLoad /ProcSet resourcestatus + { + pop pop + currentglobal + mark + { + (*) + { + dup /CMap CTHasResourceStatusBug + { CTResourceStatus } + { resourcestatus } + ifelse + { + pop dup 0 eq exch 1 eq or + { + dup /CMap findresource gcheck setglobal + /CMap undefineresource + } + { + pop CTHasResourceForAllBug + { exit } + { stop } + ifelse + } + ifelse + } + { pop } + ifelse + } + 128 string /CMap resourceforall + } + stopped + { cleartomark } + stopped pop + setglobal + } + if + } + if + } bind def +/doc_setup + { + Adobe_CoolType_Core + begin + CTWorkAroundBugs + /mov /moveto load def + /nfnt /newencodedfont load def + /mfnt /makefont load def + /sfnt /setfont load def + /ufnt /undefinefont load def + /chp /charpath load def + /awsh /awidthshow load def + /wsh /widthshow load def + /ash /ashow load def + /sh /show load def + end + userdict /Adobe_CoolType_Data 10 dict dup + begin + /AddWidths? false def + /CC 0 def + /charcode 2 string def + /@opStackCountByLevel 32 dict def + /@opStackLevel 0 def + /@dictStackCountByLevel 32 dict def + /@dictStackLevel 0 def + /InVMFontsByCMap 10 dict def + /InVMDeepCopiedFonts 10 dict def + end put + } bind def +/doc_trailer + { + currentdict Adobe_CoolType_Core eq + { end } + if + } bind def +/page_setup + { + Adobe_CoolType_Core begin + } bind def +/page_trailer + { + end + } bind def +/unload + { + systemdict /languagelevel known + { + systemdict/languagelevel get 2 ge + { + userdict/Adobe_CoolType_Core 2 copy known + { undef } + { pop pop } + ifelse + } + if + } + if + } bind def +/ndf + { + 1 index where + { pop pop pop } + { dup xcheck { bind } if def } + ifelse + } def +/findfont systemdict + begin + userdict + begin + /globaldict where { /globaldict get begin } if + dup where pop exch get + /globaldict where { pop end } if + end + end +Adobe_CoolType_Core_Defined + { /systemfindfont exch def } + { + /findfont 1 index def + /systemfindfont exch def + } +ifelse +/undefinefont + { pop } ndf +/copyfont + { + currentglobal 3 1 roll + 1 index gcheck setglobal + dup null eq { 0 } { dup length } ifelse + 2 index length add 1 add dict + begin + exch + { + 1 index /FID eq + { pop pop } + { def } + ifelse + } + forall + dup null eq + { pop } + { { def } forall } + ifelse + currentdict + end + exch setglobal + } bind def +/copyarray + { + currentglobal exch + dup gcheck setglobal + dup length array copy + exch setglobal + } bind def +/newencodedfont + { + currentglobal + { + SharedFontDirectory 3 index known + { SharedFontDirectory 3 index get /FontReferenced known } + { false } + ifelse + } + { + FontDirectory 3 index known + { FontDirectory 3 index get /FontReferenced known } + { + SharedFontDirectory 3 index known + { SharedFontDirectory 3 index get /FontReferenced known } + { false } + ifelse + } + ifelse + } + ifelse + dup + { + 3 index findfont /FontReferenced get + 2 index dup type /nametype eq + {findfont} + if ne + { pop false } + if + } + if + { + pop + 1 index findfont + /Encoding get exch + 0 1 255 + { 2 copy get 3 index 3 1 roll put } + for + pop pop pop + } + { + dup type /nametype eq + { findfont } + if + dup dup maxlength 2 add dict + begin + exch + { + 1 index /FID ne + {def} + {pop pop} + ifelse + } + forall + /FontReferenced exch def + /Encoding exch dup length array copy def + /FontName 1 index dup type /stringtype eq { cvn } if def dup + currentdict + end + definefont def + } + ifelse + } bind def +/SetSubstituteStrategy + { + $SubstituteFont + begin + dup type /dicttype ne + { 0 dict } + if + currentdict /$Strategies known + { + exch $Strategies exch + 2 copy known + { + get + 2 copy maxlength exch maxlength add dict + begin + { def } forall + { def } forall + currentdict + dup /$Init known + { dup /$Init get exec } + if + end + /$Strategy exch def + } + { pop pop pop } + ifelse + } + { pop pop } + ifelse + end + } bind def +/scff + { + $SubstituteFont + begin + dup type /stringtype eq + { dup length exch } + { null } + ifelse + /$sname exch def + /$slen exch def + /$inVMIndex + $sname null eq + { + 1 index $str cvs + dup length $slen sub $slen getinterval cvn + } + { $sname } + ifelse def + end + { findfont } + @Stopped + { + dup length 8 add string exch + 1 index 0 (BadFont:) putinterval + 1 index exch 8 exch dup length string cvs putinterval cvn + { findfont } + @Stopped + { pop /Courier findfont } + if + } + if + $SubstituteFont + begin + /$sname null def + /$slen 0 def + /$inVMIndex null def + end + } bind def +/isWidthsOnlyFont + { + dup /WidthsOnly known + { pop pop true } + { + dup /FDepVector known + { /FDepVector get { isWidthsOnlyFont dup { exit } if } forall } + { + dup /FDArray known + { /FDArray get { isWidthsOnlyFont dup { exit } if } forall } + { pop } + ifelse + } + ifelse + } + ifelse + } bind def +/?str1 256 string def +/?set + { + $SubstituteFont + begin + /$substituteFound false def + /$fontname 4 index def + /$doSmartSub false def + end + 3 index + currentglobal false setglobal exch + /CompatibleFonts /ProcSet resourcestatus + { + pop pop + /CompatibleFonts /ProcSet findresource + begin + dup /CompatibleFont currentexception + 1 index /CompatibleFont true setexception + 1 index /Font resourcestatus + { + pop pop + 3 2 roll setglobal + end + exch + dup findfont + /CompatibleFonts /ProcSet findresource + begin + 3 1 roll exch /CompatibleFont exch setexception + end + } + { + 3 2 roll setglobal + 1 index exch /CompatibleFont exch setexception + end + findfont + $SubstituteFont /$substituteFound true put + } + ifelse + } + { exch setglobal findfont } + ifelse + $SubstituteFont + begin + $substituteFound + { + false + (%%[Using embedded font ) print + 5 index ?str1 cvs print + ( to avoid the font substitution problem noted earlier.]%%\n) print + } + { + dup /FontName known + { + dup /FontName get $fontname eq + 1 index /DistillerFauxFont known not and + /currentdistillerparams where + { pop false 2 index isWidthsOnlyFont not and } + if + } + { false } + ifelse + } + ifelse + exch pop + /$doSmartSub true def + end + { + exch pop exch pop exch + 2 dict dup /Found 3 index put + exch findfont exch + } + { + exch exec + exch dup findfont + dup /FontType get 3 eq + { + exch ?str1 cvs + dup length 1 sub + -1 0 + { + exch dup 2 index get 42 eq + { + exch 0 exch getinterval cvn 4 1 roll 3 2 roll pop + exit + } + {exch pop} ifelse + }for + } + { + exch pop + } ifelse + 2 dict dup /Downloaded 6 5 roll put + } + ifelse + dup /FontName 4 index put copyfont definefont pop + } bind def +/?str2 256 string def +/?add + { + 1 index type /integertype eq + { exch true 4 2 } + { false 3 1 } + ifelse + roll + 1 index findfont + dup /Widths known + { + Adobe_CoolType_Data /AddWidths? true put + gsave dup 1000 scalefont setfont + } + if + /Downloaded known + { + exec + exch + { + exch ?str2 cvs exch + findfont /Downloaded get 1 dict begin /Downloaded 1 index def ?str1 cvs length + ?str1 1 index 1 add 3 index putinterval + exch length 1 add 1 index add + ?str1 2 index (*) putinterval + ?str1 0 2 index getinterval cvn findfont + ?str1 3 index (+) putinterval + 2 dict dup /FontName ?str1 0 6 index getinterval cvn put + dup /Downloaded Downloaded put end copyfont + dup /FontName get exch definefont pop pop pop + } + { + pop + } + ifelse + } + { + pop + exch + { + findfont + dup /Found get + dup length exch ?str1 cvs pop + ?str1 1 index (+) putinterval + ?str1 1 index 1 add 4 index ?str2 cvs putinterval + ?str1 exch 0 exch 5 4 roll ?str2 cvs length 1 add add getinterval cvn + 1 dict exch 1 index exch /FontName exch put copyfont + dup /FontName get exch definefont pop + } + { + pop + } + ifelse + } + ifelse + Adobe_CoolType_Data /AddWidths? get + { grestore Adobe_CoolType_Data /AddWidths? false put } + if + } bind def +/?sh + { + currentfont /Downloaded known { exch } if pop + } bind def +/?chp + { + currentfont /Downloaded known { pop } { false chp } ifelse + } bind def +/?mv + { + currentfont /Downloaded known { moveto pop pop } { pop pop moveto } ifelse + } bind def +setpacking +userdict /$SubstituteFont 25 dict put +1 dict + begin + /SubstituteFont + dup $error exch 2 copy known + { get } + { pop pop { pop /Courier } bind } + ifelse def + /currentdistillerparams where dup + { + pop pop + currentdistillerparams /CannotEmbedFontPolicy 2 copy known + { get /Error eq } + { pop pop false } + ifelse + } + if not + { + countdictstack array dictstack 0 get + begin + userdict + begin + $SubstituteFont + begin + /$str 128 string def + /$fontpat 128 string def + /$slen 0 def + /$sname null def + /$match false def + /$fontname null def + /$substituteFound false def + /$inVMIndex null def + /$doSmartSub true def + /$depth 0 def + /$fontname null def + /$italicangle 26.5 def + /$dstack null def + /$Strategies 10 dict dup + begin + /$Type3Underprint + { + currentglobal exch false setglobal + 11 dict + begin + /UseFont exch + $WMode 0 ne + { + dup length dict copy + dup /WMode $WMode put + /UseFont exch definefont + } + if def + /FontName $fontname dup type /stringtype eq { cvn } if def + /FontType 3 def + /FontMatrix [ .001 0 0 .001 0 0 ] def + /Encoding 256 array dup 0 1 255 { /.notdef put dup } for pop def + /FontBBox [ 0 0 0 0 ] def + /CCInfo 7 dict dup + begin + /cc null def + /x 0 def + /y 0 def + end def + /BuildChar + { + exch + begin + CCInfo + begin + 1 string dup 0 3 index put exch pop + /cc exch def + UseFont 1000 scalefont setfont + cc stringwidth /y exch def /x exch def + x y setcharwidth + $SubstituteFont /$Strategy get /$Underprint get exec + 0 0 moveto cc show + x y moveto + end + end + } bind def + currentdict + end + exch setglobal + } bind def + /$GetaTint + 2 dict dup + begin + /$BuildFont + { + dup /WMode known + { dup /WMode get } + { 0 } + ifelse + /$WMode exch def + $fontname exch + dup /FontName known + { + dup /FontName get + dup type /stringtype eq { cvn } if + } + { /unnamedfont } + ifelse + exch + Adobe_CoolType_Data /InVMDeepCopiedFonts get + 1 index /FontName get known + { + pop + Adobe_CoolType_Data /InVMDeepCopiedFonts get + 1 index get + null copyfont + } + { $deepcopyfont } + ifelse + exch 1 index exch /FontBasedOn exch put + dup /FontName $fontname dup type /stringtype eq { cvn } if put + definefont + Adobe_CoolType_Data /InVMDeepCopiedFonts get + begin + dup /FontBasedOn get 1 index def + end + } bind def + /$Underprint + { + gsave + x abs y abs gt + { /y 1000 def } + { /x -1000 def 500 120 translate } + ifelse + Level2? + { + [ /Separation (All) /DeviceCMYK { 0 0 0 1 pop } ] + setcolorspace + } + { 0 setgray } + ifelse + 10 setlinewidth + x .8 mul + [ 7 3 ] + { + y mul 8 div 120 sub x 10 div exch moveto + 0 y 4 div neg rlineto + dup 0 rlineto + 0 y 4 div rlineto + closepath + gsave + Level2? + { .2 setcolor } + { .8 setgray } + ifelse + fill grestore + stroke + } + forall + pop + grestore + } bind def + end def + /$Oblique + 1 dict dup + begin + /$BuildFont + { + currentglobal exch dup gcheck setglobal + null copyfont + begin + /FontBasedOn + currentdict /FontName known + { + FontName + dup type /stringtype eq { cvn } if + } + { /unnamedfont } + ifelse + def + /FontName $fontname dup type /stringtype eq { cvn } if def + /currentdistillerparams where + { pop } + { + /FontInfo currentdict /FontInfo known + { FontInfo null copyfont } + { 2 dict } + ifelse + dup + begin + /ItalicAngle $italicangle def + /FontMatrix FontMatrix + [ 1 0 ItalicAngle dup sin exch cos div 1 0 0 ] + matrix concatmatrix readonly + end + 4 2 roll def + def + } + ifelse + FontName currentdict + end + definefont + exch setglobal + } bind def + end def + /$None + 1 dict dup + begin + /$BuildFont {} bind def + end def + end def + /$Oblique SetSubstituteStrategy + /$findfontByEnum + { + dup type /stringtype eq { cvn } if + dup /$fontname exch def + $sname null eq + { $str cvs dup length $slen sub $slen getinterval } + { pop $sname } + ifelse + $fontpat dup 0 (fonts/*) putinterval exch 7 exch putinterval + /$match false def + $SubstituteFont /$dstack countdictstack array dictstack put + mark + { + $fontpat 0 $slen 7 add getinterval + { /$match exch def exit } + $str filenameforall + } + stopped + { + cleardictstack + currentdict + true + $SubstituteFont /$dstack get + { + exch + { + 1 index eq + { pop false } + { true } + ifelse + } + { begin false } + ifelse + } + forall + pop + } + if + cleartomark + /$slen 0 def + $match false ne + { $match (fonts/) anchorsearch pop pop cvn } + { /Courier } + ifelse + } bind def + /$ROS 1 dict dup + begin + /Adobe 4 dict dup + begin + /Japan1 [ /Ryumin-Light /HeiseiMin-W3 + /GothicBBB-Medium /HeiseiKakuGo-W5 + /HeiseiMaruGo-W4 /Jun101-Light ] def + /Korea1 [ /HYSMyeongJo-Medium /HYGoThic-Medium ] def + /GB1 [ /STSong-Light /STHeiti-Regular ] def + /CNS1 [ /MKai-Medium /MHei-Medium ] def + end def + end def + /$cmapname null def + /$deepcopyfont + { + dup /FontType get 0 eq + { + 1 dict dup /FontName /copied put copyfont + begin + /FDepVector FDepVector copyarray + 0 1 2 index length 1 sub + { + 2 copy get $deepcopyfont + dup /FontName /copied put + /copied exch definefont + 3 copy put pop pop + } + for + def + currentdict + end + } + { $Strategies /$Type3Underprint get exec } + ifelse + } bind def + /$buildfontname + { + dup /CIDFont findresource /CIDSystemInfo get + begin + Registry length Ordering length Supplement 8 string cvs + 3 copy length 2 add add add string + dup 5 1 roll dup 0 Registry putinterval + dup 4 index (-) putinterval + dup 4 index 1 add Ordering putinterval + 4 2 roll add 1 add 2 copy (-) putinterval + end + 1 add 2 copy 0 exch getinterval $cmapname $fontpat cvs exch + anchorsearch + { pop pop 3 2 roll putinterval cvn /$cmapname exch def } + { pop pop pop pop pop } + ifelse + length + $str 1 index (-) putinterval 1 add + $str 1 index $cmapname $fontpat cvs putinterval + $cmapname length add + $str exch 0 exch getinterval cvn + } bind def + /$findfontByROS + { + /$fontname exch def + $ROS Registry 2 copy known + { + get Ordering 2 copy known + { get } + { pop pop [] } + ifelse + } + { pop pop [] } + ifelse + false exch + { + dup /CIDFont resourcestatus + { + pop pop + save + 1 index /CIDFont findresource + dup /WidthsOnly known + { dup /WidthsOnly get } + { false } + ifelse + exch pop + exch restore + { pop } + { exch pop true exit } + ifelse + } + { pop } + ifelse + } + forall + { $str cvs $buildfontname } + { + false (*) + { + save exch + dup /CIDFont findresource + dup /WidthsOnly known + { dup /WidthsOnly get not } + { true } + ifelse + exch /CIDSystemInfo get + dup /Registry get Registry eq + exch /Ordering get Ordering eq and and + { exch restore exch pop true exit } + { pop restore } + ifelse + } + $str /CIDFont resourceforall + { $buildfontname } + { $fontname $findfontByEnum } + ifelse + } + ifelse + } bind def + end + end + currentdict /$error known currentdict /languagelevel known and dup + { pop $error /SubstituteFont known } + if + dup + { $error } + { Adobe_CoolType_Core } + ifelse + begin + { + /SubstituteFont + /CMap /Category resourcestatus + { + pop pop + { + $SubstituteFont + begin + /$substituteFound true def + dup length $slen gt + $sname null ne or + $slen 0 gt and + { + $sname null eq + { dup $str cvs dup length $slen sub $slen getinterval cvn } + { $sname } + ifelse + Adobe_CoolType_Data /InVMFontsByCMap get + 1 index 2 copy known + { + get + false exch + { + pop + currentglobal + { + GlobalFontDirectory 1 index known + { exch pop true exit } + { pop } + ifelse + } + { + FontDirectory 1 index known + { exch pop true exit } + { + GlobalFontDirectory 1 index known + { exch pop true exit } + { pop } + ifelse + } + ifelse + } + ifelse + } + forall + } + { pop pop false } + ifelse + { + exch pop exch pop + } + { + dup /CMap resourcestatus + { + pop pop + dup /$cmapname exch def + /CMap findresource /CIDSystemInfo get { def } forall + $findfontByROS + } + { + 128 string cvs + dup (-) search + { + 3 1 roll search + { + 3 1 roll pop + { dup cvi } + stopped + { pop pop pop pop pop $findfontByEnum } + { + 4 2 roll pop pop + exch length + exch + 2 index length + 2 index + sub + exch 1 sub -1 0 + { + $str cvs dup length + 4 index + 0 + 4 index + 4 3 roll add + getinterval + exch 1 index exch 3 index exch + putinterval + dup /CMap resourcestatus + { + pop pop + 4 1 roll pop pop pop + dup /$cmapname exch def + /CMap findresource /CIDSystemInfo get { def } forall + $findfontByROS + true exit + } + { pop } + ifelse + } + for + dup type /booleantype eq + { pop } + { pop pop pop $findfontByEnum } + ifelse + } + ifelse + } + { pop pop pop $findfontByEnum } + ifelse + } + { pop pop $findfontByEnum } + ifelse + } + ifelse + } + ifelse + } + { //SubstituteFont exec } + ifelse + /$slen 0 def + end + } + } + { + { + $SubstituteFont + begin + /$substituteFound true def + dup length $slen gt + $sname null ne or + $slen 0 gt and + { $findfontByEnum } + { //SubstituteFont exec } + ifelse + end + } + } + ifelse + bind readonly def + Adobe_CoolType_Core /scfindfont /systemfindfont load put + } + { + /scfindfont + { + $SubstituteFont + begin + dup systemfindfont + dup /FontName known + { dup /FontName get dup 3 index ne } + { /noname true } + ifelse + dup + { + /$origfontnamefound 2 index def + /$origfontname 4 index def /$substituteFound true def + } + if + exch pop + { + $slen 0 gt + $sname null ne + 3 index length $slen gt or and + { + pop dup $findfontByEnum findfont + dup maxlength 1 add dict + begin + { 1 index /FID eq { pop pop } { def } ifelse } + forall + currentdict + end + definefont + dup /FontName known { dup /FontName get } { null } ifelse + $origfontnamefound ne + { + $origfontname $str cvs print + ( substitution revised, using ) print + dup /FontName known + { dup /FontName get } { (unspecified font) } + ifelse + $str cvs print (.\n) print + } + if + } + { exch pop } + ifelse + } + { exch pop } + ifelse + end + } bind def + } + ifelse + end + end + Adobe_CoolType_Core_Defined not + { + Adobe_CoolType_Core /findfont + { + $SubstituteFont + begin + $depth 0 eq + { + /$fontname 1 index dup type /stringtype ne { $str cvs } if def + /$substituteFound false def + } + if + /$depth $depth 1 add def + end + scfindfont + $SubstituteFont + begin + /$depth $depth 1 sub def + $substituteFound $depth 0 eq and + { + $inVMIndex null ne + { dup $inVMIndex $AddInVMFont } + if + $doSmartSub + { + currentdict /$Strategy known + { $Strategy /$BuildFont get exec } + if + } + if + } + if + end + } bind put + } + if + } + if + end +/$AddInVMFont + { + exch /FontName 2 copy known + { + get + 1 dict dup begin exch 1 index gcheck def end exch + Adobe_CoolType_Data /InVMFontsByCMap get exch + $DictAdd + } + { pop pop pop } + ifelse + } bind def +/$DictAdd + { + 2 copy known not + { 2 copy 4 index length dict put } + if + Level2? not + { + 2 copy get dup maxlength exch length 4 index length add lt + 2 copy get dup length 4 index length add exch maxlength 1 index lt + { + 2 mul dict + begin + 2 copy get { forall } def + 2 copy currentdict put + end + } + { pop } + ifelse + } + if + get + begin + { def } + forall + end + } bind def +end +end +%%EndResource +%%BeginResource: procset Adobe_CoolType_Utility_MAKEOCF 1.19 0 +%%Copyright: Copyright 1987-2003 Adobe Systems Incorporated. +%%Version: 1.19 0 +systemdict /languagelevel known dup + { currentglobal false setglobal } + { false } +ifelse +exch +userdict /Adobe_CoolType_Utility 2 copy known + { 2 copy get dup maxlength 25 add dict copy } + { 25 dict } +ifelse put +Adobe_CoolType_Utility + begin + /ct_Level2? exch def + /ct_Clone? 1183615869 internaldict dup + /CCRun known not + exch /eCCRun known not + ct_Level2? and or def +ct_Level2? + { globaldict begin currentglobal true setglobal } +if + /ct_AddStdCIDMap + ct_Level2? + { { + ((Hex) 57 StartData + 0615 1e27 2c39 1c60 d8a8 cc31 fe2b f6e0 + 7aa3 e541 e21c 60d8 a8c9 c3d0 6d9e 1c60 + d8a8 c9c2 02d7 9a1c 60d8 a849 1c60 d8a8 + cc36 74f4 1144 b13b 77) 0 () /SubFileDecode filter cvx exec + } } + { { + <BAB431EA07F209EB8C4348311481D9D3F76E3D15246555577D87BC510ED54E + 118C39697FA9F6DB58128E60EB8A12FA24D7CDD2FA94D221FA9EC8DA3E5E6A1C + 4ACECC8C2D39C54E7C946031DD156C3A6B4A09AD29E1867A> eexec + } } + ifelse bind def +userdict /cid_extensions known +dup { cid_extensions /cid_UpdateDB known and } if + { + cid_extensions + begin + /cid_GetCIDSystemInfo + { + 1 index type /stringtype eq + { exch cvn exch } + if + cid_extensions + begin + dup load 2 index known + { + 2 copy + cid_GetStatusInfo + dup null ne + { + 1 index load + 3 index get + dup null eq + { pop pop cid_UpdateDB } + { + exch + 1 index /Created get eq + { exch pop exch pop } + { pop cid_UpdateDB } + ifelse + } + ifelse + } + { pop cid_UpdateDB } + ifelse + } + { cid_UpdateDB } + ifelse + end + } bind def + end + } +if +ct_Level2? + { end setglobal } +if + /ct_UseNativeCapability? systemdict /composefont known def + /ct_MakeOCF 35 dict def + /ct_Vars 25 dict def + /ct_GlyphDirProcs 6 dict def + /ct_BuildCharDict 15 dict dup + begin + /charcode 2 string def + /dst_string 1500 string def + /nullstring () def + /usewidths? true def + end def + ct_Level2? { setglobal } { pop } ifelse + ct_GlyphDirProcs + begin + /GetGlyphDirectory + { + systemdict /languagelevel known + { pop /CIDFont findresource /GlyphDirectory get } + { + 1 index /CIDFont findresource /GlyphDirectory + get dup type /dicttype eq + { + dup dup maxlength exch length sub 2 index lt + { + dup length 2 index add dict copy 2 index + /CIDFont findresource/GlyphDirectory 2 index put + } + if + } + if + exch pop exch pop + } + ifelse + + + } def + /+ + { + systemdict /languagelevel known + { + currentglobal false setglobal + 3 dict begin + /vm exch def + } + { 1 dict begin } + ifelse + /$ exch def + systemdict /languagelevel known + { + vm setglobal + /gvm currentglobal def + $ gcheck setglobal + } + if + ? { $ begin } if + } def + /? { $ type /dicttype eq } def + /| { + userdict /Adobe_CoolType_Data known + { + Adobe_CoolType_Data /AddWidths? known + { + currentdict Adobe_CoolType_Data + begin + begin + AddWidths? + { + Adobe_CoolType_Data /CC 3 index put + ? { def } { $ 3 1 roll put } ifelse + CC charcode exch 1 index 0 2 index 256 idiv put + 1 index exch 1 exch 256 mod put + stringwidth 2 array astore + currentfont /Widths get exch CC exch put + } + { ? { def } { $ 3 1 roll put } ifelse } + ifelse + end + end + } + { ? { def } { $ 3 1 roll put } ifelse } ifelse + } + { ? { def } { $ 3 1 roll put } ifelse } + ifelse + } def + /! + { + ? { end } if + systemdict /languagelevel known + { gvm setglobal } + if + end + } def + /: { string currentfile exch readstring pop } executeonly def + end + ct_MakeOCF + begin + /ct_cHexEncoding + [/c00/c01/c02/c03/c04/c05/c06/c07/c08/c09/c0A/c0B/c0C/c0D/c0E/c0F/c10/c11/c12 + /c13/c14/c15/c16/c17/c18/c19/c1A/c1B/c1C/c1D/c1E/c1F/c20/c21/c22/c23/c24/c25 + /c26/c27/c28/c29/c2A/c2B/c2C/c2D/c2E/c2F/c30/c31/c32/c33/c34/c35/c36/c37/c38 + /c39/c3A/c3B/c3C/c3D/c3E/c3F/c40/c41/c42/c43/c44/c45/c46/c47/c48/c49/c4A/c4B + /c4C/c4D/c4E/c4F/c50/c51/c52/c53/c54/c55/c56/c57/c58/c59/c5A/c5B/c5C/c5D/c5E + /c5F/c60/c61/c62/c63/c64/c65/c66/c67/c68/c69/c6A/c6B/c6C/c6D/c6E/c6F/c70/c71 + /c72/c73/c74/c75/c76/c77/c78/c79/c7A/c7B/c7C/c7D/c7E/c7F/c80/c81/c82/c83/c84 + /c85/c86/c87/c88/c89/c8A/c8B/c8C/c8D/c8E/c8F/c90/c91/c92/c93/c94/c95/c96/c97 + /c98/c99/c9A/c9B/c9C/c9D/c9E/c9F/cA0/cA1/cA2/cA3/cA4/cA5/cA6/cA7/cA8/cA9/cAA + /cAB/cAC/cAD/cAE/cAF/cB0/cB1/cB2/cB3/cB4/cB5/cB6/cB7/cB8/cB9/cBA/cBB/cBC/cBD + /cBE/cBF/cC0/cC1/cC2/cC3/cC4/cC5/cC6/cC7/cC8/cC9/cCA/cCB/cCC/cCD/cCE/cCF/cD0 + /cD1/cD2/cD3/cD4/cD5/cD6/cD7/cD8/cD9/cDA/cDB/cDC/cDD/cDE/cDF/cE0/cE1/cE2/cE3 + /cE4/cE5/cE6/cE7/cE8/cE9/cEA/cEB/cEC/cED/cEE/cEF/cF0/cF1/cF2/cF3/cF4/cF5/cF6 + /cF7/cF8/cF9/cFA/cFB/cFC/cFD/cFE/cFF] def + /ct_CID_STR_SIZE 8000 def + /ct_mkocfStr100 100 string def + /ct_defaultFontMtx [.001 0 0 .001 0 0] def + /ct_1000Mtx [1000 0 0 1000 0 0] def + /ct_raise {exch cvx exch errordict exch get exec stop} bind def + /ct_reraise + { cvx $error /errorname get (Error: ) print dup ( ) cvs print + errordict exch get exec stop + } bind def + /ct_cvnsi + { + 1 index add 1 sub 1 exch 0 4 1 roll + { + 2 index exch get + exch 8 bitshift + add + } + for + exch pop + } bind def + /ct_GetInterval + { + Adobe_CoolType_Utility /ct_BuildCharDict get + begin + /dst_index 0 def + dup dst_string length gt + { dup string /dst_string exch def } + if + 1 index ct_CID_STR_SIZE idiv + /arrayIndex exch def + 2 index arrayIndex get + 2 index + arrayIndex ct_CID_STR_SIZE mul + sub + { + dup 3 index add 2 index length le + { + 2 index getinterval + dst_string dst_index 2 index putinterval + length dst_index add /dst_index exch def + exit + } + { + 1 index length 1 index sub + dup 4 1 roll + getinterval + dst_string dst_index 2 index putinterval + pop dup dst_index add /dst_index exch def + sub + /arrayIndex arrayIndex 1 add def + 2 index dup length arrayIndex gt + { arrayIndex get } + { + pop + exit + } + ifelse + 0 + } + ifelse + } + loop + pop pop pop + dst_string 0 dst_index getinterval + end + } bind def + ct_Level2? + { + /ct_resourcestatus + currentglobal mark true setglobal + { /unknowninstancename /Category resourcestatus } + stopped + { cleartomark setglobal true } + { cleartomark currentglobal not exch setglobal } + ifelse + { + { + mark 3 1 roll /Category findresource + begin + ct_Vars /vm currentglobal put + ({ResourceStatus} stopped) 0 () /SubFileDecode filter cvx exec + { cleartomark false } + { { 3 2 roll pop true } { cleartomark false } ifelse } + ifelse + ct_Vars /vm get setglobal + end + } + } + { { resourcestatus } } + ifelse bind def + /CIDFont /Category ct_resourcestatus + { pop pop } + { + currentglobal true setglobal + /Generic /Category findresource + dup length dict copy + dup /InstanceType /dicttype put + /CIDFont exch /Category defineresource pop + setglobal + } + ifelse + ct_UseNativeCapability? + { + /CIDInit /ProcSet findresource begin + 12 dict begin + begincmap + /CIDSystemInfo 3 dict dup begin + /Registry (Adobe) def + /Ordering (Identity) def + /Supplement 0 def + end def + /CMapName /Identity-H def + /CMapVersion 1.000 def + /CMapType 1 def + 1 begincodespacerange + <0000> <FFFF> + endcodespacerange + 1 begincidrange + <0000> <FFFF> 0 + endcidrange + endcmap + CMapName currentdict /CMap defineresource pop + end + end + } + if + } + { + /ct_Category 2 dict begin + /CIDFont 10 dict def + /ProcSet 2 dict def + currentdict + end + def + /defineresource + { + ct_Category 1 index 2 copy known + { + get + dup dup maxlength exch length eq + { + dup length 10 add dict copy + ct_Category 2 index 2 index put + } + if + 3 index 3 index put + pop exch pop + } + { pop pop /defineresource /undefined ct_raise } + ifelse + } bind def + /findresource + { + ct_Category 1 index 2 copy known + { + get + 2 index 2 copy known + { get 3 1 roll pop pop} + { pop pop /findresource /undefinedresource ct_raise } + ifelse + } + { pop pop /findresource /undefined ct_raise } + ifelse + } bind def + /resourcestatus + { + ct_Category 1 index 2 copy known + { + get + 2 index known + exch pop exch pop + { + 0 -1 true + } + { + false + } + ifelse + } + { pop pop /findresource /undefined ct_raise } + ifelse + } bind def + /ct_resourcestatus /resourcestatus load def + } + ifelse + /ct_CIDInit 2 dict + begin + /ct_cidfont_stream_init + { + { + dup (Binary) eq + { + pop + null + currentfile + ct_Level2? + { + { cid_BYTE_COUNT () /SubFileDecode filter } + stopped + { pop pop pop } + if + } + if + /readstring load + exit + } + if + dup (Hex) eq + { + pop + currentfile + ct_Level2? + { + { null exch /ASCIIHexDecode filter /readstring } + stopped + { pop exch pop (>) exch /readhexstring } + if + } + { (>) exch /readhexstring } + ifelse + load + exit + } + if + /StartData /typecheck ct_raise + } + loop + cid_BYTE_COUNT ct_CID_STR_SIZE le + { + 2 copy cid_BYTE_COUNT string exch exec + pop + 1 array dup + 3 -1 roll + 0 exch put + } + { + cid_BYTE_COUNT ct_CID_STR_SIZE div ceiling cvi + dup array exch 2 sub 0 exch 1 exch + { + 2 copy + 5 index + ct_CID_STR_SIZE + string + 6 index exec + pop + put + pop + } + for + 2 index + cid_BYTE_COUNT ct_CID_STR_SIZE mod string + 3 index exec + pop + 1 index exch + 1 index length 1 sub + exch put + } + ifelse + cid_CIDFONT exch /GlyphData exch put + 2 index null eq + { + pop pop pop + } + { + pop /readstring load + 1 string exch + { + 3 copy exec + pop + dup length 0 eq + { + pop pop pop pop pop + true exit + } + if + 4 index + eq + { + pop pop pop pop + false exit + } + if + } + loop + pop + } + ifelse + } bind def + /StartData + { + mark + { + currentdict + dup /FDArray get 0 get /FontMatrix get + 0 get 0.001 eq + { + dup /CDevProc known not + { + /CDevProc 1183615869 internaldict /stdCDevProc 2 copy known + { get } + { + pop pop + { pop pop pop pop pop 0 -1000 7 index 2 div 880 } + } + ifelse + def + } + if + } + { + /CDevProc + { + pop pop pop pop pop + 0 + 1 cid_temp /cid_CIDFONT get + /FDArray get 0 get + /FontMatrix get 0 get div + 7 index 2 div + 1 index 0.88 mul + } def + } + ifelse + /cid_temp 15 dict def + cid_temp + begin + /cid_CIDFONT exch def + 3 copy pop + dup /cid_BYTE_COUNT exch def 0 gt + { + ct_cidfont_stream_init + FDArray + { + /Private get + dup /SubrMapOffset known + { + begin + /Subrs SubrCount array def + Subrs + SubrMapOffset + SubrCount + SDBytes + ct_Level2? + { + currentdict dup /SubrMapOffset undef + dup /SubrCount undef + /SDBytes undef + } + if + end + /cid_SD_BYTES exch def + /cid_SUBR_COUNT exch def + /cid_SUBR_MAP_OFFSET exch def + /cid_SUBRS exch def + cid_SUBR_COUNT 0 gt + { + GlyphData cid_SUBR_MAP_OFFSET cid_SD_BYTES ct_GetInterval + 0 cid_SD_BYTES ct_cvnsi + 0 1 cid_SUBR_COUNT 1 sub + { + exch 1 index + 1 add + cid_SD_BYTES mul cid_SUBR_MAP_OFFSET add + GlyphData exch cid_SD_BYTES ct_GetInterval + 0 cid_SD_BYTES ct_cvnsi + cid_SUBRS 4 2 roll + GlyphData exch + 4 index + 1 index + sub + ct_GetInterval + dup length string copy put + } + for + pop + } + if + } + { pop } + ifelse + } + forall + } + if + cleartomark pop pop + end + CIDFontName currentdict /CIDFont defineresource pop + end end + } + stopped + { cleartomark /StartData ct_reraise } + if + } bind def + currentdict + end def + /ct_saveCIDInit + { + /CIDInit /ProcSet ct_resourcestatus + { true } + { /CIDInitC /ProcSet ct_resourcestatus } + ifelse + { + pop pop + /CIDInit /ProcSet findresource + ct_UseNativeCapability? + { pop null } + { /CIDInit ct_CIDInit /ProcSet defineresource pop } + ifelse + } + { /CIDInit ct_CIDInit /ProcSet defineresource pop null } + ifelse + ct_Vars exch /ct_oldCIDInit exch put + } bind def + /ct_restoreCIDInit + { + ct_Vars /ct_oldCIDInit get dup null ne + { /CIDInit exch /ProcSet defineresource pop } + { pop } + ifelse + } bind def + /ct_BuildCharSetUp + { + 1 index + begin + CIDFont + begin + Adobe_CoolType_Utility /ct_BuildCharDict get + begin + /ct_dfCharCode exch def + /ct_dfDict exch def + CIDFirstByte ct_dfCharCode add + dup CIDCount ge + { pop 0 } + if + /cid exch def + { + GlyphDirectory cid 2 copy known + { get } + { pop pop nullstring } + ifelse + dup length FDBytes sub 0 gt + { + dup + FDBytes 0 ne + { 0 FDBytes ct_cvnsi } + { pop 0 } + ifelse + /fdIndex exch def + dup length FDBytes sub FDBytes exch getinterval + /charstring exch def + exit + } + { + pop + cid 0 eq + { /charstring nullstring def exit } + if + /cid 0 def + } + ifelse + } + loop + } def + /ct_SetCacheDevice + { + 0 0 moveto + dup stringwidth + 3 -1 roll + true charpath + pathbbox + 0 -1000 + 7 index 2 div 880 + setcachedevice2 + 0 0 moveto + } def + /ct_CloneSetCacheProc + { + 1 eq + { + stringwidth + pop -2 div -880 + 0 -1000 setcharwidth + moveto + } + { + usewidths? + { + currentfont /Widths get cid + 2 copy known + { get exch pop aload pop } + { pop pop stringwidth } + ifelse + } + { stringwidth } + ifelse + setcharwidth + 0 0 moveto + } + ifelse + } def + /ct_Type3ShowCharString + { + ct_FDDict fdIndex 2 copy known + { get } + { + currentglobal 3 1 roll + 1 index gcheck setglobal + ct_Type1FontTemplate dup maxlength dict copy + begin + FDArray fdIndex get + dup /FontMatrix 2 copy known + { get } + { pop pop ct_defaultFontMtx } + ifelse + /FontMatrix exch dup length array copy def + /Private get + /Private exch def + /Widths rootfont /Widths get def + /CharStrings 1 dict dup /.notdef + <d841272cf18f54fc13> dup length string copy put def + currentdict + end + /ct_Type1Font exch definefont + dup 5 1 roll put + setglobal + } + ifelse + dup /CharStrings get 1 index /Encoding get + ct_dfCharCode get charstring put + rootfont /WMode 2 copy known + { get } + { pop pop 0 } + ifelse + exch + 1000 scalefont setfont + ct_str1 0 ct_dfCharCode put + ct_str1 exch ct_dfSetCacheProc + ct_SyntheticBold + { + currentpoint + ct_str1 show + newpath + moveto + ct_str1 true charpath + ct_StrokeWidth setlinewidth + stroke + } + { ct_str1 show } + ifelse + } def + /ct_Type4ShowCharString + { + ct_dfDict ct_dfCharCode charstring + FDArray fdIndex get + dup /FontMatrix get dup ct_defaultFontMtx ct_matrixeq not + { ct_1000Mtx matrix concatmatrix concat } + { pop } + ifelse + /Private get + Adobe_CoolType_Utility /ct_Level2? get not + { + ct_dfDict /Private + 3 -1 roll + { put } + 1183615869 internaldict /superexec get exec + } + if + 1183615869 internaldict + Adobe_CoolType_Utility /ct_Level2? get + { 1 index } + { 3 index /Private get mark 6 1 roll } + ifelse + dup /RunInt known + { /RunInt get } + { pop /CCRun } + ifelse + get exec + Adobe_CoolType_Utility /ct_Level2? get not + { cleartomark } + if + } bind def + /ct_BuildCharIncremental + { + { + Adobe_CoolType_Utility /ct_MakeOCF get begin + ct_BuildCharSetUp + ct_ShowCharString + } + stopped + { stop } + if + end + end + end + end + } bind def + /BaseFontNameStr (BF00) def + /ct_Type1FontTemplate 14 dict + begin + /FontType 1 def + /FontMatrix [0.001 0 0 0.001 0 0] def + /FontBBox [-250 -250 1250 1250] def + /Encoding ct_cHexEncoding def + /PaintType 0 def + currentdict + end def + /BaseFontTemplate 11 dict + begin + /FontMatrix [0.001 0 0 0.001 0 0] def + /FontBBox [-250 -250 1250 1250] def + /Encoding ct_cHexEncoding def + /BuildChar /ct_BuildCharIncremental load def + ct_Clone? + { + /FontType 3 def + /ct_ShowCharString /ct_Type3ShowCharString load def + /ct_dfSetCacheProc /ct_CloneSetCacheProc load def + /ct_SyntheticBold false def + /ct_StrokeWidth 1 def + } + { + /FontType 4 def + /Private 1 dict dup /lenIV 4 put def + /CharStrings 1 dict dup /.notdef <d841272cf18f54fc13> put def + /PaintType 0 def + /ct_ShowCharString /ct_Type4ShowCharString load def + } + ifelse + /ct_str1 1 string def + currentdict + end def + /BaseFontDictSize BaseFontTemplate length 5 add def + /ct_matrixeq + { + true 0 1 5 + { + dup 4 index exch get exch 3 index exch get eq and + dup not + { exit } + if + } + for + exch pop exch pop + } bind def + /ct_makeocf + { + 15 dict + begin + exch /WMode exch def + exch /FontName exch def + /FontType 0 def + /FMapType 2 def + dup /FontMatrix known + { dup /FontMatrix get /FontMatrix exch def } + { /FontMatrix matrix def } + ifelse + /bfCount 1 index /CIDCount get 256 idiv 1 add + dup 256 gt { pop 256} if def + /Encoding + 256 array 0 1 bfCount 1 sub { 2 copy dup put pop } for + bfCount 1 255 { 2 copy bfCount put pop } for + def + /FDepVector bfCount dup 256 lt { 1 add } if array def + BaseFontTemplate BaseFontDictSize dict copy + begin + /CIDFont exch def + CIDFont /FontBBox known + { CIDFont /FontBBox get /FontBBox exch def } + if + CIDFont /CDevProc known + { CIDFont /CDevProc get /CDevProc exch def } + if + currentdict + end + BaseFontNameStr 3 (0) putinterval + 0 1 bfCount dup 256 eq { 1 sub } if + { + FDepVector exch + 2 index BaseFontDictSize dict copy + begin + dup /CIDFirstByte exch 256 mul def + FontType 3 eq + { /ct_FDDict 2 dict def } + if + currentdict + end + 1 index 16 + BaseFontNameStr 2 2 getinterval cvrs pop + BaseFontNameStr exch definefont + put + } + for + ct_Clone? + { /Widths 1 index /CIDFont get /GlyphDirectory get length dict def } + if + FontName + currentdict + end + definefont + ct_Clone? + { + gsave + dup 1000 scalefont setfont + ct_BuildCharDict + begin + /usewidths? false def + currentfont /Widths get + begin + exch /CIDFont get /GlyphDirectory get + { + pop + dup charcode exch 1 index 0 2 index 256 idiv put + 1 index exch 1 exch 256 mod put + stringwidth 2 array astore def + } + forall + end + /usewidths? true def + end + grestore + } + { exch pop } + ifelse + } bind def + /ct_ComposeFont + { + ct_UseNativeCapability? + { + 2 index /CMap ct_resourcestatus + { pop pop exch pop } + { + /CIDInit /ProcSet findresource + begin + 12 dict + begin + begincmap + /CMapName 3 index def + /CMapVersion 1.000 def + /CMapType 1 def + exch /WMode exch def + /CIDSystemInfo 3 dict dup + begin + /Registry (Adobe) def + /Ordering + CMapName ct_mkocfStr100 cvs + (Adobe-) search + { + pop pop + (-) search + { + dup length string copy + exch pop exch pop + } + { pop (Identity)} + ifelse + } + { pop (Identity) } + ifelse + def + /Supplement 0 def + end def + 1 begincodespacerange + <0000> <FFFF> + endcodespacerange + 1 begincidrange + <0000> <FFFF> 0 + endcidrange + endcmap + CMapName currentdict /CMap defineresource pop + end + end + } + ifelse + composefont + } + { + 3 2 roll pop + 0 get /CIDFont findresource + ct_makeocf + } + ifelse + } bind def + /ct_MakeIdentity + { + ct_UseNativeCapability? + { + 1 index /CMap ct_resourcestatus + { pop pop } + { + /CIDInit /ProcSet findresource begin + 12 dict begin + begincmap + /CMapName 2 index def + /CMapVersion 1.000 def + /CMapType 1 def + /CIDSystemInfo 3 dict dup + begin + /Registry (Adobe) def + /Ordering + CMapName ct_mkocfStr100 cvs + (Adobe-) search + { + pop pop + (-) search + { dup length string copy exch pop exch pop } + { pop (Identity) } + ifelse + } + { pop (Identity) } + ifelse + def + /Supplement 0 def + end def + 1 begincodespacerange + <0000> <FFFF> + endcodespacerange + 1 begincidrange + <0000> <FFFF> 0 + endcidrange + endcmap + CMapName currentdict /CMap defineresource pop + end + end + } + ifelse + composefont + } + { + exch pop + 0 get /CIDFont findresource + ct_makeocf + } + ifelse + } bind def + currentdict readonly pop + end + end +%%EndResource +%%BeginResource: procset Adobe_CoolType_Utility_T42 1.0 0 +%%Copyright: Copyright 1987-2003 Adobe Systems Incorporated. +%%Version: 1.0 0 +userdict /ct_T42Dict 15 dict put +ct_T42Dict begin +/Is2015? +{ + version + cvi + 2015 + ge +} bind def +/AllocGlyphStorage +{ + Is2015? + { + pop + } + { + {string} forall + } ifelse +} bind def +/Type42DictBegin +{ + 25 dict begin + /FontName exch def + /CharStrings 256 dict + begin + /.notdef 0 def + currentdict + end def + /Encoding exch def + /PaintType 0 def + /FontType 42 def + /FontMatrix [1 0 0 1 0 0] def + 4 array astore cvx /FontBBox exch def + /sfnts +} bind def +/Type42DictEnd +{ + currentdict dup /FontName get exch definefont end + ct_T42Dict exch + dup /FontName get exch put +} bind def +/RD {string currentfile exch readstring pop} executeonly def +/PrepFor2015 +{ + Is2015? + { + /GlyphDirectory + 16 + dict def + sfnts 0 get + dup + 2 index + (glyx) + putinterval + 2 index + (locx) + putinterval + pop + pop + } + { + pop + pop + } ifelse +} bind def +/AddT42Char +{ + Is2015? + { + /GlyphDirectory get + begin + def + end + pop + pop + } + { + /sfnts get + 4 index + get + 3 index + 2 index + putinterval + pop + pop + pop + pop + } ifelse +} bind def +end +%%EndResource +Adobe_CoolType_Core begin /$Oblique SetSubstituteStrategy end +%%BeginResource: procset Adobe_AGM_Image 1.0 0 +%%Version: 1.0 0 +%%Copyright: Copyright (C) 2000-2003 Adobe Systems, Inc. All Rights Reserved. +systemdict /setpacking known +{ + currentpacking + true setpacking +} if +userdict /Adobe_AGM_Image 75 dict dup begin put +/Adobe_AGM_Image_Id /Adobe_AGM_Image_1.0_0 def +/nd{ + null def +}bind def +/AGMIMG_&image nd +/AGMIMG_&colorimage nd +/AGMIMG_&imagemask nd +/AGMIMG_mbuf () def +/AGMIMG_ybuf () def +/AGMIMG_kbuf () def +/AGMIMG_c 0 def +/AGMIMG_m 0 def +/AGMIMG_y 0 def +/AGMIMG_k 0 def +/AGMIMG_tmp nd +/AGMIMG_imagestring0 nd +/AGMIMG_imagestring1 nd +/AGMIMG_imagestring2 nd +/AGMIMG_imagestring3 nd +/AGMIMG_imagestring4 nd +/AGMIMG_imagestring5 nd +/AGMIMG_cnt nd +/AGMIMG_fsave nd +/AGMIMG_colorAry nd +/AGMIMG_override nd +/AGMIMG_name nd +/AGMIMG_maskSource nd +/invert_image_samples nd +/knockout_image_samples nd +/img nd +/sepimg nd +/devnimg nd +/idximg nd +/doc_setup +{ + Adobe_AGM_Core begin + Adobe_AGM_Image begin + /AGMIMG_&image systemdict/image get def + /AGMIMG_&imagemask systemdict/imagemask get def + /colorimage where{ + pop + /AGMIMG_&colorimage /colorimage ldf + }if + end + end +}def +/page_setup +{ + Adobe_AGM_Image begin + /AGMIMG_ccimage_exists {/customcolorimage where + { + pop + /Adobe_AGM_OnHost_Seps where + { + pop false + }{ + /Adobe_AGM_InRip_Seps where + { + pop false + }{ + true + }ifelse + }ifelse + }{ + false + }ifelse + }bdf + level2{ + /invert_image_samples + { + Adobe_AGM_Image/AGMIMG_tmp Decode length ddf + /Decode [ Decode 1 get Decode 0 get] def + }def + /knockout_image_samples + { + Operator/imagemask ne{ + /Decode [1 1] def + }if + }def + }{ + /invert_image_samples + { + {1 exch sub} currenttransfer addprocs settransfer + }def + /knockout_image_samples + { + { pop 1 } currenttransfer addprocs settransfer + }def + }ifelse + /img /imageormask ldf + /sepimg /sep_imageormask ldf + /devnimg /devn_imageormask ldf + /idximg /indexed_imageormask ldf + /_ctype 7 def + currentdict{ + dup xcheck 1 index type dup /arraytype eq exch /packedarraytype eq or and{ + bind + }if + def + }forall +}def +/page_trailer +{ + end +}def +/doc_trailer +{ +}def +/imageormask_sys +{ + begin + save mark + level2{ + currentdict + Operator /imagemask eq{ + AGMIMG_&imagemask + }{ + use_mask { + level3 {process_mask_L3 AGMIMG_&image}{masked_image_simulation}ifelse + }{ + AGMIMG_&image + }ifelse + }ifelse + }{ + Width Height + Operator /imagemask eq{ + Decode 0 get 1 eq Decode 1 get 0 eq and + ImageMatrix /DataSource load + AGMIMG_&imagemask + }{ + BitsPerComponent ImageMatrix /DataSource load + AGMIMG_&image + }ifelse + }ifelse + cleartomark restore + end +}def +/overprint_plate +{ + currentoverprint { + 0 get dup type /nametype eq { + dup /DeviceGray eq{ + pop AGMCORE_black_plate not + }{ + /DeviceCMYK eq{ + AGMCORE_is_cmyk_sep not + }if + }ifelse + }{ + false exch + { + AGMOHS_sepink eq or + } forall + not + } ifelse + }{ + pop false + }ifelse +}def +/process_mask_L3 +{ + dup begin + /ImageType 1 def + end + 4 dict begin + /DataDict exch def + /ImageType 3 def + /InterleaveType 3 def + /MaskDict 9 dict begin + /ImageType 1 def + /Width DataDict dup /MaskWidth known {/MaskWidth}{/Width} ifelse get def + /Height DataDict dup /MaskHeight known {/MaskHeight}{/Height} ifelse get def + /ImageMatrix [Width 0 0 Height neg 0 Height] def + /NComponents 1 def + /BitsPerComponent 1 def + /Decode [0 1] def + /DataSource AGMIMG_maskSource def + currentdict end def + currentdict end +}def +/use_mask +{ + dup type /dicttype eq + { + dup /Mask known { + dup /Mask get { + level3 + {true} + { + dup /MaskWidth known {dup /MaskWidth get 1 index /Width get eq}{true}ifelse exch + dup /MaskHeight known {dup /MaskHeight get 1 index /Height get eq}{true}ifelse + 3 -1 roll and + } ifelse + } + {false} ifelse + } + {false} ifelse + } + {false} ifelse +}def +/make_line_source +{ + begin + MultipleDataSources { + [ + Decode length 2 div cvi {Width string} repeat + ] + }{ + Width Decode length 2 div mul cvi string + }ifelse + end +}def +/datasource_to_str +{ + exch dup type + dup /filetype eq { + pop exch readstring + }{ + /arraytype eq { + exec exch copy + }{ + pop + }ifelse + }ifelse + pop +}def +/masked_image_simulation +{ + 3 dict begin + dup make_line_source /line_source xdf + /mask_source AGMIMG_maskSource /LZWDecode filter def + dup /Width get 8 div ceiling cvi string /mask_str xdf + begin + gsave + 0 1 translate 1 -1 Height div scale + 1 1 Height { + pop + gsave + MultipleDataSources { + 0 1 DataSource length 1 sub { + dup DataSource exch get + exch line_source exch get + datasource_to_str + } for + }{ + DataSource line_source datasource_to_str + } ifelse + << + /PatternType 1 + /PaintProc [ + /pop cvx + << + /ImageType 1 + /Width Width + /Height 1 + /ImageMatrix Width 1.0 sub 1 matrix scale 0.5 0 matrix translate matrix concatmatrix + /MultipleDataSources MultipleDataSources + /DataSource line_source + /BitsPerComponent BitsPerComponent + /Decode Decode + >> + /image cvx + ] cvx + /BBox [0 0 Width 1] + /XStep Width + /YStep 1 + /PaintType 1 + /TilingType 2 + >> + matrix makepattern set_pattern + << + /ImageType 1 + /Width Width + /Height 1 + /ImageMatrix Width 1 matrix scale + /MultipleDataSources false + /DataSource mask_source mask_str readstring pop + /BitsPerComponent 1 + /Decode [0 1] + >> + imagemask + grestore + 0 1 translate + } for + grestore + end + end +}def +/imageormask +{ + begin + SkipImageProc { + currentdict consumeimagedata + } + { + save mark + level2 AGMCORE_host_sep not and{ + currentdict + Operator /imagemask eq DeviceN_PS2 not and { + imagemask + }{ + AGMCORE_in_rip_sep currentoverprint and currentcolorspace 0 get /DeviceGray eq and{ + [/Separation /Black /DeviceGray {}] setcolorspace + /Decode [ Decode 1 get Decode 0 get ] def + }if + use_mask { + level3 {process_mask_L3 image}{masked_image_simulation}ifelse + }{ + DeviceN_NoneName DeviceN_PS2 Indexed_DeviceN level3 not and or or AGMCORE_in_rip_sep and + { + Names convert_to_process not { + 2 dict begin + /imageDict xdf + /names_index 0 def + gsave + imageDict write_image_file { + Names { + dup (None) ne { + [/Separation 3 -1 roll /DeviceGray {1 exch sub}] setcolorspace + Operator imageDict read_image_file + names_index 0 eq {true setoverprint} if + /names_index names_index 1 add def + }{ + pop + } ifelse + } forall + close_image_file + } if + grestore + end + }{ + Operator /imagemask eq { + imagemask + }{ + image + } ifelse + } ifelse + }{ + Operator /imagemask eq { + imagemask + }{ + image + } ifelse + } ifelse + }ifelse + }ifelse + }{ + Width Height + Operator /imagemask eq{ + Decode 0 get 1 eq Decode 1 get 0 eq and + ImageMatrix /DataSource load + /Adobe_AGM_OnHost_Seps where { + pop imagemask + }{ + currentgray 1 ne{ + currentdict imageormask_sys + }{ + currentoverprint not{ + 1 AGMCORE_&setgray + currentdict imageormask_sys + }{ + currentdict ignoreimagedata + }ifelse + }ifelse + }ifelse + }{ + BitsPerComponent ImageMatrix + MultipleDataSources{ + 0 1 NComponents 1 sub{ + DataSource exch get + }for + }{ + /DataSource load + }ifelse + Operator /colorimage eq{ + AGMCORE_host_sep{ + MultipleDataSources level2 or NComponents 4 eq and{ + AGMCORE_is_cmyk_sep{ + MultipleDataSources{ + /DataSource [ + DataSource 0 get /exec cvx + DataSource 1 get /exec cvx + DataSource 2 get /exec cvx + DataSource 3 get /exec cvx + /AGMCORE_get_ink_data cvx + ] cvx def + }{ + /DataSource + Width BitsPerComponent mul 7 add 8 idiv Height mul 4 mul + /DataSource load + filter_cmyk 0 () /SubFileDecode filter def + }ifelse + /Decode [ Decode 0 get Decode 1 get ] def + /MultipleDataSources false def + /NComponents 1 def + /Operator /image def + invert_image_samples + 1 AGMCORE_&setgray + currentdict imageormask_sys + }{ + currentoverprint not Operator/imagemask eq and{ + 1 AGMCORE_&setgray + currentdict imageormask_sys + }{ + currentdict ignoreimagedata + }ifelse + }ifelse + }{ + MultipleDataSources NComponents AGMIMG_&colorimage + }ifelse + }{ + true NComponents colorimage + }ifelse + }{ + Operator /image eq{ + AGMCORE_host_sep{ + /DoImage true def + HostSepColorImage{ + invert_image_samples + }{ + AGMCORE_black_plate not Operator/imagemask ne and{ + /DoImage false def + currentdict ignoreimagedata + }if + }ifelse + 1 AGMCORE_&setgray + DoImage + {currentdict imageormask_sys} if + }{ + use_mask { + level3 {process_mask_L3 image}{masked_image_simulation}ifelse + }{ + image + }ifelse + }ifelse + }{ + Operator/knockout eq{ + pop pop pop pop pop + currentcolorspace overprint_plate not{ + knockout_unitsq + }if + }if + }ifelse + }ifelse + }ifelse + }ifelse + cleartomark restore + }ifelse + end +}def +/sep_imageormask +{ + /sep_colorspace_dict AGMCORE_gget begin + /MappedCSA CSA map_csa def + begin + SkipImageProc { + currentdict consumeimagedata + } + { + save mark + AGMCORE_avoid_L2_sep_space{ + /Decode [ Decode 0 get 255 mul Decode 1 get 255 mul ] def + }if + AGMIMG_ccimage_exists + MappedCSA 0 get /DeviceCMYK eq and + currentdict/Components known and + Name () ne and + Name (All) ne and + Operator /image eq and + AGMCORE_producing_seps not and + level2 not and + { + Width Height BitsPerComponent ImageMatrix + [ + /DataSource load /exec cvx + { + 0 1 2 index length 1 sub{ + 1 index exch + 2 copy get 255 xor put + }for + } /exec cvx + ] cvx bind + MappedCSA 0 get /DeviceCMYK eq{ + Components aload pop + }{ + 0 0 0 Components aload pop 1 exch sub + }ifelse + Name findcmykcustomcolor + customcolorimage + }{ + AGMCORE_producing_seps not{ + level2{ + AGMCORE_avoid_L2_sep_space not currentcolorspace 0 get /Separation ne and{ + [/Separation Name MappedCSA sep_proc_name exch 0 get exch load ] setcolorspace_opt + /sep_tint AGMCORE_gget setcolor + }if + currentdict imageormask + }{ + currentdict + Operator /imagemask eq{ + imageormask + }{ + sep_imageormask_lev1 + }ifelse + }ifelse + }{ + AGMCORE_host_sep{ + Operator/knockout eq{ + currentdict/ImageMatrix get concat + knockout_unitsq + }{ + currentgray 1 ne{ + AGMCORE_is_cmyk_sep Name (All) ne and{ + level2{ + [ /Separation Name [/DeviceGray] + { + sep_colorspace_proc AGMCORE_get_ink_data + 1 exch sub + } bind + ] AGMCORE_&setcolorspace + /sep_tint AGMCORE_gget AGMCORE_&setcolor + currentdict imageormask_sys + }{ + currentdict + Operator /imagemask eq{ + imageormask_sys + }{ + sep_image_lev1_sep + }ifelse + }ifelse + }{ + Operator/imagemask ne{ + invert_image_samples + }if + currentdict imageormask_sys + }ifelse + }{ + currentoverprint not Name (All) eq or Operator/imagemask eq and{ + currentdict imageormask_sys + }{ + currentoverprint not + { + gsave + knockout_unitsq + grestore + }if + currentdict consumeimagedata + }ifelse + }ifelse + }ifelse + }{ + currentcolorspace 0 get /Separation ne{ + [/Separation Name MappedCSA sep_proc_name exch 0 get exch load ] setcolorspace_opt + /sep_tint AGMCORE_gget setcolor + }if + currentoverprint + MappedCSA 0 get /DeviceCMYK eq and + Name inRip_spot_has_ink not and + Name (All) ne and { + imageormask_l2_overprint + }{ + currentdict imageormask + }ifelse + }ifelse + }ifelse + }ifelse + cleartomark restore + }ifelse + end + end +}def +/decode_image_sample +{ + 4 1 roll exch dup 5 1 roll + sub 2 4 -1 roll exp 1 sub div mul add +} bdf +/colorSpaceElemCnt +{ + currentcolorspace 0 get dup /DeviceCMYK eq { + pop 4 + } + { + /DeviceRGB eq { + pop 3 + }{ + 1 + } ifelse + } ifelse +} bdf +/devn_sep_datasource +{ + 1 dict begin + /dataSource xdf + [ + 0 1 dataSource length 1 sub { + dup currentdict /dataSource get /exch cvx /get cvx /exec cvx + /exch cvx names_index /ne cvx [ /pop cvx ] cvx /if cvx + } for + ] cvx bind + end +} bdf +/devn_alt_datasource +{ + 11 dict begin + /srcDataStrs xdf + /dstDataStr xdf + /convProc xdf + /origcolorSpaceElemCnt xdf + /origMultipleDataSources xdf + /origBitsPerComponent xdf + /origDecode xdf + /origDataSource xdf + /dsCnt origMultipleDataSources {origDataSource length}{1}ifelse def + /samplesNeedDecoding + 0 0 1 origDecode length 1 sub { + origDecode exch get add + } for + origDecode length 2 div div + dup 1 eq { + /decodeDivisor 2 origBitsPerComponent exp 1 sub def + } if + 2 origBitsPerComponent exp 1 sub ne + def + [ + 0 1 dsCnt 1 sub [ + currentdict /origMultipleDataSources get { + dup currentdict /origDataSource get exch get dup type + }{ + currentdict /origDataSource get dup type + } ifelse + dup /filetype eq { + pop currentdict /srcDataStrs get 3 -1 /roll cvx /get cvx /readstring cvx /pop cvx + }{ + /stringtype ne { + /exec cvx + } if + currentdict /srcDataStrs get /exch cvx 3 -1 /roll cvx /xpt cvx + } ifelse + ] cvx /for cvx + currentdict /srcDataStrs get 0 /get cvx /length cvx 0 /ne cvx [ + 0 1 Width 1 sub [ + Adobe_AGM_Utils /AGMUTIL_ndx /xddf cvx + currentdict /origMultipleDataSources get { + 0 1 dsCnt 1 sub [ + Adobe_AGM_Utils /AGMUTIL_ndx1 /xddf cvx + currentdict /srcDataStrs get /AGMUTIL_ndx1 /load cvx /get cvx /AGMUTIL_ndx /load cvx /get cvx + samplesNeedDecoding { + currentdict /decodeDivisor known { + currentdict /decodeDivisor get /div cvx + }{ + currentdict /origDecode get /AGMUTIL_ndx1 /load cvx 2 /mul cvx 2 /getinterval cvx /aload cvx /pop cvxs + BitsPerComponent /decode_image_sample load /exec cvx + } ifelse + } if + ] cvx /for cvx + }{ + Adobe_AGM_Utils /AGMUTIL_ndx1 0 /ddf cvx + currentdict /srcDataStrs get 0 /get cvx /AGMUTIL_ndx /load cvx + currentdict /origDecode get length 2 idiv dup 3 1 /roll cvx /mul cvx /exch cvx /getinterval cvx + [ + samplesNeedDecoding { + currentdict /decodeDivisor known { + currentdict /decodeDivisor get /div cvx + }{ + currentdict /origDecode get /AGMUTIL_ndx1 /load cvx 2 /mul cvx 2 /getinterval cvx /aload cvx /pop cvx + BitsPerComponent /decode_image_sample load /exec cvx + Adobe_AGM_Utils /AGMUTIL_ndx1 /AGMUTIL_ndx1 /load cvx 1 /add cvx /ddf cvx + } ifelse + } if + ] cvx /forall cvx + } ifelse + currentdict /convProc get /exec cvx + currentdict /origcolorSpaceElemCnt get 1 sub -1 0 [ + currentdict /dstDataStr get 3 1 /roll cvx /AGMUTIL_ndx /load cvx currentdict /origcolorSpaceElemCnt get /mul cvx /add cvx /exch cvx + currentdict /convProc get /filter_indexed_devn load ne { + 255 /mul cvx /cvi cvx + } if + /put cvx + ] cvx /for cvx + ] cvx /for cvx + currentdict /dstDataStr get + ] cvx /if cvx + ] cvx bind + end +} bdf +/devn_imageormask +{ + /devicen_colorspace_dict AGMCORE_gget begin + /MappedCSA CSA map_csa def + 2 dict begin + dup dup + /dstDataStr exch /Width get colorSpaceElemCnt mul string def + /srcDataStrs [ 3 -1 roll begin + currentdict /MultipleDataSources known {MultipleDataSources {DataSource length}{1}ifelse}{1} ifelse + { + Width Decode length 2 div mul cvi string + } repeat + end ] def + begin + SkipImageProc { + currentdict consumeimagedata + } + { + save mark + AGMCORE_producing_seps not { + level3 not { + Operator /imagemask ne { + /DataSource [ + DataSource Decode BitsPerComponent currentdict /MultipleDataSources known {MultipleDataSources}{false} ifelse + colorSpaceElemCnt /devicen_colorspace_dict AGMCORE_gget /TintTransform get + dstDataStr srcDataStrs devn_alt_datasource /exec cvx + ] cvx 0 () /SubFileDecode filter def + /MultipleDataSources false def + /Decode colorSpaceElemCnt [ exch {0 1} repeat ] def + } if + }if + currentdict imageormask + }{ + AGMCORE_host_sep{ + Names convert_to_process { + CSA map_csa 0 get /DeviceCMYK eq { + /DataSource + Width BitsPerComponent mul 7 add 8 idiv Height mul 4 mul + [ + DataSource Decode BitsPerComponent currentdict /MultipleDataSources known {MultipleDataSources}{false} ifelse + 4 /devicen_colorspace_dict AGMCORE_gget /TintTransform get + dstDataStr srcDataStrs devn_alt_datasource /exec cvx + ] cvx + filter_cmyk 0 () /SubFileDecode filter def + /MultipleDataSources false def + /Decode [1 0] def + /DeviceGray setcolorspace + currentdict imageormask_sys + }{ + AGMCORE_report_unsupported_color_space + AGMCORE_black_plate { + /DataSource [ + DataSource Decode BitsPerComponent currentdict /MultipleDataSources known {MultipleDataSources}{false} ifelse + CSA map_csa 0 get /DeviceRGB eq{3}{1}ifelse /devicen_colorspace_dict AGMCORE_gget /TintTransform get + dstDataStr srcDataStrs devn_alt_datasource /exec cvx + ] cvx 0 () /SubFileDecode filter def + /MultipleDataSources false def + /Decode colorSpaceElemCnt [ exch {0 1} repeat ] def + currentdict imageormask_sys + } + { + gsave + knockout_unitsq + grestore + currentdict consumeimagedata + } ifelse + } ifelse + } + { + /devicen_colorspace_dict AGMCORE_gget /names_index known { + Operator/imagemask ne{ + MultipleDataSources { + /DataSource [ DataSource devn_sep_datasource /exec cvx ] cvx def + /MultipleDataSources false def + }{ + /DataSource /DataSource load dstDataStr srcDataStrs 0 get filter_devn def + } ifelse + invert_image_samples + } if + currentdict imageormask_sys + }{ + currentoverprint not Operator/imagemask eq and{ + currentdict imageormask_sys + }{ + currentoverprint not + { + gsave + knockout_unitsq + grestore + }if + currentdict consumeimagedata + }ifelse + }ifelse + }ifelse + }{ + currentdict imageormask + }ifelse + }ifelse + cleartomark restore + }ifelse + end + end + end +}def +/imageormask_l2_overprint +{ + currentdict + currentcmykcolor add add add 0 eq{ + currentdict consumeimagedata + }{ + level3{ + currentcmykcolor + /AGMIMG_k xdf + /AGMIMG_y xdf + /AGMIMG_m xdf + /AGMIMG_c xdf + Operator/imagemask eq{ + [/DeviceN [ + AGMIMG_c 0 ne {/Cyan} if + AGMIMG_m 0 ne {/Magenta} if + AGMIMG_y 0 ne {/Yellow} if + AGMIMG_k 0 ne {/Black} if + ] /DeviceCMYK {}] setcolorspace + AGMIMG_c 0 ne {AGMIMG_c} if + AGMIMG_m 0 ne {AGMIMG_m} if + AGMIMG_y 0 ne {AGMIMG_y} if + AGMIMG_k 0 ne {AGMIMG_k} if + setcolor + }{ + /Decode [ Decode 0 get 255 mul Decode 1 get 255 mul ] def + [/Indexed + [ + /DeviceN [ + AGMIMG_c 0 ne {/Cyan} if + AGMIMG_m 0 ne {/Magenta} if + AGMIMG_y 0 ne {/Yellow} if + AGMIMG_k 0 ne {/Black} if + ] + /DeviceCMYK { + AGMIMG_k 0 eq {0} if + AGMIMG_y 0 eq {0 exch} if + AGMIMG_m 0 eq {0 3 1 roll} if + AGMIMG_c 0 eq {0 4 1 roll} if + } + ] + 255 + { + 255 div + mark exch + dup dup dup + AGMIMG_k 0 ne{ + /sep_tint AGMCORE_gget mul MappedCSA sep_proc_name exch pop load exec 4 1 roll pop pop pop + counttomark 1 roll + }{ + pop + }ifelse + AGMIMG_y 0 ne{ + /sep_tint AGMCORE_gget mul MappedCSA sep_proc_name exch pop load exec 4 2 roll pop pop pop + counttomark 1 roll + }{ + pop + }ifelse + AGMIMG_m 0 ne{ + /sep_tint AGMCORE_gget mul MappedCSA sep_proc_name exch pop load exec 4 3 roll pop pop pop + counttomark 1 roll + }{ + pop + }ifelse + AGMIMG_c 0 ne{ + /sep_tint AGMCORE_gget mul MappedCSA sep_proc_name exch pop load exec pop pop pop + counttomark 1 roll + }{ + pop + }ifelse + counttomark 1 add -1 roll pop + } + ] setcolorspace + }ifelse + imageormask_sys + }{ + write_image_file{ + currentcmykcolor + 0 ne{ + [/Separation /Black /DeviceGray {}] setcolorspace + gsave + /Black + [{1 exch sub /sep_tint AGMCORE_gget mul} /exec cvx MappedCSA sep_proc_name cvx exch pop {4 1 roll pop pop pop 1 exch sub} /exec cvx] + cvx modify_halftone_xfer + Operator currentdict read_image_file + grestore + }if + 0 ne{ + [/Separation /Yellow /DeviceGray {}] setcolorspace + gsave + /Yellow + [{1 exch sub /sep_tint AGMCORE_gget mul} /exec cvx MappedCSA sep_proc_name cvx exch pop {4 2 roll pop pop pop 1 exch sub} /exec cvx] + cvx modify_halftone_xfer + Operator currentdict read_image_file + grestore + }if + 0 ne{ + [/Separation /Magenta /DeviceGray {}] setcolorspace + gsave + /Magenta + [{1 exch sub /sep_tint AGMCORE_gget mul} /exec cvx MappedCSA sep_proc_name cvx exch pop {4 3 roll pop pop pop 1 exch sub} /exec cvx] + cvx modify_halftone_xfer + Operator currentdict read_image_file + grestore + }if + 0 ne{ + [/Separation /Cyan /DeviceGray {}] setcolorspace + gsave + /Cyan + [{1 exch sub /sep_tint AGMCORE_gget mul} /exec cvx MappedCSA sep_proc_name cvx exch pop {pop pop pop 1 exch sub} /exec cvx] + cvx modify_halftone_xfer + Operator currentdict read_image_file + grestore + } if + close_image_file + }{ + imageormask + }ifelse + }ifelse + }ifelse +} def +/indexed_imageormask +{ + begin + save mark + currentdict + AGMCORE_host_sep{ + Operator/knockout eq{ + /indexed_colorspace_dict AGMCORE_gget dup /CSA known { + /CSA get map_csa + }{ + /CSD get get_csd /Names get + } ifelse + overprint_plate not{ + knockout_unitsq + }if + }{ + Indexed_DeviceN { + /devicen_colorspace_dict AGMCORE_gget /names_index known { + indexed_image_lev2_sep + }{ + currentoverprint not{ + knockout_unitsq + }if + currentdict consumeimagedata + } ifelse + }{ + AGMCORE_is_cmyk_sep{ + Operator /imagemask eq{ + imageormask_sys + }{ + level2{ + indexed_image_lev2_sep + }{ + indexed_image_lev1_sep + }ifelse + }ifelse + }{ + currentoverprint not{ + knockout_unitsq + }if + currentdict consumeimagedata + }ifelse + }ifelse + }ifelse + }{ + level2{ + Indexed_DeviceN { + /indexed_colorspace_dict AGMCORE_gget begin + CSD get_csd begin + }{ + /indexed_colorspace_dict AGMCORE_gget begin + CSA map_csa 0 get /DeviceCMYK eq ps_level 3 ge and ps_version 3015.007 lt and { + [/Indexed [/DeviceN [/Cyan /Magenta /Yellow /Black] /DeviceCMYK {}] HiVal Lookup] + setcolorspace + } if + end + } ifelse + imageormask + Indexed_DeviceN { + end + end + } if + }{ + Operator /imagemask eq{ + imageormask + }{ + indexed_imageormask_lev1 + }ifelse + }ifelse + }ifelse + cleartomark restore + end +}def +/indexed_image_lev2_sep +{ + /indexed_colorspace_dict AGMCORE_gget begin + begin + Indexed_DeviceN not { + currentcolorspace + dup 1 /DeviceGray put + dup 3 + currentcolorspace 2 get 1 add string + 0 1 2 3 AGMCORE_get_ink_data 4 currentcolorspace 3 get length 1 sub + { + dup 4 idiv exch currentcolorspace 3 get exch get 255 exch sub 2 index 3 1 roll put + }for + put setcolorspace + } if + currentdict + Operator /imagemask eq{ + AGMIMG_&imagemask + }{ + use_mask { + level3 {process_mask_L3 AGMIMG_&image}{masked_image_simulation}ifelse + }{ + AGMIMG_&image + }ifelse + }ifelse + end end +}def + /OPIimage + { + dup type /dicttype ne{ + 10 dict begin + /DataSource xdf + /ImageMatrix xdf + /BitsPerComponent xdf + /Height xdf + /Width xdf + /ImageType 1 def + /Decode [0 1 def] + currentdict + end + }if + dup begin + /NComponents 1 cdndf + /MultipleDataSources false cdndf + /SkipImageProc {false} cdndf + /HostSepColorImage false cdndf + /Decode [ + 0 + currentcolorspace 0 get /Indexed eq{ + 2 BitsPerComponent exp 1 sub + }{ + 1 + }ifelse + ] cdndf + /Operator /image cdndf + end + /sep_colorspace_dict AGMCORE_gget null eq{ + imageormask + }{ + gsave + dup begin invert_image_samples end + sep_imageormask + grestore + }ifelse + }def +/cachemask_level2 +{ + 3 dict begin + /LZWEncode filter /WriteFilter xdf + /readBuffer 256 string def + /ReadFilter + currentfile + 0 (%EndMask) /SubFileDecode filter + /ASCII85Decode filter + /RunLengthDecode filter + def + { + ReadFilter readBuffer readstring exch + WriteFilter exch writestring + not {exit} if + }loop + WriteFilter closefile + end +}def +/cachemask_level3 +{ + currentfile + << + /Filter [ /SubFileDecode /ASCII85Decode /RunLengthDecode ] + /DecodeParms [ << /EODCount 0 /EODString (%EndMask) >> null null ] + /Intent 1 + >> + /ReusableStreamDecode filter +}def +/spot_alias +{ + /mapto_sep_imageormask + { + dup type /dicttype ne{ + 12 dict begin + /ImageType 1 def + /DataSource xdf + /ImageMatrix xdf + /BitsPerComponent xdf + /Height xdf + /Width xdf + /MultipleDataSources false def + }{ + begin + }ifelse + /Decode [/customcolor_tint AGMCORE_gget 0] def + /Operator /image def + /HostSepColorImage false def + /SkipImageProc {false} def + currentdict + end + sep_imageormask + }bdf + /customcolorimage + { + Adobe_AGM_Image/AGMIMG_colorAry xddf + /customcolor_tint AGMCORE_gget + bdict + /Name AGMIMG_colorAry 4 get + /CSA [ /DeviceCMYK ] + /TintMethod /Subtractive + /TintProc null + /MappedCSA null + /NComponents 4 + /Components [ AGMIMG_colorAry aload pop pop ] + edict + setsepcolorspace + mapto_sep_imageormask + }ndf + Adobe_AGM_Image/AGMIMG_&customcolorimage /customcolorimage load put + /customcolorimage + { + Adobe_AGM_Image/AGMIMG_override false put + dup 4 get map_alias{ + /customcolor_tint AGMCORE_gget exch setsepcolorspace + pop + mapto_sep_imageormask + }{ + AGMIMG_&customcolorimage + }ifelse + }bdf +}def +/snap_to_device +{ + 6 dict begin + matrix currentmatrix + dup 0 get 0 eq 1 index 3 get 0 eq and + 1 index 1 get 0 eq 2 index 2 get 0 eq and or exch pop + { + 1 1 dtransform 0 gt exch 0 gt /AGMIMG_xSign? exch def /AGMIMG_ySign? exch def + 0 0 transform + AGMIMG_ySign? {floor 0.1 sub}{ceiling 0.1 add} ifelse exch + AGMIMG_xSign? {floor 0.1 sub}{ceiling 0.1 add} ifelse exch + itransform /AGMIMG_llY exch def /AGMIMG_llX exch def + 1 1 transform + AGMIMG_ySign? {ceiling 0.1 add}{floor 0.1 sub} ifelse exch + AGMIMG_xSign? {ceiling 0.1 add}{floor 0.1 sub} ifelse exch + itransform /AGMIMG_urY exch def /AGMIMG_urX exch def + [AGMIMG_urX AGMIMG_llX sub 0 0 AGMIMG_urY AGMIMG_llY sub AGMIMG_llX AGMIMG_llY] concat + }{ + }ifelse + end +} def +level2 not{ + /colorbuf + { + 0 1 2 index length 1 sub{ + dup 2 index exch get + 255 exch sub + 2 index + 3 1 roll + put + }for + }def + /tint_image_to_color + { + begin + Width Height BitsPerComponent ImageMatrix + /DataSource load + end + Adobe_AGM_Image begin + /AGMIMG_mbuf 0 string def + /AGMIMG_ybuf 0 string def + /AGMIMG_kbuf 0 string def + { + colorbuf dup length AGMIMG_mbuf length ne + { + dup length dup dup + /AGMIMG_mbuf exch string def + /AGMIMG_ybuf exch string def + /AGMIMG_kbuf exch string def + } if + dup AGMIMG_mbuf copy AGMIMG_ybuf copy AGMIMG_kbuf copy pop + } + addprocs + {AGMIMG_mbuf}{AGMIMG_ybuf}{AGMIMG_kbuf} true 4 colorimage + end + } def + /sep_imageormask_lev1 + { + begin + MappedCSA 0 get dup /DeviceRGB eq exch /DeviceCMYK eq or has_color not and{ + { + 255 mul round cvi GrayLookup exch get + } currenttransfer addprocs settransfer + currentdict imageormask + }{ + /sep_colorspace_dict AGMCORE_gget/Components known{ + MappedCSA 0 get /DeviceCMYK eq{ + Components aload pop + }{ + 0 0 0 Components aload pop 1 exch sub + }ifelse + Adobe_AGM_Image/AGMIMG_k xddf + Adobe_AGM_Image/AGMIMG_y xddf + Adobe_AGM_Image/AGMIMG_m xddf + Adobe_AGM_Image/AGMIMG_c xddf + AGMIMG_y 0.0 eq AGMIMG_m 0.0 eq and AGMIMG_c 0.0 eq and{ + {AGMIMG_k mul 1 exch sub} currenttransfer addprocs settransfer + currentdict imageormask + }{ + currentcolortransfer + {AGMIMG_k mul 1 exch sub} exch addprocs 4 1 roll + {AGMIMG_y mul 1 exch sub} exch addprocs 4 1 roll + {AGMIMG_m mul 1 exch sub} exch addprocs 4 1 roll + {AGMIMG_c mul 1 exch sub} exch addprocs 4 1 roll + setcolortransfer + currentdict tint_image_to_color + }ifelse + }{ + MappedCSA 0 get /DeviceGray eq { + {255 mul round cvi ColorLookup exch get 0 get} currenttransfer addprocs settransfer + currentdict imageormask + }{ + MappedCSA 0 get /DeviceCMYK eq { + currentcolortransfer + {255 mul round cvi ColorLookup exch get 3 get 1 exch sub} exch addprocs 4 1 roll + {255 mul round cvi ColorLookup exch get 2 get 1 exch sub} exch addprocs 4 1 roll + {255 mul round cvi ColorLookup exch get 1 get 1 exch sub} exch addprocs 4 1 roll + {255 mul round cvi ColorLookup exch get 0 get 1 exch sub} exch addprocs 4 1 roll + setcolortransfer + currentdict tint_image_to_color + }{ + currentcolortransfer + {pop 1} exch addprocs 4 1 roll + {255 mul round cvi ColorLookup exch get 2 get} exch addprocs 4 1 roll + {255 mul round cvi ColorLookup exch get 1 get} exch addprocs 4 1 roll + {255 mul round cvi ColorLookup exch get 0 get} exch addprocs 4 1 roll + setcolortransfer + currentdict tint_image_to_color + }ifelse + }ifelse + }ifelse + }ifelse + end + }def + /sep_image_lev1_sep + { + begin + /sep_colorspace_dict AGMCORE_gget/Components known{ + Components aload pop + Adobe_AGM_Image/AGMIMG_k xddf + Adobe_AGM_Image/AGMIMG_y xddf + Adobe_AGM_Image/AGMIMG_m xddf + Adobe_AGM_Image/AGMIMG_c xddf + {AGMIMG_c mul 1 exch sub} + {AGMIMG_m mul 1 exch sub} + {AGMIMG_y mul 1 exch sub} + {AGMIMG_k mul 1 exch sub} + }{ + {255 mul round cvi ColorLookup exch get 0 get 1 exch sub} + {255 mul round cvi ColorLookup exch get 1 get 1 exch sub} + {255 mul round cvi ColorLookup exch get 2 get 1 exch sub} + {255 mul round cvi ColorLookup exch get 3 get 1 exch sub} + }ifelse + AGMCORE_get_ink_data currenttransfer addprocs settransfer + currentdict imageormask_sys + end + }def + /indexed_imageormask_lev1 + { + /indexed_colorspace_dict AGMCORE_gget begin + begin + currentdict + MappedCSA 0 get dup /DeviceRGB eq exch /DeviceCMYK eq or has_color not and{ + {HiVal mul round cvi GrayLookup exch get HiVal div} currenttransfer addprocs settransfer + imageormask + }{ + MappedCSA 0 get /DeviceGray eq { + {HiVal mul round cvi Lookup exch get HiVal div} currenttransfer addprocs settransfer + imageormask + }{ + MappedCSA 0 get /DeviceCMYK eq { + currentcolortransfer + {4 mul HiVal mul round cvi 3 add Lookup exch get HiVal div 1 exch sub} exch addprocs 4 1 roll + {4 mul HiVal mul round cvi 2 add Lookup exch get HiVal div 1 exch sub} exch addprocs 4 1 roll + {4 mul HiVal mul round cvi 1 add Lookup exch get HiVal div 1 exch sub} exch addprocs 4 1 roll + {4 mul HiVal mul round cvi Lookup exch get HiVal div 1 exch sub} exch addprocs 4 1 roll + setcolortransfer + tint_image_to_color + }{ + currentcolortransfer + {pop 1} exch addprocs 4 1 roll + {3 mul HiVal mul round cvi 2 add Lookup exch get HiVal div} exch addprocs 4 1 roll + {3 mul HiVal mul round cvi 1 add Lookup exch get HiVal div} exch addprocs 4 1 roll + {3 mul HiVal mul round cvi Lookup exch get HiVal div} exch addprocs 4 1 roll + setcolortransfer + tint_image_to_color + }ifelse + }ifelse + }ifelse + end end + }def + /indexed_image_lev1_sep + { + /indexed_colorspace_dict AGMCORE_gget begin + begin + {4 mul HiVal mul round cvi Lookup exch get HiVal div 1 exch sub} + {4 mul HiVal mul round cvi 1 add Lookup exch get HiVal div 1 exch sub} + {4 mul HiVal mul round cvi 2 add Lookup exch get HiVal div 1 exch sub} + {4 mul HiVal mul round cvi 3 add Lookup exch get HiVal div 1 exch sub} + AGMCORE_get_ink_data currenttransfer addprocs settransfer + currentdict imageormask_sys + end end + }def +}if +end +systemdict /setpacking known +{ + setpacking +} if +%%EndResource +currentdict Adobe_AGM_Utils eq {end} if +%%EndProlog +%%BeginSetup +Adobe_AGM_Utils begin +2 2010 Adobe_AGM_Core/doc_setup get exec +Adobe_CoolType_Core/doc_setup get exec +Adobe_AGM_Image/doc_setup get exec +currentdict Adobe_AGM_Utils eq {end} if +%%EndSetup +%%Page: Alternate-ISC-logo-v2.ai 1 +%%EndPageComments +%%BeginPageSetup +/currentdistillerparams where +{pop currentdistillerparams /CoreDistVersion get 5000 lt} {true} ifelse +{ userdict /AI11_PDFMark5 /cleartomark load put +userdict /AI11_ReadMetadata_PDFMark5 {flushfile cleartomark } bind put} +{ userdict /AI11_PDFMark5 /pdfmark load put +userdict /AI11_ReadMetadata_PDFMark5 {/PUT pdfmark} bind put } ifelse +[/NamespacePush AI11_PDFMark5 +[/_objdef {ai_metadata_stream_123} /type /stream /OBJ AI11_PDFMark5 +[{ai_metadata_stream_123} +currentfile 0 (% &&end XMP packet marker&&) +/SubFileDecode filter AI11_ReadMetadata_PDFMark5 +<?xpacket begin='' id='W5M0MpCehiHzreSzNTczkc9d'?><x:xmpmeta xmlns:x='adobe:ns:meta/' x:xmptk='XMP toolkit 3.0-29, framework 1.6'> +<rdf:RDF xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#' xmlns:iX='http://ns.adobe.com/iX/1.0/'> + + <rdf:Description rdf:about='uuid:8aa76b3d-2474-11d9-a8a3-000393cd9a96' + xmlns:pdf='http://ns.adobe.com/pdf/1.3/'> + <pdf:Producer>Adobe PDF library 6.66</pdf:Producer> + </rdf:Description> + + <rdf:Description rdf:about='uuid:8aa76b3d-2474-11d9-a8a3-000393cd9a96' + xmlns:tiff='http://ns.adobe.com/tiff/1.0/'> + </rdf:Description> + + <rdf:Description rdf:about='uuid:8aa76b3d-2474-11d9-a8a3-000393cd9a96' + xmlns:xap='http://ns.adobe.com/xap/1.0/' + xmlns:xapGImg='http://ns.adobe.com/xap/1.0/g/img/'> + <xap:CreateDate>2004-10-06T16:15:40-07:00</xap:CreateDate> + <xap:ModifyDate>2004-10-22T21:51:43Z</xap:ModifyDate> + <xap:CreatorTool>Illustrator</xap:CreatorTool> + <xap:MetadataDate>2004-10-06T16:15:40-07:00</xap:MetadataDate> + <xap:Thumbnails> + <rdf:Alt> + <rdf:li rdf:parseType='Resource'> + <xapGImg:format>JPEG</xapGImg:format> + <xapGImg:width>256</xapGImg:width> + <xapGImg:height>152</xapGImg:height> + <xapGImg:image>/9j/4AAQSkZJRgABAgEASABIAAD/7QAsUGhvdG9zaG9wIDMuMAA4QklNA+0AAAAAABAASAAAAAEA
AQBIAAAAAQAB/+4ADkFkb2JlAGTAAAAAAf/bAIQABgQEBAUEBgUFBgkGBQYJCwgGBggLDAoKCwoK
DBAMDAwMDAwQDA4PEA8ODBMTFBQTExwbGxscHx8fHx8fHx8fHwEHBwcNDA0YEBAYGhURFRofHx8f
Hx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8f/8AAEQgAmAEAAwER
AAIRAQMRAf/EAaIAAAAHAQEBAQEAAAAAAAAAAAQFAwIGAQAHCAkKCwEAAgIDAQEBAQEAAAAAAAAA
AQACAwQFBgcICQoLEAACAQMDAgQCBgcDBAIGAnMBAgMRBAAFIRIxQVEGE2EicYEUMpGhBxWxQiPB
UtHhMxZi8CRygvElQzRTkqKyY3PCNUQnk6OzNhdUZHTD0uIIJoMJChgZhJRFRqS0VtNVKBry4/PE
1OT0ZXWFlaW1xdXl9WZ2hpamtsbW5vY3R1dnd4eXp7fH1+f3OEhYaHiImKi4yNjo+Ck5SVlpeYmZ
qbnJ2en5KjpKWmp6ipqqusra6voRAAICAQIDBQUEBQYECAMDbQEAAhEDBCESMUEFURNhIgZxgZEy
obHwFMHR4SNCFVJicvEzJDRDghaSUyWiY7LCB3PSNeJEgxdUkwgJChgZJjZFGidkdFU38qOzwygp
0+PzhJSktMTU5PRldYWVpbXF1eX1RlZmdoaWprbG1ub2R1dnd4eXp7fH1+f3OEhYaHiImKi4yNjo
+DlJWWl5iZmpucnZ6fkqOkpaanqKmqq6ytrq+v/aAAwDAQACEQMRAD8AiX5AfkB5O/MTydea1rV5
qNvdW+oyWSJZSQJGY0ghlBIlhmblymPfMfLlMTQbIQBDOPM//OKX5U6B5e1DWZ9R1uSOxhaX0hcW
il2H2U5G0NOTUFcOCcskxAVuWOaoQMj0Y1+Wf5EflJ56N+kUuvWEtgImZHu7OTmJS4+Glmv2eG+3
fMvXYJ6etwb8v2uPpNRHNdCqZz/0Jp+WH/V01v8A5H2n/ZLmv/MSczww7/oTT8sP+rprf/I+0/7J
cfzEl8MO/wChNPyw/wCrprf/ACPtP+yXH8xJfDDAfzv/AOcc/JHkPyHN5g0i+1Oe9juIYVju5bd4
uMrUYkRwRNXw+LJ48xkaRKAAfT/5V/8AksPKH/bE07/qEjzJaiynFXYq7FXYq7FXYq7FXYq7FXYq
7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq+BfyU/MTzH5Nhnn0yUPbSzt9ZsZqtBJ8CAMVBFGHZ
hv8ARtmz0uihnwkS58XPryDrdVqp4sorlXL5st1/z/8AmP5whlgu7p20+b7VnCqwW9AwYL250YD7
TE5eI6TSncgS+Zccy1OoGwPD8ggfLXmTzl5HvJLzTD9X9YKtwroksUiqSVVjvTc9iDlkp6bVjhsS
+wsIxz6Y3Vfc9B1b/nJjWZ9Hhh03TYrPVmH+lXTt6sQp/vqM/wA3+UTT365iY+w4CVyNx7v1uTPt
eRjsKk9s8j+YrjzH5W0/Wbm0aymu4wzwtsCRsXTcng1KrXemaHV4RiyGAN07jT5TkgJEVae5jNzx
v/nLL/yT91/zG2v/ABM5dg+pjPk9M/Kv/wAlh5Q/7Ymnf9QkeZzjllOKuxV2KuxV2KuxV2KuxV2K
uxV2KuxV2KuxV2KuxV2KuxV2KuxV2KuxV2KuxV+eX5W6Yl7aztLvBDMSy/zEqtB8tsyJ644NP6fr
lI18hZcX8oMuf1fTGP6S9h0Ly3rGtzm20q1M7RgF6UVEXtyZiFHTbOa3ke8u52Adr3lvWNEnFtqt
qYWkUlCSGRx3oykqeu+DeJ7iuxDANasU07UIriJFaF29RYmAK8kILKVPVc7bsjWnUYiJfVHY/oLy
/aOlGHIDH6S+zNB1K31TRNP1K2UJb3lvFPEg6KsiBgu38taZzGaBhMxPMF6DHMSiCOoR2VM3jf8A
zll/5J+6/wCY21/4mcuwfUxnyemflX/5LDyh/wBsTTv+oSPM5xyynFXYq7FXYq7FXYq7FXYq7FXY
q7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq+A/yedP0NepT4xccie5BRR+FMxNfE8ET0uX+9bNP
IcZHWh+l9K/kxr2kW1neaZcSxwXskwmjaQhfUUqF4qT1Kla098wMUg5Mgq/nNrujzada6XDKk9+s
4mbgQ3pIEZaMR0Lcht9PhjlIWIeCebnQQ26U+MszA+AAAP31zoPZyJ4pnps6ftqQqI67s3/KGD81
YPMejRFNVh8ts6tKJ0mFp6HAsOPqDgFYUoVzYdonTGEvp4/hduJoRnE4/VwfY+lCyggEgE9B45yr
0Lxb/nLe8tYvyoe2kkCz3N7bmCM9W9NqtT5A5bhI4wFlAmBI5B6l+Vf/AJLDyh/2xNO/6hI8z3EL
y3/nLq+1nQPJem69oWsalpWoyapHZytZX11BG8UltM5BijkVK8oFoaePjir0v8ooJB+W/lq8nu7u
9vNR0uyvLy5vbme6keaeBZXPKZ34jk52XbFWYYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7F
XYq7FXYq7FXYq7FX5z/l3fy2Nq88Y5D1mDodgylE2zaafSR1GnMJfztvI0HWanUSw5xIfzf0l6Zb
a3plwnITrGe6SkIR9+x+jOdz9k6jGa4TId43dti7QwzF8Ve/Zq61zTLdORmWU9kiIcn7th9Jw6fs
nUZD9PCO+W37Vzdo4YDnfu3S3y5bW3mjzpptlqVwtnZ3U6xO5JoEFTwBAPxP9kH+Y+GdXDCNJpyI
CyBfvPf+Ojz5ynU5xxbAvozTPzt/L2W4vbT60bO109R6E8qFY5kX4SIVUF9uylakduucN+aiSbfQ
Z9gamMYkC+LoOnveJeYvzDnP5kTeatBmlMUUoayS7qRxMYSRCgbZHPLYHp4HMKWT18Qet03Zo/Kj
DkA5b179vixD84/zA8y+btFi/TEsbJaSVt44o1jVTIRy6bn7I6nMzRZJSyi+4un7Y7OxabSS8Mcz
G32N+Vf/AJLDyh/2xNO/6hI83jwxeUf85q/+Ss0r/tuW/wD1CXeKvVfyn/8AJWeTf+2Hpv8A1CR4
q8j8x/nX5n8ifnH5nGr28+o/l4tzp9rNKnxtp082nwSckAqQklWYp0Y1K/FUFV7F5gutN1/yJe6h
pmoSNaT2M1xY6jp1zJC1fRfi6SwMh2PY9+o2xVjP5faLe+ZPyb8tx3WtanDPqNraXmo6jHeXBvpD
QSMqXLSGSIOwAbifs1HeuKvOfzm0m/8ALHnz8tdI0fzJ5hhsfMmqG01aNta1GQyRC4tI6KzTEp8M
77rir2bQfIEWia5+kbXWtYurZ7SW2msNQ1G7voS7yROkyC4kk4OgjZajs2KvH9Is9R1n/nJrzd5Q
utf12Py9p+mRXtnZQavqEQjmaOxJIZZg1K3D7Vpvir2Xy/5JTSdO1PTZdW1PUbS9ujcW8l3fXUlz
bxmGKMwpcmT1uIkjZx8X7WKvB/8AnH/RPMX5gflhrGqaj5x8wQa/BqE9rYagNWvfTjEdtBLH6kLS
NG685TyqtaYq9K/5xr86+aPOH5Yw6n5kJlvYbqa1hvWADXMMQUrK3EAVDM0ZPfjirHPzm/M7zt5G
/M6wvNIt5NV8u22jC78waSrbCD620RuUG5R0LKC4FKfa23Cr1fyr5t8s+ePLcWraHeG5066HFzG7
RTROAC0UnAq8ci13FfwOKsS/JBbuS183fXNQv9Qaz8y6rp1s97eXFyUtbaVUijX1XYLxA6jfFWA6
RZ6jrP8Azk15u8oXWv67H5e0/TIr2zsoNX1CIRzNHYkkMswalbh9q03xV6vB+XE8Oi3+ijzJrJs7
2/S8W5e+uJL6GBI4gbWK8eQzIjSxFiQfssy964q8i/ObSb/yx58/LXSNH8yeYYbHzJqhtNWjbWtR
kMkQuLSOis0xKfDO+64q9n0DyDFoWvDU7XWtXurdrWW2m0/UdRur+Eu8kTpMq3MknF0EbLUdmxVl
WKuxV2KuxV2KuxV8tf8AOKPkvyrr35Z6zJq+mQ3k02qy2zTSL+8WJLa3dVRxRk+JyaqQcqnqsmMj
hkR1T4EJg8QtKPzn/LXS/JV9pzaXNNJaakJisc5VijQlKqGULUfvO4zoezNdLODxAXGnR6/SRwkc
PIsk/Ln8gtN17QNP17V9RnSO9VpPqMCKhCh2VaysXryVQ32B1+nMXW9ryxzMIgbdf2ORpezIziJS
PPownzdp3kO384XUWjyXMOkWbMrRg82kkiFCsEjVKhn25PWg+LfZc1uP2mIgRKPFLoeh9/7Ofk9P
H2GyT4JxkIxl9Q6x93f+hj2oXjXt9cXjIsbXEjStGleILmpArU985ORs2+nYcfhwEbJ4RW/PZG2X
l+4mAec+ih6LSrn6O2TjiJdNre38WI8MPXL7Pn+Pek/5j6Pa2nliWWMuW9WMfEQep9gM2GhxgZHm
O0u2cuoxGEhER8v7X2j+Vf8A5LDyh/2xNO/6hI83LzpeUf8AOapH/KrdKWu51yAgd6C0uv64q9V/
KYg/lZ5Np/1Y9N/6hI8VYb5Q0/SvMf5j/nBpWq2yXNhdzaVbXVq+4ZBp/p12oQTwqCNwehqMVea6
5Yeb/wAgZ9Tgtlm1r8qtdWWJVrym0+edCq1rQA1NK/ZkHg2Kvevyiiji/KrycqDip0TT2I93tY2Y
/STiryz/AJyO/wDJp/kv/wBtw/8AUXp+KvoDFXzXp/lvSfMH/OXnney1P6x6CaPbzJ9VurmyfmsG
nKKyWskLkUY/CWp3psMVe6+U/LmkeW0vdK064llV5hfGK5nluZo1nURqGlneSRlLQNxLH27Yq+XP
yK8n+e9f/IrzOPKfmS5025fULiJdIRLcQ3LLa2zOPXaP6xE8qNwqkqjYV74q93/Ij8xPLvmnyhBp
tjaR6Pq2hItnqnl9FMZtnj+CqI3xemxB3O4NQ2+KqFxLDN/zkwllKitGfJMpYPQhxLqiqUKkb7R4
q8984/l15r/JzzNP+YP5axNd+WZjy8w+WBXikIqzMgFf3a7lSByj90qMVehf8476tZ635O1fXrON
ooNZ8watqCJJTmFuLkugehI5BKA0xV57p/lvSfMH/OXnney1P6x6CaPbzJ9VurmyfmsGnKKyWskL
kUY/CWp3psMVe6+U/LmkeW0vdK064llV5hfGK5nluZo1nURqGlneSRlLQNxLH27Yq8e/5yO/8mn+
S/8A23D/ANRen4q+gMVdirsVdirsVdirsVfOv/OGn/ksNU/7bc//AFCWuYeo+pux8ntWreX9C1hE
TVtOttQWLl6X1mFJeHOnLhzB41oOmQx5pw+kke5M8UZ/UAUFq3mDyp5P0+zhv7iLTLI0t7KMIxUB
F+yqxq1AB36ZTlzC7kdy5ek0OTN6cUb4Q+XvzM13S9c866lqGmRJHZO4SOSMcfWKDi0xG28h36dO
u+arLIGRIfRey9PPDp4xmfV93l8EHoGmqVF5KtTX9yD2p+1/TJ4odXS9vdpkHwYH+t+r9f8AanuZ
DyTEPzS/5RKX/jNF/wASzJ0f1teb6X2H+Vf/AJLDyh/2xNO/6hI82zhlb51/K3yR52EK+aLGXUYr
ducMBvLyGJXpx5CKGaNOVO9MVTHy15Q0Ly1p0em6MlxBYQp6UFvJd3VwkaDosYnll4AduOKoTRfy
68p6Lr1/r2m29xDq2qFG1G4a9vZfXMYIT1ElmeNuAYhart2xVPNS03T9TsJ9P1G3ju7G6QxXFtMo
eN0bYqynYjFWtK0yx0rTLPS9Pi9CwsII7W0hBZgkMKBI1qxZjxVQNzXFWO+avys8j+a9VstV16xm
u7/TW9TT5heXkIgcFTyiSGaNENY1NQOoxVlFvAkEKQoXKIKAyO8jfS7lmP0nFWDXn5Gflnd69P5g
n066Ot3NPW1FNT1KOZqKEHxpcqacVAxVO9F8g+WdFsr6z02K5ij1Fle8le+vZZ3ZAFWlxLM8y0Ap
RXGKqPkr8s/JfkmGWDyxZSafbzuZZbf63dzRNIVCl/TmlkTlxUCtMVWXX5XeRbjzT/ir9Gm28wkF
ZNRs7i5s5JAQAfVFtJEslaCvMHFVWb8ufKU3mtfNklvcnzAkRt0vhfXqlYCxcxCMTCMR8mJ4caYq
yUgEUO4PUYql2g+W9D8v2cllotlHYWck0lw1vCCsYklNXKrWignstBirFLz8jPyzu9en8wT6ddHW
7mnraimp6lHM1FCD40uVNOKgYqyLyx5N8v8AllLpNHhmjN66y3Ulxc3N5I7KvFayXUkz0A7A0xVL
vNX5WeR/Neq2Wq69YzXd/prepp8wvLyEQOCp5RJDNGiGsamoHUYqyi3gSCFIULlEFAZHeRvpdyzH
6TiqpirsVdirsVdirsVfOv8Azhp/5LDVP+23P/1CWuYeo+pux8nvOY7Y8/8Azo8q6Nq/lK61O/eW
O40aCaayeJqLzYCiupqCGZVB75j6mAMbPR3XYeryYs4hGqmQC+XIYmlmjiX7UjBR82NM1z3+XIIR
MjyAtmqIqIqIKKoCqPADYZmgU+X5MhnIyPMm12Fghvzc8i6jZ/lNJ5hvHEKS3FsLe1pV2SRtnY1+
HboMy9JH1W1ZTs+nfyr/APJYeUP+2Jp3/UJHm0cQph5t84eXfKWjSaxr94tnZIwRWILvJI32Y441
DO7t2Cj8MVYZqX57aRpCQXOs+V/Mel6ZcOkUep3ViiwBpCAgfjM0sfIttzQYq9MxV2KuxV2KuxV2
KuxV2KuxV2KuxV2KuxV2KuxV2KuxV2KuxV2KuxV2KvnX/nDT/wAlhqn/AG25/wDqEtcw9R9Tdj5P
ecx2x4p+e3lfzteTXGr2dy7eXLa1Q3NoJ2ChkY839H7J6jf2zC1MJXfR6z2f1eniBCQ/emWxr9Lw
yw/3utv+Mqf8SGYkeYen1wvBP+pL7mZZmvmTsVZ7/wA5N6hZ6h+Rn12zINtNc2bRhabDkfh27r0O
bDTm5Boyci9X/Kv/AMlh5Q/7Ymnf9QkeZ7jF43/zl1Lrmk3vkTzVBAbvSNC1Fp7m3IPpfWFeGWES
0rtIsLqK9PpxV6v5X84+R/zX8mXB06cXFleRGDULJqLc27Ov2ZENeLKd0bcGlQTiqF1P85dE0r8w
NN8j6ppGp2OpauwXTr6ZLX6lKDWhWVbhm+0OPHhyrTbcYqnfn7z3pvkrRYtWv7S7vo5rmGyhtbBY
pLiSa4PGNUjlkh5knspJ9sVa1vz9pOg6TZX2t29zY3WozJbWGjlY576a4k+zFHHbPOrN40eg7nFV
C2/MOI6rHp2p6DqujGaGa5hur2O2Nu0cCeo/7y3nuOLcd+D0b2xVj+t/njDofl6TzFq/kvzJZaPC
sby3M0OnrxEzrGnKP676gq7qKccVRNp+cf1rSrPWU8meYho97HDPFf8Ao2DRiC4CskzLHePIE4sG
Y8dh1xVW8+/nFpHknXNH0bUtG1S7u9flNvpDWS2jpPMGjTgPUuYmU8p0HxAdcVR+kfmFNfa7a6Pe
eV9a0aW9SV7e6v47P6uTCvJkL29zcEMR0FMVTTW/OGiaLrWiaPqEpiu/MEssGnGg4GSGP1CrGu3I
bLtudsVTvFUj8u+cdD8w3utWelymWTQb06ffNQcfXWNXbgQTUKX4GtPiU/MqobzF5/0XRdZtNBEV
zqfmC+jae30iwjEs/oKeLTSF2jiij5bcpHUE9MVVPLXnBNb1HUdNl0nUNH1DTEgkuLfUY4V5JcmV
Y3ikt5biKRawOCVfFWQ4q7FXYq7FXYq7FXYq7FXYq+df+cNP/JYap/225/8AqEtcw9R9Tdj5Pecx
2x51+eHmy/0HysLa2sUuYdZE1jPPIW4xCSOlAi05MyluPxbU6HMfUzMRXe7zsHRxzZrMqMKlXfu+
YCHR6EFXU7g7EEZrn0AgEeTMrO5W5to5l/bHxAdj3H35mRlYfNNbpjgyygenL3dFbJOIxj80NQvk
8i3Fis7izluIXe35HgWVtm49K++ZWj+trzfS+u/yr/8AJYeUP+2Jp3/UJHm1cMpxrekaHr2nXeh6
vbxX1lcxgXdlLQ1jcnixA+JfiQ8WHcbbjFXx/wCefJXmT/nHvz/p3mzy1cyXHli9mMSo7fEU+1JZ
XIFA1UFUf2rsVxV9Efnb+XUf5geRuWnEx6/ptNR8vXa1WRZlAb0ww+IeqAB7NxPbFWLfk35j1D83
LrTPOOsxenY+VIhaW9r+xNrTxA3N5xB+ykLqIlP2S7HFU7/Pv8vvN/mO20LzF5MuBH5o8p3El3YW
zlQswlCc1Bf4OX7paB/hIqD1xVA/lD+ek/mzXn8necdGOh+drBWlELIyxSlFIdo1kq8T8GJpUgrU
hqbYqmH/ADlH/wCSJ8zf9GP/AHULfFWVflQA35VeTlYVB0LTQQehH1OPFXkn/OTk89v+Y35Pz29u
95PFrEjw2kbIjyut1YFY1aRkQFzsCzAeJxV61onm/wAwahr0Ol6n5SvdFR4JrlLy6uLKaP8AcsiF
V+qzXB5H1h1ptirxr/nJzRvMHmLzXZRaFM8eoeTNDm8ywrGKuXN7DH8BrXmEt3kX4TulO+Ks6i/O
car+TVj5q0dFk8x6z6el6fp43/3MzH0fTof2Uesu/wDusVxVhn/OMdldeWPP/wCYvkq8uWu5rOe3
uVuXJ5SGsgkkIPd/UQ4qmv5xeUPzP0Pz/b/mj+XcS6ldrZDT9X0dl9RpIUfn8EYKtIrUWqoeYK1F
a7Ksv/Jv839H/MewvZVsW0rzDphSDWNOloXQ1fgVchWZOQfZgCpqCO5VejYq7FXYq7FXYq7FXYq7
FXYq+df+cNP/ACWGqf8Abbn/AOoS1zD1H1N2Pk95zHbGiqkgkAlTUHwNKfxxS+UPzkutEufzA1KT
SkdOLCO+5rwU3UfwylFNDTYVr1apzV5iOI0+jdiQyR00RP4f1ejGNK1RrOQq9Wgf7Sjsf5hkYTpe
1ezBqY2Nsg5H9BZRDNFNGJImDoejDMoEF4TNgnilwzFFif5pf8olL/xmi/4lmVo/rcXN9L7D/Kv/
AMlh5Q/7Ymnf9QkebZwykHm1PzQ0f8w18xeWdIh8w6BeaZBYajpf1uO0uVnt7i4lSaJp6RfZuaHf
f2oDirH/ADj5I89/mxe6Rp3mfSI/K/k3TLpb+8tXuoru/u5kVkRF+r8ook4uwJ5k71xV7DdzSW1o
8kFs908Y/d2sJjV27UUytGg+lhirx7/nGDyX5z8keT7/AEHzPo0thcz6lLexTie0miMb28MYH7ma
R+XKE/s4qzXzNqX5haV5piutG0L/ABB5euLRIrq2huoLa5guY5Xb1Y1uWjidWRwGHMHb23VY/pvk
zzH5j/NnTvzB1/SU0CDQbGSz0ywaaK4vJpZxIjyTvbs8KIkcrBUDtua1xVGf85AeXvMnmb8r9V8u
eXtNk1HUtSNuIwstvCiCC6hnYu08kXVYzTjXFU9/LC11iw8haBpGr6bLpt/pWnWllcRyyW8oaS3h
WJijQSSgiqV3p1xV5z+fXlHz/r/nbyHq/lny9JqsHlO+a/umN1Z26y1mtZljT1plf/j3YElcVZ/p
3mfz3qGr6fay+TrrRtPeR21HULy70+ZUjWJyqpHbXE0jM8vBelAN8VSnyzpHmVvzd8z+YNU0S4tN
Jv7KxsNKuZJbSRSluJHnMkcVxI68pHAX4DXvTFWOflr+Q0vlP8ytZ1R5eflS3ma78q6dyDJFc3iB
LiUx/stCiekh7qcVdZ+TPO2hf85H635ztNElvfK+uWEdrNPBPaKVlWKD4/Rlmhf7dvStD9onFWXX
ut/mbpHmnWI4/K7+YfLtzJFNpNzZ3tpDNCBbRRywyxXckAoZkd1Kt3xVB/lr5C1ew84eavPWu28O
nap5nkhWLSbdxKttb26BAZJFCq8spHJ+OwPc1xV6RirsVdirsVdirsVdirsVdir51/5w0/8AJYap
/wBtuf8A6hLXMPUfU3Y+T3nMdsQGoa9omnT29vf30FrcXTrHbQyyKryO7cVCKTU1O2WwwzkCYgkB
hLJGJomrQd15K8p3eoXWo3WlW897ex+jczyIGZkC8e+wPHao3zGOKJNkOdDXZoxEYzIjE2Hyf5k0
uzj81alp2hRTzWkFxLHbRspaXhETy2ArQUPUVp1zWGO5p9G0+c+DGWUgSIHuspTBc3Fu/OFzG3en
eniO+AGm7Pp8eWNTAkEr896vd3Plp4JuLD1IzzpRtj7Gn4ZsNBMnJReT7d7Jw4cByQsGx12/Hxfb
v5V/+Sw8of8AbE07/qEjzePFFlOKuxV2KuxV2KuxV2KuxV2KuxV2KuxV2KuxV2KuxV2KuxV2KuxV
2KuxV2KuxV86/wDOGn/ksNU/7bc//UJa5h6j6m7Hye85jtj5B/OE2S/mVrEun3KTwvKkglicOFkM
amReQJ3WSvyztuzb8CIkKeW19eMSCzGx/wCcmfMNvaWsM+k29zJDGqTztI6tKyinPYUUnqeuYM+w
4EkiRDlR7XkALDBvzG8+t5y1tNSXT49NVIkQxxkO7utfjkkCoXO9FqNhmZoezoaeyN5Hr+hp1naW
TOBAkiEeUb2vvZjpf5M+bNeg8vanNJHLYX8UL3tz6oNwkUjGQu4YDkwjYKtGY9K0zi+1cHFqZcIA
jfT7ftfRewO2oYNCIzMjkAJF7+4Wln/ORn5QaL5T8irq+k3F1KGvIYJobgo6qrh25hkRKfEoXfxy
OlwCGQENGt7ZyanBKExEcjt7w+kPyr/8lh5Q/wC2Jp3/AFCR5tnnCxj88Pzoi/LzTrSz061Gpeat
YPDSrA1KD4gvqyhSGK8moqjdjtUbnFXaF+WHnPUrGO988+dNYfV5xzmsNGuf0bZ25bf0k+rKkknD
pyL7+GKpJ5+/Lfz15b0afzB5N89a4X04fWbvTNUufr8UluhDS+m8ysyssYLDlyrSm2Kva8VdirsV
dirsVdirsVdirsVdirsVdirsVdirsVdirsVdirsVdirsVfHH5K/mFceTPyPvZrD021W98wzR2qyg
soSO0tGlYgUqKUXr+1lul0Yz5al9IH9jRqtUcWOx9RKa+aP+cgPNGu+XW0lLaLTZ5zS7vLV3BeKm
8aK1SnLueZ22za4Ox8eOfFfF3AutzdpznDhqnmkUApyfv0X+uYHavb/gyOPFRkOZ6D9r1Hs97HnU
wGbOTHGeURzkO/yH2nyVQqAEBVofYE/ed85qXbOqJvjP2Pcx9l+z4x4fCj9pPzu1jwIw+H4W/A5t
tB7RzEhHNvH+d1H4/FvOdsew+MxM9L6ZD+AmwfcTuD7yR7no/wCT/wCbcnlK4k0vWZJJNAkDsigF
3gmAJ+AdeLnYr47+Ob3tHs8ZwJwri+8PBaLWHCTCd19xX/n5+cXlzzh+Xt/pGm29zC8c1vOs1yEQ
OElClVVWc/t1zUz7MyYQJSI+Ds8WvhlJiL5Poj8q/wDyWHlD/tiad/1CR5BtL5u8+3Bv/wDnMzSL
bURW1srrTYrMP9mgt0uEpX/l4kP04q+usVaIBFDuD1GKvMPzU/MTW7LzT5d/L3yq6QeZvMzGR9Rk
QSrZWUfIyTLEdncrE/Hl8PwmuKprc/lSs9sKebPMkeohaDUE1OZfiofiNsKWp3PT0sVYX+Vv5k+d
NP8AzL1L8qfPk6alqVtGZ9F1xEETXMKp6gEqr8JJiPIECoKsGJ64qk/mP86/M/kT84/M41e3n1H8
vFudPtZpU+NtOnm0+CTkgFSEkqzFOjGpX4qgqvYvMF1puv8AkS91DTNQka0nsZrix1HTrmSFq+i/
F0lgZDsex79Rtirz6383eYPLf/OMsHm2ykn1PXhpNvdtPezS3bmacokkzGZnNIw5k49NsVVfI9jo
/nfybZavoHnbVbvzAkcMt7cDUp1CXNFd4LmwRhBGjMrLQRV4/ZJGKorzz588wal+Zenflf5Uuf0b
dzW5v9f1wIkstraAEiO3SQMnqybfEynjyFB4Kpxqn5TyT2kh07zd5isNVKn0b46lPOgfqC9rITbs
teoVF9qYqxj8kvzR806t5j1/8u/PHpyeafLvJhfwKI1urdHWMyFV4gNWRGBUCqsNgQaqsa0qz1HW
v+cmfN/k+58wa7F5fsNLjvLOzt9Xv4hHM8diSVZZq0rcOaHbfFU5/KrV/PVl+avnj8ur3WLjWtI0
i2juNN1i9P1ie3kuFjeGKSQ8WkJSY1qesZpSuKqX52eTpvJv5R6vrmkeZ/Mn6Y09bQRXk2tag9TL
dwwuzR+sI/iSRv2cVT3yT+Xh1n8v/LesnzL5ii1m+0ywv5Lg6zfyRtcSQRzNzheVozGzn4lp02FM
VY//AM5AX+sad+Zf5X22m6tqVha6/qv1XVra0vrqCKaFbmzjCmOORUX4ZnBKgVrirJv+cj5b3Sfy
d1fVdK1C+0/UdNFoLS6tby5hkAkvIYW5tHIvqVRyKvXFWUflR6z/AJa+WLu4uLi7u77S7K7urm6n
luJXmnto3kYvMztuxrQGmKsJsDej/nJi80U6lqLaPF5bXU49Oe/vGtxdC8ii9T0mlKH4CRxI4+2K
oX8/fzcvPIHm/wAivDK/6PknuZddtkJo9n+6hqyjqV9RnT/KXFXsFzrGmW2kSaxNcoumQ25u3u61
jECp6hkqP2eG+KvJf+cd/wAz9U8+XnnafUGkQQanHNY2cvW2tJ4jHDEFJ+Ha3JbsWJPc4qwz/nFD
QdH138oNY0/VrWO7tJNbn5RyDofqlrRlI3Vh2INcx55pY5iUTRZ+HGcakLDyTU7a1j1y9t7RWW0i
uJlgSQ1YRI7cQxHU8RnU6zUyxaaWT+IR+0/tdN2Xo46jWwxfwyn/ALEbn7GWflb5Oh82+bodPuiR
Ywo11ehTRmijKjgDsRyZ1Wo7Z5tihxy3fae1dZ+VwcUef0x/Hk+p7Py/oVlYiwtdPt4bMLxMCxIE
I/yhT4vpzZDHECqfPZ6nJKXFKRMu+3g357/l3pegyWuu6PCLazvZDBdWqCkaTcS6NGP2Q6q1V6Cm
2YOoxCO45PY+z/aU8wOOZuURYPk8buFHIMB1G/zGdr7O6g5NPwn+A18HgfbbRRw63ijyyR4vjyP3
X8WX/mR+VFlon5Kx+a57trnUL9rKW3iQcIoormj0Nfid+JG+w9u+U63tE5JnEBUQfudfo9EIR8Qm
yR976m/Kv/yWHlD/ALYmnf8AUJHmI5heIf8AOUv5ZeY013TfzQ8qxPNeaV6LalHEC0kbWr+pBdKg
3YL0enQAHpUhV6z+U/5y+VPzE0aGayuY7fW1QfX9HdwJo5AKsUU0Mkfg4+mhxVkHnfzlpXlPQZtT
vpYxMR6en2jtxe5uX+GKGMAMxLuQDQGg3O2KvEvzwFx5K/PPyX+Z1xE7+XkjGm6jOoLiAsJomYge
MNyWXxKnFX0LZXtnfWkV5ZTx3NpOokguIWDxujbhlZSQQfbFXhOlab/i7/nKm58z6YPV0XyhYfUr
m/XeKS9khkiMKMNmZBcNy8OPyqqyDyhp+leY/wAx/wA4NK1W2S5sLubSra6tX3DINP8ATrtQgnhU
Ebg9DUYq811yw83/AJAz6nBbLNrX5Va6ssSrXlNp886FVrWgBqaV+zIPBsVe0/l3e6Lp/wCVHkSz
1Dgtvq+l6dZRxygGOSW4sRIY2DbH1OLCncmmKvHPze/Ke0/K7U9L8/8A5cXMumajLqMFmdAVyYrl
rhifSiqeXF+NGiNVp0pTFUx84T/8q9/5yis/OOsAxeWvNdqti+pN/dQyiFIOLtSi0aCNmr+yxPY4
q+jY54ZIVnjkV4HUOkqkFSpFQwYbUp3xV4P+VWlN5k/5yB88fmNZrXy6iLpOn3Y/u7meKOCGV4mG
zov1U7jb4hiqS2Wk6vqn/OXXniDStauNBuk0eCT65bRW87Mog05fTZLqOZOJLBthXbriqffkj5qf
yz5r1v8ALfzoEg85zXcl7DrT1H6YSUkpJzcmrhBRFFBxHEAFWxVkX/OUf/kifM3/AEY/91C3xVlX
5T/+Ss8m/wDbD03/AKhI8VeVf85Hf+TT/Jf/ALbh/wCovT8VZv8A85HaVeap+Snmi1s4zLOsENxw
UEnha3MVxIaDwSJjiqY/kjrFhqv5S+U57KVZUt9LtbObiQSs1rCsEqNToQ6HFWN+Xok1T/nJTzLr
Fk/rWej6Bb6PeSrui3c1wtx6XIbFkSP4h2OxxVCeavK+n+f/AM1vNXl6+/3ktPKtvp4f7XpXF7dt
dJMFr9pTbxMNv2cVYD+WeqeavNGi235IazBLDcaBfNH5mujXidFs3V47cPt8U0pWJaf7qFcVZL+W
PDRP+coPzD0FVEUOo2kOoQqo4oSBDJRen/LU3TwOKsC/5x7/ADR0byR+VF8LqGW71C61m5a0tYxx
Vgtpagl5SOKip7VPtksWglnnsaiObVm1kcMd9yWBTXZn1Ca6ICGeR3I6hfUJr91c6DXabxNPLGOf
Dt7xydZ2TrRg1mPMeQnv7jz+xmf5V+cYPKfm+HULsH6jPG1relRVljkKtyA/yXRSfbPNcU+CVvtf
a2jOpwGMfq5j8e59U2etaPe2Iv7S9gmsqBvrKSKYwD4tWg+nNkJgi7fO54JxlwyiRLup4D+fP5ga
ZrtxaaJpE4ubSwdpbq4jNYnmI4qEYbMEUt8Q23zB1GUSNDkHs/Z/s6eEHJMVKXIda/a8duGqwUGo
A3HgTna+zmnMNPxH+M38HgvbbWxzazgibGOPCf63M/oHves/m/5m0DV/+cb7S10y8WebTjpltdQH
4ZY3iURnkh3oSux6HNbqcE4ZyZD6iSGjTZYSxARPIB75+Vf/AJLDyh/2xNO/6hI8LIspxVg+v/kl
+VOvXbXupeWrRrx25vc2/O0lZ615F7ZomLe9a4qoaR+Q35S6TqUGp2nl6Nr+2dZbe4uZ7m7ZHQhk
ZfrMsoBUio8MVZvf6fYajZzWOoW0V3ZXC8J7adFkjdT2ZGBUj54qwy1/JD8s7MsLPS5bWByS9pBf
X8Vq1a15WyTrCRv0KYqy7StG0nSNOi03SrSKwsIV4xW1sgiRR7BKUPviqT6L+XXlPRdev9e023uI
dW1Qo2o3DXt7L65jBCeokszxtwDELVdu2Kp5qWm6fqdhPp+o28d3Y3SGK4tplDxujbFWU7EYqk+p
+QPJ+qeV7XytqGmR3Og2McMVnZOzkRLbJ6cPF+XqAouwblX3xVB6P+VPkTSdSt9TttPkmv7Ov1O4
vru7v2gqKfufrcs/pmn8tMVT/WtD0bXNOl03WLKHULCYUltrhFkQ+BowO47HqMVYnbfkj+WltEbe
HS5VsmrXTzfX7WdD1H1VpzBT24YqzOysrKxtYrOyt47W0gUJDbwoscaKOiqigKo+WKsXsvyo8jWX
mqfzZbWdxH5iul4XOo/X79pJEAUcHDTlWWka7EU2GKovzf8Alz5L84NaP5h0xLyexYPZ3SvLBcRM
CG/dzwPFKvxAGgbrirfmL8v/ACt5k0BdA1yC4vtJWnK3kvbwF+Lh19WRZhJLxZQRzY0xVHeXPLOj
+XNMh0vSI5YbC3RYreCW4uLgRxpsqoZ5JSoAPQYqlPmn8rfJHmnVrHV9dsprvUNMcSafMLy8hEDg
q3KJIZo0U1jU1A6jFWTRW0UVuLccniA40lZpWIP8zSFmb6TirCh+SP5ZJczXNrpD6e9weU8en3l7
YxOf8qG1mhiP/A4qyjy/5c0Ly7pqaZodjDp9ihLCCBQoLN9p2PVmPdjviqA0nyH5Z0nX77X7GG4T
VtT9P9IXEl7eTCb0UKRc45ZnjPpqxC/Dt2xVMLPy/otlq+oaxa2ccOp6qIRqN2oo8wt1KRcz/kKa
DFUmvPyw8k3fm7/GEljKnmQoIjqMF3d27lAnphSsMsaEcRTdcVfOX/OO/wCXGled/wApJ7e+mktm
svMFzJHPCFL8XsrUOnxVA5UU/Rjj1stPMkC7DDLpY5ogHoU9/M/8hodE0RNU8r/WLtLQMdRgmZZJ
TH19VOCp9n9oAdN+xzZ6Dtc5J8OShfL9TrtZ2aIR4oWa5vHIphTi/wBDf1zF7V7A8WRyYtpHmO/3
eb0vs97Yfl4DDqAZYx9MhzA7j3j7R5qoZCvLktPmK/d1znD2Nqga4D9n38nuI+1HZ5jxeLH7b+VW
sedR9j4j49vxzcdn+zkuISz7D+b+s/qeX7Z9uIcJhpbMj/Gdq9w5376rzZn+Xv5ReYPOkFzeRyCw
sYgRDdzozLNNX7C0INB+029OmdDq+0MenqNWe4dA8Dp9HPPcifiepQv5oflBrHlD8vdZ1PWJYZJP
XtLayNuxdGV5eUjnkEYEcFA27nNZrO0o5hGML7zbsdJoZYiZS+D6p/Kv/wAlh5Q/7Ymnf9QkeYbm
FlOKuxV2KuxV2KuxV2KuxV2KuxV2KuxV2KuxV2KuxV2KuxV2KuxV2KuxV2KuxV86/wDOGn/ksNU/
7bc//UJa5h6j6m7Hye63Mxht5ZgjSmNGcRoKs3EV4qO5PbKYizTMmg+NNH8sa75q85nSVga31C7u
He8EiFfQBYtK7qeJASvT6O+dzlzww4uK7iBt5vJwwyy5OHkSfk9Lk/5xf1YT0j16BoN/jaB1f2+A
Mw/4bNUO3o19Jv3uw/kc/wA77Hk+q6PdeW/M8um6nCJJdOuAs0RFVkRWDAivVZEoR7HNxjyDLj4o
/wAQdZPGcc6l0L7Wso7SO0hSzRI7RUUW8cahECU+EKoAAFM4ORNm+b18QK25PIf+csv/ACT91/zG
2v8AxM5Zg+pE+T0z8q//ACWHlD/tiad/1CR5nOOWU4q7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FX
Yq7FXYq7FXYq7FXYq7FXYq7FXyD5H/Lj/nLDyRpMuk+XLW1tbGedrqSN5dPlJldEjLcpGY/ZiXbK
5YxI7s4ypkX1b/nNfws/v0vI+BHuZcZUv0Z/zmb9Z+tehYfWuHp+vx0r1OFa8OXXjXemHwhVb0ji
3vZV+rf85r+Fn9+l4PAj3J4yl0nlT/nLmXVv0vLp2lyaoEWMXjx6S0oVCStGIqKV6jLBYjw2eHut
rIjxcVC0x+rf85r+Fn9+l5X4Ee5s4ykfnHyH/wA5becdEfRdftrW5055ElaJZNOiPOM1U8oyrYY4
gDYQZW+m/IelXuj+R/Luk3yhL3TtMs7S6RSGCywW6RuAw2NGU7jLWsp7irsVdirsVdirsVdirsVd
irsVdirsVdirsVdirsVdirsVdirsVdirsVdirsVf/9k=</xapGImg:image> + </rdf:li> + </rdf:Alt> + </xap:Thumbnails> + </rdf:Description> + + <rdf:Description rdf:about='uuid:8aa76b3d-2474-11d9-a8a3-000393cd9a96' + xmlns:xapMM='http://ns.adobe.com/xap/1.0/mm/'> + <xapMM:DocumentID>uuid:c63b31d6-45fe-11d8-8e7c-000393cd9a96</xapMM:DocumentID> + </rdf:Description> + + <rdf:Description rdf:about='uuid:8aa76b3d-2474-11d9-a8a3-000393cd9a96' + xmlns:dc='http://purl.org/dc/elements/1.1/'> + <dc:format>application/postscript</dc:format> + </rdf:Description> + +</rdf:RDF> +</x:xmpmeta> + <?xpacket end='w'?> +% &&end XMP packet marker&& +[{ai_metadata_stream_123} +<</Type /Metadata /Subtype /XML>> +/PUT AI11_PDFMark5 +[/Document +1 dict begin /Metadata {ai_metadata_stream_123} def +currentdict end /BDC AI11_PDFMark5 +Adobe_AGM_Utils begin +Adobe_AGM_Core/page_setup get exec +Adobe_CoolType_Core/page_setup get exec +Adobe_AGM_Image/page_setup get exec +%%EndPageSetup +Adobe_AGM_Core/AGMCORE_save save ddf +1 -1 scale 0 -148.752 translate +[1 0 0 1 0 0 ] concat +% page clip +gsave +newpath +gsave % PSGState +0 0 mo +0 148.752 li +254.868 148.752 li +254.868 0 li +clp +[1 0 0 1 0 0 ] concat +54.9161 147.252 mo +1.5 147.252 li +1.5 1.5 li +54.9161 1.5 li +54.9161 147.252 li +false sop +/0 +<< +/Name (PANTONE 7506 C) +/0 +[/DeviceCMYK] add_csa +/CSA /0 +/TintMethod /Subtractive +/TintProc null +/MappedCSA null +/NComponents 4 +/Components [ 0 0.05 0.15 0 ] +>> +add_csd +1 /0 get_csd +sepcs +1 sep +f +7.82032 17.3956 mo +12.9034 12.8946 20.6797 13.3624 25.1856 18.4405 cv +29.4395 23.2481 29.1768 31.1573 24.5225 35.4014 cv +19.4395 39.9131 11.2784 39.8477 6.76954 34.7637 cv +2.26661 29.6758 2.73926 21.9004 7.82032 17.3956 cv +cp +11.7549 43.3096 mo +12.2579 48.5938 li +16.7979 48.8663 li +17.9268 43.7178 li +20.3682 43.4747 22.7608 42.7344 24.8936 41.4756 cv +28.8946 44.7803 li +32.2999 41.7657 li +29.4512 37.3243 li +30.8975 35.3721 31.9356 33.1631 32.5196 30.8428 cv +37.9678 30.3233 li +38.2413 25.7842 li +33.0137 24.6417 li +32.794 22.21 32.0909 19.837 30.8458 17.6924 cv +34.1573 13.6866 li +31.1416 10.2813 li +26.8135 13.0518 li +24.8252 11.46 22.5674 10.3506 20.1846 9.75684 cv +19.6973 4.61329 li +15.1592 4.34083 li +14.0616 9.35645 li +11.6202 9.62598 9.22754 10.4092 7.04786 11.7168 cv +3.06153 8.42383 li +2 9.36426 li +2 15.0967 li +2.42969 15.7667 li +2.27442 15.96 2.14551 16.167 2 16.3663 cv +2 42.168 li +5.16114 40.1416 li +7.12208 41.6631 9.37012 42.7315 11.7549 43.3096 cv +/1 +<< +/Name (PANTONE 301 C) +/CSA /0 +/TintMethod /Subtractive +/TintProc null +/MappedCSA null +/NComponents 4 +/Components [ 1 0.45 0 0.18 ] +>> +add_csd +1 /1 get_csd +sepcs +1 sep +f +19.8682 23.167 mo +21.6221 25.1495 21.9336 28.1055 19.6426 30.2452 cv +17.7315 32.5264 13.9385 32.1124 12.1084 30.046 cv +10.2051 27.9034 10.4053 24.626 12.5489 22.7256 cv +14.6924 20.8213 17.9698 21.0293 19.8682 23.167 cv +cp +24.5225 35.4014 mo +29.1768 31.1573 29.4395 23.2481 25.1856 18.4405 cv +20.6797 13.3624 12.9034 12.8946 7.82032 17.3956 cv +2.73926 21.9004 2.26661 29.6758 6.76954 34.7637 cv +11.2784 39.8477 19.4395 39.9131 24.5225 35.4014 cv +/2 +<< +/Name (PANTONE 871 C) +/CSA /0 +/TintMethod /Subtractive +/TintProc null +/MappedCSA null +/NComponents 4 +/Components [ 0.3569 0.3608 0.6353 0.1882 ] +>> +add_csd +1 /2 get_csd +sepcs +1 sep +f +42.0054 124.904 mo +38.6949 132.106 29.9537 135.87 22.7505 132.561 cv +15.5523 129.245 12.4058 120.72 15.7144 113.527 cv +19.0259 106.334 27.5503 103.179 34.7427 106.488 cv +41.5435 109.62 44.98 118.187 42.0054 124.904 cv +cp +52.1324 108.189 mo +46.0132 109.425 li +44.6382 106.935 42.775 104.731 40.4371 103.029 cv +42.0914 97.1954 li +37.271 94.9756 li +33.9527 99.9629 li +31.0816 99.1973 28.1519 99.0762 25.3277 99.5635 cv +22.3921 94.2989 li +17.4175 96.1416 li +18.6011 102.011 li +16.1207 103.443 13.9351 105.404 12.2232 107.825 cv +6.41944 106.179 li +4.2046 111.001 li +9.19288 114.318 li +8.42237 117.192 8.30616 120.126 8.78467 122.94 cv +3.52295 125.882 li +5.36475 130.86 li +11.2349 129.672 li +12.6656 132.151 14.6226 134.34 17.0562 136.049 cv +15.4068 141.854 li +20.23 144.069 li +23.5582 139.057 li +26.3648 139.764 29.271 139.844 32.0865 139.344 cv +35.1089 144.747 li +40.0816 142.907 li +38.8687 136.883 li +41.3609 135.473 43.5679 133.563 45.2554 131.213 cv +51.0806 132.864 li +53.2984 128.045 li +48.1685 124.64 li +48.7964 121.878 48.8687 119.031 48.4048 116.281 cv +53.9722 113.169 li +52.1324 108.189 li +1 /1 get_csd +sepcs +1 sep +f +25.3804 126.851 mo +21.3306 124.99 19.5601 120.199 21.4234 116.152 cv +23.2847 112.103 28.0757 110.342 32.1226 112.198 cv +35.8609 113.921 38.1509 117.934 36.23 122.414 cv +34.9371 126.865 29.2769 128.645 25.3804 126.851 cv +cp +34.7427 106.488 mo +27.5503 103.179 19.0259 106.334 15.7144 113.527 cv +12.4058 120.72 15.5523 129.245 22.7505 132.561 cv +29.9537 135.87 38.6949 132.106 42.0054 124.904 cv +44.98 118.187 41.5435 109.62 34.7427 106.488 cv +/3 +<< +/Name (PANTONE 1805 C) +/CSA /0 +/TintMethod /Subtractive +/TintProc null +/MappedCSA null +/NComponents 4 +/Components [ 0 0.91 1 0.23 ] +>> +add_csd +1 /3 get_csd +sepcs +1 sep +f +51.919 34.2159 mo +50.1553 34.3702 48.4336 34.6612 46.7647 35.085 cv +45.0293 31.7598 li +41.462 32.9639 li +42.0958 36.6563 li +40.4815 37.3428 38.9317 38.1573 37.4639 39.085 cv +34.7881 36.46 li +31.7666 38.7081 li +33.5157 42.0323 li +32.1993 43.1778 30.9776 44.4268 29.8624 45.7686 cv +26.5 44.0938 li +24.3194 47.1651 li +27.0049 49.7813 li +26.1094 51.2696 25.3331 52.837 24.6817 54.4659 cv +20.9756 53.917 li +19.8526 57.5108 li +23.2159 59.169 li +22.8292 60.8477 22.5831 62.5772 22.4659 64.3418 cv +18.7579 64.9659 li +18.7999 68.7315 li +22.5225 69.2696 li +22.6778 71.0323 22.9639 72.7549 23.3868 74.4249 cv +20.0635 76.1573 li +21.2667 79.7266 li +24.959 79.0928 li +25.6456 80.709 26.46 82.2569 27.3887 83.7256 cv +24.7627 86.4004 li +27.0127 89.4219 li +30.336 87.6729 li +31.4795 88.9883 32.7305 90.21 34.0713 91.3243 cv +32.3975 94.6895 li +35.4698 96.8663 li +38.085 94.1827 li +39.5743 95.0782 41.1387 95.8555 42.7725 96.5069 cv +42.2208 100.211 li +45.8155 101.335 li +47.4737 97.9708 li +49.1524 98.3584 50.8799 98.6104 52.6456 98.7227 cv +53.2696 102.43 li +54.8282 102.401 li +54.8282 90.2071 li +50.5508 90.4063 47.168 89.4581 43.1543 87.2188 cv +31.6788 80.8194 27.5655 66.3292 33.9717 54.8516 cv +38.3282 47.044 45.9112 42.2872 54.8282 42.667 cv +54.8282 30.4581 li +52.4581 30.4971 li +51.919 34.2159 li +1 /3 get_csd +sepcs +1 sep +f +33.9717 54.8516 mo +27.5655 66.3292 31.6788 80.8194 43.1543 87.2188 cv +47.168 89.4581 50.5508 90.4063 54.8282 90.2071 cv +54.8282 73.5127 li +54.4903 73.5616 55.1485 73.5948 54.7969 73.5948 cv +50.8213 73.5948 47.5987 70.3731 47.5987 66.3975 cv +47.5987 62.419 50.8213 59.1944 54.7969 59.1944 cv +55.1485 59.1944 54.4903 59.2286 54.8282 59.2764 cv +54.8282 42.667 li +45.9112 42.2872 38.3282 47.044 33.9717 54.8516 cv +1 /2 get_csd +sepcs +1 sep +f +3 lw +0 lc +0 lj +4 ml +[] 0 dsh +true sadj +54.9161 147.252 mo +1.5 147.252 li +1.5 1.5 li +54.9161 1.5 li +54.9161 147.252 li +cp +0.99 0.99 0.99 1 cmyk +@ +0 0 0 1 cmyk +%ADOBeginSubsetFont: TrajanPro-Bold Initial +%ADOt1write: (1.0.21) +13 dict dup begin +/FontType 1 def +/FontName /TrajanPro-Bold def +/FontInfo 7 dict dup begin +/Notice (Copyright 2000 Adobe Systems Incorporated. All Rights Reserved.Trajan is either a registered trademark or a trademark of Adobe Systems Incorporated in the United States and/or other countries.) def +/Weight (Bold) def +/ItalicAngle 0 def +/FSType 8 def +end def +/PaintType 0 def +/FontMatrix [0.001 0 0 0.001 0 0] def +/Encoding 256 array +0 1 255 {1 index exch /.notdef put} for +dup 67 /C put +dup 73 /I put +dup 83 /S put +dup 127 /Nsmall put +dup 128 /Tsmall put +dup 129 /Esmall put +dup 130 /Rsmall put +dup 131 /Ysmall put +dup 132 /Ssmall put +dup 133 /Msmall put +dup 134 /Osmall put +dup 135 /Ismall put +dup 136 /Usmall put +def +/UniqueID 45714 def +/FontBBox {-248 -284 1528 985} def +end +systemdict begin +dup /Private +15 dict dup begin +/|- {def} def +/| {put} def +/BlueValues [-17 0 750 775 638 660] def +/OtherBlues [301 305 405 408 -261 -256 -222 -209] def +/FamilyBlues [-17 0 750 767 638 656] def +/FamilyOtherBlues [301 305 405 408 -273 -255 -214 -209 -252 -239] def +/StdHW [47] def +/StdVW [118] def +/StemSnapH [47 55] def +/StemSnapV [118 126] def +/ForceBold true def +/password 5839 def +/MinFeature {16 16} def +/OtherSubrs[{}{}{}{systemdict/internaldict known not{pop 3}{1183615869 +systemdict/internaldict get exec dup/startlock known{/startlock get exec}{dup +/strtlck known{/strtlck get exec}{pop 3}ifelse}ifelse}ifelse}executeonly]def +/Subrs 5 array +dup 0 <1C60D8A8CC31FE2BF6E07AA3E541E2> | +dup 1 <1C60D8A8C9C3D06D9E> | +dup 2 <1C60D8A8C9C202D79A> | +dup 3 <1C60D8A849> | +dup 4 <1C60D8A8CC3674F41144B13B77> | +def +put +dup /CharStrings +14 dict dup begin +/C <1C60D8A8C9B6D5A0DEDEC57B918D61DDFA401F5A49FEA3B89C6864173301 +6BDC674395116B42D2387AF24DF2F1DC60C61A5B6585CC0DA86F050A110B506B +B65171C092F0636620BAA275DBDEA04B3E655EC58BDFB8B9B535650BF4DE0E82 +1C2ADFD8C9F649E0C395722C228833505318AA21D61F3D55D035246FCF9BC983 +692D83F8C9AF492468B91F4CB872C7D1953185BF38A8E7A5B72C7F51E36572D3 +718D9C26EEF5DDFAB02F3E79248875F4CA6CC06F7C289C017B388B2CFE4B85A5 +1B0090> |- +/I <1C60D8A8C9B77771C05B04C6A1CDBDED73825D1016AD1A9F739BE3AE28A3 +2F89A16FA0ADB365C478020BF11BB9ADC332932373DC2832A2FD54E961E2B084 +4B0EB81447C317CA2A36F9297140F653C6CF38B651D9BF313FA9254650245A3A +6E604D8E9EFFEAAF12423E3B4CFD19A9AFAFF5FC58BD3FF4189B6F8AF938C510 +BD91FB49103F7E5C2AE8440096A8B2CFB59E1B448BD934D6C96663C7ECAD3789 +1B4FEEBF9172B6A7CCC0965D9AA12297E39BBF30EB7B8F6243DD70D9185FBD81 +8CFC74B60F41E69C4533165A53D5C2FC5A9B44BA5F12F31CB79A71FA4F70F551 +E84E63E5837361F7B7736F91> |- +/S <1C60D8A8C9B7F51B95A0DFD92CF0B9552EA2D8DB80CD668D35E3A70F4576 +D4238E8EEA2F046EF8BC16C7785D1607E04A62100A5AFF084F37B544AFC2004C +0BC4AE1356D2B0EC8700AB99117F620401AEDDDFA69D53F0F4E5314303A9C779 +D85053ADE7DEA169C445735EBAC333F65F31A077498B479248885315A58C9DAE +7AD6ABA3F9562E1A36EA3EA3274E191D557F04A6CB9FA3B240660C95B31FD1EC +ACE3874E2F240022DE09CA2256274ED580EE94FBAA5793BD5F9D37682BE7C541 +ACC5EE4D95FB35149493D2CCA9BEA729ABD0DCEC9C95E902EA9DD124CA919CBA +F3364C7699DDBE268B46D54393CC359D98EA67700B83CEF348489F1F90A16D> |- +/Nsmall <1C60D8A8C9B6BC88BD85FE8659C453EEEB8E1BD03325A00213B3F3D +4D450DC128DD37CC24C857B6D60D557A08CD43D812DF35B5BD6760576A63576C +506A238602F1E6EA5D2CF18DAD28B193AFC0FA899C7F243B47EAB7B8460C0CB0 +4242476B1602C4D8E3342E27EB421C00D297126C6E43889F0137C7A1C441FC72 +2BE08EFEBABED7A59A7395971A284A820995BDAAE7D9478AB8745D9C9402C363 +B7514AFE9E3D0AF6A39663E1D555B5F7BDA2CE94F32DDC1E19216692DC849907 +7A3E6206E838004DD8DB4A986C8F31EDCAB6E6B82F722A0EF26221ADD2189144 +83D5E5F90B6CEB939F64EF523B4531C4C0B4ED4F521923EBA94C1FE7AE3B2648 +AB7B1D48BCD570F1DED35E03DBB412CF55B5989A09E378971DDF42BBC4FD1669 +7B92AE130992922E13408AB712F27D256F7305A6C6B07A0AD7C13FE23EFB63CE +65111A1A787D3875B8B8D9507C694904CE3BA8114CCE10FF99A55> |- +/Tsmall <1C60D8A8C9B66C0E1D18F4614EAB544F0CEC538C8C01A016933AA12 +429EBE5390D596C5F67CFF90C2108DEC0E3557EFE47A84AD0A504C83D7E8F287 +5DCBB9233950E37680119C5422B9BA74EB5E3A2AE4E2F090670CEE3CC015972E +6CE8DF50DCD73A5ECEE824E6627364F3B83B1B73833AA7E396445D318F119C4C +5EA2429D5B49B0EDBDDF4808A5790BF8CDC63B184CD3A9CE7C22C4D23ACC081C +FF7BCA42342880880724EDF5A0F6F9059ADD736C441B65FC95D81D78B14BCAE7 +32E0959A4FEDBBA605D7DB559BC1CFFED39160EF11111F189C967E86115A679A +21BB269B7452490D7C600719A2B02BE0A92DC8D7E101DFFE6011D579AD666FD2 +6352E7C3F88546D427880A3ED55A53668B9B911F227F478005846196CB2A821D +9436A361DD997E24624546B193AD16A013BF60C83D456FEFAB524A4C3C4DAF51 +640204EE51B9A6B98D186E77DE45F4BD3696405A93E6DE14A3A251AC1EF6440B +3F074B20C4913F3447DE56969C6BBDB2354148031166D8E9781263F94442062C +991765ADD918972AAE466DE6B9C6E0991428CD75BCCEE> |- +/Esmall <1C60D8A8C9B7FBE1B006E95A68A3EFE857D335EDE0BE9AEA4BE7F95 +2FA0109C6CB803A7F2B985E7BDE818880C9FD186C7136A63CCA57CEDB6AF2828 +DE38E8685BB8771E2988A810F73E0345E8908310C31FD0F7C222F54500389519 +240356E338A96366351A20F484B5651422D1A0FDAE927D548045766A19F6150D +CC390EA0D98D6C0EC5E1C97E0B4512533CA015299550D65A6EA9A741DBD81A7F +575EC26534A2210CD8BC3335B163A776277B6F29843653C092C384FA226EA0E5 +F40EBE1799B10828B444468B3DA053A6ABB46879088C5CDBC46D899C794B325A +A3C97D044BB760BC39839995FB64819C682832A40321F78B99C09513B805CEC3 +996F9F6C14C0DA278CFDCC8EE83409A0C9BCAE8289E42BA209582E05976E48A0 +66222F364CA72855AA1A8DD971B9E012D88EC883F11B6B8DD1F7A3A1A193533F +B42207516FD3B0F5443A7865F511A1795EBD587D37DBDF03F04386AD8496835A +76A8A2EA2B1821C0A26A3284A32DDD223178AF712B0015CA9C866D881702FB56 +88AFCD83EBB5B8B70C983ADB28C933F563180B2F5D693852DE904FE07D55275B +BF14C6F4184BD1B4A9AECA29C644CB5A0BE9622ABA21F24CFE079641418F3570 +3415A4A73F296C050FA68AD25A13C7E948BFB4A1F5816B4ED0207AE7F70F6A21 +CEF402873ACC39E699949E03BE7A042549D2AB51127EAC04572696553A61D3AD +7A50684611A83B8CC45B07DFB59CE66FF4633DDD79F> |- +/Rsmall <1C60D8A8C9B6232B67C2503515E3E19A361BD6B49811E165A598B41 +3BB79166E3FDF489EB666983D5C7D39CD639562A5B5DFFD54539B03730F39196 +01122BFF4EFD30EC733326ACD5E99E075E6AD0B22300446FDA3039558CE7D82F +A6C33C70F1D07536B16D4B1DC2398D650AD9DE1FE1EEF9FC8801CF7C62691F3D +44ABC62967E1B752BCC2F000EEC07286667F57839EF2E6B9C04C2DA9F22FCE01 +4B7A5598EA7A603107AC2DBC5AB39CAF9666BA8BD1E17DD88F1B0183C4C1C3F1 +1214AD45BA4F39EED6AE5D1943AADDA9D1EC079FB2B1E8FDACACF0141DE87287 +5FA936F561AD9761380B6FCDEE2C83C4F292D6BC0EFBBEBA1571BC78DB7E53A3 +C2355971E9941081B36BC438EEEB16D9D4B14BD1644AC5E58981D2AC452FD6A5 +580957C704505040E5A864423A1DEC798AD589C92753FF4E99FE4D12AC55E99D +5F0AB1E5E4B10AE2F480F509E7AF89EE8CEFA0BA716FB8CEAE96307008D32070 +D365B7F6583B829884DD2FE6EB7D95965527303A93BC3BED5A9AD904DA3DA> |- +/Ysmall <1C60D8A8C9B7CDD8BD7DBD65E184B9680768C945EF501FFBAF34DB2 +EB89B7C35DCB2E8CDE46F9D37FB471E35DF335DEED86CBC9BD25ACBBBE505717 +85D55C56B45ACC3A263ED736CAA051A570F787892A1CB6821A2FFAD018F8067C +A681AE9EC8078E3C7AFE94C42C7FD5A558E11749ACDE333C8BDC9884D4FA3DAC +AE8A34DD32D0843E9B8D09766739B4ABA55282A00532DD1F8B6DE1183006D340 +67C1700BABA7CDD73E0CDB5BE2DDAE32FBEED1C6D7EEEA3B5CEB4C4205571F0D +CF1A506D8FC5DC8499A45715F34A9B98FE00C59CEE5F28BBF36D76480FA97A6C +7DA2BD1F5844A8385287554D6A25D036C1B44B3D155C43934FF8AA5F5EFA8691 +C8A756E6E6312D494BA1468BA6D0686CD0C8B3FDB8C0351FA65E6040F976F25D +799285A835570C29A2FB34B27E1A794353E610FC2C4A30406992C247A28AA7F6 +E944BDFAB0BBA11598F8F567A868E003F8F3944F74A873C0B590A5CBD543024C +D6E3B83887E8B4201> |- +/Ssmall <1C60D8A8C9B79FB048C852057885B7FB39D71FC3016435158EC7538 +3A43C835122312509B1BFED76A61F209ED65A42B34BB62984E18488BC60B5218 +01752FF5C2563FA0352A4574582BF27E08DA350B6E25230194888F1FA389A5D9 +3FBF39576DDF170A31E4F9A79349B244BDF70FC82577F5D740926CBB4F2ACA8D +2425F341518CF5F38A11D5613BD07DDED6A6C9CC2A89D2BA18004761AD9B9FC3 +4EDA3D0BA2574B07F9B17535C3DFBDB872ECFEEFC15F4D3F7BCA04E0B730A15B +DD0D5BCB061E10476825BE14CC3CD57D1B8CD428D2118BB782F85F1A67B39448 +980A962927A8E8DBBBF65E6278D0AFECB529564B170722C87DEFBDB> |- +/Msmall <1C60D8A8C9B5BDB4869BB7396C2BCC7E2D035A8DDF69463A769AD1A +A49DB431BF0660A482C35C477875AA9502C9E16D281765C1FE89158C85EF4F3E +57125A0E615EF95AE1B7077390D7D5D6DDBA63FCBAB687625D16C58A812887A3 +BF8B333347AF25B78756DD80DFD049480BBC5CC2E60C8AAAAAEC52485278ACB4 +CB64431DB98372ED33A1281E6970D65A9DEE7B405CB6932D27F2DFA40B98C2E6 +9A163099093F74C6495CCB4C78B91CF36A00F110217924E037A2F56731347A29 +95E8AFF22D6698D628918F5A55716FEBDE556231C95D2821D1B0DE3CCFA65E60 +C9DDB56BAFC7C7328AEA86A4824D8004029A0A0834D297E9E2EE5DAE0DFFB8A2 +CC6F17A3EDC65> |- +/Osmall <1C60D8A8C9B6AE36D8AFC06EF7691CEA7388408CB5711A90AA9C8BB +7DF107C83E9F4C9D93C2707EED4FFD917928C910BF7966EA41381731C2EDBAD2 +707004603AE29A600E85B2D80CC1F8253013508BECCA2FDAB8779E3B7D43916A +0E2CE1B80BB3DF3> |- +/Ismall <1C60D8A8C9B704CCC403F91AADD9CB2F76DB90BC6EC90EF3D45C6A9 +10C33779B027A5893F399469312EDD288FF0EA2B3848F5A530D7C0162C275993 +6728784ECB91933A5B31FC0120544923268E389858466EE39EB2181D57CD3BF7 +07FB3669BB94B89A418CD729CFF5FBF8DC7045D58C25F7CB07F19116123D927E +59434BBF93B4FE5DBF40C126B117E6B60590BBF45DA98B6DE8B19144213326F9 +87495E510476E3585AE1A21D73828E47A902A177877DAAAB4C0EE1255BEF7F14 +75F7B919B37EA781F4D15EE851B6A63CFE7192BA2E00BB3BF61621837B8C6E3E +7AB8CE9EC58E9FFE71C29175C76E5> |- +/Usmall <1C60D8A8C9B6ED055F5BB1EE84E1A93ADDC8E7C125E88D8FF53587C +17D959293900B8FD46371B21619962E4E05301A5E3EA5963AEEE83B21393A2AB +3695359695D60CA9917C3B4C055638C566E55787F9201E25FB6F1ED940BE5C4D +321EC5E70BC368233DBA0CBD12DA827A229D0CC8A349901F7F6297A8D2B5EE1C +32919F009B7DEC73D0710E8891AA9A0D36238E9E944FAFD91D10D63C6B88D5BD +C3A7985808BE85B22B832353DB0C8315F69AE576B8073207A5E9FE25F5A1E4F5 +9C748E9F7D4D5B9763098CB580B40B6CD00897D0384713B624EAD8EE1E24E326 +A2BE8083CCA899DE1FAB4FB90AF9AEB63CFCC24D405FB6596CE1D598C7EFABAD +D016781F1785ACBA6641462356572572D87FF66C89B7A4AFB38B24B24E1E7B07 +44FD561E659DB89FDAA3D90E0980DCB66> |- +/.notdef <1C60D8A8C9B7A73DC56ED86593A26411A239A9F576A4BB06AD4079 +CBD73625AFEDCD129CE8B573E3C4C05A38ADB9D43C2E751D7FE69FF5F6F4BCAD +D50244964753D5C819FE275F32A27920BE3EA3D1AFD957ADA922B28CD2CD8E15 +58DDDC89C143A1> |- +end put +end +dup /FontName get exch definefont pop +end +%ADOEndSubsetFont +/FDJFDP+TrajanPro-Bold /TrajanPro-Bold findfont def +/FDJFDP+TrajanPro-Bold*1 +[ +67{/.notdef}repeat /C 5{/.notdef}repeat /I 9{/.notdef}repeat /S 43{/.notdef}repeat /Nsmall +/Tsmall /Esmall /Rsmall /Ysmall /Ssmall /Msmall /Osmall /Ismall +/Usmall 119{/.notdef}repeat +] FDJFDP+TrajanPro-Bold nfnt +FDJFDP+TrajanPro-Bold*1 [32 0 -0 -32 0 0 ]mfnt sfnt +63.709 49.9312 mov +(I) sh +FDJFDP+TrajanPro-Bold*1 [26 0 -0 -26 0 0 ]mfnt sfnt +78.333 49.9312 mov +0.080658 0 128 0.288605 0 (\177\200\201) awsh +131.874 49.9312 mov +-1.83563 0 127 1.73947 0 (\202\177\201) awsh +188.218 49.9312 mov +(\200) sh +FDJFDP+TrajanPro-Bold*1 [32 0 -0 -32 0 0 ]mfnt sfnt +63.709 85.9316 mov +(S) sh +FDJFDP+TrajanPro-Bold*1 [26 0 -0 -26 0 0 ]mfnt sfnt +81.7983 85.9316 mov +0.213654 0 132 -0.177307 0 (\203\204\200) awsh +127.864 85.9316 mov +-0.0141907 0 133 0.276245 0 (\201\205\204) awsh +FDJFDP+TrajanPro-Bold*1 [32 0 -0 -32 0 0 ]mfnt sfnt +63.709 121.932 mov +(C) sh +FDJFDP+TrajanPro-Bold*1 [26 0 -0 -26 0 0 ]mfnt sfnt +88.9883 121.932 mov +(\206) sh +109.841 121.932 mov +(\177) sh +130.882 121.932 mov +(\204) sh +144.271 121.932 mov +(\206) sh +165.124 121.932 mov +(\202) sh +182.77 121.932 mov +(\200) sh +199.487 121.932 mov +(\207) sh +210.59 121.932 mov +(\210) sh +230.869 121.932 mov +(\205) sh +%ADOBeginClientInjection: EndPageContent "AI11EPS" +userdict /annotatepage 2 copy known {get exec}{pop pop} ifelse + +%ADOEndClientInjection: EndPageContent "AI11EPS" +% page clip +grestore +grestore % PSGState +/FDJFDP+TrajanPro-Bold*1 ufnt +Adobe_AGM_Core/AGMCORE_save get restore +%%PageTrailer +[/EMC AI11_PDFMark5 +[/NamespacePop AI11_PDFMark5 +Adobe_AGM_Image/page_trailer get exec +Adobe_CoolType_Core/page_trailer get exec +Adobe_AGM_Core/page_trailer get exec +currentdict Adobe_AGM_Utils eq {end} if +%%Trailer +Adobe_AGM_Image/doc_trailer get exec +Adobe_CoolType_Core/doc_trailer get exec +Adobe_AGM_Core/doc_trailer get exec +%%EOF +%AI9_PrintingDataEnd + +userdict /AI9_read_buffer 256 string put +userdict begin +/ai9_skip_data +{ + mark + { + currentfile AI9_read_buffer { readline } stopped + { + } + { + not + { + exit + } if + (%AI9_PrivateDataEnd) eq + { + exit + } if + } ifelse + } loop + cleartomark +} def +end +userdict /ai9_skip_data get exec +%AI9_PrivateDataBegin +%!PS-Adobe-3.0 EPSF-3.0 +%%Creator: Adobe Illustrator(R) 11.0 +%%AI8_CreatorVersion: 11.0.0 +%%For: (Douglas E. Appelt) (Mad Doug Software) +%%Title: (Alternate-ISC-logo-v2.eps) +%%CreationDate: 10/22/04 2:51 PM +%AI9_DataStream +%Gb"-6CMtIYE[^blnitWj!HrIdV0lorEFGN3p=d2AK:U\*q_!hY[_$iT*gP5UX1]SSqSRQ?_'$)V>TY%qP`SMZ@PZ&5]GQS5IeD7R +%m`Y!Qle<L>GQ7K.<ATW8Y&.3ff<4tLWP85on#ub1r+t\(\B,1VnRC\d?aFN#k'iiu,P=Jej)_iEpKp\9gP9_8n(o-NJ)9&<gtdJZ +%c"d.Iea;XG=$QIuY#bRC]XbTMbA)*>p&6?3aPlR\_,pU'rp&CDDZ00VZam^DTYCI"bGS,pf>eC0p"$ku^->l[*"R8fVlPU'FAYD. +%pH<]YO.ZB_I5g)6.fSi&qjT5\No0V,*'aApjM1[&?VKA;s5+k>*rNhPC\4:.?Tp^0SRbF/qI]^'n%Sf"Iau[8YhK*1=8[PW@95Bj +%feh2g<p8L3A_Z,@b<N!cr+8s4l3l4F)ZS3.jk%=mrI?bp\bL4Cb1F/eHN2#M)10h-\l(\1c#S;^"2j?\A#s>C0m5p>Dk5X:Z"Oie +%_>('6rT`ihmf%TV6aJF?pEP/0^\r2;05#YbIeS'\a5_%#</7$:3`Y.podN#Y[0)AgpUKKQL2Ok'].nKiG?6^6&XYr6NSe+CnDck= +%d?+"\lhda;+2Wq^BXjUsa1jXk?iT6ap8=BiCnj_^n;[HORXgF0o\5ig-[E'j?N,`?LX9Z("VI(0Lot+`kmtfVY!5/+?ThZOh>Z`D +%M#tCQSj(t84WKTq]6a,<n([nmj8WB5P83V<H.@$R:$^2BE;aO?4\HWk:*fbtIp=)qnf&+kpXckbGFs@1$N0&_4jiKiro)Vts74)f +%2XP7"/X?=obK]SVO13_+fi[>!Z/=Ac38STd5'sfM!j\oF_"j]3hd,(<E.%/VlgEmCN:f-1\`U)Es5in@lK@1jd58MolVGRUn*^/k +%p9n\jC8eaE[rSTh\+/\1&lSEE_>Bg28!D:rMsrhk/^7$3khgXInb)kR&(e;*iD*,)s5!YHLWE;hFu@_jloh"cpiZ.#*V<iiGW=Q# +%LSsUUqshkocaR!-*[$G42:&XBs2p=ngY:Q7_j)mW8(XpCrqN+dc-Hp9ct`U0FmsSpiNI=lGIs-gY(P''K5\@3^?muXp2GP[l)AZU +%>2om4is<'4&Sd<ci?2tu#BcPh3mRc@e':62kF`Ug#CiGuFpk^d>Bk2#Kl=D(W,jr6[thj\_UF8BI"+-&1Xoq"0D1+W8Dh:JnpT+i +%?bp*J"_3/!:^b8g,Gjj:7.;#X^kgo%N*@Djcbc(-0AOC"i%MH*E2&Y,7.;#4%A-H(@tJn;2!Os8$cW@"U!DTsAMQKsF+Q,4Oe;i, +%kt)dRoq)"TIA=8=cXi-4#5pe=(a&[0Q=pJ:eFXd+(jnY%(n]#+6%tnan\JSBK@/*E_dD[hPe^Y)"lk6M1lI#5"BTn6]MWVJH7nt; +%F%6*QW'`.gS%s_I:;)FS;nqP0e?[:7eW:lO"/?ORK[IWb1huk&`Wq!e(?%32O'k<#_I'5DUT;*AbSJnUaO(q4]*3rn<s79NkCb:; +%$UPXbVZ_5/*C67Q95oNTbDaNpW:*PUhG13%oCP3E:sXtR$(GYS#r^;M!IkB),IPuVeQ5)>Og5*b&bcUD"n*]8_:'!OK[Sm3$^B[6 +%5`Z&2n8s><oMt`<n"k3lael'-#<mtp2Z2%4oM,7ZT>%6#pdm^#=2R9LnWSF!M=0COrQI(Rca192k+D=8^58KSZe<]Rr1otMX5/e. +%i[=]kpN.KAl),"U`6Vl[i%N>*h9-geqXLul[N?!kAp]o#p95J:So\,F?=@Y?r9HTE9mTU-eQ5>%g-7NM(++>09[hd@j04R<oEk-3 +%-+gb_TBi9Xe(0#T?,LT-W5j3fcZ0Q2*hUt'rVB#`%hO6g5O3SXf2KA`7qdIri+`$@rEW41%lg\<s*"Dnr_E.MQ-(+04mgrjg*?AU +%A:9!kHj`mNoJ>P-UK1TF%c8k1lR(l6i1KQ.D>/ZiP77uF=:=.,l*oJ5h?SSg[%2rnj-9S%rs]G0#5Y%NI9>jRd)*Dm_=p:p6Ha4( +%%s]7ECC]5b_C2&frY,1V!dlA`)%DM2%tN!shJ!Ad=ANrJE#?0-pjfm:H\(YXcc>jYILn%7LGPCXK7=doF?NF3Tq-Amq6356p8p]/ +%6aLY9>CE'2qW-gq0ue!MF2[/GR<gh4r$VJ.CnuOdT@cBS6UD;RUk@LYQY$S.Rs)N"S[@N^<@]lf+m.A)=s,dKjrC8s[,ZTqlJ$Q> +%ID^&7gH`q9k)StGE/[64elI6>-HA)u?IH9bK3#J6Y3dN$<6>cP#CnF3fQ7'/b18A51>EE4/c=%\dK7XPDtQBgl"Sm!\%$3Y`+g>^ +%phb4CTn#q_5Gi]fcCeRTY4"5qE(gL_B,hStRio_GnkVgFj:;#QGL.SM!pD(QA:T_K#IUb-.^[@YnKl!DO]%%E@$]M0nJRC?TJaO/ +%[/OG4$eMo?o)eM8UH$VVn0^Oaf&iE!L-:Ue^bO'_&jB#SoZSTJ1gB+)*ZLLtcG87`T*)j!Fq4E8\oG`8B]7Fc")p\s#s\DC1H6&Z +%^V)m<pRSgHbQ.8oc3V[ZH>8VOV"`D@n-.9Ri:D?2".%s#oN+DNk$.ZdGU'mT6QL,4qBY+@H[MF!OkpI7,gZ#I6AsAq1^9,N+OLJ_ +%0Uc_EnIin#3eBHQ$c%8\>ec#;QRRJ25F&?&^'+35b_\N[GM$P^0gZ\=Xp$HD=ZE^Y$$\,Fqge4XF^7(gSot56ST)P"8AU6<-)7,Q +%UpuHR/l2P/J=dI!&;Q><JFf>Z5h'uT%#cI\]flh6U9K+%qklsH<82S$i^Hu'LXNQmOTH#g)t?H/7.Z$'dRL#8OCRF`K,oY:V.i/9 +%6)H_q\\OhK#AX<J#(!"L_A\h\_$Iht_&o$lkoK:[J2Uh*e2orH-12:iWjJPUNmA$PJl_8dC_*=U_XlN7E$>7.#W%%<d;S#\OOU"J +%n_GIe2X*0mItVA3*C%6<>uFnAA(PN@jK0cnHeo(4+86'6O_)EI+eS)ToS`:0W?-MjmcVDF>)bc3-+I\o]2!?0a6sf"DnFd0hfJ5) +%\rN<<b%g\d\Ec?:]9OH#*/jqY<sf')oNIAbi(,VmE"-s&\HEd`e#ur;-HCc+O/L?AWoJX=+t8Qi\JqCc>5l"eD!!=b>g:hX64>lD +%i`;cm+I."DJKlOj`I80gcMO&DUHLk:Uti3!YmPSWJ0`AeoMEF;oMh?aKV!aA7%S/TP\ARfcOZbDd4]kh[C4_BbZ!$4@E+trFtD[Y +%JjO)n0TcLpVOTL6d`BmG(5\YKJ(H7+f#5moL'QgDl\XCe\.c9Y7emMN[R1WS&E\YX*rEF$ILt,.D8b;<mf7\QK1OZDH/LojECJ]8 +%@4+0%E`(?d>n1#3d.J)-X@/Vp+ZtJ<>D"11Z@q@ATG6L%WhJZTRLR+L/Zi,iT\cg0.(BXI7/.<q!,4$e\Nu<EF3n4q#"0J0CHYl# +%K7k$l`A-m6T]B0X!U.Vs>T$`VXDO5J0!,;0gilp_l^?ft$cOeN8]rFHV4KH5c.$C>L'c39Qq9D?s5N.7<b:f"96Sm4Uh-BT!bQ*_ +%)6Jd=AAVcj9?(SD2%"It0+Ba8Au!%A+M(pAg57on`;5,MCJ;&i^[d%`7u7'i:'%*sl]RYmg:/W;<,Z?Wa4ZcS6-aCIfKs?R(W82- +%+c1W,jA4:hKL<^sUF*@>UUD!7#`V>hS`R7pP.&nB&VgH0O'61pfquQW9(N(dBXOB*5Nth7HqL%'4duc(9>$L^\o$7a=ck_HMh$i# +%U_*o&d28')d7gtLiXT!2b3)f(:Ab9oS^Y\CrcHUQjV/<9iG$odb.+72JK5HUV@"4Oeu45M\0cX&'5ItAGNeXIXkBQX2E9VG?LM53 +%CKeCbhf\7%kSMSsi+KF>#h5[;'N2HH[]=0C-EtO,g$UPR"maTmgp,MlBbrA4f^kY9;[:sA&NeecGlt/b"Q*&E7Z7Idl#mijK9L`g +%M[&hpCi6ju>86t'XOXQ4>L@2Mge2HoM:Qa0HfjEu*>RsKA^(RRNqTd2E`(FL#Rgqs3'Y"qfU3"_iutR%qi/B(m>?\$dOp0Rg=9ue +%1l7Q7BphR9il8ne78KT,**L+Plk=.OQ)n-gb-a"AQ8"Y^VGkjii-D6&3l"rNc+5U@F732Dc=;s!*\q3aT!J>rQ3O1h"^NO:8gGY) +%:snJ:C;h5G3n>@M^BLRTdVSQ[2EAj;efM-EmQ_a%<prkZBE`?BBc4#:UK55eIM<e:@%LN_%eQl2)tkRSYfJ#ocE1`mMC;)&77XWL +%0[n02,iX+c8r[(E<iDK>g;"`1_J$=kpM+*KnI7)=&]%"8ViA:^+gp6j'fs3%H4VrOXW9fech-gF2?f+09bSrjX;81`e2)5b>9sNr +%Sj\lFfNjA\DD.;``k4=5K&ZX*Cun;HO#WaeO(*0e(gW`VPUjmI$^thg\cYj0T;!oOpSlAl)4nO=LN:;O4['aCP"O-AV>@Q0$`*dc +%n^,a"[3bTF[$M"kk\9_r;ao:Flh`A6P(k/\BA*_pqk9aLN4<(!,Lu*`ZE6PV&hZ[p7s%0J?-E.\)e)pS-epH/\=ti)io;3GAS*e9 +%?n%PAXKAnm/>LfI\tR#eh?/1hlk`mP+ma!'#U?N!`H`4nF,Y9EdX&m`,@t$_OOOi42m2)37!>F5C/LT52P*U_:0/>&4@k+Cc:K]M +%&/;@6ABkLn]ja:]&ab)FMtV-]ng8FliDD\;5slM]i2Apple@,k#IY>CV4reK?3L8]Db,J]lU[.'TemP=,K72KG!OdQ-<VSiXf#ri +%j*#F%*-UGqPHdQ.#0K%L2Iflj7k6Fp-G&;FpS$Kg4mWGMbTV>o/QsJFs.$Jb'Q0XfDq'AX5Ds'oGR3d,LaU%1F78@74ZEh)W3pqF +%F]%_<J8+<)]IGmC*sg7d`SY*[qTPc-RR?_+YW`UB98(bB4[FMUmealX5O'gdT>t66M/\_\F#Yef+'r0JfDs>b>N>8L>oW4@]\cZV +%U,PR.JR9'*ej4tgqL7/9ITO0H+;@XbU/:n2c#&GbY!;)/;VoThfae;,?)JuAT>%eH4_ps&m;G4>HRJd$]fUe7m:UG:r9""Hk3`KN +%0)UdfI!^89nu;Iae[`kQs)RjQr-Wqi_p*2_`lfIlYQ!Pf/u4j"&(ejKs39`MotCD%Er5k2iVM^!l>hCIrl`4Lo(N[H2]n'H?V@fl +%nrMad/#mWDX^,8H^V53tjn/**pn*mSYmrpHKoNj6`fKn*Fa9cQO6Y,&Gk@Gn^SX'DWm5acF,S:EQZlF'Np>K#\p'k9*HgHO<W,6a +%^Vm/&jd/g<_po8^*:GOFp^S@+Qg[)M00_Z@mr)SJT9&HWZhX+;?Z'bA&!rokmK!B]I_>;KS??`or;"?"koTf*I;9oWhqrkYq&]IT +%0-BVc4rd@"pHMq]+2[=rDXSW1*'[c4pQo6:^:F+<@hjkbh0f$G]"\+U/'6u#a4ned(L(-Up#P`4rkldODsI2m#lgO"5/7,<"#j-: +%b*V_Ss8C.21CWilh-Y%QO8o%Tk3@X"HL/4lIs'cn#Z#l]\au#SGN4H3I]AI,]8)m9a+nn0O>u+P>^q?fJ,XQ_rckuNa]L@)n]1Y" +%%WLM&KC@7MnUr!?a<&:PW8(4=GSeQ&nAFpK>Q]Q\TEU__9DIu9r>!T@rlb6\p(Sr%oGd8'\a&bG[3%)tLO\pW-i]dM%tGc^f9+AX +%I.d:P3f#`/lGJ[,?TrfNW@ld07JH*I2.=KgFDamIq(7m3<hnu!6`&[<V6?lHf;^tOpX`C)O&Y/#\sYe2=!(hI5(C;\<):t2S?C`+ +%"2<Y7WS5mL,R>T.U?Ln5a"Ond>hslih->ARn8ro!Hi3.!rKVl8qJMANo#!\>s4uikVrM\r^\;)5bQ+rJrU'JD#Vu8$lMEE6a%#k% +%l-`P@2"esZs1A<')Ya/+RU3*\h#7'Dh9V^ReXr;8@Cfc&;g7KbF8Ybc=#U]IFEr<3dF6.Rc\guf-<S)?c/TP_1>GjRg]6kiid\JP +%](p=Dn`-Gfg^3!k/jJ1LIJEBiZ\E8QiWCkphu)gn^HNZf\6;ml)_O9$!('jHDS!LWj<+.mmY.,`GK62.X&[pHN4khJrp+h+_f=6# +%2,q<[q#(*"5G.q&GOtbZI<#l%%=KA/Idc7nNLqI%4/dW.$,2hBs5rI%s6B(@n%O2GmHqs+l;n7ZeMe%PE.@cXXoIS)e`QkSk9!d_ +%h;-obHBhOhYG`32o):r,55PgsGId\)d#6W7??q9W>kn/DWVOF*iB9i[SpfSVk3Dp_gVDS5H1o?uh]jOB]hH0JN>J0GrrtlJld)K] +%YUYM05DBc!U2E*fr>_9"gXrcTfDd"Jk8W.r5Mk4geC7slrq8R:2g:l.(dj/COfNuC])T.e/G.5Ol3@ibDnfOA*90HESN]?dip,8? +%Y<G6l<g+rM1C$VrJ+GU3#cF(kRp5RahZ<7n%euODYBIt4Su]'ohM]2L]"@o`AICUpqM.6"WrBc5?h^%=g[FueIi.IEnI*'Kk_ER` +%LM?6-Y?1EV_fjZAqr'6[@l(Q'2tl8cNh]tNN,Dm]RrLOX`r1/OCS@Wr9>YT3EVF+7k/g?`BesV(S_%*WF$2I2.FQK>4NuhJc1C;7 +%@_M<tPhj!E&$C'bGgO"XNG`dpbIF_1`bhckoj(jIl[D!ua#33S4)d_tDqDVoIXTkuRqC,e\kTpW2WJE'bT"#oD`4*PB"-H3%bl<a +%Ctig9mC0uVgeP)Po.(Q[V/:E\^T?2?]4T[_\m<&iG2mJobr`C=ml%d0Gd6]Iqg./dgO6R"pVVIP3r$@3qt5EEhsP^crVgc7&'^fM +%%c*iQ?#=t%_3a%dD;G#gY<?Q=!A`2Hm71<_rO&VQ^\j812sqcCl:ob(X)!$2%:1<=c/`%(gpgs%2=&6mZIq.MVp2r,pXN*PD;3?C +%4YHcVbC+8:RrdD3OL0JhmB58tcR\X`CS5_"Fa_g5h#O!OIJ*R$hY.jn#QD/N%0sW@I-p^_ijI`\c'RI+jpQU(/,s8C97D3"3kee3 +%)STstq?()O^34Tu*`(bKn?muY0a"[L?ZU7a5O7Ca,hJ?bMZ;?Uf06_TqHDLmeKgKRM$j7Oe]EMNBB0d!,Qnhrogn@f<3VVV<%sSV +%<NqbXeRNEL.#UV8d$>5E:fiaFd$G?3;:m*.i39sY[JL>4LGZfa`a;q`'C'&YEPa)nh&^48_7>3og>_b7IdX+_oMaW@?/Kt0Y.I'1 +%pO1qB)\2r#c/$l8aDUH$ZE660ep`arpB\D(W4N8;/e$_V4F22md36I"i/rNP!OhNkFe1K<O1'\=Qd4%]`6fQ>E$X:dl<78\cmSt3 +%GK_;HJ%Dd?aqonV6mA2J&8?bbg*)Rg8>Hn3WN1!TJOm7@UjFB8)Mtgi,$cPE*KoY1,uYpa:So1&UPG(HS/jS5Y<DM9*eo1Kq[OsS +%#*.YHL[+@bGc6ZEp7B\.=]dJDhZ=5f-6/E)'=T?<:E6!O^-epW+Kb*orX['d)Ou#)>0@HrRACLkFpt4%g"=(kbV<4C%$H@]JY8qQ +%&o34'0rftq'FoQ.@BXstHQI'_6QLE=:<Tp-/HhK-A(<(4g#,>Qg5JQ+gtY-Hikt81cTH9eAgS#(EnD?g\A:Y.=_JYT"#aLfY/.0X +%pN625*ng%=Qa"<IoHJo$DAIMaT:\aG-fV618m@Cd'?])J=XFB+U%ANa]0dJ&V(g'N)J(Woj0mYaSg(KfJMEm<SnM*EERuV92^k[l +%=G+,<b;5WDCOg8TDlFk=1n%5i@pgc[R8,8pVad1G8rWm0V,bC[PZg5Q<_TZLY['T!;kR2Y?D1Ifi<>[P(nVJI-+l^I-.E^A,m7;6 +%)qeF)g>,ndS+,/[ESKau]3X@'ou5kdU,nR`WLd*QYBFONh!3Sco36nT(06C<=O"+>j^atM9_2LjJMh3`MC1M?B[NVdcLn:)H1s+% +%l)BH[s+QL8+.X!,U,_jmcGoGikP<rpFeHRGIck.sGjIJ9T!7f+@cR9<o=ST(S7M,:V=X<-GhbB*#.4!gB]E6Zo8IGTChot3"a,8, +%)ipEmcgGtJokcf!F.OsYSja-\auVc7NCVcVkH$bkB/cF,3R<7(c]8=WSNBXCNCRcC6)u+B_tW'aED.2jf_`LmIZUthQM,dS><hnj +%#K#hY0m]Mb*]Pb8eYl.0:j659`Mn/&bpa9Goer7;,ipMPA\<9)ro?XtK^9ro;QsOmR!OA^&OX8&eY1F#eQ:Y#YI+,l>A57m`7S!( +%$i"<R/fG9#fYh5.I(k4a'a%F'0W3,[FU$BOjXSUYk>C3Hqt@m&i><UgInS*rk*5Wej<<d.7Qn=Z6/F*Qc#hpdHqN70^Vd>%aZ"3i +%VVKeZm"/5'N!!X<_=+NkI(9#up$GO>s16W;^9p`&"L8U298N5/bVbm5/=UV;iNGlQfl*$hCTa5=m*@u#MEVMmE])uoc./5_O&s<d +%+FT73R`mXY.p40!\;nE6q>\VUF."[_05&L?rO.$PJh+8J<%pVG4J5=">)Q,J>*FrRfMp7/_qZ[HPG^sqk6T;sjV(RaQg3ZG;kB?@ +%jV(RaQg3ZG;`:IPes8dOckpjhdJr@%"hL?7ME\NV>+oVa]:^8*<<_Bc_\M`WKW>J^cW@><TdD5B,VC!+WLSTU.I-"U.%-fCDM,O2 +%$VDcsT$2bu0Wfp:g&t-W%Jm$eUj^T`76;NBN]Mko$*HrOe5o(O'tn`'[+B0A@7?75M`)M2g,eH*ri0)6'c!'o<V>kBX+/8l4fqnt +%]#Uu=nLE[9cX544'ae#`m]+Q^]m)..<*@&pVCJ%(CWNb>A$3A8+DC^iYm)Ws%TK>aI\YGnd[0`.4cb\NY&6<tJ*P%5;F<TqY0qA* +%R,9"cZ?g`-qWQIrn?6aX-nh1$mSI+J0SaM,IQHVt^hJYWc=fCJ1WS=G2s6e.DRA5A<A<3eb_3CG7[n2?<!1nWkpPt\P^fK6`:=Pa +%;&!B:EqU-69QC;CUQ*PPjPoui8@>fLJf<0)L1I_:P7@>\Z.,hpPQ0*RETcDbQGpA&J(mE^heM0Amsm8am3Yrh^iD-UcUH<+E=MG_ +%9dC[]jT?Xb3_'ifktCp'7Fr5%I&Xu(M!UW.j+j[j]DL.XkG'E3jOUfm$aBk)PVTHW+]B_hH$h)2]OE#[J^tF7VN>O#>%=d_K1D[d +%-kE9YOXLfNDGj,aF?o,h8e_Z8>%mTG.N)F;8CS)H34-i%eW-/BS7<P_/h3WU'UV@X>o<5[W$mq]<5bM2S*AK;X<ogKANG$][^Iqi +%H=kU9coPG>mZJVMKDfgK+OiYLFg_u6)A6fC<RB)jh2M"^V37\?=K70+-*.H0UQdF=0_VehMKVIp1m4t<m#@#a(,rljKNEkn8$Y;G +%__S\2#3[D4RU%U9pU!_S#&2d^RWpX11W'QZdq#$S^:61Ab^9oX<h-dJ_YWUZgj;s_CQ8%@eT2I+C!Tq[SQS6[KpCAUf4qt-Ot>20 +%bPC<lHC"5homX]U59.=$hg*&PnH.Qm5sKXG5Bt$%H)tlnp&<kaJt5sO2Z=l_+.dj)K@_)(heKL$G6e/>SU]P:^Xql8b'.=eS`tR# +%>2Ql:Hgi'3^"bYRQ-I3"[glJNoC0r*_c>APr,V+B[CFQS6L/T%c,4iL4kW)gPMMF>@;Gbf]s:7IDl9(9D:gBYQnQ]m[ql_$bNp9o +%>:&%Z7.g:E2j1plFYaEhO9:Z>ib^iT1^@1G+4%7,<A1WJBYK&8b\XLZ]r\?%YA3<[QX6r5(]KN7dd)dRKIY'AU'Zs9<0^"RdMel+ +%Vb696iq?R_cUsS%E%UVJ)N`kKLsi*#YeQOqoSPh=dCW'L\o=2[S@SJGG]H4`Y3<JD?<bfcCQ3_b+n(k^E(RGSOGeBJ<Zs/#A7ol3 +%aOC^$\*T3eD-=8L,Em2MqFnur7TPOqjEY.<6N%4&JdadIA:]).]sbuh2lrNX!\%Z;PVmVPIR\W\LFgmR<2]lLa=@eB0DDCtP4H+K +%cFIQ[E^gO"Z2Qa+-gd%cG,S"'\tR,\[f\.i463SLepl;mB,td/'PE0l`R_G1^LI'O/aZ+67O]a+0^b,o;(0:8MSghR=X7$?.Rprs +%Otk,!-llmn1^_;P,/YI:P`nsBZE.$R1<N7PQr.IM4k2%'bpYTIlkJ\%j_'gN,"$ts,ro-4>SAZX(qW2)MEHk229Jm\W_oo?WZYJ6 +%\46!,"Dl_@NA<Eg;i!qtm)+,rr@F6!EK-uEM[am4;,qP>iN>&<l7FpL[7400`J2"UW2d>ZE)62^4l7S9J3g?cZ&<:(_VpN9E:j9. +%Y7sX%;jJIeF+pC@JT<S3&$EC[bq$cYLWIaU0<Z$q^<F]eO&pnbLli&]D_`rZ9t9sB&$I/b:H5lRn(f5d46,04Ec9pmLQ$G\'Ab=2 +%HUp,?b."-7EJ7H,G0l6L<.L8uhh`*Wm]K'P$9CYrlPi"?o\)=Zr#W%6^(V"41StZ-XLW<BdC8*X0t#/ZimFd?`J-E9Kb;7Tk?&]' +%E-6U+B/hUmr9'Oe`Q%Zgb=p.oX1)2CC7\P@`A1B``9Jq?R@5N&?g,4`c@d5kmIRb1T6+)U1AN7up%g#$)P#[HWnsbLEeEuLY:;%n +%qun241b*_j'sHPC<#K&=g`,JaX'NCkXU8ji_t%AdQO818<T_Y-Eb[Yui+-)`.dcc%Y2RT9SY-U>W%.Cq>4RYVp63@qdO.)h51P@b +%HC\tSDVD'rk?F4@L9&r%<oq>ll?0g@\Oj;W?8u2(o9V!]mM4>PfYj9NSc9A)pA^(nH&W)(RIa(RLtdjr0/2Qj?FI[k,2u0qp$>2o +%8M#?kO&^Gm71EE2h'ZRJR(Ki@r^So'bJ),8iP56cT@P,&P[:VB.]o;B[u'("X/G6"@Q<B4WHt$NNjsD8hBmt%Y+DZF`GhU]q6f0M +%<n"'TlUbYFXm3=Q797m;Sen:"\>E9>:#^`&BiQf^4L!n.qj=1/<)7dE5C-!l;k@'UEQ$#UYtEVkq5T<i>PY[Vj9dE<C2qAgQr!.e +%:K;?l0429R6:UlPEW2hMaX\('k:E'[f/[.,PoI[)K86&4@Jmcl]Y4dfI]e1s)gfrp=4%NOVM;LnRN:aSlsYr.cCVdu,fciBZ;-=( +%<P=Z?>1BV<XfU!G?<(oTSJLmuH7S<gW)qMR=f94u?.$O`_DU/6#%#djkXl%pfm,#8?_"<SHSfUY#?=438^'5Sj'40NVoEZbs2#ga +%2$>#n;7CVL(:D&L8Q1['m%Q.[YM2'=Mh4?9YhW63T[[X4JBl]>G+&V$37bF8Tpn&@krCh(h]?]#6W1Q]*'aA49($)^.tjGV?.^0m +%F`^NKPE"2(kuom/bB@Z?SZ17[-Mkr.N:t)++`+<!Pj?2fS7?(o'i^1(8phId)`;N-MC1d`AWWJ34VLD/BL#Ip_KKYK.W(PfA</S8 +%OG\77m#C_]_a4"1cURIX)nqqQm!bs[HblF^4_Dis$).dY-GM#=ONF\3nLErM`#mDSbI]"Bb255Pb@j6*2D:Aoa\5BNAjVf]i,"eR +%3A<*R[0T:n_0C)JFh.^X?6;b0/jZPi7oH6Xd-CGKn'6Z6"oVM87BoE]fNt4,iX@".5\IB#8TCadH#[q<S2n+UC1go8mRmsYE5n&Z +%MJe^jUqB#;E.oA_bH[Qd,nA,WR%/tsQ^:t'[oU8Z]_mRkpatOnGMn2L7U(",_De#lkS\*0QEit[-G`oqi!F<W0e+:(2T[$t<K]P% +%11%[tY"Ku5$L.Ku10k6l=$l<#ZWoW?G4F>sQ)@h=Cp]Xj="?eBjZ*Y\HWRV:SA:M^(31$5>7Q=5Pm"?<./]OYe&(e8Y^-)VlYZT" +%A-;Z;%H/#.pP+Fl@BSJ<&3e^r>8k@-qe,7shD<oq]Q]d,PkQm#A)>DAT:r.tlUr*#/auT[7<:XRJr=`N3T[i9jek+/%6W0OBim6? +%)=)f)kB'dmYJH?R-SO(7j?!"P<-bekY=],2-j'Q!JoGQ/.rEMUO9M=B?Bpi;/`t_)LW6LM<U\45@KXHn"WPBKkHV(pYWl(N=UY+^ +%j7-`hrV6X2F2Q]q/V$l;=l6u2VBnh`nV3Htesi\,dDoaf#SLM8,Y.j3=p:t)3q>Mc.TiNZ6/?b4Mp:NgIUp-lh+=?]"_k(P>$sjr +%ahC)/CkpEj%@^i<fER^RaXBeo=Ye3aBi^2!EVDQIB.IJdIEY7:D`U%q[mc#D[X-,m>JT[,QYMS-P])nQK-Y,QFt)n^,-=J<GWgWp +%>GTMe^MX_6cq%EkJ>)]X`\\73jKVQ\_3"Z+UUP^6gZ>(QLfZ7iN!X]S)J<759pRkX/%'4K/]FSAQa3<!_Q/>oi<3+B"6gdr1_)t6 +%eBGUl/AR)O\6=^$=bs]KYa\PK%>We>@N=Oo)i:EHF%-F1&AaJgRuiunKkj`@7#P!S`cG4O8D"083!(AYp!ADge;RAb)R.`WW"\b+ +%et+k"`*H'#(]1Jj[%):i?peKF0)u;[UUpMS?gUaU^87nl/N#GF(K94i<'L!`MTk$\pVV]W5#p?d6)3Q#GJf+R[(_ilA)/1FQnCK] +%\lEN9>l9nP3c;"c]Pc4n8qf'.@-u?-]$FD-<jCjKC=F>DDm)pV&$$e^a=C.k;;<V"0cef4Xinb4_[:]^Fd='7$aH^adTE6h')4bX +%0SD`5jIj<T6CaWG*+:ZDJ[oj@9O[f(;s5%XnTG4GfMmP)CE6kIo^^H[((m=DS&d,DWpgNF$OaE7F,i8&AU2JiX,72i+1\t\>ns!% +%nXOASG?&:i*+*_d`T$.D=+u.*Hf'GRjI+UU4j9N9@J,?]+*2(`=(Z2p/2uTe#"J=)H\3%#dBlldV.'j:>4jd&guJ7=HHB#$k8#Z" +%o5^,;U.(QCB=57=_@fY1H$%056D=q.FJt?>c-KY6)&Zt/0Q)KbcSf#I^=M8+,D0UB4J\tt*=Y4''i%`^amhi+\0Ope9_ZVoA@6]n +%YBYt+\e0EMI'(:4k8MV(&l'(M;;cb_8IC4fIN4b8Z[4m56ZJeb=f))nIGqJW/U+2$W)RpLHeAOj0m[&2BbnCm$DH;L)@P.n\-ftE +%V9jdV_e83]j"b2$e<1>XamV*Rad]<g@9`<F4WA6,)rWOM^mLr?k]HZPjTG]IWD$m0b+)$QP:%M%,aG?F<gcGj&]@WOlRWbO-R4^P +%"Qtp[m$!YhBf^i+8OkI6Bhk'DV3G+1.1&[GJgt/4^o(hBPbHI+?d9mA"(>6D2"B.["jZNr]]c0.?VXc"mlP+BnPcK!a&nsMF>*qb +%`j=cgcDkNJ=nMp\K<"9dY]sVWaZh.E_,hr.3BP@!a*p%nOIoSh'C\G_SEQ*a<,-'.W&Z+^92Bm/;`oa;r+HIBBZ4ocoG653RcnjZ +%DRf2OlbJnI3E<7%3*5JZ:Y&sa(n4[s<]s?EX@_(+?KG\cq[;#"3krjIQ,5O9f'695p,,kl&(H3)#>4qV>*U''\K^1;OK$)_MRf+" +%9)cM'fO/aS[DLk3I#9+<$_8\hU>RbOpaS*-D'f40Z5YDh.To`-+@8p>KM`]6$,dJYX,q+'P0*./Tn%/%?p"a7@N":Eq1%Ai5M7Qj +%_O5n+g+f5qUq_0"hgQTlpqu_%eDYlQ?p@_lF8b*dIUYO9ZVJWP,F01OL<SW+dl"=;[cFm8g[0@gC5iUT2B7A'LSI[[$XO<2F`Jl[ +%?F3JE:&,,tEX+cP[H=kfb=ACPHsCEYS9Ui*2psl`_6GD2Qq]\R1U#Hd(Y1R]<f-Qdg$a(*^UWLs>!:k>Hp3@cn5C'Z?Dp<l6K5bA +%pb*ol$]4mMikLTM0-pN)M>op%^QA4D,lZCAnKd-G=TZ22U?g/Z-Tcu>IYAYGbKe75q<RARY%UUMl<lP+VGL<I2mQR"Mu%Ac9ROY\ +%D"Vs0CLJjhXOb.O;ZfL#I%.BfNh-+"bVQ`\=`qe,G.V?-)@tTg.e66+>ou6jBB#-L-n7L7l\83n,<!`Cn1h8OkF-Vdg'U@,1$=O/ +%nr;/Y4==e5&M)`--E*H^[q@0ZbA;mEL+W#[Nd8!Nl&e!6KH:]>?8Kpai%F=JE:,k#HkdJXS`\D@fV:D'q("AuZL]QPl_Ohn5/"cX +%8kRjk[A@0`g@J-**UK[5mb<V9mYAaCY-%,$GE4,'BZn!tr56mr.\,oql.9lE7J9\Yh_sfd8t.?:]oot:"Xgd:gg5nO10@=2npH]s +%(YNsd^9:OYI\dOhi@Yp[',BtV]l9#_O&;uf6o'm0P6C`YB+UC"iKP#"W&V7a`iF+uX&<9(/Cd]7d'?4GFPJXe";[5USHE+LL@XKD +%;GFi-JKD#oK>V?ecLF(dGN$,VbZ]Fr4uo0#0k?!Y/JEoU3#=G7R:e^/6JY_B&8cD[U,?-fY>7a^f1r"2P\SP6WdB0>W.bGJS(fFe +%kQ<kogITK'<GrgJ$'C*`Qr4JtBD%Q>"bCr"D\_5j'-\n=#@KGU2\Nf;#^Xl<f!+J5&#kgFWBuk`66'skLD?pte'b6sYA<OJ[ZT*W +%'pc>n!d@,1/?WrU2=A"TDRI"$V.10_At?QHb2kKu<ES6YGj%=ogW#Lq+2UIeYb#u?fVfd\h9a7`*p6fX5k7UF8+J%(RB"P5HQB0T +%MQFB^Nq%R)f_AYrITuH)ISspl^T(f5RmiiKl)I_<C!U@hHh+.6ia5Xg#G[V4!B*,2<U+,e='ei(F]L'8HKFg'8-'C]12hb9Thrt- +%,KFE)ljucYf''b&"oEl'%Q7cXW/Tt+bQ_T;&=^KQC^+t%+s?R\@k4M1<8]2548bP2'M>[@@U]1dEtlc[\;I!t'+0>C?!IPDN^HUb +%Po&HN;&48l_["I%(j5ZJU@%WA:J\'qA,\W4E@Nh2W11qma6UH7TF=8?1-k&+&1G]ahYQ*$]*_=!FB,lprpj(3o4BXqniq?cSoBCU +%C:j,EH,?u7YK@Qh-X?8RX%M@bc<Y^_'f%+U-mtAPe?,5\bEZjgE%ffQk5*l]9pLCf3^*^Qa4I."G,=E6,R1_UhWGN)].lM5:5@Y[ +%B\U?_UU*=6V1$eF.m<Q!f14rEOf)tYSNcnK:OIoq;"9\Anbc>QXkoE^%ir]q9u8c>ms5`.0[a>:*Dhkf9a"gHP3d+KUIQh.e_>hj +%&,YYZ&qSEHZ?j^\%j9)r\'4gOiiIJ%b#4_hrd*_bs#CND_,Sa@:OM7"T@@8CbWb8Bm=]#r&oA@YMI.^b`sDFeoNI:hmht\Ub2sSj +%d%_kfLq"p4nRG2U'?ocsQ:WrWI(]'pRp3PEa2X[A%t(6;L6hQOE3B:pM.i6&c_:%2W`YLl&VddO*:H8=S:b>2NB2s2+*[mK`*UWT +%3H1#\ZBs+O<H6saMENKd>Mcg@n;5S/hS=*CTf@&9rlB*VP#%pX3/pAM@JgRgo&BfO^e%T#*7hl7m:$`hiK^0_*=orp?6pb7&f.AI +%j'%HlN59KH+K%Tf-qKBEl'4e"F]pH#c<k\1o5^p.os,7&QXbHDQ_!WY*:$P:m"FQ`=J+k)a75Zm(LNI!`KR7tT>RP`Wkn^^L%4sC +%duChn1@!It2SgS[B\eR;p#@7H\Vo;hZcYK'[/(K/6OVh41@s%FASjBV\uA_7HV^_=$h9pG2oCg40A-/t'7(+:[b@dJhc"7^4lsC> +%A5n<U_/GMs32d#2Ji`qA6D*]]TiuCngVsn&6`S8/-4($DYeVVG/;QsEo'55iY*Ig'8@FC10r1G4I_P;r2A]([$Ph.c[qt*X=.H1n +%J'&h?<94m$/).mL-S!f3c;o9%%f``m%p,gVc'P1qh=s4A(!K,+1oT7#F@<jgCs]2_9.ie$JQW3_FcG[Te5\Khq!A-k'oc3H&(aQd +%16Y\a:Wq8caN76.iqZ<Z$fp=3ani$/FE#1IN^cKlZ$PKHLpP,Cj)i$'4Q:bQ;SDK\inWru^$\#BI)/^ojud+2E[jr$:<Pl#*;hkX +%I`S[aj:5186R>l[ba/j(`*9an#&^_pgSml]ajr&=]qG(jo3jD#$NB]OU[1LHB1CQ4!I@t.5EtknML.ltbcMO-V6ZUm8m'WC)j<i' +%s.'#S$`Ck,c?Ll>PT?SV/lB<u0f'-VW6R/Xjce11%o:N4RsFj=1Ol7]B(?%:?>uS8=g1j5:c`eSce/Ea98E4'oba;F[-`E#kH;ZI +%Pc)Kl<HJ-h:KY-,B1*:n)Ge0?Cc34B9&GJ0AMKV1-<t>m!Pt6:<O*8MG9]H:S?O.K2^RJ'7,4:<)\eZtWgJ47P\[:`<lu\MZDjTk +%Bqf'GW)=rjPP#5&5)VFmnpF3/e4j)7VCM+_.6/fB;X9TKp#H+(kIS=b^'j.deQ_IRJGN3Xjh;,$5Lj!+]7B`V^#cs9W'AgJc>5Lb +%5SG[WB9,&64,@'Vj^1l:?$%mllTtM.bO`JJ5p'u(UG3tR6HRP2bUVh#4*55LB\5Nmp^g5H0@!PYi21fD\1&kVcI29UI_:+hrkEnJ +%H1h.a^Ud*VIB11#g%3e.T9?=KRPcS$'.U4>5")c(NE*K!'X$<\\,\8k=)W:f!#^Kkf3!`"7cEVi<oK3=\14$nMQF?U(9CEp96=M) +%@$!E:a1=sP)8X#mD-)5V`E+u&H_j\'eGk-=^E@M&M'#73k90XG')R:LIt)\>c2I>&_tEC-J+GT+\+LQfmm"WI*I[P(e\f;prmi=m +%qYk`IqSSXA4Jmm`=&!a5:L1"bPCJ><p[S]af0d7MkF_;<+8inRjpV3pl;t`)rTR\TeH[Z*k<FJj0s.%ObS7ca$gDe=HF>LkIZ*c4 +%r<_BZ2'ib8JVqkerU/Ci:SINboKMY70E"PenrE@]53JcIn7-tip$i+X+rp:gCrFSSh.n#o3k>\p%Pr:+SM+0M4,1%a]'u0P%/6@Y +%go;AJ`hDd#':_oV\CD@dJ[2kbZ50Kch%4M&\Y8nOmsP`:Om/TWC'W#7DOTK@j4o]rEV9`-^M;`&*oIk9#9,*rl<3;_^,&M#FZ5@X +%B7_]T\;+\6B__S?J#7!7I+9[1FT^7[ICXiE\8TkQ>W,7ldocK.gr;%DmudMAe2Q_eW5F&VpR\hRGi4#j"Tg[CTa*ic"<^'UiMh89 +%5T<l11^5Lse_NjU%eh25NTUN7]f*s8_>+2Jd`M5Kk1AL7cJq2-%GrB53]cCqauV`pc?H[?(Of(4Y<!Lp1Va#"?A3=e4ahP%_gr-m +%HniJHp(Opi?h>C0_nCeH..`OT_lT\oWOj#FngM.`JoPoR^.8#T[2s^$Z]`$,Ho3n^T#m\?^o]V=N^^)#__7^75*BGXqu283Y2pS( +%05]]cPFrd&ecVk=<qQ;D)gn%eHpPCTFlnV8H)2MK^$ri7H5bc!Zfb3TItYKQO-^t2&BF]9E+jt2E*'u_*">h'/YKC<pP^*;OA$cI +%6Zsd(bfD^jmii-i+oAP`Z6ooK7fWI=mLa7hF^B[C1C./4)[:[#[O9O>&Ki8+#PY=p^P7!ESc=m+@h_N(Vt>SB'6tru"7_h>kJSCI +%<>StFc`W?'C19LIlqKPE.^h&kjre4tZacC^C&sr*N47kETGWD;$;=PZp*_d'KQ%$+Y07mp'^S[B-(XKaLa>jjd-j"P3=fu%n)N'd +%0_X'^]94LgYIr`T<q70dle-&g1j7ch="+1'>OW#64^uqAYMR18ojt:B3O`G`"gT+1&#Q)KX."9L$q%Bfl.6Y>dmYhQZ")F>VhCa; +%.Rp(7H!?HR4P15MmsMGM%0&pqR+'4'b;RWj4$BsW@]Wj1-eUa:+Nc7ZE&l)FEt%aEQj=d<O=PdaJr^!B;!o"lNe*XHqr:<&n:Pkt +%Y=fRDfoK]?q7IsdB-t#?mg?k:LouatOmURg%6\gf%dV?c"*cBlb"O!j,aQiJ@n+>>/41q<pu<7b[:/`:E_;ge16=,[qV]*ZD,)md +%1(?oGe&+>K(@[=grq@<_:lHcY#"Z\-qZJ1n\A2<6$h<Km%3Naj$tC.t/nhs.h>9V]h5?-'K*jHBg:)M\JX?YfKdHfjd)UJL!@DA6 +%kW"+iT_!DG2hMSsN'Z?jB;P'Jmc<o]JM,Kt!!$-#XrN@&=Y@eo<\68m6*2Y`'&c_8J=TmWnJ:n\kug_fR&iJFQCBrH"-@sphTsKJ +%#&s$tiHS_UKQmsQg5'mk^2@=Fld!]:M:IC@"C!-"+Gh+32I6b%"1&,jXb%dr"JJ4Q4P-M[=J.'oD`PYB`tlJcSq(K\T\#7Q#/AY$ +%EZ`GmNmSRic:qlc(4^<N-NfML:-)G)fg*iqTT9KAYe2o*F-7_7=dJW9eEMaBAK>Ii!0*+d+Pb8&merBm,P+<GH<)HVOmaZ!,3Y)n +%,#_tCUfM2Uq.j$OV$1s*;:3<c#)p*iBnZA$i:#JA*q>'.c-R[e4YdVAcfFs`S]b+b/6#aU9DG5mRjGoj4ZDk\#+='S$M=iZmh,bc +%HVHiTDmkDE"+p]J"!,aLFTdD9kQ&6,ejC.;I$<k!RpGEJWj#/"&((T')ONe:EBFM"BX=e`fWh!G/7gr00pQFRK+k!dKV1mo/PkA> +%+>O]TdO!*t!Mfa;@4'9u&b`%K@N]C*Cra_O9::`M6AA?S$h&N\\dCqo?=5[\Bo3*P44QG*4g(X>^&8@akrbMhL=IO/.]BIM[EV\. +%P'U@U0ggL0Oa805cm+R;.;ig<0)IpO;i)0abf]K3MmsP51ZU2#a>q43=B*lcM`NT25kjb@r<>6SkU)jeTqg5ijhC2(rM9a1']]@q +%5^i+?Y$Vu#:XrJkiV$A321aN";4h:\Gj]2p8epnB32iPBcsWI+Du6e^JJ*8GaQO7J^ip+p6mCj2psaO<;YQS7coJC_Lbd<pV5c$o +%<NT<%=;d;X;:`Mu!X*?@+"-?d;C-bA8lad,igXJ!?`+q3lb'"@H*.%!!EoJn!KmXt!pJ'C0GDDdi$luGeDK:a7/2_UmlDdF;,hpG +%4%(+3h_sN!Z64Fm9%>EuDI@&V>'N?,&#P-8+IH<K'@RqhAT)*h?]^8\P)W76W"d@06C!XsV7.(/6LUTSXtfJ63!U3'pJ$jU0W[%U +%JVE'2mn.[Q\s0X0M_8QmgsuO5[$#c2L!R7]n7fQ(,,9niJRt0]>Z`?<'0jnR7DnsXZmjtK?r%k-[hT3R;_OWN*ESur$q>Tp,7=e8 +%0!$NF7B?jgT%3mC9-e.PUu@sm-HkDFT.V#^UkfiecCk8N@#"E3/nG6\f.am9"%3=WN=+Z,3`#DM<E]$(fh7_:Bo!XGRa+*o8sql6 +%Pg1*AD9$5-SkO6m^a%qPQ@fn0EDDe)A0BrF8]?ij7W-dFC.tQP1TRHf@.tU[l$s]-i.j(3@hGCiUbbPE^tTLZ0l3i)\PPSE>qG0* +%(8ASR%4(i9MS+Rl>Z30k881c[fHe(%ZU`*@=jUC^n>qjsn-O61h")Stf*gtB2PUH[\#=\8ZWC2dXr1(+##*$B19[O^Ng9Z!`XWj< +%J;^ga*9Zn<g3h<E5mIct`sWik:ka8P0.rakMmi:dpPMVuG]l'ml0b;$oA0`?5__>46TNK*6Wp^09sjLO_fm?mFj5A<55T>C['A/. +%S-P-6@hXg-ZU^)p2\XTK3(9LpM2>sK*<Og8CbeMIqGSI`P+.[[H(i"I.T5IDh"l/KoEi,=$b$=6"$E[,WtqjDYRT4oGe67Kf^Q8; +%U=lDXH"/^#&W8sZ/G&^4#E?*s+,n6UcYL,u%g+QfZ*e\FFBPu*C1CtoqU,Gd?n'(N"l";iX&&)"$XebH`9orh4\!"sqh1obXho!* +%Rpg+bdXO@U\'-PsAc_9sbd<aA_JWl8[<CGjD4$EMS5#+21op`3F_EI#)2"*W2jM`B5u!9K"mkr!I%$,sAd?\6cPB5trA5&(.C$3k +%B=0G`--Mgdgt=Q-HSPD(irU+k\UcYN-7Ef1inBq'4H6WOgo3GEqi6jQ*FWf'fD[)nJF/-ZB43@8V'pWAML3FUQ(cS=(T!kCaH7cG +%'?$"F=!c.+R;9fg$WJmB*cJkQN-ids.."@nEA(PNME:cCm@l`M[Zqj5$ek/b<FAY)rr@_L.%1Co4js[a;BeJJn:\Uo(n,#^L*[U[ +%VX:c/<GCNfD"8h/NA?#*=Nq&2;?^8%(e5unB1A!P0?`4tYe\=+/JHBb)S-+=Knn;I[t2Vm0Z8JA(-us\ilMWf&X:tnRCQ%#Amnm. +%PjPt$=Ad)64O<T:nl.4*O$\fZ^_=jEH_:`Ll@jP9VK/jG1fRmOn)d#<J_R>q'0-74TOo6t*:&>Y<RIZn;,quS'31mp;H60ROapPD +%PVUW7rHnLU:Z5WL>>uKo'h*0Y_d^_P:"1+hB:Qf9NR\tM$B!CDV!?\SHe41)1Z3ilgdT^lZr8c^m*n-tK+t4Em;*Z1nZ9(RJjUVR +%`)*A3Y[87C!BHQ@^FgFh%g>]ePXSRhmPMZ!]k2%X7Vp>e'5=BN.go,\n+*!EIYGf1YiM;K;6_B@'rh\?8,*eESrfu?Z7$gCAPkXe +%b6;CCZ!\@Vgl"X@0pGm0q@Xqt`+Fk25d/DbI2UZl!]\!V3CZc9@r"Yi9Mt#LfKm;.MhNHNc&HDf`g5<:=<[7=l1uPQ7,TL$#+J%s +%UU<W2K;C;:g537o:dPq0log^eS-t;3pT0'.WWLj:7>$hUS<T<X#&Ace!gkiA=9D"n@-9@;K3;A.;SjW?,mA9u78bJ<$G<^`?PDRk +%E?*Q*huUcDetf+h^t6/&c01WrP6-rZd\J^.S^Sa![n^@/**B%GUa9Vgq/OEV$iHN@4f6phi3V"+ouJ_,1?]Gqbe,j-Kp,\28)@u` +%D`53F5;MT*W.:[BA#HId]r\FA'OZVh#$E/:F)#6"m']L_b&^\:VoikD^VU[hp0u_$i^bc8[-La,P/;NUdA;$W/7Y-rLXq%,eSAV7 +%m%ZM=@9U;4ATaf.R^uWYp):\Ml^)tLGF/8TNVi1--Yh$l^j:o@D\D)MU@%Et,or1*!XQTD!5R0[^O"r&l-(LO"Ls/RbIUPF8ZAo% +%c2=,(^UE=&7&I?lX3=#L\kjr<V2S]W>C&q4[L0Ad:Y=^5HXJ/35D*M1]jRnk^6i7LG[==#aA\b'CrP)p#I?Kh_J+r&O3inVWn?ob +%@#MX1AL@r=?"E7-#C7d!'[%K[WV$tV'+U8"^.G[g//t(_`JXCBm'&P!U@aJ,K<7Jm"_*72#@!%E'8LePMQCjXFrfh_&r-P6WQjcr +%N(FkEMF3dtDt[F5b2t.'%p]b-?F,Vf`c3ETL;]J#HZU6boL7<H^.KB&$qEC!bD=i^?2u1poaEY$;&H=m'.?+YT0Se\D1In^'>)$' +%Xk<9`=HqWkju%mXJIrfj-H5C;pR+$a@b29M\XJ6Q,)jX4$K40H-F$k)L;\Q2CUD594cuS4oJBsU_</6k.=8d^qK$1-NZ9mOaKZ04 +%-ko_o1SKceG.7PZapAXI'5VC\.Rr$(A(Zfo]iVuqjh^@G>*_^@J7Cs%":5e4bMloiUDY+W>gI*B%(ue41,N(,b6%(.[(Sa(I`N/> +%+Wuma%KW%/0He/'%$H-(bcR<4Lb@e^/N`bU<@7KLYc$uF68-bNQ:B7q*r$?p&LNOU,f4tn]L@np_^)#e$'SIVZ4ma"P3.R:E8=>W +%JQU3PCt0Z94=ASbVW2n6EO'\j<Bj3oag/i3/LSd[D,)V>\1plDNDlNo0W7;LMNg[<&jIu\81!WI`*4_i$3H@q.P;;7Lu8mhcq78p +%R^Je"T2rE%=X\eP'PNJ2'p>RJm>.o]V^<l/-2/AeZ]d"OY\JtIEA,SqEXnH]YQknV4VG6b9\bd]`%<t_[j5f]gsQ6i>1SnCVS`6M +%%'^(;5dE0u6FKf?2>GO<40UMn%fim8/9;-@8M$cBk!kJC=cSdKq5i;mWfHFq1Of"iE/4C15Zr1ZOUZ7Y8:jW(Tf<MVK#E9FBuBd- +%:uTcVL_;1V>mMkc,aJ.,f,bL5FX,iU25#haJ#ETor_2;nTFANE-1\!HeL?.mKn<iG>Sr'RlA5XbN'8_G+.:b6>]\GgUt)`sZ'$F7 +%@Wk)t">9Hhf5o[+P:i(jTULOKN!1[6"(d+Xrn=(.^c2QS%G2*]q>?2I["KQ^Re]:+ii!`uP=UIt7=L&X$8@TM.17E?'c,Sd9;,W, +%MA_WdD^kG"p9lY%a&F2?)\#XA1og>1@K8nAk3WbYA@pPUWE#m'&1,Mr_L`,cqBQs]mlac5)?Xln9i-1@kXWDr7_Jru%n_baO'9CI +%_,*RtOgC;co)Ua!hCE:@Mf/[/o(ereg*&k<:k<l)FA8094i^"%#$%I;;fbnIW^u<;m0lsV_("DId<\h#=[Jp:OI@fM29![/fM[hs +%/X+GhE045rK]sX&VIn('7)[a:Sl^fT&LE9fFRTop%.S:q1lF[`KMIf30B5,3B.AfU"%!CV;N0El#A2^N@I@_5G*(h$[8LOM``4e. +%;hE=U7qPEZ-R&/I)e@10n.WDn0oMBm)@bn$]!`GR@7G5#-'m$nU(u$06eESdQ\[h8$T[g/]g;/SAC!*Z!*nCbca4=g4<&JtZ8N"N +%;M>ha,6BjCs"FX)cM(#i+W<Z13s9X3+ET_tn6QN3$&hqp=9@MW2XX!m$sWJ#4bgXs<KQO6Z?n7)WpJT#d*TE!U1$Vm=&?_:X1bne +%m4F14&oB$"@L8Dh,aP![a"1jh5=fE?(1IE1kR8*@,Xe%g>6r[bi>0;;6G,a,apWHV@88_V_S@a:b#*D;TIJ9h6A/DW4bn8b&3X0C +%9;9Lb;&mIQ65YLI^C\F_#'E*OfmMm(ZbnQ9/k#k+U:Y!T'pYJO";;+od]dt5oIf\i$-rmi9Y2n[F\/)ddXhY^s/;`H%X/L6+lP$t +%-7%BCAD5.K8+OogdKYU;DD:o5"3VnEZ"GS).<&(/XW"aKA[>sZ6tJ\/TgY72Xo@4Eo`'$*O4D1Qd3jf^f]a'SQu)GP=:?oJ+r3Q, +%=TO`3BPh@G-b\Mt/1P.=$hT3(:l+*D'r\Sk:g[+OP)-d[YSlNnff:"dDr)I5pS<<7#`@ZLgaM2ajiGq<!8lHhIQRS(6D3l`2I]+g +%P+C6gh:*?E1ZN85LiYU9I)(o@-r&]7'soI\Zs)Tn)->#V?H*s@][&"$5X4EOM<?nlloqC(naq%`SMdt9`\42RmHG-#%Bu%tlL_tF +%T)Pmf`NXO7#)atN%radm"/e65CZ9l3P5RuG4s_IJp-'d5/G)ViQ-J5@4O0X:k'\Zb9p9p@.g]d'6(GP4m&7-o3Y,qT$LFF:Ti_@u +%B(fV10&cDlHH_/D+GY8)1JuaPq[qS2?bPnMp4htkEI!$Ok<T/sA=b'^8*3^]Wq1%"I"WVp"@#H/FF]#HF_QYC1HBhSKL?,Q(8M`, +%`E>e,\]m<_Bs7FZ/c%6&#\>hUE#[sMm[AUSh0&&r/)Bk\2%??c1^%BulHG^1D"AFc\2Bg1:fBu+Q6Jt$4'["ukp9.oJ0KOg(2sk" +%$gtqKP>6uc"DkEs=Mi_7?>%N.\]Jcaa!JODJL`<?E,^?XZF)9na]YZM5,DlN/S:6/LY_hQ>f;2dK7GTb(F]sT3Oe!a4M8@j$p"J_ +%$#mmRO;SXfO?;W.CpE=@q+6el<jq)[a2fYZ_b/]@B=O6L>8@@rh`B-)2/+10@!#!S%_^s0-5[2:\k3*(M9=->(7T3H^t-0IZIU5s +%buqF4i$B_2*LB<rcn%[Z'aJXXA,o_^Z1)*h&]/uqIVY=US_]5^)9u5kDY_f7WQRfaVf@$es/P,S$H.A4Za_i2gRruR)4XW(A#CrO +%?HZe/$X+H>=g=2DLo^PI&ZM!$!K-c(\F4G^'dn$q;YDg]"Od:pU*rRbL+!BAekpHTl]V#`dJq,hW9uG^;$,06c]isf!!!b`-MgiC +%_to`'`YGV1/-.'Z7jOnKr5`,X+*j_qM9HN?(V&51H)bU.OU*>R5bs?Gah\;3.IF]!*LBSG)46'a'l>5I;:R_5(>K"o$Xr1,=S+pR +%0uRNt$-S.h8jJ.c>m68lAlc=h<n:*e5nLo53!c6<_\NV2QBX)FfVgSNp3BTG2Mbumo7CDa:':G_lOfKk5LD/2-I8Ki+GH%u+a78% +%>VbWA(,fZQ/)aimUDAVXGg;7I68X@X8r,rVi!).YoG0A=1*^FL"Z<^n;>VW/9[l64-X/Jk5,)9HR'k-H@dPF0>Dhg)l"P,skB'?i +%[jSTMNWR/AQXq&QEluP0&jIu;>f2^t>T9NH6oG2ad\I59[]kU?-"WfY8Jk?^F$2t(e.As'B(%;D9?R*1l]oho,2lW9@KfHF:bC-R +%4F(Z1(AK8bYSEaF=`T)hPSdB:]eV&Ze(?]YjdlUr-<9.AP%9C@"9gTL?d#)n""V]_SPM?)q,$Es/N=([3u;15h-NlKTlQ1<gh.!i +%[f(pGk;EP4e.@TA)tkFqV\JijeI(\7PZ?C"+EtfLI!(@mUKK6JLD.@fRCVBh:-1l\"F+bHS-h-s@a1J`>#k+o0*(8lJ0u9CYrB,+ +%A]K\Pr??=0=S.>S5ec5IL#(%s2S@2s)iJ-Y2Csdl)WJW":&R`V;!N)PD"c`61b@[8TV!EnfmT?+@qTdTAXAU3FjjA/C-rjX9F"U" +%>ILIWaZJ0F2t0:Zb>*@T@`+W%d4n#!h$grag9SoT5^TI^];,nC=k>.<XFWMS>2G,RfQEm!hpcVKbSX7/Z'Xc!h@8fq15^.*$H3l/ +%9<Zj5dPg/m^F,7c?RWjk$%3gS7A_+:7UL7))"Pa.6NnZ4SO3k0VC"PDNJgLE+Kr(_bN.#f7@:iP'5,DaL3l'%8ZmX,E6<D7LkhBe +%#!OmEP%uIep_4>KoNk<63@/`2V/V`IS/_1ZOg8;mQI&)SM_Ogi?5?u)'>[`6WQ")2asjsi%!+Ir-WPo!0/\/uhNC?r<WT;pdgh5M +%Ue[O?+nl;)qg^Hc:lJgPh*d$!9b_d#dmO@p4cK',KF6q22KC.qE6;5gbq(=[:j!)8"3Oi2.$0E7Xc2ntOJa:29B$g*(rN%_F9l)5 +%Ym<W>&JH(!qYW8PD4#GM]u>SZ2<D>,MZS\l.@+L8<-Uj2)lB,#:tUu)A\ZNQ*=8NIkuoj3/Z/W63h54gZr+]I!]F4u?,GfUop.'7 +%P]P+tB4,`1.-KiGFTbBD0Mn^XPOo*+r3bf+k_8[HlX58@&DQ+[nODb*kb'tYS9J$S=Qr3U2]$bGjkgr*0+fS.8T*51GbdIDD.a(% +%,tNZ+/lFU3Q]![t+rMV/XlM'*B6KQ%nV37^(`[^6U8Ce.)7&9^0s^#:)F0NqPqkGE$qk8mBqefmHje@[E16!61_:]CK\=C9b//^8 +%gd[DW/Jk]tWi44='5&Z#2#1e^Q#*X+P,1<#,:ea;K91dp)9OBqYmdPKPRQTXN3*6EF1Q269BKiD37`.I[?U?sl-QY*m+K&+W%cDd +%j&-hnhOXgJ)igIhq6*2Yn&Z3rE`c&^hMWrhh1uuuW]g*J%J($UP4WRXDqL6t$q=kO7Pf+eK6Cof855>T5#_F,<Os.65Rd@E-4jSu +%JoIpE-JaoP^!gP5%OoH)/$L@nIn])6p%r:"0Xt</cm+m;Hl+2NVOJT;A"OTmi*#86J_B;:"#2Jn[Q(f5!HJ=b7UelW6"A'2f[i+t +%6Wm(1&`&6(BFXq.hEnL6*Gs\RdZE#JmD=3!B,QJn2B8m2!8A4aG&FUWAtuW+X`GmRiY659k9OVn[M$_5ct5B\_f:rU<r)(.Nnu65 +%N?kbl-$b]@J/Q$gcQ@EEXMsBp(<0r0S1Ts5Ms5Ig`fM75d>W03EM>\k&<T\RQ6TE7G)+"K]!3[CTA^5ri-HRWQEnK"D<B><+l<_s +%\G%W8:uB8sKc\ZVNQeD=*nhd+MHH\ofP]+c4&k[cWAguO>&sY5poFR!6CMI[`X_;[9LUb/S2'+.`c:*ZN!5g54U,rC#n6QsWON"L +%)_c"4(M;Tara=W.dUgiWgZpW\YjB?7T6t0Z5-f6Yc?>LLA5=CC@$BZe`j(88Q6hMJdqZ#9>LJH<Uh*+N,>[1@CY?n3kM<e:h7sf: +%:s,^l5%[of_/"\s-.4cN:sF((RrJ+_bq>`3JA:1+>gQ%h5t@c\9Uq)$eDY5VUAKa$8b:Df%k(mF5;=Z&5!SRg.=1V"+2oc>C#Y>F +%Kcs0<C9T%?&-^5A^r2#+Ml70(d0YC!&9]LlLPnP@QjZNO.k"DkN0Q+k*74DRX'+Z,fdc;eP@=Y]^(AU#lYe5AgP\HHcY_N=g\l?- +%9SR4G:]aQ"arJpMl%"DXKoo-CQkDkLnO^`hh+W3t]'(UW+0.#([W$LcX0OE>kq[gZJSXKj=[2J+QH"M(2[ep[m5"!t$:<27pBcZX +%/G5O/bYXZM^_2XL,G5iIXIgc9.h!k*S+n6SFT@+X!_f^af.\%OeNQQe0mm3CGgUd(R_ZM>NBV=LM*%k#pV_[tjX[n)dqInWPs.dC +%)EA%sQ=IG>#R2p4BOi6[nYl?+q[.*<Um,u:5<^21<J)Lc=ak)\Bo2$D+]U(5-5N@#EU<2?X&aBTN0a:TN)DG$\a#oR/5VYo,aQp? +%!(e;FTNP*#cKJ<;9.-$,8[n)k$6#RK!:P#t0F>oj$K*nA>?NE]`0M$nV5)6ORbCCjF)&hXapCF(@iIF:W+^9!FL!<-0sZJ>"f>dS +%;T?.)*Ot<K';kpKIBLLKcCR8:*`7788]j);\aRL1MI#dADsikEIP5#*Yte($s1nl;(Z1N23hH!'pc&D;3HBN.+I;#YS%.-lfU*MV +%3o6Y=4]>d!kghi7Z;02'nQ^r#ghVgU.$KkB\n'j,@,L8%n[+S![3j$Uhoan]1So/1eNkoEMZ=dR,?)EKpR%A*l9a15\"E5Z$t[p6 +%3b3s=p$ANM\tk@R^g7Q<]I9OY0G<#DH+Rjam=X-+;S/:,0_[#F=SsW,R.u8UACqZBF<!n\@4!\:7Sd>pVhS&a3%Z(NZ-P!,4\;:9 +%4G%heIAUQ4Z`I>]E`rt2&Ai2ZPk\Ds"4FOMS<T`5gGi">p:2UrT>aTa^I8i4Xh;X\>d>%s](OdbWL0V>o9(gmA_:WLe7*A'aX,t. +%a$]Lc-&3Aj]7ih]'5&]$2#3QEcJ%j[PrANa[N)g-ZeoTBJR,)erAfpFq[UPSZf8G0J^QVr5I,_R`cB@qf@&q5idI%.<hAA-a2fPW +%[n7VsB<mg.>>"/5Bt!--SXuBaV:@hm.VpL)QK*sNG-^JgOQ7YH<Tflt%2K=e:O0KZoQK:5n$B[3`'<jBgMu=bBBRVA+*J,'nB39O +%,>1B-H.G=q2J1WIOVR$FdW!YJ_eo4f$JAp^Ai]"R3(Sr1#"]/HFN0ZV1qaZ>(92#O:3G>%/0DN9I[3![B5:)0PU1jA,hag1X;HfX +%lr#U(H]>,#N$CAFNU.MHQhG,7;RSfNWE:S%Yi[rG>in%H>f(n-BhF6j/!%"bOfVfBnLFcBXH'!7*2:GFCsdr2cA,k?B9Mk[L(J?` +%a/LIjS`CJ,@\=AVikn$j'D%SLBmoMH\h*^DBs"mQJ=)d)X2&-4E=C;Q0d`ogSGJHp:ORg$iDr[1PR1uljQIKDCh7"Nn?h[;c&$F' +%['#63pVi2N-A3\9GSr])Th+<@fG+'^'<:\,1_AoVBHTaUR'gj:qffkGDXHYUS\7E_QJ*lI('rL;%2^^O\'KG\;LjSHH2F<kC!c(^ +%-Cb4f/1)-o[:E+?"ug=^itK*o0q.l*02[[o/<A@CBs!_uR7q5I@RC0)pjaOHlkg5fN.J;OB^_H@Bh*1f]2Ugp$]VG01Gr9:K15lN +%B-Y=*9QoRH_MF@$BbMbTO]WplC&)PaI1%T]%LciQ.Q#;Z<5<`)dH<QUqA@P]["8?fSPpb-YLoqEnk.(ucg]]1OtF`"R/32M8(3^& +%:Sk=/n?MK+62WHt;(1D!,bsA%$1faQ)U"-rG#dI6G&GOZSK">;CbeK-fEu/;7ZAr04`/Q[Ygb*`3HjtN69F9\QM2qiUDT.mEjcuK +%\cpDkR\Ls3_r3uA?H$%^lJR4eToG5sf/htrLY\+lYAsKJNkn@0W^Yfrgl'*sR:NaN4*L6kiOBpX)`Xpsi@(hi/bjA1;6d=5:%M-7 +%YAIuKbe+^>,HUouorhI;9+ejR[q&\dgWhM-?$8<2ZjAGW0E`XG*ufA5,j2sLgm5:9&U(LTK[pq3+!D_R`qJ5KD/i@Rm):.EZ.#l- +%YmaPDn<1Y.6@tT\3J>PuDQDekUpA_^@H_.sa2M#)iX5-6;l7(A43j'>mbLY"@[&j;E6\bO83"n%X6q2Gi3JcWf1MRUCr23Ejd@62 +%.T.TJ.+3k*lh@>5m#/f]KQBo0]iu#&SaL(-icHgb&XK/AVXl,=:I0PVP%K8X75b0Wil&Vco;_5b9`RlY!R>GCkmZq&?u2!"B.EM, +%"D6&4AE-8`[jDat1_%RN?iZRY;0\J8+PO8QMlcQH-\A2C;iAb;EDlLdO_Bs^o;)jopC8?5`>Lu%Pb?D/Sb4_A8"'_XBoIe2!EuFs +%X<>]jGd]]!+]KJP1B?-"r.*gTW[.ekER<_/+s$to2mcDUQ].dmc(1P$9tL^KQft'Z4(QDFhB=#(^]P$(M,Ig(W[S0d=U^*'F$?Zu +%VYX92aM*0J(4ut_.!3@K1)gH':cQ`2.fg@4C?V(7$O9L!R06>W)auU,0[\nE+t<u3VpnNeQu``k5toiZME7\c(td_'63!]FIP&C4 +%5\knD0W9NM:=*ck'bDB@g1&L^/i\8?c3de8ba*MnhHhI&1bUi24Y3j$c32'FQXUCLmZ8n4&B,(m$-!<P,BQS!RG8usW8a'cTZC^m +%C)?'M\stNWg6#Q('L654SRmLd4Jj@:3:!jQ2E;H'j9gH4c3-$s)b%?F4NR)l1*=sYB4eP*nRihsCnFI&$u$+J[c8irh81Ol?O=`, +%T3-P@j@PYU=h[penN$!%2oJ/L_>Ph>&BAlt6Ph]"lS`lU#mIt/7=GB5Q8fN,S/Y0:T9*8<lm@ck3;*sm67f&&P13?D09/@D+C@7$ +%AJel$0OK42>k@9+*aT+H_LiiL[=VkOC0%%f^m(E*U6DB,KHo#pqIkg`;Tk"9qPDbLTs3YmBI/+dNo"_*1ECK/*f9KgeT%l<:e1p\ +%A.Y<,0W7gA@U*(c0J/766DFgm&nDI<QR6C1j#H7aG`)+.>k_2_i=M@Y^1kGRVk!\4FYT13%,V+XZ%PX,^3$/?#/gqoV>$4#@sV?! +%&Ogq0<dQ*Di!fuD_Pro`E_P9;?'XfW-cB!;Q'#B2Q'PF5fQcUI^kUn)n`"lR<)ti(MM.>$af,nq4VUt-+0,r$("beX=\DmeJYs2B +%:Ip=YcL[uEa9X)7RtKl=Z?`J#%Hap@0(Q&U3%P<0:X+0!''gFtmhpF_0&nK\Z(MrZ</P=gq&E4fBWClucm!$:poEAh,rR@613b@c +%X9*"t=Fb+NNV:"GPRT#ITh7d77V]nDL;59":1@NT]StedQ;iHrKjY*ogM\ml/5j^cNT1&a#dQ0g88P\i-q:9fIZe]@*'B9MN$Uk5 +%(l;Z(Q;Laj@b1s1/Q#blLaBIk4AEYV>#QWC,+`AuR,_rgWJ^mt=[LCnfKG5b:6&WL:NN%UZG\$7.;iRX>=:%2Mbm*/'IKaIeXY)/ +%rU:R$L;3qcmLYd/e1G"`#pa&62t1)ZBaK/gN)0i<%D2A/(P_=(d2_2nFOj^M^m@C@_&"t/G4;oXOH;+mY<kdIk[1Kg]$2PO/JO'h +%'OnENXR1s/Aj;b!T?pM-@80W:igN8H#k8+f1dh1pE39b&+e5Smo*+b?#ZM^A2Y7tK(5/uYR);o27B[''?NC-B9TSFVfm?I4fYu2I +%iI`;^6hoRPYd5c5P?-si2R7_s,r,C$YZY^o#hqOho>'cFPVsUQ(R2,aIdD[(KB>lJYp-8T,$'B)(JH%qR:dcb5sjTe^6*E$1B.Z[ +%LZ^\9R0689:)=3a:*6O+oPJ):k$$)-iNga$0N-%k1T"BN:Pk/GeRDEl$regUdR%=k/HfN+l\o94:UJ9Ko;/9oM#S&9)$5=V8erf; +%9GEp5-SrGp=_6s$5_g!2,q@;Q<MHIg&nNaiUA4k$1Y<KjkZgZII<?0?(HRom@=dAS[ZiMLP)>ZMiN]We$j2ZP=]VE:`iNiX7AFI, +%q+M6m"o_>-+bmlKQk4RLM%V+@=$b#5j8^'ia>cc:D_f8?UerD1F+2*&LX55s$??*413)]*SD63]/$#<m_bAD9s6hAfZaaj6Q+0p? +%AK5?)QUi"7$/GuT-k7&Wbts6DPKcpH+$1g)RGf;'m7O,(jt7+GRFNGp@S$uNjA<6:NCZZ";!"XS+cT%0K+d;`WJ;A#q*5PcTqCL) +%,"^^1k9apaA_1D'(OSiuAA?db-g,j%*;UlnToPn@h"g<JXs]F--?usF,!qAWh++g$'T`[NLJ-,",q'kXn?OaU0JC\/g&/:Jj/!3, +%*NA2NM&nE<;TA=kVBcojPB?DA3RVCs]`8NNP9/3;"Y(?F2%4&Nlcc_A14X"Lo$!,#TI<HTQ7,CZbMa\+PK6DlL]U3N\qmg!(Lr@s +%V^b//8gc/V/iZI6k.AjMB3)JSIHC7r"Gsj5I(I2#!R@(sN#AfYULr@7@[)t06V&p.r6WK#o:1NK7#+PE=pr7,E2Rg%"sudfWNdFR +%VM-5Pc8chJ1ufu1,=8Jb=dDB*WN7?qERY'A2,(R![k[jeO*siU9s.%iS"sip$jS[^R05E.:@2C4['Pm1VI+.o:3if"Z01ndime>[ +%cT"&m:eA\RJ1:u/2#&%U(4[9a5H7!V<N'lVaE0",c?PE3:R6Kq5]<PJS%`s=m*jl\2l=EJR`<YWYE]?2S$]BC]4EA2:1.4pVl[nD +%U;`fW*2;2aR!6tiEjchj#7)KqJjL,$H^KR<m!p_,b3mUpN?k/aF9W'H&=oNYVT&g,dJ(RC./I?8RF2s!?qnchTM>&R\_"3db30DE +%3E=?s#"8h)&m6V+5p@huJR6YL`GI;'X/VcPI(GgsSC95>83p%J.`4.jEe.RHNpXDR&k=5GQ8g'+=2@F<Hrpb/Y*o!%*=T%PimR0@ +%(h,4uJ7N.L9*cDRJ-Rl:$T!?RAnP^SKX"!Zp?Es)p5$-A1pg+Z%.:SO=eQpLVG(:4-`)$UQV.11PY(e-nBrNW=VS7l>Xn>7[Vh)n +%72,W?+IcNFLQ"1C`b94N`_:*/e08l=d5ckI=K-sm#V.K&90..Ie.rXh?q&;`N4CBh6d8%!P>F'_s%5bAVhDB&8nMrUZ"B2_BuTea +%p9ZZHF%W;Q>TLYV"@s_D$6mQKWD&6cph>TJ-4DmZR5U>X'([B.#1?Ik5*Rp=b`aGX"ho+;VTn$So6J7*/_eU+T!:W*.Z5K4mC40= +%C%,'$T1Nja!3ekZ+0-7?W(39G1rJoWI*o7FN3O.3S-D!N;2_0jPm1s-+N'?D-CkN[/'Y;PRt^/g`9Ym&_D&@6kUdIT9QFRQQ6MBI +%0#nTnK-r<<b51%)9F!MqfUPiURoGP1.VY`ls)6_V1WSU_HZS<PS[h<F\a*ju(O(YYgg5$OaddWskCa\*`WoP`.'tPflA7f.A_/-l +%.?V/=PQ7:LbG18ZA$SJC#J'13<5uT1IYHV0b'(M)rNU3R8n%F&YZMYm`a(c<o7&%Z/a7?-D"cj$6jmB]6s&04aYn,)%aWRjroejf +%l;t`,rUW8Ls1\9cB!qVkK*B7Qj+,[sdqi#OHfS00rT9f#\PfmND;X9Gek_q$6(QV-n:Wh?U0eA\Nms!iX``Tf/T/RO@;FYB,(4$I +%?4gp3^/4[r/h-FOPIS^?4)coF2RK<E*G-s\HYh=n7+ll=n(fYhY)jed(.,7P5atNt0ZR**@U%<FH<2=CFkjq95#BoRm9iF%Q0$25 +%Tl@q:2brEWltWatH;,#]mLcoi7lA)s*]rSB'Q#<@lCQ63"Z2E5h8[ViW"louPL%P-E@l:b0jU1BmZAN@h/;Lt^0A_kP+3c]qqhmr +%3aI,O:)QhQM2o&l'h'hA$UN^KQe$^3?:b\gHs.O;bhre=64NG;4%0Q(>'LK*']uNZeN9!%*H90f8-U@iGU3q9\e_MKOhaXfRt1VD +%V#p`p$Io:Z>LM(HqYOpAiRG6,,6&;D(])gjUt1nD(_6IN&0F*V?=A9hn_Y2PUF>&d[4Lf?D34p&e>dRR_ila?"D(Gl0XK]*"Yu_m +%U+ckqU?YR%;.@&=P6YZM:m;7LFOt8i+F\U9O2KHCpfsdp((1G<%<B9D9Y56f(]s/eP(EX)70>^r9qZ=<7U;nsa=fbB^nmV-q-];7 +%"9]'d-3sl.:G@qR5QC0'M[2a#+q-T-LjY#Cnle@/J>c1Ak0D&(5U@s,'Tj)DjAdI'R_Vhf;No$O[7XCdngIDVCPeh9_*j\/XLo+e +%&0VSk6R7D`$P=8=/6HLPW[JM!,#+:_*9;jO#SA%C&0a(872-'fNTgI+b9f.n7uTg6Hpc3S\9s`79'4OsNjWVMlBe0g(fEcuV2Yj_ +%n<8m)P6H.d:<Bch;FOcU-LgEf/^VDG%X)9^.s7Yc;Jo""p@=eAXCC*,Q2W1CIVh<X2'+78Hc]uq_btL^pL"A[]$1r4A7JfsOF)86 +%hRo`Z0nBeB1%jdX-C'-SqBBLEs4i>LO4k+kPVpOf5(Nm(5n%kkU%9IKW$*l(:#R.%_0)SJ9K5VSl!l-*p:7>rDBE8['.e-/.1?++ +%j[E96M%Pa*Cc7:b\ioqUJu%RK1SFl)a8qG7UUl4T5"KP,cgYg/]$t-D\R!<?[,pR24G3*l64*^/(G(EI<?gl@pY7_+%":]:ZspXf +%0CQ=/Z*lW!N_p+Q_[458H;'+BcmLg2ou(:8Y(.;.a`YU[fW);5abeb=h5po=muh'aG!(I>Te<eTFWk!j^IRQ[?_e.qWuY!hq!uI? +%?[]?]D>4#.p;8gj%hH_X>Ir]3J%35SP2E?i[CuEYJ%b^PiVr]&naiq7F-"rTHu]o:bk@RVV7g46KE(]'I,SF5rT\U-5Q,B2qLI]- +%r!1)%KK;#F@Del:YJu',rk-5Mi@2t^JfXX,Js`03J"]btam\0CPgtcnmopD=K'NAl:uSuqW&oaF:Bo=0f=/fHa45Cc2[$)?*n*Dt +%SU>\-?T[gUK22^.Q[Bd65V?pH'MIKjmmp@@QR-3JrE[uTK_<q"0OU?RJ[rXRZCg\G:(+6ToI,2hTg'X:9Hu[tpU%U;1Y-l6_!JtO +%oajjIiHZp/^`al'=+G$J+r@'Z^(W7h1gR'R/lmU)JX>Zj$B7@)BC6iQTR>'H1`]%UXh7T_n7=Jj(fE@&9rXF8-8-NHa\':5JRBg9 +%I[B]S%7@)g:=\Bk]usUf0B&%M@0YW+E.V,dP>Y35L."R_.TM\pj>@umTj\MQ,Jq@mNc;q'[18,W(/DR3BiE]cgI"&2DFnr6nCfJ. +%A4qtCaGL=9NXi0/q\kM^C4YJ5r^gLs^(&[OUc3`q$<P\MBZtIX:Z+WP;a3.ufac[!geul?VGLs%mC&du0X!@1iu<=:`,43DD3"57 +%@s6>3Vo+D=kUs(5TE>p*JAB8A.#T>NT`[Nr\JnfS64Z@qh+0fhA#R53%?Dn@+S;&i]bqtN/-DRN"g9!S#ji>`%bl]q2p=PFhuJ.* +%J:MLc8M18OHp8qJ`_V'`%#O<^#bDL@&AUG.TE(a?h*-BV!.IGmA,^f`KK0VeRuZ6BNY7)aGQ&Vc#%tZAoniN3jrV)lof,Wk:!;sd +%T[NM3U4YNMN7P6\n1C>Uf20X-?Ak36+U6,>H*h/=)4GFlgUh"G8(:qrCRZ*1;.m*LqYRG`-QE0@04AlKJc^2Eb522U#"lfp%kLf_ +%?Y136635F>P5,G!!9IgEF9=-R\GYlTE%nR((nf/F_k(7o(Jl'sKHW%&f2&c,&2<St&g%92i,[4(NEK'q%/B\($"2C`4!UiN"Ukhd +%bs<`d[,OK*A1.TEqb__*"ub0rRJDEeDbF?pgW4pDRn&P6RWVDj,ZH8i)&Y0aW.d>80\>M2idlpF@(PQ0T?/`74f1="cKLMPQ]4.u +%O=)W6E`G%\DsHJ:8%>N,n>+3GLs5M]:#N`$(dG$c&2Q3<=r'4a3/F\\E:+uqP*6Z3[$7gd6W-q,<E4<jH"bQQi8B&D(rh$aH"9d) +%AU<30/9tO4l%VT*%A7"WmYR\@6W?c7&\)YCl0'Jbk\o5fh^[`fDKt$fc,V2p$HL7a9::`;Sd'ktOq)=3(U^0d7//o/]Op)sZCm\g +%S,ejL2,+Ac-bP]09"D)TcRUPi@!-/'GW&%WH+63c5]R@ZHHGM$%jgl'M7i<QklCitDbR5,3DW5Qpo.poRK`Wi*4g7(TWJ3,\QPF2 +%GQWI*Sf#'nPuoB*n$p?51AQ<!BMY[.IaGZi;D`Z=-2K$7J!Gre_0:0/jqS69r%+25f(_Ti<[`f#I4"IDgJmd<-pB.E0,;J"9O%3* +%)G'G+*c*6'?jb5Gapark"m@1)D^(/OjB'MW6%4C>K+Ym4l\'7XSkeP\:Rc*r@1J_YR$BZYe9>?@':P^hj&[q;ND6d-aqMO%95GQr +%np<(tH%I3:WlLkJ*V_a>"!qJf(6/o%%?H*(AG)/L]gTjBL%lCETKRt9EAp!1)Z(SfJ_frM@Fhn1;8C''2I].ld=s[jNR.ks9YX(3 +%+jdPYC>]REZZR8%UQ"XM*&+VV\HN+#P16E48VP!]kk,L[kOHWCn0H8W%lY_O(bkS#:'cF/)t@4t:a-:S<X#far1j\;:Kij"l'L>\ +%EOegb&_KWE"b(G>Ta$QX=s-@hGLUWAPh-MTKCd?"nebtmAjg^kHndlO5.!GFU!le$9jQN"6#t,k#?2Gc.N_i-3$;8Y!k.]7(6e7o +%WZpX>0IZuI#^H&;@2?m+Lcs5UfO>>p#!_9Ia.k2aXO7;H<tE=ZWqX;nK'Fe5JLLg?8EhY_"?7doiIj6SjNn)u,eSo+(3EIch2.*V +%3*tCNp"c6p!0RPpV`KED)]%H8dk(mLJHCF->&R3s1re]Kd\u7BX@Z3$Y"+!DQH]D3#,oS\!RGt2C>$^O"JF7rJ5b;J_qYk8a*n:B +%\<d8rTPa`dLTnMo6^9,0LsQ.>9#'FI<iLSYqVfWJrN@aIBB>I3/Sqt*1k"E)iYN+gr\KR%ocb>SBE['X!N9Ar:)2,kW5uX+'S],c +%&ZT`rNNWAh.Zc's$D8j5YM=no!Z59"U"p<@bk3L'St+t0&,M,?'?E?*Gn0BtjL$dj7C4r2F@Wn'rL3Wc30D6hHA:nGPC/a>*Jg05 +%FWc)Nh9Yj;HtFWRCbW[g3JmmX1r*UPCA^4ufKd+a<:\qW(7')@pl9S"](\.f0Pk^ALu-)";GBcL*i@Y%l-KaM#Q$TM2DE`S_q?2` +%N6ncI[tCP;?8Z,";ZI=hn\_n7,OFjYaqje&7Yo,K_h[eME`p^k9Z)9S6+n<R%4"N]B0[S*k/k'/33AktqZq9KenM>le%r1t!hbRL +%CC22'Q%l[tk2VuZ'Jg9U5YV:GZ_?Z4.)b(n`+1PX!N^GGUPWJ4!7m\K/$#7FCWIkBMub%ZAc;^"&8[Ke6c499>in'B#j^;ch\/LM +%I-H&h$m]j4D/7ks*glsa/V=n7LE#0U$']b-ZNNl&_&8o!S'QUC3,?71V?8rdK2k`_#4ct.EYBksIL;<E2\Wje?Il+dl6289(=BtL +%j$ZuLp^a*n$$S@4n?Hgt;9p1LiP))[492,Y%gm]]B*W)LRWb@!<@ND:*8OT3IT+M*\-[fm9L`IlKW?[):g^[;+>9fWC20W2?oh$d +%+FjrqdL>CQ)"L/Y66IUZJhoGqTt1:`/^Wcd%Q`l#2'F#nL,_R7bP)DfFS(p*T%A,D^8#M\!218MY8KZ;b4cI949Gb0!1c/9VKn7( +%`*1Y"%=mRZJ=f)?Uo58`ciBL6i..C">VTX&%f(sfYso"EEJd#]EKr6l6Ik#O`'>Nu#bZ.(:^.QH#(SQ&,9C<L(-<@@:X#aa+[Yo3 +%Uh0bi1m\5a)L?PpgO]DcJ-W6;nY(uEh=)cH`IlES6kDo)4JU?S%DuS(1^Z]e+AIZo!$`0rIUl-G4ddS%TdgmR(aeOU*2"t/Z31m9 +%'9Nsuh6pC&6a1(U1HPTN#"^8jj/usQD3PBLs.1!*?Aj\P*^FtsICO3`Hi&0>Zej0R%3mQWUI%)>(N3fCnF4)&6@06Bp'H*np,Xqt +%iSfF(9>`,toe`rT%q)\1<<*q,Ekq,EHR=MS"?"7XL(PsUi44:P'6h@,\E+sFd$i_]9FlB8inV"a\7Z?^*I&9<RE$b6rf_]5Qa\59 +%L7t"=7$N*1E8P^hN:TNN1'f;k0Nc!.]MA`&\.hSejG@tHmKknGC0I8B[*dLNN`8<#Pd(]d#XjNCgI^4@0"nD7)`'U4Pf+[G?A7>2 +%95-)0cRlE!%Q&\Jjg!SrHuPJuAUR:MZ>e^J;&^oeRP%.H)1r`Un\EVh]5\i!gph2LeRgo8#!Ogp-<'\!g'n,Y[!e#$s1)Q\Z3@+g +%NDtJ-V*N54_,rjp3RhUX7(E$4QJ<0tWG4a*!;MA'ei+U8"lgOk1*O_%6>7cBJ5?Ir@M>@7XMTB9?j)(-I7#M5[.)[\>X^RUkRO## +%HJr3L87!V,)N.#M=j`n<LCO<"BaN]B9M79E"f-I;GS^_bXH=BOLAqo#'mbf>PH-^7!k;1Z%7/cDZm/"Z>VNl-&W,1$h(suo34pB` +%EMOVu4`3&MKUaXhSMH,DLg_^%C>/9JqRYd2"/`lL<$_j0\f_h(N'P=CQ9"LO=:Lr^bb"<_Gro'g[mPIa$[PWD=rXUi-NOhuj.Y^, +%[SpS+#aH<)155h/%Hec;fHVU5?4dJ;%&A%bqcLndH(+">cNcm`a><tZ6n?8_#[#&>/Lc3f-Hdk+G?H?=cDj?AmWL!"4YN0gcG6=; +%5kNYc%L^_$.O]S@XZ-fj-3m#EBMBcI4[9SMDus3$a`jD?G(cfsViAb82n4C,M'nEm!8f#c@#kZ#>"]mg`G3#0n&SC\PQ[C[K[]ZP +%\WiZn<0Ncjd=D?%XF?ZK:BHQ5L+WQR4F+0Ie]'^Ao+dcH$A"St=;?o%bQcjcmPkeoMEi(oO1lXoZ/ZK&W,ij7#[jRAB;t/^fI2b: +%,-m2qo+4oQL@0$n;H&m9FKi&ieRNG6C_O5*MAAD'/d-'I@RHf=e<=F(_u.]f/^`TB/"X?c\t"dY.G&36q.%[MD[:8kVZmEJX?!A> +%%MPT@HsL6I@A"@AMed^]9FY!,LGclr$Z>,KFWrr=bL7#ub2il*QA]J\h9:`g3.anm0;>'^bDD,f8.8n^cmpAZ%m5C$hMgKObBWY4 +%CFHb)?ch=u#<d%n7A:WF8VR[HJR9XK&Bt0DZS+h3jB.^1_7p()0Md('BX"."">jer3<,d,jq/I_Y7Q13+KI;u_Tb#De5UL$dkHsk +%[K5D.1,'EB.e->>3286/WH^XW`l\D%AuKE@NL#:nV87]nQ.uL@E<L6d\?PeMB/YF$rgZNtE7TnhnZ`237_]AqD6X"b0_5c$O)I8g +%5J)@k[Jp]+.35lqOWe[f!87b&^^u=eD2;>+#Yl7WJ!,b&2Y(@6RMQ8k#%4,E<E9G&@fSuXTDp5hfX[7ESl8M[?2828?1nS])i>Df +%[QS86lh>>4N9G+H5*.=Jdfcnf_4goP&fR!hciWRcA`Eu*]d=>rUrHe`GopIP]qg$C#ClLMqj;t(#IM)%RNZ7g>%%b_.LW/k_?OH/ +%gB?%p,ug<lhe'g>c=W4Lalg0&KF#pU?,<$G6Tdm2.eN^&6ss4c[G;]QFI1Tm6U<QbiE.Zi?[VjLcj[9FbV4E:hZSJnq83X)WEm7< +%+D_2$r*ort@9\:;);%si`0pML:B7ac@6j`[\=d0idtEl<6\Xha:u9?0WL6$K4@f$%^)gG3S-K*F'/mhRmd28U^rI.qZR5r-$_Z2! +%liJiSVoTKe$<F`'*<^inVP)Z4:t"<4M?.>jPX"Z533]2t&_''G4PZJ(O"D2Xc7[bb7L4=a7q#6HU0-<5:j]SZaVNcDH5/s]X>"ET +%oK_14KY4d_0PX2-'*RG&Q69N<c:6=<@>R1/ef,Pb+<]7K2n%3:Rl&32A:G#O7dFIg[QJsH0`g4#?=PrQF!KuUl%pN)2k;Gs=@*=$ +%&AB9[**kN)1hMiWjd.^8NL97o7K@t)+!A8reqL,-30;krb#<7![\+_"it4q-:I1Lf$dRi$_M*uDIb&)kci@';k(Y&5$-sSXWK5FU +%^l5j5-5?b'I<e]:(2R3arT5/j[R_OMq:NPi?!DTW?\\222Z>fuJidBN(W&Fs0[/iW6A6#boggSW]sr^uJM!UA?sD^O1Fue90Eq/" +%88`CJ%Z?4H.9[+KJsRV2$@^<66SP5-3BS_?69a^rS$@n&^26.PQ!On\Tgh!/183b64T9CmDhHuoKD[q-_mITIHmlcGp#A>J*Rlfc +%Q]bku7g"8k0ZNft!!,KhU2:)g=Q=ISXfY<K'+T-tX:s*.BoM/kFI48T.7JhM#2Fk#3C)6s0a@Rg)iu"ppGuo&:]nNZr`R89*n/;? +%Qb4NtD:fAqKIo[HQI&3$iDU=P-)KO=38imWTGYDSESrb.64R!mmce3i`o@0[CD'&KnsVH@e]Mm1+Skpi`b/.GUk.RD3=2<g(T)jp +%0bsRFbZgbGU\jUm#5OT?]a\^@&)(Z066b,#oHhnX7RSU^"aBC#Xq7E!7,Ys0.@WYoA6j^ZQic4%D+H5O2=M8$e)Y+11'fkV0E%8n +%[h@LEd1Q!Ja,ShE4]tBAO"<Bl*?k#>+BbT1$sDS:5]6a+8G=k7S)F,7'pdd?#tn5+X"RI;5*d>fQ?&Wr.Uc3G0:ssQo/7j8VEjq] +%SjAYU:d0X7IHY'0r4$$"Q6<:GG=3>#N_-676AH.TB:FMC)m;)klUD8UL*7Pt011%)T8qnNpLi,HOde+^n8rCjPfhH@if=YfmBhSM +%cZt3X,H6q$Ysldk+d7@@Tlt<T;/h/<WT5`:iP?W-0W:IDkkToHINk'9^e"uM_fD0+X%l`"Te2^Un5bl)^.39$Km`837r'S&:&&6t +%-k?8>GUeI;g/q*@`UZ8uF9`mdE5N(d^\<mtVG0?Qp`<%__\@JFlXn+6`g*fm4ENbCN`2@BBKAPRfs!1RG`&F;@EjbkA]hdH)%I`" +%o#8JKFh>*.&`$.NYn9<"\QNE4-QaD_11'6`q8'a\*_*5)9Kp*Y#R]M$*_ANq/9%_F]k)^X]e:c\<Feh*?X/Fj1f#/W\(se?FE&fj +%r8c;F*WVK>lrmu?,8T92.OL.PRiT+k*p@Z%D\Ecmj$Z'[XF\0C=jtAUL>.0s[l2:uci9(e5sNOb3.Shbq(o>drH]gU3ia]7VDhk, +%_ijj/*a,32+l:atC=7&dp`h(F+O\Dnb"'Bs3Pk6P?X?lq`ReRFjn9_M[<tb_!Vd'i(DFM<*VUEQhfC:a""Wo0?#Iu!J#Ak+Hs-$d +%GI\;JB-FX(V$&c8a]lSY'J:^TMeGl(+e/WgHYj>sbXAX@=m,-%@uVTY?Y;74Q'G."s4LY&/53hslsaP'^OmQ\I,30D=dTE%b>91& +%P06Z,JD]d)e.JZ[V@5``1i_el*TD+.r%0s\L_>f;$>5<gkGV+'I^^+-dM@b=MR,!>%e]c9`FHN;`@mRZDg`Su2BtF5C%//e%^#IE +%8m>q#(u1tH9obEVb.&HQ,+asYCM0f)`\h%m0-O;&7DTRN/(IjH%4,?AlV(S*gJT;$hA?,#r!#=br^sErZ`8Q*7oM$Z@.<]$#ZD;a +%T)#==&Zq5]#fUcU`jb_<9hD+*%%F]U0UaLH(s;!72M4Y4+`"raI-*4*FZ3&#Bu#0Tl>8S29GC?DAq]&fE;19p0NSGZ-_E,/1VfIa +%0TX[[9qm76!Oq[S_8L;4`=)&3fkHCE4X"P^K?Js+bSr*i,I2!7)!>dhnG(@rn%TFm/kV$X&6rh3N>D_7@q<`L9`eUB<rJ:O#P=hi +%-(_pQ%5'Rea.0BE#4p0`,HQf^`\&(,<LMAi`Lc6I2I+)/cXqIt2XP?Zrd2p_>!`]R=lq_#P"]X;D=ur79dR//,7OL[Y2DO\B2h@b +%j)8Ra(?b$o:RM`d.G5nEo<H52ok7;JQfMWhO:o_la*b,4nTg?.;4AiX8r+Vu'X.89/28A^5*us5To.>+Bo=Y75XtS2A,9uK-WGUD +%B:`6:jF<OJ.P\&02:Cm7F\E#RdNfkk4jCHAYNbgBGK*jhbpj3u;U0q,<ibPP42eVE'U"CGd:3'(Fp8L/Rg5^+RY&`c%\ILaQ#SDZ +%T0S>f.2W(`R)/SH=S52qTg92>Z?k?d"REY_8Y\u8,r0=YdDl(2Zoald+asFCJMg7#;FZCJdW)A(K#W]T.Ep77&ST7mPD>C/Aft;1 +%gnd]UT6WhfGG@PChSS*O[gDm!q)e0*nAa2)/B)F-,kr$(+fu81jCY8:jrHQ)!atMAA=YEJkPTVqM>8U'S'W,J;J3:ur$qadm%RD\ +%N[_@G&2ulg!Ej4XM>+!jdPpI%>_YiPj\LDRhJ_)X4k"uR"F?!MIUb4UIE&a<*k*<AT9BN!Q:g%dSUr[LP4`41%81J$2\d^c1a8iV +%!(./O&'Nhlj2W\p?3'2&4GR\=R?>XUa):NUOh0kq#C&_HD#65EO;:?.e$mW#AJug\bco@'Td6#%[N(E?EqJqTfL*W7Xi^aFParo5 +%*!'Q$"-N%51jI4TI$8feF\DQe%6m-G4^=&&$\9$7hr8@/!uIP"+779B?G.k5i=o7f'A+EuVSTN3'Gl"bqjL!=M)VY=rmoo,\*<ZB +%O\)aHf@(L&CWo;6O8CrtR;#en3[?*<3?MO\#G,B1G*$4_NA?1g^]`b.h7RWe+_GFDF&3T1UPqeUAJ.pp#tg%167[CPGeJ^p)f?M1 +%]Yq<KkmtPdo%#oZJoEhI22nF$3R>1E:67T8_f.5\Tf="1\$Wj(Qo/Z6*$I+mKo"L\j%!Gi=h(OK_1,7uhIbihF=R:(<qfXlp<8=: +%_.q#?#:Z41R:g'\Xt#3I"uVq+TpumqBGRMML9i(kVVOXhbl.m<I7U)a,oT#epb&s0g0cN(0=_VD_#U/kT7M'-iqfjZSeo>Ae_5/F +%;tH)T+R/8r`JSU('Vhpq2-FQ]1/ad(!jf&S>c(7Ea"mj<_Zac+1btm0fg4+nJ$J<V6@MPknuj:cMW_u21,![-WiraWnKKn7\Mt\K +%2amBI$@"a47nmc((O@=^5V2Rj,W`cbBF"M8<'Mgt+V"^p]?M\>@H!H#iK/oE7CIib]&*t/-Se.25uG4G22gau/Ode1fhYk"f<sBO +%q(Uo<_s:@h8iY:8p6!Iq,GmeOhGhMV(R&0(nT.0fIm7Z?F.o5::cqi+)u1?`ajH32"7jK260K$XhS<t=DhI!l,s@0>f=#Vc&QN?9 +%aFnql(47`\Lng6/EgBVOFDi"%3V.f@,P4gBkGGJS]*Joamg$nDbj.<&UE8d*A&"IRhV[<q]_$!L*b%HHa^UJ`/ki(gE>3(^G?#/f +%JE%u#AO0/$hV0%.GJi9LjN#J&m>6g\#LgBg&DE@/9M`$6L+59)8s##!>&'5\l)OT$%n0)\$`;'-2Xfg&;R(G>UkE"X:'g"('>k1Z +%G.M;c0--!n0Q>PVV+I%D`r:Sq&aor\k'c(L4OLJRb4-)q9?*=.BBVFA];K22.nVZuH'u(_Q1aGBbaI&o45AgMq6s;i!l#TG2BtHK +%f4@&r1O:]e7MHIN+6iYeK";Ye,+]@k(7eN1FL\LY3sdSP`iE7<ik-ORgq9MG#_`!5%RacA7qlTaOMQF1m0(JD8;[VV5"!,sKVHkr +%M:]ZEbNZUaR5*?k&]%+2bbU!Y?$3r$fuC7tiZVQ5bt]Tko+@*re"qj6[c_ZP@qQ$%33!QTm!>._+1(lM-Lee?@%UL3Oq\P_8)dZb +%e+/[`N%>_5PY^/+&Q,Q;8"`9TX(pq!dk?Dh91I!eVJWKJg9d'V'D'SAmG8O\@rW0FUPoO7P=I]9::q[OT2_s2.0dYC"#7so%UYAY +%-BoTI?si#;i>59ORG"$@Vgb60QFqe..5DZ[TbQn60<<s,j1eP3Gk`\?jR&dh5iH)V0L6X,jJR3hja_Y$lo,ZWdnjMU+pFi69R5YB +%UQ<Ja_5Jt8ZCZ_jB9mfe]#^B$[fua7s3H%ALgorH\r:BI%r]KAa=;IpWC[$5O=E.g/X(hd&jGV&kc/o`<>BikeWRFp\l:)[KN^6. +%X@.a-nQ=nA%7Kp-ZFAoF^Jm@$'>XVfh[0L^qI/"0c;Du."Tpn]rkX;nAFnI#9=]8>.IW3e+I%8pH,3TUE,b,UCh&sfA.`V]liNfG +%UiqgJTP5D.j2GqZStCoL;j)t7"YJ`9N2e8Y>L@5@SP-Po+XINh!hpti-.`;F)2C-qOq95eRuYm+;arcLc.f07qg=IYFQ=?_]EC<p +%.fXW61rZDMTDA0IDo;R@9`@qI"*;#-WGjQZKpU&p\V2Rf,LOsM5]h%U##>'V(m;R69]Ku\j_VAEa<F+/)#%"\juMjf)?c8J6,Ajc +%N@I''nM4C@]&2t*)tgrkbWe`44H=Zl"l:)K'dl-'a_1jLeJdoAHH:[;]fA9HR,[/E!,h]am6_ptf:\ORqB!$8Z8$$:p15EHfoC]# +%#B,fj4+4jAD;7A:Up3FWbQ6N%r,E1W$Q5P*XsA1*f&`<;9=rCb"&PF(g8FqlC(7Tp(dE3lc:,H[%!mbAj#LeMqI@kRFHg;E>Uc\k +%E50eMroNNcaIf(\^GqH97tt\q#@W^87p,)h%s>.[PW[]8#qR,(r%<=Jk_<!D0rmFU<Z/dQ2WsurCq@/a_p2J8RYG\$A,^%KIF(sC +%VAciuCI,_Jr,((NjB#b\b5-5!o7-XrPP^KCqj,W`41_`d3_=;IL(FfV[4u?]V6c(4dAG/tmW'*[LQ/OGrAna9m4iE(qUeEsg^#LU +%>9;1UnTb)gW.3*%ZCTb9RJ1TXgrC7p,Ao^$8p`4dIB]<r1kX:J1iI/D2J_TWS$/;a%NmVLE?6E!6utSI^4_`2Tm'P$nC->+B<aH$ +%#Ks:q\;gIMPTfa7,@s(0BkGlU+iZW;XoeC'BpKb`)#JF@l#FOd%bD3b[&(6fWFjW(Z7EmGI31NElhAc(4OY.YRW>]bV_ftG]A*SX +%q/l\HU&UXP.qSqD0nsQD[s(#o`9bbtSn+k3ETl3NBOoVLhI+`WL+XYPq"MFBcn;G^/%]XSL7VDZGn-B*ruf'aIQ8K9'XeTLq%\QR +%rAoJ`d!s8k_'`t[^8cE2s7ZHdY:KWm:T*KG(jDP96D\b,GW+"%35Yd_i__q,Q93JhoVZ9*CZ+N?[%)[XAb]cnXE<F!DH^lEm/IJm +%B)gukDoe`HF&"\Po\1[B*<Z%]=i;W%".PA_(0$TGb?.:I3i^5Keq9n,(P;M7:6It>p_e?cDo?_T7&\,@<=mBJh8\PP-&D8ek`,Ld +%qqJ?):@)BC0G+?KFIL7.:!LVC"5#BbcEH77j%f$:AVj_._K(CeP-L400A3MP])Vk?lhra0WfZh!i*C&h(q=lWZI:/e>\'Y#X-HM1 +%)8L+Q5A*f3F2WMSmF'nNI4_.##2p#%dTi72[BcZm?t8;BpGbO4V'pu3";P/+VA!6h39/c?kA$(9":jJ%2S&1GK@gs*ANN&RZA+k/ +%^Yf&Lnt/hq,c]*men"@JgIm*o/`M2G=_4(5etarGj04D^W9*(XZ]9^OEaWNYZ\V%Sk^\JO2aK157pa^]rJ,lia,ZuYh.>?k%7X[t +%?f1lAo)G!j^a;[m:p"JVQ*DQjeO4LE.p#)Zg]p"%Jf[P.`e\DS\KN8CF;df&,HeE.OLmJFT0jra,).Z,#-`L0Ce(Q2o&)6H`7O=i +%7iW$!oD02J#:=Af%@6_.B4+R3\`oN2[F3L0LFWUa<6B7?;Yid\'ST)eI1?1D?m^o+/b<0D@2FMe(3Be$OZZt?23Ml-+["T*I"Zt< +%9*#DqLjZG-W9LN\-.<S/omTQWP78L[/M:9_hT(o8iEb<G$9`02^'7Z'M29!q#m+"<\,G&7DttFhkOSAc-(;^D9WIERQ%;=9\FT1U +%JJa`/9?83DQ(k/\UVd*A>uLNPLq\uOmQFGK*aH8NU!MZf`DoM@BG)4@SK@QP_tOEmTLGeGbA*qEQB_eca%FrX5f-.e<HspN-1o#s +%OhY]XVB1(AYUU$*M70hSDIX1$S-b7M*QhW,E_X")0k('+`HO9nd*F!E9!ELjnm'BmO17&$NhL&BEV"i.a(F(GNJuN<?4Dl]e,qA4 +%]34\5Xf88h27+X[k<Hh1@tU0l&APm>CX<_=/1a!K>E$XBj#V36SdJR:%6Pa)iit-d]AA&RO;bSSm#,?g7h"GW]VYLB!M;0ZY$C[K +%F9&hF\Lp>fJ3MhVO*>sV+@72Fk\Luo1D2Z@;P=8l:TsN2Fu&jo(^$:&o_%Qs`^OPK(*GF.?kNU4T[/OBK**((`kM_d<"+_:mA4]@ +%0ipJEnhh2<$_XgPKI:o$NYs\G:_Fq)r"lY\`3sRnO0E^_W3jVPB6U3F+aY$s"/)]+[k!4!-EHt]h@pag&%e4A:?PY4kEiZ*NGU,e +%(esb@737>!o'#eqZ[l\$aCKoR1-h8jk#ItqVFTlL0FH)kVc\sa^h[o]cFsKq?pkE`r\HUKPmI27a4D^OjR'1adF-R>b(lp/We$>C +%:[T6&P6^[V?%3=o+o4WRph37?]H0CN,eHB-9sUd(%.5GKHlH;las-E=/-O69]HiQ)HjdK@9]5(oeeo[B6EC2LhtM51%uhLXE$"Fl +%+##.p-"[Jr-E##.I-(NcK:Xk]o[c2\jO:cu0g*=\d?NK3O)TTnf.[Eop7VdEl+i)X$J551mlrVc=BkqWZ7K%blrH@uoM4'AGP+3L +%St*lU#<E?_RDq"Fm.WBO-D@+M+/+t+bC%(;k%ddY0iRE$5r,f:Q@t[`EAO4$g0,cFZ:]DtME+Q<72\?qMT^rL/%b2+iBW>T/,9,_ +%?WE/.Uji\,i1SQum?cFP?"-=*?_m1V,LMF?`Lc)J8g.L\k82kYVeSnIk(dY+@sFejaMKs;)W:lI<?jW;U;H]Wk_ekB0fo/r',1L8 +%^Zk`\YKPIm.YfggY*Y@@5_0PBA')BE"<bQ3.p\o[VK2aW4NC$/Z384.c/"mAptUh')PS:jX)-no)I94!(KimJZI$4NK,3bOOtWiM +%p`6k35EFkhbK4BNmlKMj.UBoOdLdp<<`[R3(8)eT+mPnpiaTQQFe&?\R!A+M%4\>?q4q_U^-U5^\:,L&ppQ2d9Mn_a,hEL#.#_KW +%;nH$]h1rZjg;1)ZA5$[#Ma+5Mae5geFa9Pa*nfmtXra4iBtDG=IV+O*%dI9ghK46(].SR"M&<R&?aG(gE6'V+jXF<JWp(YX-#plI +%0AopU$5bu2>h@$;h_od`Y=2Ku'>I@rX0`P>#KT\qe-R)'!m;Y[mAfN/9e2P#VRq\A;W'I!)91Gq9+]V;Sa56*-=_h#W0*;UEJ6Qf +%FM]/c`T!hb+Kf2jXlT<A+<Cn@@u/<^6&1bF<g]@uM/L@[M=?\nqjm6q!<o9arJ\oJ7"j)$9>)nc(VuGh>*rseddI88(ELb!n3]N= +%&RrmU")]NZc32NQ!fJFp@.aqEX88Lu[7@T@#@8@na@X7cbb']\;DkL4_n[A#:)Cl_Ic1=5o64K)_2KstV!dhFPe;7_#Y@H<$Z8M@ +%%qbD+_ub'lZBHFi6PqC#)CI,^g<IN9Dl_5R-Pp_D5uH97GU,uGF(Km"K%l%9AUoCGcKJU(/QO:8-8GZP_;To(BG.'f16R18jutie +%<qo%DT_#ImijDVNDC@uj3MSjdU`O2WbJliP;VCNWa'i@1B>Ps-:!nq`W*mK9:\*EgY=8UM<GqsmnM_cFIm6;,KFLuodQK/SWn_IZ +%YC0oVCGm#q,OU%mFEpcX;p7BP2t":0TiGL4$<)K;">S73\\E%Or;f0jTZrL><eCG+,ipqgd]UBN#Z^_nVK8QV70bm_%DM$WfYAd> +%A0[&AggY`PekSgOTVu6#YB*Pg2Q$V*5]F)$1q)-@*i=6f=@Z#!-c6QM6!9T1&6P)dI!i*JSG8"2q4X*Y^jZb==.>bR/L!-+ndPVc +%9[!ou3.7O?VE0ZeNO^V-QSM'hk`%M"ghKHs!`hj22aQX]0m("=Gd7Gd$4AY2b:jh^Y]UVF/j%aQ`GXG^U]`S0_.Lm[+CBCmU&)Z+ +%YA3i$,R-Z6jVd2LS-K.Z.RkV)QpuU)OFA,GS$Y6Ua:d)^0k(:-IEp9:UAY_S`U'G"#_A(:DNo4d8TJU6""nY^H0lU&,npL5L!DO- +%.p]k';nakYVYeU&<.c$)Gp/Z<Q\i>?C#>o4SErnc%tH0Ii$BY<*)/@-/@BphN:dr=:inMtUf')\`YTunL,^[`H,Q;Dk/LP="IG*0 +%YJm>JDk!gGX])4I`8h\Ckp]'a6kNo4gE<uD3JNp_M]*l@[.d(.73!djXk[o\J7*-MRT#%Vl%R=%FPhq"^eXb(Mcp#CQR@6O9d=*- +%/3L<3*0MH38MVYrO9f)?Yen:_Dh/5V:kgZP+Y+4`$/@%Sndr4Q&r9qQm>m5VDTuK+.H'-_(iF%",a;>3]8$opdS:K@FCih7C+kXl +%$\H&M_n_d;eg<u-!hbrR&<(J<>QFU87R^9$Y>HUuFCr51R@'=d))R"lmqPprheK/;<U!I#@d>:-!l+-p(Aq"*&h<I5&QbN@Y&.GK +%nM9&^K?NQOWLD*ZL_&`-'>K9#bYXXJ^d)?e;&;f3,dK6`fcnZk085!EOc&7mE`0t)O#%_jft;C53,;AG/cF$L'PCEBA0Oi<YUW%! +%J6=1H)>TgWEE*$+-8nXb@+GBJSFlQI`d.rt#j=t+S8:mQE5I'3XtIF[Z&4*"cUT1`1!/cPOCpLT,`>sOPnMO2!&1>o6u?A1hn`D< +%(n+aH?M0t>LiS#XQ5C\`rlYWkfbIs1\4?5JB,A^p9eKNh,LY5=NsD:%E?FPoP"LTf\+T$l[1?/t!_'Y-o9:_P>3miBUUoMTUff+D +%M:.X'$X!"LES1rNJ=\+^3Rk"q:U?Go.E+'4&jU1u1F53*m^$faJZZX$p=[>H"2U%t.HkOFW@Kisb7G$NT3ksmH;K(A9_8IO*_T/L +%(?#UoQ"ojLCuEI%V'Cn_IQQ@Q2RM37X7U4dAlt#r>g_F5HOD*uJh?MC.Od!bQDZZ;5pARJA(ZmbY].T)!Td^0aQ;GC5l]lO":!Ea +%m_'>e+QIF@mq=*$;M^R,8e;*IA?rLSaKpsd7n_@f/PW$>8ntF]ZHK_-<)(@DKK*KtR+''?.K-L@;!M=EArK=B&$@qAU(ha+4tZFC +%YC`!=p#^-T/jAlk(6`h=a6ctsrC2)V=hIK6G#)ohfo505(c4#TC`tCYpm?3gF0%'NOegk9lL?/.'>=;kpBPQ]_\sob#[[Z:^7YAh +%rZ<'GAn!NR@VleN+Q,#K>Bk)>Qj6h4H/=P)>Rl=.R%U1=WP0#oY<L2'(*$9'[7uJ&9QC(]M1DW-\a=jR;6]`'1Ml/]!-GL4/0l8U +%>*-`>I$]2"dEZPr&H,oHR]-%;j;#2)VH@7tD3J74T@Y6\N2DY\B&,X?C^*u#kUu`L\en'cf3@DZ@n<-$8b:GMY4@b9B1[*;.++]Z +%(g*^?JJ82YWoa4CODJ_K\pPZa>o\k+#=ZV1LQ2<S^/KHE1cY`2'Nqq;LnRuI#"JiWZlVo*fHg0TOXVeq7216=Q,Srl>=/JKU)l#[ +%o-Bu(oI4p<4%To4"ClrHe5@>@b6B1X**e*Bf9:h=Wig,8EmdN4SfUmYGt*@J..M;/Zt!"B%KfF_3f]P/,#e."3MJpm09>RA'Vc,# +%A[[I4Xbe/B(4M/pWp\r+hOosY=@">;eYF8D&U,$b<^JJlg#n@U[@;`Ka_"!r/ul$Anktno)JJ4*PL*1soCHEUX%ml.R4KW;5YhjV +%"/iHV\jY@@kfpJM[>U$0rY72kcb[=h010)Y\F1KJ>M+c"/a5>(`D!oAhPTV\<g#3JgUM5X0&_,b2,/nJ.:W2o#,`WP$ibNU@fSL) +%-"^`^B9k"+odTQLROZMFS6IT#d.RL!I4T5;aP#MV"f9'mojJe*n[Wb[eK-0VA@]q)\DLnV+^$'CVS][Yp+i8F/,LVBq`I8U<Ac:J +%^pdea`"H3`f54#\7s2GM4e1X9?>YjKKn'GZQGF17[WWY2:uak<Egb=tp0t5Agr_WE2Zm3tZ,O]1RSl_M<a)@MBI!<Gh.g,?"@bsK +%h/h@i;nnQA>&'=7=*PQ5S(j7jjPo5&D_XLqCbR@7JDH^JWi^nn4*M+g!a)Zl%hJb:nZ`56NM2W\.h*%0`4*^r:X\(n@kb&m(_LNe +%MGffIcr#B*"e%>L#,=ck%Ftt2!X2Pg$k_M07(?9]q&]:2<,P,d[hBLC:/)7bdgetePjsp+'hFZb>?R"n[#dfl-,Fo:<>\Tj,;3aj +%:2IA]ZkPk9lu<`K<tTBWg1Z;UQC6`K.5jQ/H6<ZOg'D.Je4Hp>TcfDj+dcfK1Wum,gP@g"4!30)fEPm7`5;?lo%TB[[+2T6;-D0Q +%>;`a[+qfNuLY-X*+Ghukd6MMW)DDl7co0QFZ$Q5SOH+1s6Xid[&/Y)W!aUY[@VUK0U+Np7_cAnQZDCa1\`C.C&K?As+utY3=tmHI +%GugCi]fS&sT*'P->/aFa/gnc_Kp<@t<tUugpe4(LW,W<4ZAVTZgK^PnWmf]//O30pMr"2,j=!c)K/JOuD2>bA[,>=SL6`gn$bHH> +%@QSQW6)t,r]7tb_dRIHPN/'Q05U/XNb>P\#"ZD!R'5,h)ki\Vrk"$q9fH+"8YZ@QU8GH+qE+pQE(:Iu'5*LD]p_OMjFatjm`&kn9 +%Q^tK8k"5a1D3qE2,T<+r>p4&GZH3&4h#]W,aQ]e+e#OeVP\*uTTXeZ/(/Oh1&=[,1((Mtr#?kM6Pa*dOr\EcJa\GB;1(D"K0,2up +%Zk%;,MY#>d$aZ^q+b+a+JA%>MQ@rncZ"p(.1$(H3LFuL.jLDRA3_eGnb=,M]MU;`D])6@rG`fpg;nndag`4J36TV3&S!iTt[US4i +%;!QOWXt_[c<(a';%Jb/+&ruT6C8Bb=_HPLp.#9_&&pT$3>0TeE[Us$WKfPJ4,cde*/l!8"<cR-9V8\8lHHX>$9'6Xu0^-5(gSSdg +%J5`d.29S/j,eK0."=b$]=L5%;8u1GMN5[,IZQa''4AaJF:Z\:AK79;?XO:*:_.2SB=`'(g0\qX#(H2e\,esuD<`D39hOqi)4s]dA +%4LO-Q#?Rm!77)%Y*`3Jj$I>rfC'kY-gm3>,'a1t>&(W:rDU.mba8cHfZdC'81G5M+l'*$h%d-dW.m3Bo,CZ1KX<Q+^d0jYi>=t/O +%eBC.8!(ZJ63Z:^:$&MIKG"bPjG9skE;qh_,>)"$Ejj[A:J/OAUA59C/-YX>Hd^%6"/!ben+TUecM>N\Y[L/nu6!'?9;_51BlL3b> +%i&I3D4Ci(IS>`g9%7*;@kC?ne!3>/k\MD<1;GfEH3t*!&nmO,$1i4[9bTO5tl%5NaARocF-i'Cq(:BjW70pV)<1Y3;M'=)_Gas65 +%53<b"4^`DLLZ1FgM69boR[&SB_ZCKkq?ldVkRJqPgj+7n4/h:DYf?9_`30i"<SSpOKX>bO.:`c^ZpOa,#KSY$'f`mC.3A*=fATFg +%Pj@"g^kL2Td9l&^^p-9A'&M`V-ZIu%`[;:GVtqXI4?WH$E]>?0i,?K$E.OZCSAZ:>8#f=NmDQKX7j;'m@ZnNDLC#,tU6a<\J7#56 +%5h=T_HS,?W@\D9"79WF5:6m=2:8eqDhuM\138cM+^`#q(2A<M#fN_8NEl2dWVqErk&=S<BL$q>2&T0"Q\HADmGo%d'_>NuZ`DHI8 +%Olpa$2FP<\W*+&MN?\.KQ^0(-/<?tB<V%4$Mp,;u4[[FY@3cPFE;5!0Qcc4aV1+"-Co#%>Y`"PWa"hCF5gI1ni_;Gf@5t]Xj=_l@ +%Ig(C*Q,c/!-`_EG1dNhB_+=4QSP#i52oJVP8L<%:p=es)_JDkU;2fUAFA"3?lC3h8^Wf_D/e"e&$BRN'PQdJQnl":hX/R(<:]Asl +%a_bsi5ThjLPu2$3LDo?U;cM,U.[L8aIoQ5FirOAX2(+V2S)ZuMB#l8Ta<o[/oK],'-psm;!f@2QMBt\Pr!:YTAEAC)r]L2toui:/ +%61^XC?%Q0a`sq[>ckBj7d<(.V:Y$PKUa*4J8W/!8:P"n71uVcgUBAnE$:>9m(n@o83-S#:`%ur2_pO$%0Fmc)':NZ'^%Rgg+A+]3 +%5c!M"0PosRJes.@%[6El5)?d?h1/%(Nac21k@oIUWN0I\A&u(^E<'S`%c;*&(3c[oVs(Hp\1-[2;gj6a4gN<,o,s'JN&q(db&r*e +%#"Sf*`7,GV":4`:15`:Ub*_]m2u@(M&lJ!gll")nEl4Uh#oH9:%Tcl<\hMdUdqET!)f.MM@7F*K(p/VXpRK?b%1a,bc!jQI"lSi# +%D$-8fDUbbV(75Rc(mkqmNc%P6/=-iA:U1FVD)149REM;l:Z2f%_A^-Wm1aOP1u/u2M52U,;oP5l44rAd*K)g(l6IQ<f%CI)`t^ap +%aPrlU/L\7r#&@I_9OrmV$KU)JZLlCYpoe^@ckZ.>]t:od%7dLCS5HM?0D$KM$+$#:J?b0M_k(0Xe/;IL7sJMmq\R?goW/IVAB;0' +%*:u8;1J.M"XXePMQ`>Bj)K@U+j[<7Hm]q=D\Jh#u<0t4rHk&XZUZe-bp>^q/]h]$Kc#$=V:X@Dh[,m[a`d%a^'UFA=O.D-CY?Qa' +%3dGGg!B`3@:4hL4[iHd+&nRsYbe\>)JY9SJjeAW>i&m3fXns)N/-%pZX#LRDVS$tb%LuVOpEnTAdFlEdhr<cM-_-m=KJ6uID4Zoe +%NCdm1lI,m>P$M+>sZ\a:_,e"Va>Ft9j3l[[V-<Qf02E*#he3R962YL[P=\-Xi.cU:;,2H)JB&Q6!<q=]UlP,KsP$Qq:oq]biM +%9Aff??cXsD,ZgnT8q@Q@/dOcV2V]nJ:#Sb`:8":nVfT\:']EbV[tucpgj4u@4WBDFf$*^OHVr0/L+I44LT?%F)TM6].tLVnfu).` +%fGmJC,pFjq_:)(YNcd65,d!GX50ma`jk<ZPXRD)7ZRnI&0jOLtYT1s&hA'RD6Th'5RdAhh#ii+j7p_7k(\^'(.Sg_j9nGZe)./b& +%HekRZc,>%6hK@u?H$j'gA3&).VKkkUF;,\15-p6.#+&mpoea)%H5.utlcH67_uRs]jaA1ik.48Q#_uR$D*#6i3;L?4dPIpad**ab +%U[te-[2bhJMW(9']j>>"C=e(X1VZ)ns#))+eQP*0Ys2_6g8t^ba*h$"2u`4r;H1jrFqa!dKG8^T/ilKb:f-u*G9DHrF.l_r3r2^K +%,_;a0XuT#]T4bIh.NE-mZYE<k[]T6ACdp0<A0k#k>6#bpc)WVJjnRl9^i2aXdK%H&8N#:.W7=")n1m5ZII<csCg+KSPI1kS%[Sm9 +%7Q:CP)4e\WCo`8L,3aXT!oZ(+9n@,Sc`e^a%9+rbIB$0d>2bMg4)$^BGrX^-C5$Is,-pJ[[`R/.O's7Omb-If'OJ&Rj3Cu;3Ha\` +%5B1J,&oBCo."73TD5N8V$^K$QM[&i(?O*_W3\M&_/;_`9ZlMU\?l(C+q&#)ghlt$'((0=E_bhQe/"CZ7>Mr]>d('J#p"L][*%O_h +%I#>rb]?S@0DQ6+ACik;rh;G.<$s-(U6"1SW"g:N0FJgj5mUA%;LAs/KL=;gGf]pLn<9'j:ZP<:ZY:V_th'EDq.%Bt/>OMn2!_hA$ +%i%rTjh57B)CDhlq:J\!i@,`PkeB6J\/M.LEH,Xh1rNL"`,16p=TrtAb&`T#dF!`+>qN,KL:/JuJFB!5Aq?Hp;s4\e;Ho3IjZ.(OB +%].kB0]9(=8W2U3K/("f7g(l$8?J%7*:t-T\KpkoM!s%\b*LES=8iWL2`k:sumoMX2MI5-/E?V\.>/Tj5OT7aJ#u:tJJpkFHokAR^ +%oM"F@6ilT[#7S1>YrB8%*en*):BS7(WcdnF_U7XW\0?1<E(L+c6d?3X)0ZGE(J-<NW\3=>lQRh\q*a;tg?-L7`9,IUf2`\Tl.r+" +%O"DT%4lKugX=Z7T^tW%ZfiUZLg!H>P5;8hNl"9c\&ouY!#H&$;/NiI[V=:rhV/W&Zs7c.(VM7l?[:\,tK95Gr1g;WUWADC2%'a8V +%GV%NS9K5DD(7+41_]r.aE$^eZIqNC?c%d"H_e;Y+Nr[R`:PpC?`B"go0EnYfi[J(BQPR&@2anXJ*oZYLX@&I<KAXMO:X;"oqD?"B +%F;ktM)Ue]>j@mXcqF<.VEgo*g2,4*E*Eus=)-%CuYn1^rSu>85i>Wp+SlN#*Y4UHDLAo'^6-ucNfc"=ADCSnGWb0d?[M9,6otWHh +%["!2).VmStA51>":C<0J%',p8h58emrgVf2H'siM]"L?qd7l2\#_7.YPaehe0;\o:;-@^WdghKgo3#O*?tR[k!6gB2aTEZZa1YuH +%``J[(>=m[+^iIO"E0LDKC5`EG(_uP1.GEs%L=Z,nWt&#$a3T9YN&oc)"\m!!m<4-obI!Q6CmK.:NWkc2ZM/Pf^!59)Q@W$E^B>Ya +%)]-&XBsFXK=TR;0B[$os(Sm0)])AeNaI_[*k6S_&=ntS]O41\2=f=#lI&!X4A=3Q9M3?tN%g($57$19S%<b%Z$LLhA.0=],T5@n@ +%$Looqhr.031.\D`;[J:=`7?4*=q%*3%I\ZR/>t%hi@d:+:$ld*#f*,?_CsCEP,:u@SPA_"S+q%*bcSYo/di:T^M@PH8SYcMFnYhp +%S]$7Ng38?X,Rj$X'O@F`$OSpJ0&/>7K%8)`]\T\d[o/mO]^.oRB:G6'1O^Z?mm.5Tl!K4'h/Mlpa#0OSJEb)N6I;G]4Jl$Ndn6f! +%J9V@p*+%G:?\_Z)-)A#Hr/?*Ch,>TDb97BpiVfp%8O*<./(CdeG%AL5+6qOQD(eL:+5$E^@E6>:j;^M/V;$cV&gX$iWfEDtOtMtj +%XO0M'V"dX4G4@E.cNlTc0!7Y+,Nj%$1i.^s75%*B/HfFh7P+CfLR$_.$+K"X!XEN,ZI',r)ibbg&Q-5,J3pJI'$+oH;:,:0<=+U6 +%4;[o7/;^092[(D-]*,kUlc*#-n\*.T%Q>lM=4D5@I7!@ElY,2We6ML@fH8E()ZTm25/]kg&Nc:T1o[AtTdd"WV:gp<E"OuT?5SQ0 +%,^=<-^sc,`Ef##HZ[mA2=tBZ()Y+kBF[iL91,N`6/6-?%cH$'UoPRE0!oPM[g(+Su&3P")bKA(;).U\>`f7/9AMt<Mr[MEN'g4PW +%,,-?@9LdIH5fTEc)+P&6+FruPS$jYDB55shjm&m>3>F:*=8F.KH8fRgn`rM;$L*T0XPD8sD\J/crLjpUG9[J0n.=Lf!V;.".83#] +%Ba/r-:*.?`\3>AnZD?[lZ8*Q?!9>$YA)62jYV)%!kTL5t``J$G)<dD$`X"T?B(0*AgO^uZ73:.I%X8h6lAcbPBA1sr_soP"F`AM^ +%*6sj1ie`F-D9PX/Ki`H1n[>##Y3rAam;Ai2=\1^\,9cB<SF?NuBe%ku?*^PnKG#/=#>F)W&VJLa^M@DDh[u9'paf(k*JAbV!R7*& +%ra>?;2l["a/MDZg@6&A4#^3^QKLEt8OChkMS&]0rQ<.l"9G1[A(R#I="KlA(O]$RP!qAQk;84[cgNiL\dGnr9\!]n)c*:/344Vb> +%)5s\GU.GLA!3Hs+ZOK;BbL/[)Z_<W\].?GV#I"jcY[7.<Dpb,1,nE3gC`?`[_WWXg(aD-^:/<FAqB5)l/=m1;M4#([#9`%$B^9\) +%`6Y7*Q$<^q<W_=bTFku*dc0'uL=b0H_%[30d11Etb=4-`Rs9mV>"uOdS!H8;0OHmB/VAn-Urepe9FteH1X"a_+%dSp*6ZWA+**]^ +%>5&nfC#^_or>&[&))2k\:BCHeQ'iG,65EQNMi3;+D7ig-ZY`>^ZM9j!FY[s]UmV7F<8#aL,QRHJp3aM*[,-mI_Q<kBe'gj+F.h7s +%j27rf2D1c1W67O.]t6mgJ/c#=,s#0!Rf"eeTtlI(@hsDHF7j^1C##T?3K+naED,1-@LG[\]XB%g9^;I4Kn\?Kj)(Z$Kb9%h8Gl.K +%<B3)&4$KbXN0nX:fO1K_A(=>6,Mj2XA6:abMBh>!UUQZ>m>Ak2l2pcc5qtroL+BV2H35LMU^5,9;!Gq.N/0%L5(hgE+[p3Bn5^2a +%@!=OeNSAU<KlQ-'TXpu>2>dJ#@"JDt3@[FgFnnRYq3fP6<D1_.)kUtNqQ]RU-"cgN`IeOt+XS$R:R`a"TO;uV.s4)bF-"4*]O*"3 +%RnUeB4BdWRbA:@T#]Q4V)Z[(nX->=Ii.9O[L_m(&)h<Aa+0Kr2Q<_]&Y*XVPbVBhLQM!2:%UkkhJ8>cijH`N19lLY_m9&PAgP)Qo +%OpT_8BZ&77NGhM40"!#-<.Nn/Q?,sRSf>f4i`3IaH<C'HoYJ6MoJYAp0l^34R_clE/SF1#$`/hO+-jdY5SG9L^4g4p>t39`2%6r% +%cq.;q`.hij'S_UN\CGa?EJouZFELen%6cFtI4%bC0_nP-11bj1SLei2^,+i6_M^c9)KoYs-s[,rG"68o8kqCQW/9P0L:nJght+*t +%@&ZOd&;*\LhumkPr%"+mO@Uo]iDaIl4:iG1]0fLB6K!!][K=(Y+%8<ol%jg/!?feuS&SO08q"4N&>HHe*dOk5%:49h70c+Y[56P# +%fJF>8D,]l,o,[FUUL.t:_3U#mXSZAYW*-P'&j!]SINg?F@._o;Dc=*"Lqbhp.YDQ).-k'4A&>DKcZd`c@pUNH6h8'dbOM]u/]e6@ +%$\#NN?e7N'PQ.Gu!tlt^;F[i6p*7kpRoIPW]`.mp(Xj^79X);CV_hG"1IEk<8DkEf<S21]"!6CDe1572fQY\A3=;KiJprXBfZ=]5 +%BpWZ;&ZK%&Wu$Air)BbcmNnZ^<'rV<QB!'LF:NJgn&mUpS`c<(@)OmE`?!)uFj&QWK,b4r=(.TdScC^@>:@*%>4fudhe#[+"pG9: +%[2/0Ba[.C]F7@ct`SAfC.okEp`@GT1+M:(f46Znm*<G^V*&5u^$1SbSnPkq9=:"/VWE+22Ln`M<G99k5D>AsDGgM5&(qnF1I<AWp +%l"9#U-'@s>l.Z=heb7YN<92I4'f9E*[-*9MXt')G'9SW3'Wm([VE%c28ErVEW2Y<4"<)Ar5,T`!.(b]Pf>Y-`i>.et=]C`n-;.U@ +%lR"EcJUX##$&]__d<&^*BQB43Ih(s//H#)Zl)QA41`.%$@OFLpLNS7a13Urb;oQ)#.>4T')KBEZc"2g8Y99(pMS4`Z,%-rbeus't +%5\qq-f!U*P5jBTBZQnP*m.Zidi(K,h3LohcSV$Hpi"',B[@8$%3R"sX8;]Xi*6WBCK5$g[Bh_VEK=iOK?.d2t8^4;kiiY%41E"r1 +%)(6B>[$eJ].,cFt^CpI31_@WN\AWe^;i<$oLmO7TF,u=\*177X[)0GW_\B/0%Nrn,eP,]2EP>$iOpI9d(0NYoYRX+Zb2Khp$j2R% +%-CB4oGRi179h:l#AZ^ob%DNTo8KWb!]Md6B`fV^pN!&+%))DpUIu4.QK)[TdBdghZ"Js^F4=k+^4]j\+]9NoA7f#"Z8D;Rh:(RJ[ +%%[VH`@qUU+;Wj^;@$U!>r*`So2X6/n+K6J.M7a>/`@P:Z@UF*uNd7rC$!iJGS2QNOlfZ$,3AdZ'^5UQ@`]jO5fZ<9]*D*WY"=g[# +%`]UqAK706:PCR4VT,Q1q@3t<8d(0<@+5;[1TPX0KA0ps0raij$i<K)HV.TnI;A)4M'V22hFjn)PWs+@30+BWB]2c*V+#DGSAPfF[ +%og=?BhDKE$n1_^qoB7e6,(CKtgZ7/;l:%=F0:/**>7++-;HDe'K&[1om4#k"))>Rs[TGR9Dr)8W_[3m<*D"$/;G+$*Z8uTl9NRMB +%9*HoI.9);gR&Mg&nms,B]8o30rbf,[2L2Q)-pS$;U_Fo'I@4]B[P)BKka@#i(Hh=PFO=o)buRFaYnSuY3hM/)6[>(M#;m'5+]i[W +%(28J+2iQfPic&i-^6Wa7Qk#TD.OKH`GIbtq*9<HKnm.B[$@dkT;[R[_Ha1)KbEc\Xf3mLubGYSq,VIg><kbY'b!9qBnCM0_M68^7 +%+V]!#Z4\nFItbB$3DYOK%qL]t>(&8>(:5H7o6$b0NfhDpe@fZI?,t9WVR;Pt)ET!03eU1khZ\-'Ca+uL_*lKUq9)=dVS+D(JSGO\ +%3J521_UuQ.5B_rg.[jd=E+s6ElI8Hk,&Z-<[n/T$.H:mj&eDbC_?3;BA6>i"8#bD)Z]'KYE!M,2qMpi2G5/A+IFk7FMl6erRnM`` +%$rO7@7^ErRIC*ok=AmdR,X^M%L7)/<7N4'l%eA:(T&%VXl#`8[NZ^)Q7N<#idS?*=iRb]1UM2&I4-$qUZ278%!R"@IKMOHY]+'&R +%$m4nL.U0Hr,8l%_%6mP;;9%FEB'CTlI1>me5)P[SS=lR9\BoX<3Kau^8"-C[E?',DAL-iAr8h3VeZrX8&[s?W3)O<mEgGno9Prs& +%,H=_h3',t<K"Z>57\bs/P)*I'=p!Y&$"-.]pgLR>$u's`ps#C?rV,([DZ^[hfn@*50b:Z^.)<AEY++Ka'E69GbVb(3W6SlodWE?n +%'GSMLLgc4RUP(ng]$e2I%eCGdf%j/"%gQFO)[@p,q-ff8EotaThJ2>`<a8W+)@Il&/"YOOqDLhHl>#/Vq\!1&((b_$>a99"6-7!M +%)3Me=kCu'[\ua+c&VQ0eU=M_W?ogkdMcCW>!-mI1<Ah$*2`KM.>EtZsVSb'%b<$g;l$A=2;5Js@!IFcKmsq,N`R[djLu9*M&O)ON +%&kX7kXMmqhnS:RESI;u,A;C'pk(2bpL^F3=Y+M)t&oW=R\YhIfn,L$&"&AAc"bXI#JOC*7TE%Dc2*1usXi/pr/BDsK2+Y>oUVdm< +%I2^s=0uVaD6/a8G*/HM("e1D<M8SLeAB@#75EA\YatVbHB``eMF2"m$n[!&r&XG:oU/mV'd?b@:REMMJ*3d<q/3YU71EG+ign5Si +%1%kQm8qoLRG'"/,CjVY7T0\-/6;Y<-9X2A"QGWC93O;un_o2[r2ld`^L;D-n'JbB:M`G'/jKpcnPRE=>RCYikKED6cBA?1R3@Ddl +%'%O/%Y[@ss5]u5QF1tfkj(GmcflbsO+G(,(,g&S\mAmW2!+r6rU#\VGW>P,$UfSWJ\g.4+PL9X+_&qN5+o&A1D,,Na*Y&c(i8.4+ +%1E:!KAZlP,;1Gle(f\Ag&_n+Y]BkhTdCHAOK4ATb]Mg.+;hD=1R,:^F^lBo+Y\10o_R"R-*!WMXC6Jdhb$AI0b!4T)D!siF&5-HA +%D%W*>Mam6i>]JUG$Kd=CLsAr]('0+2/nsR'k9Eo\OY]8<E$8p*VIOc7'<hGNT#)8j!XM5DHVVOs$@b<"G/5ddV+PkR;^\J@b(k!' +%G'>k.Y@14SB#;)cH$@VHMVSig]%`Inbc1`PiWLLVccR]&;^\K1Q$=Hloe@\ok\ZJ)bTJ%'a:+_S!H@_VN"at)rm?J;^95S.MIGt^ +%X#oj!:'/+T6V3L<oA;,O2BefqlHR4X-taq'Lg0`'-g2To0EDiP&r[%p+4DU^o$AS+9Z8l=rrSn\>+<`>2eB_.1qH"0+?t%R6^,Z0 +%MUF(r7d"Fij\_RCTu7="a!)cMS3hOVnF+8c!o<s'.LH_>U"ee^G-O2V$<[feDA5PfDA?([>Fkc@Nadt\o86SIF8%U/Q-RFG?9HQ- +%dPsTGNL2NW,p`@fA#BB[,\DI#,$19@X4[=RaFM\Kd+6-mq-Qp-Q2400^!1%FDR9*?::$oL#=lYZ;Y\Yhmnls<:gW3iZD_qKP/qff +%?'cqu)`_4]!psOs+<3(pV/QJYM\uX+#bo@9$m]%(Q%/ouil7?Q`kmqhm-I(5P[^WiU\S;nLhVi3KW(E0IeECp;1.#O,(G7pbdto` +%rN!(QS%o7Q38:AU[Od#65o0ru&dTUK=b`G$FI`=pArqNDk+B.dmZVX[^n9#I71mF8F1^U3fcpT%J6SMe!EauOM"Dp&d9Nb"'F)4] +%Ui\?l#<]pq9p#s)n7q$$juF]iSOm@TT+Y4U<5:-L,\9^\%V$)pLIcllpeO#-/4#A(Q4lM(:e4"FR.P$+p_phfIQ"!9'_$%2@9JSA +%%'uq5mQrpe1b&I)7cGl<HIG%]AL=W+p#=VmV@Y.<T;Dc!MSM?tbQiYGF]FI1'mq?23W?5r:;RLb4KJ3e9irSAISAPO>W+R>:e+fH +%lj.h\-6l3D%"&;2SOFn6U,&n8/qZ2K@)J^mfa)N@FG..O!3?1-"-1dMVk8RIPY@:/ak2@_,5u7L2S\7PF;jEPG0]4pfB4Hs\S\0: +%dcPfc`Ffs3m%p8F%<XZRBZ.0k,:R8JcSpmaF;UaA4&`8@-PAJG!#KF^^d6>"e8lA+KF\LQN=)L&+O(A&U00sd;FjUlE6]>&&0!") +%R/YHnfRf$!!VV+J/l)%h?aKGa+hq<IgM0"K>PloRS3$AM$eWFbH+*-;=&W2=*N[U=Fe:=R^m:E@f9EL"I&LHn$Ll;bV"bX+fc`da +%2D\s7hs&i;eR,R4kWddu`$Z@F/Ib>Z1#K%bk@Ybi\Xg'-5O6J*bUA(Oe"WYc^nSPnAraG^2)*C38D,N`.lTW<'_1\i;lsq;%05;n +%AG<5:'6Jn91\bI]I<Hk3)]mTFXj(@E?5=0pb"Hqs)IuSG*-J-#,]&A>.$Lp"TPCRVob3<]*1.o:+CX+"gld>%9k==0Y=&:)TJLcR +%D)%'EnY.M-@ILMbQ=Umea5V$rGiU_sd?K,;;*9"5Z]LJ%q*nFL-pGKsW9NY@rN)LE$)d![J!eIudmFC`\i0VL)`lL0[c+C.3B^&b +%f#;(LeM$:"AL-#`^;N;H^o]NoWb`pPVc`35Z<cVaAqu\5NUJ<B>PfOW?C#B8i^utK]j"&K#;3h\<@C/+"fJ@6A4$\_(Pc$LNb:ed +%Go?H;X?eKhHp5tYR_sm6\u+b3[$p/<V3TQ3.P0L3A/_hsc2C-GPu2LR2hmP12HWgKR)a5pc=RcN9urrLq7#FT)@Yfmr>$1PZ`[:l +%;FD>+ebM$2*&d?^7&:*<_Z'bXn8o/7X73HYg/*MJ3'a<[pZn"jQegTiKdfKoV82=U:N$V"fORusVZEXs9UOp&AM_s?=a<@ldjRi\ +%ZjUAZkD=&;W2;IrPc.?gK]2ugmc<0O6CqG6QE[-7+C2-U?rHJqs-2Om#5]k^Q.Z]@0fShkROFH3S,/5^H8SY)@,=+3j1Z?Wi]'0g +%U;A4+h.2A)N#)!jKHEFJ</OWk13\(DX^V&sku+o.=(mW>3.c/+HB<4^9Q(Mo[/J)N@2i6p@0ipI'ja,%l#"+J7?&\\$ufi%EAeN[ +%l2:TO&bS"iHeDsq,`6Xr\2&l0RL2YATd\&r@o%r\DHZ'4GCQk>K9K%ukd&KCZ$ohL0Q(DH&Wn'$`afeD$pDF[Xe7Sf&@4pq[C?qt +%5%C^KPAkt_nn-/g:M0.fR7J?,+nUm[_33eKkFs7W^Hf-S)+F$tRsJg1-U-osUl\hk]2R[??\a"E=FI\7rb%j>B&%[Wdb?fcS-ZW6 +%ST_k<@G(Y#8BuHmT<j:X`-(%]5NPp^<n@H()/:2#Httn'qO!W5"fU\!X/aGt2Dp1MmCAK<m*sNAAd#"j[`gt--VZNei[Rb,r%tq' +%nJR7$]?#>Jf&b(bg8GuDQ:d#<YW/TFKT@sB_6STHdrJ5gUlt54iDhF[GlQ3g_Y>'u/_mnXRi7HG$leQJY-d"?A3[eJaW$FFpG#>@ +%?Jo$nTeqj&&I%2S(rYJ0qD8lt@=q\(<N!HODW!c'`*eHSF,:JDdgY4rGRm_QhSU-?XpZGAQa!m]iF@=I.uoX8`NR5]9.'q#lH03q +%DN"<CfZ8fX2fgS0_TlthO&M(0B1Y>R-B@[d:0`Ta>*;'9CFuQQ\.=sXb9h0p_ASpq-*P,6Ypj?WFr4#V:/gh&XlJ^3:pVXA5M@65 +%e\jD8a@$W1,rJ\Pc.&jXq-t!@:!72qfV859:08;IB6HlKSGGdVB+sC#_(f4;nX$8D_rGCF:f/=3MN+-`!JP/P:VfYpQ%K7]O1V`s +%qeQO."Ao4!=#;RXU.Va@$PEcd$E;&k&/RsKJ86IYZQkq*cM@6*J*9B2M39!,@$s;/R]T5LQ*GH&2Z>*aR`PCMY6tJ'BSeGCiPU%% +%X8c:6+d(HL9Ms=]<i9T8's4nq.B"`K0L4idYO^j1HM5>tVT-W`K8l;&RO"E$E;EFV#CdP:'(!>oiT]AC-]8YBEkr$I:G`Z#A=^LA +%<4:'XTgY9H\skf2@rsYT;GGI`4LB[U*O>*Q(R\![*!.^0"^3kYTLB8AKgVbnl#%::mo>K^"h1TB&^;=/]t3X$:q0c6!((S*j7mG3 +%X,I\KWKI?r7X%FQTEs%.K#+mOklDYI!XF/>%oKW1#>1`#+oI@"]1%_&:^Y(=2?4=ci4I[R8PA)UC37jrIl`tuAW,+f.r0p[;8U0Q +%?2@4KJ]Y[+RWUDIB.<$5YhL`0s071'9L?CF;7=%"XDZLf3K!tf-gDW67jer"T>TMcB84-!6^UuID*e1\Q&11snd.%I'l)f?=.A63 +%KJ*?fkhruG&;`N@e:],9AI:/a81K>;.JDiYk"GAt]?usI%$GB%%69#+h.5jaFOBYtX.]-P2?YJAVXj.g];*lB>%\r.],CR^(ECf% +%#B''#`&8(m`bB)AS,'>JBdX9o<&VYXZOPb>AK'H?'%"^#_#i\V19J\lpiIXP*Qp3-7$6P(JL$/_=Pob4B$H?MO$ngk@/I1<PL3M[ +%S[dF$0XG^W\&4@SB,k2bP(P#A5NX?"IX\@'m_Xoj"tKf*e-m?lm.t;'S#q1A%7#:M>b+MeJ$aDs!4T%GY_<^!?31;p-,D<c%!-XP +%0)_&>rK&^tXTlg^o"[4+[#HEdF[D[6B\*@!PaHp30%m4C=1jp=Xm8M$8fg^]]mQ6[Ms0>AD[.7Rr$'C072C1eUkf9j^o_"uiMGPX +%AE.2V7J%5YkJM=YPOm]N@`:uHQ47/borgPF,^5W0$NcG(ou-bg/<6+UI&C,(<=gHa6R_0fT7H9*67_T/_$j/ILa&cCK>Z]fh-\,Z +%`s7o1O$="#[0-.l]T`^Rfr3uhmG3G8^Y?A!"Psiuc)@3X>$^b[_G@;.jnh^JTjoUJm82%$>Wu(0^r(221ZYZoL'^DhE)8=97/rur +%AJDSZ/@L(k!@p@ghGrjGr_AYlfuLl2BdB_mb5>SK]L1;u#pP/q&Bc_%Hn==#99nDl.OJctBnpM/(1rO(%6U\Z:?F',DKMDC&e?.m +%,Dcj5_HKL=gukRbaaKeRVNQRg.,[X(`tqa#E-`b+XRbQSZEm%Tb*`k(HDd4[*gV8Cj9?q,AC?7J`:K`PdMu-8SV%^h+(Hb=mZ0(c +%`.@b(TN4F)JT>#?iFT8MghWD7>t`kg@e/J$b1L1M9,6HF^E:3Lk;Xo*pn$afa%T<3>HIUI!-4ZQ-!1PN-t=EtO*ju6Qc+;q>W'1? +%:-Gr$j/E6M,J0eC1*flD)LlJ5<U!6LI`?K&=u1:d4m`))<=SDfU#O%CeWN>JVE>rj:D?iPpV`:Pl&VF-ZHp9E'u@?L&N(7.Fn^/3 +%Y]@.3TGi/F/IG(+-SQs,/(i<,$%pbXW)ed(OpA"A6"jbRFqb.]@Cqt++mD\%j6Iibh$4,c]DLrZfT?U8^ebQiR)6j[9O6]HNjb'^ +%Fhf/l.SPR2V4"*))#8$;)&!%#IF<D<qN%HbVF<'g)8,#<=)'t=VjNmDcbF\+@+1'7ZgP"Iq+\sW2@RHuYWGEZ5F4[q<0B5]!kA0B +%gKTRi:'U5(FfN5-"!XTjg!&o/*KsXW`*,K2jo5=M;99U*3AL=Bal?,k$9o*Z;n))>-;qdm?&HDA%WcU],mBeM9O-*+],C6X5*up6 +%n;fUF4V)AV)N+/@%_5QOQD&>Pb`>!.7-*t.>t![FZAk-FY>tbs/8W!HV1Z+KMlr>d:7Y"]ZD173Fa8i=P.)]<+Vt5u$:9MJ=7[]Y +%9@gdY%>SoVWc!ZL,XLr"niB19#"`K"5I0\#8d<PUeB\V\5!fTB!YZrR)&b&oa-QYJ]/AKCD/8Y)/,\EQ/CQ#:eT#=a:O1\/2bW>/ +%-UH0Br^I^_s0T(LeX\qT9',0Z,R`&Ng+^rmd!7s_:0aTX/b;qTP%8DL9t2[R3ab3IJF.Z8R+1O(>CZqM*4'/'k_,cWhV,5aaU\5a +%<`+N-iJK..hNFTN[nh;TnOsnoH6FO:_2FL=\D-Z5PH9#$bgPg!D]hfJ_TA&]g!o_b+tij3qu@r;nSELGa#CU#3)f1_[Da)eW90h& +%&,UC'7iU6r3)mHl/@!jdbd@g5M0VcWS]O#pRhC$I<%&<HAdV-Z'$gSQ>*XD'M`74\9$O(NSk5-hpT'>;MtjqK+*iE;\_s\Hh-7-K +%Hd\;,kY`;:_?Ku1Yl<FE<GuTG+1jDOdTr^%?l2_H7Tn1p*$Ju1bs@=2<TTS'P7c\#j"N-A3Z?^k->=t*d7>EWe_mY#)F$hXqC<`s +%!L+Q5(g)f-D:<:N;hjU-*r+j/Mtp)n5DJn/s1E*:kgh.P'KE0XgoZUhgj*_"&?*_MrmHk*9NWGFZ1/!.!-!VF,])0dmNi!Y-[?f) +%IKOk-`3%$1-*c<*CJm:dA5d.g=U(if4GBdkdT3(=+!^!DM#iO\A-2OAHoJD0QoAZT\<=qr81d0^#e:*YeF8]=(Blnl,)%-u=IYcF +%r`aaRi?]sVs6/'I<'ZRB60/),;7Zm%<'$-*Qtipt_0Z7WR\WcI%?l>$U>udX"rf)&R(uf@G=o>Z5n!k88Q()s$1o5"bre4+PM&6U +%L0D?X%I5IfZG;SaK:G2L?H</O0%\E!pas3VQ@()"LX%I/:R&/a_NP.m%4I+\dYUH9RZ;C?*J\,.V`;U#RX??D.l!79MPR%a)em?< +%%,eieTM:]69\XrSnRe9jSr/8#!9rh(7K([%:Goo%%E!jK[E>Q[Z^lmS0I=Gb#4h-c#h1YLh'.no3\-F,;!HaJ%&6m%PN]eF9TiqK +%ncu+S.Y\U]@gELa--n'f.=HB_=2lA/oQgtc,L8Y^QMD>V0uP9k^$L[T>6?(M5($,0V`W'RT57&8`*"PnY#;-TYFs>E,pV0!Z!=5q +%G)JJfmBKUdL42E_(V]qaT%F]eA/Z@[ZJ7HN6#[f`a,@FD[\71KK7IfX;PC+FbPX*7Rq[>u&1\)+)'RNCL10oiINoJs2@L0"&.&M* +%e-?NeIrnYG;O1Zu.^4pe$mV0LV(Q_[n^su?3QXmO3nf0_!(n5q[9k+@JbU#kR;-cLiOBGj;Q)7$qf8#Z$Lf(Q2*f<;C\9F)Rq[<e +%$?HG2-l2-VCrRNtlOXJ@lYn1I2]G5I2bOah1S#-tr!K02e1L^jNb(_H+kL*X_p-#E4@omC4#Q?rO.ufT's]I5aZr)-ViSdk#b1"b +%7:g"6LOi),".Y'IY,r$*nJp]94?naT'iiIL!aO%1iPc0p(Y([8l)<lR/M?<eLe*h(eX,1==5\\+*9O6e,2ONaJ:nN/PS!3Lmc]2Q +%TD!DV+N@fb.b;C<F9E?DO`%!B0RG#b3?^]q@i-m1;Q]G<OMlSXo4FSd28AER#c0HUhmY&t&U:Cp;T@WaNt[uM=dG.qHm;o*jkYms +%=AB-!]7I6V$E8Y5*35AuoFdU\PV8ZonHhoL/>XO[F=men?0JXUfShQWXsF.9FboY]CQ(4,r$^i1,s?q@."XCIL;?(0oA$(;:;)VO +%mX9"3Xn\W*f(i'AXhs4/Hr6Gb#AmjLjdL`AN_Y</p+p3F/;C"GCmnUGT?i2aJ?]Y'?ka;BJ#GH.*5_bh-'+oITCFqcb<#ZthdmWA +%"7^0gN+m-cG!QUKZD#!1Rtn&PqTM%YES&W'\!:+&AT4\t?P:@\MigMK&Mh:7A`R#h`!2Vmlir.585aSG$K7?n+Wr\>,S]9hI1WEd +%:b[9Uo4FVeQ+Eu6UFgS"#Ue#L?TJp<*sIco$(Sd>E#6$*oR*S#DQnPfB*muVl2WYH2)pG7]hlf\Z#).,W"_"?=+t0'@KWF:lSK4> +%P&OO2Zl>VT8jgQO.##2W#`sJmh1p83cd.2J;^iZ=_V5q^GciUd+C3L+1p%/Ae.?R;XBbSYJ+kR,RVrOgp4j/4kSmJC0K/1XfW,Xp +%k;u,r@%1-=YRh`^c,cmo>)FT[P\mEmaP*HC>4-')_?NC`&Jdi>lT*+sR42rUf(F!h3A&Z(+0pPLJou<eD"10Vr1K\AJ%'R!\q<g" +%kp]hlBo:UZ<-](uJ%UGuoc5m9ll"C5OW;IVMIY223pMfO(,oGtckNMcs%bI=OsDeAr]!52?fV(YF:jhL[kpH:$b;D0Pj>oA(o?BL +%csm$61=4)J@>gcH<-<b<PWG85:2oE&+e;krEaGQ<<AcF"rX<d8;RF<Z&S<'B'Wt(Ka2i.?W>@9bj_&fo`&L$-$L\Xn7&kf%`d%rq +%ISA^"B2VPI0T<Y6-:B;Qg+=L%kRjhF<fB6eoM3\>ltXKFM0]$A&gHra.;Ei\#!5;5?2B<>1dJP69["Z!h>WPh22_EA<ViXnQ_`g; +%(]6e(dPnsQg&"n6!%HeF*nYHbCC_F'qKT\1PeEF_.).M8.lZAE@E2RVmAG=DSEn%BkjWCrS&oXp[fpi,Sc$,'jj\$"HA`<frnXmF +%C3-bj+,#i7mP'=uf16UkW^K3n*j[&YPo$<dm+uIpYGQ6`.qX?O"I.Hi5$*GJ_=]qopEusd8h-D<rb\au.S#i)IH7YGO-sAc'C[Z* +%e>c)VWk6E8]jf(=e>_lXTMNf4Wq&b[icM4Gi*k9mFSqN(Wm5CRjqFF5dc2l='k&#c,_3-FFt\aS&$O`+82ddI[Oe-L.ATb'CWZ/h +%d885-G_f[a<>si;,f-VI$77>)DNZQqaQ]-M>+$*VDa9Gh%re,jkZD^pM_V@ij)4eVlIJI'"f*d&@E*[kiOoLWJ=.AI[>`@-o"(lp +%i8T]uXX0F*l?3M>nq]i.B"^pZO*NJJKq+Fn.5RiRi&=>";K7Nu/Fp5_gH[ZG9)LP:K,PMp"_*n6"B]W3EM'&Lh,dKOf"m)MRLCf2 +%>P9XH:L=#U�qm^(B9L6P4oJZf/cQ^iIj$<tNT5);u\)J<[?<_2P],=q]X:+j5B31`O=$ZE^oC^B3EseJt`2>g9?*Run?2+=dfR +%&^_0,*6o.?beplu3Vi.>\8$#JE-=5b9mJWB8pQ?*Tna8aoE`HqE%ah;(/8:k0OR8h,%,GWp55$A7G%`="uWQ'<_oSrL]Qm7\O=fp +%iD$#h'A+.D01ljC:rS0s7OT?!0Uf<4m&Fs]N5*SWMjPJ"c!-H8pJd5KJ/g"Cfp1uC3>FcT$AOR1='k+7i24;PMgscqgd:WqNHt]7 +%r0[MbL2/P>br[6s@Tf";n`j)3=VB?eW+nj)JNLX\6F:Gc)B\K-Xqp;_0!7abiQMqZ"(e!gDQT_<X9oE@$OL['e(9ANW*Dk@O-r:f +%R2cSciPI,O33a'!mlJ,`OQSi&OMPH8DrT<o"A/0CCkMTtnHD=4eYn/G'2GiIcaC*MVs]Ge8!oHQDU![boemol4m>LpiP@40>MPE. +%L"0d<K<!oE:2o!:E1=(i@C'O*LM@/Y9!),(90%h[jUkNQVG=Ve[0"7n#uAu@/gSQ3qZPO]*$(i5!5;h++K`1"JY(p#eB#?G(*UZb +%loNJ5q(!r>poGW/A#!O,9_=tR%Nu/:aQrJp[I=3<.blS^qm`HdGnO0'"nB@XpnD@Bn7gJ.>l9uN`2t^>T,+L^I#FtF$9@Zlm0[6/ +%#o^AhQLc/qps(S<H5!C"24eDh_B)Cui_#$./Y-5oSrutY`VR'ZH*U/M$K6iQ@]2=%lfOou!m)LNYt2B$lnR>Tr4ZUKoqqnA:u'l' +%XnLf.?sb$KMH*l5<@U7tJ0cG<HKPH]kdGF<D5B:=dRL4)AQ66KGI-.<j2[rFZ-e8L%=<[h*NUbflDO-5A_EV7Ao8)"XNbm&cNa8" +%RO&K#J(0`ggtkg@5>uEj%,SbO@9#gXZD(!@#VUnVaWSKo-\ET0.6D^`HT8-k)\#nE0rq]0UC/s#cE-"lCpi]eT<Wh6-OHt'H;I?N +%nYXiG7RBo<QjRHCE@c7cSmF<J(q]hA2!Sp5ISA]EJcHT!&ZRk3A8'^4nWsH7"GQZaS8ta%N=qei!IAQgQ,l=%=]&$E>uj4W7??7* +%?M6kGJ/'5PT/c-cCp_0,j9[9O#m2iH$`+m,NQh:($_e^;%o\K`86_\mfP]K4^2].>s&7gS^mlY->68nIqaFI#jA)^I`Un/$ck2rB +%F;f=FPRAb^ib@-$Pl-b+`a+:X#fL&S5*>nKc$VK1S!rtUjT&oQSYr.JSe!,bQXn?\#W#Z=3o>fP6(/b<A)Ro7#j)A:h[[($+I+$: +%$h.g']!XLl<AW$T9@UE`I&qM,p.dCUBYnE[V[5F<5p]]oYjlOka:DL&/@d@'Nc%.S'\<=@HV:FPL<M?o">WZ41K@SA6kQ%\]qpU8 +%bZ!![P;`sRmD#4Mi3FmpJ>fYJ(^Q=A%bF,9`j*a/FU0Y1e;7/[C=*I*K+V2h?A`bd*R+6Zj1rqqkBJ`K9,@V5Z6AKja)P:^$:+5r +%m]sSq=r@aS7n93)TAoZC11=t3U;fjl:K==le9=lV1FkAiR)2da*"`"dl,.MDbHC@o$TKqsRG8nFKmDDG2CC`O`pjPKPu(JA*[r:P +%1Ui1qaC>#VL<i7=-L(;s*YMOSRMf%#_8Yb"UWKcN^l++$-r/9$"V0l)SE7_CXdJr/B=Zq%L*m_g8]lHT(A&@#9LDD,-Y;\5G&LB; +%5Afm?(u1NoF:5KhUacC8Q/en1JZ7?K#Vm'SQCRcod=<oI/<dmFVZWN5E^%`oRuX,WW%Q5*[G6!bLgJ,<$lr1"=O"r$*_p"FU-R1, +%K,!%L.Q(.b.biga@sF\@Fi2j,N(pN$MXaQ6dOo3!EBc!87I&Ei6:f,:5iB%Y]hGq@otF3*`6Fj=HmJ]51+#YjP9iC+:Blj_Ql,d; +%[>;SZZ"%8$V<_]"`*15,B2(-#.<)9p;-]&b^74e4mN6WR45hFros`c.+mb@GS6>i=M\aHOf:cQ!q>kPRk$F,2*;DukSM*'86`g*T +%NIATOo)%28X>>leqnS+O]#B:u*d).@<VR"_%C%1JcoJ2$n.a3HPsTs\ah]*O-e%hO-1Rl\$qMFm*,qRNqje;#/5nXjEb+kg/khAA +%:,NP`D21B$1\:/km(_-jkar?Bgj\+.`)NsL"]LP+_1>o&NF##+-H0^``'"]"M$r0Qe-0RabS!bRUNbk`'1K`(]F&Y,([40RO*26l +%YZUQg9Al@d#cYd:6,1eodH\Al4(XsQr[[ig8SR#oTW9Y+H6/;;)$Vq\lVrIkbtQo/lED6UruafXMoPn"=0J>jiPV\)7+K&nc$e+_ +%8@BS)#uqaG<#DWGA6/bcPio\_VnYN7ZuK1[L(oUA^_A[>%kM9l<nqnN%P@i@'7"o+_4$`oKMXKt:%"#GdR9$.P#ok>+j7Wb:u:EY +%3?-YrnNmU?m6Bf!Jq_pAKtnpq>CWYB#a9oA&-<sW:UH$O7kl).IctNJ6YJ0YJG?noe+QE!4>l+$,RnQ\!hg%KC0RA],`i`H:[OHg +%_nP$P^iD"ia7D3g%qZ[@\%6T/[KDG_JFd?pQ6BH9c!9g;W-U_0ZkJ.L#/$lJ*_Qgm"RqeG=[EfjPKYG\""Bic=&,0,FegR(\'baV +%%?5O=Ub+Y^C"BELmdrXSG[_Nf)UI/S3nfUNj;VRCV]?0i)()k!MWqog&,EhR9F2+@"AhY^=h9m?EbJW"fU=uq[d"TKSjM'D2)H_r +%fT/R!!#-aK)\`439V&VE6U9<j$_RgV35q<A?%IB`k>_`@,eL"m,>W"m&Ch.'?_gnl1<!(hc]VmKnpOK63h8JK@C\H#^b1?L(W:9K +%f/D7,*(8&o"DeJ9MQSueTZrL\,N8\!hT#ao^W?UH-heC)Wg$N!6*PWdI?!B+k'64Y8)5%_Fm2_93WPfs$(dWPWaN!&.KMI0N7.<k +%,[kdSgfd#cW_-;E@bJ2-)t4*#d*]5>g`n4KL`Bf?WV[snLM6aX!Pr,]2?US2W([ULCiRaBCWS`Zo."1L.t@VP)G2;*%?)i+cZFpF +%2J0LU5)6\)?1?hNO*\l9`.1fT[H=WNfid[+$(,,rR"/!H':)>pN=u5A.+2T,2!_sZ76FDb%ZjAE.9.S=-PjRI1iK^r"ssQ`9Ytsf +%3/'1D9KRrtV/j*`<`k%qm:,%q7XgCJfF95mi7Cb3fOf[;0p_nP6_W8AW+-EP#DfpPXeQJqDR'io)p&FS_W:o)=CSX!/+OP&g[$0e +%En$lXTn<@*<)F/+Y;!c0QK6b`34e=06KB@@(%<:6Do3i`'H..C;&7LLdNO381GJN#5Q^[W-fYBnFh1>>%X"2!YU$=r,7r,OXYT>J +%$t,&#PJ2hD2CiH$9*"ujp^5ULV>N9!Qg%J0Ak>IMVjJj(7W@c#[.Mj5aDQ1E]"-V91b4VW4OJ:uc7X'EOf068#/6Hq/=5*O&N61Z +%fcUZq\#<mhZ$I(F4N?qI$THUS1!Euu^.\^/\GZsl%qQ(Q\r40g)L5l%S$nLg<\P.]ADG_fk;1)#i\<L[l2ELW,KS.I^oA7VWrb%& +%M>sf]lBmB(7,K%sGa&jDkam#%*@3BG_T0]9hPS&bn?NVLDYB@(Jd[,)(E'.'I5JNm(8U\Z.R6r$^gHZ8Uh\?]F5I=5VB)!pa)RDY +%;sHan_NU]bV`$=j_T6VHJ"VF@/AM;.!Xqs,CSf=gaNLgYJ`2(ej__;;.ZZEDW1!Y93Ou[/R*Kp!gi2SV\P#+.9/??)>?HM@7F9%O +%UETD+EVL^JP#$](>$i\XfDB@BUjidHDC@M>-&kRV;2G1M_3gqB\JK,\(IP<$GRDQ5&!.Y&6_gr!0D9Do_)gP!pMqAT[YZ9PU9 +%G7W.eFB-g\f."-3L81-W#^*/nQ!(Z#Wi9F:\QnG<66YA7$!l]564mms&P4;U4-C)ZE7lL^m'^&Z/cW&%<&mRfmnSW\?+?\<"!:`@ +%Ve@jt"X4o?I2\J*m4nCFBq(f((X<\e+FcI\5Zb6qFM!o<#*?B3jCY3"+dp(biQ@$GFY@T&a93(@D/s*4[BeHJU**0Fdb><^1[WsF +%'m@VlUtKe[_t`DJs'o+.s2q;.4crTe<V!5%H:0$Y71Ee\/j`FH7oj3H4@7BV8->-:KMD/OSpsPMAC8?4'+;jp#V5tJ($Pm5P_T"t +%d=asG0#ZMAo&Djai)?["[KjF5*q$TOrc1!;lbJ>ojOC#c;PM8K)nsO+HP4A272Le/5;9reDHiqYQEhel4aj([eQ\7,InZQgoM$s" +%cN(P0:#oPkj/.%;V8iuS4pD=RMsG?Ai5[,=>qd9F=M?B_2W)qY<#30_bE?P`b4>PKcpo<;O^8<XVpdG%^sU5L<';r6O8G$jG6rX> +%;1t1EEg^`%a2+osQLGo`LjnGIOQF&HWOXH2Z,ANu4c5SoQEH=7N9S$&0=0I@E>(?9Md=@HU9SOp!\P#m0Mi%-\'Onu,$>KGVJ7F7 +%WT/ciF@Pj^c\_jT,&%qqLrc]l00SR#o6=&'3SJhSc2jtnT030hqp3uKR)NPdDj)_XJ4Iu2D3K?AKi-NhLVF*C#I8$6d^r,T;D?qG +%/1_Oe_qdsU1#lLKaCH.#\1VGs\&^_8@ISY`:<ALc\O;UpRa3R).A7I's%]hg]5YBY%.kC\gB<G@le*KCZ2qcCd"Ldh9TnI;7Vs5` +%\4'qHV-eqo*6=tV'4?a!SV1XOqbZj1$>3i:JTA;Z*;*EJW<oIYOCtSZ%?Lm@9Z_Qh;o`Eh].3)u]fSXj^..ZCZdNr[;C<T$"h<q\ +%3.J8-mFem(`(4$!K1BfA>P/U8Hh>d)SN><3L#J&UE@IoDmhlsDf%Q?Z#EAt-ET1%3\SCb0lo3le;tu$>:c/o8&lA<WR(%p;VZ'Z` +%mZ8@lMcs-3Pa$bk.ia6.-DG-7&NT9?5cg*e7E)PY1fY9=BQkc?O:dn2m(YCbB0rC,--H+Ihoua/!s,s6j=/HG6H(Dk&/[FT#Q>R` +%X/&@O%u7L)\Tr4o5R5h?PO+LPJXHO,QsHqd:h7`%/acd0e5C0:pm.FmXo/m@C-Ehr@>&+d$$[s*:El/Cr/T91<jnD/9B9AP5,hPU +%p`@T4PY)T)%nY/flafOeEC$+\9DMF=E*$W?%"'LtXI\.TPbi194[I.;d$7(]3oMOhU6FGJ%:qS[*90L[/Esclf`J\;ZMP+D-7E"? +%VGjoC+Gn't[dTp&9rCs%V6c5*=b(<_fpM@WPQA9V!)VGXS<.1::0qM<?pUoVRLJc3@1i&9M]/U%)M?QO2[^R;jUlKE@S%qqG9.E. +%@=08R*#;7V.V`qW%tOBq6[>.oWTn!<k"kq[LEd;hlkK0C'P+D$V;MP+k6RcjBR\;9430(nPUc##+0_.KXU+kQ$P;2&(^s#e=lS() +%c,pbL.ZE*^W(,>t"";G,`3DbQF;.7G3I-SFAM0h-Z,gN$P6&V(]7S=hJHPT=&D!8F[RibTV)4m5[PFh\0G!m^U],0s;.fVnit%rS +%oKHe6nr(U%crWC0Wr#oYQ_$bp6JZI\fj+%("*pA(WCfG7Q>]'&Vq@F823TcTg<u=VeDqkRUp2iE)B-.:Q55@IgP[MqWp5Elj1@4M +%*&RqWP+n)^eONk*'n6b/l$h7R\YUFR5]=kMUtth9mub9-TbMRBc`<D_h1cX'@6Dk')7oCK*f!"R<4Um`11=Z"5s!)1RXS_F2HUK@ +%`M#a)Y*WX1e<aHh9T]jAYM'+b%H9-oAD9:tJg,gk<26K(.d?E,]Zl9I?Z]PN14XW.\+hPW$\`1OE!d#-@_cmU'NoHRS5&)GRQ50c +%l(BS,\T&`-jm#.m!\AIpM7o:],jDq;>Sc8^V?g'GNaY'Y!TN]MB_40H\+u$C@c^K\MCcQ/22DkfJ*Mi^H6>c5WN8W>\*15#ls#(Y +%:l:0]/g-f8$<mgT%Zn7*K7%uW)\pm8)IR9Ug&OK1V$nJLPg:?Z<jHOqcmcuYa&r=()<'^R*,gDM.4.VZ;?D!AA5^OFWG/]K@G,W0 +%I:Eh`2$PH7hMN7_9q,8?DPDLcER-mXZmA1H;7\/)E'PQf4A\iq\t&@@*L(psiC0dA23;V7g@rL9cm29N`3%)pC6s\$hC>3R'$AA[ +%k#?JK+Ya.M-H"q4!X8@]0uPc1i@cj\,5WQAF:nBR).UJ$NVG62Ui'EuJ&qVF,1>J3s.kRJ)krhNV<.fS5JTa8.=k90K1(8mEj)2O +%]d./[3e..*+\FYkU.nJh80PE<S/6Pd#ZQ#_W7ng]389gh^&lVWA1!UW3\>E0OXL+PcSbTfTC0??p1CVC$^@oQ6Ks/_nY%PFS7L&A +%jPSp6i,(Zm(]TGoa`aD6Vl\sZG#fB*3iNG1@U(2-o_iPs`T&Vr/nn-);8]^;Q3,PcMA.1DLM[*L\%os^9=J$l!0;YDAp78"SdQmr +%)/=oA2m7C]Sg2.2L,EXh=IP9Uo4k.3*!04nUG-DL6L)am?krKY92ohZC5s^"!Z>H4,5]gd/[o2A@g,UWKLCE4Ijg'W<C2j?RYMU8 +%+.t0Igd]Hsi'BjfFN]f6AtDD!(monh.`&[VI6m>?2uCbgP,W&g;OK^-V<OQu$Ib9X6;$e_*^NN0pf8u5'Kpk:@]1'Y5t=r)+/hG3 +%6J6YYC,+Pd"kDBH50oO(B2%X]mhR5E5?700#4YBYgs^X/9[hYu_$(QMU&mI/6$Fduk_*@'AM_Vp80'1^TS[@qQ"LnTF(-k2mGla( +%lG`C<eY$45OVQ!82`3E6!ahsS,WD(Q-5#lZ4gH;:M(:@.cU_DPGsNn7G-h;N'<ls9\g>I'dmc`5OY:t_A9NegmU$[kCm6//VqUZu +%YTcf0MT7j"oH.!JZ[4G;_bi_EoHC4WZMSM;J5p9IdTM5*fXU%<iij+@pkS!BU#]9U7lQoVOF5.9$;]]k?f'_BbcXE4SFKj'`^qpD +%4?it7*:"(Xp2/dMli]?[n1+7*bacWp<-Uu7`/fJbMi'C^CUo&&Ep(!#ETm=lGZDP`WO[[7m"84n2cJ#f[*WhrAOrS-nR?2DpW(A= +%8>-=<7o37h)$&a2#+]'I!P`GG:suhlZUlro0er_m45spa&&H;<"c/'`,EQ"[qP%]=:bs]FQS2)E+-ZUX+(q=&MV$$&*.R9V+W:n> +%q,5S"!.A((N]^@P6DncOJ*GSS5fC&uFhqO"B!9ZU:#O9&(J?Qm)-'De<KrJEh:<*eImR_k>PeGd^2^;W,uZ37K2ZncL:<PUJ^CdQ +%V'0PZkNN#07m&QO[96cGTMDh@-R@H/l^1n!jm#_k<%_$R""OWrYs5['eO_2g(dQ%l<V<BJ/K5HQ?,b`mc;AXq^s)ul%>P22a-^bS +%OBgl!$M]OuD<^g=SQ21]U9O)q;.`<T*_Sr8I@Qe.V7a8lpd53;I#4aP@Kn;Li2Q">J<]1&Q`?3[8?\Zg'&FAPY\<^J`K'i&)=&G" +%4WGiX?Z+\4]*MXPH;r[,CE<1%alXOrloJU`TJ0_A72)2iBF^]hY5&meP-]F2P@K;PYJ\YC:Q;?Db$*B[0TLD`Vgp(E7Lca\su +%mT;?Kn9q25N,uJ?^7H$D"=Gf;<B&03O!\50ALD0ui(/Cn+bYKZ:F)I1UjJM_b`GU%[68SW_F$2!([@=KARsST_BGSjn5<(:5a`7i +%bdbbh_\$?\AZ=TR`!f8R7:hA>?t,P@3MkI#&0c^Mb>O05!&jbgDKJ%WcaX2+-A^Oc'PN_]6bJ1VO%-9>T%_X-pKa:IcqKM%5e@I9 +%Itih>5Wfmo$pPj*9f_W7PRJ?_^mU!dJWR]n91cuqpRA-/BKY<Vg:&;T^mHa32_eP+^Qm(b@[CLDO2#S+$S&e^\3USVFgn9r_O0O" +%!d>:"p_]h2TEIBL,l)?g*ask6\[0.^1N+%H8aCs:Z"o!7$Mfgh'`M(h*JboP];cDbUF:4N`<7PJ0NMd!,Vlm!o0)MG*+Rf$E&?Ql +%M3P8c#sJQ<Mr\=d7l)[H&2uD@QC.1sSFS]<0FQpZ/P87aZ@Db,T3.^sEMhp.,]@*.l9gO1(ncB2br7<`oYNE\FJ*!#?j2?BlJ;W5 +%S1#(D>!'=N7[?#*$)\cr1h[,8(5AV8&\q-DJr0!@"CJAh&E8q)UbN,d)Of[B!09UE#@;+Y1Qu!YC+R7+#_Z.'*?rC;^Qb!,dlK&, +%]Xktep^SL:_+3-^mI;up4%rSqRsGY99tp\+**I"1jn1EE7d12+_Gioq7B$g)MpO1N(8"$rCTn-gqBf7&`E5_;2'pteT!u?k.;Z,% +%<TURkjsqV6<2G'R_FJi\^FY(@,J-OETm=9d5pd'NCDG\c-!Q95A`Xj:.qVP&LKFg]]6QCJ&jo90+<.1`8$";(.R>5=D2-tdQmQ^< +%St@BBe\5hiMFhOpc_*&J>jQ%/T#H+.SQ.-S[rcSp96HZ&p72B(Eq_?J0#Gb;;ELSh&ncR4FR"M<]Wm8t*J#s.:sH3b)N;26#6eIt +%Do*f,Q.W-545]c\92?&js7S,+RRB8u\86(\qa6qli3Ma54*7]:a)0V_SW^$1nLgi`/N7WYW:5&@EVFp:aZ^t/==5a7i7p[9+&X#6 +%7E-n'><\9?f8=pE#pLo:$7'9MEpP-%`13,MMYPg>8IhqR2FaJl'>^@6(-\XSCk7'CpG,Zd'FD`X>m8GLTLdlBa0_'a_4HOI5/3.2 +%H9$8,KMn!9Q3jK\Ejk'"+a*&Y_k)_lZB7`r+%;s(i@S&6mUUS>Vi>:WnM=8B_9cQnA0$/kP"n!,d.Ts;oPlc!G;D@.jJ%qdc?FD: +%X%=Q?;_agd=N*qQG6\h=;>+3e.\`W99_DjBh/KHhA;sOr"iFa?D-/AiP1%csSMq3+UWGXJjPn)\Z&]TK$.,3_i]W3gV#g@@6OW[- +%s%pjnWE:2DJ!*BEKJeihAUpD#nF*J5Pm0W@jW:-``,dJ6iaD1<)XnRU3=)Zf]g1-Ki9iHi-aTi1IP%spBS]%6\Rg4mX::nsG*[7! +%07u9[A>plS=1]C>SB4M],WHsHnU?K+mZ'u'6@OKTNM3A%L7?t0ARKg4eqhdu-mE4BbAM/6s7ti]pG.Zs:g%/Fh^T'O'n$p*9BM5u +%r:<hA%ej&I=UsR9pCVc2AJQ<k'qm"mlL2K8J"mGhTbYDq@m)(gFXh&b*R1#RqVd!pprD-]:3e]Y,ITQaZ5OlkR^,H:7hH:s'9'gS +%*8'EWpL^ad@(!(PV<Um,b1WHD/kn(%%3i=+e#*(=n\uKqC%rRDOgl[.:0%3HqoZJXMq/$kcr8VoJe]be<=5\/'\@^KGAeoX29htT +%j-VZIMeOC*SP9p%5oE*:=&sm1:E_nB,((SM67/Otk\gLKqdjesNt=_co]f@CE(&(\-4qMr'MHRg"%%#"R9udZ>p5]YUK-K_P$A-s +%1aA6P!in6B$=1"',4fHB9GU806J4sj$G))QT;W/3`)\KY056'H6>/9Ri]mf;s7q",f4j@>f*!+:F/'@/dj`/X-j!L<q>eDYK^4Ku +%Zbn)tW&'pAg=e6kZ'njRUBm-SLo6"+a)<S2iP\/oXXPSAnFOG&kslM/_\F1&fc?/GWd7O3.YOV./u_$<\f]LkY0u:19"S'!Ed:B4 +%TI19(Gr.pG2LO0AA6`*N"q([a>/k<]H$Ze85I@T)"0/B&b.Zi<.'`h3/Sh8I^VID9J@m#dD\)bCZgaA1]JKN%9U[[8c+pa-HQA/K +%;;Q,20q?`(lnER#Pf"WjSg\5o.Y5?I#$?i%UFJ^\P+LrfAEDL'`)JtpI`gs2JoAh#<08@r[muS$kp\fE0Yu^/7&O3@Aq.2"([M$Y +%E=oXjXu;J"B''%ipMRU+,[#<C(Xt\!MguZH.bO]o2_)cOO\&AWCQakm#bb*8$)=(3:rA\Fo_45cg#a>q:1g%<64X./;&OO>4P\2i +%R;L]*mBr0tR?E-=MLr/O>kQ1Q=L3'?+ioL;m$@ul(f:a',SlT>dQ9::+r&h#M+Jkfq%N^WISb(S]n:gi@"fnc:j7qs'3>)p,1j1A +%gA1TT'ch@)G+Pt\Hd9]LdeSm?L@nU1>Nmkjo'qNt#9<:aSbaqY#$?.%otU;P@\-[F6p:CKm!T+^(5A6Zg'enP*Ru97fTBE(\0arG +%M6$ht%]F?9*"ofM&Q-AR9q'^HY't2i<,71F-RKDk'MKP=n%1?tpS)F@'h@U1&M=J&*e8>LjGTV`aI^!6g6fJ^<&)J7=+H'eEuuPp +%E4CI+RoAuQ3VrqAXf`WAd.T'B`*bQch^8!2F&@P9'.pX?67p1m\fX*`NGBi*6."j]J^1j'/a-3^kKSmHAb*`N`K44^kFQ.>G^4J= +%QHRW=]8`)[BI&NAgbYT35XSClk,FEEUKdFPTZMssV:X/7L`HRT[=)'ukiU9&gXtLp9J%(:i&>Cc_gK<YH0`1(444;&f6?:2%q6_# +%XBo+P9'a<662+@sYc:mFIkWGYWL3T7,,_HW5;9MaN4Bm#a(@]=`mi%V.=mK;-D2?73#Le:<mD\7].&`aCe#d#._"2sV76d.`Yde[ +%XGC1K5,TpgI^)5AEI+bD4M&%@NVg`YU$kZjgt-`B/.7M?'=f8O!bMNi2)]3+C3cP]L2Ip#B*/XJaq&K.o2gHU?rU`DDhD4@QG%LI +%[UAPh1o+oa%>XRolDC$j5PM6+%$9#jOs.X2QFp*gb\qFdo>I5i7Mca:.Q'a\B4QdMBAg=O>XKoY-(?4;,@Z92ri'n<EMkc9GK1NE +%W(ZS9"@Opqkl6g7m]e\:WJH[KgJhdCp'h665g)sgC"7kNUXq`2/"%i^5KrsKXG<=fAug7L_T-e%qQ\D8Yp_#%IrMT8nS'HslXOHZ +%J+[pj7KSVSB+J5aj3XHLRsb\B8ftNHBV"$W`!YjP>[jU9Z">1X5fF:=#mM4G#X&`h/2L^QTe[g(`[#F>,gLRX&=frR]j=-!_aJ;W +%*G]2e8I_/l1k/J"=B.1uQ.81R@Q?kR40FL[J0$lKeX>PY"<ccjYVMEagIfNaNh`=JG7b:*2mqDfVItAm3H9F)X-$C08?!]^7AilF +%ArHGhcRoQ;k,DQ`hQ$iP=R[$>(r/:maS[k0"jKG.rWMj)T;%^k;T(KDfTKHGi]rBB3=)%1]#?3sHjt/jFVnf>3Xi7W'U+W-_\%#2 +%n;`5R_)4[2+@re:CTI@W:,j[EeT8:O95=(UV)L;adu<8P\o./!qf!AY0S&i?`FR;C&j:@o+T9O8c'UF5aQ@5HWt@&KfG(9M@UjUK +%P:DGag5$LKQm^.T(L=e3I86F0U2;!HgETC[Q(SYBFXXNF9=qK69t0dO=P^M,,f="`Z"E$Y$JeG4+It)>\piqXHfu]5o9jM61;3UJ +%G`1^"%/rP1gYWU<r#'Ef$VX;q5">2K*7+E%d]V1=hKj"7h>-n6-jV*#I/e6*j)dHYD*WmOHs%64\)3n9hKn&THA%.YD]d.Rq$hIl +%m&sqX6KX5576@0I\3ZV`r?khGbr4-XORKa"'4rYeJm[Lm(j@N*/>%\6\U&A+D]T5%Eh9^FoorV/?g9525dO3$5QGF^POg@_e8FU[ +%4Sp`?c0iD-L0;ia=ef_f5>PYUm;ALnLq(<#i^E&*!IF!tHb>?bD8pn1AMLEOZT'/LaUj#&HI:Ls'hR<A#0^Go$,L8"i,J3X<(eTe +%qaA@K.L-0GB7j%)jWTB_2*h8]0P93c(_E:P!f]HJVjHUWEP=9HO,c"S`EIA>.LLnc7Jul0YOc:)&LcKJ)lWTY$([Kj9A4N'WCm)M +%`gCaqf(]4Z3`EuIP2cD\ro&*VB>Gh]D4#,OSs=3GTf$4?c_5F&:\+QCZQ>#.F0Eo8NG?uE$`TY,.8P*jO?,I]`0,[]_"G1C`R0t* +%iUD3gmWFBLZE#.Rn7Z@O$_E=H@K;3\,Q$U(N^G64%irRKrK7P2-F4H?)d'6G82=b[9t8DTkm>*?d3lf.kZk@9'gnD\.3L#sZ0PWC +%fJ)B.&A-(#Icf[Wqi@GK,OdY17tXZ<dQ]oSV\"i<]N\65;4p8R'^m@eJNbUtJOs5+#9AkHGWA2:U5't>*==$#1VlH+UO)=FX)CT- +%Z1A,AbG&4neT`C5G9>/FPNsJg8;?J;/VdP#T[5,KO_gIXfU-XWrXo:mr?00dHr"7KRi4NQgR+uP#3)Su<9=%LU7`nA`,<@4=[[tV +%-n\=,D:TOm.3U_>/<JGI3F!%_]_"O4:=@Mi:IQ%VAP@N:'(RRa@^MZS"UDpnO[tK5SiCj<,rMTQS?W&?T<Fl.,"Wr0#U#W`7!;4T +%F.P=R<(u.4a-kH:.=6BTs5(g7/C1>8NI4kF$7^ujoc'o;@<T"t`N=k8A=%_Yrm7bTIoM1'<#a,,H\E]WSV,hV8'bh!l*hmQq]%u- +%Csi^D;8SY.Dne6p=5)bn.P:Sj[;rEj2E1&EFt-nAhZ"'+N9@\GW"lG6+6o$7qPK>`';&PL0;dUn,Q*juT<BZWLSD>kWgDX!(eh<K +%YL")O;m57pilCpP7#kmT[Wrn>BWfh&8C1@raA>[nY305++@-^SJYgeD`.jS`3OiU[oC7KPVOPNq3F1-uokmX>ONTf^'TiYkVhuS5 +%O*H/2(`"*UW!@LNNu!M.RkRsJ7':)brAfJh9G)Mn.$F0)9S9_.EPpNC32tP\E%k8oM9%Z0W1G*sS/=C<G<S!HC:XnJ,)^0N2^\t, +%pJ<$hm3L$:L1=lLY4I6hMjpjiG>LhZ*K(G-g/>IKFjZ-]p7Xj_Y%!2`=^.V*NA#+a%pn*:?LG")T0N@p?iKuTs+-gAePH5$^\j_i +%s8K5$r]g?7J,I?:r0r32H[Yl8s5s@ZgV7sUs7#Ver7aI8h;A4n:\rCIktc\c6/Hs)MiTsuPP.TI1&_%%rsq?nlc26iY=IW&rOMn) +%Dh%cDraYg#5I(0js#pCGfXE<t_DV,a`qQ@+,aeW/p\ad#EsmHm:]J]6N(Q8Z5_)fXUPgN1dKgas67lTJq'7`Vo`<cAO@,1)!Nqje +%9XGblJ-2;N8Gs*f2As=ZLc'n\M0a)ZF3h04$5Q,<*5Yu\j%Xfn.>AJnHn\-83pZlF#ng:6Lj+ai"bcVc2(8`$fl(@M*EAD.jFn$? +%iR'G;i6STVAkZ(d#&4eR5#EQ:3>L*Mq6@,3kR-DP<'H`e3B>8_Ml&CO)@45m`CPfs_)rqrHg9u]d?k3U8Jij=<d5DR`8hr7q_Kl& +%&gU'%G?sm[2'$6G#m"SQ:Jh'f6GT6r?c*FmWXQJR=ag4r")$^G8kC.E\4m#:J.5m!E82igGloGpFdMSBH*0K@[N)h+PmC/c-mM.$ +%nkoE.S6nUI*qor;6\I3tWFBkACcc,eo4")Lj_[E)(s9mFLe;amAXMsKA8hrCKre0k"JQ"(81?'6>cPRf%KNg*-h@cFe-45W^sp6+ +%jSlRJOT98Q<,='6NlU11IY4i7Z5.Z3/e]Gl5T2N<E?[^F$27i\G8IkO2@/I*qc+Ve^`j/HVJ,f4dmq/Lhub,^Od$hh'r9NL(lJ[( +%W)>1mVP3#,7:ahun[OuYH`<o6bf#Q1Ktb;"$,X*F@74+RDe]ru_"C6[[d9H[b">X8/6'jG-euZ3g!S$,U`hH$Kri_&K,@Zh[Y#<g +%g$T)4</c!P?DJ3r:Vhc)1Bh?d<O5&LiMJA5QR3qpQB_k?=oqYgQED7GHJR?U&FTAemEa2%QfCJpksm@kV@#uK!h%:U.[s#/75>E0 +%'Q2VFV%%ZMXG5ST:#BAu/Z&MW^*!GL`^MjO3:p+!D[c1VWpH^Q]s*uqacs$TTFoA%3Ptn"%ftf,p?pmbNX:mFq2T,F#GE5)gCA3T +%0MM'6rm<AIhSCeJW$@j+YAoYG]=:s_qE,_ulIi#]bIX\B)@7hQ=XO[?nuDmo!2Z5MRuj5B?"L31hGZhBOee5hGpGS9.#+dZ8P%>" +%5Ybt'@35JDK)'YLkT^Jj5d1g[5M][LjuqoXlj!O-1P$+efCt>Tnb/!b#+Xg7\c)ru/Bn/[.llp^9'q`c-H4<B=H3B5=B^/U&-Qq' +%>QCi1_V^XL#m/ReWdjTN%JoqBNktut;&mp47E"`\m@t^ejBP*&7P';IRbl`&QYu_o`+NaF!F]Hhik_j7AXC=ee*6j0ZDtq014VBQ +%R`dledQX27n#,c%T:R+kEgeJND=ElMqSuPPJ't!r<6ZJi%<RddL%H]7a@<FG&km(Q<Bd4:"_h/e4fM<j(ka'\^qDUndeVq,=tHPr +%ID!PgEg1iS(oA6r>/:MMnTr8.kRRK&EH>NA,2FJnmT2!\S0(<[`^je4UojJB?la@_bk'?*iKk/M*Q!(Yj!ns-6]b4Ieh@EN6Q%q4 +%k[ZXDeJH!F#YNS6UlfCOV;R*h'16.D4XcRSfYfQ[Ea3.JO`+>u/%GD',]>lgX^W!bd+Qame7r7]=U2REpdKq^k]<$<1K\)tCJ"s0 +%cr]EtXZF0o/0pk[4m4H[Ae#h!>OboFd<C"fDE:JDf^hPI6ruIli03ZFKcENi@<RX1RV3mq,3_Bbp4^#ck/m:MU>kRE6,g-W4m\0( +%+/-_+BTg-ee:[b4CBXT1G)8OR!<Njl_OhHt1jXfue(_3%I*cGs[00>[,8o`#j`^G9?fpA`3-d^]'`NH4C-:g4LD&838@&$Agk7@n +%+]TWq,@FS`E6h=.4^6@^]uk[XQ[S&oo'*7M5fmC#J=J5=+OTIC0m_Cr@HB0gNV%]lS760"=ssdW'D@<8oc=dR(nbN=9VF.leT2`p +%,WL[#jK_X?7HH#.B43Vc^P/MJ9lM=R(j*A^`"^f*_+gVII_03\Vs/MMYcK6<I9j6$s0s-Jr>BTnHC7oCjL177\#:43?fHu$pF63H +%K/?sj2V=LeqpER'-=[d].q6sA(&e(\b7dmH%DK<Ag_QHC[4KScO3aj@,!;9ZE1,&DiqHT22fPKlD0p)ukD.>O&'ore]>UMOV$D@u +%Fch=F\(AF4c(OEGd?\7`m@ne?r+7duRmOp\rpaP=.4gRa(NhNtm*DjR0oi8I24Jon/D!nk%HkIO6gF0([##0\8I_W%EV0TF05\^8 +%pt99ai3]!OYg5KIOSM1h_In/m'[d]S"C#+cQ\>QTdh6Ps?-<DnbE9pYcSDDE(-qilK)c3dhWLqP;"KIKgW_-LI/(%!cYSur<G/a' +%RYWo5/L4i,X)>6_7)k4>?UpjqeW:nCZuRRaWkAA4Y<Yj7j4-#*O!f&+(]d`$eEnG._K>e4[DZi\$EX0*Z+p*UA)N+t)uT%3l<HQu +%*MoOoGIA*kGU<*$3MKe]fTh[-o#KYKm(j9V$]qKds48UfZAfi*]aG5%XRGaT^Vk_BJ62ZiH<ZoOj!BLu)=_op'(41"TG2fG$*tHN +%p%[!I)O@;%4Ed*"h)66?b_j@:A-f\]Ke_:fnE@!=-aVh"p9XFCU"M.l=_K<%'3U\W65n%u(Y7G*o:@9t;E3Z"GApi'cVk5QnTb#" +%M9W<?gO-udDD06hX'6<hi+_c>J(@92^$B,N6)5j#I^.`dZi&^I,s\5Eb.XubGeEH.N^YQW,O]F,drehK0k/O/Z*(s*@c<0?2qh_P +%^43"([6K/PXmq)2H%'uc\3E:G(JgBC>C!g*S'Sd'@ZPiH:-0=M'<A5^p:I6G>[VICOFb,*(Ys)cp6[^/(A*e`Wqq.(8[Cqo!B% +%It2JFmY2[p_p`aO0b>>Jo/ImI19\IOV-pH9RNC?U<R&aHhYj!YHi<m8juM7qH8o%%adet$YhRqADscep*YO`3[+l\:Vp"@fVEQLs +%\<0S=@8SE30pigFNadmaajElLr=/,HEbVmLg\\ZKR9enN'#\(LR9Gsk6%8P+U$R`qHD7!GkVH]AlL31[4Y<oa?RO<Qhi"B9TG7Kt +%Lr0?tX"dskUPR5#ol2XA2X`KPZu59t7Ig3*gNI_Bd=rE4o(C_smZ/95,Pl:;`::E-IK&IbJ;a3/MsbVDpp3@@.b:S;D`Yh74ETR0 +%=$;Upn^2!fk[GP]H&.D,n-Lnj>U/LJ#nt5JC"sk,YHca"!B7amX%\jmi:@s2Oi.$CLq\?bNnKq4_Cb?ncHkP<*5%p,fs^&;kHcB8 +%BS1:mhuJfo,V*7"\AYX46d.4cN83>q7OMZkH?VfiYBi+RpJsq]K""dk.<[3G<19Z)?C,(JN<EB:.`.7F%D$diE?,Hm`((O9Br6fF +%TFfQ]V7sPT3P*^X,ei_bEf*bg]+=t'(fk`Y7(Hd]2?HnJasoQSLm-e?&/C.#)EpZ#-\?4!EhG?8()L!ciOZ6]6VA<DMr0P>?X+6f +%_77Oho#;M(%!0)Z3p@qrK!$>U5o^+9qi3?:BcZ?^02',514)e95Ne<:#5eiS^@T\Ndn`2eK#ZM#L^X-(CU'\/I9>WY!DDM]f25;+ +%c2!&<q_UST;JH4/a^_,/XgLu[q<"'r@<t?n^/O8lk&?QBX"Nh8,^Ws3O-:@;>,SDWGVRU`a<"@u0n,:`1Q%C@]*XZR#!m7r-\[>, +%$OtK,A9`ou8+![@UJ[(Hg"aV-IaqKCZ?kRTOsJ"GRm(BU>d9hdnAD-PJR>h0W.R<MZfc>=X-*s[IA6T:q)<RT/>\=a^s@:`$`pmb +%.mEq^&"5N-BERQ3MS5dZ!TZt7BT5C$O(+TlimF>L+c*E:%4J8h+3P0engq]">S8gLM'QR9EPc,VG(P)LJh#OsR3.Qd7g?gqK42]U +%R&obU*8kF+-pi(ZQL4W[&q3^h_c;8JA<b[El3FH6Qn+A;h,gW:,"p`_.REq;.>&s0%(o"FR'VC!Uu'"VV!HhIW(t.]C.tCFM]%Ob +%FnQqZ3HpHt^3"?(fFjYZ.(W@YX!+-9SHm*XFCAmi<(7T)"*P0maX`?a>BE-s8]FdZGYehNXu]!;QQh>3*\:OjIL_2[bFd:GQC&;R +%W$99-H..:t!V6esGB!gL$<T9!-Nu6pRk@4!LunebJKJIRMXd<(73F`j_I/]%&W7s:n@<=,%j0)TZ-k&s&`uH)kj/H-Lf)KqqEG'4 +%">OWQ8%"LHPI1DUc3jIr\RgDb\3Lcrk,Ph]@7_^lI<kc1GX*bN@dO&jEtq&D(fdXLp_.*@Uml<068^>HC]uFlOdm7=J[g0&Lm^+5 +%;sFA,Fr0g+ef`0dXA+rD:0d&i`<HcKn<h`W=t!dk0Zieo<V8dCC/b9In=@X?U%SW;@)RaF<JH(<P4hk"cFgo1=9l9JG4AC8e@_[N +%?AdZq-s\7DnIUK&SI?do6pJX$&sER9TX)-<kC0KFi-FWkos@9Xp7MjHB?d@@-T$)LBLSaC3XY(?r#Em]9H_b(o:WD*,Wd)V4W%u` +%9YA*aao35C9$s!!&CF$PJ?,(K]$ULW\QIq=MCH<$1f+fV;HQJ+Fk+EpVGO)==-WcmANMFE%\PQeo;,Whc!A0&7uSJ*?;2#il;Ck$ +%ne>*,EiX7W&:T[Ia]9r\Tf@aT<;61[`\H<UC#Q]Y:EgNf@D]@ZQijI0^EJ(]/TG.;-!rN,Ke_6CN'cGY8=6ZH;dZ@M/qYn4iArj< +%'p,PnEKfDiN;\30\s?/JYADM>'8DK)MEroa4B7KKkn63SYYu>XW46`Afe#>.cuJc*q%Gj^e.+biG)EcGC8_AB60a7T6J81Z6ie`5 +%cu$>S/.ira(aSe^$TGkJk]kMdAC_&ZbknD^S4U*G3ksZ&OD<\uLjQp]5_]?AK;EpLl0Z"[Eki3pF[=Fs?^WBfVta@OiQ(9-L/%T( +%^Nt#iIrm.L\3X&EmEHBj-5?-0="oAF_U(Ou-/il0j,KI"<SX9cJq/'Q9Gr$*ALTL0clT@rL@RH`FhFpk`0s!e]8H`-&.D_(n],RJ +%F`(@S:-N$FPoB"6/MYIWW5CJs%%2h0[Pb42mJMegCcd,a$JuDBj_5h2d3!kO*)*ge5DT0`XkeMVkg'lObF3()LEbqNe^++:P&GB3 +%[Pfl+a_m@tR[+Q!?buuUep7s!<K^Z/b.F*jTG07ZA5l.C;OMQpW^".I;RG'r,*M4^;2C>g/-RC4S&Q8TksRAK+b\Cg8Icq,"6LB2 +%nkY&Q,jLE:q'.03Jse%VgJiT0eV]!W`=!d5Nu6Y3@aIPrW:!b'`aQ\@EJ6S!FWUcQrNm$:_6/H6('N')n%`+_e-(]SUf.Yj_T%>E +%U)=n,ODRTX/QIB(3$#cVnq=!5o#bg<d>PK\'$:M*p'bb6U?2a_We`-U%uqhfKbT+1M"s5Hk?[&"&$]KDcI3G%7+e;sfV'f%ZLrZY +%Q+0JUpiM'/cUMQMlWI]uLfMA@&:$I$AI5UgC0OU.JmLmO.CqD_#qtJNUbR^%cF6l":b^?FaD)@!(*>:.P87\l@iC;jQ"u#[/?1t9 +%jK,CM!;VbJ"hG$JAeE(Vi2TT]KfT:n."VEknl"XaZ'6meFafE@+lH8n1h8s>F?&UN=>HJWJ^@E.23*8Cg&eYkKJRVT,p]^^B\Pt. +%38o*L/_JVf"lu)pU#W]7V)r5>2,:mbNYFgWp]Nj<<qXa[riP+62`LeVlSO^M@1B3;ATjX>;-nPkHKO;W$.0*WF1Ps,K3k9S1o\Xt +%2g$/XHj[lg*n#YM^oe3O6q@C`^AX8@[pG@HMe@`W;@d7]5RD7"dFW<$82EXu"G%3:Uci=i":OFRm#0X&CD%hS>Br%><,V+RU-sK[ +%cZA/N,&%8VZFLGdD+1+*iiNe]Se`p9.;kX/ZH5.WeJUgF"h7H)Z$hMDQjjKNr@E'(b"iSP,0nYOf-V*2CtTI5D^3Fs'Y(2%6+>EV +%r$9<L"D\;!\&C)S(l:6s'@"2@Y`:?49L:a2,0tu<l0ZA:5\E1rEL9T<"+c$KTYe]ZBYiO+%)HPA;7q`WTi%G'kl6=r5c7`A8ZF!G +%V7s&6oFN'TqqO)8olUr0f\X`*E_r`6L0Qa`.d,7X[-fQ<#I^rc>6u5s0sYQkrf1Cu&::=>5S_81dDoM2;&Vlp`$lP&$`V4$]snCk +%b-GGWJHaOGZ!.8M1Uj__`l$gKC1I.PY`'8Ao%>'p1PIWQRJ!YQa2A;`g>Q^Z2F@KoXcm6MPFBus0,*@RiG1F1Uf"L:0A(m?cnuB\ +%J^^+b8$83R:#2I:/?(]rK*JE$2Q$V7guRZMb>.'`".$$*JaY-Xpm.,'oJT9N/g[^KaGmMPo`BRd"<=jVj7.pfhJU<=N>F2=SV$a/ +%3&o7[f@PE@U-Dfkp$_nO5Q:&RJ,HpNs6tO<di\VKDuRperq*'V78cK($0F&?l+a>m.Thi"9&/n5eFq]ZWF*$ciadRh]G+'<o5655 +%iSWtR_0_B^0bL:6>*>NX%@5tn4$NA9TDtrs)C`*OiR#?qg*#Dh#rYK,^#!O^Dgm/uDJ8o#HlA4rA)i\6WueD6BqS$C3q!GqU*^q& +%Hl$`8_MrrH/\_)WmG2Xj0_Ck$#g)'hll-HhVn00l6LW[2M)=Pc^af\)Gd#A!rVZA,f)m;@S]<^oL@*l3U/1POL_H=HZeMA'Q3Mnf +%[k5>kq47E=*e8Qu8Ni^O8K%XQBD<BL0#G)%gJ$cn8DUT*HVO%TcgTZV4FuZ5IZ]3bM\9dFlqZ<F`fBPWokm^=%,pksnV^p-8MnIb +%4g`VF=QF9XU_8m[1rVC<^N6lFoPBMWkL-KIh:bo@maG/Uo1i53oCG%fqd&5+rRrTnr2Qkh\=.9-BWHOua2!"\GFIN\TAR367j_<F +%L,:E?9NW<P&9("+@2[s>Msl+DkC+LU@>`_Q4*dS8XG\tJo#856S;3gDn$L&X5JM9SlPY/Uk.:Hs*^c=SBcB"C9,cf6gWF(JYP3rf +%-ou_.O8jC2KG[$X1?s#=C\'JL^U_rdHFiD`?+9cU[FB?T"BGs'`-ZA"HD'GJIDj^pK7G@9C&W$P$\B<7YV9O,DnXW^Dgm.VYMYma +%e>4MDk[R_HLYH[IHT/A7k52j#q!R<hme;jOLAX*o=kYjh:lZJJ!qYNqpmnkgmcSf^pYIsVLf2?mGkKh)X^4@r/<'@A>Ip6XbPf^Y +%hF+27ZMkV#1h,'cGc[8+5nr7H(4Y`CgH0hZA)V(Y0$(fkVqk24FV?_U$qn@af&M%Ime"+\"n*Z,`1?%VB+Re&^lEP"%cf%qC\(Ul +%^V/Al-5?@cP.H;-1S&n/gAktn;;P0bh\P,Jr6G7)[%qNO$0bPZ/'r-E?LIs!"0_H*>C?2:488Wni_A:QbZNgY^M'AHj7,H,"obAF +%^A%GoHc>H'oW[qBs89A+nAi:jS8nH;k!6sbd:Fu.fcAR05klQ'o+!gbGPu]#M]6GsGl>29f(f7-GOB_sLjZT+`MXk2B0ZF^T:"tk +%m.V,8RDI-*\nIHur"dGQT\#U]_j3XEmSiCeg[Un#r'\3=9L<kd%_IKpnM*L<2&OQ1'&$@pBb$8+D[Fe?l!iOY]"jUH%ffPnlB5f7 +%!;_4;]b%mK\>SX,6!TpOR*m$g?Y4b&+a.FJGlceO8CJ(`eEA;CP]D[/&H3HmfsSK3PFeTr\XiBmK3"D&2JFL>[aY&^KM`3*P2spZ +%EG`RR/gQ#E<\8/G5+O(q+UC[t_MlUYcK$_oM\Hk3%/$gb9\UZ%SJGehq*"S%KSAo%N"^irYU(JeU^fU_\<ek_:l^&=_R#E4ZgkdU +%[pbG]!"P>NJeL6q2;AtrJ"mdr)g7\B5Upgt96*0h@17-fJM%!I60eGlC76l#%-U.sB(^tJ5o,qpN/2%/9F8>?KF8W*Jqs\/*_;`h +%D]Y]7\3&aY9/ibXD^).\J?Q!f]UER"FCPp?*7^d,$,OSdK_n8gPhM,";LlJk0uH#A\If6]9ak1KFfm0\MKC_S'>^?=<ip,AXEG`f +%*_dnTD`JE$o'f3gVISJ?K2lfD\!;RIf@jKdZH0=H[Q"Pc!n)f[)DdmqoDj^rBt1s?]USs)9CU0"1SbR7K\cJ9SNBE"E+A#s8l<FF +%YB",W,2(l%0tjirI#.EuGLA8Q,6X+Tg-L4YlI%IDdfA_:YSK7GI#fo4PLRX;9Xp%p&_sR6-@!>E)5_Jnj(-G3/i"]"ZY6)0:dB4D +%<!=rs/&GJ-X]p6"j[Im"F5%iOdBASV^p[]5iAcA7\sRF:VD"/qHn8r]Ad*%oddicP5Z87AFnURaA*tmF,AmYe41QmUc:j!"P*GI3 +%G-1/?o,u0bmA89%9aN96cQp,@_"oJ@:?Wkr3"[_bmES[!TqnFM/VM/A%[i0XTQq'SB].<4apE*)m&Mo=&)'@YQ/@CmEI]E\4=M'2 +%/PXbMWjK/i#ucudK_2\Z-?1E/a>`,46_JSAWiEQ3)PnB.oB`Gs$>ph[JRIA%"R#$R4#EjmU'lnMXGBngdZu'XJm/:45aL:0Q`\Q= +%1@_]LH:ch%C>#a9?_3+8,bp*9r"A:<O%jXd*jGp[*Z*=I[U_I@5(mLBK5DPuYt5[^]f.[T,iG&caC-(q&N\;m&2$Y/M`<Y`O@.f- +%,ul4+g#0[-+Z;^n#eKJT\9V:I)$(sPeru`U%53mlY(Us0q%%MT&5(pM"&WC%?m<$4n-c6/G)GJt*^iY!)sgZ=ORYahR4>#?4<$NI +%>qGk-RF7\gXSZ*;$>*A@r#(jQ]^JLCgl<\(pN8T^]3=J_7o[=gD6Dr_hjD_?H1q/qV49$[><+mMjdF<L/5N<,+!N#!@@`0gmpR<K +%Q)mh%eAJ,/(XRDcfJ<uZ?1;hJ?#TTfKCZ+?rS0],]-\TaoFR3*?u1fTU@\TZUt7d&]!rrDk]4EjIS_lmkC""8f)#'VR1r?\)TA,4 +%Z%Adg1e8)8#RHDVJ-JRMTT?meJufG^%\)aLO_6\5Hr]+68\SJAM$gu_&ui-(a"sS>UbbYs2]t;;r=):HoKAIZKq'WViX[9G/0FX< +%Y!X>g"6-D]7Lq9b=`Q4T<(Y1qcKQjLd)QVTUs3+8RDQA5GHF,<rrWuX*o5]3P\q$6SS7:26V<;*p+a)BE?PSE1bsoM^e.=cirBl_ +%]r`Z]rrPtlFcV<S;<l#&#c+;:``e*sFc\1@ckK$V8f`[NWte.RAYkc^W6_5V8!dMTQu[-1pG%YaKGi)(W2eYr0Z=qbH#J"3^WLEU +%9I&16MnTEgNRGXggi7H"Lk00h4#mSb.IoG1Dil.p(+fO(_!-H7*'gfkftiF=amS\HN!5;@d-)J]h-6WLc'.H#e"5Wm%(T`W3[Cuc +%jFO$r+Og`q[+,WWR7f\dHDUtV"c)(l3=k3a:H)8!R=iXEIA^g?mR@XP@U(\AqQC&9eJDV;?KKn^VRJbQRC#Ocg,N?BmK=Xg)@I&F +%2[9UIY>%]P%q!i-NO1Q=Yb#\mHUSi<E/gZA_Z1[IKs>R-Ld[@aOJHa@\qYPSd>VTf7Z(uBT[Sl%52njEIr0gV^D\e"k7^A'-A[Vr +%%TURS,gK>N*)B9E!?trJC2t17-G6u[Cclq'kpe"FEAZ[7])7R^au.:s\)q-J/;?Q;!km@(*Y%Q!OdH.rVuTf!F?pHXfpDR;hH'cW +%/V"M(.g`CEgBYT!/<rd,/UO7R,r8727[:]*UK(PM^nTg'C\MpF&UKqn2U_7-bP$MC[HAtQnU,Yi:_#)Yc.GshV%?fRa7\Sc&6TWU +%2akKEASrYj"L1h(/-GO49Nmp.g]]#6]!4mr>pYo`%3AJI`ePW*SsnX]3Pu0BlL,G:Ap*.3fME45or02t3PGS@FgDD4!<uEDE<C>q +%ZiubPCi(I<H8\-SPhRP!'Y5i7ADs$_H84R$^cj1.o$CubmK"E'p]q7jZq6o8aN+E;%:<aoeUS0%_(fn1c7CiW1o-U9eM%2*+d]Ot +%m/RHG!*,kmb"R)4KPad@\sCKKeDoakU^ER##s:sJg1+o8(Ej^jAP.@p2J2W#CqH_Wq;+6qJb9MN1*3J]R7proG_!p41Vtbc-,hf3 +%b3-PpW*6j%cr.b51BlsQ\?i_E_g6YGRl+!9Pb9&"ese'8!2pX"XA-\:T@pO>R(-PQbK,i7rmeaf4gRfgMFf:9dX-%`.$NCV:K7b! +%I2_tc'R$e'mS4NJa%@Y_883'bKu2?3eabPT7/r6Q;FPPZbhHX]JO'dMkYON>pO)?cI18pC$NCYQRM^t+npLP?-L_<)a^>3>[_.uL +%Rr6Z[[IMJ")%W,+/m9r40RNnodj.r/F5lhkK,j4<MHd*i^ors^l3,bVGd;_=Dg0r%ggekgSJ#Dh[N$:ARVVl=E6q09#__"VBg_3m +%ft_`I#-rp4o[j8_BSm)rO3Q&5hG5J^Nj2D2$p1\1V,gH;hb=8nf_mLrYS<>r'nJGX.$@fIS&o/YnEG]tK)/WO=(*=);L(#/BZ&mp +%O+#BMhto0i-$IBXlfc3@LN+HSJl?13#-p@ooEi\ha!7BcPbqh_Qj$=*H/'/m=?BB6QpSL4=S'_5YT=>M)kPVq;oV@#1m+*AV!$PE +%TeLWL?qm?a@Zg#A;FZW]TSeH9P[-<fc"[r@[;K-JRfrl&S"sg!GS.''e5;GTrc#Gn-7=]P.NGajl/@K&XC1Ye?B:YDDA('2IGXFK +%`@RP<Tdrhp9TaDZg*FUm4'-O>Vm@6l5uoop6:88.-lrF2CTN8L+jlQF#'rp/Q@:3omQEniY6s(k.;Ko.EE2:lSu;A@E+:k\O8Y$% +%+hu_W@mjdmJ<G,]7De,AYqFo%X[:8q'@ii`2/U:+ZmJ\q3AncB-pU+</qp`d\eqa?K2N#N/a67hQ4/'UQGB4US95-/#5G!O"!qd\ +%@4_OPUNDIu=,<#6TWs>s,O,a"+-'R@rXdc`q7EGSPGT,ujok]:<D"f=Ka3#iU@UXlm2l2J*J>s^#9J0$8P75E%$I:i^P1L@<$8;i +%Ml[P-iYac\&+9V8!d=9X$O%Yn3NOTG)aIXJ=TrqdZ+fh[]?$-/p>!2QbOauQ+h0j\/N2@Pl;Q"1+H+<9oIR:Y,S!!YCM`-3^S\&% +%;=Zp6l-QHZot<F+[Aruc9ghb.]dpp;17roVP72%pb[Q`7]Sg/YOsT=,f]omu"[=ZfK_pFi42Q3p0&]W7QK!=k7GB+4^KjP55h(rk +%^KqZG$e='9*F*]R,F-Es$N9E?kA=^Q8Oc9!qp68gQD%At7:s]P/D*YT?dOQXXr]ijI)r[9]&Fu(J]t3o`ngo)hhq%Sg.nn\Fq6=b +%J7pirNXKK3XW5M6&`n)VF%2#CHsJ7S+QPiGAh./9_(!r7p)[tA+N.+=/OGYuH#s^A#HLW1<5g96Q4`RA-3]P\R0:fHb>,[^d!LG# +%c9nmN/;or3)(Qo&j]##S3]g%0nYClHSeG+D0:]T9FhF+V3b.Md00eK=/L!fYE86og+tX9;BcI[q6kjEROX$BpFjX'UjNOcM#1X7B +%]7<.$dZ&"Gb+&[PnH"#*ZELdLYZ\%3;9[H+or[iU4K*ftf`B`1P2`d@ieUPtpbd%,`*neHgQOkrE,9YZ7Q(]E2qTtojDCoDlU@4( +%(?@;Do:h8;U2ukqYo7bfKo-QY4KBu0:9=.\:&(l9FQsu_J6\[IP2RBF+snm=HC#oL1E6@Ep619iO(?d472ho[5o%A:GDZ=TU:`NY +%#_Ien"mFZcOf3eCKu-"(L_e$9S=ea.+:Tcb@AYDKkhQ%rl%qqq^WB4r*DSkoSGFZga?,Ne=k06W3b\-mS)be!H>"'+ZTDrgiBtRm +%d_t7_oO5VeAc@X:W<_B!KY6i^9JnklRb2#cBSqd7T,T.dm._R`.a;iRjec"98[Qe)5*=E,<b2j[.!'END=R2(7R(kc66IZOXH?o0 +%)?;I8\`Gn4[TN3n4*A-)X>nZ`4K9rNqPb-Y[E;DUIB82SHEA9V`:,$L&F,cBrKtS2=:oY-Qe)sFh+;Pu&t+`K-o;GP=<S$*`)i`R +%&Ca(m))5F,5b&9g^8W>aQTTJl"Q.fR.QSA<Xc/'h_0oeT'uJY)8U-[E#$&>\IhYh)UoVF5GH::0E.U-ErbO1C$/&'+@ndBEK,d(G +%rYs18*R&X"LBAiJVTpcIf>"kY'nMa.d[FPi(<[6R?=%j]!\-VuMsGh:I$Mc:N7ef"2!*YXmfWZ\+ikPfB@s?uesrVA^G^bHiF?G5 +%%0\>]`YL'c-&]^KmBWf@e#lZfE?F#&>6/4V^6J#qK4LiN-VG=5_\_NFJL>7^86<f07Wsfkird2"?FW"X\W'>FqTI%P8$IZ0Ll1If +%r@6*$_K&S4Nne):g"_RP"MANKKdqrnZKoEaa#XRfVnh3M=gb-2C2h9V7CF((4M%gk>;9c?d`Ic'UpgDZVNA6P$ilX_o,4L1/h`!e +%<O_2<@qX;o3B_Xjba]Be@9=*(:?5nmU[T:T0:7';dFU7&lZIU6*qmkE*Cu-To;Y'NN2/.S'qf-r"A9+1k,^eg&_`E,lIqDq\>B#J +%a7MR7!U.3J!HE'C"LXZ=>HQ`M7iX.gO5Y!RG3"pD47\ab(8S-k6';k<!!>2Io+G?sp1FuCVe1OiE@r1t6Gr<:*j<dE_#4S^ODd$/ +%kCl@2fJj_,8(=e3<12]E?jl2'ZJ>C6i$ih2Ge#611Q$bd#.Z6LJ8bsPIqRr%&QHkN_Je&%6?&bX$-SNki7h1?j:.WG@8+7H>@ftM +%8N3/2:\K`m2A^XT?$X$6?8CjEE]O")%Zq1K^2>Ve:(g`Pm0Z`)*+r>\3$$1OC^Yc$'Ll>7p'$0mL-3`;f/QPrR1:j>/3mcC_QgJq +%KNo/u%VB1bD-Ag?UOKeL`3JlU6U6]OX?/A:?:J(9n&LepC/X^e('!jpI97[&K+odeOi\3/O$&U-Iainqkl>;B<R;,-&9**A7=(V@ +%qCn?ae&]ZdQYn.g^kYYsV!-b,TcpI1m^];]9ncmEiAoliaE/U-7"68/@u5u8iY8`<HCG157(eB(jee<>PqIbf3f\Hk<LBO!+[.q> +%QB42$%!G#i_&ZC-i%hVL!@]6]B.1#:&Qp/D9pQKd1>69(^I21,L0ogg\8c(6FbZ%G5S7:V+/@n@^rmQc9bL:*Th%_Tq"3#=0Ok*1 +%9D_D<,C&k&.b?XmSm4=+bnr75dd&q:1FCOO4XdY74F5r0(g8@T,8+\0?cV+hOCl!UH/D@%)et+LH>Wc:1Y+*u6`oICc*Aa#gOYh_ +%em;2g$Sk3"rnu%gZS+<=B29EB5b-4O<^2BroHlj0!BJV2hRrS=V,S,aSnA`K8jF&\#mEt6J&cqghFZG_Gree+C\DO%!Rid6AHehJ +%2UIeYeB]7O*_i1Uc8<C6'sj9tBuC0tT1SYlBfrl&&?<mB*J'SD-_qLK#;rGb]KLZS871]Fp-m1@U$Ot7,.;#i6Cc!q>:sKf7(d[n +%8,,ih('4Y@8dj$MP%2^?X;1hjd]ZJ!i#qi-F9hNKoj=K;M>@<!"D2J#rZHb]7UBU(8:MCS+bon<'8$#)62VHD:(Q9$kktJFV[N"7 +%BBofjLMSEbb^oI<>M82/CWZ2u9&4R<+U$B"Bg;dc2mdiPTO60b_)$2kr%Or+_<<*3=sQ`rb`@ucj!fASl#r,S+R;]5S-YGq=!aDN +%$"aT/T@[Jm7j7'qlTb?c5Q9Krr8g`E&$Sf&iT"qO`PDOZ.A5biFoV*[WiLQZUMD!SNcW:S?[g(4(B!/R9t)e4X);'J5tqfek5OWF +%oABO3U-IT6JYAi2rdtenjDuD%rKAdqqZsUSqdJ"npU6(k2E+&u*^>8YI:<pPgR(6GSOHdRi_m8)Fn8ki7.8RK]]V$^ndckpJ%j\8 +%Cg#*ClhDE9hsQie2YDH8j*-(KN9f1u&qN[Fd5LsZG.e+^oUou7mJ>XN?`f`%bI)-5G-1qsb\cN%5jQGep$:FKpN:p#*6S&h:&"[^ +%.3?fT4`<L@]:O6A\pA/HlLuE`Fe9*:ajoO&8'L)eEDo(&CNUS#NDI9:GFc!%I=gC/a6\c(M#6#_L;/)I+&HQfY3Tu;g!n*hpA&I@ +%^\r6WWMJ9O-B"t*1j*bfplcbA!]Jp(B9XYiH*lQ"a'6.pC&6kWq7LiG4OUg/YHGJH$]`JfqfF>;H3j/#j7_<oB=i:<:5Sn.qln## +%Y1p2U^$(5Wjq-"8ge<4MjQ=_Z7iF$m?B=pUS*?tj>h9R3Upb;"rTsE`S*@ulGTDTMB>(139g>5Ege>JrR1@-deQ\N0/'n:R9V:?k +%Iu``:Y^bG%5J*!FA,F7sq`HcU9q-RNXPQW89XESLHG;3+q<iD$eYYfb[a/"o^.eRIb<Do9.^;'g=@ZXNg&OGM0m#BC6^X1?/buu* +%M5DME6CE%N&sM'DAVG+eD8UD`8_cd2D<:"CEKdl0qf+8WjS=24pptlhbC8TJ7#.BP:2;dE9KY)!&9eOSJ`\mq[pSO:gO<m9n(hO7 +%j"8:L=8grPDf6"hPY,c6FWGuQPIiqZD#AClSj,(]DXB:g$u#AsI=5a55QCALV=6TH&X(&o:i-]<:iY*)S&<dBI%A$!2]Hc>eMDTt +%k&@_NRn/"nZu'loGAaiL>\uc6IlFptlgBCjr6487_V*7?DpKEl]5GsC:>>_1[LM6q*nB(qh9YOEm_A)V,(t(8NTFT]:HNTj5*%lf +%G+P0a,^ZLUZcTlUFJl>2N9i9TRpIuQHO0WO$(26+Y@c8h`Y-dQXDZ]i6p3l-FqJ\4p3^nYqWr;NP`t\19L<`0$62AV5EToBKH<.] +%_2&:UA`NBc>5B`dn=gAgL7l7qk)fPA/X$l=^$5pA]0dM<VU<tsVOAeXLi$o0j'G.^p=^J#Sgi/mKa0h!KfTjN8Kh^?,*gpOF!q[$ +%BLCD]EGl!BK'oR^Wu>$7qkX55`c'EXD!aVs&ZuF8>[P-+;N9:]@ou"32@Djp[Wmh/b[`XMg*\O/LaBoT6'r+d"[Mpg?1TjKlV#tp +%We^D@a&\9WF.)A>`4AbSbM;6Q1r3G>eFGE9W[LF[D/G*qZ<;Po@tK&9*+7-cZt7kGGV-JjH;P[a]R:R9=q7NiVZ2j(Dhe:mW]f)L +%7i2^h]BNtr6iSTiIV@r-'LZgW8k8pkPN2UQ#d9qO=>]`t@7ARD['u&OJ_6f<9Q*:*Mq^d%SlMYHk5ed'cHBTTA(nF^Dj,F)9almf +%YQLgdJu%YA9Hdt%:nM8(A68*oE!?prf8XhK>sfa62FUG&:;Z4Vr#F`3FI4VG9hat&YT$[(#Z2E3A-`*M4)"UgZQ8PJMVeH%'0lT1 +%WO8iQ6QhYa+o"5rG'putAVM=[[H*?p:iQpgBda4X3WpXHKh`W))0;boW(E@,li<_[3)d%H6q8DG"1*NP_<Z&HB(5L.O))RJ*%QLI +%4^sOe.oHZsM;CddPpfl"F:;^NS"jhH=$\D<`U,/l==-tOC8)]"`QuOaA&];7B6",Je!a!7>;9P?+4ADmq+82Xi7:>t*uR%a<FU_\ +%;nc!_9FbD1'G$.@kXk&o+g[kEl/(%=l_?tAdVj$?U.sGVlQp&YDN0BiTVND^5c'qnUE"N21mYp2mg_ISPnZQ//dg,G,_t(\aFVUM +%Rkp)>dq!i.>[;[3^ap!pkgF*g)U<-^],^(L-r`:@'m))/9C`q;dN$QEP0rs:pAj^`-;ca_PB"@fOs4hC7d"eR3L`TqH^<T0[B[:p +%nZB=^QREk\@L9JO0Lj77lR!?2,NpfiABANgS#\qkLZ2XP-g7U2%ne6MH>q[i"0--KosbIKUhAIJnA:+:C<d_7#(@g]gG0&TN&F-L +%1fR@M`nap=])4'446l</&c^k3gI6S2KbS-<htLt+9NH:gOG(Rrp.6GaX></EDiQ-;M<Hl6>JsjT;%khY3l%@O\hd%)%SZi7__1"A +%,t[]Ver##.">isu!UmiN>uUtAh1cGDk?3kfT#`h.WQk0pK?I_U,bsG%>Mm7TYlR(8ZuMc_l:$gE66(o+kdq!r5M:<M5otYHRj9AO +%Z'=WK%.Os6ce7WI!C/Js5RS!"!LNsqI%J^QB!JNWeu\BSD/f)$b6\;D9;-K3%6$4M"nO+#>D\N8#=)=u@AK(u;iJR(]hW5>M!G5o +%,nN-<b,mc&fuss.5X@A>Xbe0iK/&4='.6goDEj3N0oK]5H9i(:n#%1XS-s!\Mt@h>g6Xd[TW<Xsf;BJ&4luj2a_2VkG1_Q@!V6Vr +%0iE$#r9r"s,O,Q42,Fc*5Fdt+TH4I%JMn<@/h(rl)Y+);#F#XIAN"%Z=];'#bQPu<,9GBM'QIPn;a^%2ipk\Hc>pL0"6D+g^:"&$ +%-@pb;@/"hFP=Q^YK]9Kd(^qLYE;HN!lRi;$GK^DQGT'#\L)@nW,q'JdJH?TNV$Z`bLCHlL_CcBN!(<^k%TRa9GT+kgmLV`=f%6+D +%8D86o_:&IT!hakq*\pW]aR(2HEXl5cb?#WIlT>%B<S,I.T<;UfIQ+)Sr(Q:0kV(Rh<!bTrEQgO_A[0<`1:5KV<j!_p9mQ!a:&mT] +%Os]"lYIGtN[7%!_AY*XMfWGkc%A8CpD]:@<Ebu^g#k-5snU^NKDLiE8307)k_\(FE:=p()R$WLR1[ZE^,$?2(bd=SYFtmHEWgpJ/ +%c*BOp3A^MgeRFDhfTlSP1oB2sTb'\M"f0P4GT-,p\rlU.hTJ$o;*<QE0JS/$4n54ja?]lu>.`6r\EuG"LaE"$qsL7;*ic#J3k^[W +%JMeLf]ZC"eQg\�GiX=aB#RMdi5,Fc:S9["(s<JDGr<;'KtP+Fg5N):Y^&?C^Zco&>$_]j+XaL!:E8=n.Ni]I'tc6,!"@*MUuQ< +%$3Ukk(e!f;@gibcF&101OC_t98FD;nB2s<!jc;0@hT_gTd0Hf^)-cCoU7e27K0)4P.=bL1g<prk.o86NKBtm""8lR4@OU7+A/NRh +%@2BC&_W)&,6a1G?^UcFu@0:2C)GepA@"glBU&421cX!_UUPc@%eopqqF?HU6%,hfpF9/n,<tV8fMQ2]q]E3GrBrGK&ecXoQ3CY\O +%h32pt_@+7fH@B!/o$`I]]PFlO'<hj(5%FeDjF6L=3.8ZKa3SjQS>;q#PPXda5-2X!gBM]I.M6ANC>iT!+<].%./kr@]"K0g5B%=S +%W^5mSV4o?+5p`AYdr=/eNuuC-YuRG5&GX(fAlL&gMp_6$Ha/5(DJ]MAke!s'0mB'2,1Q93%ZdGMQRf;^hlmT("@]ErQpQ';E<aV9 +%>QIY+M^buD7i19YDEC-Fcn>iVpDfDoh%d4Si?Ue*PflJ*?'iiZkBDb0e90A]pr)dRk!"%dNHO+<*q\%\f'>JVq]7,pdoP;N<YKL\ +%C##$"ZVQ!1DLL5e?+GraQOK17?=TrhlIU5q5&FrfC-Q3WnfjT,qVC`oeQsI.Zc]gRcSmN3GdY9sjqZ1nS?dDqgKPTZR-d&EF.)EE +%a)(JhZ^jnJ).pM;1#)\fftPRJ@$Q/\D"emT]pnS([f)3=hVusBZQ8M%m=*)lpH*!AhjA8-RXS\Rl]'S`Rjm*.T;H[ggV,6MQeAN# +%Am9362U<6%GKb6D1#(G>\=)`/A%$T&]Zdh!A%)8og"u)\,KoIr]iDaklbM6hBb-gj"!,]g%/ofG=CCW(Z6RA3l!/G?ASlPVAf#G- +%_@:M"Ba5!fL2e5%,[/,pj*.E\"j!U3[c[&8C_XDb?[(k2qjHp1m1JZt/`.QrQ8DT.i;<34B:d^1MB!1WGMfQES>PE&FkM1h>F)ON +%Z`hg-cf]cKG+J4f3,[U,i]U%D+alT(oCgW"ADH>P!c#>3ccP-#HKr9/e(ai@37j^FA'O:3T)tGKrk!!Fa<Q97emfU4+9Hk`?)I.& +%Ormq[BCt?5;gd&X.Fsigd/gdAYFE#0X>bR5G[H4DG^Cs_<XojfqsDoYj16=)'5Y(Sf,m/b?`e=te!nr[`9[/ep$?lRH.X&(QJ=S8 +%rQ.s#XnK'g)"%94NQkLN?0>(<ZZdrWB)!t3HgWhb/:#uba*P/SqlFP1?`phWB(OOXbO9ee`dFr$qX<^uCHScs?)uS_L#2Y?J-5Q' +%IJ%'W2`P8D)&[U*'>7a3]kZEYSo!tbni^_GN<8VD+t$+*)p4^<92?:'1*V?>*_B3K`+C8KX!6hf9f#/>O-kEXo>kkE9=gLCi\o$< +%NtYB!2,pdb@,5,M"N;fo[g3d^3nL(nQ*_PD-IBEDJjU2UQ;c?KX,G"a8%])^""J)C&.qT)86[8d$*9f]OR?EIiIpk<)-A](c8TUU +%Hm4Hff2M.\@h$Qk6t6DFWZ4G0cnifgStr0\235ZuW0f;[)u*YX"<nM#A\SfY!*DXsJM#t2W7m(7MpSpH'Wg-uZl%9OS^j0.JO336 +%isoJ8gF%!+'rIi^*_(A]WQq_*.2mD35&Qt-,Z?I0T5:ocpZ@f/j9S%]Ak=Rt#J_5V<a:R1`DV4`AJ-2ZjS9:Rbaq7HLd`CdJnXrq +%K.[=e(ne`*A5uPiCIoDr7Of0c/W#sqb/:oOk(e$090-mV2)d$n9jdfr;9TR!?@s`g3D%>/QC)<(8;9.o<MDeLB.TNK]/"&.;HS>b +%r6WuJ9U'Cn59h(:Y%Z",igM;F"_IgT(r2Y#&HmE-W94]'Eckmu!@V&49tDb8JYRX8']SAd;5a+.Ks?mNV`nt&O;76k#]5bho*fqh +%gjL?0aFI5qb)RtB\AN*'C`WD-`k5DRR-@uopZo.>MHIUA8P;pi$7XLK8n\Fp(i8IMZac(Q%qCPkML9NSDBhk.\tV#Q*":1;;mjuL +%"(b`XrQE&r[O#Bb(eqnL`mQ,Gr!MJ7JPomH3T`ELUd/ZkeZE#.3,s8-CX:nZ9m"umV/D7Ke8(0iR"D.A/q@LF7D=f>=JNDoAVG5& +%>7YOPbti$ZWAJ8HF.2Fk1&Ld,;]NMra%2(b"\2JE%B>#9-t2Z/T((Qek?^tZ70T&G'#+JUU@C&'+':ji)D4Zh@6n(;8h,'$0R?s0 +%k\2k<RYTN#Ce4bu=U.KX:@@%_:1C:e`6VLrW0D3fmpu\@/!FX<nP*5BR)@b"S3j4O:=6"k6D-?<lEE#-74>:*R$3t6-BiM[N'e^p +%,K5HeJ7l;gi(H\.YqQbieN?1=3%,:VQW2Fqco=G#n=FVj>WafE#q.PfSumt\H"eU#pAsbO!<T]$U_tR<5%rX*3=k1gYXES+:#_<_ +%e6+[X#4"+62]=njhebQO7S7]'J:p67knc/N-@f3)#Pc2fk,"j_DHk^q*OHeud:'fr[T4s%WDmiS9^0uLdrh@D=h5lg&#W<l;4pN" +%K6%U>%YS><&L*MnR\6dj<8slZ5LS+\hG3JF>I\T"D&_V,\@]Y(8.t1Zn.Q"+9jU)?9BunX+k<hEHqs>C5I#+e8F'LV>DjiHi`ok+ +%9P&rq`8fa[6fSfr)7IU6Wp?+IL/:=LcfD)^PbQOmH:LkMX(7ET86!c?hpC#HGG9g;%i^?"D^G+eqeE*W)U#HFg`>`mA:@Es`8f*O +%p_G$.U6K`,e1/$?&TNsNU]U[li*3Qsa.UYl<qe?I7,$)E"+[h6r2Z-i`3-\!.V<:$ajIqDa%"-c1>T^Y11qa<-np5"`FPV+oMFdo +%H.3K_)"7g"\F%B48_/2@Tu`,@)r*(Zr+O!K,2#L7,oaiXPkDg'T/<3d1AQ8gbBq\^dgSs8gcSJlZ%oQF+0Np$BItR7>_?JTKRF3# +%GmI392[t+%24k7?:NbgKG^^XCPk@E@Ad->qD#&1ocp2dj&!o0$AhV$cQC.96gVe]GXEC4/<0loChB5"7l6b;BWeI'q2QQp]0.9>q +%[p1R>r5I,Ecj)6+l45,XVJ9]NN"\X2g"tJ4T)%J!r&W":+#1G&eaer2Z:##05!i&g9'>[QnN^1mJs.'"fqr+*W;UOeDK=@W1-WA_ +%OK1;UM]k>O!fEK.8qIs=ShpXW0D&EAW<&'sY2@BP,N1b]6VOuQAMAVS)9eI`eMV>$n2u_KYom*mn8#rFO?8AhF&RFlX`Urc?8Gf[ +%FVJRDTQG<n0cB?n6Vh#VlM-YpfNZi&a(gPbUM?F^aZM?,A74\3"Ms@e20XlkL@;t9^MS<7F+=7hZSF?ZiPX/k4MlcH@jI*tp-cTg +%XkDO!iqS#u#>G%.4%$]JR/^H'mC3A-TnFrlk6.o_,'*(f:O;N<oQ5nP#a`CScXj`$V'amS&S@PCF-3-3n@qO^#e\FJOT$+F5l!V0 +%(2<l<Hfe-Xmf^R:ckPR"d)BIe\fI:h$&9@YR"D27*q(L;J?p!(1tHmn/;sEc*bqoQ!"Zu]hYF7X[)6q(<*O1hQH)@9PmU[E")C*0 +%V_MaD(iAcM:hW6[K;rc*@nHoV.aK9XPR!p4e6T\6:)&Kd?NSQ0B:+&^JL_l!8:.!c'HX4m6dWL*jT?FJ_Qe4mVlj]a$J4("Z$?jf +%p0(p@_)=&6^faA(KG5k50)2T%I4W==%\!tKIllPFknRqpD]s0fi/@sZETlNr45s@=+XlTtd5tGj>R27bYYS'jjb).;XZh]"$0"N' +%"(N2b%b-$,&Bq5749N'ob&]<)[%E%f!;>J;.NY0J"ObeLWU.1**(To4<>fn*L57u8]$Sk3-;kYlD$`Rtmg<V'<HF9A3dQkW[%\iO +%+]<ufJ8hkKJG`.T9*VrWa#)'p#o,@W9TVdQT;ub*k[YaeJbinq,`)f_HgEco]\NcG8g5,3+LuR8nf<K%66]C#8X"8SP%7QHY?lJ` +%=W#QFO8\:#/s.Y_%G/RUCU1G%W>#pk/r""+^/km_3@f&VNi3Yl$uffPUrR,=7@-.6?Y+Nj#hb2nX:(a7<*_0Y#<G!!,B'I>L*<a. +%L*gX]BqJcfVE4>La%&4"*hoNfgt[QAEE^"sjONEXoY+F"XC!UI&D`=X'qT+n5B[QZ/\"m;rBo+S"?uD:d)X2%\G)D)D(^u=Dppe? +%MGg-IT52ui5h!WW#W#l;%N4l@;sZ*>^&R?-pPGsQ=Zt*3#l>&`."p7eG$h!8F]Ra]a%s\"@;_HWhs#ObOm%0(b+KL`.qtd4!246' +%DL?YjS79A]88t0'-KQU?VPppJ*G&e`diY:AS0G%]fr)VC/7PQ0ep#=,e9*suB%IdXTO&?,72::]pTsSt:2iY>X4N"ZmJJSjN/+kC +%oIF%rOT,Ig(h_8FlbRW&H+L8Mib&6O@d3Vs%#.?A@9D363KS?o"BrGc3113o+7$1<HgQS]aY\s&$S_D$^$ZL6c8`W$Ge^3X_H6CY +%nVQIPQn3:%W5:j(A,$#_CD_JGSAp@E*@c!E+UGg$aldsaU=Z_6;kdQsj.KpWVr8*4nIfEs.\&5A0#K0E8bap1^SriF)9f`-$h+pl +%CU+*18G`P7QE$<,H&%JmU[#,-Wh\I\`eL`dLcmA?AW)Z?hNctQkiF"X@C!=*%iKo=.#i4^XrTR:mE/!'HGA(d0M%'h<Eas`VREK\ +%#`7qh7$e]OEQN<:XYk.2Bt7TnZ(P0GFNHVAoan,;iJ"B+IBp$u-GkIfE,m5;Aj,Ghm7%FpRsiK.,"&cY3;(&L'S'BA-6$KGAN71c +%<^gG0miD5OGZhLYnZZr8)8L+0E+jP7OK?SP''GWF+uT0GK^<l,qO)UJnm?k92+`X"DM5eF@puFTc?:"#i>=Q:Z$%blk[3]#n.Dt3 +%6mO?(`l0^-E4WeT)+WSOhDnk12QYAdrm0uUO,VK*HB+p6,cmI"rjY4'eB(2hrpY<d(p6`;qdeq)o-TEA(PAW(rV3Ot2oh5QZ=;eO +%@`\$-0_fnRpj*A9<2E+TB.bdNBkNB?(o.1;(GT,JZ6K9u!^(pTXimp5h!-fGW!tOHJn,l#j]=MY,s=V^:md4K82AG`,l&i9!&8B5 +%rhoMfr';:?]ssjQ"ij;JV0c2Go>Bm4W\*oAY%dKt`RoMrCN;.CPn7i\_UBbpfq!cm?;+o1U(!XDPHmIK)%q.QFa0UJ"@*n-BL/VV +%ccA@qa#ifORBd`m,K)A<[mM$,GFF<V4&'#On7A5P4>n)F10CEXS3K]/!Jc%?5#ZgTo;m*F0Rfh!7gs.[:!'fkQFM)]d%sFS$D3"Y +%@b=j30<n,qTt)j*gd[#mS5Z1@P?rWHaIN**Y=&!U#<OBXO-Se%lZ^!^j^O)E#N6(>@]R<U?SqDV!on4/]E/!>&Il?DYtYNa;H%mH +%kI)qaPfRa__3%uQ3!G[hJQ`SE`HI+#PpC@ZmS$\:jPKN*da6`H:gjgOU4qqN8Q$OH&Sl_=)$A!HD]AY&As#1+/(UYrgU8nK_Su!` +%%LiYX,l("o'&ehFdMA/l%"esT8EmC\2+oM4;L;%K_0Tr['G!QUYDP=,Bn3A&r1UV"ST0X6&edIm9F/BgP1Xr:X7jZ:'-U1i=:%fE +%JIlQ]8T8hrLLjE?>LN)`=M#(Igt,-]ek*WZ9!YNTA9Vi(SV_pj=EanJW!K,-1Aq?'`]ZH:=C$iK<%*74E=/=<e-K)GCA@EGW%,T9 +%/SIsC7@tBoCck2oL&_Xh0;0bM;9N.<i3;2cQa!1T[Kd_n&$/YIng@8G;@TcJ;jC8nrV*LOPG/>Dr;D3Gh1[j.06<X>+#[M==BrI8 +%!4Xm5o\'!)r](T-,i[6;Z\m!;gssuZrM']56NP'l5Socka!5lW+..%u5uS??npmB,_0H[r9p&a]k.,euVoD=2+d@SV7\n\C$n)=P +%J=*-33U)nm.1WgVT1kV@8HY#;/!aU1aCrCU>?Z#cl@KOt:;@>435S?o5%(?]7jc7-MpE(/$^7jTp%U#S+>(ki9O\5A;)XAo>`c:J +%/Ns"=_.U<@0>eX%5KkR:I)E0H4DX8g(fS&(X/=?8fNC>Jg3/Zn>Bm*o[`_[iUT8ftq)sZSF!3nngKk:F[S>*_/.Tb'(Y/H@L58"S +%@GD,"7iOX%SVk`JN3Mf7cQoAhN6`P7Ana"rfH*NHMe@tC<NVb0Z6GsFJmnHb&\,[p'Z2nb+i_H@;.Yt8!/tA`fab?^OSj](cHFaK +%Eor-+)j7X6rsB:$<@"';U\/sqD\3DVS*u]hp0J(qG9&OU!%0JB"3V$o4;:=GYR_]L"q1=n/JHGJi-C8*Q?8':>coa+f1=eJW&u(W +%5?#O*!^#LZ@Z\/CDHYO%UVNF)6^G=.E!X-fAThSA..&=(AXnr5B:["%KO>0q=L^fH`aXLR1KfTm]5a9DZ;^%a%22L\.n;`Ba!,<m +%i%^Tr8X=l9hL^tU9\Pafc/hJVFoO3:BB3r#KD.lpgDWP?ER6-I)5J5@U,7!/4ChMHFsE5R=?j@E/Nb'2Yc\g1DP^T[MIL>9^L7O* +%!Bc*mSRDdSK0dDZe$PpY_T37%Am:0*e>?JMTt6L^`^chMEEkgYT\/pn!T`%CcS/&VJjD"m:d6^eaZ_m37lVT6T)l54`.f.;aqX90 +%'<<&'UGG*O'ug)"*^[jR9"<d9)8b:g5d`?u"a[oI`3#TM-jlK%C$Sun+^_kj=$[1\[D3dA%d&;(:Z*tR7&#>iG`eo%1SK)#A8-q$ +%oscAI\[<lj_F:GCO8G`.'ATETQNYr_\i<-HI#R+FYVLju@AF-YV&N55KM[ioHV?iU*>B:qGSg`m-r*9A`j!s=-q$),$@dtN4>tN[ +%ficS*Y75Y(90ZY`=Dg"pUNsa_@Np7AO8#M\*J`G:j:MEe_$CR8I3CG48;P<ca5KQi)8-WO+Yi^nna9,3?:%m"I\<a!.&F_k$+!Br +%`fF\CEh8lcb(osK/m=D%IMMko]i:i]SP;k6]I`n.#IdF(W[*5ZOl-I`J<,<_kL03X8:`c8qOr.D5-tXMGCOJmOGDF?,,5d)\QQ/[ +%W@=qfH7Vgl;J6?f2#&=-IS/+lJJ[qSH63<JTJoYsc$b1q'h4KE;q@!SQ<k@k=O?N0Mc)\<.3@EHoUQ,1m?4<B0Jim)F2)fh.&#NZ +%Kn]1*Y9[*l%iG35\TDSO*CblF2be47R)9WJdKg\%@<-:)pYj?,ADr8%lCd5c_9gOs-%TX("RR?Q@1RIrG+:OX@3D[$3%,sCW4Q/@ +%bMg<Wn!,M%g@G_]:kVgc<Q%-b)Khf+jtE2$2=b/-+G"+@Z]PZqRA+L7ch.-]5D54/q-7Fbk'kaYM70Q<8l<oBKd,n(*B5U6O[$<Y +%#:%YqNr#`GF1qC_(C&?Jc^hiW'FLtN66A"rO+U)t$s[g:\Jqsu;lCC+Rh;=2QWO&?k0%P$+FZraAc.PH?&#oZ_MHf?fd?=:-!l^] +%#5#.04uF?:B$rG1-A20K-Y:i[:1;O1;YO>@.an/%=8S>\j!?(j4GZSKN.r&VWWcs`^K5lNc[bP<iP_M'KtIq0;n3e3!,sta5c35Z +%(ur&d$tVeG4<SR$9Q_[RF2<#R#G1gHE34K%3%d+qC-BX?04S/+?4sHCcG/=oai;<\dGW`iO=2%K@t&^:>IQk*'.;XgDOL?#+RpE, +%i`#*t>"It62Pt:7gc-%#-(\Z=?qY`r@4S/M5q6G:Z&bRMRC3"p^5,b8]jiBP[-)mPE$eEA,rR2!aEXB7+s)Wj>8[Z\3LlfKdMW%u +%GTCThYHR\qV5.5D']C!!``t;pnrVi.*\-9mOh"_=1$%/NFkr\#e'.#,=n#PRd3R_1XW0?[U%f^NI-eS/8:u[ZW^pM%=5HnF$6oma +%9-a[=#dXgXR"ZkrE-VXFEE<S>hW7s7g:bh!8tT_#AhloVMMV9M/6N>7i,`F<Bs3ad*'=)VD38SFgp_b1+=)O!6+RM:&`*D])ai<s +%%m_+1@P&uGm0jDukh\JEH\$IHPpSbi"Z#ck0Tc?N)dJ^h7O5<qm0tV+Lh<@PPC,!Gakf(a)P_?A8=pBh%m$)r9D2(V+`X=s*esIF +%Oeg_uZ/Ur+%&D'SD,$&\;jY.`U2jfbSirFhC\5m!#D<P/Ac,AR>FLNe`jW(Y!dHe;"4>['nn4$f.1%Brom$iOk^F2J^g'rk[@eU= +%?k0C@\7uQ^T&jSJ?%m^jV4o4W$X@(g;j2jA3VU85P.eI"2-q1\rTU=*6LT!ELoD/GS&@-PVer'Al7'/LJct7;c:-[NHTus9)dAl_ +%*JT7Qd0,OW5d^oIW>tmQD'Z`#TXXfe0q"*[$D^RdBZOc*co(DQ"4o<^<KFuV>>UYhh.#N)Y+G5Ll^fhAO9K/b.FH?!0fkJ"JKb8f +%HhS>Q2"'1ljWDbl*GRq.$bMl>4"N0or0[V-pYuh#hH*[7S2S8aUp'alY,T0TL.(,'cdYnCVO16MWu5bLF?YV>,$KM%JfPl"fGf)= +%eO?/kp#lo^B]f/X1.Rsd\r)+`mMpg+bu>B@Ye$'"WSVq/Q"T2MZG8B2CmetA?CBl?:(!5as/\(7!pm*r&Gm@<>9t_E0;_\Q`SQ"t +%Ad(D#`(e(L%YI/m1JhA70JZeh$Qk!U<X?*5EAs(d/$Bmpj,gD*.BZqH?r/Q%aj-mIL7dcT$75ZVD2O=N6)d,eBp'YPqnbS6k--'s +%MM]^OWI.WfeG$"uJl]Rm=Z9>F3N)bn>:(Pa>Le'cCG8mn(!lt2#1FQTSUl/I6p+Nk'VfIo3t2li":XT7Vs99s$`MgdPf#V[+=l]R +%P@V\.?Kj(0[h4-5*Gq)p'mNK^oN\$.pVU>+EceuZQ!SK@i_aSIMT3r]j"QM]l4hkNEZ?f?.!T-A0O8*=fL<7N@&$`OFp][d)'PLn +%Q,=;nNa,=?n2u60V>sG43BKD@kE["\JIn9i"L0.=1o]I^3<$OU!mS9FV,1>l2'?86%'inl-[DrKW<Ung)*#+)?uG,*1c&,U'lSkX +%APahZ&q0YQktLWQgpHGMmtPP\bRN^G.Tf<iW?Mt]BKTffCVd7>_O%4X..mqQ1ad@+2oj-Y.M=#_^>ON;"9-3Eo5Z[m4Y7QZf6.bg +%ZEt67Pj/m)""kJ:mAE!7"_gEY3Ng>I;na"\TtL`r1/I_BoFXfd_`I3S;rF*\o-!f]2h;LQo94eh_lkR_F&<YHdE,#s;sfl[AJhBd +%.!mRMTkse2TnJ5((*+cDZ&l!A:7G\fJ/.4B'Lu)*(C&Y_!)!h,:L)I"dA;e.PB;2.hnT@+O<COd_q`TN.jk6r$ltlbRUbKBMeTK3 +%@fjk\_ZX'mS=F5*lC6CFrFk+s)3!!]CW/!LCHDh8c2Xe\qKL3#Tb%^A)+1Xs^n#'j>l+Q#-M'?Ie9!Bb3tYr=3Uo,(2T9a8WGe39 +%c4HpbU:n`>7Q+6J$Fm?iEto8K<CTiNlF0V%]p00OTCcL$SRafl2@B:0YeMq^l%ngj#d^PLpdgN<'6*:X!@2o`&.ZV[Mm++i/A/+N +%mho*HAi7"C&^6X`)Mg@+EcQ\/iA4mXk&!1mE,FeiB46@/ZS0fj&T.^KkA2>%@+%j(a"V2D`Ci-\[AqZk7&j\6H<.'7N#/BA1:bSU +%ikW!5Mlmjt&Rg)]EF)p3K]X\<hl!qd0>c%@T*'OH$mk$nb4@?pM]IG(>i2jtl9rBh7oM:'Xb/bH\hqQ0`#b(!$Z-o;4QdnV&ljgI +%m$M5DWQZJ9@HS<+B=JO?U.%M@1?@\=[\X;I>IAV#kd(A)#ip$%Z\_+&>0fTA<.6^TX;"b8^s`E\!F-,p`p\P-N8rRl(Vaj515&C8 +%NN0r^C0Zl7*%H>K1`e''1!`]j;A;]F(I:7rLT.kJ)E%:DKg77,UR8<P]'bT0+/k8F)"gmu"(U37OUkV7e7%oSQ,-`+C_5I=]PiNF +%j1J&+EXQM\UFS's]2FF/Ma$ir,,@D60=&]C^:8fH\BEjn%2%c5?s/CJ<7-IKmc?"]7(n/dNtM,cGRo19Z\>.-4Kf-<edSq.hLEU5 +%4P8W_ZRSYo!_.P'=m1SdH*s\@^*q,$3j'R^0N^hAb,poW6q(eD66RP)5lo@V/47MaYnb@\&3rV.$%>`kX;])4<GMuj-(^UW<PO;3 +%3aJf;7?in584uW)5I7+XPV-CqDn2<);#nb#[!QU$$uj>$T2A^>/5nib$u_%\'@`bg%B`hc%gRoi8f1%n@7_kL[93b?)S<CW.:ArS +%N8rW'qR%?<N>C3lqE#s^P9"foJQ5BuI9=W217d&dYVj=Hfog`Z-qNs/[no"`?SOQ$_)6q,"A.d]S$NV!AUo9VRDb7+E`"_!H<eF0 +%bG]7u_XR((J>F-u"8L]dOs4/E8MVPnP?^Zk?7!E4Yjdo.`PskE(<@Yk:nlrTmO(2.b=#tIBf(3*FFNY\cn1.<@FH@H5Z%q9)mj4( +%fTLl1+oG6h"9WjQLoU5$]ol+&3r*'+I.VHsRL\3NZ%_]\L4&M>F;hhTi:6D&4$-r,\I3)%E%n-EVd]'eAoX;FViF_,ernfKK:MFU +%]k&sDVfb"ljG)>OTiB:C7?Yapmt(0(Fc?>?#GMS#Eud*7_kL9]2_(%+U@2%pRrrDao;4<Wndr8#FVoB$QRdbLKAJPI-0)3qD'[kV +%=87ga6-JQHF\7'lp'!ibZ(ZV'bh8#a,dt'.jbE-,l@CpYE*F<OC`A?PpJ'-e<OH<jVdXj&L@hd!Q_fk0h6`m'?XTm<$f)u@J^73g +%E3.^/1e/ZG:E>C>MCJKD[/:Y"C[;a8F#!HJ8OrNK.8uB'Ku7h/Qj5/iZ`EZ3')Ft`QId:/c[?)1_0k:+`bkuiDSc\ijX)0#9t=so +%Br]0@B%KP#j9/n2`Jc,i[$/[Q0)#hM%K,u1]h3f?j.VNJV][eW`\=ffR-KbjMtt@qrVA,gXdic6#TSVnpsD%XMpp9+1jXZ_Y?-KN +%b0W6T#J=u[4Y4.+<X@p;ORFZe1RaO)]Z&(rh>7RWBL<rWVT)unHfA/U*<66fh4Z,G[Si(hM%HNDZ8#p%L<"\ALqt.`'Ys4%qOW53 +%.EMN;Jq5-"pTRJS:=Vn/M3Y;B`"=jmi]YM_nMO4cG0cGD>1$Ni);TBn&?M,n;<iGlr2UP0SZ5#pWBBjD%."IiF,jm1s!((H'drdV +%dlc;H:pQNlnd)Z`f[:>H.k*A5I^.V=,a;h,IUn06@]74HBo*rW)4O=lP=CQ_Ze(-'`,W+a_0/i.@qdVd[0H`I68@Q^Kt*n*RZU%Q +%2,BA0E!Urm`"u6)(_:("/"N)^7n*agX!WK=P<KN$+94Whp9Sg<72]Q:4@]lF2&8O>Cu#Oodo"RW8PeS/)V;e'\B<M&X1;Rgi$_FY +%>,Z`5m*<FcH!_U\\sG]*\HU[V$/EG>F6QYc%,@k-\fmSOi2Kk(.W%NqT1R.umd!_&G\utVo`S!qL<rdkm>!>BAMK%.4:K'%&&A"W +%$G-.PkX/41;_VH+;a2=H.8T)gjPI3'l!dCsEQI^94cl&]#_*Ds;H7RuMZCiU)bBfnL'1m8H,-P6T"-B8jl,!I!hu#I3FhkiG=Udf +%`d<;aTrD9.mPqJ6=bk&B]CL_tXIH;l5tO0Gd\]@]?[fRWFf5"4W58o>M=;N_VFoYIWSq9Y."s)L]:4DMhe(dX=cjTFTXOp*[[\oH +%:EAF<,Lgk?C5#8TO7uaGXXE4XDnIDrPg$Y38J-nr%iCo&jT`%ICWMslP2nPjXJ98*Q%j%_!@pcb_#-bOYZN*0!t:\r_i8f-ZA.T/ +%@/OuolmJmS#P,ZM^i3>/WrP>$*2o/kL-0L;+1PEH=VEt&LA<$cJAI'k^D&OpaHFadUM\VtLF\H\NrjKoams?m#5\kE5%HgoE_m7g +%RhZ[G,`/.J,=F5%6u[ks[3W[g+B\^M-lAqi8#,ndDSCNtbYJaKXDr'F>D"jpKit\YkW9RF%Qd!2pf"qu'o'ah(!2E]#L:mN%CeBM +%A7-u1XL`WpPBSBZfD:Nr@*CcOMPCuM"@Mquq<Om;e5uN^!/*#a\Z!G?)oe'#JRcO]FA\[9X&HGCoa+`)IW9'7_8@uUmu87G#".5K +%JD"&:+l@p`Q:6qeEH0cf%c+?MOhou4-*\7e)C#(EClb'oBd(`F7ZAXR?GU)8nei`#TYG1,2%?UFP*1ZU)2K.X7JO6[]%'IU0-fsp +%R[PkQ?7qRCh/s"FKaUU67I.7rA^OU2q*q!`-Si'n#U;4M\8[U@,DHMBKA?*:]\ZVX%-%K-JZ3+\QsP;V9il(u_SZOI(q66#&b5'[ +%)GG_@=cIs]43=G42s5=_5#ITN,IpHCNXgPME0fim?Sr/t`b%Lmc/qb;(I;<C?'9XP!F(5Z^Za5gg$EaGW(=dL6KsHJo<JFhQsN9+ +%7dlsUjr**LfL,*=mpR%5&?2AJ%Bp"UB(OI5N]'-NDJ`'PhS:#bF9B!!K!qRr77^m:Icj9d>l'H,PT\/.*Vg0*eP:*l"]%3.;kg;b +%h?Hea)EHOBMrH]HiL^]0nGaFN1_lV8kBA!.H@^:_X1H]Ak-k)_mkZ%>llZ#p\"Z8(/rON07>J5QCV.'<:d2'M<Y+3#qbmTge=YT7 +%jF[Z5@lpb3"dIYsU[$%O^.2*4a=R70i+I3Mda7i'c=js(PKpP?2F8QQR)LWkqn3FljAR^\*I.lP.J>a1dI[E+,e2Vd0n-qlnd$a2 +%Zd7ICE^.?nC9[d8,(;4Nmap(d1TV1GeI[MOZJf+4lt';-eD7nbg+Y?>h?Bm*,2QLPC'.i]!>9I=N@M#4MTb-8[SJ0U:s_3U$iZk, +%a3<DR'<7-6JYPV=rYC<Q"MnI&^.i^d?TnD'J,YA@r;!Pr_`LL`1/gs^g4hm.4n7P[c^RZ)<hh,cW@!%5>ZY@5SBj*`7;DhO_VOgt +%%)"d@7n:nTR&n"XG-7eOrGe_>[T,J'C2,4E"<S?W#$r2K5<`'[Vs>A#-J!`07T4R#qtfpT$pRoa*4EZ""8E@M>!:>Rm%+;r)=T8O +%ML.B'%iFn`MoLjg]/eY'%B=4-Jh8qIAlY_]H?qrE5Mha#Q\Ts,m:bK]nm)3lqk-?(31%ZSfZ;f"%KsH_GD\[E=hPX/k<<T=;eCP" +%G-<,p3?$n6l/]&&P5%IoR'.\IK&EG])QSgTO^fR2qW8MVC2\*!cgG^QdsVhlU;0*X_N*_T&tG>]1UK_aT_H".`$PW:j"t._M*2q6 +%&,cA=HLALFr6h4G4qX?3A\#%N;9o(0"s7%mbaM_sE.7Cn^_T5KouVaQYFOUrg8.mcW5<L;.2](c28['HULMQap=fh-AicH`e;^&^ +%IY!>mX)o,_,4T#OkU<`/1&D:15+aMJPLqBJ1oskZIHpEb?'"c(b"jCG-*HIP,,E6l$;-g8`;l9X(:5d7P_OKL\ki,I+5#/\"L2tE +%:VV%Dl8Fam4\\4.a(*e_=d#"<P-GQ$&ALusPN3hJoLtE^?HuEAEp;[75+:Fr(!8it,MC'.A8+38[q%f+NLMqGJJ3MaeVTm1`@0`^ +%8-G/FM.o<!/GRlhDo@k<f^u^>1m'kd,H"#OpWf*.pP2nE_,N)NGPsrZ_e`X)2Lr\eR8E/0hB-$VYi,\9?2K<mT8r;8D$2Z/$I)Yr +%AW"mrSF956i(0EGbNF/EPMf+ZLm1V(JX$D4YWS^[)DB(8Sklh^@_Ig5'T?;Ul/8VI11>tJ];oK,l00jkr&^+?0JnQRS33S8M=ZG& +%)1qKZ_RJ')aaBP-RU2',oFcU8<gL'AXJneq-1TNKW6[[G%u:*)*a5-ra1KM$CX;T[fbo^o6dpQKAPMae.)h?%IM>[9q2@ODBTgU` +%s8&5R!SY<_>_MuJ'r1<0KEr`VHp$&T)ps:$S>1A#*@^6j/8_)U-JZ_McgdPR;eJHLWHei_pIQLn.3MsoVQFiA7i>q)dMD[je3J)n +%$>nk<7kl^pQ/..A.8LcS+8om#`N4s#!$mE:O%jDa;Cbs3BDQ.6OI`.D(c"FdVRP6Y,!MgM*t+pVG$a_olIm^IZo`g7$38AU;"j!: +%U,r6s(*s)&(-UAu&3t+*nu@K2W=b6%al'/c-F(S2I+,n/Qk0(t^\HcqWp"P^HZ^Q\YTf/7WJPZu:Pk&,0LC#O.j$4RFpO3ac$:9] +%?2e;V@aV4q<a_^G&V/mr.4O^"_U)4cHLDY_&kbeanB<eL0$*V/B6MJs$ga1Zj'g.GpnZE<dh.Wq4M3:qr:T`4J$J#61(eK:8qD4V +%_g&iLll+0nmrT9hS/.\!8[AM!<8I(>TXoH7/7BXCb#PD+ZCHO'0;0%A$1b%B2XNYucgIk(g/n(_Mkoo$cBLmAD>"j2e)g8qhd,Z- +%l`r$,D5W.e=%ZSiN`?+UP(6?D]B6Z;0XC4?0<_TS(<htsOg@CD]0ln'gc6ek0Wc'$YQ/RM?/3PXW4@\hq<_:br7[(c?7C[(e;Ho2 +%7OpA+"@jJ]<[XU]1L`pE$ne3eES+$n"?#JdmiD&ZjY4aI,%#B_.tUVd4`j0KaH_:S"%jQ2;qJq-?hZ)TT+I_`*#J4)0a!p"f9gVH +%ghOaY4FJhKN0/)!8f6%1J$d&9q0CFqYF`.h<4$(FL8)]ToC^/)CU5MUNoMl/=/"YPKYSHOC/s_NoH!O6.1^IYfNc=&!D#,Cr6q)s +%aM[YODM>bBR<4`@btdEN@5M6r4u.5.%7;UM!=;qSo=9ZO#-aD%<]RO<*WU%GFf+/<SXOQd7[AfugT2l3^4#G4_ps`<<Gg]&!HBs% +%lLSs-jkF<7?=,cC3qAg^n!ul[3DLA=i2hMOc5J$m,m+XSC^@!,M%iqR!#Vem^!1"fGu9aHkh_U.S]OK$24NAKrW&uhS#'PV@ED.B +%PF!Zn_<]m/Y?OL/i(N2YdYp:Nl@L_-_cu?re8DjE=h/njldGs)Cqk.75YZ",gjn_Brf"O[>m&s\EV\KcbG,M\&3<(&*n;b;=bspY +%p43;=jl#ZNRL;s>UuHI<[6eK%WS%.5=-%D?.L:sRQgiYS<G4_3)RlS9L8bp[gCfM@FR,<!NiCHK]%'TR9.-\HXYl,oF/6.JiIKQD +%R+%).A211rnu,4<p?aSa\D\Ci!d\L4*kk(tE*M9O5g>OFMo3gm3L\_$Q&5QJOjCiEUL0-USX9d@H=.Otg:+)X1R@F]Q$]W#6OK^O +%/UZ19@t*S\_V'YPmp,hFRBs3l5d%tDVjEOA!N^LulMCCi4<5`ics'0PP#VaE?ch)dSpp>/;m.tdS/n-t`\jD`$$i+V<7QY37Pspo +%8,:W:>p;iDB#Q-^r?fRQP>rcEEIl%0f^P7AEL.h0SFoih,j5h"]KbT"K9Dr<*eK>"-qRKp&5Eq].VVat39-b*,:(/=\g\D50mo4. +%P7$6@5<qmDb_>89#e/"b<E<Nu[7p9\?+\/HG!$n*RW/?p]La@MG#FOr8o:n+eTmtd=c4fqDGQsa`1nF>9bH/O4KUN<\.`2=!Q37? +%+!0=a-<\Fpj`_cfSSoYEe_hCB,0COc[fG:k[M]JRdaBchqkL],NBe0/UE\\/4QbT7n0T#='NHVNb)Ra4&ZV8+bFmRB*#K3mdeN1( +%,:rGdXq&_1`N*G"<Xn$0\Mq9n[#1=Y3K2',9+YQVU4@72;rTI61Equ(`c36pl*6SJ7^j4mChb1oJp#!ZMs':AP4^f``K1Y.0N>Yr +%daB\<_9@I!FD9<L7\hiu`,JRrQ)BIUT)8>sV'oOSb[n6R&>]5'WTo_U1#eDRNPI)!YU019=c4m.IPI/0RUUr?&5u8cG-0//:%3BH +%Eg=ER^u).kWNt>2.XDdUKoTEh1-s#B]V::5CGeBJq*!_;X&sBRgp-3<'bE1$KX2Jg`bK-R.SIAb5Y:i)V@]-nYBimVIhEQm0nkH] +%,7LqLOt`OPU/hsg2I^*o+dOE:N/phaQfWUhM(DqAR)@iZNq2F75'g6Yl:=BLVUoi'[umi0mTa0G`fmPsY0Oa$/@_&L5.J%=d?c,6 +%(J&^;SJ(CMp\PU%_/uPe$!?cf-s5c9]#glf6Dgd8b>Wd'mLKRDiX.Fl8d>=s,8O0>^"LFG8V]T_r<Z3R@Btur7&]f"UdHAFSXr/2 +%=X"(EVO*d$F<@Lm^iZ8IA=H5)1.d(s0]V\6Mep81i^KN7S)^9d#:<!OcC[fX4\WPO(h\\?q/eqZ*fDUm+B;:[C?+>U^M#HT(u%aD +%?"ekWL]>b*mlAom=K*%4jXs_:/=V]g=S7fFP(Ig10&URO0tJN)0;cBbF0-t^`><V:=L"!4Q1Y7FJISi!FTm"G$HKbZRpjRI/;847 +%7;s5Wc`qZSo\?tL*#W)=PZ:H'\&1u;r3Gdn\/*T[k$6H$N5oQ2TSV?]1r,uX/J>#br#@54f?nae!N2E.crm$i:\&P3\q&9u<h#/E +%N$L/dY9QVefj[rnJ;M]ijNDpsglM$;\tTXI?/uImQ@rih)c?j#UIknN+Z52I8o99-Me=e:.a_rZb_Is[hVmgRksR'"%OBmPB99R> +%:R?>_L!I3McS#h+*agd.(!KZAZ=49l'&@Y1,%m:Y_8*S>"0XXUpk6Q-R7VsN,*Ljb1<;1KCaBZOd/.e.M^GK[a%*fRS`"B<oU!UX +%2gW(sROjA+GsT1q$nqE466oh9`*okj<uoB]Pf'i*ZE;r%CST\riebWkeX?:[Q,+67MDiE%F9_6rYs,arB$!YD6Hr)e,_7>a'btQB +%N1n:+q2;]GWK;m;jL+)H0+IUI;UE5>L>6!1bS3rg,bImr$u.k&J0hKXTEtj@6MI7T!BD)"9-gOH7E4B(/ZN6]6N-Mo>gGgrPk;\Z +%9hnsD]c;kAL]>;VB/P*mq6c\gk=LRH&)2URgcg$"R6"nNYOeSPImg77s-lQC+d($Wb'Hl"rC@C$>*3S4E`PmK@hCs8#+b^)5\sHs +%YoBQ;QjE'`S*@&PUj"<a<[?CO'!b",OYW>;&VEZ^)O$b#7d>a"IC_n2d''86hkLT4mcX(@SY6t$$<0ahr8-n7"lAJ^3l8Bu+eD'; +%W%D+r`8J'8SN_0*[a7*[oXAHJXq`Gij\tSH>SrX7ZdZi1LJI-OEH^8^#ppshcgVmAG,!,d80mdi8U?>V@96T#gLt&u^I%-4fZj*$ +%*L#%Ni&C#M(T\(?N#X38Z2QILqnM>V>@kDt?rEO2/=bK,mhrc1D[lWiW^pj?]_1bN2Q<\Pod7oS6LMO'c-P\nhbSuIqIl"%j]9hJ +%XahDZ:\'"?l@A=-i<*Ssf[LU4:oK'k6HX34E-l^B&H&rH8Q^Zj=_]f'HkFE5lRI`aO*d))\5WX79n?B.b]?5ej^q%BN.[o)!hhDD +%o\[$>?q5aIh^";cqNit?pj1`ua2W.KS-]U'1[c&Q,+N$:U7+JohlipFXt/*?LL(*U7aY#d:$_'l#@&F!'2:-tE8U/N#\6M8?BIoJ +%.(FNkW!chrX_R@80S#'03ud!Da8u^I?DC*/E\9=q2_[X""eAR*BeXOW^TQ!$a1Y&O2!.FUV:@#%&)g#(QhWQ816aZVTV]JgL>(4\ +%S)+SubJU_1^'>kr,At\35kTHKnN>L9o'PoP>5P=,:&T/SM=i\0]LPOp5A`:>X`=SNV;=lihYI(m(h3!kUbRVNm\gf8ELOpD(CR@' +%i"4RVE`9!JM+pp?Bn$17&6@=]RM,^0VJ)62\2Ss\+[As+C9t'^h!Xn,BHMB,JBVU?E$g\4S!t7fa\%VDem#GuA'%@aL3tTs)8?%0 +%JqLa=K3a3""i*Q0oO42\GtH0iCN9i7+B^tFW^,.h$rWbmj4=]@G^#tc`f;Od@7!cXSGa).$]`Q,JlAI/)CqtG;!(4FI-:j1Bdpe: +%+3Ah-T0CTZq*]J!\p.6O8`5G5Ge<8TO06$#\O2PNM?%KoF"H5FreGMQgLQ[GBZY1-'9ucHKF8M&0l4gj:UK*5Lsk:e$<0)dn\O=7 +%<JDVsl$>\IeRT(H:A5gb]no0i]e7_/8<W9Scj1cd6I(9Tp]"glh0(A3Q7K3ni'6_-!NG$ekP\jS8L6OPfPWY%&CH/>#XV*7b<SpZ +%Hup;*pV"S&&WsWThCOtC,N41._7=UKbY)JW`/#"bPc[Oc>=S'<bdYl\@,T5B;E'pg\ILD68F()[T?GU$e2A-13J)XBR;0t`F,^>^ +%fNGsH_3;-hWVdtg^7C^#!gY[Zj=SJS`-E28F4SsW:<?!1)$'$XP"3VVX(h012llDA:Lu#lb!'`5l'!]K=n>*4)k`+39cLC&Zi'fm +%35Tg?j@/fg+Y[6o_T7m[Z%8gd12f6Y?A!6'>Q)[iV@&\*/KZ>JnA1l2kTB!J*i>GbN@_"bKVhkOqB[]:->[;t=m-Dkh)%/3jL5gY +%2fQ0Mr+h]Dm!I#G%KDgkA<Dl;cYAu1q?;+1Z\,B'jG[:!pWEtnY?MdK5PL0Ud`bm4SETJ!XtPG:`t[d3NGJ&:84q&?ZGtm-$l&g/ +%[&>9%iJEm@c&*g<=DX0?)QJd]5u[qOMOLfN8KjkN'G*gc9r9rA\ZVm2_gELH$FS%jL(uH#AU\4K2)=d-Bo+j'_aIPK8k0g6$-W"N +%OMlGMX4Uuh.piPRqiHBG*bCV81+uWOI7pmH[J>3(U8H79`XLEo^$RbM*UO[\gW4D)`6XSAO6G9*1Vr#$7#kjord&qKV=-R'Qf3L_ +%=/i.\e8jh@Neo$j=YE`h&r>l5V-g@k!-eUe:1dg3no)@U&[0Fo*]P?MYe4_IpsT)DQtCTa0T*@B<eJ7J9-9LMWLcdmohsi__[04C +%A715Kc[rBnO4i>kG^,W,G*mJ`gL_?Oqc:/\0J*M6;Z,*);)/FJVNtbrPFY.sEo=DMk-LTF^UtZc1M-"ci[)U?A=S9ZY@"1@J=*q$ +%(/Okm@_/ZkV+gk+:<ZVX_3bNAY#N$qiD4^#WfhLo_2$9ni?G9\X&CaSKOaqF]]aH<?Eif'9iEj'">Gu#j`5Zs""Q=RZr.@9/o>.J +%+M%cH3bBj`$aX].nQ<.3KmZb)f-7[^FkuBa*kGL^AXAM"aXDh.\be7.jRHEFOo7-5+4[etWA.(m3Z0?ap_O$tg3a`O;)K"-7N8>M +%J@7<?+)a#33@=<IXKki+P>s1d7SY7dGhL3YKVE]Vr"Xp2Mopbmm7\7$aY7_7gY<8EVif_JOI^ru+iZ8p4?>elATP[MO`!)M2!AC- +%BCiKP^[[M'q'dksZ""W?mP'F9P'mlHob,rjZ"%\CkUlesD07#ie)5KY^ABBh-SR@)LMCs(QX2K"X8iB`'"IkYe&[Bii[gFp:]hE& +%oB*]B^UO\87a\_P\^*hBer:X`=&TY>T\oaQQ&IM8,7(KpE'YG@X7V)Df$pt%M(G"B#g%k8_U!*E=0kcIaHkE5DfM530p""T;dVmS +%%(nr*?!:W36hbT-i2$\`=oNu4O"*'0p^Vk@Ac_46V_qjk7Jmn5VJiNl*3T:-ng0MpF+TG\>m(d=<dC1t\*u3`CTi)\!AFrkmgrJ( +%AO@cdQGK1>,A%?":\FDq>K1e@IQQr/E/..Xk']89m<ERA\I$9%Ir?",1b/6E?^g3.#_]DO>Z[Qdhte2I17O2L`W3Z=P-H\$,JB]E +%it&.:126FP1(L0mbGo/6Wd+s#WD(\Ln38Zu"fDB]/j<H\IWsXb'i!;DaLY>G<1;UIf$,%H'YEnu6FI<,F_;UC:[f.e(ke8a?UVUV +%?Pi:BEYD:r9m';=qA"E?:H=a'ER/4&i#A]I/L?BcYn]pfF`Xc:NUuD>Ac<(mA01H,Y;KY#E<?C@ijB`_93f?k=UGs\\>];0/qt!U +%X10gfO)saHkl1J"esX9qD(3/a%f+^oI#HgZc;5[7,)O=f1l.%"kd:gBj/s/)iNIOp$K2"RN&/Cr[slkNs/*]hl]:8$qpfk@b`(I@ +%D#%0Sr=%\1/mJH:o]oFE+*6-c5-2dp=Jcrr8m7S&3(qHff\nP2Nuqr`I[]H9>o)Z9&Au)K&Bp<=]s9:odVm_`P7@dIBXHs.Go.Mo +%Mn\\k,+Sid1UQgFHcFe68u9E0,F?<!<2>SY0gc*R::>G0Skb2"(c[V5"1^f<s(ej>L1d'>osM/%o2,/J=k&=ck#IbFq-9e:1d0T. +%:Xs7EB5(G,Rq]U$IP%M]AbV_rK%@V6rE?;a[=4-rja@SjqRN4fB"gH/Ud(I5icSeSWT',Ee]LrSNK[DDa]+O,.s&J+*E6lXiI\gF +%TrkJGa\r'1aD*h][qE!ll2m4dIE>Zp>Ub3G?E83a"`LMD>LD!8;ld=@N$Cme?ab#MmhTlmp:EcDQb]^gps_JPlPf>O.+IXQB3_K; +%U3<Y>9kM.@/).Yei>/oc[IU3r\b`_.T%@8Lef0N+blrUtGhYO..c/N3Z+]]SZ4?f&Bc?2a_*\dKAa3!rS#!cS=it-ml:MBSp&HpI +%TZo\@pn.>\BCb\9cF?W)bX60_5E_214fO0"XqPR)MM9:7@ES`&-tM/.g(c@'j$&I#$6kf%R+:$r'$=Q2;4gY)S]SlsChQ#QAb.g, +%lhq.?Z3knB"6/&+QD#Qp[BK=@R\E.ZR8jO0%7C.??`f6.R8q5V\mFSJ>ZV)A=!D&FD#0DQJ(9a.?$oa)++"W+[Qr4W[f1C7Yfs4k +%R@h'1p3Z_D-5^H6gI:hdm0oAh%i/[^O`dI)A#Q^;fERu>VK\=C6Il`qH0&2aB2&i[gHA+q?e(`L:k%(K<T_34d1C]WVE-5ECQ[Jg +%h=9>=\L%k0=Wqk-CaHHd*TZg>n$JlSkPJ#L;>5q?@gdG8I,FXb_q:%@rSt8,2J\D^Dd*i<lJV9sGNGkIchciFYTIrT!sAVri,J&N +%Ztg\Mpr]l:[SNA/<"e!gcu]#]$sj+Y8XPNd%=GLsj6_KnhF><Ln\K"!TBl=^c#r7mH`S5>2.I8/H1"K=a4g5=4eC6Rdn;nd"2I9] +%P63W`\3A&!Z.t%Qmab];U!@F*D=]kQek4b)btf^-^$jn0b^<sF`I1tP(SBF)2M"Z=9m2#i[kD1S*W+8)c3%@Er!&J8ZS'"D[,_,A +%96QnjM[7ir6J74c*S9W#f3s*A`iA5p?>k=Ib_1:R<u(8=Z@)G-pADDelJK4f\?:(&DH^_T>aABK<IYocS)8Db5Dm1M?#s<r-0cK@ +%bA[TgWiDd<mM#+JUig):H`b!5[Iu[$HtY)7/2lY^Sicb+E7C102Elliq<r_olRg)cN_>H04)TKDDG@n>msIbq4]"IK3u%ebY'm\A +%haP;sds%chqU9Yfr8GhC&Ztp-=j5fL('0QsnkipqH2/jXLL*10WH6seTWQ%W/u.f+,%'f4j0+JY1FSbqkOBt2o<-60pY,V%*54)& +%.&FS8qtJeIY(41ULDI1\DlD8J<NVgT?@6I@AKK-8PM443DrlAcF0YOa<.[0g^7m9#0m=Y!K(>T@<rBC4:/nE)&s/kZVq[ONW?F?O +%;2sqTYP,9)9Dc;DH#c]/H7l21dq<<_\Xa3PPaT4V40n#^QKkbQX^=$&g>:^LX%6LeI+%8FcSViaRj';Q7QBkSHl#W00`-4CF'J$k +%V^f+B:Png0='O2][e/-nSUNa&B2NNrdWf)Gp=j@JiN(=D:E>I^7K5H=e3-?-]O0LEH(E.o$fN//$?D*<Y>O[VQiW7II[/`q1sTc? +%-W(L>dC^7j\nBhXN;rjs]>*Ns=92_qU*V*ohQrF=]CiOND._Dm9eU#Kh3qRUbK!IiCHd[ToSlksh3NoD_/40Caj.nIft-<W`&^Ka +%b4_BH.@R/QF\BOMro;gAIqH`>:)1QdBVf/sjS3#mG).T7orRBG1&@FShq-d8Vfg!3?]gt[0g=oI`7Wnlq;-B8GHFm=d2gU5pE+Mr +%leCcoZT_hl@!PA4g7!ERqc0cYS"=ErQP$l$#(3D)`@tc:,-4MQSB5e&"4ee/Y(YPa'qLAnD@"`N4Hl^@#*'h>]\#-&QZI_DZc5fS +%$`IAI/gr2=N81dX`DE\9cenQ[ISXqVYHN-!)F=+/_u$]"lMKBng63OpmG0PN[.eLpL.CrC[&9/shP+SXd>!*oihe=(G2f#JAG(TS +%>21c$+8GRPF\:St):-D$jaI!E1d;<37sR-Q>Sc36cdh@Lr\CprlYoKEmJ=80phDQnpk]h<rYfC6h4`@GF*Cm@M!i0(;7gpI-'(^P +%F\=X+3FAISlZs.GSW\B7j0cWlH[Km?G7F@A<t1ZF?F"E.h"jc]rX)pen#AN,e"aC:X\5OI-K'hWVF8`BM7pXGTGpZN-^287kc)Vm +%Tm+;%\o0PfD+jOr9$s,b=I1E2]9n]oJ(aM<&CPLc)nh7qPngS*Ao9F(nPCmqQcXh\jOeP:b96f&Y+X$e]Z!dG=^mZ,=fg[Y!)9dD +%OMtUlW7]:no1$TMba5_BTemq-P0]V_^a5re^(ISlA2Xmt<hGdJ(m%cOBO;3iK_'iq>VcRk^?*dMh^eoqaCtbAI(_)V@J%s?+Xofq +%O\G<^qd_!4&q3rO:EOr]ZTV_36*6ds3>#Za)17+B6k7+I>H4cX(k[u$P?s(aKklEVR8T<c#"K+BU0`Ir)0Sf@NlZaX7s+b+o=c#> +%bHW<rR!GRC/oY>E]m20(6#FOP!^b./)4!sl)EB)ViX+r4W!JQYNI[J,%%]Um].`!\6/TZBr,gFh-E@9STjBh#^/>i'`CQBgCTH*( +%*"uR,S3uW?oB1Oc?:>F*DC9ah"K:tZql7/`RoSIs82,rT)uFDJXoo:e.aSY;.m$s676(<XXMMD1Aflg(e'S7GYI>tlCFeF_CoG?b +%NY0GSPZ>BMSq<TRn:qhbi#Yj-puU8EJ&cpj,-4Gn/O.k)+H7ZJ1a!5ao%="JptW^PgSboejB6p?#\jiX"DheXILgl<D%o@S"Cs_U +%$)gP;EI\X9AD8HJ3%@h\4]T7g7KBd1;bUQW5(3I51&:bWZOA`RoC6:Rc0@%4M1\-X5A<ao1hgK46ZV02=]NqDN>e'O->Jj:.tV\k +%rF7De#a+CWT1.[^N!elO,g1RQWb@c&!s^'dA52s[:jI=2c/MdW/E8Z_J_V>jN<_/;]M\/Mp/dZC<=n0kojsa0j2"?IQ*.)u3#HY( +%C-7lYOtF![-k,Uo-UV/<CenTbg.1'<j-Q.Y9:N<pGG"f>(bX9^5QQ%?rXpt/7cJ7.T:g$'p+T^Ad*H<MfqlT$g#HCn9$\u_rpk?L +%Va*-XT"+RuGa#RWfHVRd<&j`oOjLK]=g5Ce/*./-YMD>3a5fH"o>7-PJUW>WrQXD*1D2bqpN81_$!cn#$W9A`r3d6>>\_A/[2c3$ +%,lM6YZ0@>l'ifSU\po>>@7b"am&i[r3b7?;i8k0W(h?TOL[HqZX[+AY8,u&aW\G[p/t%!?5H-24)U&+@];8`Nknk(sW[?JV9m&Hr +%cF9d+CGH0oIa3(tX<Idh#e8*YAN.8LhFHg$Ht33jbAoVJ.QWc_`F@\cdoL;W<?n)YY3th1o5UoACYNPO`!8"^PB^?j0<Q"V+K+PE +%M0je9"K494R.r+-XL?bS=2.raG0<$K^)Ofu@0k_2l/Q1]j:V?/:Zm-\V3K1MLG#"N;rGf,QdA#:AtLr*KdIXPAA,YR,BUML+k,DZ +%.+K[@2T&rn`39;M)[F\^")`-@N)O:GGo`2,0qEJ.bmN"i,$FT=Ms)mTI#:e:qsT2RMs9fpP;2bIXq5f&4=3#-bs3gs;=rk#b<ku0 +%9\i:)?@V2#pb%\]H`RnO!,Gufo`S>2/lf#K*W^7[OUimFM+q7tX*qf;mmm#>Y,>]m(?pK^U)""eq4!raAt;3GfUpCdF!t_-Xml.c +%Z2;93br%_e/nXY`4[tZk^n=ojMI[*`P_@.r8WGGqG+n^/eCJpB[llIU(=JIX(ZfJ@\W^AoRJ(-%;W"(;rncBhIW..SU,k/<8B'4V +%^9^'$]j4\t"#'ki#Be=0ibhTtG1T[CSpKE-*Cb.-8:oFeM5b\l[f\hX[,jN28i]UA4h]62(Q)c.![=9X4._<O1@ak1Z1\*S?G?:u +%B>VD["QZ:,:tss7m<Ye(fW]ujqCSuoX=K`SKKf?ll*^:p`;Qa.]&)X8]KkHdU:Hd[/"VV?U&`b[A+TX8]mTQu0<SlDFU2QPb^-/U +%N=4Qp9R/gG&^l6DNio4(4f@#@aHQ6B^tO%QEdL#PoN\IcGW#<R]0/r"DHD0W0ndS'TDn@$j+9SmGOu9\m0VQ,>%Hh@33I'&<$,ZN +%Y-``sQi"HLj6,GdF^Pr\KRLOFj7r8%@V#*O*?!=n8q)q+>3-JXK<&l/.HbD`fm&)*d'9]?^u$*'b.Lc5E<Tej`6,_(fAiNn193[b +%(c(7sRKoDNhZg^3a7XQ`^2jM]l-I[_Vt+QC`p&3g8Z>KQ@U7/Q1:&"(0[:5o1uI]"?>$u9bGPSRaD3c;d.Mi+:A`O]5'8n(lSZ(K +%>G7"R@HY,96%9@@dhmK,0dj+k"F@a8&rm)HM<G2kK(!5"U5a,_^XKlqpNUlM><??CG0"iTrU"h:lRmV;$)u$6?,dcV[PUbX_Db"m +%hJ8cA$^3`q"Qjo/?a\LmN+:/%cWNEgiVgC+DE*0RIEln?/a[j;q8m!P?HgG)AFEIWI)4-!$J?<[q8$uVk4a5I'2QcB7iOn1pA;2] +%#;U`,S[6__F9j`$-nj'*Y/n<fEIV^V]l!jQ@+#bTRL7sCpGCT%l.7bPJ<_+B/=7fQn.Xp+;/+IE0?a'[>4MUJg(N=INR`;LeQqb= +%hHmTh/sO./+(niUQJ#QY/B'M1j1ISNmE>EVYIZuFkK(YFl>1c<'h(Ma8/"BTr&^@"r;>':lG7*.CbCjUDTB0@?f($QI7IaGaE(IC +%=7iP]&LJY3a^Z.pZI1NXVcgWW>J/33CS\)K\Y%m&67%t-SE=^gYdqXCihtCVDfnD]F?pp`Uo0$^%:l0'QO.9FpMJ3[FR$@Hn\dlB +%(p6DLgknP(.7p/_`o-N]j7`DnD^?#+;%pb;DSp1]GgX[r0(LL2aiJ\V]2ndY+"PY"Ip'`]Mtb=g,*e!b=abSU8$rgkmaU16H%DM% +%+.19_@Ip5OT%H#iD4^[P*Th_oBqW&dNFAFMpfm^mrT_;/NDJg[$Q1aL5ULrI^7AS9L=HifAfO-"-EQ'mgo=aB5<'b&Z4s5;>N4aM +%hSjs`\Xm_9,rpB2Ohl8QYTaJCd*F&[Oo7Xf6JXShZDd339EACZ.IF]P,3A[Nl\>i(VPd`s^SOaY+?ke"$sdq;IU55*ZEF_*C(5[c +%OldHEd>_9V6Z8)$.R!<iNTq3j!C%J`hqJb9jaB58(Ot^f9;9>12LHk2$c_hq8&&[2G2fK(>]cpr=InJl]T7+4m`(*'s5\M)b=MF/ +%(9>4$NAoZ1D"Apo1Wp`NEShrs>=F=(Xs"YSG+M]+`S8#uiW-P=04Z34]0)\_B^JF7(c"e=FeSME-(NBEaR!,LIQ?(^:Y4s,)-;^` +%&-/X$"%4$@RP.&3(maXRFO7<e)E\u^OF$M>B0>pjn+Y_dA\>D9$B7Cp%VL*UrOHB4k^-!j=XI;H0P7\9SeI?i?.hluQZ@Z,]2_Q* +%W76Y2]mK#?>lV0O9ng6dX^"f`_l)Sk+ZQai&H'p6M[cS%[:BI`r;00?:o(3UD-29pGW)'qY[3um+m`+-f+\_.o6I)o/]2'KI;jdM +%ZWgTthP?hhFR><J70t[;b-pWUnJF=(D[C[]+l5ZsoCOK3ac%CgkK*DVMr-k+i8edBbK<IDhX?.Adk$a2[O(S!0'NW=2cT.%\\<4d +%q"gE99>3T1ZlSWoYc&?G%+0p4naYFS<pu'6)@hD&RinX[_QWX[pltATBT3qZJ!Q*Fj6OAq+4hdbWkUDTHH%e]bBJE!!`:AD<_j3) +%aDU1/CR88sV%:;`hgH:Pc10T!^-=I=or\5MH`K@'mitO9dK?eGiaAg13r%8WoBDLHe=Q3[\"[)VJ<*uq4F%!M%O8C&$=/baWL4Xr +%ZRI.q*'20Q'g@>!h34fkTAHLj*p*4Sm?bkghum[BpHc"SU0Ob'/%5E;(JlGb\c'ZCasiYhdZ:#/Ut8JT=)/9f`S&Krgi!5$p9P=0 +%iuo@B<Y`?<WWEPq;>P=&3ne_,8&T>hn\<j+OiID"mF/'pMY$_P7+%$YQLMVJ9-^t5?9+jp\0'b?8h9D%jCA!UHcGY=m'%(2e(]-g +%lRt<O;E55Gf7&3bfCp<3-ND)@bgunJY:`@1q6!LXPFaLGPbOf!CP%N[:6`*I]rgH2kG\t6mHj=*-#<O]X`k/Mk*(5^)=gT&W,=La +%:+-(U.tNcrBg)0Iq5E^D,c,n6T:C5,/"j,=N%9e:PDK+G?E]T+IU+H`\V5GIN]qPLBg]&f.i[G0Ffb98JS4F_e@oKLFBSK$SQ+(@ +%lLHr@,M]%Ql[0QTG[Fr0*V2Bc>Fde3nab*=c0siJS8)$^o%o&?A4o/'VhE80<"ZQ"A'!fig",IbN<SR*C6iBI?r-,)3u%UV<Fl2/ +%QsN[/Zh,#tne/JsEec!B&;ouPWH6s4J4tTpolT-/e+fKm`</[UkfJZE+,R@m/90M"!CucIYhN#.U<%$rjp9HAn[i.E*#EZ.#mSK) +%\B#_F,76Fc`%;GY8c*=r:ZiCT'`lr;<`5Lt?04Re-.sVg4p$Muhl6LnaHtV8QN?Xn-s>VXJ9;M8lg.WYL;@*i9L@_Vfc7W&-=6uC +%S$eK"N*0"KY@e&+'$N4<\tgfGr>DYZ^j05j@_fU>b!o+K8gj'9H0?/3j?tP\F,"pNjP,<Rdcf\Lj"[%4F'<#-C*:i:-n<9mfi51$ +%)TEM@+F"Y%;.F%U[-b(M>e_g;W4=U0bqp3GU7rXX5]0-m5V4Zl8*IR^,,)S9e+m;195LUmqMPg86@DW_;=QDl=/O3NTO15d!Zs.# +%fil]MM[9;dTUT(\/fB*Fisu((&'(5i:pa+k%(K1.VDSTsZ>:`)*OL?k2'iuA1;<W'B[=(X<rFlEre<hdI*p)WX[5f?/(-mrHdC[! +%\2VnZ-BtW@%#nIk[?jKDP.2iJ8rgN`GuFq6(S%4Po?a]a2"#n!Z#324nTFanb,/HFFc^`-[POZk5Dtn--Z;pfVBcGj*EG"tW<VNu +%WIVf'"2)9BbTk;NTU>OS))\X&9?/Ru*YMR+Wu=QPE6lrnT)=u%p0H1\b=ZN%%h!O!0jOW<)c2hiHr:tWbhh@KO@M6fLOcr%Pm-MV +%h?ma=\kLIXFXq7NglF!!&hiYC103;^(fh]=0D"IEh<5m\]nWCLlRJ`)Rpm6g]b^^TJRTXCrh=pkOu*oL[j#X</b=N=kq=4Sn]?\g +%e3(AbX\;V&)'3Z5J[?hNZOJbe26h,*$8M$\,R-#Gm21#k"?DZKIg)LgA8LaW1JIf(Cu)r]Ukt`^JmJn_[:7jZ$7u0c_aT)/;!OGE +%Qf7hG1>([YC1;paO-fW@^q9^=7EY'U?oRVM>O-C%l?SH,*gr:Oi;`kk_./Hk(SLD]Qq:CUWs2/\[-sL7kZ@<%a:*`[HW_X4N-LQW +%EW%A9Df?)Zr$!op;$m=aQ`N]h%,.d+p'OQrG_70Z(;^Vqqtl!hk1UTt#-FVU*+FK@/!U.OLRLia3$DYKmsF:-=jrTXn\199%kfdW +%E.KL2UhD*s$]&(0)AX)/aEX2a,A^2THEdNfAJ2W2<3g9X=ZeeiUH+GgRE]a4_#LG582c+g,[<kb7^38H!<N2@IRR2nZ,=el)AuTm +%fkAM#i^H,131HHJIToBF&pDse8Im3H%TOrF1d[Xr9*9``('XVGfNHs&_f">SBnX\`j7hNTY*L>2j[6IsR5B!#A/'JnX)%rP6W/0V +%P<--P2Q'u_WeOUgfXI[TZ\@SQf$K@pE?fMII#;_u*6ot6IiS6B)JqRS^R,V[_>OoA%ZIoRBK(i'1CF#;*EW`@!m2J4UgLk'HS<WH +%AIE:^_uQ46=QEjC`IaCU"2ZT_i6QS.,PhQj!u>p`ZFl!F6bRWC++u6W/^/+f"E:9ST>)phM@DMdmYa>?ZGK\ObSV9a(n<H0F:r*A +%&Am_PHc\!go_j\"#9M"^alG"?k2#;1Nf_DW`d.;Ik?'ZE`\)H$dhMC)AC+2XCmCNE1=8WK:8U4&:UR-0J<j'Sk:nc35V6!=K_rQt +%*fLP;nlWD).9XXB3bu!3/?QgsZ!sTjlP+cj5=!)&>U7`nJmTYpg^6],(26rcV&Ek-cXpZt_c+sf1G$nolJ%_V6Idc4BXeM,F=fJg +%^qL5OUs@GGjYsZ:[A;j0&'0*W2P<]!-^.PF3:<'N[tiU(+SNoFUkraBi['8h!e3-JId.LBm459:Wb)iR]7<t@((I\IcaIaoBEhB8 +%iu*1QC'q:[4rdm-R0'0o$,/FlWq_iOV'%L_37tGH?s9gQG6nqI4SG.N>dp<fjJ$5aQALVAn8-<6Ur`CIT?'tp1kZE'L5bCUgXYG! +%ftY&nA$Nf]o)@ao)TDl`g*b@+X/ZujMPqE%aCL*YBa#b9!a(H"J-/ILe#o(8!K6BQZF=4'65saaSL?h(Bh>OH&jE62_5(WX38@i> +%+KS/bHq?$9;,e8B9*.(Pr4T22m+WtsfLNA#PEeVQ&tp(55C'AOX:i0t94M,i4\3_Rl>U0aj%]eaL7=!`!*RI&lGUG4eT[@E"^0Sl +%3u`NA;f'BLamr8!ErcA+=o+5W34"cp;JfC_RP2`MTg#eCAgJb1Jmo<b#C3WA%\)O=AO3Wm<e"'T'e$'"n2k6B"lHrHB?YZP64n$, +%jTA`uZa,Q6\n&F?EK7A*Z,ADJ&VB9J8DYQPY#U'_oiV-9]Yl1c.D8iC1m;WbiQl7[CR*8.ZKO*G>9<77=>*Xof7kD^.N'"@UA4Zt +%5&GpL>)''"c,V]Sg=J9lF_7T^5CfA<c4=,!jK.F/9Tsi],ChULao!u_/EgU+%1/unk.nEg"Nthh3M4JOQO8X2("omma[P:dbA)9s +%_f/&4?,q#p.#a\`7)A%qjlBrq32Y"pfk4f-jFs"E2!DKerm6dC,T597OO$t9B5!+L2j(5m3Mk-T=X9H?Cs&0#>uBm@s/cS0%hRqa +%FC'"X_Lo"$R[)Q?&?35YHA)bR*kR9pYSMS?-/3mR\Y3KJ.&5VM\b[([2g-0ubM]k^:RYA9<PT*]'nmqM3g0QQB*(5&#lk-bgS(CN +%o$FjW\Cne5+'"Vn3?Xq\;;pYK:*.W#*Ib3OKD8?W-*%;7gj#C8Z@PVD`(PEAk$gdBY\9/0K;ga"B!E1C2d@349h5EIbRTQ5(0,nD +%c*HN=I^Ttli:]`NZePI3QL9HTLFWG#4m)d=%g%O)gulb]8h?jF9i_Ri.CRc>NV1=GK[gE,50_$$B)XR/]VneiAh1-"WL(6%.m,/> +%+7q=63i(sZ^t^&J8&SAWN_Ts%@c))&Lo)OP2Nq/q<OUoXgnZFc"6+hs_mlIZanJLN06`d8B'%0<7"&*=gP?Zq,$0h;O),>Ks42$G +%PeeA/F)ie3ZWM+/Hd,r+P<%@*/ebN_2qKPH3Ep[#i-AEtG61p$^YSU#1SuhC;d?sjgWS)opZ:&MZ'9C*8T=%&TZR%%29n717n('m +%^XrsXV?DacM5?D\n&:pW^T]/_l`l89A_SYl.E&n%bImG)fR')S?@mFq-f2rsD-0msS9j"7b'#-6.)?:h!u^3'-+--"KF+Ft=j2oR +%"Bp>X=FHGs72!PE3>b+)[OC"lDS0g_c_AkJq1S,nWY+c%A91[gX42&g\(,.<fJ]aCgBLYk,g0PM'e]7$4UiKr#SnomW"cXN#gO+r +%V92bajoG*e(P-=8nL4FN"c_'t5E1*[FVacW8E,NY)hERTIc,70c2EOhTk2m)>X]nNk&*>k:hLHme,ZjNW]2dicE"\@YJaM=)>Sf_ +%diKN=_8*.8;,,d%S;b55+VMOlVO"6%B#Oc0<Ss2FNiY(mE1sO:NWLCW8)oCjWe"/:@raf4P\[(5G88J_O%F;tAHj?iC3^P8ahGFP +%Hde<CaJ>5om.',+Ho3TF!Urhn?FKoA185#4,qcc<3<*fS&Z_C;g<fP*nu!4pO&pao.Gi<S9V0VXF/8BA/DIZ2l*(Om/St9-0ZU"Y +%#'3g5kfUiuh!]7d:%NWZBRZEHhEf)"5e7/L3U%:NEfcZML4b&]U:>9Qp^I.4!F[4jnZWdF^9$n:YXH#c;R^*:HI_Jon/77F%U%A" +%F=7fubQ>`)mY+fboFLh/#E+Ij4q*_%8_pHa(N9/q*<AmhA%1HG7t';RRE9HSZ?_[ZG\7,]QXijDC`Ynb/"HOj!^!mt1pUK4#3:3F +%lD"OWZ7<TR;k^Ch2e`Geq1D-.?[k&f#O]UC4mDN/-8[4TBQtRRa0$S4%=]$3;H2IoR7.<:bd(d&#pn*?K6,RElGY7-5P'"0H8+8: +%FsoV*hkTYg%c-Ijn$R6?]bU&`@+H1XcXEJ8s-jKM&Y.m+^`<P;:n4`)Og8)-Z-+H"7D1g%[Nbg\Z/?i2oEroP0VISi][2!f%7W3F +%gH?BB2+lsf,B;CI/grlEaC&1><Xrb16%[H;1gsr!_euliTaftqGo`)e*_h^QXMs)@C]'R%mkU].iq/)BLY_e(D[o7GYW-AT']rCt +%h6:?n3"E#0(<+YieYn+ZhJN_>&44)^lP]]AQf1l.W,)/hgug6J`6fMn%EP1Tr^=s1CY@bI86TWuL17WihIGhBFRV=8hg:@nj#9:\ +%f0FL[k`uXU@:3I3CpJULYdj\`5VgR1Qh`YW69'tHOOa1]Cl^5:(#n?3=D9h_<('rAARn1bf`K*dL(Ej#,fqh54Hf2k%oKq>5Jqf& +%<Fs,Q%Ks#8WcD[;EuH".fE*nZa"ZEKl^3(oO^D*C;t#lH6IrW>b>9!CUrt+k_r*9%/0j*A6BR@A"(2MG)Dbn$XX^RLDZF<9=G!UX +%V?*c-?*OY99<=f'+afr^p]Q])&)%'S7V:8G=<-+s8K2]PV[7&1PC!A"`K9U?0W]EiQ=Q*+]L6&,4QNBp1rc+Vl9f@")'igO@U%t& +%QNU]^9JJN[nAUYUMip14?K<%K:lT[/<el:S5MJ!4CN+E*l)BVY=3_+Q!eRh.SeZbn_g\(pc7fA4IlAVL\:9)5I]1i3/IVfjJu]<k +%#2fH!9F<Z)2!5UB,Q(e@]T1-YYKa4*I>KQc+n"RC)%N-N/7j_klC9fj4dPe];lg#$AdhC!Kd_^MT@XFB<[Yaq6UZb#G;X=-r>Y0t +%`aV6%at[+"&^S<36t#q%Z5EN`I*]7J#BH?m!q5,.)[c,MN66(+cXosDfsqjBjX\:ulX5R4Pl]>Qjb[do[gjB$3m+]E\j/M?DF-7h +%7FKY'c._BJbfM2qohPj/9@hg`SYT-o5er[*[M'YkGC,A>`R)SJCiR#Jo34_V,E4#+].^"E?Y&i8RY5,SGt,kUOD!?s[cdL$cgqWS +%pXSk>UV?+385g'r/;J>efuZ5E2+Q`LI+DuTNk%TqfYWAf2nS+/^i.pW9>A6C=Vt>uH@=K]]_CY`HE<k<l[0F1XTXYN[aC!+p%KQq +%RJ$32;fe0rJbn`_l[:t6m7I$D:#Bgbc9hi"c<0jcT+r^F05+!2HeVTu]lJMEb0s&]Z#@3j`\[NsA'pm>;-oX!o8A$lp%;Y)b)pr6 +%_ok";%f6!85/5sd]j86f`/ZghB`s:b/IRa,oVt'Gqeb@rT6>5%pRV"Q!ShdVkIWVHc?B^l`Notj1S\>e+uRG!E&IF4I8rkK_sG<3 +%c%=Z^%T[']Kq4^G"S$h&AZuET-2F'7:J;]YERpD07fYI@1ck9lrdD6`!j/h<f<6K&_Hb1m+=:S;V@`!D`N!/E<s_KO;\+34DUb/@ +%IV@Pb4EduAXL>SO-=O"de+*W('U:@_VUFLt7BF6QCMe<$=&n77(!K!8(m#=`fEaO\\DUr?AJ+gr"5(gZ3!C!]7Pi['LT2T5%)k1( +%,hYL1d(TSGDSo$8I)0Ab[nUit\[`s2QA(7<Udj6C&h:%Af".Ss8YAEZ;fV<WdS6Rm'`ubhg&si$\bK8D@)XOq'f54_0mLhk()p'o +%*4nX0c3?MNo@WI#Hk"2gpK\PeDH=L+N&]I60;J'N%\7EhRDT"U,+`1=Mh]+/?4%,M(BLS6_Vn*O`,pBsfsVD9"l,_h`h=q=`b$*o +%M`6hPZ:^)uK4R%1TJdWTlXl_Gj8*EUqI8XhLD=7,%:RBb:eAPuFG%k`alF:&"!g*l*eP82H%7ZCi&b0F6X8D"6h/uZGFMBhoo><+ +%MYJ<fnk'#+ifo+Q#hMW`1\hk/W6^-hd*C;QV.CRB[+L]SGOJ<-&b:Wb>R)FkI_ip@A-']DaE%h61P'qdG7P2:QLfcrAaEaI"qRTF +%,Q<M&AYjoop]@Pd+jO:&)oE>LRi)<`0>m<!!D)?di"GJ<7B[#8#p:H\<3I5o5,!lV%G*M]`54OV9PdN-TUfr`146iXD.A).IDg\l +%'al?)^aco\.TqL"=5bQ_B&[FNKb&sR'B!(UQOJI>[m2[T["aO(A@T9S/<RG>*!l%/7uG1GD2[c,:S[Gu#l$-O$6kKe,;Guui;d0a +%EE%Ju+/=S0QW<2\/jJN1cf2k*5V>\YK7=_0dsre+'J++n=p/f@/LsGL,>T]qN"Q/_\4uOt/[AY_Ks"\-blXS\dCYJ-pP(CYW_LOk +%YaE(9*$Ci)CK@h[r&l5GY.J*i'hj#aUqlL(d=3"#AH_T/h-=(FE:2uKB-;K`H"dsZ"-ELf7CIa9-(m[\G4P3r&kh<>997c>=GMWA +%6t6YQ@)d8l08*mLZBfB*fSs")]Wk!.<'u)u0k*qFJX--5@G-6\1.OouPaE1W9>gA>J;0sP7.sInUq>M$hdIB^aCY(M>=9GsRmYlC +%\ZLDh#61*a[gu\p]jfQ:Ms#nq!N-<mj!>p)c8\DpXLcnA'@URqZ1[\3GZ7'QFe8ZV(P-FS..>mqCZ8Pf20N)sq&D,EDBKguJ>VNG +%+U=Je^aU:3oYC9V-'!##P&4a^YkYDO)IU@K/n$Z#h)U?-dHj>b"ZiDo,'BZQZ8nS)?@0SS3DeJ:prAkldZ!&GmG/"q2^E]OA7I=Z +%_8h+")cKfp`OWUmS!>Z!c-),-)Pk*&?oTBbh2Qlr!'$==82NLJQ59J>\YES@`#^ZfAn+gX6NHRL)MJBK%4A'l&g0AHaImm,s#n-' +%!gq.r_M>p0J0p,[#Nsr/.h\2AX>2_;*3MY/QeWe<1()M$T3BOH]_(K17[h4+^qhr1&!fgIRRB9K3<qW(pYF^;DcH9R2F4^("r^UU +%/1)`-;1o&@kBouq`_k><XZc1qq1'`SnV63/JfnfDf5G#Z.=IiX*SkJm8u";d>5Yg^/=p(sPpgle5(kOAe^(ONg"UDd:N%TGlL!h= +%IfBRjBtb!HMdOK5Y8F^srM6T^e,<]!;I#j7(hR[V7]@If1Z`ASBI*25b[-bJKER7Y[(lFZ5Mi0&D3f7nqsHVsU[9jY5/ZW2hb1QJ +%e#\Iu68JS<e)&7Tr8n3"%$H0C&3'3ap)+NOc.9(,de3_#L^ZnJB'(K>;%&+I,9G=XMAFkr(=j_%qYY.qgK(MdMh\MSSgtT;,_ll_ +%['d[g#kFRaDjWu0A=ade0rEpuI=)!^hlW<9=Un!/hX\HlGdJRE[=<")S1=KtiJCi*)R:@[R]GNd2[*P)\%I*j>^GDiiUQ(ta5@f6 +%Q<>-F-?G6=GFj0Wc4BU%11M=90;mOB8d!/>RqLSpJmr,17XJZ,gaOT`+__D=6bnB6TSA:)n>6ca9L'DibaBS-p'-03[8%[nncKs% +%D)1[:"WUB=raL"+B`;#P(2;;i[CGRp:9m7mhs6%,.,\^+e25O;4eu^mMB!l]\?gH^@;:u?,DWJbP`BK5o_+^'MA9i*PPthWh.<E# +%qQX2/WRO#c@c[r(PT9?+&#JBrSHt!LG4W['5rX]78X9?5.S;:&Hd0i=@e9PF?^ARDANTGZqZW4$7WJd/&?MAQ1&@Y.@rNSaOMsg^ +%n<1F4Ru=2B*$b5IQGBkT.67fTDQ>H/>51OTPA,6sdRN*]TBRQjp-GUkWD1"WH$%J'[W!/2$c1_q_)K!2LjN"](pE-C(AK#-'e\uu +%pe+_Y?r,H59]`2HJ%1OO:[,N([YIWP"?^q[i$&Oj;G:^^.10#dT^:.AaL0;IKO>go!G5u(+(!s2=R[\/8s\U\]85[/,.`SZ.WcG; +%p0MY]\enN60^PApj546\dpI`AJ`HR,m9d^oh<Nit>V1lCq.I#S-D8jVdfP6b=D+IR&N=S%gp@-;bOg7e9iVpq2q\#Rp&o5L/$=Nr +%XhiV%k\6F]X;j)B_e%Ki2iE_0$chO#]SBmY-iSY:^_[r&k'k*JV2qta%GRW8./CurrL@2G@Hla']G*ejL1pWO<Mnb9!^/8n_=KTa +%;+WuMKY5-1*K&tppL>X+niHd-8hQo@=7(poTVs=U7L'u,^WL*+@!%89mhQr%<i\X2l=X7Ebk'#D?4?-0pI*G\,"Fr?<mU-aF>DS0 +%ct"F[)m93RBrT,5(h2n&Eb)1n2Ui3!h^smcZcS*,>q$9,>jW_Oc:7`Y$pNg8Gnt0NYE&Jm]?P1I(Qc@n"5b]KDmV,cY.OLnVr?[g +%""1r@mkb^dUA*Di+J*_/Bd@4OQQKS3j#ae9MAL=$VpKH]aZHkGf5fqZJCt[gN97A)39Mu!lGEF$6j?5^QAXSaTHf:(Nbm-@<6P'R +%XA8S:Tl;q;OW[tB2t0V?H"n*6m"m$M3`*h]2$B'*K2laJ4<+reS"m6Nf_Mo`jkagC_Ztfs(@>*e>*6QQlp'uuNP?Q)e7*;T!sNEd +%$QSNS3:8nb6u>Ri7WV.EZt6s.*$dehCs/9u>gi3O,g*K)eU(1Xo'Udt*4Am$Z2LV<8Wo'InX>6MeGg_&R(m*A3N(?Nm@(Pb'YVPr +%>+T&qk-TY=<SB`&aaiS5bkjh1Uq@blN"f"?#2dHV-6D@mJ?fCnO6GMQ:WX_7iJ>c1"Y$#U!Znt!GF7t(n+ZG9K/;8$n6!EW<'qtt +%MP=WnEIBaGM5TMn9JoquOC(+%bsSm*l',CaaWpiWEIoC4B31][B%YK*)(0@MVrM"W@msMQI'Es(;=c>7+\e]UF"*bLDX1[?]'Uo; +%bZW_ZIV:T&_CG`^$ZY/UUd0EHihdZ$#7]E-rnh9*P]u'(g%;XRhX-\5BR4+.eLpMWXH_j$KV`97,A&mqd98GU9(pEM>9(XMTc)q: +%+,1bDC,7&)8dm><2^I[67;&$*2(a^q1KsS`]]&g*:XH'NHC[IiRM[@o1#u7d8t<m\_Su@40->)DA2.EE$[_^)1"QjX#DOFWW3#;> +%R:,n@n!2cqSnr`i-chPl[8KlWlt*KP%e8*(S:(*QfiQ#Hd:DcPn4I6?%$)9W+G)Sl/EZJ[bg^Q8_:t@67;M]<P6HZAl1@[K8T#@" +%E6r=d@Dt#MpQA\5ar4D^qjJu-D-;OJ=_BR$<qbOTag/Nd#uo*[J!u)[N['A`*DVUZ$tI)+0A;B__CP[+rCfAoPTFQ:%VqU1Y;AKM +%rccs+/83mbe%$pE8\NC,_XRbo[B2(<calYXAstFuQrT2g>)#(UQ(*uVPJYYP<<e*)MrtuVpc*Yu7?/3&53-<d(BNSul&.fC3$BIs +%67BQZ4F3GHOWj;V_;,h+M.L,@T4R7?c6(^taF2H-C;_2>bH]4OfK(uiaa>3j_!<P!=:-`rIu(_`pR-Cb_,OP7,'5QB14IeeS6:;d +%k&^@&<!l*=f.lj:p=$F,e3`nh4e<"h<DJ$n@W'MD%.<`,XSRSd-Ta5M4V`p<7EhJbP9njpN=,]5]'u_1bWe=?)RaQjLIE,.;b"XL +%?2aTLUtaPc@5R4jG5![^P]+iqR9,c[X0nk7H4QVu&,aZ_J,R:"qhtK^rp=(mqY1$Sn,Dg3J,#@;nTW%2J,:>fq:GZ=0E:\1+9(NV +%J,Jr\`..Rns7fC)hZ)Pis7lWQ^F]78J,(btqZ$R[hThblc*+n]h:I/OqhOn?o,lDAJ+<<kJ,+"Ir9NDCZ1r,Irg3Zapu?jNr6,-; +%&H0'[gQ2C3O8mi3SUUK`4Stb#ps]q9UGi)Gs8'X2\dR/$:ocFkDboAtJZn=JpdY]6af_99b$P#g5FekGoUZcR4qmZ!%kkl2)*_XH +%.,:Oe&[XA4&Le5.Xh_su2<dkHQV+QqhEHD?gCO=Lc\j<)s5BZ\X*(-<T5BRKT8^k@*[Yk8V%<O"Of8JW8\FcWr3p>9j1'_\>)&m\ +%]m%rBWh7fA'9O`@"3d>_7#7u9,5GYk5O1D">lJu:L_KXqq1_V&ZdkXQ86Fs=R,r-Nrs7?Vl<+eR-DWb*9UKdpf_6SArF#r\Z`3H@ +%j$+78TdG4na4L^[Jsroq8!H=]!@Hn+M*g`tR+NhHq(.P:$->)^QdNS=@1Q,b?<['*22(3BDP_^3*bVjkefO"6$O;SRVdLU33,`ra +%7ie_7>h$P1h>kHB-H(o)F*)5sJ]CKo`3[_#Pod!a2[5&p`X$JD/k4HI^5^f)\DU.&D7C3E861UacTVbT'>hctau9T)AO_6-]1r9g +%Fr2dRa_,7kD]:7;/n*UnUO^Q$AC0iEU?QoY_8m$t&"fsaZ%4NR5<d962hY+7TbM[9a>WQ:Xm-SX:9b!YL4hm"<_`A!(Nf<b=>Fff +%euAq!&=Kc=S][;Hpjj"=cr.?Q/LQCQMa\j#0qp4(HoO<Eo`5br_`B+\"GF"gD&/9:mn>k9&]lZ#&f/peiRhtT(0I?T7+hhL+f([O +%ALAN!Cf^%^Z:tV2m5%_J!:Pj5Fne<t"YA]*PB%S37O.i5VM>p"2XFEa:ea-q<F@sT0S,MK'=(cHop&8i4prlOAI2LNRghLBa;Z6< +%V=\OF5(^dpLu7g8J['q_.:ihOp6d@1G_on0D%ieeIT0r%QBR!4>?<N^?/#t`YglaYaQ`&6Q+Wj@d-tMYl023SNt%%^l`Xt3EHK!6 +%ejlg=-Qg7brIqk-952GUl0`GX+#b,EH^pA=HnNtM]WZZr**:PVfCFQ6V;]9jQ6123WXmbG=^shq:CUDGBTHr2O5f2?UJkZ`e=m%7 +%8;m-U?\!46`ap%_bVjpiqW!dhpg9g--M\u3/m>[0*MC*PB-1V7iBs`VX4>PE8+[!^9[.Cj!RE9MF=QTJ";gDu?DWCJo;/\8?Ye!= +%SuVHkBJTb.e$=Ji(oMpCLG(>SK908BG)iL&VJ5/A]8g#tn^?@%qeG!<'ej)t^<;n7B[8HAar6A="8#!bR`9aG=\$9_IaTSm'S;@6 +%-7;B9T>Q0;`%UZX[AVanPOV7.*LiDVaq/_h(pklH:n%c<$KY-5QU)U'<1Fc7`YOOBY7;,(C[[.Pf#0.a%0B<V',J)Ofdc%7-EPnF +%U=NuT^(+?gn-,5W@u7XjiV%=7=bYE!"OeEoJJgA-]F`Wo)6Z_Z9J^c5/6TS^e3RiYH"X2(/aF-q<sLdlV`AN8e8H/9UG#dQ)%PJP +%lUNA-VV*m[$&GY`Z4a]N#H*JCgM2m/hOFOoktTEBa6M).2-\DD*3lXXLY=p;<@b!dSD1e$NNEC!``0Q[Kr(_^H)Lm&kXLT(<\kms +%i<o:>Or9LiH-TeSATKg";.fSg#d2S/eS&f'<3mLHPo5Xjkg;6!>FF:]d6o=^)mmWG@+*ld^nXQQKFbD7lM'$#'=h[QS[rW/jF>hQ +%&HL.1`72'BmA;!K0fK$lT[=$=ACo'%4=tUk'agR]/-]l)Fl^"_<5sit!P!'*T$8uA0X\O=XDdL:9O%,A\Rj<D8\&WMSF&ArhoNCE +%nZ$11E9FK+C<]PhD.^\HSc-`B"ANlNfec%oR;b*okiFNUEAc2pAWLF"e(n)'ZB&+DbuW(,%sntIReY819ld\SZ2q:K.]]*r9,Y%d +%.U^7-2DaeN<".?rHj/7>%*QRn<gRic+X@eh<]IK9KMWq:qZfp]L]mtDHXn&3"6'K'Y/XO#ZQKHQcL2OO\J@/<S(<%@MpS%h13q#R +%L[9+W:kF#o6G[2LQ.bE.O\N-p?_J#PieLO0"hD48C:fpSCs0)Q3o#P8<inI?@&sC+\ba0o]C/ZkYdKWg7'l([K_,<09G.FB4;ir3 +%(+Ec8JIlEl3]`J/UVc2F1O5(O`u]'Mqut8-Pqqbd4$'U&m561BhgO,e@Ad<'_iIY>'B\^`&H-ea'$;>tK!'32!&n7DLq0_QT:s6i +%a*KT#.LkWEp*QS)\nOSWYg</g$0+dW9HaV2r02%dm9r?HGO$%bnMUEk'FJ_-dk8<JO'M>ea`."d2fk:Sc*_Kn;>=7?HBui<',Fl! +%PGdu>fJaI8O__=n9]+l:KjYXK?qbDU>VcC%6;YnZSJ<8G]5ggIGZ6W61?7%-Qad?Kfiu_4_C^$e-luls>sZ2!S6Aq)_Zu@V4P^jB +%UhR\.QC]?JR^Gfb?JSd&X#6TZ%BcT7Vj`]N_!^teZ\`P:,0@DTgP*aU2LQWU1QiS!ju<1Wf5fsX$TV_V,)[4aPsoG)MhK\oU1Sln +%V5C;:%s%_fpXct+o$fgP;gZ,N4l(CkF*LQTkY5W,eqr#%L0`(?l[HfNn9`gAVMhP/5"93Y3g"M-2s&n%$0.<^Um.kEAbQqL*t80Y +%igc0Y0Q;G]eR%laZ.g:0X?A>F<3?*?hB+f#YS?"O1*P2>c"+9KlmhFDb11o\G!,HW*funls#tXN!?lPo^E7W0T`\J*r-^$+pp85* +%_AnIdS+j]nd`2q^[6V,E.@)V=.tu*j;X$&NN[5KBF"(MINce+r1jB&:(?p1gVX^&XX&F(4M*N<n7JIC5EF"2WQo8;*J<RTqP.WP, +%@#K\q"\EMg2"=Qpb>opPKMOg+1gQhFDAqjb2^MT_[QDl_pt"<tm,Y!4Q&g"KD0JsRZq,2'U4Obbb[%L/HakZ.^n-"^lh7#7dZ'rj +%/gCe*iksBiWG&\5jN8WVk,Z)F,igi3?cSZd]8ta\G\Q.h*1"bfE2e2gbeujq<]=bh^IC0R:*uZ/hEGi</R5uq\YZaJj7LIIeO!Ch +%12LOCB=#_(#_&-O=dEC(Q=-l<2U6L8^O>l8ojTX+FBn@!YAS#r]4@aJ)T$!;V8R$.+bQJRXat>rPFpBCV5Ag2E@Y1,1he(+(-d'$ +%!R9uV@A>2^TRE(+2f5IjA=5V.ln\9RVV"Aoahl79nnR,!i*o,'oO0*HrIPL)8)8cEpO;c#Dgq1PgAPrKL]-nLJ,^2lqqWCJGR9Q3 +%>Jk!SEgrUF*$/@7];Zs1hk%asF_!LsDblAjLA5KdnZmZEY<V(is69r\+k)[,1Y>bjl(ZH71jd-5V`T$f/nEmj"X_pJ0Fs^K;d":L +%mNi+RPIS_3$_a`Bb8;Ht8E+^ua'9o/=K/e6\'0bk$:5B9,EIOYg`f\UX\\R]5JBVUIiPBKBuY147rcp&"N`*MN?*A8%d5c?`3@J= +%cj7,ghjRgV;=g]rY_EC]!A.4Jfk$aaet$Y!ag2RI`O"nOi5'9F0B!7CiMuD<cShk:`\_:[8k)kY0D`@D)i+[`HBoGGZL,mp5]2MX +%Ri=?_V$<eh5]aHE>mA-d-[!/@>sc--j;u5"Th$/21]6f/PsV#R4t;K2?,$bE5X4PDDV_mD6UE.Cm^S-,2=llt:nDI"L!1=IG"[ei +%Ir5Ma]sAfsFa0t3%459DVNBaib\f8K_strYZNK`]3Q1"fDAHUXU3MYt_rOO4DYJRk0,M^m("!4GS/UX#5O8&"]+\aT3Ssi_0(+4N +%Jk*n^2-lY@"Dl/ek',e?m#o[c<gIMPO6ViY`R:@5BRO6Mb1b\Ch3pEV]"HV^!NLlpG-<bRo@TU@@1`dQ>,uekKh:0TQ1i1HY?5Qr +%F_&?Dm2k"iK/@kO;n/*[)tQL9A9U@kZ,03hq1P.%l,K0IJ(k^LJ6u+l!8pru4]29?VIpXGJoLM_Y6ZX3J3;Tn/GK&pi8=2H1CZ_. +%+(n!,(g-Cak#rgn,')>=[^fC`f3tGs%5D)k9IhT*@YGd8/*[j4X'6*826d/45c@=q-V@XLmpJUKoWg*)oiu?'"'OoPVUu\j+.'Xm +%^e3g<VAidh_Q^3ag;gc"=;JfOE2Qe?oiUe.;O)&%B62!Dn-p(UBSCGcB,-R1*K/`Md&NV5g#gJ(0R&k7ZK$hMOVdG/SU30N@r\D" +%K8]:0PT`E=,E<JMO%%nTG8^&4Y-tWYj)<o67h_>q(<:=`nsT&[fNF9lN8i.nSgCc.*bN1a1?\k60Y;?/5Vc7faSI91P7%Y;*^]Y# +%CpXbak1t$m224cZ(Cr+g63_F9*f;i<*FsgSg(D$^&qoaZrG]XFi^3/i&TX<)<LiU'J$.?QZ6alq".A,4Yt8G1p$C_]>YSm\0'g?X +%<b]HFST%;W(b*b-%(]Q"B\%oe(6Kqt1l=H'BTWsa\JM6'3nGNLj_e]n80_`t'U8+3)M1<%<Wt<f]r!)3<sfEonQLV1VsGXAPbNJG +%aW(<FlYKkAn("URAM1ZPEH<'!GW#E)d+`Y5:JtT+KN"*]ad\lL*1#$Wfu*%o!-qrsEHLOc3YlJ.RIu"K?PLt+89+<8R4sm(=Yh%X +%-+pQ]\:0`p9N]P,$m_jDOa*0eIL+$uA&=!if1e5FefegRs/pdSm$)._Oq/`m-SP`f6J7<)CCFqe^MYhIQ&TTS9.GfMTJd1=:R$XK +%5E%>A!pb5Z[)V*7-l$Rt)T[;3-BBDl.s&?&`1di:(9,=_cGA8H3t>2q)0AE(lWlJ?/ZOTEfBK4bZGtY^=.PMl.hY.<N#kS@hASY. +%6hZ_qK@$h>99XjUi*;a;PS=uR^T=@`cDFM4/E:q$b^0Z$7O[sH23=[ugEQj@:ji=,A1#")mGMaSn,E#Fr5HGKiNN7Fb9-`JT7?gO +%J,/Otrm),&T7(25['oOts7d]8cTh?N5Q1G>5Q9>CroIL7q=:^rs78JTiU?:&TE"[N4eDRY*rgRlX8Y_Xor;,1Z@&+E$@?@;Cl%X1 +%'%QB6Ys$pLqj;WaZ7R)oaA`<gHWGBH7;A4dI/-5/AI]"Kb.*P[?j8r03A\!:V@N?:8E^RKi(l3ss8HrtE-tcFgGU5Bn#u-`['HC; +%g'tpqd[TP7((L(-cWi(kqn:)#U%iWFaAN,#p>^2?ZgNpDjEXnV,AUs+U&fNqZ=1TA1*QoN9\FiH,UY<Tpo,W6YSMZ?e81e<YA([Z +%_eEVrA6RGW2'62,0fDk0kj3&()APV#84\OA2-KAu/j*0K*FbngWE$O`fn5f"pbE4ar^=)/9@t7Ufked6no?W,D/`YIi7A-d(+t7@ +%?:3@fd^cXL9^iFl"eWh50pbZ=V04,b5$k+,^edVTqn(UHFQo6k!dnLV!GXk*X03+[cDi<i,SK)?liEO;3P_`V"g%uKC52%!D'Y1n +%7C(PmTg8r-j:$H6"'e:W[V9>0Z#W^nZdN0qn.V]3rZ+qgaXEOJ^:#?R[rh\PnJ]:^m9Zg<.UEC=hN\i'#%=0a+ZeN^Hu]9gHe$&\ +%s.[W+3NEDVEfAK;$_cI7+lpauAO&=*0F/n;90I0%:!X_=#X[N-5?p^..TN9e1TJ1LEFBPf]ci;Gl)VFVbuTS5NS]#Qc:#BUd;Tft +%^Af$lM.I::7\f83Wg+M.1j,R/dIA3^qeECHk.<1IAmQ0T?IW&61(B<,dR&g>',]hCG;1'E-FCi%KI"huTge:G`8'<:Bm1N>DqpE2 +%2`%duroSfq<ZMEceO%Z*3UFgYQ1aQKKG9rBr*jFIk/eDM2=OM`?)oak7?Hid([Z$sqe=N?Z/+T!KTd;5jpJtE".W5>pE3_k[79q\ +%poH-+;U'<dh:V.3V<G5\IeimJ'e#LGMo(A).%.G'>4W<b1lGrsO2'(d[i?(2AlJJ_[8\,1,\TX_G$Vrb4"$!un4RqAcdetl^8M)' +%4]nq+/B96*YoW0^SHJpk)i@U[JFAN[51,lE$p.(7UJi#fTN9>Rf;CRb4_hl/E0BmIqpDjN`Ti4hJqY@)M^./dI]oOIF?n\%J4\!j +%Fpu3BPOKriiC/W`D0M#*,D<Gk%RooLa7>o.+"^8%DY]e-4gN&pc=@*880S)oGW,Bs(Fk>0:Mq<0>4Vr;2g1N.K?Hc$_@01@$6M1S +%Hm^J+rsPHi3sFp*5b"X%lE(t*mC2SCY/G&!&.A6b'G3)n0T_p-]?(oa)2Od<M6"1&9NFlA<i[/)%lUh`G.k/l>M:[5gjj,U=_q@K +%5@!0Rb.9]D._qDhO>*q7JLhWTbu;UR.9oc27(Km9KjK.*bt<LOX0#E(pb&V#@8g4_AVR>9VE_*81T"P5#o=.$[TqTl;ln!OYG/*# +%UDWmY-fHU^]b;,.bCR9a67;t81eCdqg8>9$:8IX8Y),^^$?]jko!\*XQ>jkHjr&24GSpe6IP8_rf:It;[1k7b)BsDg27K/iYa9;m +%>d6:s0;R!jOI)Un_W0![?t*@RjPUurSQe*7.OjU?E*U`-5agMm>Bq*b#WcUcff`n211jV.n@U\&"M]10D_2LQDK>uQ"?C5iVa)@E +%0Q#!Qb=l3&c#0Ib',nfE_IZO`5T,=4:f^g\g!q?@@`h^u>0B6DK*/dAo5!;<l5ZkSA&oltp:CLBE6F(T@%.@L-gfl`*G3FoXt-E+ +%&M;?sDqBVR$+s?8Ik!$u7u7g2?$C\jnW1Hb@Jm+aaa]JDbMmMbX7J?3o^,5-q:rsZ@D8DkbKd;@<Ms/$0!jHF%:SW>1t1n6B1]fq +%'/J?Y6(_R<753^LnCh@1;!am3C6;p2PP^/<!QTl(9ofb!\?lHDi7*\Tm[C@1lP%B[k(,6n%LHcY.02q;4Vl%BoJ_VlXd07-SKY/j +%6.PE&A*R79c"'A;R6cpPHG1:AR2Rd[BkrWMkr?"m"3Ca*NRfE,r<l:+&`t<2YXW7Qn(4WeL0$?!kdY=-:^@5`6$tV<UW)31A]OGY +%s5K0\d\]7P8<UiCEW_@nCoCC:4rTfK.+1Zk=n7F5bl[M*(RX\<88OV9>f=Jd.FS$Y^r1#2+"u-kGf"ETG\)ZTpZu5Df!E],/eDt* +%fBQ<!-lJ<ZN]#g'4E[;QLcXoI%Dpf,e7dO?aJQU5[O'-ob2eJ;%#6<8O3fR68C7Ht:,=p=Dfj*h928%l$8mQXS0"1GWN>:'11eph +%Frg5KRE3*S`9VH)M/;^ibV#&T4lGaF^(P_uS`")]_u],j_bOpDr\^BghW2`IR!0'W.66PG+\tbq:#]KG7fqd."%19(mBfK/+`!4. +%Ycb=Pe*7EqD[nd=f9RQYoZGi@qEi7mN2X-4S4L(D)]E`S\IChn%U[O"+GnN:X8B!pQU1Q7iY.=?B(C$/7FJDL:qs[c5CW<@oa"p& +%d/\/4QE:e\^.Ra*R2)>QiJ$WEG#i0si0M+l^ZLKB*LUJ2;d9A9QNNG-A-6CYkGo,pD/[9@UtmeMQac:[Nq6e),FQgraLuo?4IH\j +%_=+XR[^8U)CK_ho2q\j_\*Z,4Vq2"@,:!nne/8Gi?@Z1:Gp=S@;HC;f.g*[kem.M9E8/8%-@G`\6`bB.Gs=N`39's$qo[Qt^IgOZ +%&Y+X3kU(E<es%C_:F=EJ/:kOm&YG]8BI;\Y4Hs7c5NmX$.,]'EYXab*e7-H=@Wl&";fbD4Uc[*ln>GPH&C5*$*7Y_/?J>&g10u?t +%A_WfiJ"h2@MRpC'8NRKL.\RbMp.iPC:?#loH9lHmY2^/,Yj;mRq%cH3_Mj=5cr[iS#C8VOV[q5]YN!TL^-6eHBSZL9Y0A(gG!i]( +%1L[H@e';`Q<'`7JN5VT*+g_eh5&SJd*H8<8@H5B9#qo`LrL0%$@$_[SkrbXm$X9hZCbqsM\D!LN#e2bP7^h[Gs&fg+-$oBLMc)sl +%hrQX+WKV-Tjca:j8WE)Pl6k!+N)7I_R_(:d>aMo7fDK0iL&q[X.k3Sl,Wd>G*On1#A?8+@k^i;odq)#[jln[UK(MSlh$<OuAY;(D +%Jainf"*?Odecl#$5<f2pA#t>GY0K3_EHAYC_sl6q;1+NEc":N#fhK36f8h#^qt[m$:oqg4k3ot/'>CNt@PD5kAU=g>r<1Hk*h>+h +%':V8Vo[UoB]5j4lqB;@a6$AWN+"<h#C%o>6Ud0&u(*rt%\f_"?qgP(GT.G>\^O@_`Gf[gX7`)EmNpCDU)JTNRJPpT?<Y5>EJ"<X/ +%A6bkOgdi`5NQsfa+C$EB++3p5bpHtC3%Ikh"N;1?jdjY*CQBX=4dQeTlEhDN#J*D'8tPU<j2lZs6!!`-']#s32kJ<lJSq=*>rg4< +%gn0XsC>l1'U>-dJ]L[XV=1(%O-r9P#ELL^),1#6D0LYAS"1fr!Z]iPZb<o&(,4?\0g+_)k2<(%)=rsF2T\3$Wd:or08Pe&&i`n%l +%KBY`eJ,rkb*nYWeYP&'#@<=(\fqoUOlL42]1i0-A&_eq7.J1F&fI,X1]4e!4N.421Nr(:?2+0ou+p?.W[h>.kSo7]JWm3_iFg^ei +%fW6r4_jjiZ@HupZ=0bo@Z@$manTK>l8JZ5#+L;kNRAUURVaen(qQUoR,[L$Vks[XJ^&KfO5-JEq0N--^/&56kaF*5$oal>Fd$aE; +%R@`XXX1d_U+<#Q3M9*94iX:tOLJ4i<cT9-pkp:&&",,bpgNu%/(j1\5<Ze@JIBjE?ZMd1BBYk`UWcSKbPic?Aq$>3^[R<($*@4MB +%eeq+Y,$2G#iO'Lc6,rsdRD+/@DN9UZ!&k.4pX=YqH.cF)TBOZTodOZlNn=onC0l--r&8HFU/rZ$k;$I'cnK0fMauSdb*N+t4RJ_6 +%6VgsS/C15!e?OaTjBLl2@PN'`YQEhAjLJjSId-3>_dNV#-'<uWHa(<P85YkX+Q41F@MG4nghFqs_@GY[h2g#=\H-M;3YgGTK'B1% +%8G0ID[49*PQ"-@LX<eOaXL/fcEE7GojSXHP(k.c(&pMGi_P?TolESXqemZ\-8>o4B6t\(!haLJtA?J^k'8b[AS+i?CHrbRARHjb' +%Cla\\=Z/Yj"Wg%Y7neX,\VBhK:l?`i)!1+>O^WDLHYa,-iX9OJRkO5S.q;*+DmC?]O(J1@O=VI76;Ntk+9(kq\Xpab3JNj/#7rTS +%abd"\1AL79G^`\b7^hT1rUIenqff#)RlLdOW6<FKGHoE^,JgZ)6^M:Q?GQg[k&0#q)HDo$MOd]J4?.4i4bh%3@SMJoSF,Qifbkb= +%&2q#^G07P`?bYG8L@1U=p'q"8F*b\aT`Ate*a=rn[=l!a.,6upmjq=mc-RW`F2k!C.X?tYN7`3dgk%X.4"<Pm<FY\f:34+`q:!K6 +%RLql@Y_H)OPoi5,p0<V@UF7(Y/oJ]UN72jYD3bPpeklfm?PXT2%c]T;NID)kj?ENbDZ2^m6<_52J5A@`3E_D77ll[a1?>(D)U,gL +%KPC%[0[hN?Df7NuTTea]45T&[b+aU@;.pFdk^i#86f^7d0,"V.Y+Xe,$93K-%s^4R<iuga2:*q9.mWi0[pO_H^#"D%"EH'j4>]=d +%)@g3H1TFURA=`XmW7kjqk];r?DPj&=4#l$(@;'-^($,KZ/'f%cV`O<?!_0U[GsS#\auB+.RW*A,8KZ6i+k.!^'G9TW@%-9N&8fiR +%gm"on-.hZ#9Z&)4WHSYO#fIOX5uWb%0_p^D.7MRu:fsN8H$;7!lWFJC/]r^BTpsF'=KI,f=aTVGhHT4(V%((Ro=7Lj3V?'ClE9r+ +%3mUtJ$\W(@nL:$pG72sueA+L]FrGVi!RugDCHi\Pf(;U5JkPI2`"+q22_n-cWRZZ9O\O!/0O[l^TuFp'BEZc(Kl(W_^iF#^H*\0# +%iUU0KWH/oUjW_*bBA<=l//&rd5CQ*N7VMgt^53E5[/+4,8Fd,)Ubj9$p)qX(7u4-LY7J8Z(DOKZQr&0J/9^.85,o8Io\GP$4,2W7 +%K^h<s1'MVSaoNc)cFd:p3sV`tIGuGV_l1#R?nQGo$@"%m%%bi!S.:aI.Fi9@VqB4kJJpJ,Ca<HJq,p^`l1V_]oA+SR?Sprfa`=V3 +%"$;7l4TI;Mgfm$NLkI45?tMW^A2<Ho50b[4b#kn/#VGr6[0NEQL2gLSJ$,RHb-=0h?NQU7'+6f5MJ7m%+d$6LS(ie=;p&8-1&,V/ +%2%.\Kc"0+]jj1@OI+KD=P0dJ?*DJJZR9oja+LL8pa<ihf*?R=pQjP5+*0.S#(-gh/#l:l<3BAKn`ccqmbuVNUe)L`=!,"OB+d[k@ +%ilK:&JnS,(Ae[#Hlhcn7mooS8)r`otggVp?X'uY$V.7(`P&h(X<=tB=\%V6k#cCI/V>8T3=[0=s0j(WZprF0>!SnQqYs"G-[l-7D +%[oJ6gI`W=YADJ@Mb$e=<b8UC0]np@Z;'WQ[qM@]2SXP9O<s$_#i=V2MpaWP]e[\e]]/PTDaSe[6%:5L0b?B;dF0dtiQkE=-&%C'; +%<u36F9p]b@K&$>Hg+Fn0YW.VGNL^5mTL-:99J#Za=hi_)mt'i`hE@<kDU3/i??0*AC53&)j-nk2S@7J8P?>&L13qc[^G+oN5U_4p +%Y"h`%p(B_)YZdTf-IGn)&W6#/r0('I7%!qe?+gf'DNZ5OaCbD$`Oap)f]S`^ARh%Y^T<]!ok`%(KhrZ?`NIa`5CT00nta''A4*+] +%5([U[E)AQiOSLRl4Z.m)&EL_'XP^MH#_Te7`QAC>2laODpDl4lios4mEWNqd3,]W-)#G4cPB<`qR$KrsJm'9g&QlXL&qt9>DkN'g +%>Eeeia#'*1RO?$_DciT<>o_*GWBO.$k?OY>F:\pX_*&d#BHVWf\QBF6qSrfYl2&+!5+'642k(s`P*R'*EffCHA-1WQiI!m#,b@<= +%T5D]"rjZ6H6>DYI%Te_sjhP=Kka\M$G^"96df%[K:(+6t-6K\n3<juOio5C,#N*4Xfo@9`[Gi%'Pc/n34KIZAclZ^hj[f%^pq`jT +%?XE1?4h4W5A.*@WI$N?:q%?>fF*41bGm^EQ#sWb=ij3;6\p=2JFdeD>E"k6t4t@^%(X$c/"he=.(D7@FMVD\Cin;Ho19'2J=M.D' +%93D4Ln+Wgm,:J$m^\Fj&PLhm8k^L3"J<!I0_f(">;@Q-+emXZFG&sTK31])nN7f:q^h8[F>ko^krVS.M*0RhtlB=jNp<amGdm@Ag +%^TL?[oOKkP?\.%n_"p:M^%+3IhY5rMmA4C_R[4](NI,upk8$4601*o?+kX4hD7jZ0GIA_.KWW6W?LF2A^<NMgjVbCr-G.,r(C08N +%P91l5OgD>U9pO)7rO2!5T@JI)+s2N\#)7elFmQIG00T(M>MpVR4'Xe["]Bl(3@^YM)lL5hfTdua"kA=V$_4c^+dKcYbJD6$#ZV]$ +%Pk5/"oi=E.&O8CRRrqNP,Wh8P,3>HshOQ-P![l$LW^[+n"6<(qa4HP-FR9Ms8-.>Ij^1j&^b=gQoq4=HB>g4*QZF.0Cd\QW>>aNf +%]E`<[-7cag%;_0#Ai$T+Ak$c&,gULF\3A\3N>+$Fm;$Tu3_qD@4F4f)U:k:K:0=YC'BjuelqeNnn]r2.MR9ZYFDO$qEOQ#foq"XW +%.HGM+ABp2B?f?=UGNkK^neEl-6u^be(%3;9%U?Q'*u"),I=58kB0/*A.H62Z`-,6KlW&R.3Cd&$:MV_:Xn)l'mXrg>OUsoKc8.a> +%YIdJ^W%LCD-oVl+&S>MC;S/oImd6V>2qiDbF+<TSG0c<+FC46T(&StZ"'8+]-Ya;-Y/`Df_E-N]TA+L%):36g"=]CA1(l+dE1_Y: +%^/4#0jYC'09MP7=6l^J?22dekO77&ZW<;"`XElHT/TH.9)WDL_l1SRI:"e+<NkJ?W<0-.I)X(TS2apXg'L0d$jnZUqpRo'<i3FJD +%ER]e(i'E-iI.YPLIXXF!35M?Uj*.\N6Sgec13$BU'81W-1$^HsSqG.#>>4Br4^4ccZ;05Bo4TcHqj2MP-Yf/(bKd2m+,cnCNr\7a +%l=*@6MCe+"0@8_J?ll%kAbr'&\)!Q&/6O`Y)fJcH^fZ)VDUHS:P7>JY&M-p&"t@?XG]l'/V?cqDkR+hnEsB>D^pSK[G"aG.A`nXi +%:4='VS.%h2Tt$'?#Kn\Sj^j#6fc%IQE2p;diQIOp$hnam&L_3&^\B:`0e?/&N;%MD.Rn5A#R*j@Q=fsG)lR(d_niWp^t-i9jEV&Q +%G%$V'H/C?#&ZB#4ZN<9_2lh^9%!0_^!JrR$#*N?!$Z"6ZMLZ3E7EI#"k*>mU<'^QRo6G8I<:<"+dt:tdA]%e)HP!<:+)SsP^5\e. +%m<450&%l2u*4J4Q(eKe@5au'p$hWkb.b4;CWptoXF#r(aY:n(KID1r^:*4AGDYITsLBOrY4aufUV>Ofu"PS_?"Po6Mhn7M+LXg]Q +%kokL7[h=be@`A<"aW!PuRZIiq1JTP8VH2o5EVqgQm'%r;r-eZpNg9:C2I^5$-m=S;>.9Ik]sd;=@8th"*ZKVdH,r,VilfVnE'B34 +%l(c434Y'BF&XaQB9?Y;ll@^AnB$[GqQq]+!LaTfM3a=F=dl)jBU(o%cB*6UeIHeSi(`5TogGaK!J>81'Bl4S6f#B7rjhWu:^enJa +%*=)P$fY\RqNo,+K.QIK6o;&JK.oG=l"Q":q'Wq#/TPc0/Y:e\G=WJE<16QCI#;d-K/EL>g#QoJWEV4WgDL&JMj`KGkZE_tdfRqt^ +%Op">q4$4$t\(j^KrY*Sgp8^H6?QbYW$1i*A+U7%m^!N5>B`,<Y&k!8VcJmR&h&efJr9l]93<n<!P[U.$+*<2p^_a#hVM_r>?HUD> +%HY\X,s0s1I(!Lp1\@D@@nm7si_.7<kd.oBZXuG8KmU7#-0+7Jr?bYtn_7pG)+5R-K(LKPra2cPh5iHm<<:S32G1YLa4p#QudcurX +%Fl58Rc\bGG@e&mRY]tppbS/;lP^GJ>hE`IVOR`u\Qcjjqga[:9kB2BtSu=#P_HNDh4M(^l0V>/F[_9JD+%NYBK=&QMLf?0U^P2pT +%]n*nl(>3t6Te!kDC,H:ip\?Kr[YLkm_]KnsNa[u250m"B<s^((I]"85g%cb*PiY8!fl@)0a,i6halcIsihpg$3m]o0+>i_,EP#?S +%)?fN@F&on_M6V7ha6&**4Z.*Zf@,BGE5[3t-i&1Z?0e.cGF%8c=M?PFU*ZT[5=3\S!U/&_lW2MeF-]P5lQk.XpN+Ot',S3=1]1P= +%?k-h&N994MRB4K.%PY&!6;O3qZ6h3:eZcC%Im.H]Pht$Rn?PGtDaji#Kh4H<LLGIrT,G#?#F/!c+]),_q9aS!"g%3Yr;bWE!!ICE +%cr[XgaE"1&Ie6iXCS9q7<NGVR.S7Tpa:t=`<d)+]L>)aukEH%tb\b=_Kn5T8k4$3&b:0,,J15b!LXfOcI#ScH$KYS[^;b+ZYB^SF +%H9$7K7'K]$hVo:&P#Xqd@`ZXTn?.BaD:]TJ_[#SZbXthIK<TU76XOi`mH^FW"B@_HXN2ELh;OAD5@7HL/>[ImrK&'US1-N'/&F@B +%p1ZNr-JVHL[VRV"F"G@e(AEr>LBM`FBo2DHSkK,m<(*jG0gI_S4sO]n[6"J*35`G>L1kr$Qri"cajQfIN:97FS5S)/O+gC;R5)S; +%_Pk4qkc<<oZt:<7ArnVj1FM(+Eb^eGB1?30]m6@HIB;\d33&KY"4X+!=7%ErPWii%q/r`XVq<2+?pFr54ZEZhW8k1QY!ft:8aIIe +%iMGAp3gQ)1A&r'A##()p4_R)rr7El70^Ncb$abL,$npF[E^)ij\6Z5Em4@7'nHGA%qU]VU/,dV5fR^I640gIHCr"5a3f8O]UL*)) +%03<;WNH.\AF0353<P5ZL3:9?:Tb6Mo1[(7&ObP#LhH[^F-<KP*22kk/#2OtS65s"M%pVlMIk[StY6H\uEP6-iOY_7Fm:BkCW$K$W +%qC+H?h>qOko(s1G)r?,:AWQ<gK8HQe87#/rh4rE]Yk-@ncO0E\m8T]oH!V6^>*98YYE>];;a7NhT[s@;!T)MTY%Uluo<l@;X"`;4 +%'WfV)cEG\["dW"nD#.5%6(KJ2[mG65ouY/,:No]p;s'+".:t7@rLPlblMhJhGoD*i=0HZIe#V!KW5*a"9,+#_2ErF?*YjHMOBn_M +%DQGkd^\7!]0[;*\T(9G9QnmX2T9ke]?U^D+2jl5+MpFGo?lH#;$!6["=BQ9:+?75Cn2^s*_(rrf^afR^?8h*c-NMo+>($J(^"hkO +%OjK*MV'JBbcaAb$lqLq8Xnm,WNPa)?QgcrT)+OATMd\`,LEX:l-/Qb9*&3.?*<S'E%NSo"rim06a/[?FnQa&=S/Rc4.h&1$GZ/V* +%;_:"6.8bH>p,\X!;#OhCs*+;*X?:*;h]NZ0KMblY&SR$_Qg-fcpq9oAQ)p(3jR$9->\f<@pZX@CZ`gKgB6#)kj[2u140XKcC@0TG +%#$U:XUnIk"c.jbJ\/D]:#o8GQTiKmlNNQhI]IXMW^<)\)B(_NU)HirngL98I&Mn3#moIM.lmM1uQpXQG!ntmmFaMV(0_Oc?B2]uS +%4PkN@/`rlC>FlXb0d*+%4XrNH!>%r+aEQ+<:DQ.gTXJ7Zj'a#Lnk'j$!>O];MshaZYQMj%^!K@&6E:.4YYlhuaO\SG*<eTJmAT"` +%0pT/:jiL8BC=/TCd(heVHrf05L6AId/?N:k;A6R(lI"Zd4@[e1bn_s+Hr]Y=.?2rVYlm93)Ul6IlLNAt*dDN&n[;@d5h$_I"-c7, +%%QIAM$tiuX=AX3VG48rD(E,FSp3Tl0:69(!<Eer2Ddd8F\0=po<P1o9V2)(d]iJ98oOuDC2PJa=BkC+b]5u$`(7GmigV2p8Iqq(k +%Mu)\'hl3)Rnh^K$:M@rJ!;PE^N1>+)(5Ea%q`5A2Hlpg@jRFS`\j4m%.\3/5j7D@9;pR:^cV6a";40j`XV1@R@6(Idc)jH,Lja?> +%3V7HtX!50-V/AIW<b'Al>T5F@Me2)H#]*"]"CMoQkWCAN*+VO`aciu]E\PHucDTS/82l_sl[4JnopRe+IfmpZX?fZaO7cU+'AaWR +%mQa.$LPL1A[9K3,ls]Kf'/tQ:(IYl/eTtf%Om"\ob`i/09%rOH/p&#A>NHmJT"un??e[J/"VTUD!d!Dt*h]`T?DN`?@gsQuYXn-& +%A35L2.foN4X-V[2Wku8Q,r6(uA]:i^WB#"A;k2DK:,"qV*5K957@La[W*8FDE&HO1DNclT)'c$jcZUsYmsKSoN[EqEnU1eZp?d+n +%<J-3<#LFLN\0jA]?U!/3qk@XQ4\-B4&0#5&G?P*(*NmSR[AK)UfoqPo"EAQHQ9t?t.H%RW%T,K^JF(-n'&%!fJLL]<*?.(%9K([, +%o;C]&Xk_JF2GeB5Zi/U7/@4afoW6OM@'uPt276i4gQADd4H"k8Z0AD/%l;#e?6q*J[Wg6f7>^*`/e!o(&]MoV#FEX@i'8Y%^YYZ/ +%PBc=-rL0Tj`MIa#W*3*-s4lpo$`<G@E=Xrp*qc_.WFD.64rKbZ:bnp%S.0!s(.KSGJIj/T25XQSdr+qHR1F9F:<t=RS(h?skV36a +%Q*O*4=D]*XJDX:ke\)Dh@<oEC>OnOD"kKrE;4D-tGS_1YFqoi<WhY!KoCZrr$D_W/b&[',[6nrOFZUW"c7@!a\p8^Fk6U+a-![4" +%DQkT5$+DtQg(G\>T&'?V&"N9(<d%]&l(dJ-?;BY7](.8hhGNgPH>,Cj)"n/3EQ"iS-dA,-10?PKV!Y*bmalXih,?e'img.+LLhN# +%kXJB4l#S)n9.[(($!f^20KJDCbUtRd;4o]?aPpX&S0OZmd)i"C?=_Br^75qpb-g*mf0QE(*;K#T!fe*n#4MK.&<c')Ze_iJZK/%l +%Qb%Fm6dOAgQDj>03e-g5%m#\b%\GjmjT51J.SB]3b0T,5D3]Y<VKO]lXo?b(V^>ACm'dl3N*Y;kHp907^6aW<HbO.fqo"H+IAThc +%!Rt0f.cN?]at[<E/TO&QpSu5a6<'OaSDl@tB3h=23`c-*J01c40G-K&2)t(L\MQAe91nVk7$q"p-ku)/baVmlU3=o'9bd-=@^Y5j +%nWTg9WK[FG]-i.aX+\bZjkd=aZ)p35UkK^,KMU/iS9Akd-(S>+NaBD5>rcogDj9I$=*!Sd16'i;09cee=Css(96XM$\0A6@7l%?@ +%F@^^5GD2J"^bH^LL&]qk*/O8M;/J8OOp*:O04sItA;R&nd&gV50^.n]k@6mC\_ADsQWaR,nWghKNqM<5nXr4+gtX7Q3Eq4cBAXp8 +%aU>/$N$qb7"O99[A&BS`2n@L3g+pc,d$qt&,Kkh[E#n6\rY,r&-pH%iVC3cK:GIB:a?/#0<n?lACZ?>$fn*eUD2X'gh]%sA,=T2k +%p.B!s[5r"d94ml1AS%F*YSY7i@Qjk?Wkc/.;@m>GLuJ,204VHXZK/p5QE-%AZLT!iVFEqJ[d[GU]Hr[kcY&e#Wp=,r!gjSfVg80F +%S%H>_'FRHhWC`\q=-[WQmqPQm?I@nYK;fC7<EC?;)3jR5FLTc<H)5=NVl%AGpC,5J6clI*V5bLi<b\8!'`=Jf(LSYB3uPrD<1jUk +%<.Y_NZ#<+D0&JMbV@^<Rd?pfFUskd!(JMPaS-oJeefYWW;B4NIoi,pr]]6>p#"=5KXrN'UgRW3k2W,l'VA)M3.u"PbPP5rQg7De] +%PN*5k#_dA-&aDe_\E\2f]+')h?M8K[oa=paZnJAWANZ`>oChj"_:4T)iaUG4*)"pM91N9ZC#3VS?>q-slhA+SS7EX?OFj(4WY4/j +%f,)ecZj%L)b4/Nd$Q=iIlHuQjpU0)KpIghsG!HhoQjSf,nImab;q\;=o%lYP><g;C_96HS>-F[6jF<un=mj?r]"QlW;Y=r@YMrQA +%UWCZ:k^69b()oVpIH92TG1Uhf>ZXng6ZO<]?e?M1$S+.HCm/l^;OpjK#3#nZ_'7e\oQ17Da,[cGMW2BU-1P[<+S[6>?b,)Gf&hE# +%VXLH^!h!SQh<\(8JR^iQ+mMsgK8L)T/O)K1.Pf6"o).Jb<.XLpJ">PBCnKP9@3`G\a1ae>+_;`>s4h%=j4)o?G(k4*ph]-\e`73K +%?m=F?aW)^mY52]@2n'D_USb*kNLf-&6if3qgH8dILnhECM!B<"H,d2^4$dPuU(@O[Rh_ii%^@JR"U[EaJP[?n[qA4'GlKb1#O1_M +%\)9\N;=FS&mK\3%ieaE8^b5rM6jqA[nHFlKZ?bT0o?6!(W\&(uLsGNP<+=IFLTl/NG/sPb.$]@N:#%:PM0@As\WR\UUJRJcGkP+W +%hSE-0M@`%#Y&&NrOso91`X4Xd)7^j,YMIKB1O,hjCY2Js3QUoY5%;AIB$4:*lBs)b/7!(Tj$5HLTbTl7gaOTFg.re<:e@0Lf\6=O +%Y=X!*muaddh1tN3pbg2FS1)*PG8N-Qn$#lB<a@'YBL)EA^2%+acNQYN-;6aM4iaQ,hLJO-UbIqNI5-R%5VfJ!!"MrW32j*(\Bo$d +%MGf[&Y7Uq4()2YVF]m8jb!:?O+E4T2VX3R+2=O5:SeuJ10T8C\J)+A$*p8V82W.W<h[m>:HtYMq^<<CCjhl.%7_;uMP`IOq;'mA% +%[VkVX`2S7C\l&FlUg^ic;5\3`.e4Zb%5T$0(EQV*MV)Jd9\='Fic'?*p.a]0!9oGYS6aGJ[p%[$HhhjOW[rpgO-X?8P*,95GR0g/ +%NoGLQGtP2"3NsCEe!GJ\&ZblZ.6O&`!cN-1IYspDYHbmaE_D^<U+u:MY]$SVB@!SWGi(80\8;q_6E;^6/L2f@N>*\3c>C!Of;[$T +%G2ZQJ(J"5Jci#TdboIX*jO+QI;gH/mr6V(;!+p;!OSQoIJC+/5bd2u?DD"JL)K@ZfVC-Z.K..LKYAl:!(DsY`L!2O9b5l'XJN[64 +%MW48Sl'*b`o3T=uQnCdKB11W1Pf(;o]dZmO3^kn5HS\^,QT`pS[7Q,e`SC@<'/L[r_aW;@gV*Aq?l)mPf?b5(*j;m%j[6<MXBTTS +%a6hW<cTmFGh'q9mrk1f785__qPPUhATqaP@A0F%3=k6:V\4rF9FfC)!^!?L(mtFrBJu,B_W\Z1XfflHqBQa"<DIASHkOuW"'![Is +%+'>6\6=Jp:3ej?epjK8a[ah=\8g5qVYi"Ta0sP`=fm0K@R<#`T)4'\:?B&jFDC4C#@$P5].k8W>k2d((;2*[1Du4F<;#WadD7nD/ +%dH0El1b2>[=DfA9TTWa-r:`rSRKT;P1Q:l=1&[1.CF%a[(*cPG5uNu#b6u1C!gW&[Y^S?(caBF<*5R$Pc=rqRC7I4ZMUO&"W4r_E +%eh"=r]i_:ICQs_k^Q40f*HDRii\1V.e)WZ[;66k`2BlG2^1/.6IhVdoV\jLF\ViJ!FRP>J;(SrK28>Y@";Tg(hti&%6nWG.$<*8C +%[N>;s([VXL@=pXq)h^O]>r2#2B$GIr@n]MAOnTcY1C"ct2*F'Pal&4=E3KXjKh0Yt09GAp69#t\P3P)RkTr;O_TT"R@]?EQU=(L5 +%eone1S=:A6,6ES%]sHK_2Ie@$71`&#B"uYh1FHC9Ln7W;%EjVF#p&'Dn7]K7*8!p#DKJKYQG\94YK@pDlEC_F"B8q4rQ>("(ZhZI +%9?bMNE&)UOPC&^chC_,-GFnLD!7Pc%)96=YCJ5AU:64BJ[n^<O#lh3]:'5@CXr1*@X;@!O)aV8]637C^"Ud[N_*+%N[1&RlO)9pY +%X"JKX:KB.:rRJ,b"_D<^o5kTRD0+-VY1P`1eC&d#a8<b7jV:%TXKoeUPLiu%r"sOapd4OD_m0?6=O;]g.=aHBM<a^[j7mJ346,T! +%Yg4\[(nQp;l""TaX8M^^=oQ/&Me]Cg=)&2pn_Co'T]JmD)t?DM&gm8Ae2rJ"S'g-JE96[H2]hX14pWM;8BsjA[W"q8ICLAP@'\J[ +%6#a4*TpfZlRe*[nhn3P'NJ:7CD>b"%hKIM6,s)T`JprLP7f[858!Vu"eh=>r+#_i7+bMTX_%;DL.FEc(!ldS5H@,+g,%>,ShH>%* +%CEs;mF75PY\Z<$A1=o#aXIJ6k/bT.EP5nPs5%JO-KI'FF03,tiPsP:)ZCpX]4M.qooStFGh.I>6=48^dWh3`j.[V.u>?A1FZ,pQd +%7%cW2Q_qFOmLEqTQfRdFW$U^d#V0qhY:8%>$9,dMW*JAF`c3Y.Y<i(`9A\jF(q#!Bb>6@5p)P.)UXr=D=1*u%S[tN](@u&GE,@g8 +%-bh)`/>]Bp>tS18LggQ;M+45bMR%I'(c*sc7GRX.egh_eC')u+6F,>YiX/bi;#*g"!B7'MpB#mY`j,0pW[\h5(C21K5cut"k"I7P +%VtkI3e^'jYh;(i/TPW<;p5iRZdaIlF8<Iu)FCRSlqk>I>_X9>I-A"cuAtm;J4JQUA&F"0$a6aG@`oA[;s%G\QBt*/#>W[MApRG/& +%[hk>t'[aiSC2::a%E9"6Sg&`?U.+.*1r(Xs1K0/Hnn'M%2DCHdb6.ZMnf^Bt[j7.'=c7Hp'Wh8!<L57f(UCT/1T7TfNBM'M-WE%1 +%[G=m7Br,mi^5i!$'F<8-<Tb>_dl&_C:i@X`d$f7D;fmUUn$^;1'Y2J#@"aJNgU]!f%W$#$->*liDgC9KKkeW*#AEkCI?EerD%QqV +%6-6p?FN'!5Z_iFLHD,a"^Oo0ETZti4I5CGU/l76ZXr>)^+];Z_La-3H(W+8%BD-/TmW#H/,4WpBBZP,r.+GCMncSgUd[ul&1kd^k +%?kiD(g';D)V?Ml6m/_b;N80Z+#aJGYpk-+R`m$^eM]HA(9kAY04adTIAHacjKei1j]pr8D4.X8@0lE$&Q+OD)'?)e)`C"C<?6m5Z +%rC2@I?:5pkli6Xhiu691iZp/#98DC#U..[J[s").8S\YfSE+bor-aH_%_EZV:!D#\`3:JLrDIGFhA&ihUqkrfhH9B_0$)tF9&'G; +%5jVG3.kg^DXDsV<9K;/YX&j'KF@@B)VSEgQ;6Z:;;BnH=63kGf!ArQUFmAB7PX5KLHj?(nb(/criL4aJ0_6.+_$55!%48r,^(h5C +%"g5VT6?5um4%3)."B6q2U,&X9GYnh#D#-jo9Jnj`3XuAU"^@Ein2\V9egpC$CnmMIAOS];aV&s6e4%W_?R`pt"95k=7qG*kOGnkB +%GF@&8?]?+=IJkVe]ul6201FL!QSJM&K4Wl0\aXO[;KE(sEq*AX9:.Z(oNRM6gBDg1D]hk[*ZaM.7#Sgsod`\K'X%mE;Aun46T[7V +%1UoXc!'9"Oerb*K*%5l$3luX5QALP-[r=S\M@i6U45Y!mqtmJ!rh`dZ,0`^3VbM#EloPP'1U8DFZKs:5jJ1(]AHjiAbTI<JDNu.U +%BZmp;Z<:abQI4I.3p#U"7P>BpSRiJ(Jj>;V.pe:@F_.E@A9Stbi/)Om1FB*gkFsrl#)G99LPR_9@-pRKLpC)g!^n*t5ac@lFk^JD +%_B[Gu0WHc--)YpiQ*Nhafk)6onO!p%Kp\rI@IDOKh97[>?4E8"SRqm'1OR>!LQo/IOCa_>;:)rW01$9o3L[B@M-7<W_QZX4V5i"! +%'-F_J>3',[\[tal/X2M:.+SVN3$Jbc9*p&P!]Ni'^EMcH%E=$cd#,N2$[/N7'm=G^s4<Nf.podN@UW&23kU]%1:]u%d3M\U')AbY +%I]6l-'jtXaY&#Q3'Ri]cJqeG7%0?W:i@nW%3\OR=*)kcJo*Q78]&bd?jrTtA6X6+m^`E!.ndJ.QF_b6RGM?e?7Q<XJ)TU__XqWHE +%h(nnRhL*krL51'0FIk!Yf=Z7rXr@p+pOJSUPi#p)9%+STXkE4BEi3)#d4b)SbrBqMq\p3]5EB$Hq4!WI\0Vh<HLEm7@=eStf1#QC +%IGoGUq^)B)Cs#B?j)r[t&0uG6F+5cFnB.oeTMo(EjS**s?%NM0=3dpR<<kjR1S$:KKfBh=KL::92/<BMhZrCB,$FU>72'fjVt(4M +%^7RLhc^^+Ef&Os2a:]kl/FY[CVl)ZXgMe'.a`cV21i%$NaJO];M(7SOddLE@Pr`+q6N#V++l3je]X8N4-n/+Cr7ZP?`se[1(>R@h +%S@NG=aXZ0l&dL(2jgM!@=)QEhEqbePA((2?C2EbFm7Rdt@FkuX^"tu?<sGeL`FAN;1L*$s*:b^QQ1ut8eCdAbf&$k^[b6?uW2^RV +%$KW%#TODQ;4TSHab-;WC(@o:%0X#)I'5]1+bS:F2SjlZ'A0ukGKu+XDXAK2U13kOZY\P+"TK:\\Q;doURVUEo126V=,F]BWJETO# +%,#l0s,:[I)kTk6!C3-p_V7+`e0!U:WUThDWXV>6h[jS]'2003mNn\/D62JRS?jZO<>U`"65'HB8\\mZ4(s_f?<)FHW+'/]\_r/8# +%RKD`=n%`c*roJHaH0(sYS*W2L192Yn@f`(Q3O!mln/'&!Et)jZ$Yf[/`MA;t7LI8]5pR*U/*B_:9<h25g-<E$j1I*+IMo!3@B0>i +%cuO@Aq1c#t3Rhq&oFq"0d>pR(?umkPDPo4km7,\dmLY0B1^c=6UI06#2[XPPGM\iUgLN^beoW-]`JPnbfYk*qhsGfF\kp-2BCZck +%jXeOAS8Q"bP[(Q0n)AL\52?-bW;[.3&3#IZ>=33cXjD8A:gWbpbfm^iM0,61r<M_^E9:*.(RR;?jq<cT'KsacaK<LA?0W(T#WQOF +%<lMVLl:iBs\;%Ysh(0qN7.n?a8+9oi[cI/#rmYFJdf35FWrZ\U*r&ZK_.Cp^(/d]8G`#M]%bQ1!_Qm1>F,mt!MEopuk?Yf>K6gl? +%(q2W0R.TjL$f\F9>W5W)oiUcfm0Sm7booK]j=[<3D=.=J-_f1b4?^(2-"#L1)f#OLh,UqJ9V864K0._s0J;Ki=sUIkT:ZaV:>p3[ +%n=ZI/oj&M"j/J&1`3pthCQE-f[ntEg2o)GcpK@?=OnZ(cI7ZT&;KC'CgD66#'W9,+Wr&A,Y;'o$7A_ii<h`%-CBTaC]F3k(7aRoO +%O0.k'/t.,HF;%Xf(_]?(Ae82&QbPlUZgI?o;*]D]+Fu[X2"/N?O!n64.gfECO-3*LS(s$rcj79E&uoORHq6;4'XX?e5l'(n(qW^S +%%2s:X8&dN'kd:gJ/`q*&>GmFXfp7)cm)Z*[Pt7=gZ#paiA_5j=D4p]TQ`gY8nGkqZKiFedmL3!F*&3Sef9`^!c!<T&LXO[WM>i`< +%KLk.#fq22Npcg@`]/XKJlP6=dl#09R(R&VhD@.;k4`3M\o<q!pE?K:Z-tf2DW1-\aAa[9c<_&9)RVVT]Q6[Wbf'S\N&rC^lcL,Kq +%XYF0+194Kp((%F@3EJbVp7d:42]97nW$R!3DBci09+MH0C2c8k.X![5UFXWs!Id,&Ja!O-m?DbCMI&'I[])DkBUa$SmE_9U5dS5P +%HXE@(;S0[&>oCge`$nGkC:jS4(F^q(#NXYI9^2?VGs<3#ogO'13S27":R0"(jXhL`UAL.dI-RE.e4e.2o"4>e'Doi0%S6FSk:h@" +%O."K#CdT"WI8!`3;s`l0P$QH],A6[p2EA.;@,u_$a<IF_h(,#U7$sh=1sqZlQf6OK[d@(=,]eX6ds5B^M]<@7hVbk\:Km8%("l77 +%1ogDu9m/QVj&"pJ(8*r4+C7c!'\k^X\OS711NR/<!$2B]%F;2![Q"H/;!3q_[O6k<TSF!?iGC3u[A-&@0%\gh1p1#$mgt*QC7N.F +%Lr)#b^NLo/qpTKR^A)i=o,;n<)N'ck@D1IsF\(*/j]U^[IGqAVhJXpd=O+Xf37W4C]6QL(6,rZR9l6dpC=4)p(6PBi]mEfE"OESB +%&\2ttos]f(@99]bV+jrDl_T?n.<t$dMd^,5;FJE#9%!E)A]QuO?*3k`@qdttA(hs[ll#$H"pSrE]hMSp]m3'cI0F:;:\>Y"Fc_i8 +%,7Q?'>D^8A!.Q=[Z?0g4Cth&HCL4Qd4#NP5S/h5.muPb:\0ORScPg>P*#qi)EE&*:MAYMG,oVX-YeL^k\6TGS,GfpI>#r26Km)ee +%92u,DGK^Z5/HL*[ZHQ;%n972h@>XKFma^$3W@)-^$=^9oG@"H;4*Q^FDYDg.[o-+G@G`SHGDNINU+gK,C6*(Q'qE[7Dl]nBnVQr3 +%5_:M',\`,)?Tjj"#LG6q4(r@06GU#m/DZPR<JS%R%:G($p#u8-`:!A8kL+Q3oiU!)dKOrtDLfeD)k`t7D1*q-adoS*%[Ei"2I/7B +%\c#WHZ(C4Y:30T"-[4o[8lSY'Rb3:]=ec`-0Ui<!J_#6i=7jnQ'g,)VFXr[X9+=CU*5\mc8fFecZXp%L;%*B20864e)5qSi9<uKQ +%e^gQ-fagp0jS7-#.l-O!)!)a!-#i/0q=RZ\ECG2qIXe<FJeSC3L^`%N.484(Fm;MRih'+T/%R050oo$L(/g@ko<,f\(V?nmb]j6T +%:1Rp#-Kle0*V9?di=e/bbU@]=?*gW%Zf5+ae^5=i'%r=gQgLQ#m&j;k-DnpE@9?d#Yar4>Wb'R(U4dqSJT\-Ibr9YBn2nkt25K'! +%\N9PVis$XYTcC_M[T*%#$/d@^]Kln+\'P'jr]<BGG5l^F6qE%dHrMqO.REa3ME)hB7EhPq[D&h00d4"Z#6Y-.V&%j?#T0HLcRYe= +%$uF$jh?#&D"#Q9'e$Zee28OIbefh)"6;<;U,7Mp6A>E#r\"UH9g2q<>)9W%WB8IP#O%jDT-WmiCJH:CiOQFWtXb]sd<6^"?eJ<U] +%JU+a$'UlLJXl:5oMYF!'IL!l`LiLrhfsqcsl!(YSW`8]S%4?#Q;U0AQ*t/D1CVoZm6K0N#]P_t'"5R$QU,r+WHb[fJ@qE'#Z%H`p +%aXmnZDf<J/6EqDKgr#<5<6K%D@*;keQ))i5,/50gibiV`Kasu"&)nh!:5$k$X1\m0$JsC]p:^(U2Sc/[;H5<Df!#4a+u`obLT^)[ +%$e60Qk#/_>6n9ge5;KMQ8k@?)j^P%^HZ`+k8E+)jl7GThh:_T48R8SS[cMdQ4K8(ZP6o)#9Xh0EK/%_2(9=UN^?Hl8lJ6du264kL +%3`d-<<['a`58004Bc`qQ`e-]0?nl)*`ia:(M=N@#WUBskj;S?VrARrP)F-I:-\]1gW0h_agaqK5`]5:E?JDb"3u;9]bb`q$U6'*] +%e9L($IZ$oYmD."M*%qmfmtsn!@I.^?[qd'b^6d!SXf<o0-]d-.d0SQT"c,C0@Ufig@C1d],G^,"a=2*&J*iZW*_KA%]1%k95$c$r +%NADFkc&K'>cdBIn\5gHTkCu:';&5'V%7Rac:%;VuF8-"?^-_D:mZoU97[c`$T5MSO>Ep+7GDp3.X=5R9M\3BC/)b?.\M#SK>jk7A +%e#=pAs8"QZrDH)<?M^$5Z7Cmd%XYt?Gq%S=Q**!<m8"<]&!^r=3TqRW91a(!V3(D,eg7bdQnWVb%>?Nj\W<<c!`'V[57EVWbck0l +%DPZ.R2f$gGg3%0'9Cl,)+p^l'P+tOfQfJI!oVC>0=!pZ.F8tNGld%-WS/JX7n_:a;8?%P"hbuqr]U`Nf!="EAV$9j$H*W8u8m:ss +%;5Pj7oK<R-ld8Fi0F*`Pr[fTOeVgXp^1O]n)p1tq;&'ZVT;^I<!`S8+1J>Ff*NEH!1&?>O\].<r!3o,gnAtN4U:<cp8!J*!N9PIr +%EjE2>lO%p>C6`f#O!Ib*,K4Uf2&+';h6afD`_X:e6PUi4fT;sOijLm_W8*>&G'Q1+Ql=7p_T!-2*r?mf-F$bUnPY`7[KP!@\)'LA +%cE;<,%T[6M\K_;f.J/F9V:$&Y!7Ck/6SKT_X^ZVjbK]'cIN]IKAc@oA=ti4&:jYikp3XAD*U\5TCKp1()PG.-+Vm]e3='i@U^f9X +%dR!*Ih_Sd*gD&X:)mnht>s=@Zb.G6&eY4,3*<ZV4f+Pjb4&XL:eHh9r3Rd&gfJm8iKGO,X\OA4$6JcE)c=^V2Cf/7-\]intaE?oT +%k`I6:VO")*o''(dLH]V$ZH*Hfht"Lu1\ImP9"JmGRm(^Y!B'na+,`9+(?bIP2No_QF[&,S_u$!:apt?*mFsMWpjGarBN"L8ab6#p +%04$,o-2>'`eG6s"%eZPF*TE;,,ch#QXt-[jAClc&<&7-CDoV9VqLI"sqgr$b_gX5;j<mO`^2C*Sp9W'SH&G4>2gsO(\Xp&F=EFO! +%@8q0UIb1c-MS$PD[4luO&$U16b.OJ?64X(o\,qFI5j?[hFa#LnlA@pdN=`9O]tnB/o]_'pBW`Rk^_MS&^-@PkJSYF47lMOs-`:U3 +%.UK4['o9J8np,$t4@<6%-A<%#gQL:Bm@JuI)(>o.Cf%4b+tp^eKZ$QoQn4:6n0"4<WqJ\U(Gd<5.lFP]^Ms84*F&<5,D@Hc>@>l= +%oj/XG*U@::SbL^1Gjj37ZgaBpK:3/\7ha)d5PJ)8>OTIf2Esjj%t/[%OL[e=@.j#XpL^Rg%YQRYf\)B`f5ck2\2)X`D91$fDteCJ +%"`M.bnX*bqgE61GU:NfuJY&W$R[r?pjQnKP)oM&\WVSKa7ON[9WKENF)`GL.L/U6]PaG)Z?$./'.tOc:h8j&@hAiMt`q0/cX4c6t +%lb7[GQ['m5qB]4jk("kaIK`3GhHHP=`)SJ'<a@Z\B&D-(+PG5LRn*]li7i7gg&9Y,M.doJm&:L"/PIas`/dQVna<)/feu*thc,C_ +%^5*hbA.J5^0H*)XXnIaK1)e/m3Hi#'Ffb;(VeU++GC$lN>@d*lgbsY^UOrFV!L9*3._"WHNs8ZrluHNd1q3h/\+@,eD_$1k)EU#l +%l9f1;jP7uC*SJrp_f]7Sp;u\JS$H8MV<md:'!-V<Zrhbe>gT&^*oDp^IZ#aOaMm/1L<e_LDOs#)qhT]pg^67+1K<aU>E6S'AnAVF +%m_Km"UA!D@PNX7$!$-4*34#e(YDBC9g(:7lFX8^5rPis"2>32iO[!LprPcp[>rmKlTL+fT/CAgH6d%b7`/GRsG++7s`q)gF_"IPE +%*1Ghu);K5q/'*T6'LqoMU;%N,d<Hhn&(P(fF^TXmYjo7Q-g\*<1h$rlNX\6C8r*!FA(b_E\)a5t.H<%A=G*8hIfc07F,0?='$UNp +%;?W!WHtGoYfDo^f0Rjc1o[=blIG7dB+.<Be!e892:!Js41F"o"]?RBr=K52THZk@&1"EHd"`_cOj/b-*hXEHJ8`+odFTYW)<E(j9 +%h,.08/b3ejfTG!E;<g$iIO9RX$c"TdKmm8-mHL+BYbEju7l!hNmjg*!P]X,W8AYY4G4[u+[tD<BONVK35((_Yc`1DHUlk$XSSS&1 +%IcZk7keLeZ,o9H#mNBrjN9F2c3uY2dQiu"TRrgUh)o3Q\\%]trEKFHEalO5m3n-@D$V7!!Wdi(-e-*%\C7U4pf>B\;iUjmD]P9B; +%1Su>)lkt<\Rh4T)-`HPh10%aA2=eJ.D,ZI]r(^aZ%_)RdQ:>-ioQ%qe>\`b1#!`[U^;qjqh\A$3)X"\b&'EHq[T9I*o1]b\J\/6T +%pAPKaY`s;mek9uGb@\5j+CH%31!?\a$t1SO+o1:Ado(cO18&!S'"qDR"3EkHo1BV'/O:CHoPr`l=Q;GKqcb\a[a-6n-hS)<VjL<u +%.*uXX*I%l(l.;qoODeeAih5Fn>%/$KUgS]f9tW@nJQUrJ0`ZkV+fe1k];/Z2iq?k`=!N'SqWuA<MWYGQZ:HF6_&b,kef8#!X'_hd +%8C>Jt`f1L0/S!!AphEZ1m'`Y#]dJgsJB3cL->cpa8<3=MJWpieF?N0b[lL\BQ+#c5C+8,Qilio%kZ^37g?`g7p+09crP8N;91r5Y +%b\S&P]#I@jU26BYG*>n445bnGgaS"Q_?DM:?HTsFlkZ9NF.<OsW*ZdNX0Y751T^gla'^k0S[[fKlK6>Kn>lUjX?*sNPc4@sUq!=9 +%(1uH*eOe];%Xj73>K$W*`C6AG".P\JI_sI,COu8fE5t/)&"83sCn[T\[f1p`\Q,q>L#k8-E4GL$jQa45JI,l;fIWj'2K).t"X\B@ +%4?G$(Wq=mkDG&?^cB'+9JRp_:5k#M_^Sq,0V7`!JnO)H_>8?r=.;4M0`7<-Q$<na&Ne+%&E>>7o?%AtS8aL5I$HS/hAT#Jb:%4c6 +%YHZ:k<^7e;\o-E>W:_KY[Zl&YBD!5,>>Ff;4P5%:;2%G+<m2:d#F/6Sg=:JN+N6Np$KB[fo`uLt[$s54[9Ntf5`#,=JOpXPfrejJ +%^HU!1#$gfP9&<KNKF(]N3RaYU3SYDHCH[QU]8$VlP"L6U'\V5H68/\YAB(QWmaeFN"ucEYDRU)rOQiVJ2M/BB,2Z:FGcL'F%Cu:4 +%G$:9+*`<Lf_rX)ti:^ibBA-?:^[ID6h-KQ:,3(`6&)e2uf06nC/M@=G.-RJ'+Z*D_mGJd90L*:!R`&u7^"`)p\uCdZRDF3:5e?.` +%G%#2G2n>o3D>ZX>YoufjltO[IiI8LU>`"(CiG!/;Z]8nuR3i5`#nD'HQl_u0,>*<j8,%h1ehO9dAj2.g[II2\nSUa_d+D7n\f"#K +%+h4h>*?/6c94S?#NL,l0n&fE<Yg^s*jJRts[;QsS,FY5,7CM$/.RLe9],o4@&"2O!Nk7h_C(\\79COjEktG,]]':HP'uV.W7-r,A +%cM<H"cGPJ/\LDPf+u_@1apjFLgR<\%oZC2[[-M<<N*ltA'#Hb0HJ3KDMC.$il0m.2d/YZOIBoMr::SG%l?jR"TAge]dCl4uZGa/N +%Pk=16=*%d>qH`2U,$TM0Wi;GF3DJV8k_'jB0g+k()/a&(^TGj5G3b/(DS3>+XW)S+hSUWphPJ3lgZcJOG[qr?9?Wu5<SBu\M>t-N +%a^kXJYf#FrZ,nDGGB*6oIk$4#c4ZngmYe$YZ9g,!+>Eo>Q)D66RtanEno;$`Q`X`FiBG&e'-N=[df<;$kYVjD46^\%a<j`bA5Lu3 +%h0oIQ2AE#6pb\a$,IbK1[YsW*$?+bFg)F.WH8EtlC09Xc\rNN7[OTlU+3'78Mgj)3"c9,UArBiii""=o(ehW%?W-i^<(M(`2tb`4 +%X_'I(5^>\aK"=,0l9,6Vo18beia`BPb=E@,*nqls37cGoKu+orkSE]hM%:*@c#/O%jqZFVTm`3F=+A%RLg/9NXQ+;J:A#AJ.Gcs_ +%`hLgdh=XJ7FC2Qn4*QIpSQ>bD0]ni-jSuCamWY=IbuTfsd[Ro5/<XTQUYpRfVLINGYjUA]`#>J<e"SRo?-B%T[9<nPai,`>]j]CV +%IRbqo\a1Xi_'N,84dUI>eJnOkef.?=)B&)X<4f4S6,K#"doCX]EX%2lX#Gf+$`6/jQB!;GM<bW8A6r/3;(>5[F2dr[+XDaBdaG8S +%e3.HC2\pK@Jl*.uFZYX7oOBAZ56V:d$Im-M<qZ"SCU`oD=MCmK]i'riDlIObjU3aH,Q"N?L5TMSk@iS3DOAu^;Nmcm.J+,2OgQ1q +%dMh,)n%l'!g)>ei1;5tdh@W!:ncld<U9Err0'sFDqhi/u2kg45]YASE;%<D?AC+dG^HfTCd%tQn$#[L85?KC[48Fs_Cs[gQpoOOs +%1WPu>CKRQcom<G:ZIc6#r=J?gI``6I2G7_!8!M?H!bHJ]kd9.AXg#0:%Ga(E1e8&7>#j!?U`inLk4QDO@(e.tW7HYrE<ED!lR/uh +%o`:K8Ro2/fY.`m'BKrdmBM'r^(4:d?B>9;2)c/C3<@L'L:mG7L?->,Eo/;+@;&I(]N%4-hZ9,_NOI5;^:I/P<XZ8Y<NWHH@hj?(? +%<_T>Y[C0\[D0?H;!&sp\?eu42VKq8K"^'SL[<iFpIib88CCR&ea;]KTB(Vtg2naaM6Jpb1i`7n;hS)omEK7AIY5pE7R2uFYArIA# +%W7ki_`]E0Zg5:i3`si5T31`c<;DXB>1G24%hs2'1Gl$h5#EUY<0()lgWJJ*<<3l3ugni"B(Z2mg01.JOs)_a4]-GIRe]`f%!.re+ +%U0$LL4uk?'<<:FJduL4nFt;8#U7F4KDmP7&^NF=n0qu:8I:P^GNd0NRb&SnTeICkfd%c71RKL8o"H6,d[Q&p.\du4m<>ElFi,9PL +%4!Om4c'uihj5*e6I]>=:YrHo0c8?2QA\'&p*b):l<#BZ=K"+`tkTP)I[GFrXa5Q3`#,kZ1$88H<6D:9+*QhVB[m2ZZp?7OF><".1 +%g7/"^YhdI2^#/[;3:Z#rk"l'hXL]:E=%i0+h,:NTFR`"JgW_ukhE%CdN1nbd`c(&;12+`.n5h)hRNBB[jMq5dK4ZQLe[ll$SasAA +%A^U]5R"q]N:s@-@649)n9T\6Po(tDKmrq#e,->&lA1j,7X9BfjAW1aFL#1<gP2E&rQCPT>Rc]ZSd1P'[iGZL)4mjM"+pp=2$+DY, +%Ri$]U2][u^V1"8Sm#B8PTAMVY3+k&<=_U@aeP[VpP$'7"lW[*(AsuO-Xe)J$Y\U!l.AWbsLbarthTT4&4H0=@%\PEC@p:=ZN%k5f +%#Q#7di.3n`:[^i[5Wh:g`DT3082&&so<[j8Hp<\:2j/AKQ[5]!8dMMG`>2nGLJ-q3[00BZKH6EWmoq>BDi];K@(^2PB>H6M\cDgG +%YK6%&V&Ji[]DE/)BYV/>#LMc<.bp!Ief)L0VUMc>I4P74[Gu;kcNh_HO?*&.7JTg1[Rr5Q-YH(QE48mt%(Q91`8N;A$/s<VQe9P3 +%#1ssfhJ_b-gbDWTd$S]"mT:aL.qJ<XH?sSsoBun'M[kRY;:RAW`f2pg8?f>1#Q`e4&TkJDoMLg(KD->6*?/"!.8<%7Y?M%4#&u6k +%9\\)@"d"udHlmun>?^7!&>uC8(QR.b,C%U=h0e!pqL0JR\%Vp\FQ"bJ[F(Vk57OnGL4-n/K_4!51bn!3;oi$<"=n"LEmP`^#MBJR +%T@h*CBqal-\pK&1(g5:U>%@o(h2'B8!SMo?QCh("[gjCL`VlHTA1c"DWdrV3'3QjOAhG5-l`$HDkHX]A1\s]paD?>SMj_Of'<U%, +%qZKd`AiXEOXdAIX8C%C^i;`.5T'plrq'bs)-l\b"CM&U:2B(H-A^S.Y6=XECh/-'[5RKe_C*>M!:h8>HV</CTh7t,GZP;rhmEX5U +%U@2,aDi+IlMd2BWY#1I'oM#KOVlsIB[?j7d2D2W31oso4[t@6dSR>Ksa`5Ytp+Z&oM1N'N=[[6S'Hg*tJFCd<X\.T0M6hc"XsbEL +%3u<-t,i0133M*a8E13JW=r8@PRmYSs_D)"pLsbNH2F0QCLa1['#%g#ENO\j#0k^-9qIs\'L-k9@-L)ft9Q)dH5*u@)2G&G#Q?s3t +%,iW[g1cG1Z9$-Y\2`IuV!W'#UWH$>'Ld&f#YIP9*4+mc-^TolY%,C"B'Bmj#7fK&`D0BP'e(S\PF6e@(Z,NCUGN722WpFV(C?6X! +%"HB51p[mrkq?RB0ErtSSH[BGc,PoCn-%aM"nOE0.c\$V+GIlGEB&5^kUX:H3i"gpJAI;/A0e6V1hRq_ENK7p[E;K/s)AMV4hB\Ol +%`V89i&T;37`2Y0eogU-Z(\/@]8ed-sRkE'*J2Y#_"MTcMQG6sEYr_"Dq"$T/H?4L/ek%;l7FJZja]0n9CXWX8(l_"/qnI;m5pc%B +%CXu\=G$+]khX<_=AkYp5\o*=&M@HD-"T4fkFg>k_RX[O3nNG_5;s:Zk/1n!55qLq0UhV@2iR_rNHUVOq+e8KHG>T*fA2YUE"Kb>/ +%mt0p37=kS$g:P9.$A)a;DcPare8=:F!VW>f1pCR$:%4fM(Rn;0,`G@i/ncGXFp`P;9BofPU1JCb!Rhd`_5@P87qRO0:)UiMIOOI1 +%Q$W&AgGB+n6IYFk65IaY6sdZf6$'.(0&CJ2G?/TWllh&U%-:LR2LXc=Hg<*pFn/;8Egt3herFqD&CUs!QB25Ed/p8G<>cJm;M_&@ +%l%&GW_7ngpVD#bOo"Ai&3Vr/K3cE8PltT%HRFtRrAM.b<1Cnm:jCclT0^(bdrReThMg^!L,p0o$F"L[;FcaGh@!r7IoR0uX^(thi +%!A)D!c%6-0i)F-L^Gqt0Rq3fh"E7e8W#>j)gURReZ-S]*iuMec1-++G6ci_MU@pma"MGn`aKCpikN8_+^CR(5D99rsG1J[O-1MH4 +%^r&\h6RS(!H\02^(7u8%SF>XGoqTp$3`/CSO!O,9'H!:1KIq4)JO(59l@k,:2bcl"Q-P28m+7!Q#uuf=bfI.['C?!%HpOG6pO9`% +%Nj2-.6m&JHm:\%c(OHZTVUibuoima+^fX8rqeM&V<+]J%(e=qO=A^-sn^GZ`U6F1ErZ.2e&F\;`oU<cF+5W1iXH`MlP:'ufj(0c5 +%*I=&CiB>1kDc7on^pt?Ser*1<@`AgkiruNf"qZ5mX&Frp<%0"'@74*+;kWiH@hLNU:WCs5A$A_iYG'-o)NWVsa#5J%WX6uc$QF_5 +%FDN28B_:'pf!NlYAdqfZdPGD&bJ3qlAn2_1M=e.R4GB-&S<=b2Q=&<&kf),Wo-OPuKJ/$^*m,$0eG%]0Z[uEn5%/h!G5oj+$7@[- +%-$=(W/3JnX%ZqVDY1OXrH8$/*d/_P#_=h3B\oG15[@*EPZ#6%_]?+7Id%/T1I+JVCi+P/].BFbSQQAe#DW/6X?^gAOcG3nqW&Ood +%`d'd9Uq]#FK)5E.j7&Rqol2flQEI'PB2`n@GBYAp$uk]e&2dt!/I/Ukge=Z:RjX^g1U81o%$L'Y6VZ?e":aO)2.(n>mV>X```FoG +%luU)L^K[V^ESG\81r,L]65dB?WYmm>:sl0X7dpA1Y;U?+F%"3R/(@P\\7J"g&_LsVg+S@e@ceQ-7nO0B!7;ra9dJkWg9,Xif)Rs% +%!@WU(@uU]>K/M<7(`N/r.@"#AG'0_ugL@T&$J85rZNV?-\hQii$c4t'0YEm$CQ"_)1S*+>8Z`$4bFS=W%rU_3b`/i!:g2;WBrYrJ +%LOV;,Xa>#b6MW/Fn$:[WG`\?bVtS$c[6ffFHK!bY[1?6j;6;ll$8V<tCE$a?8;j@^JV':=+LNP8#U%Dd!G/_O2<iTC#E*?MArPT3 +%nKP-7S#=VVYhL)D_(Y6t6"'eZn?pTlB\]Y258O,*7=Xd$,=(GZr>ba^G1i,3<L1gg0h*m!T[Li9Wps@\dB?Pk4s<CCe9(_qLQhKT +%\QOGkMK:<>efOMrPGZlr4/ha6-U0jTZ3/\TYaPpB/p'-#hCf78d;R'i@"4rVUGTD1J;.FNhIiWfZo<rh[N*pBV7(.$WQee8n'T88 +%7Ks@[`TX,:qMcq0o7";lqE!`,rD]aH*^fAj$n0fm>_7d#!+1"4g7KHs<?5j[D<aaW^I>*]gMM@sgXXTWd!&.WX(J>qoaO\@[*E\_ +%2STd.4l@o%l1>g<^f%5#+NMr.']=Zh=2S?TO$CtFs.u$PpXu5*&h<!D74,#,rV-&A2aZodpX$E),i;=s/%/kBG=`6i1&Uoo&3ff. +%p$t@@W,T1C0NekO!:OqS&T,1q-Qp0>'+HT+lb7?=je]-$gT;_m2]lFAJ=l7;J(E4L[:a8sbf/WEc8m?hbsA`X5Ac;g:piCZ5EKB; +%);m*>NO12Y<K9!&-*2101[sIdbcWOX4d+po3SB#0NGXAh.JLO8Mk'*6,F)Z`<#]*RX'!?.MsqU6MBEE_b<[N^hL/GU758`<J`\@h +%p+eGJACRb4*9AK8LtSeGQYA94(U?gjB1eSn$@ElSG/+5]TdCU[`5@jCoj1bFMK2d\L7=ZP$Wd'r>RcT`XD<%U\<*W(he/b)5K."\ +%qKuOLYZ+^'eDjY_bI0s>)Rhe?oK1(scba&8&.R'jFtlst#*`&&b%!"o_fN?m2(*3!kZug-%F7$l5[/goM*g7[KWl(.Lqcilc`TMV +%Y2(&Z$Jaq2UZ1)VQ!78CRk':L(W]%cO)H7!;?YKt5SaXfVL[CJ!8h?/!b3C:J2-m/U\j"a>]'Y8:QVK_M`:>>=Ji_tRbWZ1^s<Q5 +%lZOB5gJ^2=gL@E0N6n.Y1jb?f/ksU-NkaJAp=2_kZnDGA5sAsgoFYQ)Ec3*d0Ec!jHRIg4Fg@nT</VYjf`7?sCFNH`=g*kO4""qK +%/9MPKJ!iMj_4N5[W1NM.QT0^d]CuQZ'-!uW$&qr\DR:=g771iVRtnN?f+$C)50+fDVdVEnKXUU?L,g@n9M:g+#C)%S.B<WEoH*%_ +%DAp"3R9.<)/c&-o1WU0;1tV$Zgkc<"+)<7Uh2PDee,-BHZ,KqXDEcB]2m<+9L/OpX?q(EU4W47=bG_";=/\s1s4k)nO.YQ;pAr:1 +%0*Y&#QuOUY:aEQ@7](Sh]`4l73P<pmA:-eV9L@X(%gI*e6d'WRbm\KIbP8+5Wf7TJ)$f_^57Xff/8E#aP-a_oB"]?W)ETLp&9bYX +%<j2if8nO["<kPIK2D39;(rT;uhPFY3FFV%-Gt:n9Gl8]f0UWH?-"*@?%QZ,#;`>>KCq5')b?";'9seJ1eR["$Qa'"iSA(;J="$d] +%4X2a]W]<RZ2B)YX,9)nV]X9qp]R_!g(&UfG0>.Q#W@Dm>P5nT`X/_q+EbUIJ"70c1K\KLX\a/1No]r]8nj7'ZZ8O@NLr,p2hIUe- +%#l2aeU<k?^qNeU!O/hOQ5hR7n?*K[\mreX6q-^pP/sd2#kjJmE/#0+TR+VC7Mmd7l64NHA9>%LH'UaQAY">D?MdgG35)Xn9*0f94 +%l@.W/2kW6:;;\hOZ#6bZ-$<qOTfXiI-@1=8#h+tP&oA(Yr*7'*A[g"S2".T5K!!`i,cR,AG(tI\Z++<#JE_3*r;(?.&<IRkG-8XC +%Dt;)L+`A%#[MY#iL1[%:a[cDXY$:KgYL,Kq!6mX]8*I.eZ#u%`h>dE`[/1Mh%>WT1fFOApRjrs:bG^s'MDVSLfU6)Lkk"\2"$d1X +%e+#/12(&Ptmromu[&_$/GprpTad7;.>g12u,0X+rOI]J:`dJI\]^[g0IkU3gOOh^U':GB!!9F1uM+45!#:X@@P%$:+a`#c@gmO3A +%;FmBV3o.W5I;>HFeuc4-RAD$HN4`U#+V]2>\!dp5Tl=e5?]<K(!Z'D42t6lh8nAc4@\V<rmt'.mnRg'&nW.&VlHB%cci3j/^\PVc +%romef`W&"!h>d&X^]2L7s7?9f+9%>9qnjNTiV1*>nLsq$huD0o5+2H;YC?5X^\de]^]1/1q3UE6^Nf_ODuS4PIt%@ZqBc)\q1&D+ +%5JR3ZIs_.3s78#EVdJ^Bs8+JLpA_jUq0TaIhgG5\k0&VNo?L63hHfY/WA""b[&%,"?Wb'm[Z6<&q"s4t*m?@Yn,2&AobUOP?GF!S +%;#PlMTt&W%o.RlOhsh%gZN8b!ie(i-/RW`jnM)&goNEkboSaB@[8('(\fhS\h<[[X%++"[4+@U*=T>(+8JF+l%*uc70$rtI?L6<d +%A%-QI)r1NZ5(L?CJ+<",j^7rb&-)5crV48prQ!goh=(C80E9MEoOf3e^J<0@s5dVeT7?Y75Q1$-s70fPq3QU$j2XB6r1!`]LVL/g +%s885`nTEg*HMuG;_RniN5$J%ab0@+#B[U^D1Mf\pkAiIu]1ia\A=*h1!HU,,GrP038-W+fd@;XJ)r`LJrTcne?!:Qs!KA[Fd%Bb+ +%:H19[iM@8e7d&:^gE!'Ikf32arckE7]l*K5.?"gUL3_Z3.VK[L"B0#.)YN\2r(5eXVbaPnbjX/1+.(h=_EJeGg54QTqeboi[Ellq +%P<U"7p#6FAqJJC.F[puQK?CiI)UTTaLH.OoXBg0q]nG0`o.LW=:ZPX8e'n?kQs"Vsh)q\af"2=%D=1DAa+N-4@mK_SBc:TgRQS?j +%_<45p[K"7-AqfO/qm\*KjnKr\(Ze[.5AA?UOQM7[15tYr\?U.sg6hjE&qk.O=YVj)h=TO?I]HOt;&)nB)A,<Gfk%8@N7@"5fJJ`^ +%gA?4a+$_d9P-gKu]nf8DYo+"X1+#IrMkf!TQ91'0^#XQGs'"4E`-oBNQXt;D/,]9\JH2<-oNAi7<[M_"jcarWd+#4po-(k,)GY'< +%&G\*-QWoU\c'G;_O^!\\=/n)hMqg!:%E]N*hS9*]^iaU%X82<ki:Q"[R\dj_P9+?[L,HVAMZ`#!gG425WX8I5LAk`,di=6*o_m)M +%#JG[@-hh4G>/B>1d9\^58%kMlDuESW13DpNh@88"A+n6@fs%iC<SK4kbW=6*no'NJH:?PI/dLLXf=*hU9L_6hA*oUhKQ.sh!147H +%3Vb@LFp[9i!109XmE5@\bl,h%O(n*'X1?o$lkaRj,N?M(Uh@3JdflIJ&WK4@eZ,JFEh)S_l+?S!Lj:*Nf?GsuR.KW#<#Ao.(WI=O +%p[E9A'i$it%:J7:ADbUiko&,ZGHXsCR$FU1^sX7a(:T""ipP]!OJk!d^8dO1=R=>R/K2E=<i7tQ'5lnY=`eY"hZpBPgB-bi]"IsF +%<'r)eLuFhm-*%HHN$Se_.a4`3/fp7Uh,o#akoH>7hR-*oD0l8#qt=Nc@>&X>!9fsH1)<E7_g#b\UmB`.Qg3i>]!bgL)FatS\T,%" +%B,.60AZdGCn650^aZHa\rRfY7bcU*;104b*/^/:T[:AJ8^:&%#/sI^nPF)+,#&+Q^efDE_5Mg6[q[Q(H>cIqcDS('80]VY-?.TR2 +%=#L5pV`A'BWh7$ujdQ;!"[e<H*Mi.Z3raT@R^P+iciR]mSHGPWkJm%LHF4+-=PV/:C4OoULY('ohjBTO@.`@<HBfkF]TF%\/Bt3: +%g@+oNI(4eEPN?hfHEK,S>)(@]i/2*UVLFJqdX<"agH&p[7,4-[$QjHq?d$X-04VI2Q]?Shr`&0-]R;QNk_2S<^mEKS"79%R#7#2K +%3':.!I@<PujjQSU_i:5E`<\mt2gaG#R(]i9)dOWj7aHInd;/)jMrX>5L*tluV6S.-pXknR]Z/2PNWFCc3uQdH'B4\XWRYNq3nQPk +%^n9A-f$'/4ZXqsb$G?NXQ%dVV1]#j3".1QsVH`e`GBRD(-lD9sp6rS\+F>8q5;oQ(%;'^Z*e)=JoRG,$QW;E._QgX^913(>hBkRD +%m+AoGp1"D1m%Xo_cFA$O::8i^S;\DRg_M^/FjVdg]uA-ng$onH2kM^N0"tkGI!N6o39Ki$+7Ags<0&i.RC+C/\27EnMKZTG`pNE. +%1bntnj0Wj51GCiQL_S0#Wo3[W%^53n@c%s;Y:c37(>%GmH!6$E-2XpZD;7&F/Le,R4[Mk9hK-=&,Ru+23dP/Hb_@+UERrNbl")]j +%o$hBD*G8@E^6:Cf<WQ,.Q'-*(G.+%]/N&E&]7I-^14#F-4BKH"lN<Na&YbIdM>i"8q8UCjG$o')GRNOu=7U&C8_:oP!Cf@*75nTC +%)Q029NQ.;(iPt,8^]l$1l^56Ba1Z]]=&3hunGTm%]dg)3Tln>4e&d=c>%QJDIbOr2"E?t^f^KP??k,Z_b=lb.6t$BSfuS/N/8V=E +%,@9Nj0:@9u5J)&u9^X1b#u/79qgt9f%2LB:=33i-B5G"Gs2+SLptH_TNAnXZ2!TYYc/Hb6dc9Dt<XU<u06>#IC27H1b*uE96kUYI +%oC0asP<?K?Pbg5fU?1"LfD.C3BG`g%;7-4Hpd$5-eo\K:DKHK^"bCbhJSE3co3$kbgfWWH=gGfc>e3]%M=mZL2]\EWpeuHs'$&a\ +%>j=-H@_)[(7!?<1OY5J+7.C"-^0V+Q@.rH\"m0B''b@g;#?F:>Q%S4!RDj-SCELoeGmoG'B(S8.\Cldm)BWP[8r)*A8Z=EETPsh: +%Z[/-V.?fLQO=\c/>4oiS*`Cc1qA-]jV4@$\PjkpR-q`P3=,<LlDJ[\=b:(U[5;]B,Pujof4@Y`b!qp8Lo:4HP]f5WDDd>GViot'= +%70RQfo.6Blc,/\%)DK>*\W?lFOZNBCB[)'ISHD,]gl:)lI9r:`=k["1^U3'660k(R\N/MS'bbp_$tmR$Hc)4&#,k0nF",.@T[9R[ +%>HQ&F9gj_J[+"-WQcEk`7X_e!j4tcKlSo,;+QJ_;TAP4ii`90G4S1^WUS!G$R/9fiZ@ILm&cVZb&(J"Toa$hbQi4rWjs66m*ujZV +%0o."oiN$T52$XeV?jtuXDVc4V+hLUc4`RDSWhQ^?'s@Z!DD0(`@:HB1ogK(.,*b_!Xd9lt2?d>:B%\DR;]VB@QL<kPVSo+<>442& +%NrA('?(17`P`6OA27%eWCWe$%7W-(<pH#7"r7ZPebh5mSD7]L]9\2O[HgPX>_*5ol",*i^iQkFlj_t00fpYm6:sIXNR8)SkMGb2b +%MEneZgc2'PB%[:_5bHI^<Cb=tcnjmX??'e_L6>H)llMo'm@@@YldD2d;tr(12W:8LiQ%R&HN&SOn+g<fpbpW)05u_0<LG)aT,e+( +%D(u(ahGr6h5CG6_huA^\oWQ$fNa,,kleArP>PC26iT,C-3]o4HKMun9.kN*<;32%.Ph1+hUQ]7i<WpY3TUD.o^`T/1Cb@2#C#l73 +%`fcbQ1g.HYN^ok#NYsG(G'C<u-SUK12OgR^7XK28G>)(Z%9M?O;KBo*),QO<VX*M[Ll%<FKjs1AHjahFhRnfd%LG?TgOMnQ)3]qX +%Am@Ul^Wb8-)b.Ws?D[d;cHAb0DAYHY$'XUbT"):@PtcD1@t&YpfG3h%PB#:/#pW(PDA95_k.WeT*!s*j)=Q1k-USVn8DV`H;/JH" +%VU*$)juHFq[*b3pX&_0lUO]P*DD"ZG!7iFrgNU-t61Z2)*Yt*7JM1M;)9*(R-TCaBE=&&[cK-[(0+'+_93_4,nReCAE4E9?]<`9' +%OaZJ+eo'kYSAN1tR8eCbCfK<ic,Sh=h:7m__J5T7gcu%T%G/=gG2'[AAI6%LAQQHMp+j3!GPo.<]DPR!(c,(Jb)M\TTXne_Y=sQr +%NL=(d`c&X;7i8e>XYD3T;"aO#*Cfci1k=Vcr4rAk`W2?P2r8-!I4"unm,?"Nc1Wmc!-Ct^L1WFe_>4$._KgV+F"R,U?cLgsN&g+! +%!9.V;r7tJ4]*:FW&;SY7M(d/Z1l%sC5.'B&C>s.T;DFHs'MhOYlo<iRW5fQ2ak+e@YYF`6r1"';UL<CWjEjQ3\Y^8IGQHOC%=sr' +%_+<2u-MsRJO^X["+h.CMh'"DZ3P[GUB4XfUKSttp_/dNHh*^5MboL581G)60:m>?G6"Cb\b_VM%bNN8s#4N8%S*T'M=eS4cP_Q<q +%3bVJu)7_%L]0`Zi_811;/(lOkZ5,[n21<rYT.71d!<2e%gNG%b"rNPF!)3XreDag&FTN$1LhJ_/^\cKgiHoR&Gq%O+'3UK9pA=R8 +%ol<A\YFPraCkm,(Y.lT5\$7bkI#/%mY?]lcq)S@TicZ6tJ[Hn%]J?m$p(QAKZZ2,>pZZEcq_>l4B(VLD;&+7iW3[gpq1Zo<N>$)C +%O^8D?E!*Q,@kT+D$eE-ic3V=AT7J5iYamHF^(!,V2m[rm[H^-O*h52#p^S+s&<%)kFQ56!M$&So[Upr/3..(rC[>I3,Q6YGX,6W9 +%LQKM>"E"C>6B;1@bPMG<aif+]N*6%'0p.s^[,Q=PHR@TD[:!1?T-S0d^'JkO?QeQA:kT;?,^=_;$_BkIFUmi!^<bYpbGCt,$>1@/ +%(nL0&p_B#$Y6`.Kkl+M.**!T94VT,K;`Nel>@J25KXkq\E[kDPLWg$%h#5=HhhnW_AmA>si5nP!;"9_<A0(G3CG3>B\!iZsToZR> +%oF>5jSD6Hl2b/]ic](AO^m!5d92iF(,.^%Cm;ah]\6"@;@>rs0_WnXu<NMpgbZ2i;dI>GtmO;6^Z!QC+-1#RgiM5Oc6&u??+lN+j +%\o>e+!Zq:dTX=?sq+K9g9K4HfdY3b=qP>OP7:ohA)>"4G2PV)]%m$T3&Y$-MO4697.e,8@pA&j+Y9$qO[VJ'gLTo\,hP>&=<`0Y* +%NSJE8?()bfgu>dMGr#^CGkdZ,!FOq?[eL7lroXPV?LHil^RRL$O"ZQ$l/?E,q!O2i`,R_]fQeN]WPa2YYkK14alAD-hL1GHom'=t +%DuWT\`T^&V+$YOEl?K0hS:AScnp%/uSA<1oqVb[Dq>_meiPD^Bn3N*6b/(E0n:Hg\BkD7'R'*K1BmN)bn(!PtDFD@tf1";Y9_+UV +%`F$*S]o_.WZZS^SB!.?\9[DMjfouQiQDSot\FCV!l/QsdYk:4#'8H\OiUD+PW")>O_sqq5.Z]AM_ZB[S=MGsD%kbZF>rXk\#9W$> +%F2![?hgRT"[Z<)&YP>UE*Z!%8NL^jFC"8fAp\?mq#TO=?`^;`V&@rjuS7=hV(d&f@X^anF%,[)=hD$E@L6'A?o,*WSL9JWopD=Sd +%"6a7!I14<F&c>##In0r0U_&RNL1=]P0o9mDGT9X,a#(pQlI/W`NCg#OEg7T#)Jth`m@Cmps*I<c_q_J?\rJFUbEUS?hJ/B`U)R&/ +%rET?9/a)2h6n`&ek3>EfH<Uq*H@rdErgpDMa<MkQ5$A^+T^N?GHKJXgZBSM%N3/a]#'5&_f/iI(pNdQ:J>MpXUpjX1*%eC5SL%;m +%2PIj3%CaWs&qe.Ikr+k4R*'H\`[E`p47qM+gF>OLC08(<;NA$k@GH22!liKO,7K=/P2bR.o04#),C@9Xe(@W.)VnR\/il'M"!__? +%:Le!<T9lejpX@C#huiVmIG8U!$.+[,,'B>Sl?LRAiD_jtH3J`^S?i"s8&1(:6eUMi473<mQWqJt#\IE;L[B?Dh5\/Pfha&_]o42g +%"?ke8oZc0!._YE[P^IruGuAenP+%>na_M![1iC=n[6pgjcZ;":X\mK-*WlDn2[hi*_`07i-c8(><qTttk+$-e2(IW8#?,@LFBc<n +%?tqK@1H5gRR@_!U0@B'H'j9*-Ea(2<J=Pu^E5bs/1Ha5B/mst'n4qs.k9]l8M\Q%D-64,8GY&Kt=C]14Sd<@:Hua&D);kD"_eX3U +%B<fJ'0ij0SRsN`%bj7L7^W2KlC-,0N];pXBF_89.hYfcp"ToTI\aWd9)S4=c+i6d1_AkgQct,uQl]"JN"3cB^B$4EMP$+oTH[/s; +%?#+%u;&3WN2UKW\1/Afro)"k+NfImfE_HY8lI+;S!XsMZ-5V0(a]ktcK8n?e=qgt+$s-Bc2#5fWMrl\;i?U,7C-.8RHA$nO/9B]j +%r_Clu)PR["-@R!_Cr1^C69bPSYbpL5[O]EV$n+hrG[_i.FH>itVR[R'A/D`\0L[C:\P?FKZ&;dfJ@i437+"gY=I#6UQ#;Sf2!$5! +%]jd9"T(u$>@8[]-OA!2bm%,=t[80VRf5)o^DI\;/p:/?"3'\X)ef?,g%LT/Gp&p;CJO<%U;bTm_b[n9g7I$'rEs'RlXuU#';MWf\ +%r4c2>2>iJiOc5l9$=hZiFR^)?E2-Za!!/Mj7-@>l!egH,qapJT?9uKg'[45jWp3&dGS-soh=(KKd3g%O;2EIQRk"FWSVsqVik<7b +%n>$*=YW@2[0n'P2qQJcmM:0QE70@c]"i&rS]ZJo;<lBs.JP05b#EQ@:/"=s:NY?%_0i>p7&SES@VN#>XH3O"KL0u6?++G_)GM*]t +%Z+6YGW8F9h4rItL+!>2>62[X2cS^7Ai84nMP:]Qg37E.m0/rL\&L2%)^3^Q9Wb,ijE,K1^lOM<?=:*lj')SM")dS<U88sJ)K4Nn7 +%io\[bG][Q;fsSArn8E:#"Jgk*LkV#<'DY/D5B)G?ME=@*G]4Tfb;RZrd@8h4]eCZE3A'ejcEIsp"f!.sbWdhlR3fQ_q^iLlc'V`% +%j>[Ii3-40o>^Cs5h9,j24A-`S89JoP>2^N1-8St[i*)&G9.ubP3&fuEKlHD7fYU9Q@h18kB;<`/L'qfWAeNNQ+2s0J/1(.B(Qn0P +%JSFt8[Gd>cT0TiVSXIJ=\)j+V2\)K'->N\Wf9V"<ZSS)AH#<Ji2jBQ;i=dcf@T.BhF/3b>Kj2]PCt:,r\3bI%UO'Y_l&3##9V!I; +%a5Z9FFSh@U6k7`/Q,FlRLgk0JVN(>KlM;fXH)l-qMsh*:5UF"YK,C^5lcDGr\D^21!%UEU'<;.;[1$,84eI\Kl&ZV`>l,YO'EZ$o +%*aW1o&A:mNYYc'ok?DIQJ1gKqClXsb-+qH^?8,kd2Q'aa#tM094Im05$U!L0(`L#+AhA')qQW>n"4D^Bl&u/2G;nS<DQ=97hB>N$ +%,BGDbYLm'*^HKAe:j2/aj[m8%BaT:,VnM<th)H(#UH3&m!t:;mm/a^1Fp#S@*EWLThm(-i8WQKWLTc_9T?L.@,W<BjoL.',!8fKu +%g.&)N*k@/e!W\>aM[1]-i"b\0iS:6Cq&^C*+H^T+V6F?2AA`C7&1fNLp=`7dENDpc_V,tg'WG#4Z0V*[O:WHI`o\>=@K6#/gQ$*? +%A.Y^J;:\-J`tWJ?E"mA'...VH!OUhpW9,V]iPn;XQ3CO.WHQTmocZ**5/i]JVM,b#XFl=?F[?r/]e(:\l6#6A.YkOl.`82YgO^&! +%N+<<`Vk$5'Eu]C9ok1rr"5PQeN8=XW%ZPPUOZt'Z;,cDDT.p=oQ[)$iBIVX"":V)M/[@rOL\ATXo$B:4fKl73kVQ18SZg]0kiNW' +%@)0NE?7o;2RFciW%SFDd/rf.1lWAtaJ6?oHT\GfQ_q)2TN$;1Jb:Ls5_Z1/?Lp@kTD.]m2,&D.YP;n0O@0!oI10HqoZ0Vl0aAN6K +%&,e)!H'\O&bo=?*jBKJVnOOO`1f!\ZgKL.Tp]QT66L7Tl#79W(qQNu3!Jt%C6f[blgJVW=X&s#s.k*%R'#0QZ(iT'],j)g+hEeqX +%]@\i5m$7lF4UTpIOU/DUP:srMG%PL_?5e)dM66Pr*I1LQ3V[4A(/oW_YZkF@s-c<S(TN(/(KQmk5Y/':f>,)dH'`73OR_(p[mZW% +%=WHpa:9-FN:dMKB51G)K>1D@KV9%\iJEqj`@qb+%?dnpcZ'3Dr(ime7R.M*GX+X.INnH_%IM4LUH]$7PkD?p[\\NorNP$f<A;pK] +%3KaU+[^6o$f]tI)8o3t++uJbGC2>Wr)n(3Tn/Xt40,M,p0U=o4rq?ZI\e'lC=lX(=5s,Iu8qanPMbj8I;"F\)Wc/mj]*l=6q6`Nk +%+'6`;URb4GkS%[N)SaZ&(*2s`__,QS@_<C2ZGj;B]toSq]uqOWK%!JDPD3FHM^=Ds\IAX&YZO(44&5OPW.pAIe]n_I`%5MsBb.O, +%HKcE9;H;RmZZ8m@NP\4?akApmo+6JbGV0ONB\0BIU/.`!m]LL0`mTB9\j.tKPT-U!:9Gj10G[aJ![]]"(gr4fDe:9jbge#SEj)Ot +%+W#^s53Q-MM<ToA#N_arI)Bg$qWY/+;2VMg;&g!A4*82nIUWCiD7>b40OsO57]B!4(ehD]cJd;+r>97$p5P$4!FF6SPoYfe_[F8^ +%[KVl!j4*!l[LnP5+VmllnE$86#_on3S?=nljI!3q)d&&DbrCuOp%'+)Ui>4ofL`3G13U_#bW$G<*02m2rY?CYWMFu3DQI+s!PJOs +%Zs#T`pGQ3@</l9BiVmcGg_K!cYmj>dVn.N8H!>uZTp>:gjo?(J"'eDkF<c98"47#%BQoL^0DQ4hY(p!B*+#CWg^j__d^Eb=`MQc< +%Ido8<:6H7TYL*"9iW[/"-Gdj_(FN&I=D;baH_X:u5`IhnMHlB3(3j$sS=cu+a0/hE#[Y+;_=4$!co-IglNmd?(/s%$,jNA2C,X=& +%L@u<^4I$J8SZBn\k,PN%Pr_.)5`kl>8U1^6b"K=2-?MFTL?2%M]6/g.QAs"?aV;"Eb8$lAV0]'X]mtdJg)1sP,/D94c'F'K5H=*& +%YGg`i%6q'2'1n3r-IpY^D@cm@j>BZKJ_ZZ-\Qc(@am6#BgDDtEk64p@2poS2UlWkZ=!di.T+#)TdWQr7Bm`;$@M1if7;[*BI?@+j +%4ZA;Nn+?^oe/9^TldE(rEfK[/Vma7g.2js--fD(hq=t@&]7Lr^FHe!bZ>]ut4q7=:DHpZ);Rsf+28i;qZM&NHmPnf0$</90?q)hA +%gtTr?Wp:WsC`2;GS"9m!oeW!+-:e3T7AE\E'$[LmgK-cd#"qR4O`'e,SL%;CU$uk2"sAVV7g.p"$;NLt,^d#!LneZRgPUJ7eP=8s +%R;8.D;9r\3H0?a5g9baT-JlV*:Zafl^O#jo`Fnr*_UsTLGR::pqS6,P;P=H)Tgo2/8@W]d5mj7HU4WJ&904Xp?D`oXmckLWVg2W. +%rB7\g3"G7P]nX2E[P_3hi03g:!J59U]h?c,72<lN<t%k.@51=IXg5VneXIJDiBWV:,;Bbl$R\@:=,@+X$BHAj^N):E*PGE[9LMVJ +%i:=KfV3r5g0)U!PEiLc_^X1ZM67jqfkur8$(V1;..X"Gc!4p(Bkd\JUCOt44<f!=@'O/]KVG37d+^RjBH"Is,fpb\e]8kHlq"l,# +%O<1XbeaHgiC7W@f>8F[K1'@Ls:qP6l(>Go_&?VqIC:@BHeEuO:#6U7u^LM1hfI@q[<\YU+6u"i`n[Cr`*]I"Ac,qM;(g4p3&s">H +%9n-NQV+L&R-nLOEYa]!i^8tS4:!'><GE)Dp2hu@AlWqCfV8YocK%U4?C,KLe.sh8td6ECF+:-5LqLq)JIfC:D!K0YjH7:Q19e8MI +%SJ05hg/Kh>EsJ(p%lGU'b^QkuE12_IB:u$$L9eF&.gk16ODNC8Fn2]&^NX2=48`'en";X%E3H81:\_qY!c',?';*ES)ufgMQI47. +%JPol\Aeela(UGQoUTYSc+$-$R.;M0r</9o4ZA3'%os1=QCcIEb&nb699ugT(@HjYXZ!8@#[(>R_2D1[M(-*TYBh"EI%$h6VU8'gt +%q#hpa2JlRE:CFd5]9-jKL.WbLaX'k@;5k&1eJ*6MN!Y^sT>4p<Mq?CtF81QaZ7YG]e0\;Uk0gbB"t5o:QpaS[;#^+fjFJ6s9dgHD +%m_OR9eL^:fDM]C+C4\1(c7=DB2E54ub7^<+X^5\ig.>[I,-3lQL3W565oG%"e3mt!>/%V:[2-AWe6;cRSno?iiK>+0GbhIL@/(g\ +%NB'6FVAsRb%NmU)6&c-X:5E)%!1.b/S1_Xf`X]d>'$J-LM:CP\PTO7_Q]a_'!t8il@T402&PtbJ\.p/Ap/?kN49j*ZSrj#>KTVPl +%)umk)^/_Aa;h<gc!-RI2AoW'N+d"W:3f.+tBTVMbU&:587HN8O*1tG/A<ibP,1>.BWLO`2mJ[)K^e28<9+/o5;%p0O96h$GFIbJ1 +%%$V%:5asocJ^/Tp<UU(;+,:Fc0ku:GiNSK'\#E0U.H9jb18%'C*=4aA^pXIT<jHSVN2gr\^jVgp]U%8l#.c'F`;)c?#L60*9K+HT +%qKGuZ24@*U<YZJb8s;G(h9>X6-V4anQBmdmGMk#:=<=(O?m5[Yo*Sg1F9&U'q]+kECdCN'"p6]5]pbDX3$u0Yf!SA;Tl[g>W)P/6 +%Zl94J88Q-Oa3c=_KJZ\o^`;[bChiWL3r&RbY"K3q?-<<ND.Z7d6rqL.$pf$NgR"R9PI=^1bKNGe\_24l)Qs#g@;MCKFCSo7jO_W> +%GZ>_%_Dru02d3`ufm7\<b"SA`)F@qG]]&^t3L-'t6bS)b<'lAkE__-@f_L&DT,HH>JC,i54pAndZ0V8uim0AO5qPIEk%?$uOnEqZ +%#9G9FB/YH30j4`qe>o[b1Od\%4<\2ZIX?TX=WJFB)D_^P0Q-'/q'3]MH-L[+4/WLF%14GO3Sm/.E4VL5o0%BQ2hlZp!H]K0bc"-6 +%#>YFd4X$PZl92HL[Ms?C$*52>Lap,jX4:#\`n';aatR1ff;^CP%-&TXM[aQg#AQ[[B_HVto=d6iRpo)=SH.nm_dJfdG["$J1%W-6 +%/-p;+]T@Ag<gP.:W$;>H]pl1!h%g@gAo&l((p!hFH"Ni[m=3T<+`A!IG'X-hSA?GUa8rC@%tD3Z3.W(QfZB<[(25#q=<4$lJZ\Li +%R8O$Z+SC]qB,'^_2lsF$"ZWN4J9DnfTk,U>5_E[O_F3m\0SquhYPSe<q\8,=.Z2&01k8%.dXi&a;'I5)_G7cYTID#Mc+bQ10^oYI +%47o*1W!89i:O-Yt(KVaKQP'RpJ53TUPMhWNr/W)Q;&Ad0f=<b2TJVCf[`l^01_ku1"']Jc/K1goof&>&N'6_`B(U$P:Q*)k)[XKS +%a?<s^Wm#+JgNg-s3"tEdhHs,T]W\H;@t2hh?<@L./aZOG4$7mLiRc[Vk74m`EH@<+1h(ulIT#YV7:hnD$=85.FJM3#:^%hk^^/.L +%+bY=pM9p0T.!K$^Y-")m!.,$^Omi?lTEUIFW:NLfehj^CdY1I>[JFCp$d6tM/M]L*khV*sGf94n!.NBq=#^mHqRALfg\p[)E.rMO +%!e=WN-n%<BYDf0.Tt3PZX3PhaLe-[!g^r7C3/OskdAuXP"*EVS0RtKi`8c"dKt_kT4coKHZQOL8e&ChO`gpQ4'mU$Ph0'$6\6+If +%=_1gY)o,dEpbO_s*]:Gt+^&ZM+R4a9.T/%L;G!$":XWD<ecXRE#5a4fNSi-n#D2YR$_jda`1a8X![[;5pjWLJ?P6<IUlOWO:ntL% +%!f,'1dr;e<!OW>AK>;TC"d7_c=uWZV]sd?%aKUUCHtqur6oD<0e+e^HJLCr:)(6:'jeLI;7c8C$@k2)K.0>$AUc&!<989b2o1<_2 +%Pe]7\^ED`]N<3)=&#M^jUg-<(1a?u][Ond;E(.I_@;aJgWJJZ*itCQs'fd.T#HS;<("0@)F9`?Z1k<\f#LjX+bW!(GoPt(Tc`HTG +%Jo99kBsNC]g)8_D7/=&NBN;]uQg;sJDlSA>C$5s)`&U*82)_Pmg5`DV_fa-o-h%>EnS&?18qDE6mr)Z'BBZ'MeE9[2f&;%&-CohR +%-BiOQiaca@Ye]J,@VR/pb.SW)%h3Nk`sY`rA`&',#F2b4Z)fDRG2HaGAo+2JGm-*<?iu&8;H@./Iq"I2W&\I0S@ik`MdTf$f28?Y +%.5I!;HFX6u]W*)o6s0R@W]!u_(7G(I&'q6Xc'9NoL2M_GW&G$Ks/@<jp1sZ=<46l<bJADTG9=:b@+kTZ17)k!fCn8+N9cX.3Wh<T +%iiG]FRj/1[VJEdV!Big^Z6GIY?D#1(K3lumQqLaA96+%$jFjQN`g/0\l9D:Q7G4GuOJ0\p'[<lNW*cJXg;-^%$ja613!]dq1#5lj +%Ud"Ju?eNt[.>W6M)2\H,lrt:jCKC4@<$aLEN%AhuSYgd5lc7CcLcg-A7em$:`-+ZQ;Q\mXL_un';P!Ot5[sJrEEY@9p^I>mWo_/u +%!ml>"WB,I%Aid<BYH<?$r`hVILi\1=+d=Z4hY=oR0e6CZoj\c+LEu5W.tgOfQLnLW8no?.Rai73J/OP4XO6NP'bN"pAXb'D&o1(5 +%ER)e7f57S:2Qe03E.=HjHR*Ls&<neE7l/g6.O5hGCggkikf.Bo3LILL)ol;j[>)[N!(YFN1@I;%.HkaR7;DD@9JQ\6,KhKB=]c,( +%NE8fac[VoDKmGO\JET]e#+,Zt$GXO)@(8*Rc@i0'CBdM/:^NA;GDIS#U+:_3`^!1b/gK#rhWUDaOAMQ,kEN2Xe(-c9h.EJ/%91I5 +%']:b(pk"H/dR*#ccj?<kM+/$?]7?ISl0T05kKT$T+o5Y;ZAU<"/MVSsi\Y?\$hS-_)H2u;D_@A9gEs9H;R1S)2a0POa,EEqNHs\2 +%mJ[86p5g9U;%ru-W,>r#BD+<V9Uc.Zo3iTiNCu[<NV+QI1o8*19&o*;k&dGSd!\FH9$9J*/":!VHaO5q)bZZ!/@Z7:KM<^o#_p4u +%I,$h61-mI<L'k+mT[i;B=MC!4:H,8Z?I=t$d-.Zn3+E;<KO3`@71%J[r2.4u"66Xb=:q7OjRNm9%I8ZITLE^kc('kN`sk"6L0gtu +%R_ChMOS'@SBcnCb'pFi!Ff>%1*RX;KY_0<X)0rrTXLast)(@A3+?cJ#oX"pL7/RmcE?bYb]Qu&fTg_hE_@_oH_03d]iWGj%;5gag +%E?U;4Gbss_egUg&k@K1824u<e9u8']h<uO*1dUWg,Y4g2('U)-!l2/+&lmC9V!MZ5_/mHMmmFu&;noW3mjuc4.R7r#T5<K]a'X&T +%W7XHLZtR%\i=\*/H)Fh2\=5&9He[^n$K@3l=g4%@r8TU,$SO,tEWpbOKo9CL'!VRF[A*73&.QV#7[$cV.@m&A>4a+CaKTGePKm_c +%'H=>SN8Y`qm,('8noTjI5k!5C/qAX,_8,aS$8CtHK2,ui?sdb_5`g17",JPqDoU?'C#qKC'#2EK&>-U0#NmT@G]mV;ip9r@ql*H\ +%;aXfO`P3PWH,KtIE>ZElo%OSgQ#.3pcs4\D1mG#iO%"&Q=LSVZ4YNk2$SuCJOYuo<nt3$_bD:t<\2eK8\eK,gG'5jh;irUaA<hH, +%Sep7=6kQmQ1%a'#)LEfmpHJdn[EktUh9#o1`F_.J!+Un=m&qUk$["2e@&73iA!:@*pfOkKTNORICk7:,5)b,10PZS@n,.,Zn[7KJ +%m0kU>-D@o^)l]+Z7l6b+p+;+U`SNu+1Etf0,eL[e:f9;k!U=hX<%uq`"e'@aVAWtmO2rg<6i$UGaIO(7R5J`g(2@G&WXB+0lc..G +%jlF_>Y<2ihD9U3HA+_=gKf_U;D&FgHITP%mM-R=CJ$(&D;Ig@KF8F_n[RBsBbVW,V#QIb6FmHe!FQ[c$S4<WNnsP7[d[SWV/knMq +%C!LVVHmEjiZ+Je00*Qd5"Gb$VA.t9e6p+E4%^`h]5OX`WGGP0X$%aN[iK8A0VC4XT)3<:f,>%HW:jF<n*bh&RPg0C.o10OCU6H_` +%VamKH,H:?$J3?eA+)/,Q$LWJHq`sL2;Lf9Wi<NQVOb.s+.mFT7:F,-K?2BC]IAC9n$/9*5pQ5`1VMq/#j[UNk"(hGLDEecm:R(Z2 +%]DbLBJ"Z-Ml2=+$J:hCJUU\*:Lu9[aE0N:@8g,0C'-7;mc=.20fnQ9?_bgp'X;c.[QoKt#*+UQ@,VG*t(e<PD8!/ci4cZ:Va-4Tb +%;%VeS3oiS=j<.$7'JDK4S/`hP%ald:+tH/LQBQ@4K?26J*6_8<k"0%E-qA=mY'CSh3==acV/m\gFrhoSNoE2lTq@Mqcq-=_;.f#7 +%8TYY"H5&D$Bd+S9P9,CCNhT59i_9q=:M37tUNk:@d*tpWl6p$4+E_gk`B"?>4c!sGFLdD5?4ULP7q&WSK\1q4fRl$6;8hfenE_Q` +%G*GjNOBaliZQ4bT*_"rr!c]S:\[1SV=eP12AbRU"GEg01M!7&.mlcL!*T[,>V#QH1JO`#B#P#Wo:>o'sn3R!A.$St><.'d7I$/5, +%ME2d^+<SNGO0Xp=$-K#Jj\a\$5m6d-R!FqII$!<7OR,)cH_,pVO.r=\H-ljGdKeIRUVQ+c$hYp;H5'IECU"pl>E8ih%q;b5iRj@2 +%lrf;@-sV+b\:'IV4\FlY7<TaUH&E4j(<uGLoQC_%Qc^B-f!%c'io.E-8b7NA@s>_qSHY2)1k*?j5+un%0C$%%-@TEBI*d7OH5npg +%&,_Q6U<.tIo"\OVi45?q0dlD5O_&UpiuGTk8"S%h&bNj[3YRJ_N2-^PdZNd9j?u0#ViG#_,:i)2_0$rK*Ece]%'gQ"m)VeG@'Deu +%h2].X'8Q"s[lZD;*a!e;_V^InprFXA0Fj_bM'jA)RIYU`7NQi>OdU@;-,E.V.eL5$/rV/)k`Ib!1UZk+JU1k-*dOlK*7uKCp;!bX +%@,[[_]16K%!t4mT1&T$CIc)A6E0a;\js(91aHo(GWukHr%ufm#\,/Pq5;L5SeFEh[qN8%3jL.;Bi/aE(1V*M'_gg\4+5-T?-%N=: +%^enIs6&XYe\)<oun=YMT<),Df/3N,N*46`G.M!&I&.e%<#G$\V9o:=sMPJV==V]tqTQ/K839kN(2*=WK*tQL:B,-Q(hT1=-a[sM5 +%W-@g*NH3NG3=2iNBX8[X>`NPP&'?RR'q(iRb`ag,6,Vi`G4VYkF&^OIkj:KJo,M:g%XL@#g->l`TqgVoK0%CWalo[KoUq7U71VP` +%nt9TR4Gi@Q#%h@*pl8@Zq>e'[)td4`W!IH@Y`fc6D"1rI,d.70\SOPb6ePb/]+1>04DI8IkXce[ViE6,#<f*mh5d;?eq9RF;0hK+ +%de09sFk$D:<s^tRM4KpPc6?g1H=f\/Z_L.HPG6c.HgRWXG1:UqWkU\F`BC0B*VJS:[-E[_G"2_K#IV3sZJJH2mm4/G,jfg*!.<-$ +%I*`WkWXta9$]jS-B-"psA7?%HI]B7*FQ1!*T[E=oLa2o1W%GQn_+W4>f4\;?)h-AEhW.P'nm03)61=A9)tU/*Gu39YWcK5(4<HCE +%O8>Ls+jig)d<BlaUQ4T6k35GYoj()\W470)ApmKq4Y"/eeR9PAA=k\kht:]E9"#81[grhV#;+a:h;&<qhP6P.c_A0ED;_1Hn6'c+ +%W(q`)0n*(a5)LR,<Kp::b=?^;UQ4r@k4?d6d4*<6BDHJcMBd:@j7[VL,e8efAFRW!0Sid=c<"M5#nQM4:q<]5K"m?H[<i*c"^5T> +%@;+iue#/k?(B5baSf,u<*O327at"dDe''cceOOZ-bkY.?6-/N/'fEQ6?ac\*3;+u%>;]S_h:.82=(G4$7]%KU./B:B\_Y!JWRtF- +%.U\l@;@_Y#l>NoRUsXgrr;e8-24,5M:;^F4::=,5]ErU`MPk7jaN&WS[:fqE[\-7L^l3r"TIDTMS$k-B@&e2N)T$*eG>od#8t;st +%W"s5:XAud[#f0fjb0F4H<&`sUHgRTQ\-!bG%95P0RFqqp!]NlO]68@43Wua.)3kojTG156A25iC8Sdoq:h91Jj\+jZ0piL5?H1hl +%WrSkHLE$]Tig7uoR+:)s3878SSViFS;F]UL9N<CO;_nGY*OlE#mZ@(.hG5tsL^%V?Z[GIQ?H*JHJR)N$68#_F+Z,DrFc]p'Dap&L +%8*pp(iHqhP%VCM)N<FRB74K`9H$1d%[k;1/P;N'_<fZAETJ,9_AX-(sqjP'oCTCfHRB0'*Wej=/I3#SZ?@b7W!C(Euj`MeYrQVC$ +%Lna\_11:r&_M!nFr%MIiiZIU3iRFq;hrG2h"Q=Ks<_4*K`W2qXRub\qCHnX^[CNVMY&lH-=ml+fd:l&_4+^dFf8WR+j5d\(S3klq +%DrsC1neD-dJ6K)HB"R$i=LPOr,eBbJkWs0=Kaa^i_u(g*QMUo^11f?a"Msb_cfkN;r`h@CjP%R"k7'-I\cSF"7_"[aUjQLbW`"=\ +%T1B0V@mmPLQVp)#Eat3i8:!45]<7->CSgX-'[g+',?I#Bhs8HV>_QIoRZ^$Bh']2`WM@Ir7]#O:V3.^KiZ1aI)Tq`MnO899:K`Cu +%QKRqTHHth6Q[Dqef.]!=Qn(qmS0RiVD2t"8q"SP_)IIus]V"=9VheuoS!l]j_CLFo;!7.''"DC:`.;IhoRe-HQSI)X6+Io8ABPGm +%.<#$fq?kSNP9-4E7,"nUEWHpQI8t>k]DF,CdattHM-:XLoZNWQigedp`C7/t('mD4E\W91TYpC:M;oaJ]No,'Hkuc&B')Zo"D45d +%8H9G\2DuA^.IDDLRkE*bcTPRCpW%I(Si]FDTe^tp4FO8)juSa)pB.$lgJWA`EnT`[n$/:-^:9"RH8/_bpM9ol?mNh%Z2]_3%E)>u +%(!tL3`CU[_n%C'bpNl58`FbFIBaP4APm&4H8b`s#-R`-ZmOA4F<H*[fR)7>%1a5EOaq-6'8l=nI&-L>\UtWE,>::*II*%L*]7S,P +%#ROA5ajI(I,cPisQ)tqsnJ(g$q3p9m-%W3g9Xof*e0Gn5#MB*XU"n:qOBmAcM2EAg$Y@pj)mEBB#c*0cVFV])9t:9\.l?,hX_$=Z +%[19&<BV5rHEQk]RPnhR-D0[_-goM.VMp#-K;-,8Cq0Kq#\k4Oec$%/cBuJ/n]#9X'dVRH>3V6Yn>NuULY_usD8_J/HNnYj;=b9!+ +%/]DC8.Lt1?'MH!tRb'fF)&TOBlWUD`X_%k?CR7Y#F/mSp5!g==I3jm+JbNYUr>G7^"#Ob)p&Jf3b'P%CT]>qC]j,fW)*@oVba,VY +%LsPYJE(\@I9fM^'<I)9Uhl<?@KVnL7qLaKN00slJ^[ui^c^=;dMi<j]kHa>N?;W(^-3l/776\pmcUi9YT76h)NaEighm&G[#\*"b +%(Vf"C]0t>""&bAcE*.hHTL,q_XeX`'TXgJo<p>bT6=p=9(^$%Lnd\@Z9i<\6P'MaP!q)?k1c':T<:Y5(lW2'K4mH9(&2q(uV7Qm< +%5l-pHTHW/A#&&R!ksU7&:\?'U!&gnP)>nd*^J[%sO;d3tY7I'J<RnI)\o_Ks=iaAe(`0^n*MML(+2Enu/-ZXX5:bDg^fY_O5;oKu +%]&K\G^l3Tq7Fr]9`0/AJN'h^"0cMD_/`RNhG]cDXE'ma_A!_on;nZdR;S^910)bd.WmM*VLN0u=Pj(NH1/cbZitI*_rk=3*'U(DM +%Vduc_6LE&1nA>G683K8>dPl!2JYDXh]e6$EN/g()Ll9EHcdmihFiZO'pO,VP&*LVD;c'Eq]%';R$Z[^;G#ZpI7B,%'I`T@YQ/ZTq +%d%rQ!;o@ER@P!'3(ccc0b_9UpMOA!&Vp'SL,%MJATnYqdMR6ILnf8M9O8"q-1;Ja:EPps,.l.R'D0SqI-k-PTk@'J7%O:!@'3>OF +%QR>H^8[R2IbXgs]6EU;Xj^]/E%N7STi[?ArDQs7,@GoXnEgopEZ:%k?:;P-`huP&7`heO\IS)8,[&Crfp8n/2M%Ln@.P!`r\Ps(! +%P5K2,D8\sP].,I5&hKM63JSB2k[m<oq-IqGbl@"t?_<Kn$_1eCX"8f&60[:`iF,54+:eY,$<B,moT7ed./TQqS*JYVX-?1%fO`3' +%K'(gq'Rn5?c/f;29*u>aPrk/QGBapP#V9^$b.\T"n<=q%:K"fg,aGif:m@Z/QX=iO"mf\X&uooMl3Ohg-);%<<^YTh';Ugf.qF(_ +%,'QIB!f&cu:%XP6FXIGd'.nZ-e;=\m9I,O+V)rN8ZX_eqJ@.fLflT)!=3_/0_>QN!H7hjAdgm3YH7Y=_)pKU9!3`mXrg7?Z^H+V@ +%XiX$"L^4EN&I%)r?<SUL@5]kXCg4NI00"Vi2noYq9tr9[NE-&mD,ts2^_4q'ZXTO,IX`/Pjqa&<7FgR%ms`_>`;o@)V^FXWZZbV* +%BD%q<qOlVi<-^Xm_*2PQ53U33'kr`o[7@(JUF,D]IdVj>mST8D6,E:ilh@=ar1G-Ze/CNN&jIc]5H#SEFcfH<b"'/,ZSM-)MXuJ[ +%o2-HQ91\Ae;lnn:O_p_U,cs.O`sq7:9D+*R9Q._tl%dJbIF\H#FVHWp6u#&!,'RPt;G<K$*mfl8_b=9eN%4^GaoX;be<nUtR6,KO +%0=_SXUH,?*q[q!%-M[[N,(K3NN4sdOJ/#kd$Xl5XoXKi3FBt(`Gp1:E3XA.TYLg3+EH]<cG.'I$)%cH8I0pMV4I<e:g&NBpKLmW_ +%g7YGPUCujqAQL,--\9Yh!cbisb`#,16+gBeC<BttKFdfV'9&W_lt3'c)l+'W]P(j'eW"O$.`I9&!(@5HW"C8XJ-#K:E@3$`g^%)? +%6Z%Q7<"jpm?KS!Q\kCcZ/SIWA#L:"M1@V[T79[Q"cM/^N2S66bkJ^,@IfY>6[$j1f7KgP_nkTQg1,b]#YpIt]R^-*[P&8\b_]3g- +%4fnbiRqYq]R0A)aIiWTAa/mu^#4@ST46H2WF+D;YiBq5IR"`32]Hb$;Tj0mN2Z`feK[[:jXBK'p3.<>S6n"G?kh2upU:Q+E.HFaf +%-f4"p^f#uDR8LB$9Bs&OX[psLCTCD1M^:G/!WL6n`L>j&BBe\p>_3Andk]f?gC(Ds(n#.qUBHAp16BOmjY<t7Qie'E18t?AP`(Zh +%6tIG!r@<-m<05g0r#-Rnnj2jMCssZmUj7:*c;?n]`9I=nJlg*0.-7YG,7!M]@/04:D#h_ZRM9Ph*CO*D]9]ff1Qr'*/s2iBh*RuW +%O)TEj&O5+@7=DDKUXWpDZ2#o7:$\]_%k7[>H]]DL?5Q>o#J->7VCQDi<QPJ%0(=;F(ifgeI>*eooGgbN#)6ZJ5#YW(`fPL'1c_nY +%eG4f\b(DTD6p"QYO!do?$02to*)<#t1dPP),I(9u/]uq\Mqi.;0%='G<UIP5g^C05TFef>c+-G_Prjk)F9B(&`PIg,$8#U7]N]Q4 +%O-#[uYeGF<6lhR9&_0mcJ&,nHk14F#KRS:">`o9G`ueP(<&Cr`F@fp[&3=/ecgqON43)e@h<56b]_X>tIpM7J>SNZU?\)"piRcla +%QA[Odl_/KgpXG@;l+7.>cR/atIPY$(p'rdMlRau1F3A$-m0^,2oEjnAb;A4[ocbj2FRqdE@$$TI?']il$^;*.bW%RId)g&n$^u!; +%[7f,70Pa/;"T3.g)KX;3cWo,$"sf(P1q\3_KT[ie/Nq1t6nhXnYr24:\QeTnT"EeZ<@IDPCSpgP=Yh984>nZI(RPNB1c)2)GtAk$ +%N5Qa*lm\0G.n-%/P@p&X%QrcQLpWn&C!rDT2>uiU]J.&<UG5$`cUBaqOPKs0er<#uWB$$H`sbK?<!gbu0d's3@1`oFZ(5cO@4`"C +%&/`2!G*\Our?e'f1[]_;KK6V`P6G^Ml^"cd&IUi1XUGqQAEpk:)pGm8jTAf&Zj;o4P`RoGXK!4eUZ`0::cg=/S^6)]\+ER];)5`s +%S22(qoT5po%UVWRoNeprW6"ltYWo:4bVu1PQZ>W/L,3;YrRE[tm3D\W6-"P1!KpE*C^ub-1o(YnW+lp!T28AuJ5q`P?oY?nRTn32 +%Q`rJDelaQ11&TOcEjn-73<_H`30k-5@/ts?<FmL9JjEMlQJ`^SJ8SO:?4M%T"0;V3^g7gF\Wg@>9,NQRCC+7F@<95jpE.Sqk0Tak +%T*jRP1o9\W6Yr32ZPb%r<KrpD&1>&HPD*77d*.AKZ?^aUW<OI8rr!fm@.I/FN\BApo+EacQE?E77H-2bP,"7/0>27gef9Q*2<pZl +%8,2Va5<8uZ:;kQ=34^FIDTpMi3B9T"2sSND3kAo6DVU`!GB=6(8,-.XhG4=OM>/"L+r,R4f*LF"'E+!ALC]=*j3-Ha4"eLE(@=%5 +%g'MaQqfAa^Z#^3+,D+cXT=rU2pFNHO+S`&ScinMi>+^gbH<BiYcM@@8q=3S:1Hp9WDk"X'D%8\(Eki+,&E(Jk36LHQ.s5i^9kJBd +%UE:@d7*s?3O7;oMLZ`JiGQP(s6JW0@fgVQOZnn.9dbE"$QQ3b?ZG&.m/m;;5YXSrH-)mBJ21:"@@fVh!3olQU+/iYqV^=(I3P]5l +%0Zk]CE8iQ:\bXUNJ_EgqiPJR?8a<Z#!(3pOgP^(T@Fik@/Zp[_5pc+!5)"KfI@s0_%C$3ZOTL>-Q`oD=Ua7^G^oAV?>FuH2?Q[&h +%-d]^T^-V\X(>5f0:!Kb#`ak00IYW1ITmi4n8DIV56k.he''_KOWUBWlS0/G_!!PV5@U32`"#7RBo"41iRO1B2A<i!658slZ-8^C= +%Lu*6\nAdT]dSCF.#<9U%q!\9H39)IEE>Jk9`d`!&]gs[2oNkM+W_.)QK8?N?))WtCiQq+]6)*/,pJ6F1M'3L.9=5jOQ)TV-@"QpW +%mW'<#8M7i5jJ7tV13;GMYkjVYs03niX<.;e2#5n*oC:qiWB.UtLX#JC2W!I0rHUL)_#X]=93]0;.A^a]o=/ta&>8J))TR6S,8>o@ +%eKbub)(?9X<7sKZE#oPCo5X^(i-q0WGGk@kjoqDDD5#?kWA2J7e4g9j[]L%2/X'lP!(-^o416:iG"+1>Z/'uAKSg*B#3Z-]GkNCB +%!t?`BG2J:@I4MV*n7g)E%^%.^!LR_BLk0?NU\ba,4N&A_B]UhOH(Sg2:2'>`a,P`K](riMCbfM\YuO/SpiL?Ng(ANk$r7,kc5:(X +%_e\mD1$=LQqi:$mTFQ>JV?\Vlo*PA;,L]^?JC3ganAgd2hTr<b0>DPI*DaR#ADfP,n;'#NJgLhE>X/0MV.==SYaH(h&D1^ojBgi3 +%V$_4Q>_<Dd7<:2YJG3llLB0;%]#cb7CF/jF@*HO9s*f"'222%&q:It/ct`EN/bMI=lU/#ELW7sW9sd^P[a0B4%kYGTc+]hHJfe0P +%+.J6S2C:XF0gE*.IqXgjCnlGq\GjjFrRf3ieFNR34hMN:d##tl/pQ9^BbUm@8c$]@Xitfa#qrbc4ElO++7>Eq[tQG2#k7$"M^?+Q +%"YV[,Y&&cKXM;M&O^AHLZYBcB3auAED)J!5F\,tgG_3A[PX_@Yg0u]\b=$92GQltU\Vt=j!LIn&Hu3k5\U`D`3[@>FbY=^gaH</! +%DBII_j'@tfp:iPg%fi._d)5$a_XW"XClEH!c2N]Prnb]of^\pi*WCJrG]V=uBP,RL2i!mJ,MS/n?<O1lT*$f<X:mnWQ_GXmD`[M( +%%"POrL5n@t.8PcC,<F:[NHuI@1]TI2)*1U2aR4-NPN&a[;#\a!)?TN3\<_T>@DWdh/:1?JMqK+Q"2#grR4EKY)$oi:%)ardqM;^H +%i3ON1gkVQf+oHWoeW*2[Xu6^&&IV3)^9f'CW-i:\+$ch3@J0<F`(H*-VFLsBUKhP'4qG^lasMGC@hE_*mL48MTq_/'lPe'k<JLpI +%U&Au1\ktD(.n(QA[S)X@g0N\IW6ol`+gKDr'DObJVjVG-8>qI?6*l3d!1>1&Zq&T.WP-C%%t\4OSdIDjFVQ'!g#C*sY?`RA3J:L] +%".4Lb#,@_tCHnNI3\%*;\b4Fi83*IX?[)rUj0AE7DJ%An&\G(]"3+M9<I:@L;p<O'!0SPg:a9Qo$Af2#9B?(Q/oETR/iu;.d=Z3; +%buT[d[M5.f_fn^aMaT:@BW>Sp>nZWGn":oh\'._oKJ=%jp9M3o]g'Bu3EIX!2/m_&BU4!H"6&=p'p<6<6Q-3Q?;&R@\Ph30PO?`6 +%%ln?YB]a7i1"9^BZ+$96J9c4s7ITe/.!4LWA%t7FiAlZ<HKZ)j%dns]VEc'#+(&;3>COsf:U@5WYUu-mYsmVAoV!rI-PtD_/J@Vj +%bp\)7s'tM'Qg6]8F3uA^45c1#S/d1LHhWKar35EFQ!O$Y,0/H;?+X&I#['\(5QOI"b1#f#QZ(*)[<`IP-&IiHWcO?*$r6H[H]Q?/ +%^7i3'dK!ECi"LYTLh\sh+02!mRVY&b6"J0r-Y']WKN.8:R)c$Q>]'f]P7T3t;AZX9;9Lc"R^&>K6o.1VE-YEH/V1KIXor+4&\'EA +%WhC%gD/uHU-8_V'Xbb4-7DMKrYtIEslQoeKA[*0'\a"a.[@/Q'-e"'U]a[r1<";+J<3!tPp/GG.bjl'JG+C/d\r+ILb,"Z5k*NCn +%<9RnGMU9k'2Wm[Oq[3@j;Ml5h9qbU]m4HHpOVjn8C4#P[7:F885``rg@BCkp]f4RNm=$@&Y71LCc@XC`fW8IKSh"d/$>Q\Z8rca) +%oP,,qF0ZUOlDgkmSg8ga\aH,E-)BcIICE3*HVZa[b3>N6ll^,`@gdo4V:\A;K-ar<e:nk_imC>iD!&C'Cp#J4Wp"3.:olD\1SiIG +%.SC>+?K,MNe)%8,\HE*OE6H$T_UU4aGZ?`<:sDrF<`0$e[e8<W./K\i<rKIWJg8P<h7>2*CI?dUSZSl\X#uSj:/k;u2L0Qoa,X_2 +%A^2hAO0WjaZ[`oe!;KQYqc+"Rj.n[aN(GKS&1Fi`)oT6gRK7l=\dE@`;2gi%rDJh&WEH&?.Gh*+Ca$#uW(_gK^ls[0@'>.bd:bQ$ +%$3VkJ:e#3VeM+J6cn`'\FfoBoW.Ueh]WkML=t36+-&l?&k$3ZA*_F6/'YBctQ"_kbYeQ;jYiT03l'4lID7(fBbBH682bpMV*:"[. +%Q$YO2`t"6=X/Oc&;+IK!'THX<<^+I#72`QS_>h:ejn$"f!TLZLN)3&cf"20'(Vkf?#u7\`QP-QATH6r$OI_jYcte'ukZksmcBW4! +%/":^jCZ#O)0>'+4G&Is^mbg7;pQ^Wd2b#FjU5nu*]8@R?9)LplZ;O@ZAX$U_AI9K^=HI?p*b9q^(QF)?5=-D.hr(mp@<Ui![7'co +%`BBBtC7s6^.YN0:gip;XLJHik6b*L*ZT.TBLcAC:-k'aFW&d(`rNCn]L&m"ai5=1lS])g:+Bc:-GY#n4Ui%*u4:Na5L?)2^6rQHN +%WYPB1+k>,!'l/LeCIkk@6H_5/n6.4:g*[(D;2D@$NK'pZ"r(Z"A7mF2BL<-7'tUdR2;=52D3aU-9Fa"WO^"NL)q*1EM<r6XG=-tp +%!L;LKmG81=hiQ'#L%oRW&ic[#*)[:WBaTWKL+D>?.n#4]9#VD>ieXLP8EdQUr\u6^*)]B=fI'0WPs\0e(&#fo;<Es:F+np]8CKRA +%oNWR>N(2%Bk/,!WFG4<=kt:7DF+%ZHV(1VI/dbHQg70`:\HsOrNeB:+MDc]Dl^\9BJ6T_I@]oZAXK5[Z(sLct.*/38R=(ih[4Et2 +%/@Qg<!/HbTCeVSE=\^4H>O_iSNQX#&<&mcI#cV;D@d;mfGLi;3BMVMu>(foH^mQfYJ.?*E\=tcpL*YB;[L*Ygo4jSP85"tPg<+F^ +%pU7a?9hE=bP&<V3e[RdlG-#5'P#/Kf8a+#roc,-H@]BhCgS@mrC5WW37X9TMJK>8NMCr,`kn[+(SkN:B6KG;bP%C6drZ9@q#gP1\ +%mT#O4V?p+VE67l$L#4Q_*otOOP,kqjAWujlE/.tO:.:(7893Wt:9[InJ"s8L1XJb##rI6%HVUNX]O'"2FtCO]@'O7s!"Hc[L3`u5 +%pSuh:Mb8g;>X:0J0kJ-]6ke675QbsZ7(^M'k>h1?NIs-%'WU%2)\Ahn,#[*>[l<f+Yu=?B77C*"0[8.R4?4N8cTp%G+=u$j8po2: +%4;b0fi!>X!#-'ihlngFl,DBo0%e>:g5I7BJ'%"i9&gotG<(kRcTu)<E*;`IR>GRnp1$q3q;=KR?j%&oJ^6p<J'?t&30j$(2P(uWm +%Q*EFg!/g3VKWNa63b^1c6PflqWBq+3LJj[#Fs_eGDa&\/>>5clC1^`0?*\sJMc(VkROuJDV7`ldON\^`%"hlM.CJ$T[M(#Y1b)(t +%H!UTIDiBklFA2A+FU(U"#_Bte>]`Nn679\u9u>EV&icP?81;Ni(u1_Y/Q$5i9Qi3OO@51L:A+g_.FC^4"K<nR#E&`mRF=C\n("%& +%(6i9Na[Il'Q+]J)fm4qb,SLZXk7'k%#TTMYVG\5F5F5lIPp&F:'r,;4bn*jMapDcq;?nk^d9>HNE`)qC0``1$H%ishXrIq8RgfR9 +%^rmmdhLc)^cIK9OZ)q-a$ar[^C_:@2.-BX?iB+[(B&6SN06c]>YfJirj/\)>"2Q/i.KYZ@D@84&j+h$II]4K:&qPhdRqfb#%r`sV +%gu$IMjA=e'/*Q_LT8H;s@.`bck*L?=^slFB_2>?Gcj-:A&Z^tV/g)rP_'2h<LYN5?n"*P8U-^gQ85l(@[Pc;V*H@f6I&g2:XWS&N +%R"M*4VA%(Q[M@]4=a(h-MJ"/$V(JXbapC[>J_XXR9UOAOEZhiE<sp#D<>1biL?-JF`24"9VCNCZi(\P-GiG_jSWCl!h/WmhL-:An +%,k#'Hpd;Bp[MD/R_4*bkJS8#lFY;Xiki&7nRhD8E1l29/VcC-?77A.DF"<.*MNTqq-O6[7Gg^qg(_F3<]T>,I#c08qF0%-<%9^>u +%Hs\DZ@+EW^#b01LNg$1oQmh*=*7$iTO8TSd!\9'.p"qI`*FN&S2hs(!d3($`PX44439,8knP]q*?6(5s,h0%M`t5'-ELohn<Mo9r +%g+97Jo>Tb_>EHb*UL/aHR3AG>%tF1G\(q$e#07G&MRThHglLf7::_MR*(Q@*ADr^.TE*%!XZG#A%3lleC'6?_706QD>ccD,gRMF: +%VJoVW')oNLTi$]O5LCMtL%jYrpq[mY',Tj80C__,bLROP0<9P,b[9;Ia!\`=FNL'7#+13&->cbI"]Ae:SO+k%nUp?f(SGA\-,bAa +%d7Q5hZg(Pt(,#onN?CD6Wh69?bkm:']6Q.Ng^-hLjZ679[umMn=&q,G?T]AR1dYFn5:+QAAsM60"JSjn1*T[Aclpf+d(g^(.%<]/ +%5/^+2K^#i6@cTPQ'$&2(M+K"W<-J7hM3lW0%tIT@f]/C/,SPsSQG(]l6T/5VY,`Kr#n0/t,@73'1TO(n:JECL?i_pZ+?8Rh%9IS( +%dB)5?1*ge:%&%7[1Td8R(/QNGFu1&O<LJpnJ`MG1OVR53cn71IAeC^LPLG+_Sc+4o"r&L)R%^'WF/\Yg`$TS@71U^iWC[5rQNkOG +%$YFL@o?+%e'&Y&0?%b"@\dO&/&k&j)eHLr"dVY[o%$P[?P7]*_AYbD,+3aYUUrg,VkgXn)<#aYe6g6qO_`cq[G0A?Hf,_rO+=q-* +%bY`-]h'&52"noQd&:V+.YWlj;+:]`C\.gI:2I,7,c*4Wr7[n4u*ET[eZs0H%":$.jjk<Ba3cAT_=161h1[T%lI0eihm<&$SauqYo +%moJkrnLZf7D21'V?gJq1Q=>`pQLD?1Qr,Krn$s[UZY0-GljSq@6'?%/PrjaF'G2rW/he]gT7FSO1SP5Hi)=bc+<?RY]EC%rRpaZq +%!p:ET2*sIOb`)TtJ1R6n-mq\2]@!F*L>5;MCF!,X3ah#.R]^n*YXE2u4>9-@-:;LGJjJ>qLK<*/X[::hSg6Bn0G;dW:bmJ6<#=qa +%BL^$Ga\N+^OWB`Q"@]qF'W48QALEiJ^oYD1%a<Q+MB.AMSQ.b=KN]48B#3pk/SLd+m[(]7;Hd7j7aY]L()\,BeX+D>-70`t`Hd2+ +%Yua=?7WI+7;mAtO@9OT)g\atXTF3/Y-Kt.+..J.i''V7Xap^Qn"8L+J<+cBcZO[%>!=Q$fMFRB9'rY#2ZC8mk&=Zo%^/cn"!0eh[ +%22RirJSru;K0]l-1]C-bH8N.A\Q.loC('`Ll<&^t,QWNW+W$#hb%f./)Q,g=ag3mZ!k;c8`>L4'@XZ2R"2*fM0JJS1=@B96aBV=H +%MjU:U0L8348@l2U/`]kHPdBG4DW#YO@'$KG=]5E#Z^27t$:Cf!9:W8<U(O`Ai5`Xq=QON6@?;+lWQo<7N'pZi9Elk)+^&qo%-UuV +%l9!NVS#]`3fU87cd(*>"+jF`VjL,fU_1M35Un!aFGE-^u:3a41EWh:3"BSTtB=LTu_!.8.IKF/$dp'#EV*fF*?L_$CR.;4JfnkeH +%7(<>Ua<[hV9Fjp"3f5C^mW3g&'VN,:f'<-qE7WojFS-B.I]WAVb_2Z]0fD3"L<;[jC5'^"c5A4m'uUCf6E=f)BP1,H+N;pSM[W7@ +%N/Eq&'K?u]65e<I=Y6hO;;.gsHkCBA>"5?7`8jek;edG*ShV'(?3?LLKLdh9aIT2+1:Sa$&55UsK[PB,'e"/JLt!6QM<9-,r/Rbl +%I,eC*dQg9QnRS%e`&t%F@L^OlX&->MXDS2l[fY,"!;hK^^f@o&XC<AfMQhpLO/#XjFeTAR7519bfLLA.K+g+]j!_eR>8D`Ak67]0 +%pW99V:/H\6=?7YmLEkeh8`\!UD\q"<kO*E\_aQ7KdsIe@/!iN3c`0fAfqe8.D147>2APYqL-W'qa?8QBV$sf5+J)u!b6GbI[WN6s +%mOU)0K'&n\0$H1tX/Q%ScR[r^nIU>dZN18nN3JkRGY&5Mhb2n*,Gn6C^!2ToZZk\EdmQP:iT0L:>EUpF+q(W8'F[IMaeU[H*>lac +%H,#_[o?:(R1QC6i"%bMDJe9lmiT<IAhEi\,!G!:+T2r\V;Wp:fDiT$l6pJ8e"RHkM/c$RDOYn/G\KV\$?^-<=D:*tC+H:;??JATu +%IrO&,A15]5R=9mR(Fts;:l'[d&GaL5!QkR*JP_f')bi7HI_Ob,dq[hpU@=CL28.4l;L/G28>`B),7:FZ,/r"$=&mV*1+D^#e-0!1 +%Y:*hDk!J"?)!\I.!9+CERqVo!o%APlUdjSM19<B"?'4'I:FIh]cb7RFm/V9[<!sH;Lo<?@-'sM_(%ub^ep90GR:$C\6Q]1],[&\3 +%oq:TVR>(<*)OR'(M%OJPMdZMc$A^2@2K4@P0ZdN^8Zko8I#bnH33^ML'DEqtAI1hJ]0g&aI1kFY]gdCMMFRkP.:$'tX;P#H&?].2 +%dNifKBqV-C+c2E>Gst[B'hT1k'k?]+F7qQKY9ec+7*?Rsm@9=G,n*GrfE.hXK;^,?mHR[knmj`U#o)Ys+3H6A!Ac`#H[*aK=\Ckr +%EbgjMN,_:t,-=2H0$BE!#0K`l$mgMd4".H)qpS??X\Sk#j1MPaCScpak/UiuQcrBrJUQ.?W&-jcRBg#(fjnfW<%H3Qs6?\!X\m:- +%%7*:9$6K""ds;qkr=1je\c09/nu5h+<+SKo.EAA(X[G`-$Jsk*TbjhO1)#+3b\I@L"(eXs!7>k[o[#CA'PcmlNY>Y\$2ME'L!fOT +%2H'`Z@E*YsMXepWML\6uJD2D:E/I=l]oqLsipVN%GBKcL$QtNOWtMDc=3UDs6kM@&.#Sh5GbsDR'2%NN6P9i#hFGNsKs^?+3(%M8 +%]MJfO>)@[O6Z(eDZNtV,?]1Cc.S@rB@E<s6V4A5A"3g[`.U88@"6Z#XU&h\>Tsth'Xb9h#D%aoR'fJcbnX?9r0Zb[.'&:f$a/MP" +%-"[d0Vq*D0h]*>skSHFt6MJ6BMts)e#m)5qUPNYoF[uT;P(Xo.W1(hU^B"<XnBtM9.sRr<5V^`"6!bHVKF*OQL14?IS!@Fl,YR0> +%<a.Lp;8kD=Q]/W$Te\2)cD?(#l;#c50OK+an52(Y&iRZ&fY^-7^(/kl3f09b;6[>GkU9hm`AP$((E4_IENp`>Jsob^VPjSsYS"t` +%4Agd=1>G-`[F,@i0I!Pt9HLgI*/[MSfsELW47Rq@p'^X]k2o+^5Vk.*m'Wo=7k-ef8aJAG[a?Ap>@TR4=LVH8P%h&"]'^!A@JZH# +%Z19iN[-0deB-mr^AHil/!'NfA?lA*464^A-HB[lHYEf).<='b5'Ak<'/q7dNHTn0EDUS_l!`D^uV)TnX1Y%mmK[ZWbZ!=?@a4>Eb +%-SDH5-I.Vm&70$kEgJ9BSuJ1;?0]aY;.4G=I30CT+><Y>fS258!Q!7h[i([21+Fe;bm["e=)jq^_G9]LY-#]4/2eFKOBKC2G[9Yq +%E5=D1j/Jca'I9Hi(0^m9CLQs:2NDN.%Pgr1)ur\i#:T)_e^pYA(hqTqJZj4=E)Be1o0&OZBjcXXHU-H$6M*Dd"Wu0JY>C4^d#nnG +%bf<uO6X'+*JbkIEI7VSr6K(+;HQNm<%k6S[D"@a8qB:Fg3naI^(k5)M^Ikt"T]R>Zpob8.%uUMub6[I"*-eWt&QAaA)-)C425l4t +%=%#@cpU,!hE.*@jV7!T:ZhLDMUP5gl4.^M2<L?M,-F=p?KO/=EV1%`K/^.P%k!aSP^,/dl?=J0B)uS6>[=jOd"=5>1H#QfKMK,&9 +%$qNj%e/082/pjF.=LO[;+a1!t..E>%;DCEcS[-,8"thm]K:Y)g8;[IN<fi>pcl(&tBK7YZ;OH=sUaD:'HQ,7\6;^"nhA&asKir[l +%_E=W0?D2Nh9Q8?jiNp[]GG\[q0V3oTfZag:`uCr[#-"9*&\jYBZdfQm)Yc$.d:V3LnhfX((\=iq\uo`J?-d2'DeVmrVo9Tg-$r>E +%c8NBA?h051huUoDKLT8O0(1dSQQ)W$l3P<-E/.2S]gZBd/2aHJ]ACFG"u,c9Yo=\1iF*eOR#(Q,P:9R%GD<ge(8RZ0pE6Y87f`34 +%'bA+H6eM8s7"0Z`+2I<b#lPJlrrD[U9Fhsc&r[G5<g"-I&fHEQ%kHlV50_P(7M]!cPscHmAZr^f!Y$tm%NE085<VRu3gr8E+.M;_ +%+FOj<mlir54V^qM%Bn&C8m8XdA+5e+Ya;#e[n69kBWb>"5j"c;E-2P1/&/9cS,e3_iW[HJ>pOCl)AjF(q?7go'(tX)&E3'_a[X1T +%Um2Xk@CjoA0kr"kC*hhRR$om+iu4eBXX/a^'?Pu#B>aAKPuKXF0ek\g-n3)-<KO[,V1p@odNKnraMLLN'f>-U44pIR:#JlgPD'$f +%Y@^cSWpthi3&45XQ9sbN?Pd7N_;.4FOXmN-Q<7[m="^<f/]^-W3DDh/b0[I4O]>_?Br)J<'j%\9f^MG>[]0kf<G,7o:oZEJk16PM +%&_:R?_rqpHN`n<d($S51@9oilc\]"GO>e:?nV!Rq)15>b/C',nRdfnrh'&I^b+i:jebibGVSP\niZ+)9Ms>mn6X8sq/gl4,6c*aQ +%/Hg-j2]'A!"#B%*Etb[ac2RK.PI-YmHDTV0%d>\%FI8IWb[Ol"GMUT(*Tk_/ZY`c!F,)cg_d)*,]\lWsnM&^B,r9g2KmB'M]TO"h +%gkbdVAD/RG*9!3\r$F;4VhH9b;^KJ5Acn?Hq["\jlJs(<Rj^SUMi.W%#PM`GMWcsfm,HDu//pjZBI(gk"q\r',7t"qE-5bk$pnd. +%>;0Fkk."lk$)Af_pa"<EZ,egEUc.+oBi?<u,q2J]X(7AqX#j6(:is].WsMfq1AFZ&6#A\k_&`+.Y%AIZ1QhBPQIbYsoH#/PY7Yd; +%#pn*O.F1?rU'NBF%Vj$@QhjHd)i.<jnjO.714C_:D1+jE%K!\4fc9ZF33\@Yj;DN"p=<W)f+&'2'0-B0S-6#9&aCl&HYGB#?83i1 +%"5!de=/H-tOpG*Ye3KFPXsS`9n](1XB<\Z/&[.e/PI-A7>fY?tMBXA]T%&/I?AW`ek[X^[:H7:/c5^#Q[sHK.oGOWI&UGGaT?.<Q +%Y4*)8\;Z3Ea6UitUVsuWMW$60dGd24<k'ZnFTK_"T[_fP"X@(#4`L:`MJGY/@]fUL`F\C?2.-]ZN_2l<fSm>,6seW@W_CQC85F$+ +%TU:o*H,0uhC2E6`>,bU\36`Kg-"''qBVhnX#;gk;4Z0%Scub$CLZjWa5aII.kTdV6#h^7&,qbgA50sZ$,dk3Y8)Sc/?j,O46N5Tb +%"'/;+#"]%M#n"R\L1/fR+@Tb3Xtp/]_6uh\8e_EEGHdgKQ66Jk1;V)=jdef!/#81-qSs>Na<@\HOFV?dK0R<?O+@2H*.VMfmqJXB +%/rN[fo`MoQ$Xo.%0[+B9c%G4pL!C+p74)URTVKsbgfq]/rcaFRoLd(oW$&B)R!]^%rRhQ_Z3V=;g8qH1i#IoF7IYVE[[AR<Ze@r` +%9GYj%M-SIuqZlfUE?MhhWLHFgaOtMF,Q.'M<dBL9^'h<0#("=c#:,U7GoD8jZpU'-Vnt9Lj@Ag.;@5g!INU9k9pV.Y1sHm'f97Kb +%M%qNi(rLHT+Ud\!YBI]u]?b41&=s*Lk*:h?pI?&$A`SfKG=,!7Ub,>]Yp9]Z<2@6:<<9I%<o@aKo(=F>8$Et^.nh_["d)Fj#65(2 +%E)pKsnEeUI-0XSSHg$Q(F9Q>@!+h5<gFGPX+Xh^D+('Sf%q4]i!;d,UI0CHPK[?p<m8<h!Z5SHr0TbLOYlA)INOIO^J*iMYP9kdS +%6Sm&[',SV:KDhP3a_H3@cIqOB-2gu"3dGguM9%1%ZgZSOe/n.[lt7$/(Nbf9Y7r*#bUl>ddO<`$`CVcCUbHQYf0tc'dFF4O`C3[* +%0rru=@gD\HIn1t[c(CHcY>,t>3SW/EE0^^^,3^j3K8H)rk71`CY1]#I`8e?6*,cfY&DrS=(:]X,ITSNHOE;,B2E0Q\.td]l%fA0M +%LD:YYT=ka"WK=mhi`8of;uAo;UNYFoJMPAQkl[4?qck)-PVpr`=&'W+$aP"qr1\X8:A3\6QQAQ)(:,qd4E").\j3[N"?%<)!^h,+ +%"OnuNW[J'iCc_2mc5R[(Ji^9r&B==\[YBRK`$"FS@LUTa"XeXm^,.AJiOk06!U1*t109g3iP@Z.6dd'F@/rEXaQghNW%8(IC/P!C +%r<=p8P<:Moo48\YWucNZC8ZJHM^Y^3TWmSJI5^hILd3[16'eadTt%mS]S!5"o(n-Q(qiu;,$Y5MXa2\&&;7nr#[4Hl/Jnh5N[Gk> +%.:Y&P7&u&p1"\BeSS8/(:+LlKk)(9(*[68q@^0HW5P'J)/`d?4O5b=1,#nGZ<hUC/=#0OZ-dZTT-R6:aH&Il'WW3ZNJda@XH/;NU +%!s0<B(l`$IVh0`R3.aMH1*beknU0CdZ$Gj,3[5?6@/9.:<'%HF4PC@Y2FP*X,2rgj\KT79'pCSlmgYD.X/Nf7JoHN'>fA!!0T8B+ +%itrXo6rB!7Q7LV3+c^W"p`+oR=)as&`9@UiFb"!C@U<.*YsU)0&9YUBclJj+#IrY+N:71GG_eI'Tp1=gjtZRT"XcIO<"IC..nK%N +%Wd=pL]n-t@ilVK3oG+b0&D97c^^guVVlSaV!D7,2dDbWT,j?ba2Ec-qE1#SA?HLS5VK33p^/bocp63UQBkJq6C;XSj@G9I.MVKnV +%DO>[XP,($1kSpDuXeZ9+U_N6n*j-b;NY37cWK1h/P/EO,EUMp\Rc]&gk:lRM,u&KK;EDr`>tIs8A[DqG?WYZdLFKXKjP,qfh-j4M +%+T6L1<HoglGaO#oR]JWQK/0Bm18q@](O"q'3:Ou_js96YMT(a:WNU@a*=3HMk[pFW/ELYXSuQd4k1Ks@`]fa-gf7cP/`.,UX7*(= +%cm!Hr&&:)kliuRRL9eM4"[lg]:sRk<XoM#<]V#l$I>A]8B;gpNMKpMS!K0JsNfgFB^sNRNAskId<)m<B_j-*`7)]SuGFnF[&%I6Y +%5eY'\js\Z2?;=PjU5Pcm9R=BM,Ff`_49L3i=`g8%B4WPdL+&?l!Ya#+HJTOV@%;[41kKGl*"oqsmZr,W:r]\>J'0hF_&Eu7T&JbH +%)\6;a)hq(tW]LV89^(:^<EF&5DP`;p=3Ep*=s>-K-49hT(8c&3p=E&ff'sVsk8rD*,a/X(*fq'!PSW%<a0TF/fW+d"_TZt_XOPAk +%lj]gO=LaGR8XBm,l)J^$d/"r9RZ_G`ZU3t)PKGW_6MM*X]cgq(h-joj^UGDb/2S;^!l5`P(*c\FJ3#0e)bk9ZA@7dC1]dp3<AO\t +%&dR>b3"unr#+1X6XRs1T(tD:ep/)S>itVuk>'5jVL.K-''$66'>kbsA6DS"ZLqWB3dQGA<aZ,g[m?*C''sloJ*a5.Q$n)u4/);`@ +%(t]qGBTrg+1j#E+*&t5dQ#phSP>?7FH`Kq;6I]dEZ6c?:`TH!VNjItb<QS&fKM,*LS6RiaVJ?tH%2<Uj+UZUEiIr<_@0Gifa>9NN +%SAp&I:u:IsP>m<U9UT&uYG,%D)0q`k.C)I+]?)\/$%#MVHT)G'-JS6/[nlS!b-c%t7@IUidOM4hMG1Sf+?%JOfcS$9Pa^qCC($gW +%77]:X4dk'%A/)2h((MZ7C=#ac:3/&p(snd2?r_U\n:2E'5U95j>+m\/dOAW(HhEJ"o;<?uVdQ4K&'>8Hl++G-JP\t>BL#_aPLY>' +%ikl[0_*-Hs"9'U2U#"mH)R;E+'0oPCOs/ILN@G*0"k7tIJ[I+S$^J?::YKrfib#`M;0hSuOU3hn#K17G\mh70`6k6u=7H_j*).4u +%<LCk.Ttk*hE#;tf#tEK7m[Z+VE@*[YbS;Z'Ni_hLK).0bI3n3m1o0tI\R/H@OaE6h7bTuOHH"go'Y2a-OYd1f'9J3P!OUM(0%cEO +%\-3$aokc"[1']XS8Tn7"CJM:%UJpFY-J:cA5A4).2D/SGlW"LC.!0'\[V\S*2C*no&BDK]T^?gN@Fsr=g'nqhf%KVKb^'@$^6K9% +%9"90YfO!8,_c&<Q:W&AT324<s]LLJ]7dN(.!8O=W*0I)bS.5Qm%/D,KQmRQh'LN(_&_Fu/0?0AHA&u*`a39)=OKrGT&d^jVRfUd3 +%DCNGjkZ*T9SjjKQSm/T0R0:gqKS+8cjb?mL9LdXZhA%oJ^j;=I"Vk,E>U`$@PnaLh+^<-Of4BX<B#kdp_CRKRTrI/gbJr0q($)&b +%"(KrD3+2I)b!!V:.h-J.aH;368h6-!6[GUQOjf]hBuCK=UleiSS/TgSNJOZ:8?^+=/soK9ab)Bl`(hT2QAAuaW@@OG%JEV;U_2du +%r%jKbM3;e3gnU;ZWYa(`>f;r,`ik*@PC_.)+c\pUr#YWT;?&KmPb&l.lMg2i,".lt6C^:Ej[VEXg6;dKPo;+BD!Y1.3VdKe[TRXD +%c?0A*^'9EOZpNM6:J/WR]?6O!jOY;*E=H$^p9"5*FRgrAILK-#LIpbq7RHuY2tr^NY#P>UR1G%E%N?F3@+a/kYQj/!UVb8;4<5j* +%4QQ,OY^``"3EK,]._JjTpI`G#=+jbZ"/:m$RO3Y,@AG;I;Cn,?)Iu9,^h9W6>,XGc[9;(Ci2U=g\\UhbZp+27";hPNSnkI@e$p%? +%TOcPEH)[',<5YG1.g<)1\Yc-te7&>k[:I#Z$LPj`8F-Z2r2Rt\(qisC>U0lU<-8coAeBW`]P-7+P$qOOUisr='B$Yl<E&oZV$e[7 +%A6,JM&88/X=Nt;f4RC&"66n,G!8^AKY$B>+CjCkk&5[U)K).eAl.JlV:i/-n@WE6[#l_OE-=p%XS:55T4WiNB.Ktq,]BJA`_!+Tl +%T2d4r3IY*J:jBUGr!h9SNo5\k(@4_XCnp<rYf:5<[9N^C5rdOEY4B`>=<WbWFQfh>Y&b)!JP`VS]&.TGB<-j/-+T[cnLYnNi#_Ft +%6ffPfaU&hs"UR%k6Tkuo-Qfhug'C_8cp//T'uNsl&r?^qB`haKT[Oo91!FflRfHG5Oo\[je^I97A7gPU@Z:k-8=VCYfbb?BXAF," +%=?_Im+=kqb6^j,P8s04#aXZ>fLn%npiipJuE"=nNhR3H1_JkDB2WMs"?.n;Vj"NSV`@dc.DPk%Ze_o=H2stXK&!"Qck_rUjG&I++ +%*N,bL-S&Rjf82tia?cN8]eu73&Z*@+HsrSE@8QQ9=<2IZP30"6k-.&4?7jLdlE<t&d]_5/A*/*9TR7MCfPMAR^KD_D#,3i_AV3ZR +%\"lV5fbO?a^Z2$?HW,Z[ccSV_nu*"i^Qk^;s&g@+^h]#(pg"sk!(1=+W)sI.OFb"6DB3_HeI\SpY4-B`%/8#N?L2Q,fp19t_`G3C +%MRMR)\'"_(J)@>P/eChM=la[RoTB6gHtnJ_TE.N6'1UN%XgCGpc@i41/@&`\>bD=jF\8ihK$fGgieUDgN\Xb_<Y>3/;h4KGZ3:Am +%a-iAek/_kb(!BB_'t^G_:hIVW$M$oEW!uUcj$JY*7iW?;Zh4D7V]^,>UHAnAbXS6b3qr)lQhJ%=p"AX"L(ggQBh=+H8<!DfeGqT5 +%F[F[!4Ii".M;4Tm#L_$/WAhgB*@lda6h69M9?8TV#ajeD`K'3Oc23;J%E^gc\G-n'Je$]W.*-G+&SNU_&h8!@j`ISpUu@^\S^67t +%?9@i?$Y!4/HWY=cISQ-@.dg@f*`dY1e:q>0,JQ^l0Oeu<OZcYdjHop9c;QUW!$]_i;p,MncB)^PKp$)&^1U9KISedJD[,ZW[eBIh +%Q&7HLQkhT2?4$P.P<f1`>3*VBcqc:n,[Lg<S6i*P#oZeRVoR[*fm_0&_1Z)TA!WHO?in:^:]dgfnj,(`$;J(.\i:q(XJCi+G_F>4 +%driO%20,H($dtCrBt-A34)'shA4T3G,VE4C3Do+%Zf;sa#Z>'CAW(MX'Xbn>2[p3Q"6h2D`@F$jEL3]:<@=ORV:;f=V.HYt['5G< +%<#60n1aqkeH")"3NB(QNfOoq422"W.RVBpn',E%_?=E_*Yra.'E%+]9[,rFVodIQs%>*;-A#:O,3@l'\9;+u;p(2:I7L.kQfTc%n +%A@$=dnCa=""@\7cC''KO+4lAbX;:GA>'Z4*-ja$-Cr3$j&G9^/7S0LkC8Rj0)dW'P/$NDF6Y*W-nHl'f6O-_=^ce>.n+?28UJIZt +%$0jq`9@_0(\al=%?J`AbCmT9o=+/de2cmS/#=Lm'b+TPrU,=Eq+mIA]6.5`U)'5^+P;bIsUXQl%n;!@Kn2f77HJ\VY&Dg,h;re9/ +%K[l?F;%L"-Qn*OK4`j`?\OQ#adkt5,-ml1@Oh/T13b2N%AS<*i\INml7i\d$51q[^lj?Cf?\AO7=X6=PZcu)%,37LcEW)?7kWt6u +%=$!7$R^8<N:pI70CF*[*X;3[SbY$F$'2=[h1p]b-3AT:42]r^V6,:$":!Fl8,A=cf$DAg6P2.ZWGO4e*"r'A?5GkF[ZnlZ?P'@I* +%Qo-"f'n`?6Ch\:'o8S?kb#=ER*G'^BYO27``*V+.1!G\=JM5/M=o&,_1(bXSA[;c]`cEV`js;e$UdJ]ZfAs`nV[6R4;a-TF;+q6X +%1Z\tEVEm)XRK$>&OK:=T-daD4rQpGij;A;-J\F;e%?Y".p&a\Lk,e'++\m4'A2gn_fBM`TauU=/8LPWbdIfnFPb9o*s%SiFr2'-J +%BLti%:Cdm`ArmbP8]AmWEQUBoHC7S3`h,M-Ci-&?='hB/TJGVs4roimS?DFl%#J;FUbLgi]#0-33tt:B"!b7N+YD.aKp2H58gWJ* +%c/N/[@qQ@p8H:]TGg&k&Z_B/N!K.[O5cELn,WHJk-gE[H9Ok73_6kK7UO(A+_UC#(W^l``LP;r+MIc>9k6ZT+53$s:PVIlHWk4o$ +%Q]i^qVh.-O`p`/f15?iAo`NRiXL(gJ[Z'sL*A9Cf_-:N"[0E.4bH$?@2h8/00FgMi-j&0=77KqSB(kHP[q``5k?NQ=U)Y:"SdBs* +%;T/<01NI,^>VQmu"IUkk8('XZ[GEld.n=?3.UC\\`0RIuV%Y2VkB`,&Fri)<+Lq$AYJ@M8>,7bH3W,-'+]`3O!lpEiHq:43Q.uIK +%:PK\]4WNX;qX7JsMfR"oT+*&e?ncS$,Bn"O/)Lh@]r(r1/e@&-Y#Gsr5<p7Q"-BY^:8;+CkUVo.q5&j?e3>p.ot)BbqtNKLI.NLm +%h]ui6ZBZhN1W.`PR#Ob9V"@mBE+=pT>"R7E,_!6@WEh)Hk-CcgM%2Uu*e_]1=b$`&#[OBAO97TKWN6(+P"Ljg2))"D>JM4,q1Tke +%BVG#9PSupl#F6:PTEnssgP!LJjV+I3BWi%(M&8pUciLHI&`oOI);*2m=;g4o.74k)SLcIckIQOeYVcG^"dH]#7`>Q-cP_FW;W:Pf +%J1+ad+&eiu"TJ[/f<2:9<;44MHQYl\c`L.Y*Rl%a9m^NbIP!p9QqP1l8S(_@AYhT68hHB<h3VQ(R$DDAalZRe"?DIeck15A&B.@s +%_kZ\NR6%"UMMO_OPmL=S'UYu+'h1aEIJi#0l(omF&'?_g$9G:'Ii9,\)O?Uk.6f[@<Ac=B[8I!?==e5i<bnN7f<AN3Ycu`ZF(!os +%(qL[kAf\U>`=#Ko=jIEL%j`\NTe^>[]ZBY>d/Z?JW=L9@S&#_D*%HTK#pE)f)IaG51+3o(?ce1J,u`t,rXEKgc6@ttc`mofm&]9g +%,h*69G#0HGc2d-2,`S<5LslD\$8`C_:AYh#nu.AsKAj,RU1,Y7a+!e]Ac%:L($OhbPg$Ambcj'dEJBTc=l&ks>7]/<U7666pc/J6 +%%cO36d*j.3FU2Zo(G9hk_INZjqfGN_42-,>'qTdA)S6#Ee2hl$5k?"g%NF45W%L10n"4T4Zh4+T0Al@$rpoWdZM`X`i+Kh$fCn;j +%?bcO3mG$7Mr:0-uRu?$:&cVXdYF!jb`'=:rlg(mXMjGeB4]1`6oL=>\s5u&mobi,"Zf[T;pg<tarj.Ns4%Ug748D,@f:BRMYQ'TQ +%f!Kaf(t`FEg,t:"/4El3>;,-RgR$jEY.5L$cis&VS7k8e5[sLOIHQFgQ^m=89hiX%s.];KMa7_(qWshp\u."s'K\(EeD?TIYsZ/- +%#mS+?Z'/E/qF+t<mm<jWCT>$?]1a,7QB1fATBjflJKReH"@:*LQ>@RV<<@Y$e1\qKZ/Fp7g7\.@h^*.tZ.2JVUhDms=o2rEAgHd[ +%0\Q].C]^S6$cZ5nRBZTs;o2pG2BWns8)'82QicqeKo4.5\WpP8L"iW-gk.&r>0oVSFE3`o&o5lZRWO"l:(JpQ7$!URQ+h?8a&^$. +%_W$ff+-S$ld<;Rl:::EDa$C6->LuL?'4r(aT.T*3VsgO<ZrdL?;C3sYN3`WnG*fO+W?p9@Y1Y/Vq(9f$WOQBRY:5#0MldZ7#A!6W +%^TRp^2Ip5ffY1X,d8$(hLsANnIrj6"nFnN2P@4\M4Vd3jq"dV%b"tUg99oo:I^1kYIc&O-.E94\0d5r;8T$YOC]^rMo!n30AGc6H +%<8Fp&e>5[-8d1*L?=Ok@&n',4Bu\:hL-eeC'Q.?I(tcK@oW4-4<qX0\###Yr'_PRI0_:"lbDZ+a`0pa"H/Adp+lLE7-MI7`H\':, +%6nF:f1:X25>J=_^%YIo?*\/0?pEJAY#`]#-iglR4f\OZnjOUZ?qW`fEn)Ok4j]1BZmA#O,[XfZ22%43nO:?uHhDB5*N0hj8,F++m +%jj&&bX03CWF>sAIW@9E$e2n9NIhoLsE@YcTS+C/<XI\JBOgsX%'ppoLKh=3eSbA+*H<ZR]^'n.mPktR#Cm*N2ouUag_A1!hNffrt +%lq,rnrU'^=ARS1B(/"_#OK_#[AFu'tP#PO14`Ga2d&mro[?DrSX92?ME[aa"K-P4d<31=4g@T\cOjH$KN!Y?iMTD[F"?;#)WMehI +%`],fJ%]#uL%M<IHBB'UKeV;k=)kCI\jrO['=;&lKKQnd&S?tTA&1_o1R._mq-C_jl6s+ie3Nuam&o3@f^B+m["YjlRp6fQp9rJ7b +%E#4Kj;9KCN<n8Q0<[#t,6.0uHF%m`?%rIaSd-&CBJ"DO7P"C.<0&b0a+JL]C,](@FEX=3/138ChG/j:E;4E+%>tGn6b%oW+-j\Ai +%E&0(h=i)V@^R(b+Y_cYts5=?5>UiJr7K$R%gX,8>q!]4T-!-dBG&^3#+uhIMKo/7@!O"cjFh?e)d]Sh1;AT,-\%uVD)2Vj[McWB$ +%9S"Qq78%A,*P7)q([%%TJEeS*'K,I9Kqp>9Di:3\BMW:0CBI-1&bt,%`!OJV7LT[P\1*#`KRO4YX<cA%*YN7MNeAIe_N(@i'nd8- +%/Jpa,"XN_/Rg08p`&-&L-#p5Spp=SV!1P,$r-Z+J'C_>l1"["_X-61+%*=6cK`+9!-EIF:KB0Mi<m\)?']mo3)e34ESP:p/eB-2\ +%:'AUTnksU?H0kb0mdVm;NPi3(.#p^QAo"'l%ag^mXPQTiV#;@-CLeS&<Iqu*aAO,H=CdspkY+8L%DHm8JtI"s9JN2k,+>Dg$YAf$ +%kC0st;pSiHF=_^-=$A#c5.fRV=op#de/];m>7PgX#OBCTcUg?g))*rh$0U#I60t=?:c5i`K#8V9:iR<FM`WSpnE8MUQ6KlZ.\_Ks +%AP\4)-pgY:=WUZX/)5]a7&]g]+Ah5A`I4l8`scZ*Co&^MZ1)-ZFU@>uJgd"'Z9m0M82#$_3n"@u[r8/IRpup@C"=+!PelLQ`g1_E +%2T0iF^lrDYUUe.T:sMBb)GFTJO&1GY.Fa'^=LUPJ8arUQRdOE,P=dqoBZ1`#EsNN0?B@K?P7k1DLS<\XUu6pT:[t5/f80>b$Ag00 +%N.*/fXb+beg/i&e1XYEiQ%EcqDCB.pGu`PqgiFkNJ$7r8=LXR<A<Z-Bo+S,?9a1\2XX[F7\@bFOG23=@PPC@t?AF8-0'mM@m>aS$ +%DI>Y83-<)XL8RG_>EBE*=qk?L/e@'[>F;Nk(-AWM/L1,?]%'NNC^p"KkV9p[12(WO"K:`$9IFeP8Kb;#2f^LoWkVL`<_F*c=K))- +%(ZHD34i`(TSFDgWV0^X^P+ie[`,(o^L+E&[KZ)I0&Xk9(=;+:EclUX)NH5KRL9Zk%H#;Zkb-p'4LkrFm`'s,WLdkO(TBi2L%B+T5 +%Ket$U<b469RI,U%M'FX'!KE'[+Q6U.FI!Aj(Fnj"""FVg&;63RAfS)0@!ad_ZBU0Tf[OHg#BJm2JG*Jh`Y%DKhOItGEG>_n"%n?< +%m+WYQ$$s3S"IQ&E+>QFG!3L=jHM#KTJ$;@TXj.Fu@kuD]`a@q6:%k8]eJ/gjc&F>&X'&/a"9s*e,nXklM;KAd+(;K/oImdbnXdr. +%74<sUTsHW:/tNFJKZTo1"sF:h%6/XmL#2>m(L&Sf@673WcIIWN1C%RgPpm"XL>j6]nrf=qX'&?3lTn]@5F0R<NKP>M:X<#/g9Z`L +%W)6RACfSB@ff;?,eRC=&iTr9,`dli46'Q@``ENF%_G3RP%Ohc7hpm\kg'6&g]rkX,lnGm/D.on^_dJ?JTas3@`<0:[/JiPjWamK7 +%&1@p,No<UhE%Qh,p#((O&E6nrQWfqr34\ct=LOYu8rnjKJoN_*Zkl$Jn,ah?PB7s\ILIO2Tl1mo:?D"OTCaZQ$ssc44')su37U=d +%SgEMJ1,)/#BJ!@2icgZJ]^Y*`H]<`BFjdX]eFR[p?>,+Xh8N^;p/`_E:a/]K^(JKB)]gp'4)R!k<V8f!h1W8h>G[Ya%U^b8-NL<# +%DWWfD3jJFfR0uX%F`9@*q3aedf2K-@W8snlQ5$1To_-_I3]qFE5<kbj9sr"?`TDeajs;AN!\/91/^M'#`OHLc%poH>.*>Z=6u\c\ +%akR/Y0B\7l[Nsd'nK"I!njtfn=Z?R5hGf]]_'OoK*+$HWErTm?RSVkBjg`@*HBkcmPP^nM(`nG[cS59klM2Z6Xq7gAnZmG8P[k`U +%C/B.c.<3-r46B8b,p0DQ%8[/Kiamf17K`VRJuPKc!m_,e(mBhRn]i$YdOH/c`>9eZk#;^U=D1A?7XjUDS$S&9iGO:>/^e??W-%_7 +%1\-?fI57ppllY`4S*;XN)hNaLG>Rfuo[c2$L63dgIYY:[DUNV]fP-Op$%h9KOKb2(D1t,b)LT%V7+_PTE`X7C`0n?%N!7NNV2[\K +%keO9<=9UT1OIBd18Mn6N/*R&i\sUu^:+p+DF(2II'1s-2MdjsXIOf9;$>aCNa)`#gdN?qT;5&hd]`d\f=edma!H2He)f"ngFe$X9 +%JPM=[.)]SS8qj:o3=LjEiR+[21XY:3D'`Ygg4tFj#<sal1!SCEj/I="1^b^pb,9FVjauSI0&fePnaTKOQfk>6",s%=%ArbJ,kTFr +%6%@,o?LUk`i]Pg9-q=N7`<e\`%JLHt'<)o-"RD9m0'GS.Qpu3t$<8C(O&""@&IR6.c.P;!@-J5ff1\l4,]l6.ge8hD<9t;nJXoUM +%lND1Pk6i"oLNp8`W0t.+l=)9d4[8fp1e&_IcH^!EXeT1Ii+u&OQn%c&k0?i5#ITKJV)DIA+%1OGUg2N?cj-Mj1I46^oo=ht#t.1D +%ju0LK//BId930DK-:'I`9FAr$hU>*5gae.L/YL*(:_bT$b8:O+67#VCJ:!?T52"eFb(Nfg6'YP:bNoJ_@iKA-n<G@fe4SG1(I-Q6 +%^]L.'r87]O3ZDP&("'M9Sg>(UC+.\T`s#$#U3<;^7T?EodR#F`gc%L*&Keu!C[)rG-M>k`$PWp<Bg&^F6Oh9DC++LG&Rd$A&7MjM +%)iC,*"#pQ(Cr%BgA(W3BjsSNF/gc,6GpF691Rurj@ctkO.W9cTk!0?pr^[L^QVheF"F$mqg9O.)0g7R*g6I)]-1M8f4AV[h]d/X- +%Q$ZLHWI]pu"?-koGKg@rk.a]DnYRa#m1nXJY`O@@&PO'\<=2Ra"(f1Hd\161)1('L#=e*I@/b^64!:AEMem;`[Oac?RM+W$>ffnh +%(0qd>^W.6^]/o^cN"r/sW6e1k%l\g0:A*aa,2a,rc\"OZKsno0Du;a7(_lY+gn6<B@]SdAajBp6!Zr<e6!\8":=MOL\9f/%;NP!H +%"XK(^=+K-r1qar2<c5oKbk,Gj^a*UE2n75e)38s3SWJ_5[4WNu!rh8ln6@e;OS`cVqO%hF=Fn`gO/-3!^u/QhmFnC.Yi0Z=7@8ZS +%4E_'t-3iT6/V4jccp5"sN5fbG=-BE#9&>4O:6REcB![8(n!8V=<'eg\,dMZkdQ,0D.B`;0`QgU%\X9D,gW&#lo%<qXl(E#EE"W"[ +%r.>07Wl\:%#))NV8>E<,XR<.39gTB_@"hXkf)^:VJmY0:pqMo-d<mZC_<_)o_dR^,3FkgP&.V#1W&Zo#2!D:G;s4=[M97uE"Rp3G +%OBU$qF3IX;F,1%Z,g+b9^gpW?H)d&9KH)CGkgD4k))c79MlUeDYbP*U#`pGV$>4o4)Gpi6+_`q<[Y\E("^3CfEh!kclMjk'hPWr! +%0`e]64;;*741)%NEsil5.a"@9T0UUOESs==eH+/'JJ(-8,,4@9+MN0.Q1^g\I7'?8(Db$ML_Hi_1]>"<N>->%_ASXt=0eN<K5'_P +%J]M"Ns7oC@3`jjZ8;e<EM/bi,-U(LNHd"*kqD-A>:qP&CWN>/$(4@]4O>\j,7V(SO"6,"HOSJ]braK9u"/2QaY?>`,Amh:AW9bP% +%-/pGM1,KXZc^0UsZ+5"Uq"p?W&HY=KTR?*?k=(udp00QhU,,c6"n5W-0Lk+);/'d'7Bj6h)R+TVIQb)iV.0W7-<,3?1is2lMg/[! +%CH8.\?5WHrYeQs"Eja>GBndlC#ce9O:8EF5c":Dn'&euUXrAu+_?5!D4'AB4YQ.XBn6=V+$NjL,I\_UOirK[2b_pu].sB?W[R7Vk +%A.r$iYS[II`DiSdILDT=Ul8mK5j%_^$?[LUk%4ubeN2(L#,og@-,'fr_@H>'g&]2N[A?k=Zfnd%%'"hSAS'VQEu$-cYZD4Z.eb"_ +%=>[?&_^\PP7TR@J(K(dlA.O;p.'Y?$,;!]IAg6\2,W$W-+0-9Z;522d<"(>"Cqk!#%a[t>FA9V3+d0IiTQPf(Ke"IXjeG^B"/;E> +%UXU]"@pQl^E#VUoC6&IKqSR`l&W.sn,o.g6BO-@Hg<e4IRF14"UEpo.b*p?s7`f^M/Q15o88)*=X(*0p1Ml?-Lu&!5iJr^%9tI9- +%Ql9X_f'`/1cBTfsnO,?@6e-Ojl79G'kL!.Tm($Uc#gmJM`U44D+.sZS(p>YrUd,Z:>S>?[\u^n7:$HJ.,E.RAWYT.fiW2AJN3(j4 +%%bOTSN1i\hV8MjT!,iPAZ@VgTcbr&/dob/>6WL1^+`8#J'Cs#g_*ZN+=.j-eH),?dZqA]hKOe+0F;)/;,GG_F[gpD*Dke,KSQ,1r +%S+T6m(P[c3P&(a6TW0qbeun.F$cY<oK;n%_gd&?UE#gQHGpDrnk^!gV"CS)8h$,!+of^T8#bDCQZ4=iO-j!MKp@Tg^=;_j:q<4UE +%/r;I,Oc1'3KUO3N/4."`?;X4_AG0$%L)LZ-"t]OE&%$-LQQ"9ePGoc6O5ikbhu[':FE@H+9`,s$^pWi=dKc]+JR7TK2Rld^iP2G^ +%?4Fi].<d\rTC(B<#N++DBNKoMT=_./&&2EJfL!*CSU[a\Qp%+eN+!-)esRE8L%E1"B!R3U?@FVH6u>E9FIcgho'X1hna%l?!6#=n +%D#hVN6j=p,XnCn?D7e9"%YlL9TtiGk$tW2&K2TiWO;AIt!fUe%=0%2Lq[DJaSTaZ2M7D=AA):$AMoiate@K?H-.+J#0X$n=L%Nb" +%]Uf^<Q3cbXFoc"P8mEpM-CG0o1#+p:c:]ufO)?b\Rp&QHC2huENSs&J-@Rr>K?(k5/[Wl^iN-'17pb?)AJ/#mSK-URDf[=fBR_QY +%hb8_K:@o*kBn0lfnEL#\I!Q#0J\5`*8W4s0?k,XPH-J`:#<"hR>+>c0UI9ma!,VOK>_,l%eFk/(F^dR2kS>!7i<H6(BXA^WCW[:u +%^\[G`4e0G'A6?p@Ho+o'A$oF[.?gK9+m7B%7Np"k9_(YE"(d>0/65jQEL8"2GS+\)m^<7uAg<%A+/ROcd,GgXl#,Ege_$Nge:7af +%gNqPgYZ7t>m+!dY>3aUHDDa+C$/HB?!d^,Hl:1+m6ZnRE.Bk`[/JXW%#aX+qME;DTZg^-$hp[:7;p+p#,-7*K#%p0j!"$+mSY`V_ +%T:U846@,qEjCs1TJJaFp>D!2cKW&f_NJs7,YZS*%AS[,a-X-MG0juidTSHJ%.:^,"A="K.8*ik`^=6hL0ML,9(R<UX,$koLRKXJf +%94U_M"`XY;+P7[RK&K2j*^a#'_:f"9V1l#PKk3_aQI:i=Gh]6c8kSM((7/,76NY+C/]u1gj)4,A&n*8(\RD=cB$!.AeL2A8-_URj +%HQaSm.5!J;1]Y$fP_q<gjA`COoNkU2a+>3AC_0ac/7i!m.gq[P'APjCe9E1[LbP=;BU$\pac<X[:T;F1-3I3;MnHj7QTA3cSoYR7 +%Oa8:rPGU.0?d9N&auIE5,DNbk=M+KV>eJip5Fc!oYd.DV-V"P/*YX!-PEo;fVB("0V1goi_g.&Fdc9>pU??N)"\c1p>?VoH.DH5d +%T*$:>N2W(S%H_o*YPr'[J/i%Jg?6;f<L2IB@a1s3MdT'GQKGS/<%#RG,_4mAYf>Vs#4h$<AhYISSY<fR2S&>P9T)'L\N/)'s/cEZ +%VInt1l1g-K7WIage<u@/a_1(hor>\=:/)]HD*T3Lm+mMs_P3HS?m;=`bq,KO1PhsPDS?sH@)p*m@sQ>Ci_gBDJSQKU:`Vm=<M@B7 +%%=gml[V/;%e83)r[DSY$T1"7)N4ZFLBNkQCBi4@`/C7F:=:dWTU:Ir_(S<2I%h=FT[r.)%Dq#IRoYSOiaORqs>ol-+I#@&]WY*HJ +%Ak1H\rB\95Br6@caFL!`VECk1/?2uq4Y>T:=g&KI[T##Y66P5Dg$qj_'hE-f/6C2\bA0!IC^<ZnaIImGQG@2W\%19((32$9QlCQ` +%`L_7],:rNo8u-256"1n%+?0b&2mSb=>d+/f,7si`:`@XfFum&k[,#P+Zttd1P_1)l6PUs?^^'e#p[EX;DN@8^h<B)"a_?Dn!;iBV +%Qjq:pLGDDjXT>iCR3W.JZOeaph(5EqO(\M_*!M<ugea7D4lS7u3@nj[ke/mYd?4gi81kGu\t^1JD%DU,j;F9@7mbs5`_KflKq2$l +%S]!>_"#.imY;j12^]H;&Ajo)tfPY<O\+"Apm4;I:BQ[^;p6Lm"X],H[]@M4NreRqe_7VAbe7MTTbPS\,"S$u1$'/b4Sfu!;J<?k> +%3d@8+gd$2@A6C;fXWsrlFuef,+i7T=8C$FBk!leqHHc_,MP4E\^ck%'T0YZ`*l7,hK7:rl,VTI<QufaBhM,"/_gn&%62P2J(0<0> +%E&2iK2UI;D<LCI'[%tRO`)\$+O+f8OfV3r!`Y$@*k(g=D2+q+0W$k`%F3)LY-(bP^eX)S9^UG]\1<j<picm/A][]Rr,IBe.[O%\Z +%%H'b0D(T+LLaA[o+4`jf/qTp10C*I;@nQ><P\;fSL'4;jkD=aif>+Z!1t@fl:P9c4=JG<Xd+n^e+tMHb+@)<Q^7<oKCS!#IH1N\V +%`BR-kf!J,Nf/Z.%W"o@ZEQ%IjPOUt&#opOA9273[`Ig=8I2Np:N#hYTqNZkCgfMrFQ,&$jZYPt+=>(f*>G2u#QOD@'Y-CTS1\s8% +%X(VIqk'l[(N.09,f84>\h5:b>_5=kg/"8JM'>4PopZ/W9G@#^bJ3@E6I5r/6f5QgGk'3rr3-#m$4PZ.k3L5Kt,Lj(EJ#U$;KU7/i +%;_ii<eem\1F/r,_&RjJ`_/nq2Q;tpfJ?E=2Og?@mkYjsh()J6%qebQ,CGLSk$@.jinh-L.N0\mcihY.WAt#?42%hlm.B-6f9WJ)% +%TURqo=GnJV-RBMe3^4OB:SrM<M%b$%j@.IJ3\,GH]Jufo?j)ft#5J`Ff$](LP1&::!)[#I[=QuYPPLV?5te)s&8@X=;6uo<:V#0t +%?iio=B!T^H^tj+L-H(a5ZP7r6Dr)oZ;6(S#+G.5%)U:/k5Y`Sr0K#YA^/1d^hTo)bl0UoN'@[UUP=m4DiBsZM0Bqr17>g0HaqR5q +%(g/D&C>h]8Q;Ek_)"fX/Tp&`i,1O1p/Kl.B.&Eb^/"%Ke(q2kqXN=Bna9Oe)Vd"gNh6gRo1m"Qp!<&(,'?Zj.Rg^T4AIVnaA0\jr +%:a2dc^P>6Ukc^Lo!C2iAZp$&^LigWNGoq`p72f9?V$L1Y^<Ch:/-VfE7E>b',kWYT3Z^mOlRPT*0n(_T2iD%A3,>TP4[XKZWX@ee +%G#>maY:JDL*d%"Z"O7uZeWukYf+#f9qPAdEB9sAcCboQu%lb<CS@h"#H8/GT]&^:VO?SLQB9W:ZFq+p>%M19.0(_sM_"p=8.4X-K +%Mopm_V%L\!TP&-PbpjoiIOYHTbRPFG&<34'<i6;'8k,\h(^W"8+#=Oe$83Y9QU'"OeY8#EPd)io.m#?R%-`LdGQeWd>e=J-pVI8@ +%8@t2&#,Apl)eV*s5,g(i/JURI[`Bg(MsG=ol;EB3e\@a*e7L>\/oKf@6Zrp(%k0c/!#e8\mfir_1TKZ5[t=dR]M`0H`"#\QQXYE< +%N@L(/Z_o5uX_$T1W>PjMQks@fAcZ[]^`-A(>cYOB9>d,=RMls&YS#NM(hcs$K>17Iqui<WT0P.dk2ZpgCpKSDZq07$EGDA_7ZGAf +%I5^3m>D1)S9]dn$E[_mncJW/XR[%S<R>[dd99Mm_PM"JI<7@OmLbWQbp]eE0V.%q$(cD<p?Y;XKXjA8_1Q9WEXj',RAc3dP"fUpq +%/C6Q17MN\)iTI'JfTa_Wot#N@2-.o+W3RlUK7e1.JD5+&bh>+1[N1S=oke^.Zjf@XeXSOgP_#)OD=/9AD9tp0K--;XO(i8e92uK7 +%L*Xf($_C.Kf")IUoijLlc"JMg5[-[EZ9>)<k,+itU1ukF</Lr[Z:IT[*<6DP"at-N8A74AA[,dU0=<:9#b(o#bmL[,mn;,,88>ba +%U"B!(3(0j9q[I!s"cC0O\7IcW!#/;H2<@0Kk/jS9WX#sY5C&gDQZ?_+G9tbuJr%9%-]<Cc`)N<\S%8s-Pb\Jo(,BsA.\T!fFLV0N +%^R_&SW%1RWng;iDoQ&s^G,DR7&PhFOUtuN^R_hLlJXA-q8URO;=X7!'"`V(Nemub!7QNsG$glZ*nL7&2NXM^a>@*?t@%oSen"soH +%q^pMOA-o*Uha`Sjc7JMP;8E-h*,jJ'G83S8=_.R?8`JpYl\]a+8;)4r.!QcpJsH7`aDVC`+b(Fn%]$hp99*T]WE5PBJpC;'_.6.6 +%qmXarmIZ`O:E8Oei7^J!31C,s)(<U%Vt9AgFso+CD>"@KL)e)^+\33^KZFNP`dYs7m-nhPrbIKb4-T0Whqq]=nb2PMc/nV*:JXF' +%"P_+Lq!@b4d_C#Ss7F:&s5g_VYBi!srR1]:jI\X5j^3K2iqGAb0D^1tr+d)I_oXRHGgkFBlcIKQIeE!;s4]"$0B29rLQc(m2ZD=C +%S\9?ms6NO1q6/Cgmf)79n%[t6qrP#!DpQ/TrR$Nf]tOC0mAl02o8B7!Va$gRrVW/.="eJFY5-t)F*[cIo&ff8G.2tL_E7Yfo/HE' +%_"nmsYWa['lFZ*MnuK6</md">r?&,[`Ah`g?GCp]jrku&`Yd([];,/dm.J>9D_M+eD4g1`mi)[tY&7`'45IV4VX(]mIlMq!p,DjE +%h#e#=(sTA(GDGbcc/kGdDuOkSlMe%nhgE6^Ddu=^3rY%]IJSkmg["[[e[IK@0AgU:o")KJD]-:!H$amenLq@ahgTWl^5]P1]\_IF +%Qe-"7ItJORGP5qSDn`op4aV6khp]0N>X.`ik5O4Y'HXq2n%Z2Y[Z)`g];>Q,U%J9O]062^o&Z@KCY!h#h,aBUh7Yn)D_<[BqTZ_- +%bB=)@rpJQO0CKjrYQ"4<?bQ=0S$OdH2TA$Grl)ZDq"O*t2toN+2dcOH`VH!1hn6XOfg#?+c.Wd+M8s^N"Rj"]IefIkY>7>H)GEB* +%_=[Ef=]Z_QrVksMp!I=(QH?LrMrt>NR*ml^F0q<p(=S??8foX^UW)l>Vr25C]s%DW/LIcj2Y,?>/Z&t\9`K/,p@[apZg1u5HM^Y= +%pnKM<LKPO&XnR8XQGu:7-U+`g(s'GRo_QhUhd$*Hnr3SI"0jKHG55"Hp`I6LqXqgU)fNVaieI@1Nar$=*/s8)mJR^gnm3&Q,Nn"H +%SdP>b?6+,<?2sdH&+17k?C\cYFa!Y6[&2^WTDV:Zj3?]YRhlU^1#L1AEUT2Vm@(5"gK=Bo>>D)A1S*DZT)Rp0cA1d\rVufb#5c:Z +%Y1NXMro*7uB?+*>#LMMFIs#ZLig&AlVrp"BDJoL=]5Q96P!?KPa5,Vje(`W\cd"2X3'Y$)BH'6$h<jdYE:aV:kJ)LnF+&',!,'8? +%`jF@dn[P1J>eb`/p4.."CKPYe59@<5-ZgeUC(O0u9Pi'KnEC'(5.X,[lLN1AcRr:;i=G!KIk4I;NSR?*51aGVQZ'UK\p1QH`E8`# +%j`pc?c+u,)iO1H@lKD!pfCYf^FkuM/4anM7+*D\'lh;IZX`Q]gnh'ap`U.#^MK`n+X7UmZnHHW+h:\6LrUR3*NXpO:\#$c#@.k-0 +%N?86HEuMK=Ed32:G;FYs,"s>#V>l=dA2Z6""(3n!^A-I%X"V1IH[55=[aGOI4?UaSDJm5fk2t4=?gkUQ2Ja1J`4,:L6V/>69>8&d +%FgdRF_jVTkrsc<"A_=oXh4D<mI![O=c9L&SFu?l.3%akL\<&V#7Xs]W[$CUiM-iUhfgVOq2>!T[$,>2M?Mn>!`\tCmL^`'gDDs?D +%qZlkEr8[$B:k[^jo"6#"M78^@r7+iNrZ<>FGU$_oJb"UUJu8D>o8"LahJMB%GfkZJOV;c=%rV-hps%pdDdT'+?X-lA^\Q^=[p+5? +%*dHSF7;4]#hgWqas*c*3B"%_'#35etG9]1^?Wm@,q);s<f,(X)\9N.9rW&_n=5+S5I^aO<A<._]^MRI_qq^+S[3("]hT0#M%1)\Q +%Sr2\6X8h!Ys6.0Vk@P0^X*=79__E`$@\H!]WS>K;G`nf1Oh'A!/@YfVg'd<Os51rTJ,28,\W(T<<0+ViIU\%^jc?$>?XBirhV[W& +%q=WjM=8.&L/h[-9,JFuYn(kCZO+,D<^'C6WJ+in<4J\P9n*Jf`S#[&&XsmYig\j&i+,Jg.3kF>c^A")kH!\*cIql1VgHE6VX)dC< +%]=A^kq=@[Sf,&'=6%7+-hDsKVkARQ\^*@a1E-tr0jITQKH"Sre?XCIWr7enp\\2AmbXR=sS_hgihjiNZO$n<eh:_NA3@rbC*ToAH +%d(!.Sg;k,<ZgT9HrMto_fh]%5[\Blg`R<D[h!\GcO'u&BLr/]hZRVMaA-kFc(rTIPr^ef"[Z/!C@1XA[KW"\scSlIS3`_ml]ZhDc +%nK!/l)gsW9o&OZK]RRLXM"?To=.ZG\D0Yg4%trTZp4!D\@OjP'#_Z:tf#IoHfSFfm"@Bcq,ri]MfSFnCa\U_n0&3?QH5i:L*t/G6 +%O$JN'C:"p7]:XJp[rPH>Em-HtpRcaGilH?:"MU_WCu-PAp4k`uRgEAL@e7;_eq1g0$9p*$i;neM>N(9^8e$W:FT%'/@X]h+s/GUI +%4hnOQp$3'<J<(H?Nf7[:pcJ:;n8EeM9Ks&_bLq\1m"&\-O5H97\UT+HX81jHVW(/2GeB]0(R0oTCh"#\\=b`8'up^IGX3?t6!`:& +%XEo7XW;C9R>/P^#TDk5oo;FkoYG^FR['f46,<E^HY,@9'`.rY%D&q3sR*bIpYQ9dl:&d1CA%AUHDIcq2-fk5uOLgFRYdG.MO_OVF +%:WNc9drTkUFgF[jYlU;bLI!WmM>o]J';,1%Fsm6<54AO-s520"5FcP"E&6eMaXfic^]/.n3jqFBoDg'T^D14:".4%6InO$+gDIqm +%$0U`qG%AHM1?"24?q`P(fAbPCZT#Y0s5(?"IX1JVjn3rmo:LD!XQ,oqV#RL?e=cbr9@c7V@q[[AE#?<=,IYr"q#9G8=5VlI?GE$p +%J2;V6+oL<d7OfBBR;ut&a5SO>kaRN[m,b!,2#OVi>jjE@n`_+]NFYpM3>HIRGLQX@HrJ2.PL'!VmH'gUXtJRIjf2LBEW4Qn87FKA +%[P7dIkYBa]:@72Tme=<,L?-ujDC9RKVsF'uj/mDd4Ru3.-DNaN)0L;0kVa+I*Y\tYj5o/O?N'EEg%SikAM-4H7&BjuX[b6\id>s5 +%2tFO2qL"6(rd]4MV\?>rbtKk8i'-&F`]cj@pGAqQ">,Z,3f[([+*fid.-8Q*9)56aa>$;tNHI3M.C[\$:HV8FS'/"MIf'!$"jr8# +%@2quaS!m-m"T&,WeZ52.56's9`PqN5rFB5^hVYEX^YXA;\'(7B(N2LP]m0AKc0a3WWe9fYZ]/;UG!A,;innS]lX0hZ=O?PN+<:oe +%UOdMDOPYnHoUF%<P1OVY4FgQ%]dP]RYPKn77&_aWnUW;R]Q7`acfN^3#>bu?N=<c%qa79K4j<&:.4Y<Tk2N-=nD.mKDJBI^-L]^D +%YP[AZ`C$YQCkN)hDO5R3AXVrK2qNF%Iit,<]jC0l2Z;PrBSeW&TK><N4.$9+?TSJW2?pSDo1,bc?[R3?hR2k-UUT@6osUf;7D(5; +%H=<_pdG&^6[N)t4HQ2A9D0bTf3I4n)No$(s\)gHoc2BQZX*8[a]j$.[B@2(<D;VP'kd?j-S&qQ((`c),n[J9(^u9l>o?Vpd[OYbs +%n@3:G9RH^ZO6aWRUlF.Qqu&^srR*:GD%,_QhoeNO[JSA,c'oZn-_I\k9Z_eAL\oW`Rm3KMY.cV4aN<9a;8j3op9k$Ga&N!(jKh&o +%'n7Iu\>Q.^De7LlOG^f<Y!4fZs!)j52R;kFqNu-c8Uf)L[R!Xbpm,dZC-'ecHm!@\<k<aUQ2(`"AN'7.IMA#%CFAJ^#MP3&1+,Ra +%R31qd4/Q_1_fj\*F*Mm?O%FHMaSgBLU@TJ@rqc<,-D;Uo3taL-Ilc/i(G@_SY<Ku$r6+tpA8\6`)g-8#lYB\?k.:QdUFl#rgCd`( +%2'-.)HrTF9fsoZ>C"Ie'c.U:0muBN(5MhcNN4Pc)FL6[\G0kC>?6AR-c"T#,VB+0pdIjEi6!NUMd1/4k5t="MdnB0Om%A]DhG^%r +%[Z(UK]6j"[HFMAt^[Lmp]??NO8/=j9,Q66^hAsKm(D"TEr4.km)$Kg5M^NiQ2A2T@H3-"g$2E!(gTTJJ]!u'@Va&V3%/8f5kuJio +%61WRZl\jZW?MsQP^(8edeh&V<I!p?_FY=HtfgaC<V6b@NnE/m4mVdbAS%?1@4PnDZE28!Z6&0HUJ%9q!*pI$\6Md$EJ3;r@)M3)) +%h:(oemFh<)ZWFoV\_KfSS@/-*\+9>a9Sfqmq'#%Hp@Ns-?JcdOp"QN3o\K,Jqn\t1@9$G'GW14rq<%UE5@)"7Ik]J5?gu+j(t+t8 +%5;mP%^6SKjIU^g?Y(NhrGOZM4_Z.74m(`kmRB=^1Omlcu6[1<D_rE]9KD^LCc8Lk^Gk<&+lJBE#78&,OhZuC_*M#[*NA:>R>.XU@ +%eF\aY.6`24rR9.0[r^JgqVk#K0A_1gs(iWQn9DUb<dOa5["[7,rsqD"Ch=4`TIjbeprbP'NMFa?[$a+*S*=F?ChuUuqE_3[NMNcW +%5Xs3l7WUDTN^hLFBNc@od:bQZ9h1uCBJ^`G1i:1iHSh0LBJ^_Cepe$:irdS'HecTHSV7oFRsmcBrC.3kA&A3,;J/56K_tYmp!(*l +%dsF=48)glb&dJ:-e]l?eqeF%Cc\@<HY?X*^UJ83RK[FT5rV]_%^SX.>Fk?WWX&irss7Q2ELi0pi42617rBG/=0rr4fGW^GIjt"-A +%,P)U.k#U*o,P,M2mN-i%C]Vj@['^q_s8S).-$u>N0Rn*r`CEgLHRi5)a1C"hDT""#T'L94Wo2g5Bj,Fi#mP_P,Dq4oj@m7fB"6.[ +%K1fuu@mk[W*[,PF<nDa="1ltA]7YB6Q147Vfh>TI6$:&Zd#**=($dOgCE$L:W*p](//Wk@.u!dRC0;XHP(Gjgc[Yugk5+'<>09>& +%N;\3da7Y!t?i/YCC+LH\p\LYqRl<9f,6i@E?L(DQE,Ve9qT"R']Dl\cbKG%0#/?^ll;+>_^Ce0K.Fm@c1@&q`lh;IZX`XNHe_lL, +%fgai(D2mOHce&F:mGh-RR@EFI:YAd[re.1c/$JFUT!GJ?rNT/OYmAqp16]2*M0mD1J%4gK`TR9jLsRBtmmp9\-%_;,=(;nIoqQ1m +%4uR<!Xi.V2I\)_#3$gfMVj,$M^H:a'h3WW!ft7%E?+p8GDW-*04a?pcYl,n$iVQEhefL$'k6?.grYtUMl2N^=09^3^O;QE@:B&:" +%Gd'>Hk-+j;L'BCu(EJ>75+n\@LQ.c":H]iT)p/'c\N^,pF<d*n;_mi<2fbi=SV$kR7)!=?F9;HK)1',sT&YfE\k`Z_D=qfFFFdU; +%LH<%0jVpdSIHiQEhM$*>6L2*Yf'ra*QJXt0V#T]Qm/$D,mt#*>[r8Irs)!\Wo-'^&2eQK7jjb80R^d]oIZSn$S8?-=I&G;OUK-S@ +%l!KH4l$`#rBD'36Ch+drmA4/3pX4EG9E%;kQ@;5%n1X`srpAh77TT8Y1AF$rmt!Hc5Q'oU]n:;iP1R\d>!>sT_%BK<"<?/309mUd +%c1^o_Q5B-oY?l'U*p1Z=LRjA#iu<Ft2'X/LEb%7[Iq$ff]TrI<;KQG*K/fOfaT&ubH26(HZ`Ulta,2)hT7?R@?i@$L?iKZi9<10A +%U.g_'It)P<a$(^0J2e;6Y:om$H+j-2c[Pnr[_`"9`V3G@h7W$RI=(\<`U!Ql6iYB$r2TeC?bZF(D?#+bn<nWhU/*0)=n]8qs/5Pi +%M7)E.s8$O9'E.%irdXjLrZD0n7GjZ3PM_r/TE"4P?;a/jp=X.s;gF[-S5*7-oO"_k>]oStH<\j_83B%N0qOKN5AR55ObK/8$fa&3 +%@O>N1k,4SASnkZ]b)sX<=e4i"6GiN!(29Fc\$pMN+8fu(eg3o%FYO+!Z'oHlI^S7*r`JcG^T>b%%?Z-Vl@7qDBqY)IW;LAu5Y,#r +%/L>[Z1mT+P(nR#Rb/q2;2W`N)c-u;9pQ9H.q\QrT,jZO"26bFlb>VeWI9(B\IVGH.JnloTI8t%5#$`[Br0WB8-N!_IYGm*(s3/*J +%Zfk'?<M4Mfp[l-0cU,_WI7SK^(nOGRdM-pZP:Xo8T1un)/b-buS$$>e6`?99[^G@&$B@1`T/iM[J)6\JDMh#7.eOP>RI*3R;fD]^ +%r,&'<l?F,WB=1JH"0U140_d>9""o<N4n*@+,l0]n:eC$NiWT7c4u"A&+uAO4m;;6]#qF.tY0oT$isEGW\8P]',/Se$ZA^>*YP)TJ +%b7Lq@I$!`>V;`&%>_lD4gqGHHhI$mY7fs4Li3KZn+to?WI?iq!En'NSOQQgO%:3)@c]?:E?\jlOr`CXV(8Bp))7/alP%E\IBh/OT +%F0T+jHq[7pdmVB+XprlEKsG^qTuE(h'Tu.-haHR:3F=?(l_4j\D%l"n/\ZAR9&IiSXnH$d*T-*ImG#$00>3okO`0LR:4@,uG?.D( +%ZA*#69gNr:ErDg);V'LTo2R-#Y:C7:B>12d/!312@C(kDaBce9;6sP[I2BH<)lgB9VPl`1>[LiEM4.tJH;Znu^KPUU]$T']Zj0NP +%p!/S^l#EPs]:7D8o<bH?G'WQCPZl^&&\Zl?)g?RRq?ZqgipWJF5$_$@[60XaH<.qJA`H7NXaYK[*q0-ZYIKeTF?c+7.")V$.EW!a +%f!jt1MQ8@VR3pdb,RQDeYklil9K]X,Uos2:Ph`n:ol]Km]_3l:XS6T3ae\n#;judh8c=b7htQBV;4jc;[h\pDJ"F;83DH(G?H#73 +%-o]5smuk]XQ=:YB^H-WIas8Pj06c(P^"`5h"C6U3cZe9)rZU+_G@-ZMZ`;4JmOQe:C#U4A^/o_TqRo^KhmUtBM_"Y6o!'NM^M5R] +%Td7+hr^,"(qT$)$rr3EbeA$+4Z1pg>?0/_\IB#UC=a!`5A9N?^A'b#f>K#]Rhj#T1jAX&=oW95$(/u`UX1A[+s+7CF(:qV/YC.M$ +%Y<$I<<"1lmI;eEcom_J-df)k%.`'r3b/@r=(HF3*EDEZuhQL+hDNU*OSitt<.>N&(dIB5lVbKr^QggWZ-9IULjBMUgV^jV"rSFS; +%n\"K?8CPL%kVn7qIF4bN7ZVZ<D+!'8TAE8.5b7]56iYIt?-W<`R;s'O^W:/l,0X?CO_G,D?8=[,FL`)G:*KB3,__s'ZhLYr!S?3N +%q'j%k\-LFUVlFb>F<0rQ;HIs,iXW?P.ot3sc2!<!9S@eMEsHaSNK;krn*c3K+8q:eaIV]WG>07Ec;0YU#-ncL^&!b)oErs\@a8,; +%NZ?L&O+o02=4:C,W7?@$.qtljX/EhtK^Pp5[MJP@o&E+IcnUfp`I#0,EpnpU)IC;[_T'Y]efWEX<;?e\g*3jL8lb.<7OG`S,l1W) +%U>f9K[rugm?d^Bep-DWmYFiI;H@\"ieM#d-^3`PT_Sf&[(Y2/10:L0U\%2mlnQZeNmsa$[O2AA5-H/tkOG0dnXo2h\MfL8lWF$`p +%\k4'@j0b_e$eko.J!T:uA'RN?488WG\175VN0A.^9M\G_bopc8EdpJfGLB?/T'&2ag5;'A2e8O>Cp'Mt]i4%("RJiDnP*r@hGMk% +%pfaLum5^a[-Q6AWaeA5=jKuE_?(Wg]s1<L_6$;3e$ElbqI4,M<P$Qirec)$'rPgeA\P?.S.$OR.TSl:"6"Sl5]%'tt3#erRd/6=1 +%pLG*7HSq-8ids[j?KmDgkmL+1TWca0.(d"Hf2L>tQ>Efc71m+[&m<it=)`JNQL&3nY&?JR[mQ;D]MGiBEQ.4^^e0#X;r3ppM&oE? +%)H38GrirH[d&p&>k-ahG?stbD+NP!D(*5V;<SIu]#14L9<`brlm6B)=Pk.=JUYdKTZ$p]e+4R>Q"P+tK<gtIb]Ace$F-*mr$<XPg +%Ac9'p'"SOcBMBbj:\DPc):$.mr@n+\qcI[\rgqX+1Nn-ZK=:(h+o%VW6$@.68sFJVN@H9cS+nb5AV,K`mrgl8Hp26^T7=:"k0s6; +%8)-%2o2/6&(`ZlpWX%i9<N=n1oSu(9$VPUBZ;[4).=HPsRe2bQ`BtOqH."46GI?(JFRJ5\mG_Bt!St10N,fcHORG7C3ZQqhD+fAu +%7GQCem7M`arS8PFNt1f[2XqK)@AGtaB!sXfq;1@;Ib1l_DN7]lWU.N#j/=V=<tXQ^me9%ED5/U(GZ2\ZMSA;`rR'SLl+K]jdncRb +%JJ;Y#)nkt#K@%)'&M9k1QC3(]"k$k\SoHr\>o7:Ri\W^boe8gTW8pP%QERiu^WWJ2^%,BUVhhSWI:R2Gf!,1/r&on7U>f/)-7<4\ +%PBg8PHlrfNFjD[5?;F)VG=\\/V5b(??(G+FJ1a7CnTgiF^5B5TkTKHbpUdp'HW<#9$Gh.eG:%Sg05X7cj1@q<-\XL6(PPX'TGJd8 +%Zej"GT?k@q-!Kco</u"a1Mn-rLgB5;Ed#F$pQd?I;AVZAgd(S=9tIQ9ao/\EA?andoHLAYP%=sra;d8a\laA/Zs::39n[gg:EaoK +%Njg`W-IdS4U'Y&4W%UJU'@Ca_a!/84Hm-qfF^\W/;I&:?ENgRsH.(Rq?8,0A"n)Ljk"/pB$aF0eGB(db*p]<%n6:NWs/+'+I8ib& +%@teLZ$?CXJR`o5SPLnVRM9i8b+e>>:X>R^8b2V]U7'RQ%O-9piZ=>'6a>,H^$FI<'aP-:@[GQg<2aV[ZO1dXjZt1#e\0t^g\B/\] +%(i!$hg#[fIWj.VKKV=l<HGuh06H"-9!li3r\Uce9&E[Hj/PdD]+KF1u+-n;n;n_5>8=Ak-5$6D!T<$[K`5M,^Xf6Ws47a^6,/(H[ +%[(aQZ4l44kH;*B)jqC?FTfdl'qaksDQFW+SgaDH6[J<5Gm3c0m(9;Jl^.A,!+E%n);f^7@a`#UKGZdGRKm6s,9dk<@$ZiTX9''9C +%[V)%:p@cf'546%u<LCJ6n._$_S%QI7rQcg1=*65K>k46&@I?$6q251F)0@UiEW(sj.$;s>S_"P#\tBB\bR@SF9d+Mt:!\SF@KLbI +%)HFKLk[_BK73Tfms(?N'SZ=]DGeUfd\BW)jnD3_BjC%&d"]';62\2s(_\:lKni!GAM)9.kCI>G-j!)/sB&/2`I\3ZuRhIF.i1"KW +%Ung(RA7/8OfR>,-2sH;+FYj8);7Yfjg1@P4&GNYagPt$jlGl?3I=A\_f^'@AB;(qI?CV.r+87^OqkUuMH6L[hP+BC.";9<s=-?A5 +%1OUhL$%Ps07o?L&;7_i09hEbl`/1t7cOKo-*(G8$cZRB@DS&`(o00S<hH%hLa1co2=1R$26+]m.RbiGSK3RSO%3G41Q=he-@dmXY +%:XGoYR6I%Hf&eJP/ihWaH6EK4TOE1*-U1(hT%NE.5K*ZC"/&.OKJ@dX7s'ID0P9Lu@YP=pPPUQs33P)jrpQ5+ITqr4i`o9H\A252 +%&lYQ%gr_tlcmp<(h)21T+dh!:f-Q8/8kP_e@T(YT&IDs5,G#6)cfF_SqHD;oaDBP7h^"*JRFEb\4k%'>8T*3Hr]!sq6>dp-"2^=o +%Du7\'fs05CqRqIB/"Rh<4eJdA/'-2`:PBW>Np[kC7HEKKigY""aGW+9(YO!Q?2R"bU5S=cLd0)1b!\,^]GH!Fhbcn(4==IJ.E_k" +%p;og#!_n)YW\p0fG=n!l+Ps-t^eWnS?J(VpKVph(EOu$aNO%HK<P@q9`%&,!!Dc/r?*oOg1H:<h)Tm?l0.e.NUlEPZ#U(6PY9q`r +%m?D0_Zr+nfAjAK/UdObD;HHF)#:G@6''m)X5RoNsok9AdY(jNm8-/($i$9npAdX#B[j=2X-)b/6SbPDn>_uu07-Rl^HM3n$"3qm# +%<Sg7YHF_,=-kcb>374m2$YRABFY`fq.B"Ok]EE;tii$Z#G$u&,@Nnl_(@PKDkF+4];,g3-`D&q=m;8hV#`C`)4I`IoFY<MG/IoKH +%6%1@GEPHLo)Bu%ZV]^E4&dWcc%HnHui`N3=ct?OojYasqq;r#6CbU0EOqYuI]eHA:D/P^5gJl*:Vesf5@miXOi7Pn=<Q2*04h_X( +%$R17K1>GA4P+o53MT+g]hj"P,Y!^efA(EAR:k8"-%Iqg5l8'N$M<_=d:G+u^QITls:lN"?W\k^:Y2o2j^<R%N9U"io2OaVC?\?J" +%Q-ZqDN(O/-eGWS$`CeD?k,)u`&O6su][-5P7-\HYc-,6EoUa^dWZ2m&C$b<<#pq-8UH5@0ajW7E'H#*kk-KD&%W0)57B1m]@a$-E +%hBrS?)lI5(@M`Lkdc1tR8n$Z>+GQ_k`HmR>eW4I(`bpC-M5aoCEBWWt84/Z0!'Sl(PtJ>o]j0p"2E3NYlCW;3a?*^2V'D[%LZoQD +%KcaT8+@PH[Q,Sslm!5A.OndJp4mKdDl-=$$X6m'L2@34%%+%;a9fBi;`(Egn[[Sn%?F&W=n23mAD*'@%nhWfh'ceclbu(!'I5@e" +%B@(p$Y9qhri8\cs#g$@*:6rWGqn%sN9.sp0;ET[K%Z2NqWd1bZ.bCV3`R-P2_Yu<'eo"ZAmtl^G!9WC2U,G9r**'((6kU7D1dmC? +%Yi!1K5Y<)!Aq(??Ug$sOs$!($;QG*r]U5sG43RVa@M[,T#:RLNm+9u=O<p)j=G(Dr](;t(@EtS3n+S[m?5M=EMDWN]4\?,]qL&eZ +%;*6)8@PaZ8HOVZRB`Xc02fo,Nl`bjAog/9L:+Tko3go([*Llo3.:OdqBqN@^J&#oomN6ac;aeNXp5':1Br,d9qH:,gW4ffhNH?2m +%5sJ$'O?JAW6LF[(`KPNk)IaMiOd\DrUpMG/8.@_%cdbUM`?dm,8FJYWi?Rg'1MLN_I'ReQ&B)@Si0Am2cslHhH-fhQY<fDECjudP +%./WJ*rVL4lqsp)g\p\W)ch=[us763as7MFkqu8\tTq/@]*tH4N8J;=OStpF_!6d-SLI'/Fl[qH7dcEi(Aj?1`li'*_9BYa06^Vt4 +%%K\@nBat-&8J;?E`iO^r!QX9eK:l`L_#qJ_Z8ea,5SKIF+@m/)E>YV\h)bUmAkbB.MM<H!#"Ff[%t^RMM$!`l[^c2W.:(`H?rGdu +%5sQm``'MI$C#Yi=2#6tjFIFc)+o&Ei?$:`o=#M3,5bDRe%KSdc$O>V>Uk(mpC=9sdZ"ik&!GF?l``)DBZD%hI*4b2Z$-B.uE]*ka +%/bT_7Okb0As2X-b\X?i4\+sgYYjD>HF7%H2jkDj`ZH5<NKOs0j%R[Qo'Dm#4OWT6iP9pdTZsi6kNbXan%`5Vn'8Iac\;>jBD;<!: +%kVbG8#N=EViu`ejP<8[RN19(;:Ihs`9(@"nRlu3r7_7Ofho!%I59,?"PO3Arh@1FlabVm&arZ4]PFjo:onH%"!;@g5H4]XA2V(1H +%2qXN'T\m\.4:(s69fs*j#?19q$lh3G(^a$,3!]a:"$$Vn#KqT-$b-!DO%7+(=?ccr-_34&&LU9mJr,[o4pVlNCOHaHNgi!:)95Gk +%KT5"-%RJ-,!sdfF\;A*7Emhll(ccKn0U/(Ya$D[FfiJD%jeR`g@ccZ%4:j*"V@UJc@=SS*k+mid0QVDm4<6;7S*\8,\``Zi++Tl6 +%3r<IS*8IFsT]beq*.XY;DpZrFFD.CJM.)R^h\h0O8Y<][YH)iQr'PtoS,S&SO9CB'aeU88aS)9Ld)lk#f0Kd,!+#mHaoMK(d>&6` +%fKl:h"50)Zn8t$<2_bBfM4sf3W1C<d:p?L<rD:"pI!l"QDP"WK5jm^^6U5kbUE'?H1\9_m^cS(F"/'itJPQO.a^cFq^Vg%5!.ZG' +%T7\82E6]I(_@u[o5qoql#O)MQ-i\,s*"Oc`!s!Vp`$(4)]VSC/jWQfA"QnYb%Y3\uc#F:S:RX6GSgQ*0"ON>Z%YEo$Z@3?U%o"#D +%duu*g!pX2u*!"NqD7:&-KD;Er4W30DO?I=;&C@#UE!U:+B'5#d^%l%H^jGV_LVWY[KnBAQ@fIJPi=da>+:t/%E<(qnB&We5+-+g6 +%TmUh%4;l@u]ljCG:RX6KcmMO-!9o[O%Kc=V>Our=+(jL4@%X"G&\&@HHoenNYK5/nIcaRS3lDQ#SHD-+n>[N0o95RhSDSGZo7&aq +%bQ%#1ooCW-5Gs`j6m$Vn:41K.Y@!m6roWS%Mj#Y<JGhq:lLY!>rVuo@s4@8eJ*[,Zp?'W=mI_RX^3OjHIIZ']gFp:S4o>6<G4E9E +%\C'%;1#7A[manZ!?C^r]k4[PJDXNV:.>J=QegW3,UF>F(]u64I.t.<DKdJf18KC#H0)YpCaL=0mE`pJQ/2%62+(@m,0M]]j+u.,F +%8^)`g&UFr:Og'WK6c.b!5=&qA$jSVN,KJ+,:?2LD_C-32J(lW9W^73bc<j0GR<6t/io"qbI;?A-(I,>YjAqmgL0fg=4-kfJC>DlJ +%T_ieG<bd+S`&gRXQU*<'1_eUBUPLGcPXCqfdHa%a0:Lfs8.IY8#(hNd=^6$f[rR7eOAT3XV4`W,4k_$FTQUJ]e&<WU,a/&9#6!+3 +%Yo!5(jZ2f5%BB-rnfj8S2mH-"V^nf=TX3jZI:8S-NM%uN5e]*<O!#QIkV_EoaIf2_.Fnre9OoV<\ETT[&]CD/Whu^#MAZYLjOfL2 +%&@r(?+M`a,11>@QXZfnFCK`7cAOP23Qg!"O9_BSBE`>p;Frk`X<A6^jq$K0d<Gju47LLG2J\=m\o[87$N2$]<-M&.YWWX,T$J\jq +%7:r7^b-g>V"ZjMZ46!K0)N\]F9\'1m+VNk0Lg%\-=CDsC]88UKKp@9-?-#j*;g-l8l7a/hPAu'a+E:jT#CS,V6t8l@Dr<8/0^,Yn +%AIu.D%*1MdUP"nZ;A5]0Z<;n7KJP2VOX8BZ-Manj-s%HBRkl84Wf0X2bsm;n?n,;QG0;BNZhoj'PKkAo,_ka*<ne>nbIXR,QVW&R +%<acC0Xb-HZhD=D#.fF*9m0WG!oZ*E=fVPp-D>?!%ST7ufdiqc8?^hIQa=pror6Rp#^dXur.GZ$O^XZ?A[+I/Ylm>E_gIOslT:ig5 +%hNXC)GD4#F71UYU_V:hh?aDZUW\p4JUr?Qhder:E2MkOoE,%r`<P0G3eKgqm`FnsN;]_L1H4mOY`<f1LW)^cfS*2=KPJ:ErWu$bQ +%TNlg-3!K=VI!cB!mZ!Bb>c`N*NtP_YjbU\CE]l6VBhg\Jc^o6-HD[bmqQ,agM&VfnE[%]B9+2df"h%,Z%(`%!jcrK[9,;Gu=0[r0 +%7!bS\1Dq#iAI.u)FW0k<*#J2C#8O9O'A2r:MUtfD7Ng<r=-Pp>T&oF)AKXCRI3K@RW<ZIe4Zr)?+[!dBqa$NR^j@b-aQ`(B^k*0D +%-[(XYSqE\-c]q-moMH:j$@0=.Kl0X!l8hZT,XoImgJh.SNe,#ddtI3!#q&#g9c?/[DJ=1ma#Gq%Bs\KiS#Vk7dQkoO;b8tBN]@AS +%W"YoP<W#rK<KUBq.J7RQ=^?0tj_>6\<kod0Uip,W-&I&/HG_ATe^XLe"&:D*q9GXi&U:B_%Y)t'lMCj;L?PmO$LjhNWUPF'0ci&] +%kp8b>C2h`V+\<qu4Y=Hf)JUCg02^PIZ!k#R$+PT+M@q<'KmG]2fdIj`2,BajoSd?moMeaV]lB"d3gFs$?961Z85BhOTQ^?''._+h +%N8(6/"GQ,<a?(jIK@YJaFbRed>9pK3=BOc7I&h]9dOD)o(9a3,];4<CM@1><jN,$\l4tl_G9W_a[>e!X_:rYbOs4md&IktT+O2lf +%m*KkIN@Um^"<oHok$q7*9qD6mm"f*!\jS\<rJiX;PTq/MDuN'se-l=NE`MKn<eNmi#s'=go!bGT^sbY1!:Nn,WBTT&E*d%Hm&`Sq +%TNoPbQ;M@LP!C!Qd:!196+D06$lSP?<QR`\#'6RZI4>lRMt/]^OOGIW3%)"p!\_j(6@*I:o\7*8f_0LjBU,.=)^QXN@m[tsn,#qQ +%a\;0-4:.Oj_Y4Q;n)WW+`!Ns]EgCoM35><Rl6'u[l8@qr9Lp>sG]]Wp]SMt\eN*a5e$1WjF0p.G5]IF5bRq[RM;0'c58:rM3&UJN +%1S+=MoRSFSjSe$!:BdZ3"ss'GC@U4\mOrO!l?$Q,YiqC!%VZ_-esLP`KbOcK8j[#&1Q`oE)ZQ[5m0\He/chZ8.1.72f`FpE7eW4] +%lbMJ\U#Iq=59^%rN*hTK)r2^1l);F7f#1,srZ>WgXt*/N.uA^@rkjjOYRY+`jE8ku<r2ku:8!kR-$B=^pFf+,O[dZ%[9KY2[QPKL +%*^7q2(thuK^c:BBlH=Q%3+EjG$s!9a@m,;=b;2lP:@)s`9AKHhTm9/8^_X*/&E(S]@Xp?@O\F^;oGNS#nFD;$e'5%7':$8[JqJK$ +%37\Gf51j)/Z,iq$nFE,s2^LEi/e2cG0,SCNAcU[tAlo&PSB2PUYG9oQ["C2sHN_/HC]Q6HG)FAg(Uunk@"@h\:P-R[q_>rA8(E%5 +%5^,m,LiE:j[HT6<@Bn;p:M\b1,92`lrMI2=h]ai@bJPO$F2BtWocT2.7r1'nT:qVhk\>`'NX\?`s*jc,@Ri7\#hYiV>$D41$[B2e +%+><p-mWKeXa`;L)IN$mQ,9$I`cJ]SFA0G4M/I)*tm#mQ+__sp'_;H29oQT"MCk$MIjHobl4a\]1aQt_h!=J:>"MS^7YE+lWM`@jm +%GH]nD'sfo@OnX16A#Vst6:?.1j*mDa;A%)[?hB:M,+[gQ91&fM)!er?kr1<X-LP=8;Ql?eCp7Mh6?)90aViKU5OVjP\.9F]/0s_> +%::&aRJef?:1.lXScL,iYRodOXLT/h>-.Xf9:g2(^d4a>*6$LSBEgo5EYn9C2F&E&+&Q'Ft*^k%:3s6@N2'N5+h!PG`hBI`?!nR68 +%(,-p_?b01Sa8)jT"&cnh4Et":"O`^9+sZ["Bntr+?Z.8qRV?L,J3St@5p">\ouRB=B7qP?EGS(4dL3_NYW!SE!1Ns8HY29os0D9: +%$UHI0aU<mV;P))V@DtW>BDhe&]HIlGf=!mEcb9u0bgZ4_MYHj4<<@e]0+Wbe!YSbU?;Mc0c.=n%Dd2.??16]FXoKE6aQ3UeFt/!U +%7DOA':V?%N!L1$a!.DhbJt1-YUa:%\B4::R"`g"iJ]G2?Qkj)>&JCl>`96m'"\K:4FIN]Bfuk:P-9\RRH9VY6Q8H1G>JC..b41qS +%\%n\i^:lO<er<n#7<U>J8f`8/ajJ/%NU6!4$Xo#Yo+KuND+s?drlq=uc0*E??Uo>GE&XB+DL:_X9oQuQi9.ts%o=inUeYYGqY#/. +%h>l,Z6VY$gh<4/\&-4tDlb12RJ&fFhrA;BZ%*m30"l6rl+'cjkl)@nq.QPKiR"').A7[n/!O^i$\&L*">NI.q5oKkSp\8s#?c&Ae +%K^KVpG)MRCqpF0XC]+:dO4!Y5bpO@rPO_Xc9-hR*<l75-]5$->jDB*qf9N2M5X2CG@N5OG5Pf$FnhM`ti$da7Ekk^*_$7nZbWt'O +%rdJr$9-j-%*l*9!"rK/;^GLg*Hcn?Pb#)ukTKA,,]Lfe%2f2&OqK9L[Ql3Q8h+I!_R8qICGi)nB07-L3ICuH$K91YP_AgJaigWX[ +%-W+aJn;Jb\kn_*DiUjQ\A0&T=&EG?hD#7)p`ua:l36B;5p'/RB^\rPeX;MdWSU<]7l5j%,IV/'pVeCk;oq6/B\_eNe"ShrBQ7&5) +%ZEhZs,P0M\W'sjU;jD<OUBY`ui$K?X97PT4^jVs=VSQ#D1\O)LlDoQpI0iehS(&I;bk2)fT]#1=K)W>dn!noYqt(!cf440"Zn3uP +%[_O-)g7Q9i4sDPeG:`]5AHbftHg!'Bre"0&(/pOnIG>d=,=@?;!\%.51f`sZO1pW_IoHG+6.(kEUYs`G)7P5K_bMkZ9&6N4N4(TU +%Nm(r^E/pSq"YK(R>K;A:g;4l_=5t4m)dSA;'m5VuPI*a*niZAVpk[Jk$D6%YT;]&^=@P@G2XX:OPNFdi>B]r"N;26]*ZG,df0NJ! +%:T2ILW&WefUtE"5b+LYTj)CR+(5H:J$m9u3[RM=JJCU514hs?*@"`fo8oWVqrk6YN&8a"Js-iIq%T'Q(g6Q%q+>bcqJBn;p#N43n +%fqV9=$sp$Db=#j,Jb-UNV-B!0\)7pf[gfuO$s/"$Q*$/L>@s$]F`=oFK!->f74JJfi?f)),":N>E9KU(dK;\7JV.koAk,T7gB!W= +%l;OtID+(X=\BLW7;=4^9&,pljbFtm;["Ig#>Dor!/<DO>5^D%GlMBjcTaX5MMZfs)=1`G%NT'gsn$KkG(-,S2d4)-s`bZl#!4."V +%PF(#pmD]oaoWGEXL=PTtDLcYYc'2gf((n^$>G*>ZT>?H7"uL,XC\nG`XX.$(AC!LZ"gG4B.LMrC3E*dP#,C(3\KN]!^.*?71F.:X +%6U:/<7L"p/adPNQred>oTOTeQ..3.3EG)FW+)0XbRk);%'YDbB@c2FMgM[Zl&E(-;],5dbNtHR4j[Zq$J3j!o/R<nGApVsl)NHEC +%oCO_2ks5D7S<^9C\ZcZqH-d,>MUe/C0S4R?TPdkq&+J0s*2$r;r!^.p&-<D]k4$%@aU8g9%16t]g?o$NFP#GZ;;5j)\^:2Wd#2K/ +%d^V>D#JptnU)n>f'%cV7"IoC+a<S;l5*)NTL-=#PfOk=tfh>b^9r;2u?PU<$9L0).j8cd[VEbL`fTsPRReX):El[_tkd+kc)(WHD +%8\&MaL)8tEccDJ4$U!FNRg&e!6Er]3pfBEIX8/>ON]$iaN%!LFc2*JQULAH))narVG+o)$:d4b(R/\&[,iE)0LR4P##Vq^hVF0"X +%kpUd?7ehYW90i"h.(EeJhqti4,6fa8@m:['!'3$(bgEj:*I\mr8dMprW\"BR>9pk^?XsI%f\c0V>iBhT[KV94BE\9qTt:A$%#^4S +%oD[A"7G/mLYrP,6pZnJ47cuef(g"Yt=b?6m<jdhk..\Gem\-$tK9fdP0C*L)%l4j5pQGVh]C?<>+2aV5'DI]=MY'+Y2W)`+?'ZcS +%SK`?&2`eVY&b51X?6b0[P;.ZJ@bgD0A13OGU]'\)Du9T^7MO=:P`YtR+q!9h\=MuhK#HSf;41oJ'#D$rmM4'04ZG:HK0=Jg)gF&f +%=@%j8aWBBbKIa)-nN;GKV@E9F#0Z5:IiMBcK&X`?O2H<YP[B4HQ^1]hjNg?nk_)G["Vc2N?s>\<&EJ=0aE*hm7Lk1>e!cnp*+Q6t +%cc6=/INsd0][LlM5YpQf@c:;?mu2CQ$bBd=r_;@W*B"GF*Ln@M\S[5Ddr7)OTlqp/W<aCffk`m*G4;g4EYEE4V,P2V3%]Hc!)`g* +%`G8&b//\Kl09'?g?M1uo\`_cFWj2IrOR6j"PBi<&a)oO-#n!R8<'eGo)7Ui0$QoU@c@Ea@p:=Tg>c8Ei(6g'/K1.=AIBWm%2!YEb +%a9*!Q)ZRI@EDd!Z&m_F>g3Kr.",N1g$AaL\K,9G\p5O)S&02k">X8tkC?p>-mdOd\k<cMfM'iEWl13XTeB#GH@Wpb4WB6H;[s2J? +%`<KVgRlXX>06hjt=:NmC&<jOV$Um]$JAJ"N0&r?P@i2)eAUMD/S45=;O)@Pu!SbB`ArLkfF/61ilMK[G-:%cGT\%Ma_g+CZ2+C.. +%2C#_<bkm]''1"D<1l,S.&/K0Q#0#-`9c$8&'=<GZM_*<uO66RJ>;lrg!Y"d>)MS<`iTsc):hMZbST$<"6+0=pe^dGc+nl%2L:DOn +%\AETB@I8@"Kd-lGma',?It?c@WHTu1f/HspqX),5'MpJ731!Q=:#/M$q+;5YTV9V9!,O6ZHQ[rSj>lu3OJa>M^^(u%5Ro!REGX+i +%CP0.aiLrrSn])c)0+UT]<_OeO=m3`6>]3u9Y@,0nBD%p*\?HC#Utc"3HO]S4T.s')neK:LAROS`PlJ_/_m\SX>Nd`5a95/:WMG)* +%cQAQY/l9>j&dm9!?_J^3CK\LGb=Eg[?hY;lSi]>W"op(p;MR,2kI$d%NN?@l#.h4P)um;tp8q]57A]BYpTh6n&VN0966e<<c2?@B +%OmuEUH#9%*F5:;639SRkN/YKGpU52ge/j[G@m!Vc?p<)BhjHWnq&I1#ZGcU%&hN/1nKpNH[#Y5`FXS:Kk*]jcY`N\f(0aORDN=k[ +%Zp'/s_b'Y+"L[MX=8=7)XY#%cN$ue_g[t`Y4Nd?RPnU#t(3W)@k?j8^hI)^d@&cm(,3nOl9gEGk57%$-6LA8>>Cd`lQUMM@j%t%g +%5@Y&K(-LG\H7]c;Z#1YMq>QFQ0l^!^k4thl]s1=_f)%U&O(JT$a1IY][W@V@2UFgM.:CO&^P9qLIIHdS/V(LDIr&=4M''Ql^Ae[) +%HfGB89I$YJT;!D8j/&Vj>.>siUTO9g]_)s9CUcak?M;q;RrX.f`.FX0CNmk2Yf[tADt:OnI^T&*/sa.?'E6XmY-ne@CN/DJl]q9U +%<9\`4.]55..XGgT3U]p^)8aO^Rr6?YCn.&BBK7kYaZ;jOa#j(1#?-9m6gCc`gL]tWL,J/lPq5BRL6FD1'&3/dACq>ga9<W*HYMtu +%*q*sp:6Z-Vi+OM7BP?,E$hB$(qiWb$W%k#OUS[:!-siYhJ[RJ>:3X[<-Fa,@hl\MI0EQ9;<Z&.[p>0;KhrCAb%Aql75=S]bOk:i8 +%A(:4mq!QJ%i1GYA5=V">&;a`Um12*n&V)ncAMSbP&rn6uf3b?02d,_UZb>,l%=AP\J&7]E+n4?/(J[BiD\kb<NFhj=9>lmD-bL.s +%]AW[lm_E7g]R_3*p/Lb,p7Y:D$27#E+n)kI*hX!&15!T,R@nuS"EO\6Rlc0I+'m>Y4=j,9./9*i5UY.'jFr#*g1'a)PS4E,1O?lP +%]Yq/,_"+UmJ-OKroJ+bQh)Rt+*tgPF6qHXQ4_LWnd:X9tQquVpN`K3A?M['q+p.(i9FE4OTJ,r)<e\;Whc(SkT_>Id9OI/K=%us. +%-eQp`h0]Z,ht65:@be<jomE+0T<_aOaG`.###,nTJ4S*%DpN\SUCFYkkeZR5N3k*T!Z?Pq,^?:I42Lk*g=>XEJFH(.J"s+fRgsAk +%::]II^Hn5q8,U)26eq6Img=UnEJVZ7Jb2YoE6]DRkoRYW/oE)H8ajRjD/)gb,8-dP:Le2;^U1s_&`C5g3n[.%Y:i\ao!m=q!h$'s +%Of$f'7)/^MSVmR7$u@'4_"[VX#^^g`,.hAK(l.+(LkkglGe60@_qhCI%@&SO;/6Xf_0fdK/\)F@Sro[R]"j8np2)(fg_!%nhrr=R +%i5Ta\j;FA*Al]d7BJ(H9L8Dmg4=AYT:]XOD9LFkghWEd3Y`n7)J-]m-5X#P5pX"P^@GI1(\&;""XL9-;+sLCQ9E?EO.I`"Bh#n8t +%!L_"-'!Tn+\X?erO1tu1gU2#1n#5C8Df@DVQ?puE)n(sHJhoFm<\nd0P2&Wl@R$7-fkgi%D,N[L)mgYOPA8gW,u[.2DICsg9CVg5 +%_FZ#AYmeVW$E'ma?_Z*UZB*Z>p1pquNrSC8b+.PL;],U72,F.A*3*)3A&b7dENPi+kOU%0jCW+u$Ui47`0F]11Xkd76!8/-AJ9E< +%XR<DEpW0"F607bZ`im%K2QrEh"BQ;U9TW2'0<jUOi7[aB2e5C9$H:7B3j@$gjI9%I5iFSbonY`L2f<tD&3[u'2sOmBO*5@Zg+n(> +%QN/2B!8?Xll>;CG:ld^Z0RC*=GoIX8SOKhRGias^T^ufTTO03jrhB::dVbH^Ag49bEis>VN$-495Jg1Wgs0-#:>a[MKB+.!pk/VY +%_Ka/U6ig,4?XWS8#IRLE63u6&P%bHU[WI[:&W(e\qtBboKJ/G%1oUPB<!Ok&n5311P8EFF_:5D#4R_eE#H9o#7c=qtHUdR99Irs* +%!XAb)>\<gO>a>l*gm6[t\q!GD@LYe-P%Vbse@pOs<Ht&#Cqo1E0c9!!=7or;?>C7bE3S)Lp_=*>^stW/pRO$:"i<gLBgd]V1fG.& +%PuT.U=[5\K(nN^JpRQDZZq!!8;$%4!(SH9b_%n5&KpsOT,ca6[7VYY)K'fAcFUF([,jq_rS2KG$UTqnZMq4h)c6P)4F@J[7N*o)_ +%]Um=!RYl^%*B_t1rB;oAIW0GfjTef5#lbh27#Y&#TohCl"'0[l6DW9nIdXVGqLrHQEXL=GqeF`Y+Zd&>HMU#_STED3=&pojpU=#5 +%B!`(H0A<X8a#*pg3(,;OC-iAC]DhTj&RF.>#rC(G&'a[*h_U7=EXAu(_\_@K:+8`(TUUJG+![:E6knFl*e2MC3OTWKX#rMnMKDL" +%C=j0BZt,E^-fa>=b3r)*bc"*0AA]mj/5ZDEmUokqjM5W\GInEjVL`^o$d#Tm."_38HY#7MI;&E<)`[#^1?NVqNu$]BdA9?18-t0d +%[nuCFaaTHAWb/YY_]r,<A#>fTh%)g[pUl^/j<1)AI\o?].Z)1mcF*b*,G2sX$7In"FdIU_Jnht:)QYbtm+5]&Z\lH>(dMl%B+`gt +%[M!*'K$c00/QPQ(7^qAI[R+R33F9n8ihS5`^eKHF(D2FF/+#c3aum+%[\No3Ke;_Z_b8_N(4'eUCt9!+G&S\t+2RD9^hXjor,KIO +%Hh<ZY_@/i7QEjX2a,Q:WO"Y>A`n*6Wd'h&3]9<Ya+9d#6G].qZ8ot&IAS_G+*kWaFh72WC`:%@:]JKC(@JI`6LnQh]l`9BM!P[ui +%b95a1;<'1JXP$1eUL8M(-D3P5RcqEF>4DPk%Y;nDJDZD"c<$CT-EU2/N:<-@I@[iA5_7U@M8^V6+ANdb%KV'l_:]&.+lIgWhEE(_ +%f.QHX[Zul<D;8XQ.0-1l]Ja?N3].s*k?_0[Vj/AmloB5"mKj&TJDYlp./el#E*eG#<&UBk^iBT8R'p#rA[ed3!?>I?[4MVNDQI4p +%)L(=qRt(Q]CVRulVe:X2Z$Z_G#K<Je'3%jKF>C>6S=mFMGL/P`-YPXogJ3pN+Pl$FOtk=?P[gA'lZgo&3-h35UI?E;Hik5%s*F>% +%WD`P+dig%)eD,HsR.HK*#JieeW1sqIIpXn;;ZY'cAd'rp,m/PS*;5i:A(u4jRt.Nq2E6&ai"djeqC$mD"?`u!Cg/$An1Rdnko"7+ +%03pu2YuEeao<T>Ef39juBgX_Zs7'd6'B'P!D8(RM20lpX9heVR2q\.iLTTOf;cPcA4L*pn4jCUr&t8A>ApC@>Pl,0,0^FQfb*7hI +%@taGgYjtgclZLgEG:0PB6J"D20uLi`e`Y927P@(qiA,<a4l`;QqU(B8VkRO9pfiYId^_%*&(Css!>_-7_f!.U'hYZm*DU"Q]fI2* +%%Kj,rF2&gqAq^eO&`f3XY$4F5T`>3R*G'cr$"UM1:]:6**Ku6r"`a#Pp/b@+-1V79!=36]*!0dpqZ6=DGiC(8ThjK`IARn'be!+' +%J1r_,$rl_=dLHGX3Ah&68V4GZMfOFddND^5%-t&j=mZejgLa/\G[HO+T*kp25_9\hD2a7\Nf+%ri)/hBpo%e!efM&i>SE3,fteeR +%1^1=r"N?t7i-HA301e6m$t1"u/&+W$0Lb1N%;?!p%O?d!n`o2VRd^6INgp6V"\MaUZ"ZtVYRk,K"JBB%%g?@\0R#&0-;6<feHp^a +%SV0@M[RjR2`V"@-_kCakmRPGkqK%2+@\%:1nsj6M1_]:G2EhH%P.%T;[[1kL8HOg#>#/Ur^;Sq];m.7NOfh$ZR\.A.;#;.Y<!OqB +%XL7\:ZVeNY[e1!8/J9&3;"7#>),$eAfQo6L1T%R6'hWh7B8\bUD?f)W36*/D>I+/Fkl*"(TK4EPLr2dfeA18`,]IXpo)!IkeNq9) +%R9%(SpC5`Nl4psuJ+l=ZX(o>FiZH'N!$'o0_,hZ<9EN:!JBO3>9C%5#A9)Jg*!S])o?nV=-l+V='-8CoY09]_q4saL+V6+1[@)WU +%R0AtW9'n2(nZH3sK.<066]$U1:nn(2]Ygcs>&"6+23mr!Vc$fU:qZjsS.&okf-dDb3d&7I_tcIZZ[qk.W85o:ppVclQX=qd(L6AC +%H8Uko+2GH+!?A:4X_lm1(lHgHqVCPlH_;/g(3O:kij'-NP24aJ]EP-c5R1.P)8s1El6'[LoNm`J:>T"'"2n(%'h6q5BW4Rg]9Tgi +%LTt^^(*<^A?\.k1o!&$!H<[D+V"(Dnc:aCR$igo:,@o!#Y*Z(M6Ytk%P.#\V#`i&n;E\QI+t@5AkmG\FS.U9=0*GR(V4-!g-2O)N +%2K1d>H[Wk_bN=.>XffEoUX<i'NE7!S<gW1qT#Bf%KFa<"W=+kM3(oZS*n%WEM(c2WX:"bV&0>")37V!,gC%QBDpaY'j]XJd#l+&s +%Ih\%%fMje60"C+o1'jk_WmnTfrR`h:5S1j+f40JpWli5><Si@MCN.g^>G#b*q\6"5h@YK(C9$hFhZWlUkbHKc<hN6m^Y[["+f"^2 +%5Ro$S;$RmRGR[AAEV[2m_4SUK\ekQ\MPDbGVcl.2m=2UdE4=bOU-^.5ruJPi-GWNm,/:169^#J'D\icClb6YNIM[2W)$l$nr"H<$ +%6jjap8:GU-O9jT2ELsOZ#DK/01lrZ`0W?lIP#_5Nba2ErS-G.BJ9/V`?2.qU2'T@AIKCg&@[",K8S0_86%%,C0hGB=!gHnn="A_# +%B#[.d((I'^<mhi7P%uE:R!]OYD:N?qY_0lC$hoao*paL12Y_3D.B.QL?6)OUZUUd&C1RM]MZ6aU*oI8"C2?U:AC]E1$4RcL3K'"6 +%7@15D$#A,/0VV%ajlHu]@q]*%;T/[e_"<"hg4^en(k^U+^OaVI&Eg09@7bd`*lY_?ql<j=9u%?@0eVu])gL=/at"n1QS;hs/8_/f +%TOp-MOqQ;=#Y#?--lLLg?<.&L+/E5AN&^<s.@aa26'9=.'62kIlqu<"pn*$9.nQQDW$IYZ(.B$]G%jS`%Na`oAC_e]pn,%PVVE8" +%iT'6):6)]`:G.9%Zu0_D(9Lg&UBi9OTO7q;Lg9a8G1"%EGu+W_9n9\FL])OXXg8PG)B.g:a]J(6G;sf8H<<54ohfDu/qC<[Z:G/S +%,#eARc>MaKWrO!;.2jKiFL/'n8,:p+:q9\b-jA+t<k`>%rcGc\Ej=BW-10VRm^:Z]8boAjGQfT<'8p;aEDs5h\2',C7;L(?3.R-m +%HY(QWZrN4^Esq29kW"f^.@c0gK"PDKW=H5CeZirf"'G"<VfpJ_[2pI);Cj;?jRUG54]"*UlP*$(_Q"Sl$;pjdkh<Ikcp7Bf>I)[Q +%D%"Q]:BfRSo_fUgQ>JET;Chr>:=r/4cEM[R':-!?jf?0dH)C^Ke,.Zq+4U^^$W2&kf1*5)[5P']?:BUI.D)QlBl^DcFHbVV@r+e. +%X(Zf'+LOP9b>^"N0rH2$KB3CO`>3nh$7Im%kt3b7'HL&QeSeB$pc0W6L*Qhe>I7:_focCDVN[s01ibFWI'?%&W,7`45Rbt-C+p"1 +%[=rel029J&#H!#*WJ?"uFXp+sYSI'9-K0V3(mO\_KU2F@ILcqn"mk^n(6P4["o&nfOr9t+*C>!P5*Q7Pidu+t+N`RQ^h;dc0__8l +%Zo'_F#QdFI9Mk[6)TZ!q-(#\t2ab93YUG`W<X9Wgs62QArq05e`COWQH<1$[`j,uQ,Snk4rcsPS/1k+lQ#l\KJ[R*'QX1aeP\^3' +%07QVC\n57k@2W/?Oc@@qdcPsF5h(6)"Mc@b!ceD.<%#44$<Kij3S,%3ZJ+hXIcY9,a5_km(XPF;,6Wc8ZF;EIF>"*)n@q!g#e-@- +%"k:?S0q?Q[+7LJEOc_68)Yo<l\HS/rYUFFC"3.XgOsGWq/O@=m%?+s4$8t_0NsS;Fff(U%S"#:-/bVR_"B6<_Rg.R^kmuF_%!nVj +%0j\pg+EH:`(%$j)+r4:U1DCb!i^4C\<Cjcg\66;(0!<%2]Y:kg_6m=:=nnk@)n2E"D2!/4[N:%WKAoK8!O[-^a)bc`n\W?d=f.?4 +%jYkq/5)-L=&_9t*75DI9@8!K:2GaMfS:agUm(l$&INa?WQWRk5jVmAB@h7/?L.&hs''V9.A=qpa"G7)m.f0H4+sj.r">b>95n`;k +%mUM'Yg$NjC5]$4Q0:5pu]E,g_gMf`HmqS?!QlV\AB9;-o*D?0#aE;q7rDpqp(7\p).TO:LJV2jt.tE<E9:1C.Jk@bk%^_Z3-T`=4 +%KsE<<M8b)69Bs2)Xd<"L;%U*Wcc6=;Lt7]D2%Z&?[,t)<P9[8;5tF8AV3FBrLC&$oJol0,?W#3aHj/I=,ep>l)Nr.#e;*Sc,[FuL +%XtQKS1XMO`^6Ec$A\pdL*_M%%#85(8ifEcU^6IW<jJ!e?)$u![Eb!5Mj9GQ\RRSf/R9V,/7A!)jZJM'iD.Y4_CH*?9)sQ,ZnI;NJ +%.`qSi9VTYK/]tN@Q.[QJh9Grt-:$:N!0PEiVdpbS74\63%j3l=;$M[T$NAZnFo+4ePqkE`073lMX!T13UfCr&\N[E4@Ee1W@+GYO +%9X"bD`hLi0q,ZjENL7&>-F5V!P!TMZAl200FacPE3*3#0\N3`*Q4$VX@G)!2O@:u9c!inTgEA!`gD6](F,qkK8m81o`/FYAo\De- +%2QaLL3Y.^([1$NhDu;diTFK.2"PJmuU``NE42@#mOXD9j<nh=1BI2E<=HAo(#,@"<malYBnjia2j@`pkkJ!W#.SoVV1JHb#WU.j6 +%4-*)2WqM`n!-P_[6LLu6_+L,i)3@2V=')3il;2dOmN,)`i@SV?kI7H(;YLKuBmC6G9&;)5?Ph#fqS/*e?iLRJ650a3Dd4@>(Hf=q +%_-i=P"rPS";t5oNm)uYRP%6Fro1/RueD#Rta.dRW"`7,IX*b>GO`YV_Q6ZL4)<['R!+&buWS@R[HK6mLn/ajUPCJ9d^g+m.O-A"/ +%AXr3>/IhMR4K^dI:$Rb7``>4)>R@r?j'h\2%Vsn#eU+H1DAM,K/l'k%h<A*T(:f8PY%oYW]LS8ZZ^,n.[e/oDas3@m#4umkVO<"6 +%kuJkZ<e\oYaGQ3cFWI9@eA-4!b&Iga[CpVhat'LdJ0rMB_(PY%(Z-4$0/<Fi/t05d<%8b&&;rkinGNWqa`#r;X@[!IcR:r\(p7Ej +%H@X,bXd;(]IKCt+$*](nY6np3o=`LM]'$t5%R"ap^1tugJde-G0?#rTq6>Q/:g;L67(uB$3RZDli+r&C_].MT63.8]+DCl[jS.5P +%8;!bJ^B$!B!1@*t]>7HNj%D]2[HNCh`lgI1I]j^QIW@A%ZUVI=m64^M?sm"jE"]4k!H=X.1*:a5:rp>M7#a:Rn!t.YAO#-bQ;aI7 +%V5R$qs6(8+=A%5/cQDSmUK!9ukYb::@BdPGJ@_U"ajV_`s$MAYV$C!\U<Gcd)*#<Pl_W$@*`O#>mOO<frk5JE2tU1eKmr@hkeBWL +%lu6E3^nV)QO??3C[fhM\""gha_0'9/>LJ<aYAQkC.rNWR'dSO)Bq3]LNKsF];<PX+%Ora.38S:A4^%t"!7%k:D;-SVmF)8:i9Gm, +%!nK<U?u=R-At(U.Nh)4FHTN7lIPC4\g:$DYqJ0,3NA4P?9AVVM@ba8Y&iL'GPhU'Y_5EuY!X`87.+3$!f)]n#TEe%?R6*`f*Mc:S +%YFsJI)m>6)^d3%GJtt>@!pWn[Z1WIA+6")\s0?afOg%+4_>T0/g:#fc>qj/C@-_E^*aE[r@,ZHAX+P[4ZF7rq[Wg/1h^OhjrB;H2 +%^/mn1jc#2Q/A2_+^B3R[SO#PJ)EkU5']93aFY(>$\;43WhcDMT]%#i_hn)$#RcY/N9XnS'E_D=84Qr$mn&m.6:Z-;B"8)gc^k(8$ +%R1*ZH^,o]s?F`Yd:?18<[t#qHj4-Q^@A:$Jenn=6o;ooj3Y-E+i/Rf$Xr6#3>dJ7+lQD]eLGS)h_q$BPG,uYJhQVNbW$VL)NF()' +%]qp0:kq&K-jc6/Q@o.<*D@j&Kr$Dq<MU;Z2I_LWgErl#4Xp'#W3LlSJo6nV>8p`8$!n\"Xp^*ug9FB=Y-GajK9d`Rro7jk/ld]V+ +%$]E`8hYfIFhY@KJ,i3KIp[t)pZI)!#0.T)fTnJ`fV(l?Gpkp/[ERD@L4tFEV+*7OV9!Cg2']r6[jJ'?3Amm_(,)Ed0E6/^=.b1iD +%d1V9l/bX7bIJ!A8#HC(b=Np7<B2D[M__;D[-0sd9USQ,AS5`DI-kF9=_0Oes>kda9B(XT]G86OE*]V4qjNr^"/B:ruS6VUj5f$o< +%r@R5<]P2(_iY;H'DM7$L'BgbL$J7KEdN=3bh<"nK$uP7'X#2]&c^I@e^$\Y+(S&qI0\EOf7rl1qJ_B)O?5#'5G#-E5m0:&4J_)_n +%(+`*bMqRPuo9#/J[Qr%.4J+1D()]Ep;QH`!=1Q0!H=[\Pn=e'=l"h`3fk+]1.*\a+#Kt+:+'71IV_-qSmO#8C$.$(p=9dd]>%1mR +%6,PFE\@$0WW!ejG]Ujenmd'r!hl?FR+O&dh.+\D?g@AgEeEVVN6Fe+CXJnW%Q&N-WGhneMm?74<Kf3fo.6#&P3=K<VH)4#^h_8NC +%]a*dgg,t&=YT908*Ab$u$(c)#m<g4bK&%e@K;`hNq@s%.L)pSR3C)k=*'D(:0W'(gLec(/B$\13/lUF#gNN?*\5`i?;ab8!;<,W; +%7aUZ*7_hJHmUddZS3KHfBUVd8!>`k_S>[;o1gmN3[]bKCbcqWH6k=$Mlp`IRXQ*Bh-u:OoY3mKlk*["kTF68,BZ[MtHWAkH'K*\m +%/$f)l9%U1&XYcH%II-Q%i*$Erj8tTje\u>o1=Uk:,7G`MlON=1^j2gEm_f[,0i+cS_O!8a`A6nuNfnJ8fe\>lmI9p6Q-ZHV]r#*Y +%DoLM&^6B)P<Qi=")t!9Ah$j0h-r2LW\&1TQUBO_S`<*T$a1HJ)"V[,eF/_84/Df0GA:3:mU=he8mLR47/DY%fM[e24%^RAI::m`H +%-IT"S#0'!E@?6hW+?+C^lP<RBDDj10*KR%sW#Rf*DA3J`!*3'r]HW.O+P*'//[L=l*_@4hbi?_tL6(Ga)S`c!I`7_tdBX^dHaX=b +%K<RjTc]IC\*If.^bhi'9.P@p07GAe`7ZSF3hUVWDMWC10Y9d:r[\`:>[/V2XQ/G@ci.1S"$n>VC8mG[a(nl,*J/tUVeut#G`B82V +%L/bPuN8@k*(<IY"-c,lD7V;c>rd',A`]u2'^bMWs[07j#`W51\;-4mT?pUH#(Va&H@/]rZJu)^a[[Cm9RAuq6WH]C*Q&^[d9pa/$ +%#Ql_,L<Q=I9N@UsPT\IT'gM$UfHl/^R*=+E"]ikcZO7&,="(OX0[B5RnGG_"?lWK$Fli':<Q$WII64BgLOi-k[=LZp01i)RBJ-<S +%'kZ8Uo7T'f6<qNn`_Q]g*E?U;]MLep<pI"2C(`t`5l1M_[`EV9hPBRbR6mgZ65q<S$G>N5"@UDXd'c3%$L_El6$iCgW`fnR%c1%7 +%RK+])[>4\\;VN&l'MQ3Y>d2lAVqBZ)j:sj.$Ic*q3ID_f<+*Z]AQBnXDu>!OGF/An21%o%nX<TCms\gq]agsHR$\GQnE1`a>&l>; +%D4/'`i$q_Kg`pmW;oT_sV@0+^kZ1/*bAoeRcP-B@h;tB.i@N=NC'Mp_."3)YlIlG;2r*%gkAa61p_$9kBbA&CZE@h+'/ohu=BF@7 +%n,"uN&A69WXSVAak8VWS=#O(s/B>ODHiN>$OIM<=S[/h"S5,6GdUJl:0;SpN=^r]GEP+46\%qk[4Rm1!;e1R'T7l17\5Ss*b*/FN +%k?&K1gup^H+8nu0K>uc?PfA!u!4n:3oDQ4$^[b#_pS9V@cSq5EXYr[W0&0U!fEZUEeilJA%Sgo3GpKO-K]h<sH+1V2EMYmKT;`6% +%dk)$C.mEf&>6G2cq[:IbK;X20B2m0]LrNA[`gjJ+,?r9IM);a1iRlF)P!Pd3RJu#O'&[r/T;2/=)`\Vpl^4r-4:L5q2u#LU#?`er +%`&XM\cok.W[CA(sgU!dWb"rXM7'cJa-'"%minpYn[I!YcC8dI_XXnK<K0DE4i#9S%\^@<sF:89@SZ@N`dQ94_\9\XW,mL[gi1>V5 +%"tm<\B"!*#iDDQ4aNQF7cFnAVfet_2o!@1=U,BNI!KXqm#_Lipn&CDH8%Ff<)<+OR/aCPh@;IG75.@*qbDsPaaA?3NVhj_\E5!*2 +%m'pr?F;lS2Cj1UkV->sTlssLYmaldh`CU7gk%sbX<ek*YF2-B;E*746jg;98`j8p"$Y$]nLqMa4UB'T-mldU4!*;<E("p!&luh2c +%eb%Z\c1iF)41f[^m+P_m+Kcg;M`e^l3(V=G"_E67(Hj#bd`gV?r'/X@h)\1=a7hNSPqn'`$gN5EPje^f?l$F1&2D[MeS?KRP5>\< +%!bKO/Z,N3WH.qWjDC%gKh\P"`E%B&4J%bA+:\BLmKtX<X>oqaGdhi]1J:$$2*UgA%Xq=\0E=BSC&70@k1a<1EB#21TF]O&^FK\g, +%]r($.k(^AeDRZ.10ZEGlEK0W)hgOA1ZhDrNmegXP4@0EccOb]k2s8uRgk"]FmPT2)cR3h]Y>R5i4)W_phojuHd'If<-k;\oeYV2r +%4mk7!"h76O75O8I6C/QA>=Xo\X&+@_P;cFJ@fV9=W7B&$)s4P5XS3%-`6@Ok"7*Ur2>2u2J^c!9H,Qh697D&un!P_MdPJ<"eW?Eb +%.\EXCR!J2Hd#&e1)Uf`X!eIll8$%=+'WrJJ;*edR!5&id'\*Be*8nET2)$&6WJGbRUr(_Te`%k]QXYe&=>7%(oZ2"_#JaRNXVkt0 +%c`/$Tb3%IM\_"4&igeE*RaU[30__#hVqUOrBfBumnp<kJbWM5t"Ik#@f$\CO>W[.o1k-Trh.G[1^*?+B:@nX>#oRP5Tn9%jRDq6U +%4CGO\gL6dRs1<`0c=^kgXTRdTj?p`er[6VHF>Wd,:MpjCbp\=r0M>QY-#^j_7\j#>Br^mR#(#F8b')oeC7_)8PFs<fCu7!Wiac`= +%%P-rD)p#i#46uIchrZupY!(!^93'B2:up4n(?_a!gMGsV-#rLEBfBMK8/hcc%P9Od04*"m**c,:>WcV/UK0(F-Y1?(O_mri?bY>k +%fs-JJ$t;8IY>Te(0sJLiYQ(0"-\;]7R+L+E&9Milr^bZsJ&4)gV(j2NGF1rQq=2&Iat7cH+,BSRmF,M'pB6'C-?041%1LIL[:XWt +%,A$Si@bPGgO4qe^*pJ.EQZ@&g.c]ZSW?d1T%q^^9)0U;U-o2=AhsN;`2H2O,<YB"#4.5m]$tKG*Ju$4T)!DY\])EF`_p,Lj[u36R +%TB_PTi)s(c8k$I0^LCnlX$ikoWQQ>*hf\9OV8:=A7\jeBrK^!Kb)K^#g5++!duCk&qslbjK+b>m@T!jJD!Y+#FeP(R>L-IG>l)>n +%J-pIg`Ss3T@bI?3S0Rs)P!WP6AODgWi:Tpgc\8rch.Y9uB^euFEn')TiY2]\2;N,%$HQ!JrgY+Klij+TcQ9C]+_=HV1:LSs\@&_b +%U),Fu<&([pH4PDL,(U(##]=?cCB>2^ke0+&DQ,%GbS';+K.;edHfY(3Z0f(UgZg$IhG+DC6$LFq2WFV4SnRe<&?f:qhAKZ@!YhNl +%TLuslcLm%]B8E"ZMXXn:[Co[n1<[3Ar!*7*c<\</X*-VsbsHrteD`n^"&\Bh$cpKX&o$fnW&*K6;;C6FE<uDdP/ZanZmO-Q/a!$E +%MoGXBN9H*)b90;-q#<WQ'`58T#^f-Bhu,1FG#\i]_OYnX$>Pbb+@&mJQ]8M_o^IG["JG1dm,[`A+$`$t."H9--1\8EnkfCZO+1j? +%;/1YpEaq$/gGW^3lR5acVjZ'QpLoG5**,Z"/tdM`VgV.u+j1olY4,>Re./3J35P((#W$A%8j+-*1*X0-r,kpEjC-J;H^d1F6(B_: +%8LC!eJR'P!o*n+D>(2q/@4Gd&Im*Y@8*aMLCJ:U4=LT^LH8"MC\'6SK!nnjWhR/IW]rg%K</n1QCHnnrRG<1FI7)s,Gt/<S%YoSe +%cCU(/AnjgW'a#;.8qR!AC)]$k^pa&VLiVr"h?K1VX+>PF-s2]Q%F,&(X87!Yb3YM<6;CXhO;mE(ASclIC=i7.$DW8qG0N""H$?a/ +%p(>J*bn5X*KE+';jp:D`E/nnb(J*-H/9dTjFPdXK_Cn`2F]n(@ko:',@5r!a]HiDQ<]Q,Yd5H[`!Ld0$G]1U+C<i`/RIdDNkBoGu +%!G;TA-(1dQaX<LV(h(InoLp<Mk&>\N26l.7:'39Sj%=GhN2s1#+m.uoC&N2Zm+]*g[_LG5BsL":K+-C%nE#Qm[A6"f,<FffZdcS! +%aHVON74ZQ\s3*[UBu9bb3KrUY92XV9(<#;PkXA=HX'XtH?%I0BUK!.L[&0sHhAiVeD>T[!d8)/Ni<&LYr^?GGUkFb3"4S@Df3&SY +%X/1ihr.XeUXj[!Yi3G^OcMMV,;bPD<Mk5a\rBPP]>SZ<-e1L\U;Zj4cYbkV0YU@Z:]_-`BO/di_SV+M'J`=SeQ(^_:H6S-K<5RFY +%<@Rm>BF_%["L^0^FT]Uhmkiu"4Z?tT=AnXSe_6A&05MN.IEn7PGH`!^bY9XZkHOZ?1oK"`N*mFm"XEKm^k4gFpSd736pAn3f7^;> +%]gCI"h1W!!M[i^&?dH4[:Mr\XXlUIsTPU9*]!LS,aIJ&jMtOVV4>ReLDVi6qB&%u`\KT/GM'.YB#0>..:1Ec6g6q3!(%rA$.#[7< +%M3A?1[5)kd\M--C.DI(*".%_:cLO:T]ZeRd)@;;V9`.rS0[5Hoo]\Jcb#;al!d[+boKE_sm4Z9!X#e+>nKfa:^5!mO;F'>68lkD6 +%qj,sO+:ujtj;S/F]Uij3F+2*L1qablOhBnriq\?HC.Vud'UR8`q90uq7elra'e1Mb)[X(0O]cUV,P1de_L?1lQYdiiYSs@TKrf?" +%N;"%[&?@c.N]!M%ODZpZM)4B!p?Jc*I2Ct)-H1+]O>RL+YV\$*p4a?3m)f!AA.7-,0gsF9G*!QY/HR>K$l@P8NAM`6S!f4Rd=hg< +%9AX9?('AWVN9s,ik$&JP`lA;pIj?epq=Dai>V#%/_Lf<CJj!;#'CD(e*>UKBB4,#.JMZ5'MTO@5o0QC^@YWV(*$k#H'LM'tr>f-N +%p/%b%aY72?I&%*&g(>J4':+kJ!t,J.T<KkKA\X6*6Z\D5f_>VjKp]lhnEK"#\`;^H^bLt<N:GK>Jbn`Y9?)r9f54.nP^(>C.$VeG +%3041E7EZN-3CgN]#$J)H>AtB#bpig?AW_Se+hj@4AR*^)JfmjmD&GPCR0t5j3UK'p,:%)Bg'Cd]WU@I[$m;V'S2@VY]OrbXi>P=W +%K-#usLGK-aarl.[q9XQQ3C=]g4Dq\8C+0Ue\"=as1dR2-Aac$Z0c(R!1@LV)nP0)g*_G17Yl9mqJ48H$P!Vo1MHT6i_%8lCIJ<-Q +%kJ4aZ5pQe9^c-Q>Or]97O&@pf\M,tkKim[3KJf.(2't1IMVPt$btt6/"SECm)nfbR<?C9_?6Oicdh\>=h>5,:VB^N2r1On0INg14 +%_VJE1q4&mLCUb;lS0BR%;(Q,(+^KOdZ%T#F@E.8=-%Q)-5)L\uHJ65q"G,VS3-0;rr_;s.dLa-9c7'dg-PsFl(Yh^JTkD%E#:4-h +%@/U!Hp#TEu%K!u7=\hPY8M>I':s<O9_9YW,O6"SK=C'F/MkI?/B?A5b$3RTB3sV8Q!<-9g:1]H#94Z\T<68?n_['j$6qrWk")XO, +%'\.BMHUARIkc)Q'[p0=G/cAV"7aAl(8]PX).aAJdi*A?Y>kD"UpEYk2<gJ]0@R<?(*lYP%+b8$dcX^YjK>YuTQ)R8gP)<Uu-t'/6 +%m[GMfQjAM2ScLSiAf!7e<Pc0Nmh6@TR&Yk8\M#1UJc/2ua$!no!^s9(B2J!>MQ0XXP9_[gFX'XTDDF>G72<Nm,hDOa9Q:F@)eu'm +%DB4"H[bP>/SP5U*Nk&V@=r3W=%2RI4oVR#:$8ZCI<CprEJ?8f;<2EtcWpKs]iPcQ2-!p'<>iVS/?ess.(c%BX201/IZ'F^#7WK]@ +%FD&Dh=+of\11HI*pNpMP<YB.\8>.[h%KSR&AD^ZjWE`r6rFup=+@G'+0H4TJGg.PuTcD7G`u6HR8js!IbXu3)'s#VD1YCb9+I@[$ +%ad*B^1+5a%]M/d?LG$S6XMQ>^>"'4Id#=Wi5j"H6?IRh[R"?3@\Rc=WH\G0R/OTR`$sO5l-qf0*:ff)RL37AOZ8Yk5N'9jc]f+RU +%9K>3jb8$Aifj\DKApBVVlSPC\?r,p?W<-o-RUlj'GnL6%[9Wk]=c-(\`s".KHJtFIg>3^T?Qiq6]iE9ZKpVU-#nRu;]S_).S4A1K +%9'C-J<Z`,Pf"J*m+n4-'-BfZ&m[@uGW3e&5rR:Y+%Eq7!kD]"7\WS:("?;J.V.q/j1'!`i]:m#NhCNGS4-E5Z@L0;?E^8@gq,eM2 +%7'`Q,+S>O(Of!"^DYq^W2VUug#0SR"ONc9O#[lTdQ(\Jk>+M[+)cFHJaQM+sXMC)_Xu&hkqUfJKb46ZlQ[&+6PENR/[0c4NG?;,= +%hKpU"Y7h=Eb7KD#MbkH_#Eu3cNS@Hdj*7.,A"V=/q/3HFEpcCLZ6b[`0'q8B@>=0G(!,pgV,Nna.u7L`*pXqEl]oL==,q;o.Oq]5 +%^B'&AnHU+-Y+4]j]KOq*Q.Ssu*bd3lm(c3WT=Aht5"8"Q;Tc;++@#H?T\u?U$L[B94THoR6=JY43UmYKq*["S_]Ineo*P/'q1q0M +%il(<-#[>8LDpV[H+Aulp?%e,[l4_6kH+(q"6>[;1I@omGB&HHc`UST"jkcCr7h3MX+%RGEofX\OT6n.i%JaK+TURP).1q4%!mBZ1 +%e#;Gip.BEmh=2:@_rrB7Fi7k\3P<.C]h]L\k7Ooc;KHH%!#ZN,_A:HfLKh@G%3J@RoOFts(<j!(S93;pf8Y',kFa)5p`[,DfZILd +%QL#(>NA`Jke*V+8qNFN;3`u3t>^`jLg?sXPXed52bJ/U98bSgo,r:9rMd%[J.Zsi89[u9]Zf&Al*Z*n.CFp5,/d9lBr?d%OHS&V^ +%Mqej`VtV0g*Mp&0MD&c$[sI-Olg;f=Sf:]Dq_V^?SC8LBa1DSYbY&t>.0!sh50GiZ"/EK_44^IiX:,*X!8Te"42n+Ud9[[`A)TAG +%,"2B&,>>9uK0U?Yl,,;$;M#@!"d*-l@655tI,/k90D9_sbSGF34=V.?/^aF,T<-1P23g-+/js81M0e`()Z><#k7-8[ODT_=[rIf9 +%hS6(l-X#*Nk7KQtNJF(eM%_]o>$%^R`0.Br5n/s)V<+RLMg/]qp-'K2!)I)<E)%:6[B!s6EfJk$$T5VKF4R"j@+Ha[9)'n<"E$Ei +%KR^^F.p;G$T%O:O=_$lA+JLWTfrj714#23>baW6*I\tY*Ub$7sVVrr5$Of,Ufelu/D#Dlt).cS\/]&T?n8&'60b$tSrgG'&1:AbM +%/Ha)Mm(djA76.Xukhj1_,\/&P$Q*+B;KpaVJH_"[^gL+j&cOsoQ<BI]Rp>bbX%*k<UY(XR)StIDKT6:+g+6ru0,q>l`NgU50Ub5D +%b@e_U],o8akWZ.%<AA>?f3+g1X_^C6;`8T!%UL7)9oD0B9,-"JH28^=QutT:`lM;]"g]V`_"e:7AA3N/cM#_Aq@lu3!q1pHaIRF0 +%&qkJ*CO?8k]Gj-X7te(g[b-sa@BWN)1K]pg.nmM/M^)6Ri,-cO%1?NLkt)N7&m)!YneH#JS0h!po*hO4gJ&!'kE-_dDEBd19^>EH +%b;S.cndX%0&Sf_ZpIS)F-aLc)>s+6HU$`&IC?k`%nX`1RlIssFRZXT&<KU(AZKud!KBITcO(?Y[5%0JEQcsa9#'9+4f,)>"&gc8> +%P[t.$pjA$>QIF'hY$-'+lO:'i-[QEu&VK7.'e@eE\%iPYE,-@Cjc>XE)^s"r..q=>-hC\^3@I%Z+42aOpA<@_C2,>_8(k^=4qY90 +%TRu]#VfN_p6a]&>\iA5q!Vh&$n55[km&X1C"#=oH\=s3J_LcJbg_'JE:!%rlHg)Lk[/>=lp!tcCc.D-IMsEYpY91sZ#\D@Y;.C,7 +%,%t]H.dd]6q&&($>0NCS^s^Z>W*\8gi2^)e8$$)'ZWfEoX@C>e#VT+,;S'aHC'*s$Sf)+['sZBgMG%dM`u0oG[Q57X14oKR*\--J +%CHXZ8p$dR5>[@Z=DYC#LWECVihb<00KEPGKeTB<k(]YPj6>Kf`?7C7*DTP0roph'm93@IO)osMV9n:+&&l_l=IfNaSB4=]M[YJ.e +%QPH-)/XF$Uhod$P'S(;?(VJYi%q<*<1P:8^ZtQGoOql8/$l>18CCBjm.aN!@:DU_A:!YNMXATP0FSHKHplt5Y.UuG'[FKM7Z'kh; +%-/VMDFDg[M=ct;_@MIDKjsi]*6P,O7%%]51#KdeUShCD*kZabb2S%Ym"CuK(`i*#&a]]Q6Ks4\F5un@P^"I0Mq5-i/Y=p:NRauR2 +%1.EZ"?.UU.BZmXTN&&fGf?(:`V3&G6%6j3#X_sf3nZRI:Vi9*gH_S=a^Oh[+`)kTb+&*J!_Jk=i'kTiVq+c_?GB9+jBm#qW&%cnH +%^lCq:-o^'/*PjCj("86'!bF&PK(P$`GF4_%:Z>;6>TLJok&IVAKn2n.2G$s%C;)LDJPH%5;=ZlBmm.`CZkeYBbi%i[I_TI<[QNHM +%pr>76@#[;Jn)4EMpNNa6oiX5R=1qC2]"\7jr0[?K,8dG-qWA<WY)9V:oUZpnJ1P>^ln8Z6aNa&j4+YGb`3t:r1DVJTPP?QLU!:EX +%CtQII0q8/5j,SgN_PV[Ad:>3388XQa!_@Z*cqkSGVO-N69..@Sj=S1lFlMt*!qNL2iD*fmZs\[\jp59*QtukPc'0-?5.aP:jK>n_ +%FVsQ^qj,KhV2C%^EQKP1(5o9!,s6e?jDEh`dlVCi6npNA%%q(V$hW]C5<g#t),C3rq9=n0p*FWUQP#9_(i"F$(j9<Y0p3M_T_jB% +%"a9Z`G)rge(`g]*Z/dr,Np)GJGA"o%!EXqt`&,C[?kB_?/LF##(.mr*:KVEk>V`=`Hs(ZR3seY;O/5pIcf"/C8!)kj#-OBhCB"tA +%,h"EmZY/+(!9BA%YS:%Ej1a*>/$jE7j/+`2$,6TSU]?d>V/9fcfbq'6^^;uRDh;J$nBTOahh%F_`Z`-B'5lk/'3Npt-K)to'3`4D +%*^)aP;/annd]h\7DF?Md9H2+Ndn<\)co-d-jQd"0n&tPc"q#Dm2)#7n_*_?49hEGW$0RhlK)=PE-Mp4_"u2iJqD;k>/"J]1bS5"o +%^q+EqbYAM$Y\1^5J@=3r$tekI9Xh9pm_K%*GB4ha.o8a^KS6if>2\t>U&2&>*5rmDT]HjXX?9=)-]Z08e>7NApblqWNCN%4jS?pT +%,AY`%7N$c'd%]Y`.<^3*9oC6)iXIN@?Q-QsR;$Z6[*Kf`SWLY;4BF[:'#GRN1"Oi"WQ37$PA0o!."W4Oa7)k/>T:1!!WE,gQuAu] +%8nMnIn$LQNF`>+5ai3W`-R7S'<LiGM_!t:SBee&8al9P3CCEa<r6tIYF[*4&CT4f<4V_+o=7Af^N9deBM2Ehdk,m`c=8**q6Yutt +%pg_Bl*gGQ7J30`NPNoUtWqcrq+1kF/adGG>"@Xe+9=C^SVe-q'rkao=?.$m4UnYj9N7U3K5bG_QK<=bP!INU"#id3tQ#nX+PZD?& +%bAIO[$@Xf8gF'JNdr%9N,F6Nfc&&6q4@5)X/k"JiT\L@m#NV;EAHR4Vb[-m`kNg,Ak`b'n5364)4XV.%%rh5O9:r_WVol33H%@fS +%P$*nT]nZiEO=fiYP2MBLn/+CH_"Erdhlk*]>P%J*-o,JGMk>VA^Ygb>7.W4s(p_WW2E=c\)n'VL0Fpt!5fYa-AY5&2IX7f!VPI_B +%1X_LNe(::r13MtW;oebC'V(K4Es'`pa,p%TmXO9K3(XNi7f4SLHEPGe=m=c"(_knGZ7nl&-V:#5L0*'h2Gfh!\0<fV8#e=b%k;n$ +%3jLaIV/R1p6TO>TA0A:*JueO,?B%VhDe@mJ!JP2/-oa.;a,hPM9V^r=B?oW,H0YG+!NJ([PAtBK<8[MA+$_bQF6lQf%S)q7ju(i[ +%MI=4`9i>fN1te+SLB;o)f7P'12CGs.d"'0!B#\RoCN,GWr.;Q5h_r5J:1nlQ8LHobh[\MPerm)E^*d'=`\0Q%H&Jn%*E9M6SXT2V +%k00T8k[0QY-MC[\%uk]EC\\/BTkMYbgbL`#c_!"^k![-"/7*8[^!YW\G:M%>N-d1G+qN6SCCAmtga-M+Na%6,L^@gn9frZ*m;e"e +%rfL]rP&Y62S\\KmKd+j%5'JBOmG$F@dg;@,?[+MZJ&+4$8R<lgCqEmuIb64pW(Ur=_dR(g:/EOk\O@ec=ioiu4Lcck'HK:k0mc"B +%rSd=iN<fE^3bGg)HbiI$qb?7(SO7"72K^Z6(1`q\k,)EZDS-5]3%^#@Y1N7VO"?jjk6[`#G;LBH1Zgut7.5,S^mT)X.pWVH^C/m5 +%GJ2"MhDu-*4hSg2#_3NV]TTRihH^AM0]T!$#/,h<5.=5P4r@R7I=Z\:"M+)gDVAdGYGJtf"t(M1(@g=LqAkLPV"l$J?].`!Rft`H +%0CEuEMj1mj+FfH6(&LU.YT(K'?Mu*+BG-)Cc`-_@Tr8s=OEPS*[PoW-TtS:)LY\(q1-R".bW/,u'q7P]*o"_pE3-C991>=]T,*br +%`S@%,*Op/@W-ZY+s!&Ze`@PQt>8d$K1_Xl"-B*`)oI/1F<4#qZ(=^7)aCP-FDBnO71/_5mL#kfn&*Bh^lnCCV-H8;CCdsO8[3-), +%W1"pQC'sFLQSUNCeBfC/&4nD=:3/*oLObX(7eWlE[W8'hRa^[WTXn<[$#7R1MW2mlQ6c.(&MR'8I5Sb?hFn+6pCa\o2o4rH$`l"K +%"=L2:%%HFlcU)-lb)Fsd=\Ao'#X-\oQ@!^7_$nOjGYpW:Q=RokU9lV.?<6qN<!4'>dlrF-$gr)QD%`7e)A\k6f,@-eLCie8Z@pgc +%BAmhbS-p(SMf.WC4D?DnB0%sg3G^U]0`l-HO*<b#^g&uN22[T@@t3(T]g!,:>UXl:IL&Kf9BustWT./e(HBE)co!eC+bsi+;@f1! +%!nKjAaHa-N($jS:qV6:K1"8u_!^QI0n.F14fLlcF=i#j,iEWuS^?okJ_hl;bqMDa-<&44=,QK[`fK5L!0'!]C_bgi`^.Ope(2JcJ +%nN'LM6^^heD-1]6lT"bF(lUD,q_r=62\LYuNtFRkDr/9h#0R*Z$jlKh3Y3ulrk!9KFjFI=OoN?e;t&/Bi+BLA=(H@X$gu;5U<FaT +%(-g^=eZ%joWr<k!'iFk"Vn]FgAu-$Y7>TUMhXHE;pgG$nCD7!%S3o_#>$a&TW@a3Z:IS":D,&1(W!/kllZLNf;<rBa$:d/=#$@s* +%A<@SG2FJ_YVR_:pa%DHT:!$O*]_gWW:(j;f^gQXiL+=N8Sue7G+:\->UkE&GGY%r!`jabsZ&W)ILmu0&$9l.aiKSFMCZ\ugAo9`$ +%Zs=BEW<7$"RLatsgBb6upJ;++J3@ApW:.'%bE;3Gl0YX?30Jq8E<f,e=a3dMJ%=gh$&sQ,M#9>9&gAh"@'\K3)]%h%YbVXM?rD7u +%UL96^oR%DJ5Mm`YAXLG&SoW#KfeO$tGQF=30PPqE``+^qNPEM?B\6&g=*m-'5DR3_b1##76'PE/L1Y0`8F#=[%C>P8hc65u3Y5B' +%]2B3@gfqr^1)M=^VAOXOFuk`X`'E+b!G?RRpH!!9;L@%dn:r&=WT)QaH#':&5+,V%p^CgW#A&JVkb1h+3?9I/BI1KKp:qR?BV7#h +%9_&hmRNbNA7NAdG%mUgRWFNeP;s@u7aJ'E$KViDP]CR\KQ">^i[Jg):/Ko#P_G15qILd+poR_'E8OAe>2O>LE\P(##7_^s`2c"Ka +%YF)Zn->.J8<YCkZ[2=/h:6fNg6]j5hR:`oa<FWp%mfSs/,7F2Ge^0iFnC@VfXehE&P,W!oo*?QO80oPr(JD%tbo(q</Y`dVHU%U* +%Pf0[P5i;3>.O1`@8cfE"WtsH[F4IA2G;QY5M,t*I)5,!$CoH"**e<+`MA@Bgo;G8PCMF#CelOQ>cD!8-K@&g[)EeHd=]s6+3Vek$ +%jTTrG)[2mDl@^Y,nM%1M-r!g07^Z-844=Nm[)_*`Ub/R_+d^+bS`q]K!]_phabMGqgTh0rFK:PN9h6',!jqcJlTsYU,Y:I*%34?Y +%IeGCE?j8P9p^I6c./-J\i'c$OPCW6-<7"prHioCfYb(goEjSWApF#H1__ihARQ0f"';b<Nc+.eI>>N(o;_1b#^c@0NE2f!l_"QV: +%1;qf&0\9eh2mi%o#h-0@Nni9M[u?q-mO<bD':ZUeSubi2m@B]r99,G_q"g>,i6D8m;GBI>H7q0i(O27Y+S;:VO(/@6:8hL.Pp>!Y +%:^gb;<=f:Gf&I5b.NuS8C`b&eF^*t&TGo6Q%0=M_XoH``(UMuH62'5Z?lX*%fr]mRMREZ_r>8rgfDQI)?GYqZoN-8hfl\4j9>Qg. +%Yl2h.!cR#(%<&XIi@WY&q"%(nYtH0(`7^1>^JRGK7lBe+(P(qs#Q]:JGWUjN=LZmP3u2NlJd2V/4"Lmm&F$_';=Y&Ur8I$cpS<i_ +%W>eHj,fh$+>OU2dO(ced4%:6q`_3C)N3rl/Aq8?YO@mOZ]@!lP.c_bWiLZGPm4;eQ9c+-fF2m&K!i@)mEZu/*m?@k<4L6<emF7ai +%pu*!W(N-/75gcT^%BOm>%:$7%PmB?hQ#sm+8B\_agIr)KPYf#`UN6MLL&60_^ld/F03/`FOH^>AJ=^TMI#K`d[<8GT<Y*J0Jjg2n +%dL"V^(,^XXPTK0'H!aGu@)3_6_u2J'=qL6_E!+ARlNGp%3sEprL(;(JWD\d,k2"c9ICXu70L?]!8uhra&-0/=hR5\3>+kLqNKBAW +%TYN]_9F&W_@n<qU6GS3D1-=f-)]6OLZL%q/+-A_]:"toD=Jh^BmfG]H!-^L.UW@EP^;OonZP`rcZA.m]\7GiYNp[`K`R]i,1QWo8 +%!P\S?g(js/[LQ()UYJmioo*\69"'3Q70'[M';U0J,,F#N2RT:iqMjG/(h#AY#.UN#0-E6i#dO\gQcN\)!l.><+N^+>;DE+@3@Hl& +%LoYX''c>?#W5>,p#g??.$D)6Mh_U'ki7D$2'.Z0_32((#EWITH8t(,_N\upoO_.#gC+lnijAj1#1Ec"OP$#&AoOKe_p#'=a^/pM% +%4n*5%"d&NXc6?7p')@:XLc5KI4^%MJ>)%PXg&(7!>`uP:I#jTV`/5UKL;k(L8qbn1mVVD<=>a^dUc3LZ!g&6,O'S*G/XX.sb:Af) +%f@/Qs2]^??O$W1O*:2&gnRBM1+6pI<7Z&ljqcAM8#^VSiW+"`q+NI,o\88NAR.1h01.To#2WJEQES[Kg`>.ar)=h:gfnHm0HY85W +%]g_A)++mhYl&0mcCWhZ7Oh4)Uei2[<8A:oBr$QHD9F+6"!EO2PVr\fD%+9;nc`DXiR,IaO"Z)$6Ub388'&X@n-F:`gb[J4Ahi7+2 +%MUV^(#6h;6)F5Fq^j9,gfn2';9A=c[]E5q[``FQjg/;Yf#H8Ck%*]&1./27W09J<0_AoiE]itQ@$m"[9empV+1G#C0p^"I\k@915 +%>%K=HM#Y3P9Ei2_oYJa;=j%jc>?25rhL5U*#c2f17ed*\OZ]^r;;sAtp7Pf(<o$@9E_idM<7l>?'N[D';24\V5^IF.'#&oiB&)2M +%acik76Fn!0>-9BMM7S3fbbPr'#ZAMa-isaWN'!L@iPX'OF#(l8!;`I"$l%RVGAg@_X<&p\1t^`ID<8Hc0mLDAU9lLKU__U/J2f$, +%h4,AZD0*G]gC?m(lBCU?M:d%UX'L%/pi5`cgutXE/%<rUOWC+$\.0$BjJ/^@"g:5B?j'Mmk@;JYZMk;"Ko@;E,YutVP0?qu)PIEc +%nblnUBtkak@EKJh0+dPkgWO3K;jb.X>[=kj3Z'<b[\%Vb0R\TW?60XNKGkO?"5f,I*d/X[QM^KCaq[M]^9lQ$4YR>-DmkC%1I1K, +%cFAqZ=hA7'o"NVO&X-Z-f>>Dl8iD!bnJ$-m5`4\5>86O:e4bn8PAF*VfJO>P<"'20qd>aXE=9Ao#9A0T/'El%FHF-s=I3l89UHU% +%kKf:hCm-"^#Hsu>7p2(piPYLqqQJ"%-V2G<@a(ps,&i(*?Ee[/nE?@,o;1^qaM=?Qh_9LslOFb*!!^`tGn6Q?FY]c]7u&`5gA1h$ +%WNqOGN&BKYljd<9m\\QY3L@?p`sUZ/i&0k-%QP$=T5.)Y8ff<7J6_P=r;8\.V60N>=^q!%'d)B"cU5JZ@#5&bSoK5gE#tq^hU?ba +%4cCLe;Js=,TJ-q1&uB=+UI<Sp0[uO$635Ln'4j`WQAUrN$fKo0Dc[-eh9/EVM:/t8.ahG=L[C3_h7l<`#P<op&NfJFHq4iG++4Y9 +%p"t2G;oC(#?;hSXrgVjf3ks\Fo1,F05Y(0XDVo?"bl64XJgXI.oNI%94\eaWd5ZZ05IS8B.Ga.e^ut1j>$HGW!KA[T^#&r@S6*ic +%!dEJW#7(9XZmB$;oD2X">c8+^rRT.SNhTT^]9ZqDKtQ,DDqCIHXD&V-pg!N<Gh<?A(9r-5fQpA7BDOo0Ct7h!^l+o`$84^!Ue>D% +%A&&cUIM4scd:+Yt'L3n,N7Jn:p2LYeU6V@JJL+=@>WL_V4rZd+g'!(#meI^YI9MBa>04-NPH.paA@Te1-_L`An0%Ir%]si]4tXSM +%r);?9m`-A2s/EJT=9CSHe2#b3d^7`^EXW[m_5NC2#2DT^`YTB%E;Kdi\dY4-N7.9<R'3,LkL'!aTi5Y'a07a3CWd%>f5;LF,%tq6 +%!m3L[H>s&m8/LdeCQ)2poq4S76%Q-C+56!FVUScUBZUbsa1+/dAD,+P'mKkPaR_.'+Qh:PfYH.R'E!:m5`\b,\E]lP4oL>NDI&Z0 +%T9O.^-YpN^UX%eLi>?N$C'*D)r_]\2q4iK2b/q_2jA=?%UWu2o*`pj;k_!!o7ZiQHP?i*"\9I6P3)@An47'[fBPtEX(UI9R>gV.+ +%H:EZ2Lr8j4YTC4:Q;AUFLZK?L$'ZLla0@B;a)V\R.&V'5"h)WVQk$uA&+\Cr?LU!O_8tZco/p-jbq>U#RA'VWeQ[sQ-!*-(6"Pn1 +%YQ:oI"LkjqT2WOKSU_:m)*Kqb_J`c0P@2.n$uJ!YXP0_MXa^!K^M*^iVI&RY"?>Tg]e*m@$oV"#3%(PTChMl'YPiR?ai(FL@\&]- +%Y62=.\!G[@J&"TFTkHnMWCV<,>ch&lAq/]r$',04+9r&-F'(c2/\s<eG`8<9=,[1lNR9-N8n+(rH3i_R)A)=7.iLgi5D!7^q1F3\ +%Yq8=HjA?iF,7giB+;',HX:_P,,'gMP@$8hai0H7b1bPf8!f<USX<M>B[1TWTi=Q*kS-K3BpTB-T+7AT+d[ar+WAu1)C1,=8WAL-: +%PhSr$G-%7+Hk^EX`uP!28]DV'?*7S'mX*+lN.urd0OH@dWUg+,7rVl\7>LJC^B$VK5Fu0&1Z-7=,C#M7l8NS-gHKBRNg&lVSR2?) +%!cf?h=/bp@Y?O)\FK<28L^N<qf<fH=HZ0]SV$\nlmd^"ZG9)L0#.G9BI6Y`n!Cjpi27Bf$n2+l55Qf%\jf5FRXd200^>B'0UY01> +%b2iYcLG'I"ZrJfVVKU[+J\iU]TZdICF:RI'^W430D$`,""h#J:J1\k.Du6-hH?90@O9NkTdKN1r-K(?&lop$/+3g,HIkH.:'<)4p +%\7lJXF&B`cAM$0U[8bk&PD9>*f7a9S&Eet*TmGGpZWdUm;;[Ee\$jfDK>(2IhZRoqD%@<,;m(lhjB_150EM_/qu!@q^b=9Q6@nMS +%grHi4^%FsRG[9$Zjtd9W!]2""Kk158s*`,kqX91mT(u_ljCL##4,a^lSo#!$anb0]66;_87hJ97%u/&J\F;t:<g6K?E*dJ0_dugf +%&"&>M84tpG(<2epo\)hnY-@$3=arq%C'Q_=lN.Jmi/-N*"1TO>e_upL\-L4X(1N^h]/4:A30@8sBalWsFp@oW`Oa+WNFi'?%MdQ7 +%e*=d9GXd9e]Rn#D(5e`7Y=S^Q7fuPa#9"Rn(57k#6[M+0R5DM[7N(tDIQd;s6o301@Z-co2-B_7<0`3=CkiH(]<uit%6E(2]W2WJ +%9]F`:Ti'9<rfo=P.-0Hq!/+j/UnS"%7m8^8Fe]0\Z3PteXC@da")N5??1ia..i?`gUX`a+aqdF;KcD=MnX)(N]R^f.DO'iH17qlM +%KZHE'Z(5hL&4mW"E:Lro:N?M>+r*KFc6U_AaLc103)2"HKSbX/ndG`CXSclUe/c2+'6t_UgC!)-3?ePm^qt#/B#^LalR&ek$CZ5S +%n.pAek-\]jkWi\5fa..DD+uZ]hh#U`ICM(9qW^\A+h18g(n"_)PkCK8^cWiT6!9?/]*mm@4(DM"]'br91FX_7q@pTUF&;&kjl+$u +%pgX0e&hHW"$k*BLJp08#/1`[lOq5(e!$3DM"@]JGl[nT7VJ0ds-,\]:6=$?qYZ"`n45K9;fIOF-'.@5m5O=]iK-f=oUtXTO9Yi/9 +%Pg7&.El$RIBf-h5OFV[&_i)R7JkLQn4DBM%5oSD""eX7a$NBcBj(#+%_^cP9(T.9NnUUq^2ZV.VOumqZfi-7u(^F[".Km6n4K!Kf +%#LF;Pfi-C'Z<\:NE@es`Gj)\FF8S9:AAm]A4^7b]`2o&,.mc/`,YN%<->)co,^!=SK[kZLXs=BZ1(o<-8]hCl@FT+2TV$</O(<s6 +%9)ptiek"P)JER0J/>k(Up_]<F;,T>g)ppK/l=Q('M"s"hVK5-Z9l)a\/(\3al^b+SB-<(?>I8.@Sf=&%TB9L?/_A(W5YYi8$\`&J +%R$&&G=1B(iEc0!"C./@nOT,mqYLE7]WZmIR9gJBElHr`':s;_qD7Y=?_Yh+[pgOY-i9$6,E5Xu]7+t5O@)S=S#/k!&G,gWQ@l]/O +%`lPQb=lNRo41)RgbK5jb.iFSm,&:R@5\77^co)'3,(_h[&VdeA(#9VtaXH(4R?oF<NigGK\?.<sn,VT/^qai5"#,t0<Qk)BP7?p% +%Z4n(>(,Y(T6bk0^B&jd":oY8K:tpZRS9,_T->Tg$#J_"rG)=kAU6%^[,K`.uYEVP(po:Am@/#W(0#PIaAmm"[M)o*pg;M;blKd%A +%!G9`&6Rf8a8eRgias>:<>MU^cUXUKb\lm;/@FP[qR<S&;i/Wd[fYOP>$?6cqN`@qsMfsq:#(;1,Q'f^Gj?e,H[\ji@fINq8%0ZX; +%7;[DAEsJZZG\gjQ<*++4fYi`S8hP5Jg&d<gWO9IF%cc.($qu''/Ja"l#:_^a,U>$B/7bPQ(Q>=67<XWUkutPTd#7BVq$(^t9mD&Q +%ZQ!=f7kkp_-oeR$CFpD=Yd']`#MFa]5>Sa>`.[5pfr_9(.,?ZLMY2A_!T5%'(uI^-VJ3HX#*Y7Y#nRY6QNY&Fs3UHAq"CYk#91<% +%*d9ZI2mM`k5l@5&!#=UK`QCLfUE\Jd^jXMG@Ga.c,R;e\[;.@WC;$h0%;I5b-"f!fK!hVL5-3(e_g\J5@Y(P#?"g%0D/q-u=&6SS +%ILdZBi\K5m,tGAIH)VY]Y&U*s]VhMtXHsIaa^8\#dq_")r6cB0TVcel2?L=5"-[6WcLO*kphSt(30kT2>)s*Wk60;$0,2W.I19Lk +%U[0XAEN4:$ln#bq<BV_Y#I"qE+^3'XM&Kn?@XVRJq(mdX_$#:p`4f3TZPj/%1`\TXXqS4C[l%<j5V<nelgn?--41YqfNSPd4!,p7 +%:M!S2>c&rB;+.L<-k'\maH7R\#)$iaps-Z:4EUqI>V]A3kiu=K3*tQU@5,P!i[S>K&5)[7P7Z`t(U:L$oq]_`b@StnXI"o,K.'ng +%+tMM)E>u8ElPWdB24:[lQ;9=K#8[]E6GUUeBE==$'3XgHC`0*IT4.YcP"!lDP\F8N,W_s+fk3X5eWe&69Li[RjT.i@,b1Tk!1#dr +%;[!GlSL);Y`1le+q5(C)9)o63oO/3I![l&D5a>WeWs%U3gr\SbHe]odpI"j;4q2G@'N".3(0J>W%_.%Z0q_\09]Q=.rZ.Ea1:q:P +%BFS`[9JZ!rL`i_+=LV]SYoKD/g1r\jfDa>:]=HG](/PBiq_dh3Q4_9*hIhT?0+eEi0Ir8I1I@Z;;/";XPqUo]:.]``f"A\:3rheP +%"m6_/=WkECBZe+#++\9e!`-OhI)QIu6_2i3I;onca`_'HY;CFHA=C-nZ56MY!lM4dg'0=<ZZm#SYY'7ilRL!_^A]*@4ec$`,ZBoW +%`>'WAD$>9>llH0D\Iq($G(U7gKXE/;a=&/d+U.tk`(91$h?,->)jg,d-M"UZpNj$s$Y1]Y60ID4:cbQ!ZU-b9N"j_Deh@lp1rF_R +%fB`dCT'hET+$oHM!;qT!Qn10(F-Wk/.$f!W0NWit&GCe)37<s'VC@rG^0V15c.7lKXS3K`49c;^5Ol$c"3@69e)$fDZVh60!EKG5 +%>DIb1]b^"lUj61dfkk-e"Q^btW9NLXd<&p5cik[($h)bd,X9B*QF$m/S0I?f#D>2],J7qs1ae/\$H\a^=L@-ON7l`nb`Rj%8SM8( +%@^6nL5V9VF3pHi284'iF<8<X1;cjJ$>YZ'PgV:eA%Yrc\C488p^E6ri<;cC\W@7;^,FJ1HnjA:b;CtYl@>_&=9n:lk8iHd?'TJa! +%=pp'RFPSimEXP0J493-OA(?rBJt#A3Ys%\JCZdT;G8cFCI+Cb&._C0T%t.3!YI_MJ_+ZF&0TO9U@GOg8Q0`su^39F>\OIbC2a97B +%XLr<.l=_'@k?c^DSpu8\0Qgn0O6I@"7EUl:i1?T)a@ge[Z5$-RU0^.$H5+0`a#LLOJ-.#WEXcJ>f6<OL1<#slgiFA8]N8E^E)WG7 +%5gsA^B0?Z)SIVChHfM^Q!MT\WoiJuX\=aoR=64e0/D!eQW#2IN[7^P[#.#@s"/e!T;J'<N_M8W+QPrrkkUZg^JP$YmHe?2o*mhZZ +%CWDTS\4^lh2_r_5$?DK_D53YD$ModS\e/U38LWaS^Zc`al8?Zjf:]V6DHJTmcu^rP3X,KOU&^6Nn>(hnN[PYiZ<2HNc9.?N8nLP- +%B9E0Dgl0t<3#&97n0hr9JR[UK,:m:bEk%,<4-c#TPj7;O;fMu),[b;+o7==mj)f5Ln-Z?4cXe0VB1BHO#k$+sN-.s+-MCin4<p$o +%qGuj3K%DoATNr\dlV4uHGMoq"@Jb_/8KT+HpXt2edhcmjeIRjb;Y<,FbuBr5E7Z!I8F9"Q=GZt$UlC"S4Oo'po@1MBP-?8R_bnpq +%"e*iAa8m:R4$*]`WcHVX[dqSAIcj>\3!N4V7]hfG%#cZl1C;k8@0g!-n<aYJ^dY43Q4LeFA*=_cJce,V0a\aTGs.kaT!nP&"bUNs +%5KqlBO7JSN:_-2"oi_f`#baNaK3!(48DDiC17BZV="3&/.8k"')>2H*+sVb]cA)B6[^_"SeDb!#F$`&##Y>K,-!mY*@VL#VaX%+d +%Jk9aV!k\ca7u%V@N9Xf2_2<7Q_\d2LDM,hbJmgd=IE-NH^t4p'E'D#/TO<l,lbd$jbILqH\#uZBbV:6&es/6J2?r=OSj);saN.g\ +%@h/p$0>rL@nB%l<`8Q(%!b?HY7[[A]#VK=^><$Yo/-k.ToHW]7nu1.Ac<l>MgX:'g>Y-KQ_HgO"d&C)+%:e^PrL3A^0kGtSEZtOd +%Xc>*f)gLpYbT5gLhSo)QRu&`>,pT_"a3@P;$eB`m+EsT4ms>rVR%nUHa@DZ!;RSB)CbAo/gs4Pq"Lh$_#2&2'L!FsHbP![+Pu3Ij +%OuujE`4c:?8aS8La-o_Sq#V'S\H=UgcI+HFL<3RT"\Y@[?;?kFkr#ro6*#9)O=TQ$$:!Qg4[MH@pro/bU%\Rc>uLf:7$jb[eq-)h +%SbX,tiYKGD#Ee23q-*neBF&SBN-T[!&bhd9*E`EWrdCD)SEd.*"<_NZhuKMR`W/J*^O0)in7lWb#S`f\FTf10Wh=lui^u07edXef +%GYS)2-GZYEh"WcU_.I)>$hOk!p#M-l/W(\6&SK-&*3AO$YRP!pLSJTB%tE$u(2TmgP/gnX6Cq;LC:S>),!YT%]<fV)DGsetS>b!j +%TK]tr%[)mW<P]^UMFCLf<F`E>8:We(gG2G)%+Z*`k]KfA56:nclXA0r6E>idFG@?F@1j^,Y1eJsR/*D\&hlD>_buRfqZD(\pF[S8 +%E6T?Vh?[A7Jbt,bI3-KjNH;tHO."g@k](!]*)W3Y6eE4G0Q3a6^7l6/KVc")]YiKXaEIQO\W$hWAHok*UKbNPr;(O@"h[@M5`^%P +%FpK4OM+,"J!?,<)o?]&!i9#gJp<6nKafB8?BCao4cQIEPmsfsGDm[=6?lF:HLSU^+W^k$1"/k`Q37qd=E##5CN9Ge'M!jH1Q'ffL +%Bub-[Ya`mUe`iMiO>)</k8P_9#4M]G0gH)uNg3l%$b3\u5j?-@fVe%@lHF:?T(tFlB0T6/UM2rRh?/%+/AuH4!'dAtArEpR`ft18 +%.0-sq"mg#p#]!C.K[_6,0,+P@e7HJ\kN?dW@)&'k$,s]dF>((.ci'sN^:YnF]r`O7-K;EUs)U[%l8$9Md^N/uH(3r%i";cnd(mQA +%`OuZ#LV74MkL&sf`N)./UM@*%&oeCrN+KY-o/6kV;4Z#HI2T6<iK%h7YX:@KXU!B\C1=L:jtr.Ba<FQ7MfCco[*=QP.<A`4aR995 +%3L)D.f\KS12qn\9mrbej_chRC8cdCe,ATIVC@5W%T8KfO7YmaR_[EH7)Ou'`#u4W#8/Aq=hRTDN1[Ke_I2q%*UTCi'pc,6o8"OT/ +%H09oekbj`=YW[L5g8qLJaif"&,;u+)?p'9PlGl2ImDtLS.Q0$R\kZ>",K;+ofe0tpZ2hn4@K';J?p8P-5VZjk=kr]F_(ZJ>-<49E +%g^@tc>-:M%IeON6Z[a,_[u'2QYU9MV=?,XY^V`@l5^j3Np;rfGp"h%_2OM6oVf)4J`R@1fa,J`-#0pGYVLVgeniIYV/[@X#cK-fr +%eIf[,@h8K&bnFKYObG]V3c]]OPBg=i"N(0=Z3Q!^O3r'=<3b.ok6h)j;H?d&Us+n_^nRi+R?VGb(B^7?/DoN]01/`VlWlc,q$%1l +%SZ*)!Yt<JHX^H&357@8]0\Y7A("D#PYIiWZA!kj>A9b)=!,H(^hs6<F:eB,J[^mF/7WL]88&RjV3D?3RrCbmcLeCD6l-%,,:k=YO +%+MQF1%1i()@ta*+DBPJl%<T'8"lQa%mto8_E`"K/NF1N?dU3Y`+9O\D=FhJN>*6R7/8Lp,0L^KN&E^Nl\#L4.:tL&R5>[FOS-E#! +%7d]cJgSUl73V;FSObeUDIVeimXFL:2hs,:)JQX'q2FDUpa^urr?(59AbN-mi&=0IpCHt."rrX+!C1Ri9bg;a./bVFd'7_Oi@/RpT +%n-8a#O)+B>N_9msQs#[#]SN5%Z#@.u#]j+W9T2Fm>.P[MU$Qb+.#sJrD,Ab9",;?"kG&Q(77<s6hE^L>$20(SOc"FSA6<CB/uS)C +%>E0i`TV<gp],[(bbKF@UL_.+"oM`R5iQTQRH'2rue'Lo/R#JA-i`jGP/LfV#j>!1,Qo(-U)#q'%qWCo-.]<-\DGoC?U!.9`:I`W8 +%A3I!P`a+W,fWh_:jVB;MHhqTuSZf6/'K&C?=%3_O6KeIZ?5^RMAddAgOscMG`jm%sLkOLB,dLA'B!>k6E@n,`bXnogFnL^Od#G)[ +%55X^J;+D9kFQ5iC=:q@+e>97#`qU@B%RuB'<-amC$=qrVNo<-t7=WL^[n(Me*T]eiTQC@6LpHdK35FF#8%n/ke(p09d&+HDn:r#l +%7f<9EQZ4.R9g&J@TC9ra5gt?a2*@9l^u,4qkBn%:=6]r=JmVPqFgY7u-9oQkPS2W/U1V#;bKVOd_FcC1iQ.Rc$@CZ#=t+CEN7WS] +%q"!gtYcn<jBli>;+qujui,U&FJcqnZ,R(FYO:P0CKY/h=1--aBJL,_3IsmQnTRNIM.D9;)YET?";M`KnmD\<m,E1"aR8ai+UGLA+ +%[^>6n(THRLK*Q#6N-ri>L#X[T"/H1d[ur#6nlrL1Sdm!sVLpg$O%no1*fl9/P\cs!h.Qj,n!fBt(iX/a#7S>2bbP_\,+"'V@M/!r +%s+%>ef-'L"Lc\1<"=FtRWB;qmXk)R=$t(8mO&pS("$3IQXH:"IME<&sRE>/M[-7!pM],^2XVj,pVP$nGT7cJ2nj8^Q(U&@"Hp6mi +%UFDV)(F(mEnQ3M:`1L2Uj=2CPJOm[]j7YnBb_TNQ\2DOI-Sl*;DV#9Of&B8Gh5MMU_m<dSN7S7#O:s3>\%F6q'R[,;Sq9L(P`XBY +%"rY3[.?P8.W[""$0tdhG<WjPJ<dV%T*H\[t!?&#?YHS1E6Pltjs.R1/Qk17/2[&ea]#qE7X&B)W$$%JLgWJH4@/t))2I)Z))^&lW +%&EJCe,<+5;Mpj]%Pj'dm1'*B.CFXC$Gk;E9VP:*%,&_nTOQSZf9Yc%A`<lc0c8eerE2%87l&IiJ;tJCR.i8sI^LR8Ha7QS8I^JlT +%js0m4QjZV\VU=_sRDV_rh'0SN7l%tn4D8n&OV9lp8C$#3"`Yj-LI]BS=a:,<UQSZk'SjR^UG,PF3ndmKj^lkU93kj9T&fC'7>KIP +%LiICY.QgSphSH75#%o4P/QloB<8biKF7:H"@_WqHVe78kg>.'F;s"?YqKGqiR:@qCpjLZ'oX6<gp?M"Y6@df(H?pg3nf)QDP1%<6 +%=!ja[2Tu2k+NUbiEs@dCs!/$(L:^o'=!fSk2e**jHQ=U>jSFogcXWZ!9M!/UCuCb#2Y>r)nUDV[otPJf:X]C<_m:3[`&Z/Nc7Nbs +%bX&N(6t=c4ie#U+CP+Xc3.$*;@O$]%&NRK<XIUnp7f&u.4%X:.%28gHf"RWY%D(k:(e#+Rk`3CCAUK:$O;V5`;ZGq-jgMVVkr%t_ +%kBAUYpO<`NHDJ3j7fG)nc_"RR5Qq"Di3CIU8(^>t/OM6*r6Jl+V75en"05XKVTHa0f;6t=5'`V=.lP%$<FmXO%ht8[9b&srbCE8, +%YG1=IVeW3`EWTUB1$)Q_GiRaf04e5gA<*'m(<g<(qOM/GPqL]T&Pul@2>f\GFfGE4pt1A,[gCW4@HiiV]B0"GG,:Zi%7iQECfRp' +%rDPHF>!5=\B;lJm!d:o)_`K9XCKV`pd6JJW`**'K>=o$t-3%5#:,O"2=4bu4E1CTZ?h,7qqrJ41%aYR<f^nZ[fpVP+!8p_i8'j-k +%-]C(Es"on;'E//\fG,1?0>0rl5YoMeY!.J:pIf95gOABupcs]b`uo3L#-W5S'.C9:8PAe>mKe+YX>qrdbD^nL2<14T2Ol+4Vk:Tp +%$9'.+;BGT.qUZ!*?rSekaU;?,EO`m,6?m<>VR"e$_8/$F9O%*N(hCnq)NS@IPI8Wp&/_%h\dtZ@,L9gVSMX-Kj^=Z,qph$:rJNY8 +%K=1hOg[;UBK0LFUEI^RKg92)&lDP2VZ;)Il5^!RofWd5)%/5g0Wo]jS$W'>&'AQ]ak.s^LFACRQ?<G"ue,qCp\S7PuDR*Se+MTPE +%n"BtXe"ik;l/,@$=#Lrc0b*j1+'O8gYfser#'7&VA8&&QA?j=F8-A=-T2T_Q4S.\Xqdp'XHEo7q<FDg<57*aV.O07#Ms?N`WJ&=P +%h/=0:.`e-ONtHPprf9@aBGXo'/pSc-YHVVPO/QtP$DmbKbET#q(5'UF=JD/amUP!:NboGk7ob^uQ++(qQ^SgkqGe1ln$"_JdH;J- +%G5V7@mTGUMcD27=URG&7DDs9*('KCQgY3LRJh*XJ8TlEo>ZY0jTn5;<q^^`odFZXT_+,&(b>hJ80@X,#l1^Pu"PEfh4PH+ki'2fr +%Y>[(odB?o<elX9CB8fd$^K'r,5!]Wn^8cXKC"d?7?uDQ;V9G_F<%N@$4`]-q%0,,C8+=$O3?0LW5mi-WeD#ETfe%`,oADaj2VsM[ +%G"<'4+&Bg9JG1?WS9].^URJ+9-6Xi/YiN`%%0YTrDi-u<cW=<Y^ps\G1;WMQ"JoWNK<9aLCCnm6g^N7dCY^q2McRkkk*P20mJF,( +%97s0K[L9$Ff@gug;@@S=bAl5XA@h[NjJj4''J'bF0Y:>C\\1<^a56M7#cm#7!%1le>@;VI6$\0sr9N\J!5]p6$=IdFBp<JCbl`Fa +%2XP:+aAgFeY_1_YRXj+>8k51WWK_3Z!A,(GUsQCl5^Dhq%&e7E!X[DL>6f%<YGTd'*BC<7`lC.M?IRAo(;otWN6AQq(tFfH6bA;A +%g"\55r-cEE]T*ep#4hQi8*.6u8HPd"]7\tBEBf_s2:?Vi.W$I9C:HO$(@cO]%A+'E&,e/K+Xq7.GbJqll6%GX^V@.X9s8H<ZKX6X +%s-f7`eGacQXiZYI1V83C"*uIM4gOe_Ms.B)Y+9PVk^g99Na/jB"2_/FHJ@&;Ej8]V%_'dZ'.B`3&n&%VhtlZ=BqYqq9gBa5g/c&V +%JV*l-hu>>2>.6Js0UZkkg"S%*PhN"`6!BXZ0aEE=QpY#)RY?QMG_ARq*5nTZ>1@2LC(LQW*n6Y[*^T8GJ,3U0gO9;$`BY+3r?d'] +%JIP9tQ\$:T`\3&k7GI)D>OV2!cmFRp32d4$ql;4JC*tODUeHh3K)9<(K2nh?Jg(38.N^N-4EThaq7M?ig!ZVg`.]"nnoG.i1qI_S +%RW*drjX?L=3=+&6s.QPe?'aUMkDg:I]97afhol=FE$k7d\B=OHY<eD4ibcc+b+_q`qRW"_B@]ai1Q58sXQW?KTFQude]2t4_ohMG +%pO$1*\P^!ke%^X>]e+^@BH%*Y*+?W)DWkiqY-"^T[4?OUQuQ2b_D2"+UC'@qG*"`>DV;-Uh""Jli!cXb6),d^=/-1Jbo#e<K0N,G +%Q\,%L$bS;p[H=Ora<dib0%Up&(-PnRa<Q%%\ncF?cG?,NC[h_K)C!a7!QdTiP;HK'WE9A\VdN@l'Vs5(5Np(P.^i$8Vt.)i:\ms2 +%>7:<VVj"&t'f.3uWIReP7ffT'<kt0fO2XKn75KCaoTH&a(OKtsq-P2:F(]cW\kl@bNa+d%cQ2r0cY\kH[t=qk+rCj6i$#Z1=B8-! +%>DOl)=9Wu"$3sqX[d_lJ$S]Ga`#)=(_&YrA'9*urMt0#?q[a>,K\cgd+eK<r==Lda2NXMg#5Wc>qb=k][]Kc<f(E39XDZIg[j%(h +%gFLe#e4j+9ep+om`XuW1FFAO(!!:HI)TS@b&Xk&t1(g1F[A&&U\f&SOrs@b]!(IJSOA:bC(A<Mm(hF[<`^Y)l1_b-!L7.YmDmX%C +%B=]oF_XTFJ<c?0_\Z`h->YW2.,;%k"@Rn7:WIsboJ8/3sV<"CMO&V6Ol3FCFKjBg.NNgUTWcVh%,iTbm!ftR.CiC/QWehl4^;.0d +%C1>8IX,56"%PsRU\3[LP`<fo6T_D`Eo9FC/%$U6gZK,a1[TBE2+:kNVcp38JZ7ZXmZ/FEH'Qc.rhiG$P1qCbAC`ksQRSb#o)leM( +%;?-SQ1eFBF?`\hV@VR?-]/SQnZLt=N(t?AQ*2U[_cFZ&dJsoLfA]\bE_idMiSR?_pek,Vp:mG[C3.C2[e5Nr_[&4X]I$p0Jr*7d/ +%%%!ZV'YhuP)QG7$hUE7eEtCVj&IK7qe.j9`C!7.i%4pm<kda\YP%4NbBmo>6eiE(-q]IcVWS/r/_7U=;:m=C`KgQB&C9&5Z;VT^Z +%&X)[\jbi><_0J[Q0Q2dTat5=_B%>2U4fu_o.P'1)%9c+TY:Xmp7J49rG%n12qs/XAF\$IMJP4O;XkW<="_,U6ec\s]/8G8P!`^1= +%Mt//%R2"b`qZVmk#)GUG%&9OU^Y4-](?2t&P;!."[:daqjT7&;ePG&PLk;gSCP0T(-RTY`U($'`]6FA;=(H5<5kT;/NAR1FCIE5b +%,$l)'g%$@uoKrjD&_e.9>9AK)O0Ng;%12/$ONRhNQPcl>&e?@_'S=QJaNmBXa<4q@a:[M*W;VCuA(]ujpo]0Q+TfYO*.K&MHMp]u +%@H.C^r>8aVj*oW&NidMM3%h1A^o4AB7-5rG*j.(tmP9"ML/j#/AF98Ep>=K=P*Q*gDqE\YaOqd[J!C)jXf]qC[[@g,ld5sAAp`@] +%[0IS%b*g8sWj]VsqO?"ZPYXGt0n/KV*4[<mc/tZFrD,Yi%M)KDLG^oV7;hK#[Zprt"hRuZlIK*V'eH=biAQVIeg`"/9)S`nM5%+% +%45`3e<Yo`tL9'/r"r?\(I#RQ?SnuRV5:;A)"+=RV)F7l=6H/+)N6Ek75aHK1=/:@,"+,*8AO_kYK@Jn,7GH<#FX'OB:mXnVQ@4Ud +%#&?*:kH&lLXii=erKgi[RanZ"F0RbaOB0C+Q@#DAG(!KH8id7D6Po5Z>MQh9?<CCJl8[Q.`;*DW1pMKgYUno,$M#kS76lFcTP8GQ +%[`!)M\*=L$%abAi^rls+2lWZJf549)iO[9j3a_VQ24VhFZOE`UTLks[.+@Vd;XpoJ/jPjuBZ?-hAbp21GpT;p75n:KX;Y6j1o"-@ +%![k*?;AH'%8XJ_b1>iM*In(tSQ]b[Y5UHBthV4Klnn."@Oci?u4f"*(g"!KI3l@d:(LJ<gA@cZlY%7G/s4"aLXsM82-2%K)*Vtft +%8p4-5=d<>Pr'NNN#I9CFL?3-U@2K+BLt9YY9bJH:%f#b#Lfc/OZM$JKRbN>3TQkUiG+PY6WiXG>>S1m*24VjMq:(QQXJ4K?G`)d3 +%!@G:#C1l'q]j\97/ma)F/Vi:8I`:3N]<HXtf3,pn9_HOgfX\lu%-+nn8%u\?%rUHpi/s83;)U>9-f)-)(AYrp(_f\Qnl?\;B%\VC +%bsa`HXlMo#qk*$gf`ErLQ58ihnkoJPBS<!6+#bp,cmNl>G?%N9p[Ca,rR6&jW*!1TFLjNrqo3Y&Cbb7J#O&QM$d,N^6Zg/q=l,[M +%fk(MP@65eI9&o6\IB4Oa^26c`br_9bc5<$-<8W]PX#dnBaT>79!IjjDYrB3DR'"CS+K7JPGi[PtRC;>DTq!ZD"*Eo[^u]`,DHPZP +%N6JkW9WK!r^s2nLXR/FVc0@+fBT;ajJ<'HCm:9!RI:rX'J@^S9/l`DGR5Cla+_Gepfk=?V6)`JdY@9%_o$G@Skl5AiP#?ttR.,N) +%fgEg)FUI7/rV$!aQSDQTUC.8Rm=h)tm=1%?/OQ3<Ep+P1bR@f!^ffEo;.uQ75?-M=I2+'o,8SM2I@fQ_Q00?a)A]Qlf_B9H8J7N/ +%DB)UL9dU1&bqRg"Ynq"RdK1fq$Z9Vca@e*,6;225)k\-=):YkMrX@5Q(q6`"SEl<LaQBbAoAnT%);K+q`uIm>FKmgQddA'PDt5;' +%)O!-ZZ>/LaA6'%8%:iKtg]O%QSZIBq?Bk*XX;SS2STUS/6jM9/RSKuk,%ENR7J5Hke;uc4k#Zdan&ND^?U-FS,=hj.=,DaX.KK:e +%WM=T279Eu/'!,K0!C9uUp#YGVI^n4%B-$&iH0fF6l[c84cI,fOoj4Kc-/9g_nC+X<5u!*D^KchiA]8oq\N3VJ/Sk1H@_S.L1sB/, +%,>`O[_BR)`)0IAu,n*$UCA183jDutaT7Y/bN&W`8^:i=b^sqa^!_*=;2;o'aMlAYLDkop0`hMuq(o>FI_[aT:?SW.4PV?r8r&3D< +%Q>IuW+I#'lYi_7t0]$pJMXp('N_O75bVaB!gsT*B?s7=HC-\-f\8.qejlp6&pokf(QR;hs;Op=T^jMI6@Ia88HX&^P)(D_[GDATe +%a*RZ1h+,mLn;`A$(;(/fQKgUP3J1B=5^u;@G6*.#H))c,fF49;-Lu^cj3(!?87XTgat35'b[\=*jslW=VSsDUS8J@%1=oa_5q94R +%Km^L.">!?7!g[+F"=tom*(en5'r9!:]OK[\["@ePjTPlb'GiONLu^52T_gDuq".Bi'EERg*lUks*BmFQ6<Wf*lh$$gq_<NEff.o[ +%"B._!bJ<?U:5H:#KX2eJ>f&8BC)#]:=l7@=>r1eRe)-<Y#.BM;_f"0LKt>#^ccF"YH1K(8T5W6>EVY`m]8pTnr%dNEKG-PaPb^\C +%_H;4b)28AXXhsG/b$]OH^9Y$d.o-QPVECsp8'&iTf70lpX3C)Bn6kZW.-]Nlgu9pJVsTV.(&#*RHFUS"dRfk_1\m#WUcH20[mfjK +%9%5G<_7Ja8NeIiaK/ng]XH@%-L<hL*Uorn-VSB[nE_OeZV%nYeFVhiuao9VZ>L47(*Y]%%Y)7/+XL</7fD0.N[T$[.mF2(Rrg)9O +%do#m/WW^`Gh#SWA1f&c5A%t$^DRa)!YuN9$"nY']NeQ"bP(\Rf!u#')%OoZ1)S>8TA5g>*<<;lTL`h;!(OUf@2aWD03B_?b+"?+_ +%0hLG\AH<jeX?qp3=_%ef&u:&.r>%NV?!HGl79F\\"s2aL!^&moha0_]!A`g=Z0c[MJ-VN#/`8)VVXBT.1g?$DY99S*"<#s+aEnfJ +%i:o'[!;@`"dni:lK+p$N!@^-l>BkS,O4>-Gn8]W<1sqltQ=_(m55^^_@\*[%Kn$YXRt1"5/HXoN>m,8q/OK`mJg($4^A?HJqnU=, +%,ikdj(-idM]80bG$!*490/B0JjqP@-"CE=f>/^:*Fs@L@8IqD@[=Y?2\\K9bN4a%_)&@-$Y`<$Xj:i'$Td+50**IAtCt+/Ep?#Ka +%Z31RR'!Dk^lCg16db&Ln/mpZH(YEfUU/5P)5ncMF1Z6oMK,.?0>`e@]]%-]$qIibV@Q[%XE%Q!PjYMfW]MqoH@oHrB##kJuf.Z7^ +%cUbSC!-I%3KtRWTc[\jfmK+#H>"gH3pVe^l,Te4/$.E_^6hH8laO*](=^FWr)],\9V-#q.ik5_^hC&-FY0;/Y\B"oCGssC]"r%F. +%KnA[h16JZ!8h.UfN-s2R6BTXQJJk5NB4.P3%fqaF:dX+U&-CIh=+a'aRfmt=7(s@)EX%nHn951`JG?q5AHXP<YVCd^T+V\Oo,5KR +%:djpOEhBHAO<TUXh<mp.2tkHQB"--h&(iqt!5Y.7i,SCWSh(%Ej3Gp\qua0+2[tAB06au+)Y7'qa/kqt'FCl-@B&JQdW<fm4`M/B +%W6G[i6IW<YW"'Heg'%X#O^Ldg\PSb%3d^,Wjeq>H+(DL2*R,DHT[,fSc4MAl!=rF]I++,Jp$lUt3N)G0K5.P(;e'^%3B2T]=B;k5 +%@2X7fjT(jqkdh+H3*A+N!\t2@+p%#nE(QbiC^"r,"^!F\<4=3Ip#/Vf5QY+2hPK^YL#"%$I+SO]62/nE1MXr^5&cUq4?Q6p;bN]( +%nYas^F86/-)>K>8R)kh2cbUo3.)YI4E;s;+R:Hm%eT<^dVoFqZm:GgfAWMRm2RD*)5./qgikD^7U'I(0mVk[l,kDcEZ/OtO5e8Q` +%)a>;Tb?0'I>THs5O%lbYFR7c,H/T@UParL3bNt?^WP@,1i%a6X-?)s<AJ%e?]_N$ipoO?E\L9fE=TF[rc6-L*SpO!QV<A*f]AOJ' +%8=&l=5=[sflh1^TY)Y3Z$6hr,OC;o-H'722L*jf&>UPHq+oE5$=SbsZ59`@[@(3p5mC:J&Pe@F^<#5T'kfI^s!0_pA(2rf7DE#f_ +%*&:*#G^gL@4-+NrgN.^BOT(_cogYrLPm/`$/Rp1**[1VpnU?-mk1XWHCBTpN3YmgV,,_!Mn*o3gg#NQjl1!4K0UsnrV,k@FXDSp' +%H'&[#2>&JUnp=-tojo/U3.$b#^!6V3L7H)T$crRjmA;6M2[b^2XJ]Rm`55_d@4!",a]B-/-[@qn2n,mBGi`XfI/q9U;*Q**`;4NK +%?FUD.!1+RVHdP'?%+<D*GTG7W'48ZJl16,o=]=iN_^WA3O8IG4pG.NQo<rZHBW>TF@8o!mE+]uu(%`cVeY0(Bb3I>s4$A3FD($K! +%aj1t[Fg&0o7pRUN>.se)eAo\tApOqP//^5U_+=DokQXZ_K??W_!m#r.'H;st,D5`i*sk<AN,Jpe&a9^Mn2p9S,u?4RC)V\a*`PAV +%:F$1%"&-Y!=[7j_L5q\]gr1>^4i3Xre=$bIqt:;i,>+igIPUVPQW<kSb4n(Wl.Hs(+S#>'^g\%W:,<MIJJ]Nrhic6aN5?):J%f<p +%<.NduMD2iQrSV\%WfiX/D9?B#Hn^juEI(d@W_KrEB%\A.NP.Qi//)6*$hdNg0+4^1%9@N9r!8hI3^9[^#3,2MFgDIiC-HE8L-]<$ +%!qs<o'hiNlEEd(d:1Bb'j!5c6C.sODGed_=cM$r5L/b)6rc%4&n9-7LnaHU]@h82>F+Wn(Upfa%qZ4>eb5,Yrl6AO3e-RH>ii<&C +%=`<2[V5?^$.h%C^$]+e"ku(/-\9R,l[4O&-O?2LI;V,(>^6(WADbQ=\G7rik;Jp]A%/b4Z@GXKjQ?Au^W(EU`1gETo@i!uak;i_F +%T(<ArJ2Aia$K0/HZ/.+RVCm5c$rTm:/0MA#bFi%<5<b&!2tglMS\a?&^!kjDD_0bINoZYfo'hBtH)u3ibRY:k(%8?]><(d4%kTG9 +%WM4@(_f(+4[J$?\b@MX<F9Gt'XIaLu#uU6s=.K#VP/W`jM\a/MpZB-1A#'(V#W"U#Q+$V'n)#kQ(lHG<GFJBLk2uej(%;6Kf()Lb +%_COj;D=_e1N!f#g(+XYJ)dr-pVVB1#f'@TG/dX0Qbt"Fi!ktiod!Hc*Ftmn_S<eobb],Pm=.mQ$5N;;N3VEqtk8t$:3*e)24omB> +%C88kYP:9BOpVf"dFV,<":MQBYQ.mM7%=U=ZGODTg`d5DePV>Xi^,DcYZXpUsaGc&>hAJ`)E!ck1jWk"cQJqXD!dMJ670'79=]N(+ +%*FTSjq*=]b-3:>7V!WKo%r##cNI;-d1Ou_D/_6+g["<7!MVIXQWgd"-6aHI`>q2;U-f8V*'#.ah6u!gVQn&FMDU,3H9ds3(UFbT1 +%k[4QSf4bEg'YoXOn9sJXH.HK>PR;YhD/*Zr'/(M-/8;<q320U/]VnQ[H2Bs\?P<t%\U$OF"4a50+e(MHcD[0go=epe:ugG;[^M7A +%r`1-:."K"=h2*MPZX;+rd%o7knA7s^,91"n80>s"go0E>Y,*p]be0DQ89`s6&7/t>(UMS5,-^bHbt_%VRiNk?nkhXkNR_lH=s`*g +%_"A%,<-AX&TQpqLY'XppA's(V*BDCWe:Re"Z'GT;"3oBXi9H)>\LZ=cE&8PJ!Zp4Xan*RVAm5lA_$Sb?,A>rFVG6:NE$l^I!r`MQ +%gnPA9B<[=(E(=E%"]Y)X!^^d7j[5V*h<KBt"Vn8Q;Ob&k7,fCHg"J'e34eQ5AZb@OaZ;Ia4VQTjc<f*5_3V(L!Zq5d*';Q[Bt;`h +%*OniqNO<$&&&CP1p-Si`d8p)R*d`r;b2sq7k;A.'Tc+Gr4BO@3d^OL+L\.`1]RHMfFiSC(HjL3s#d!""FmBY>P6Z9@b9<t.c'KBG +%e>4:.b-]m"DWQkWiT=;8h4*06L!^lHc\)hEdC]FlV>Cn=A*M;AXAV1Qrc!9[grSZFJ4C\3SUli,%mY]TZZE4=TZd/M'3)bncA5ZX +%)=I!?Yg6QJ@%)WgQ.0<Bo;(D-1o[9>\?/-[L(RkZLe6b9D=Rd*2(@g2!NV6*^K:OLAL;X0C<Ol+_B9QPb&5qe]XXDF+g$Es#J&;a +%3\5VjlG-"Do*-6rG3oL/`:Bu+ql&XM\'IXpQ5Vp%]1l-T\b0P=B/Mot(\-6%@@[YY>J"&/fdLiUD)Fr&@jje+a5-b0VIB%\R1W&h +%(*-eg>r%V"q)2V?qODVJBX!t%b7fFZfMfFFj(AOXF$u)kSrS4KoeqHsQPI5NV,kX7Ihenh3bL.cUUg.TdW5_m`<*&lj8KH5\9IS# +%M`h):Mp1!q+^?S_/URPul\Nh`A4,I`iPq)b5%KM('6BR-j=Zu3)6TW*c!^=R(:eNY,u6(>>3jX0%D^T#ac6,7\!d3!iR^`g43\n> +%CcDWca.6h(a1?IPT'TAVE;JDpKPN=pjlH&n7?<T)&=YUP:G-D.D59[N*U2D?f5JmF6>"U!E9:jXr,D\+NAGpPCa<h/RHGP#o1rHY +%,YZ3753K:BJgMW'JNas@@Lk1+i%&DYl"RUt8HMhd,Tc:2jNk'F_^lp]S6#>Z0<d*s%mWb3mc?9XE3VpQB3n$sA3UbnO)K>N.8Jhn +%X6V?JfOl.;]4kFl(#\E$IB7oiSi42UMjMR]lNR!A,;-ETUG8L*[\J**C%$rtV#;hsKoqnAG%uL6DY:&\F=>)P!ou.^3]95fQEgJo +%mgh-8jF84E-Yltgjm6d>mK[.ph%p+Wc!K:Z46+d^2C7A^/`r1#S!'(W?cIij%<BG"c[<Pq@UT#ccUP(h=a-rpD,7!',@ed;(jF!$ +%;Iu*Erc;2c4AP[]msOM8=IqP#E:bL]-\7s3+=cr24,1Z#T>3kqcW`dEhI#\)$=kp%8.AC\fXi=-Gb+4,TZ1OkJGR*&0kq_)5s0es +%.nF11E*o1f?Qg-Nqt`n\G:^K7(o;@9,4T`.)6ukM21bR$kn]kNrBMhuh!BFnl%*K/JZs6qjXiS#pu-BU/TUZ#V@g5m6&dL:@Xobl +%^!6FeS?/B.1]VHTL&ugKJ/O7P&WB.1h\\lSV,MMoBNSF\bJ[k<2-,I6YWpqpi$kVnluCkXfY$_Pg%p`EB5k1Eo'JVh0`DuW.,P*( +%QP6RXT>AG"]q61c$4?n64iYP_W*I%lL$oE,^YSgEUi/30kqe</97sX%HF^q&U-FTrK.Du!3%4>p)@'0qQ>[e;jQ*9-!iN"qo1=#G +%=3B-mh@MJkN_p<hs-cPI*Z5g`-t><3a$457qpN[!2*]>=l8$d7A(p1C3e(:mLEdu-d*`[G;DF=9W^Oen!hN!n:flc=%/c$-0Rk_< +%0=Nh>C+=`?\.moh7%Cc^5i;^OC?#eq424IK-rU-)Ld#1=7Ie6?PTYs5gE.64Q<8N1""X]B]E2fBJEh,PYg,i]=fP(AS78Dd=UJ94 +%n"A`I$n.LpS]h-/?)J?Z6,fh4@b1ZAZ2QNr$l`Z9DOQ)=Ka6LEJ<G.i-)\k_\:EGS;rD_3<q\S??pq=Ia3Q59$/Ph:@fp7tHN>@_ +%^<"j0Dh*&41/:To"f,qB,AJ:YBrsVTi<!U:R_rB2%*BVsalFFg]3QTge0t#2<(A_JBOFMBND:C:=?k+GR80*#qjIRE.s>L6=MShE +%br^/eH0&!"b"Y-fDY=>eC[f6WUXcY2gKf>[IBTl$K_.gIApD6Z^h^!A"d*6L+:TmE1Z6Ye'2U8>,6rci5:qrV%X)DE&5\;F9gFFN +%>tH0U`IGbWZg9ION!2>jGB4@8>T\60Br##c`erfin7's,dmM;c?LDbN>A>5j?qfm*f!"1E#[(e:b4)LBmK0eT4i5P[&28]8!k.K@ +%"F7TZ*sEbuT#'abgo[O@!jt-TK%hWFTWbAN[ganB#p=qqY<eN&4@TZ0gB5bUU3?ZR;+HWjYMeo-hC_+F3HGIL[#&O<M+R-coVU3U +%/)`3SrHkODZXp`b1S>.->%cpD<WTBOB;lE#FM:)WAjO6=f+-n+g2aFI^gVf6*!"6f7o7gjlIZhF0jK9fV*50+756#cVuW'Rj#2O) +%=Va"+/RrSH8"4EU_!>N^qbl)&&)0,jV&Q&*'PpCYKVH_]@7%;#D&H)L'OOsH_sji_G8Lqd'gukE^p++1mq^k8;NZCAJ<VO;'8Jc: +%S-U7A&I"u+JTWNl$Wa6uMBMD3:Kr&R0"9c\&5VAi!n)9(e*<n`3Sf:b@seQjAt(HL;Ll?7mh[dcKFbn1"p+V!S3^\MXHuiSog(h] +%)rS.HG;(>^a;/3#,0SUI]%#P@\W=@bd<=:JE9sm$BpIJBf96B6]sE5D+se)e9bJE1qo_#9R72%EV^5\<_NF3,W_u>J_R`V)@(Yn" +%l!+Sbl,e03L3^#",<HAc:D&eQercDHBD5o+fk=LtG`Jb@nTn+Y@VBEpc`scu=$cuM1pb,fH<f6>9@I6$3`%L$Q8=X;,A:+WU:/bU +%+2^bSW@:_7U.#H*QE(VN%29AXX)S8`HA(U"%_b9F:o!]\#F]].Td&aW7+SWeYAgHNI^tG4)K+,0fnr/<''=Wi"dp/7Qmn^:aCGc^ +%AK?/P!%IZTC&O`!0<.6:oYhRQ312N>FAjO@%aIQhn?@@cMqR_"In)hEqD1h.LDM$<9k?VX[_2NH!]`2iY7DFh6SC\M=mK)CaNBq& +%a\H'[&r^r!`MSU<CT0'Fg8@rd*0u'eW@eRW(,0A4n=s-UZ+/.=iptDb5*L6'q!3R/NM06oG:FOMD#3hN/Ks:@oab:/%dq1^O:uYZ +%H&dlK*/XPnqeW*m"@?Od"f_X"Vk>'nGShBm9>0tQY.gWkAe9e_Nu.\@F,K2W6!oJ[4p,--,W14fmJT<NHnam*(9m276NDL^\W>R* +%[4Ak9Oq/rnPuE[*JE0kUT_atg4H+F'<60b0m.94@>.j+fSB?lMlS4HTE/Qf%h-[Sn_QL@lDIrK9L;,@[1YjoYnE-1_@mfG]o(k9G +%E6YLp#tD@'`erA@_IJqLL!L;oNqG&^VX1FpbC&9Y`E#H%4RU6WbeBqk+o\!;IB*AJ<ar)6/#>hVArTCP5_-<lrOJP<nM]DMbi.%' +%eFVMnp;Mk@X-&N`/j-5U*$G"%,X2t<\s=8EqoVXtAFWP5YgeFmO6)Jo#3&XZFG:WhFGBO$jeNk$fj0VXqst52K%fP6^LD"O%uVB4 +%;T[p$V6TQpPLN]6Mgu5B4E:H[q;\p0jID=A=NWIWO[jAKA@X-hjT?(W%Dgf-RPT"oBr$EUG_f!u1>c05ToMo&AMIam1S4$,CXeKE +%lUT)u4I&T9k'*)I`;CIt<W)i!Zek_)4^'WX>m?k-/q^0)hDD"G!u;u+ih-g9RVWHmbr(V!KQ`OBal6U2^7Qp!h^YZ"SRKcEGNNc6 +%:QFB#*NW`QoI$-EnA]DVA2ZV<M7(YgOd2`hf+j\UQPDb4[e3,[W*e..0>2r3N60$3VqZM(5)\'#;t#UjNmUXT\fgY2eFG87AodLH +%Ih-.?>"[H@'5?1niep8#U>^Bb]1[)6Y]s)NZEVktTUGI'?!&!a]O:0scFdQQ6#`E7]%l&[[U^Y,EQ:D?FU`hUF3)^>1=<Y`qZLQ2 +%5qM0t%O\@:%!M9\FV<CR25kB0h<d$YSADb!LPL@-&UT3ZC#Kd7DcZ@bKo7MP'o1tt_:ALPW.`%fRV7c#I7r/M`$m>.!.DB+C4-*1 +%e*FY<Nrm`<37_5j<WUKbZq_#D>QSYmRnOJ1DJA:0U)ST4Rg_thT9C3YnT'=&h]Ig56=k*%HnkK@DrC"\Wu#+#G1nuP\$1DF6skb` +%_V:PmlOLnPFHr2$,/.Al0LCJc0u&DG9FH^C30n!#"\p&&^;JHh/q$tM^<Qi07mR+66E?`mq"tk<!=_%0ksDB$G5C23'4AD=o2asG +%/RL6mH-=hK]$p_H)>FE&Do&p-<<+r%gi%Ro_8s<ABj)Z[6#O]pG?4g8ecNj>H$d@"H26+j]Ti?k%S!VX+r>)8o?JFG@HflTaBJr& +%2sq+N(*A;?Ne>s<M&)mrfBK1S^\*\^$hnfed>>K*B^SsH7j;6KM$hsE3+eqlBa02-1n:[Y)Pd0B%b+l)$["*`^dQa=C*C3`j==NO +%CHWQ-b(>fF1ec10KN^t:VJR[ZZNYIL,D3#hh->en'J4mmGrhon9@MqjjfN$d7AnG[$`N;0'G)s&=/Us.+K#D4p#Q[iMpS($]fGsN +%K9RSOFBZ?1gF^4;R!N*e2)GSaPLY6PEAo8!pQ*K73I\lb_>\:qWsRSk5;-&9BYd8*DYBDJOm$bL^nb1icCP?%PCB-_T!2@\dN=4^ +%k"_4Qa<[f<7_6j19b%?k@tGpV>:cADQOTNJ0t^E)?i+Bi5Ag+BCsi?Yb5[[?;*+MO&t1Y%;m+jk2+dW)c\>Ra/Dpi7.fnsEJW!G6 +%@Q"M=C`0qR$asfQb65?s]=jrFTV[:%2=OF,P)SbQ#C,ZK@9r@LFI8[/ZPF<nT<(JqYe"%&`jKVGWcc-mbUQl"S%X?aL3WnaAD)EW +%(jfXJ0Apse4G$e6-g-(=FrTpk!uWXZC_rbhet9c>Q=)YKLca6PR4HAo*S,JMdgRM4UU8eI!m"Rgh!F**"]T,b\LpkkdGj!6g\_)U +%F/kQ%Fru!I7kC!M>"6VJI:d</(#:1=&+l3#I\)o"\i$:oeA3\s"[8b[Ne++>@;_b'!s-,F^$ELMaX`/XS/p_1P,31?(7[UE72RoV +%Up/Ci$L^dm/l4XPC#VQOL?\j*"=ZU2[gJH=CW4pb!QKksM(6fAQ,[9BbNGG44E<K";o$h1#@WP#057BfKdEPc_/KUGfEEcgN.BNj +%UoDi6ACWZN^j;OnRelE4gB:dEdQGftlie0LW7Jn_@W'oc;V1Z8hsL@X0&pF("?+N2:9,f*,k3:in&k5dN!jsF=7"uPen/VrQPS^t +%ZDXW=]'2f,%n,lLJ4k6B((tQ_!rG7eFW%6aJR*mWo#YRN^cJcu[*nTXdMEi=><q'3V-UJEX,(6dY8:D.5(i1]EIAunKBD^soHf?F +%Heq'T6kg3:De7@0`cBq?mB)_l8.+:nd^Br&;/GLn#V&%>+!SGG]GJS?8Q'%9@Ks;;1#G=1)I2VmKB3mD^sh[_!SoOU(>+\)!7U1t +%_8Gk'Q8uI*GRI)."2CLiI&F9CDUIS<b+K+:Enb7^p'5El9%@ksJL&lq/n[ukG0YY;RoW=r/s%>$QH,^R`$8%Zih^"o&DDZ40*gG4 +%bIZ#I0X`3iB,TBnkToOfb?/Y=dgSPF7@h+"W1r2:F]FKMpUo!(o[XG=7C%R>qd5,qF^\:NZ8g::Td<S%?XKh$en!m))$>H`JiPtb +%h(9"6dEQ^N/o5In2P3)a?b8VUN5(\&eu^S!I:5hV'faM<qDp(Zr>!lKW0hssI$kcVL7@;Df1Sj&jgK1^YUdJ!ej$"-TTYbICU[>+ +%K^N=V``FTq73u2De].jUa1?epln0+72t8j^"%t3V+%h.6m=p.*PXu'oX[oPLqeTb6f4LFC++o>m&q7JL)[eP]c;q_ulpC5MFN5%2 +%k'i?Fm9\P?p65:`]Ss,S!j:'T+"e=:&eHiiY<:,hNSSPiUdZ(EQY17d(e9!Vhtq+pbYFlpq:M`KWOX0A<@cu;CA%h4YcD8<,"Mai +%=HY9!gKg-1Vr;A6``SUqDlWr&/PeTn1\b@hMT,J]?N.!Ts&X^Kq`k#G5JR6WT7?a-J,&u755hr,oW/#kqSutBnbS%=p\O49ZGuDh +%GGD25(-e$(kNS[6H\S(JRUGP6aM\$k\t?Kc??,m%9*%'6%VU$JYj+L4Trruqf*4R+?sXB>iR.o&i>s[(Cseqa/qMKQ$&Y+IRE#gB +%:+I)__/@r8qm88X+_$`H?i#GZm?AU:ZZ@r3oBj,!0%/E0nQ\M]`Qk5JP=49u%l=1R3*L'*HuSDe#8d)V54$Fd<n,<4&@B[\,-nYG +%-F+GZ-50NW,$0,[Wn_LKb_JbdK'&^,DquE8eS#\U3.r5fgeHUeqAic6E"c*mO(k4!P(U\H2L;Y:C^<h-'!g?g+Z4C!:k\N=e;jo1 +%,qeM/oC(6>YCjOrNhhIuni,de!BmV'i+>8*#\./bTE]AmHuWHW)N"d&+4/D(<A5g/5Q-_5Lo6m;#9Wt_UNgnn[uKK$IMaFj_MJ9U +%"h*I$5GSZ,K-RL#cpUFkUuMUeUfCbEoLT4%IfNJdLo>a>1=4Sd:u+%[_$)B\.b441Z"isQKSWgY%7ca$Sqf`2[Xj,<!lQJ,"@Yj0 +%PR8\hYlsD4<6`,/QS$8(<cD"e^E>sele,m*@'^]Y*,OX8fF`>,>2ff"D2scIBZd'/#$7=F`rn@uL\0rOV24miY1FTb(0YGS@V;%7 +%[kf:'l0(g+$3b"(")sb1pL]k0gQN)Xe_NYN=$UsQ_R'R"XtS&"a"G_kd/d9`.nC8k@ak/UWUSV-[923na@VJURN\`'K/5\UO_o5) +%dL-hYCQa"k$V'U&1?4k9@E#(Jod$6\$3pbK6sDAN^Ok'r#=*7cmLlcs,-K=i^m!@.QI,=aG0F57P"t*#g&^]s]j%'sf0_elQq8jR +%Eq\H.6up+$b>Kd``kmnd=@:'`qlO#8^4I<H+!b/lc9]gl0aS`N(,#A9c1;"k\[.stfI<NG*Fa6YqFD4S(dW<:_9m,PC5^[9.X0m4 +%[iYF+"TCKTd=r3=lW.R!YQ?nnOd'=pEGQ9!e_\phE4cHYMi79!^U%mfU-+)39r#0>:uU,;=")(HBX=8k`3hjp8J+SBBg9Ca-+D8@ +%8&P'FZe.3#SmJaZ@Sm>pNNq+*2EA%a,/d^1AI,5]k7^2;n,feS:.8F"oK3Fd=q9>LRWj>#8J5:dV%/3S95!(<C='8I%k:((Mi[-s +%T2qcEW`LY/Bs$^MWn8[6ZmJ+KBamM@XT+M1LGD.XmGVM/DDr8b.9gMBW;B/pg0:#!@!Y/q5njr1_UGgN-O%XgMO@2W#GoaBMkk7p +%eKJBP%2E`-o[b@g=0<"Y/5]-W^n]uFYet^LoQHksob$2(kcSQ>(q@%J2je:hf.I<VEOr\+!PpU-&]$#eLEc@%nWP9bW2ogTURr7< +%5:r@S.'_q=T,-KP/_tnSk&2G-+9d!^+7MNQ5S6eJ$(b$34J=hj&Kd)Z4Jbob;(fMmLo1@b5=stp/J1[pa8?L0,SKCDpHO$t9(AFc +%i^S&&,&YmIDbkh,8u1u34idF5&PiZnI[VI6+s%%ZSl1V3dZd#8T-H4=`dVAS<>=qe<95S-aobWO7=7Aenq7),7M\>l:MFC3da-^I +%C-o^7@[e_Z3"L*k'QH0p[.nMtncS,bY9<Kf!K2-%'Q0LQW_/gION'^$:ob<V=jFVN5T:C]SrsMU\]Y/NR=^M?)2#Sb*;)*/An>mN +%)%EueiH%%lIg!Ud6kOL0j@Y$I6bpTW4-FOcX:<[%l4Q]5WfIo/$=BBd8F;Ci=^5-s)0,50DZ(]ceoBF9-@&]B,"T=.6)?T*eFY=o +%5jQH=TGTX3inVWYk[cj#b/"KskP5Lm<ikl#X[e2*(_(%e]qFjdR+(k?qr*KGM7tQiHAt'g"d_X7\+IS+J+1jM1AqE\OT7m,]&_/e +%H)&SseXo<-W$1j');U`WU)`t6"-M[mTX0fL$)CqRQG*U[mDad3@JsC67-9/QNSj1g>("tsN&r=-;LYGjX)/;Q,teoT,Ia26TB`!n +%PVIQ)kMT"&-W(sh1d7)kKnpalYM6oSId@P*T<W^%lr!+R^5oU_]'Cbu<-_uSrB]k25E@"CkZFM9@kt!eZg@ohFqj,22"-;Rff#"L +%I<'nf*@L38elH**n@I)2CO).]:uQt'I,>$M/<0Uka!U^9iT5oTdN5[Rq&EuegcS@B<\MWgY4dMQPTkR>2"W61W,hu;"PGdc=-`Q7 +%$H@DBY=u#<*4b7!d4=JVR/<R"3<h.=^u\bJ1,&?mSg;EVgYj>[iM51C&@PA4N%0C.R`.`[J*%orQk9ek8Gp43;T^KL+!jT:hsgg@ +%'`mKB"R"p?[QC4>I1DcYWVPVcD`l(UJ1#p'7LiTN^V_>X"2]p>$hrH/]idNZR'_pV%Og7f`X#@E.,<N.:rLiF$m2ir\@$\i&Pj<5 +%4DcD7cut!br_/N5gs'<qHU.[.Rq+WuVt&,[K-EKmeFBoBa$]_7MKmi+jCqh\LDD-^ib?;n%pGGbZp?DY:Re5/csGh-'amGmD;=]h +%`QPA(9SbsJMDUA[iJ]TX;g$="c'rS9AtraY7DsH:%2,g<VdQa.#Qco-=W[9_($oeE,f1V/[D4eJ]lNP3T_HENkfZ=*:V-<`l1aeF +%2irmkTTdaOSjO%eM(%A9DFRG!*o2,f;2!HuH:+ML%GJ`S4-2S(mgG,L:-)uE'pg,C;^;mGK'dYU+BiH$cRN4*O7L3P*SGd!5c-NH +%4Zcc`fE.X@1rR!jXh[@om)*n1-DM:,-=n02i`nCJ8jE](*fSF9^3@mjU@BVj4'GHn+?X-HpTlYH^t'@)fDY6i7>ru6,t,nPJ9>@4 +%r@+ZdVjIX;fIXp]^#/t_@K9mRf5'SAp)Wd.#RONPBd?-c&*\Z`lqKi*/(h:.PDH*%OJY$?ri1M#WJ8gA[7qmLGLo/YPTOL%>5I4F +%iJ572n3"X?cbtbtXKQ"Mfr\6?@="(c3'$c^7ZlX<3f<RfenC0CE#e#,4rO<ae^_Zr5g6T=qcP3<Ai[2Qm@b(g,b[KPRNse#Fn#O! +%UVPd37W1_qA!kK@q`[G*DKD!&]4pE.JEl7)1uSWEJ`^fHV<&pfB"oT@>AI1=ccq9bL'@):3E]J\qI!1P6kS$D^%M<8^rmuKBpuT4 +%Y<NZOEPYu4dVYKi`A]-M?3`r\A&m`RIYpQlbEKOp"<\jTJ#EUm>*M:g*oJp^\tq&Em)K7R(EA==M!K<F(hqXZA34M:N9)IX/RIXL +%rZjQf9aMQ=NK/X42eu[6@s2m:'t;TO#C:GMMr,@bWi;!7m7A!bShRCFATaOEPC?Klnk@a(p)P@N'+a^2H:N6Cm,a#)e&;^F5f&X& +%!%PJm/-F3b^[i"VDB03qUmpR![!SeKI0\h*Gj5FAV\;gCj;bZAPgB]7qi!OfNJTnc.<@7@Hdmh,lU9hFV;l8nreV8E=XJkdG:H`d +%QAQKq+#J!&c%"AY+6a#\f:mQoXWJ7nf-Ffj%n':0^2.F-CDMBK]<4Y9)1.EWe0hfC.N^)'hOKGB<lG3TeXSEYU$En!P>N&B?q8]0 +%)W*jcCFq^*`We4!I,T>@>6df#2>;>"@62=X-lYAf=NAu*pr,bP,V%Y<<kuDtCp?7!JEO!:6hA^A)^\Ia.T\q.9dl<;#4O%F['It# +%;sp3`:@gSc2g?b[kWZS.C0JU"it%V*#31E]!lkr%?0mS5_/R*N7raC<r@uoV4W2]6$U:"ZOs^ioDCA46I>]0cSQ=;#YpOhmkgLW% +%@!O+\nb$a"aU7O1Om<t([5ps9Z*,_r63J9@i=D&f7)/Y=Hi3)sc?1Qq.F]"9E$pI%`KK,d9f0UV;'+Q%G'X1:'jVGE-+F1>f`j]A +%WXr#SH)QbpnBKE?3>mgrbG&;<`ABQiKcsT9"gZ\)&+EtJT$:r@"MAhhod!f"s(nsLCm&\`m0EZo2mJeWmY)dl$h9+3+,X7poVOU- +%"kEalgfDI8-b)*u591@7'?,?bM$k@odj&8XbY-et);PP)0*O_BQ8Dh@O;l@s'g+I4]rD+8?mD]gg+Sm#aVHS5U/:2%5A2:t&m1gh +%mNa6u/CjZ`?Flb3,>&)M/UbT)0bt#U?n)VYj]F%:P')(*$'P+*Jf6(SS9#b8d`9lfBg!4K'Q?]d=FV1TalrO'%.C=sE'=qDc8PcN +%JA]2Z?AA[Dg%YutPQIH:!2ulM#*P'AEZ*0p/GHu8BRH-6&<RN-ZTUU[XMCA2L8^3\ZtjZUNY:h<VEpA=IJ)"1Ch#[H0q!XjjCmkr +%,+s[T'N>Sb0A)53=YFIQ$A.raU?.teO;^*;b=.3tXh9T*L885@&"q-CE3%on3j"[>Jn8De)SWJ6[r$b635bs42NVVq=s@>+=nXYU +%G8C7nKOnt-`e(U-8L[?j=,[mGC^8].$CZ*qYeu@R=L"P>iu%"c"7aWa"?(8^^Uo<s!@?BD(9$.t7tU=]G/iq5TP["j\F,;eTIsLB +%0C5CP0&)kXa/@24RVq[$Lp6';?up9gNE<oe%'PYGWt5:N+bP@p=g,9'j'nnUp<(+Z5)[Z<==pgN&\9h,\G;+4>C_;Dpe!Js4%/?2 +%gQN_&C,`cP=)1BVTk,Cj<22[ZktfX9D'0$JX37LA)>+CGLcMMahZ-9OAm-mrlFnBD:=s#'[5?!0Z4uH6j?Q%n,iApteT!9F2hGFQ +%C,Lb29I/8JgXuC.RC<k]`mM1M"'0@8e1\2t()P%BY)oQ^q6@PSV&U*PW8T6EjN.NH([Z+sZTG["0hMX/P!.\E`Q"FIoLT6[7/D!r +%T+N::T`qdTA-T5hLSa10c%70-,<.XB9H!JNB=Ud^+X=DS1e+@%W#oEkE#"&nb*=WtdS0l"2c[(c\!'$7doh['XN-/dIuJnc@+:<5 +%56T*!4A&gGkW'tS=I$IL7g8*8dOhb5@%YUnc2u\Tlnk[PZhTboKc3lMAkuftYT#/gbBJB6=5[fof1XiJ5nt%\;`"!'TV)nd;YNFm +%UZjGTYtGFoL\"X=K$2Hgq`$FL.[e#Io:4Dq:r/B<.E[6+>8r"MI*@Oj8k`jTV8H^%IVp`oYaeO\?@c.V.4;$Ea&]1-b[sXl\)9W0 +%5TlO\i.;`mr<VaZ-9r15KDLV%+*CK*J[d=n"FX.kiW,U/P8sscfR;,oM3^%b*<VD0&A<"Ba3jd[#jOMROqKF%l/d]d*J;m;M.?T- +%]#.P4=E./sKs"O?5SCDR\g]l1ViOl>Z%=[M'\&1;aJ>n%JW$b6,Pe$AFh3#P+MZA/N05aj_)Q)g#K`rp$^H+snH72ukDmb>V<cj; +%lcIq+AkGYbKWJq2hSlQ"8RH1%k@eKp6T2B))i;r6@Nf3idp4Fh2Mg#(&F0>dqDK8bUsl(A#uV1&5Vg'(7b"*$I'@KHkPT(QZX*iO +%7^fZ"^%i2Mr<G3QJ_!49OU+_P1iF<]r7'K?kYD,.*\d]?M@e-la:u#R41SHSqkS_#AiQi-GYg>2H4-[>=9bK7\P0,+f>"f2*'.NP +%Z[sn4@B9cthdHmX4Pljkme5ecf%)E/<r)QmMFFbtaR3]g\n7WJ78iQ5r.#K:H<M`A5]dX?QVhG.m++un,hU`c$!*DP5CD$ih6a8d +%'l;DA3C)Fg[@EfbkS$@J#EoYKOU?+EVs1&S6\FJPrqWG3C_h#bej[Bt;T^2F/g_=gEdYWI3"d8^rpX'CQZ*^NE(=c'K9X'ER`[;[ +%k!/>gK_Gb]^0B`#N&GY@bH:C#D((\#[tU\UilAJY`HlhTE"<LAQX`FD/YjqUlg+j$i"fHk+.7fQO$f2qokR?Ss2:p_JQc:L0rU@1 +%O!9/g19q<$-)A&(%m<EB1,:)9ee#3MdeBCKCiPc'+6aR%HApnnX51l;NfgT/GR!?IUf"EA7Y42/^bhr[&4rt*Oa+1'[$%;\iL;f@ +%hct>\+k*N;MTnXcC;D2"VTH7gA\=-oPK3pHKl$"BThD1LS;%/WMV(4SiBQ*`ZKNn`8.-M.OL?j+LSV]na]Y':]L1B#W!Gi5KC!/H +%&1)n,=IP\?$uVX#<lc3i2Eqp2#.J.m1LbBj\)L+-J'hS('_[c#*j(&.o3Lu0:,IIJhNeod7<jQc'Eg/<eT6L!YbJ@3!INKE'=9MB +%9rtR4%BiC4K$7+?=bAIkVkT-j+5Zo#1b9EN^",bgDM/=2!\sYtPJjXDXDQ/6j(QX[O5o"D!Xd0u_WgL8s&Kt[8'M+BhUohkB=Z$@ +%`N\W&UN\.k"B02sjNrO'\Jr<=B?f,=8m>Fbr7WBXrrP&jK-I*`]5dI2Me*2GB_Y1be347RSpab1gCZHjS(NFVm@<p?Z.^+@:0&g6 +%Vh;uZjWZ6mn+m&B6fRhY#Hi98@.p`[TLtRQb-+!PY\:B(FD1[P_9^?Z,RCO4,WD[ADXf.9#LaSn3GRK_+0^8,SJQ77R`=*>"j99O +%^AAGk.li^`.j-@/]Hj=F?,Xgjct`1I!>hh!LqDt\6-YpqrRNhu#m80-\s(Z:nkU]J2Ge0f5-q6nS"Z.<Ka;X12l%rB=@S(R`RM*Z +%$-(4Mas_kuJEquFG'`?[Xe9mU)r`<dY$P$EZ,dt+XVESkc$-*&*%Zo7]jkUDj6@/PDoiN&pX,1KQ_"@I'QUY+aMegJAih/f$1M61 +%V+T^7Kjq`5WK247L!?c[ZaLN;+1a,t:9UNc+RNofb0eJ@Srdo^8JGHR0*="i8l!l5.JGkHaRhRcPLp7[cXZQIA%Pm-!hurP<gV3a +%5'!o?8"uZ6*^4moRWi[CerB:@1kV)?Co7g#U'DU/>%,C9J-.huWVJ/)Md<\L<dOA(]NMrg^fCb2qMY>\;/5oXSL-F3SaPG#Ea-j& +%S/QkZ$]fC=;p#/!iVCSPUaW2K?W*_4Z[Dp?J5!HrH,[S54#dNfgV/L5+4)$-_;Z769s_<uIl<3p:Hpsn8VG7r4oH`tT?lSIoIN%K +%rXi-hn:9\2Cu/>K3Br[u/tB85SCc#hGFH:M#)c+b9ja-bF/Ji].MVa\8ZC.X_6OP=*<th\JCQe#qqRA@XasP2Rm\qCDqGG?ml=K= +%$@_<1VCk(IC?i2`11qP9P(:qjEJK609WOrl8]s;*DR=9PAe=)/<^)D`K%b0?/.XO]`F6n+88e1aA.".uhKoj%L`ig,3:f^e?_[ld +%f_&>3c'sI1%jXqBm2*V>9[+B6FjnQ!^]Ik/f[MFM4)'N'[XP"o5,3Z[SHB2ZRU8K?d3*W1J1k3^,B&cHq)eqg0gi3W5RGi,U%g7r +%3_Q2JO<"mU9.-Bgk)L3;8r^2VPWR>pKH%'S9a=rJ65U7=LaXpBet+NCaW[LX3Ib)8OC?9(X2A>D'=-6__:8iUYPb,+<L]i*[LX&q +%M9QtT;+$1QD+:mKmO@?nl5Dao^/JU/r(n;;Gd(`_gm]8U40`XokmMc\#oidRNF>$Rh2R6h=MR5C=c1MY%jsN&Vl?O#*Y+dt62+MO +%BN9O1%C0UQm^k4CWGa1F=8uO#5I?4>041WVMR"sEUD=F/W+^Q&/9PG-LrLkXTfV>A>9m$%^'`)?_!&b1J.iY+hTEZ"e931jJh.g] +%V;0:EE@<\JqDA4&a^X%!s(m@Dk,H%^s6C3?WT#I']df#"ICo&]FTtJ1bGGPZBP#o)r%L+_S,6#d]g+/F#V[M4b:d\'g7dFaDao\G +%lk#jjVb+hPn.8eg<QVs6Q05f?,BHQ"2r>"%]Fk6Eq8!>eeBi9"9&m/iN)Ul*bYbMX5:k>SM(2!rkb%Zg#t53P`4dN^^uVWC$R2[> +%(2_Z(1#5.?I25YS,SYfGH?G>9Q80^n5<D2dA.TCQ:>:?NJ=dH.,=^qV_%fA7_[;utMirROo$O#'kp(i@jg/u6=i!jJ9qW]#3\.[; +%&7WJ^g_r!TALcJCe"UlMKi3>e^V^0-8p$!h#IYF>j3Z1)"LM[V%m2<EX9<gk$Y\4-U5D>GVu<9'KofuT@q?Dhd('hqQ`DB.[&?mS +%+!sHuk8)Fu#5)Y@-t(ekgQD//q-d$/CeU`S52!MtUdF7K*ZOiiPk<m4UP!e[OjKgJB'/Snl:Zqh+0O`*31=.%&r9e^=IE8WBlo&# +%ZntX9"W2+I.)H8ME_A?bXgNRGr",f=O7/K^8+DicE8<s<"kctA2qPmL^;[t/ns$'fgWW_F"LPk:771OM=`AO">X1GpIsa#?p9eqq +%Z4A,S%;S8cR"C0\YtEHLg4(=edrDGt0A"==nF:D$($6U&NaOlMU^*V_=n9XsK0VJ1<)o90aMj'E9CU(qfS+U(WPh?bPA+`o"h=AC +%dD?M"OaNY,6HM2$$fg'p/9[r@_br]^"2j^HgBq/#EnPYk*/0-A:%Cs_GV+%n;YRT^Bo#U^NKK^(/g-XW-4k4Ts0X'':3HZ'I.L3g +%2m5BVj[Kc!YDZD12RER+^5R4,Zo,:N]TjA,@LH6_^U$G(JEA^&XqT["KUT#.@5e]jLsQX(<Y!=U5Xr)>3I.0KH5r/&kRns]=BH1& +%itE8G5mrL?nokZjQpg%XhG@IX)/fY[RJ4o8Usjr"&dr6Z$rL+W$Y-Z_()H'&f"tO)<^[O*h3_C6$BKmkI7I_IYK[E#!3Jc6.ljW9 +%5]:/jV(8/Bc>DaoNnp^/=2(X)6pSb[X)'V;#e0)h/SX:g>'?JChe4$sGa$u*IVA7>:MiWH;/hHN$XuC5YA"H^`bFC3YT]B`!=lQa +%8q2_i.#G'#Lf1A,bDl!Cpf@4.$4[GFIo['2!BR;jX[srcs6t,Ple<XD<Y=8Fe]\5@fE%E,2L.Ck's4n\'<JUcP<7-GjB@:pX]O2Y +%U2]V.'&m'p.?t`^g>S<^muXomHDVbmCmCNL8<Zn7igl$\_87F[-Y`P;@l^DH[&rs4k)iIaUP,s)9%G_"N[A"ni'e3]YY,Bqo+).I +%%9+RI6&J6qX^IgAR,+,4ZuT+HND8=r],&A-N3H:?[E8_+*#>7O[2*V^QMhqB\/EE'6rS*MXS4EN,j8&j>He?$FY`cF90__Wt +%HVsu1?i`47aJuh<XRAK=BX^"&.4,7:PMV.u:#8F#+JRZtC9\<=h!+#g&DQR3ZZqH7-./Ec-^n)K?$k24LaAU&<7m[q@"tNG:G4ZW +%E7EQ<1oDh-#IK$'e_aEOSb7VIZ<Y.h]]h>R4QFYRV@*..O+)=aDu8/aJEnb^B'M&J(-e#c>T1n]-8r834!)ZY-_TRpBVn.MKg`k! +%ieIu/Uib7t/.ge>34r,\[(rZ&I>F$t,*:;(UT6>:5E'"Q;gs$7l!XpK_b%!:M7J'C>hqAsUB-m8c2]SN!$VWe6+Q"9&/em";Xd(P +%`I/(J4Y=\;qa&,n@sV=>0i-`9V+f\KbV5L0nqn=p_.9+M\pu3cfV0-WKle)K(gjgZX`G7/6+Tj/S[KkClXdI(53<;C:Fmd@`(E5# +%QFJGY/c6<i5_1K7E,F>?*M^rkZ^/OS/dsik!_LS9nTOe<<1a:TJ"qVinM\fYVYkWt%)0[kHfYcTpFQ6UTR*;lc?b.(fo]+cgiJ'F +%:VY?r;8(=e(;!)9K:8lt6h7fdUUFD0K8dM3#0N,iIpHA!Q3>rV`_3r3*M+L[(Fs0%C'$/#[^4#]J>mEm<fl\Y,.m^3h2iXRg%7l% +%P.Gr/:_K9dlt(<jjU5+<VGD(TIIQ2s@)9W;rrGQOWLLGKLj)Tef)p7-p,u2&Gp;"q#fSUM62%K*5CdW#$B#:?==q([Q2\JUK!()/ +%@j?b6GJ)^KKQejc0'9'=r5GR@r?'Y+m@XCO`<42Zk@ONsEfX=LA9s+4Ia)@C:U/mnnc&CWH8.>(iCc5`*eNi8_;eo5!HWZ7/YI-+ +%gVGrJ'57_#O(oUu58CG!-4s>ir<FbOTe)jKT'^s@4o9e@c2sR;bBa#RA;faYX-qLcNSR%1L=$7;%/a)aajqdO7+Cu5Gd><%LNahX +%jRr3jG!r0LV8nMH2hmF-^N*tU[\O%ffCf-7;]`nTOi4Jr8,KYu:F+G,I!Ri11rDhueMmNeZl"o&J>FH_V1o@kooCQe61@$*R.G\G +%blUMW/>)gb\B@!Z,JM,-HUGofS&uW8olMiW+i.o*?<r$,>]Bkr-XcWCked5P-c.<aBdi2!^A/;tf[^CN2F=ZPF6tb\]fXAl]i<>u +%91C/&7)Wi7Rl3F_?1)PBBnhc5.GT*@2gt9>OI7NpFX)//G&iqD/^FNqibJgu4,=oF&[Yfg]C%l,+\bdKY6IZfjad4$j9P)NA`0D[ +%_!GSojC=p3U%k]/]oc;:]g9RT*eRodDE9JLMf*>l0[Nq.Ge;8AqoE^7JYVh+s'Udo`aamrcc3Wr)7`d4a`oir-q+#rbMH)D_35;' +%:RFJZ@6IH9Iu>DK'A:8D,dj8Vl.aL?(;8lON0KE>:W!^7M0I;uTjT20r=ad1RGqS&cuWt!oN-P:Rm2;s`F&Z$^3t>-mC2!Op5cua +%a%ua*5Q&FfIf8NcDu]@ZJ+;d<\OQOAf71"(qpg1ErBnWns6DoIi=E^&rGV]&+91iJ5QBlts5S$Is7a;*rBL5Ef=t,ArVRJbs8INC +%bs24+T>(9]^\n35qepr^:]L>3+MW1"LMss)Vr,[os5IVeo[h]EJ+]F?rqNdKqWm$Es8KLZJ,ep/?hr%Il!IcXTD$$Kor%,*r(kqZ +%r4a'?T0Ag<rg-F\kPqr<qF;.e^S-k(q)H;kYADSCDXbZ9IPl@#P^;MahU%;260ibYR:/HbqgsZWfJ5"@#g&nrgrrnc&/_:@@KVq_ +%q:!<K6l]?k)BIEBdR]J:a1M\l^+=Ioq!DY'j!5fi9tFF.0sT?n:\RT[H.uQ0s(DLQe^8$7qR1<eJ1ud*r#l-L`MOVG4'<Mo_Vi'% +%!H$`aom[*W+_i3=jT3YJqa%.+FnSsZ]TGn*5I0OG+J_ol'A<=Yetk'"P!`o;bn&-Sr:"?f^cd*Yh")TD0e58UXbc.Uk@'q/A+6]T +%h]@6&7Jpu05COKRp\TeC-G3^[n*]EFqQS[?UV!YR[tc'R>(3pF+.kGMcMqAJb^]52\_cW_J,G@oct1u09A)>?B@Au]n$.N,:+VZK +%J58<Weal!g$.4"GVNk4.8D;K_$I&B?#-2BmC@0OXa6Z:ig[l8P<<Kf*[9_\]=@\5]_:Dr:LJrMFV6J_/07?n:<N9l.@Q]ZB5$taX +%4'8P_UpANsZ2p3U9:;;)BW&+6cY3)p62'?cBeC\.@tHe3cmT^pDW)IGXd4k^/\F4<@f=iY-L`iNs43,=hZT%nY8YC=.eTUh!]?&% +%iLP=S2XS*DAbgi`O]5L^[sQ\l5eR2,KE:IG)EZEe8=Q#4&FZ"e_W"-VV`U_@kf*u]oH,#XB`0bCYLAAMobNG'F*@&R.EBkL,8<5@ +%$VR2<-cCa1petbY\p,^:U,f/A@R3#rF?ceWjVFh<nX[7a(TT5P?<>PArcI=5OehXW;C&j&arnM;6(Pi381%AE`uafC)u%kLL.Qt* +%3jE;(TR$&"baH@$GtF<HUE$-"EHS<0deTfGc.U?.W"e$;>qeN8gMUTZ-Qr5:TL+O*P%9m3D@_8j]n/U\pua[r(.OIU^c[7"dqlFs +%j12Af<?qgUbkj1E-c>^r3$ghP/T%4kXBVT`6n,$Z>UM]\\_,"b5c!pED10"3h1<I3M$>M8PG%:G;R`GKHl@?[T#J4)/udog:#IiE +%1q++569fOsY^=u^OdaOJc`"'=7u;jZ<q.6,4VNYc<a&66-SK*RhY^h1Pr$V#ea]NNCt*FIe"33RU,RK^ghGSnBcXLlF;jsbW7fAg +%,di*_\:M9RU>50D9NLKtb*q.JMoeB9CEp#hHA3V@do^qNNcj^8<:4giR_V%<$s,)qdcM:ao.roQ.V6#80@Mrm;Sra'VPG]XALO@3 +%VfC`?^9iK+-cp?%W23Png04]@h.Nie^/R!9[".o>ZdgMnA7u+jKRe$aceV5`UlS>bo,oUtE[.EOBL1,+((bLQ94j=7;^B(LSS'0# +%hr1Sc.*o6/gK:-TWCT'JC2a9uBGd^[N-:jQ<aSLh*VB1J<%!p?Cl>_H!5[a3f*GJZ,!/SnUQMbmJU(SYB04BA;O9]"Af<1HL$`hN +%Aq8(t'7<t]aWa`VC\7#2$jaSbEZ<"(OiL4li_km:mZ[t`J):TZMi.pYkNkH!gV@[1c'%f1lf?k7D;Vi15?hF<fcV%XZKd5-b?!oL +%BjP*p3o+BLm0Qa:0Ci6,QXNrE3c5S_X?hOH+KWN"kkJ99-$"<dZ;88%^;FaJgrD=c(Ze)gFI&8qJ=1Upr!i++OCPfYPEiV_Z%ZGq +%JA#jA@a\d[rHfunh(,J.OWQ#$BNe93m-r6S&:T-3o_Bo_&QgB)+FQfSI;;NjUT.JhCfX2$&V-2&C,8r`qKgZ]?e+lK>M/VtfGZhR +%8B_(dS^8pRGV@q#jKN0SY?9e]ZccKo^_s3X?3,2:9`")HX,.Y/*YRA7C>CoWD5h7>r+Re92pC[Ce^1_.Tk$H0KL$(u+V.n_#bbBg +%jqU2spM52b.7ddPemb]=Eh)bDa]DR6S<Zb,%>I'XHBosRPV]*'+A,_+;J.-[VR@;(`mAZ)5$SN&Qtj+#:r.L&+3Gun'?-&B0.,%[ +%%-8k'nBajSOFu/+cn<aIWdn6OX=%7ChaR7;crMu>pn/V/1p$CSn-s@Z[T73h\d)!O*>L8sUh2^m"s8!.)Is?rM&htk-AcB_(hS0r +%YPMWpdBKR'(jr@Dl][Gp+e/-[W6tBLpO9(io)=O<d"m%fOAlV4Hu@PKYL-57VuYDUa3/nM4K?/R_[b480;_:b^>iYe$2X@)qO+`' +%;U0Q0CJb#=_fHsnjdRmUVV/\QD$3WfLO#hLgSg!co).m/1%u\kkf'=jh0@MX<d^eKGAbpm[%,4%DqX2GTBd*`ej^A#4<n(hd_Dc@ +%mQ3;P6%WE#qIr5:Vs7_p=1XN(Eul:KqmTGmkMfE<(VS>t3q_BJ>i$L7NLnujek&a(,q+W(p/Ra.Yp"Tie:/J!o+2Pb$LM-@FS/'B +%63sPf"Y#)Bo+G)F99^1J"%i%]qYYAPpN_j6i&6X,?cG48YNS+:o<;hRI@Z..Rp3SPK9sJ<[L#0VE]T)4ch6",,JU(no6%`=MjB!m +%dfpnIj:Sg-2MoOm9dH'&;>1/eo#^!t??LB4kR48--(RP:HX'q@TYW6L?u2")Q1nWm\-t=WWM+O%RQ@=/:P@955//)07n:k#W_&@1 +%_WOe??D,'e^er/Qm[tiqS5<L[V3IER7.Ne:[he,son(7cki,AlJfS[X.#dcI'*LLX9NShkR>!.cDTj+El/ZMR,-4Sp"t.N1[,P\> +%?2G+6iFuffH#^VVd#.h#cbM^cmGR*kY1B:r_kGSqq&rmRC]\\eo06Iu6H>PF2G&nXNV]%sY(:JQ;FX0ArS_Ls<rV[IXV$9-?2NC" +%dlm]tU\!EcB)^neNW7,^^-Fo-:^"Kq<u^![3:e6"K.e<]&s!k+Jo0W.e+i\oHMdu]]KH.%hELkK*\W:o4J$cSStD$]+!,9[a5E9p +%O3GYf@31J6kJu?Diu\$Xjlqg%p>PH:Ge&TTn0n,-fQfS8DY)cmF.5Z\N?0a.<ViXMIs\&"^O<%$5:Fre51I+bYJj<!_,0n5UZ0*8 +%YRB=TLUW==NJFQC)NT6-XjMoplg9=!m`>t3jhop@nS2G/jLZG)h`a/;+-5M:cO]QT%o;-(bC01B+iqFrUF.-G"G?KecO:'Kc[T7d +%aJ+OK&JAOeofIalRLT,b_a=([h[p\\!T+V1iZ,ZW3+P%Sh\@4'4Q2nS+C`4ZcOUVUK^T6\R>C;='<-fV#o&eXmg0_sK^T6`h'VZ5 +%_F=/L^FN]6>?3s9AAgq,*C1n`nQfQJqb"URE5W:cB8;N6@=D#AaJSGii?OQU>lgbUF8.a=,c97B7hCMkMr,+9@RA@a"Hn!Sh[rI9 +%&`4<so$!i#+&8Ocn/VNUAq>D$8BI&pIr8*)1IZeB=NU,N^FQPL22=CT[,h$f5<lYg,/,S?A5D3s!_as#HU:E/49+(Y';+C4%l;m5 +%Hrlt476Cl60ua,RJk],6Fnb]\$iFXaIA8pmkIS?D%c?=AVM(T/qY!GObWTZ)I$]JKZG4:GBd1:78]db+45?&n\],PdMPSpt+0+=7 +%q=B5=SAW[6fC=[mNelNk*sr&Jc0p/\led*dleh[/LL2\`Xc^f<rTE:J$B;U$#`:_/J.#,DO-TF=Rh6Bt'0Y%ATfH\t\6:7SjHD#4 +%dTE/aFJD$=dU&U;IMj.-Ls;ct]apA,CYb-[OF@9n4M9-Hh["IAY9rY\:9ErgC8r-H:4JIP(smFGeaC[5;K[2Je!MJ9$-4#l9<2sr +%Wb/gKT#&,G<I"W"V;L\JT#QBZrj'D[93[W5h+GRSeC-Om"i_>-V6+>N3]59FIr-=$+'$06o>VffUroPUa%$)&JV_d#5N[T'B(C!/ +%n/?.`Jo'N,L/dPAd]AoNg4m?eTED_V"GlsO@*?+:kh.^NdL61XWe$-m@_hjem/nIR/i@6'FP/)DbC0mQ3,+1b[kOj[m$\t:T\k@& +%)a%>IXPeA@]\N^J"gF#77m%'dON1B<E;C!_BmWX+>W7^R[8>\p(1?)/QS66hd/>-51K12l[[U&c)Fr^/VRJ7JhsQ;)&1UW]V:6Pa +%`M[*A[02l++C(pk]4\hp`_'#-d_$X8@_06+-9uF^^3I8lF10=0LZnA8ZST:KSsM4a61:$f%:/`?IBH1dHcB:Ja&Mt[j#%/K.)G%D +%cRcjr&YW+]/+3uA&Ff0HC9l5?a!]W`rricLN01]e[L/)jDDYt:hK?U0Ci4BjD\kV\GO"2S<8ur@aRkWkb.>=/)VS!4BK$PYD9juJ +%pM!EHqhi=7_.:0`X!o4XI7)-Hc@0<P2B3ZQ"-oM(<VKq9CEo+l0,_f^G\rHB",0X,+S7?tpp<XX'2Zb!13TPqd),+*(l<E5ZdhP) +%LWsZ(G=6c(=#6te0&CK@F2!r`Vk&Qh'gcSG*m9aU]:-Y6_qN]OY2WE'4[^r9mJ<[Hi$F2R[#qV#+0Fp6U`M`ODJ"G:oZNDlqGMb! +%7FsAAn8)hCqHs1,^!Te,<H\W)cT=Mif$d6ioo.Tr4^`Faa]bR1qlgP^1N(ZS,fS0'Uq6ir_bTGX#p-TU+*OkB>?#2-XUnhU*Vkn` +%kS8eOk!!FTZ4LWT6L(W>(@\/P2Ua\9JAW/%e\M`9HVcV]AZRipKqQ;Y*oL2R5R]8$ckaOS@u\d\#f'P`W`-9ndh?9U-S'D+9<E2` +%W[:E)"&N,k+e3NkMiS-Dp-OY81h"qO0=u!ITMsg5[I'rdYZCpF:Z$]i/XM>Jn#RU;KLkR*R*BCD1Q0NaKiJeFhE4hX.$Hls>J2p3 +%g1U^-nb^$F'gW/=oV"<?:B`DSg;\Bc&r"qI?=Qk0n@rnjb-/GA;tft:ZU2Q.kG3R<SNDF39c=c:gH)rd@1=I]^clQh-UcO.(I)_) +%'^OlC`Dp<Cnm9N1n;RKI?M#u>F&buX!h3YD2RKQ.iQ=)2Yb3GlJK7B)2G9>Xhn\PF]k&Pnb(M:k%KXt"&!00gp/XE!pb1oAZ/CmH +%O!")kO%B#1nC9K;gDloXYF<07I65h\E>-n\det\-kW?(:cCNbTD8Z?qH5Edu]!@jGecMLJVS_X,T;_0X6EY-")^/*J/'&?sn"?.o +%W[KsI_$qrBjYWPnmBAANa27?q>U3:3M^LVo-V(R>8/6!)n3LqR^qGEPAt1iTHuhf@:XA66Pehc%[h[^dlEI4B4TTC#A=V^IS)Hk& +%CZnAUEncHDBe9Lg1$6U;a)f)<G=:lHP$(o@bVcLCp5[.a2YLD:`U8Kn!cLP(bQ=<m;OT]%.,s^90N)8!BV6N"33.$$E\c25*Y!3U +%M7\pRj$OWSL,j#NR;c@8'k]Rk$YiPB/S.0A:iG4kN$ULG"s#C$.;NW;6NScJSV$^seA!O5*`<;g:Q!du,;Wo>)df_dY!C,Z\u9UR +%eX<`n7U]eWl!K50mRB7<>!m@tYGi_?MphE,fa4c]gTA/`_H:u8oKMp;f`ol886.1.qekpuDs1bOT>kDHh.,58UYFC5J3_q`JdB4\ +%S%X)7<H"tq3TTDR)O7_skmMb/"Du=MP07Y$eSifr%jMWapKZf<\lhg"3DfF%?h0^.WqJak@HK?M/TH\;<r6=,95;U,[Nml8I@Blt +%o2Ac.!$05_4ieAVDRr?,7V/?k#o<PbloUl7dG2<m<l-R0@Q">/U\NN?D@dFGO5jYhD<RJZ=I8Qi#Y=@YnKH=P:s"5>%JjV+YQu== +%jn!ST>_ffGZ6e^ak.RaO@ha%7^!*$*S4M4?&*.<`=r,0QaeQUs;00'c"[+42ouK=+A@>"rDhZ+t3@(TUb7`ZUE:J3L06&*NGZAE/ +%U^<P,qP99sc;AKn37%st*W^;;<-O#5$gu2^,\7E1J6]P+abgRD0<XrIkOc\69;1.gjb`;==)X.rpJ=N4K3/"Dn0j2kZO:@&/B;]e +%of@=Fe5UDbbGK\EW[*h?)4@A$=euj7;`?+9dp6k>Z=U)H"+%d/;=5_(D(FFd*qbp2,@,kh=i`Nf6gumq2t>_lV\_W%*)4'ks20d, +%Ie[9B0B>'!iQ@=cr\4l>0I^iKH^!uG-i:G5D-]?]!MjA2k_gpY?HU"0T?%S'ls7T9@>g8%B3du0O9Wr84,]bP(2fhp3[Pac/VBn= +%R[IBe9H9e6*;M!qkX^j@3ftZ.?"pMhXtiAVH9A!/m6Fcg!s/;G/128if@0=lQDZc323kUo\,WjOV`lbSS;XLG-gln"\S0u;P065b +%@Q?T>-eNC[.Ou,$dt2/[G2pp6J7qDA-1M,s@]&-pc#$uY5SB2o:)[bHJo!H]o.j.EH-fQm+_fABGH0lTWmS2,iM"*.FnGO69_3U1 +%%7k.*9TaS"E]cE(/W-Oj%8saD5Dj;`4'Xbm:.2n6%o8/oMPt?W,X:W7ZVn7nG$<SL;cTrtJUgtNb]K109G-1ne"s]cC(5NT1^h*e +%-iWlmpNEos(X$2*gt<T$QCIKe51sa'*;dRtoXKZ>g[Aqk:NsjWqrj5,f/!knhT*#kDkg/[Y_GWYQ/e?sTR/b_UV4OFU-Ib<:G +%nq;Us2psp4E:B,.is+8R;i_"i7'oSp2I0g9:*7m28q+"'d;=,8XU[C8PC""$GgHG\+`aVC/7BC<![q\OVP6-j%U41h.eXJ!M^87s +%(RP3f^>kPn?cXZF:'XI3Qs0X;kftrR8Q%G^g&]+e`iAbcOJ&NE(VY;@@U,.K+8R_Va#H#!NjN1^IUZY<U%CFJC^YH:O.C--f'foO +%m887lXmJ,"HT>/;=ho'^Q!?DA-<k7@%%K>#j8.-Y\_0Mh</co0RcU5kM6omV405@Oggf5XTRBo%(u<WPB33VuI+b-agL[hN4L=%= +%g3_.^6]2dCHg<I>Kg0B]I['f51"T%^V%k7a]Sn[2dL!qcpkT:0\7`$$#u0:@@7*hi3]b`G2^X_b;p`193N[_+koZ^OP'\c&W@IVW +%T.2bF<1mmhOtGRhb10EJm"rks,+^3-cW.g%(W(Ci?[@rD0DkV#++O7dJ,[\W/Wp#s#2u135SX6r3-*b$a`Y3*^Ak;0s&:mWNP.m& +%V";nIfOGOkd;AOCKaY]e"*\[GY2&j_/E>Ghk/S;8QI5"sZ<sk=,YdJ^&DgFAn1-(b&Asc?DGK,GVVm'J#4WohZK"%QPDN>K3_bYI +%dp(>HYHU5aB=ctOhDY&.#KCKtO<63cfflR<NsBM?S5L71*ACD!%I;D4MQMb`WJFX?rpV/_o8T_q(&dQ[fWWu=pQ`HK"L^YCRbiKe +%49e\uoG.5.[0"bB5GXs0\dN!Hbr[iKrij9c;efd1%,)Ku8(O>UTP<KP^"Z.LBqb`#Mk.KnW9r(A[8VSrS+,1R40TAd)Bq-eN$o74 +%;@eNr6(VjL$IWh+p93u%G3ct*;h')]BIFtm[8_Xo42Bf5B=n?:SkXb#0I)j5p$f=`3@?c"G+,R;b\p+ab583C`ddC7T)4(Xa'#hg +%En.eV1i7QCMGZ3(Z[J:?/;_MOO<p[4p-7PkXhgBZ]F$2+Ar*D.<W(gGE4Tf"WAEC@NRfYqC2hR#CK1\]%=HhR2<</HnQ0=i+HG!2 +%_Yg`$V&HMeP[<iL/3NNo.se_%#:3Q3$jZPZ6r,lop1(N6QNU2+/CdLg+(7H-N=b$"PRSl?R7BgER@;of03oS]VPhMeK1sGtm"@SI +%1qjuB"eXj8emrq`H;M/d_4.<GJ=a@c4/H,0(b_bC7&s=Gg4<./I-c[YCpmJq78-`46AKc;q>hd>7lNZS%YB_?APW0'Nt09p%R?$F +%g@Z<!V<\l@]KCd]SY**(8jf34^(6]3?O3^Zq4[J[_j]Abjm*R9qF>)WfMb`[Km?$S_,VsuSO8HIo)mfo<.2$]Qtj]E9Ug/Ep^q"o +%2F2/Fj<HOoBY>TM,mST_CJ3%AYP"15j(bI]=]dEdRa_A30-!H8PbV=`6U@S48Ei`0.m/R5AY^1-Z6+:(4sJm/!iC*%ZAZ-..V5K\ +%>+o;oG[/8nIX;O`JURU<DYCRlj]ecj[iM["*C9gsP=2O6MTXIbmi@%a`p=cr7++T,;O'i2"G@-8aY5@L:`;*i\ba'MXSQALKL,nN +%!O7QSehm=qNnl:!J&5r^k@KXp1gk_A!sa1t$`g4i%!mPZ=jXWXlAA>PFt[0@$)Q=V$@L?LCfS4PqCVEnlEhJ1d",Pcb^4mZ33XS9 +%3Qk-7Z[9&U33)D,lQL*K,oXA]9WiIAp,Q7+n'Td%6M"/OXO%XK!/4:;16kI[U5Wt'9hE<qP!448SCXRB!Z]9/=.MU#KWgbpI3>6t +%kS",%:IGDI9DS;GZ8r(?4F)fT8!]@6A&"@gm;6RTLo4nr7u_b2_]S=70Ii`QplA+H3\4RX5*<[Impi]H&`)f,Fl'\m$s:PgJ>!0> +%gt'(08VVHV7cD,:8b+)a!-<GL,`4`?BjnHL/L-=-pI66`U"4-S_6H@_6RJgbqOoEQ/L1H_*A6\>,Iam[q/g8cLK.\bML)]!obG): +%DZa!pR[3FIYtV</'L9.X<Y1DB&,$BSESf>V?5*M-R*^-/YK#B6*JVN&L>,_+c9t!j>$a=MTUonH"oSqpR]VUENZCeUEX0ded:$5h +%8[q]GZSGPpHa:VLjM$S4M=B6Ec:ZA-D91dq%mff\1g&1n#*5(jdPTS+i;s0Pdg)R/9In*/'W8KA[X02YZ@G*d&YO4Y2S2gbcrFcL +%TS"5Ck'[h;Aas#/mkN46lc&hU9#BqI+@sHWWKhb1Hq=Pm)t_O*7D,g,.sJ7//BVju+4e>1SB*&e%G@eaS*se]0'"<[%:;Qj&P\jJ +%27LD^1S[e'd4b6uB%^]4gVs_jXtXi2A!nF93R_$Gg/W(75nt2e*XTX)*b+lJft/8<[,/d*0a`\5n(+KeQ?N`q-'0`F.T/?6FhY,5 +%g5C3MCEmKdc&`ZHPc%"M0E1)e55j$hs$9?E:VZ[OZ0hSRLL:)D+"nT45Q'?pR`58as7sPUs8/F;Qe_Y2-s6?oGbZqB?eQB5_lmg# +%Rn$%1$u!"Z0KZ6k.pN%T7E7O8:/BnS_,^q7CNiQ"(O4sh\X2<P-A@g52bNJHW0=)+*.6`:?icqem`4R)\+Q>S;dO;t41[L?Mn8#& +%*e*k?:dqb^JKqj1\Y=WYbs7M+S<U@V+3<C&??^p+71Iq1)'$7G)`2MHf$a4"[5"c"LqW$Dm`Z':*j":[J>4RpYC&9g\Vs]FDl;H( +%.28!$l@O/Ne(.gRdT/jBU[D6l1+ET#k?f=^FD;qKnVZ?AMS)sk6I-5YFOI`bnI!ZR'X`V<F[(9J';?@[YUAn)DkNQ\%']?1d0@^r +%=9JD_!EZ0j3B&45Z\V;c;j`]?b,df/**6dsG-c&e$DOM_JgX4fK>1XKiuEa>:cJffql0iUc,_tcoU4\_#5^JH"1)r9@IR(7$LG-_ +%W+e1,@I[S59g;Xu-t(MT#O5O[4.r$bmHpVDTXhXc'lTeQ`;Mp&4gS/O;/7V[5//qEj4`bOq:g(m=be;<-t@lE"HUf'bC*L%3qL+s +%DS8"'9hYLb;LBLU/Z*5)mI8%3G`qr,96@[):@%2Di(7ek</<#[P4iX_j=?0jbsTshk`HI&@?h1uo;l>Ld^3&PN_(tNYq^fVn'hTq +%/9.nZNg:d?&TNQNFdZFX?u:<^SVmjMAnfTr,%@2pAnYZ)pJ3WN0sE8ei<*h4K48nMDcU2D/okW6`=M4t?1tYFd*rt9o3WY^[tQEF +%AD<N3a#8Im[LoNJL_#;b2@Bm'a4[+b"SnWk[cSs!#]VM>943+0!-:A0$e%jQMS^Mc@,3d&b3QV0'k?"".)aVSk%AhF>S_97SH(6L +%eH:H\M..4dbl+*fq"isW"le+'%;Mfl"+6p]aNRDU?iYK"oJ$9@_6=ll-ibZ:/S=2G#eaV%dmRRheS<OL5XDFt[bK>UIeDu=L:2(B +%4O@ZIgBAU.8)'^qp?G>KYbEsoW6nOX$.'1]#_*tDB-*0d>V'EBQU>E@B%E'CW/+;g4MIWoj[lH*mW,&#MK)drLf=i<H7h`Wa[<O. +%2"Paf\HrPj>A`\)fKXPFI8n??T'e)rHb7nt"bNK'Q45HrFpB)P,&/6I"rLtS6OD!u<bg:NCto?+lDZ`)J.b]V&[-H6'@)6i'o%#A +%=Y)lRs,E.!FoE>)SF$)nH@S?9U3*9s+RU`PB?Zn!OhrcEmokABlYMKQlZBJHaYnVEYW$Z_2K0_oG6gBV4X?C$=&"h/(sHA,7.YRN +%aNP\#-o[TK?F_<&<uj@Z,FS[[HpeM3f,):Kn)h'_kXe$U6'b^A$r4kRa4/.<NBKf'f'<07djUlY%sYAgjPq&<8'(nIL1GhbJLF3q +%NG1U21,Wj>l.4BINM?9>>Wp-gK_Ra,!"'X%J<e'8id37:#oOBfa(*`(a[0$Z'Gq!d,tO3ll+N(s@)7fW;b,l@NMjL@Hf'ncVagpZ +%!$@,DXr&"<UgR5mZN6VI(>UA5MERp*"$*W](U)5d/8Fg9p"e>dX0&)m!nV?F09#82A,$EO)pFRap[3!U\[W=nknT4E\8;'G&RX"e +%bMf9,p:.LeD$8C;n!b-2Fp9G)C)Ic(dZ=d,S`%=iCj9<]@6k@(%F^Is2Dc7#g#i>c6oel%*CJiN7SQ`eA++C(C@$N0bTNND#;*l+ +%7:_cOkm/__n*FdDH@Y>uT^YO=`dp'lR%INpe*!tlgg::lf%8JS4Ig&^TiN2-+0F>dBitGdF!DA]*'CjZ?q2tQoj)dgc_kk$;)Mjd +%@0M_3f8*L;_&ffNf8!nGKt-<cWZB((M,.ilU^4d0eHgCpq!r4,!2$c7[2ZH(ZiQ+hE.C^Nm"N8&bPB3sKW\i6aPJ3M+.d>jemQ`T +%@<&".,[k,t%9-+jQ])&HXrZr)'U8s/\W'2=#+c<Nl];Q=A/0hN^X5D^798Q\gurKNE2+-n`"@ecHI#.PU7$_=Tnif>BeeLuJaW>5 +%\4shQVm_H12(@^iVWp`i<lMCC;qGV(cLHLnP=^I2NnBoUXmehsIdUr)&)$(L1X;JI]_>:mI5CAdi9=Vg?3:LXW5&S>dqcCeUZr_: +%8.2KkrDOR$DT,_0N9GZIJ^[G.@u3(E4/$@KQu8lA"[d7L?Ep1JGcW'ug5shHqD'+IJJ'cCB.uKKII]eX@%B;+2;4''S8"Cc\tLTL +%$VP`;lH#EieQ4m3.(/.PE#o=5Kf-40K6=f1;"e?)Ts=F1mP/L%%^T-k+TRhS6qdj*Qj#E;^tAf@%LsDP-W2E72Brb..+;u,%."J8 +%3F/c68S:9nM"JePab<@q8Q^^!F]lN9*Erag>=K*#S:>]H(nS,4&-_qrCc(h&C@:Y^f)=:7BLo,Z4<mgRBK-g+m2U5Mom&7S!L:D' +%$()JG/ERZr_h3*^Fq+jES4Qa5<oUC%M%s"/O3YjkXUZrB2&8uXP_i^bp\Mo_lfqh">k;rWQ)XoT%BsH0>;2.\P+<c1$*Oe(>@`NC +%0)!f-5\@V'-:/XkR`4Kf%(t_\RWnGho;4%(oPURj^!*fa"T;0@,<d3H_X4e))&!4`fA(t9E^uX$1O'B[WtXtZKm[!ejV;d;Yqt.t +%1pp:`_eHgJ7skn;FNK-'G8@hnr0^DLZo_&L<g`rfYRC5l$nSV2'Xm'(JN&WhgIYos;*1Al"IY0j9qHIjD+nS:_9=[jV97:$`@?:s +%LS&)YlR/M_pcAtU*X]b:<I^SVq!4a?doFGQ_Doa#bp)*p\Ko`*bkS.5.:28)DP#`C2pSkD;j:$c!KkDKb$g?%Fgh@-fKc=Lb"K*h +%m](sEr;*hGVI?2UoBW<fHF!4O0(.*uf2KWmMnh/o3go2.6li/75F_1(>t_5Y#+)45C58C[i,LS\L8S%p$-^)_Gl?=`/@#=\,*m`] +%APWY;5YL_=bcr_\f=c_Z5i]0N$U(WKqF"b5>%k4pM4kRp)KCuMmbsIIW\-1'l:Nf;*1_k3WPnUGq:DW&(P5]QU7gj6FD6KI]@KQG +%.,Fiel&,mP=AhC6V#m]HArFR:C+f`VkFul18Z%sB%GUk=V=kqM(ufpXnt/%a#!DmSPEP@.?gGETSU!X5j=th1fc6j)PV8.3jJb3C +%Bg)qP,83GA#.LTXp_P\K-niSA-pR2/MH>Cd<KfEmg)W/`0l`^VH=5*r*f\Q\<BYfLfRf2E&d4n-fnQ6sKc?LkL]dB^W1AmL7]tq0 +%nKtY!FJ>oMVgO2B=.Yf70(Z]Z+UHO.dQSqkhTT6H#IWo6AW4',/-W_kH2!oDc1aWJ"@D1]>L!Bc3Obb;N[_e*DjRg%Eo[:ic39s# +%;;fIdEe#271R\k8O_!e2**R`$>F7D:/<N85\o"cH0m+dtEfZbTSN#2=9Z<)9/UWSrMC8oJJ%g1`HOA>>S[+6_e4.(1K$+U!gZVBR +%-Uh<Al`/XHP<"uShf4QJpuu\p&UpfQYE-?=bo>M6%o\O.KO#sf<B4`/][=4(e-%e)>B&L?<^EV=O$D%*fWd6L^FC(0$G4u2YB[UR +%bhg6-%;1f?CabfQ?+i%\-$g'<>H9HWL86@1;7,?.3?c4mgT-_AQ56i=\6<9L3l`6r$B(ari>!R!>&54aNmXppFaNOIVeoHLARVD9 +%7uWO(<lCG=\.Y:A>7F>L,U^m2:ZcIBS]B7re-UnY_@#acU&TPEf^!&C^lgI6TX+j<]r&Ur\4S5cI!,0II-Ngn:`K%eWIrbmrloU7 +%nMG'Z@S62k1G>%@CiWF+#JS%\C5&]V*IoJ8UG)lqMQON&X?dY.o3c!OnhXqoYmRGb"M1#5#0pbk@uDA+mBZ[^%jU[m3`S@bNgf49 +%FN$&E.pL[PdA,f$VEhlOl,JCi\HdJD#3?Rh"B9Of6pm2u`_/S=!4>8e=g1#_idPgk6,`s1WP\?dTWSh`*E3a1@66@Y?6Rj#)mE,M +%R'Ula:Si?="g#-/4(O625p]eS.Euc_4<-FrST'Jo7`.Xi">SZrY$]G?kQ$$F'l%ajdf6$1S;hL*MJ;Lg<S''n&P@eI-0KUmXi9D? +%mlCq2A(=N%kQ<Q)Jtilf6qC^]4EbHI3Wfb^M2b6%3dl&RcI7!2Am:kBXYTg\2&7%F[0=-=peo'dGfM^[RF1:l4e)jF?!$03/On5H +%)4NOg+$P7NDX]rs*bp9X)NLf5`MnNi#!1(b<%&iP:+WUn9.#Y[0P[<4`eliG[039-8#)&eC+7@4"OlKlpOlRGljX=mB!lpnF'YGH +%;cB[KrkWA;-;"opU$gO)r06GYs,<InesNe@6-?kJh/-o']L.076(A^`5qgs&k=Z<@0P,RbIBMDsLDX+o4d`%=dg*=F[-W)iQ&6uM +%5R!]N8CI_#BGnAP#:u=#Xj]PH1V=a@6o>?!L$BfP=>I.0&+\KV?X:.[8ge(6j`WS#=jnMJ*:UW-aP%BR'Z@f31?r2>D0F+q<1".g +%ob\.=\XrF:+p'<'&@!C(hd@9])et(CK7uZal3f.DUfku+/0C>Gm'.]mAHq6Y83s*J"\?]u/G_^U-F`!`o?t"`_@GQhH4Ug]8./?t +%U&-N@Q<SsnGg]EJjRLJN+_;mp'5)CPH`"06h;*R9GNd[FK)j9i6$C6_kJ=5eXh-G?4F*rJd[Ys!7:%M;!O[UM@N&B>/D$3,`iV)< +%kSi$5bpFRdXaICuF:U56$]Bm"4V=?t5SP3^VE*H?gte+$%hBJ.\*pZ"9RCW27cDU>NtZ!6`D^`3g9H4Wj!"Mj",j\"04&&QDU$i7 +%V)+&VM9*'^J@N$R;`mLI]AcJ[nggk8QtPNfbRdu]Q=6d6A1ZD-hH$c/"i)c7Ad_mFh%-j@HhTW`,N6HQg&ai;4iM\,RV$-R^@Eq= +%Y@j!?05S'CSeo-&_QuSlJg0aEpKa>7[9*S&Q.#r6Cr'.j.?t&?if!sG\.=fUB["b#a\[&OKi7WuOOPJ.I:`^uU!'+(1(;]HL8N]. +%MIJIX]'55?#O#b&Gm;F&HH!`%$b@`n-e%4>#d)$VQ'E:2Bc:s(o<g;m0:EnQgE0NV,Q,F/rF*Sn8,NBkU&Ptd%Akso`JE%'NtmUM +%@_n'\4K.F?0XdUF\-L?jOF]@bk\6p%J_%sIY[uPrN2d9Ua2;j.0*GOiiaf8_%R'RseH6/^U)ZI<?rerB6uX%eHtP>5%bj@P*(td" +%o>6W).4>0T-8FjWnfMU*6Zr8KLIKc`pk%#5C*5'G"_W5^cj_h!?apTCQ$`lm[WN20#!a,K.[:<lNc_.<*+ZdlPfOMe;/bb^aUb;> +%5jnQ5n5`'@0(s61SRM44Mj7hl_Bi9jIi12\$GTRI:LQ'.fY">*is=,pn3"IsEslkTC]_p6ib7bXd.FN*ASY=:Ane68LWJ`Za!57@ +%2F^p3bmmdK'W]h&3%`p8H-h*'H*_e=<$`]uJicViS+ecTRZm-77hAhId\I:XnC.#QS:Zr=RYQC8dV[+u,IR,_?raBDg>c^)R?KV= +%U^65F(O@pcm-)#kC/XS<@jM<O8fl+KV!BcO$`S%lfb?=*U$_9YXGsq%XcpS'X)Y#;L7ZS#Cro"gd2O%9?$7>'Gd[13T$,RiO8F#` +%roOpE"'.!:QXIrIf->\'_K%IC1lKch5LtpZ7sdW5Bk<VGRDYE0I@%i,Ca9>1Z:d$.F"eo$M>*b?RPq&$30Q6pQg1A-%XlT"<b5Y7 +%$Ip.g3l2%G)?4VsBu4Z;NN:@KLLu,5%Ti[kYWn4GhVD40!Uu.e(8^d5[i)l]h6n*o,#%s"INYPLXk"N@]ZBXJhdEa)1-9lPNC>n$ +%f^:n&G)L",;Y!;4>bQ9i:[RXVe;_&&\<i>`.=R`.-`ip^MgnQ,5S5[qbu5nRJaT#EdoF3*/?3Y%BSY,)8',0_1KOD2G2;W$ZOB*; +%fX;o6,OFd)YTm>X1R3&?#59F)Z&e-=,KhB]?dm/t^!J-PT_m9$N[#"+]5Qj$'>E,%!AAPCE,$0W3`W8sQB)%$5m!7qGP@Pc$afI1 +%o8%L57<Rd;k=7pE`c-D+^>m-uI>PLQ2XK$afFd=6SlU"iNa+>H/JCi`PiT"5(.B<9k,&)l*iuC6IMlA\+Wa\/@r>SDfk4_;S&!ZZ +%/!"=aP;)O40ZdB[0rD"L<&ubcm0O'c(K+lV$_a#%Z?5f`5k^*k_JPgZ_>63H+e[2"d_sG%M]5e^"1;>$&:h>0eV?o>/Jr);N+hN4 +%Jr\B1a]][@aEZjG/j7sP`kdm7h^`nm**$qlIRi39@?6B,_dCUn0;RZM%JVijm@8V-;5T#hBqqjaX<l_kBZeSGRUa6`LiYrWVg#c+ +%Sc<0.mO)u4J^X\r^jLnc>ES*/7Vu#i`f;AM,55,'M.lB!1ARel9!12j$]K:3&Gj@Ka"jXn$F4M%B$e^B\6GEDLNBR*3"L6E<4/S& +%M[<`\OEHJ2^Vc&bLYi+^K9baQY"tr`[BJ&4ne"pgV[^uSnd:Dp-P5)BQkt]7g5K!Ag'VLCrBt*BT4!58:.AL5oVK0agj86NS8^], +%SMfS+C6`3W0L(NA,ZT!goO7uH8fdF:C0aI*<Tt\3fD>hD2A/@d'PHSjhZ,Ws#5n\Y8YFG,0qoVJnWbWGW\fEl6/:,@=g8WXA6*>4 +%S5KEV>f6.$`jmmP`/u?2Yi-%cBsrTu#mZ7UX9$?<__.bO33_q*dQiC%i!DjYR))s<&Tob>;Pr)=(@(#jCP-ISeBR%.&/KF8[p=k, +%bEG3L?[S$uK^V8acDYaAe.EP*B>R=$4YdLfCC=8Omo@[HS&%Yu;E\FEbFo@XDB'+3>k^,*Ct[9kLar,r%%F("g.-t99E@j^R:f-F +%'\Fp2d2YGn*rU`IRo@p=XS5YG(7[XI`lt!'cX>Z>a(?^6q#D!l=?l/d\/B@!p5E<>)@UCqG7V-?@\u<%Qkc7KOo11Es2c(:.Q7Ao +%>/&a89IFH=g<?5C-4;'+4'Q8CVe$2#N^m\aKoq%5U./AT$8jUp=7h+[&G^%]SE(=h_JA;>mCRG.$JgoJ$mCWk/%oE[L(LBkOgaQ3 +%[[kW[.\M%gMoNR5Z8u"D7_TCH04G[5EgWaX/HnWh3;F2jn)N>,XR)aT2$jP$XDFd4AB-rI_[=R.P?C&/!BWWhiJa-h^)(SfL#F&c +%:U*&F"Ua"WPa(CQ_F,L-13HFJ`XWO6d?A_r^%ShGArJm@bK,!@l"sc)rCQ!*"n6p4Xq0e(1IYN4X^e7Vm,j0^#Nd0kSo/r8\Q#<4 +%?#jQV`G^gR<HTsB"3c1>$h)\bkDOr[!8O-^Iku*a4uQ@C$&mWq]qa/ursd.:l#q'aaK?MK:M=*oct&f:aghG[S#"_c>2d\i<UDoj +%D]WMfY)Grm)u[R`>Ui"#Xo_)<=nb$mBb(:67e^SLG`qpee.cPs)(+co9/*cYe+4/qUp:;_>NjJQ6Jqn@&2u=$7h8U'SZ)Vc%,FLR +%%SJuR=S?cJ9HDpE4DQc-FTJ.7$!i")$fD/NU`/<d(9b@d%p7dg[\H@bHJ^V,7^+[7J:T=u=s3.6<j6Kb-WR9JRSU_FXXJR;W\!bF +%XO0nlU1`L[U]g4ECLPM!/Tn>*,AkFukr<5@g8VeCq@.Fb$&W3[I2\*-q3"QB+JG"@.n'fL'HJ"`W:qRX#3n&<LE_F:AM/k(1oc[6 +%0I36U(i1=YA&QH'b^?c%LC0VM$/NdU>T!2#&6^!I&fKPK9Ke@6"I5nBK1AIqq>Zh/HQC@s,Y@>/qAi&!6D,5ErZ_OQ];_)a?lLYR +%+HdZ+JdSE+H$cFCO2o@hHN=J5"dPZ@Su:R0^C_OLk%<Fu2&tO/o]`[hr^/VanKO=m7=U":U)%:I^0acT.,F(['XA!N]$u>??gS%n +%G41K.dmpX1eiWGp\)X,b7KUi9VYW3V&.Z(8h*;6tUsIq'iN)fUXscV0npOcBF@8GX`#S'*97eTj(2,5K52hRDUJ\.`rX?Z'pE*T: +%X(KFj3!7!2T'-pOM+\M-Ve*R:,YthR-t_ts-'-4>NIou>/i:rp]JQWmnjA<.o3n!i"'?LU(Upl2JFq"C6=_C@#jt=R_IX,&@V'Q= +%Jld-PG[+ZZke#)oS?I%U9s[T*7qu$emp^[1fFcsu[-pT'S#M_HoH[-I5+\Ch`cj.U;D8ljdT&%N=W@/.l?q.BcCgEN^pdTu(0.M: +%3*%%O6!I3!q]QG]:?W8so<:,i:2&B\.'/XjdIMmUIo.BEN6ogP*RS^T:4Q,ZB]h-K\m--^0Mm#5EohGcYp,%%gjfR<]Z!nXL#O:1 +%]M"FY>TiCLCS%b;[n&tIm;#pi,q`4l_K.a5cc\HpY"OWlc\6`f<nR30k)GW2RVV!3rAMns+8.n4m2+<G.9ba[Jf7XEQ>fdu]AP_o +%aeE9[)(loLPe/5qP]i7#KSr\q<S5\f\BKZqC7[m2@1Fug07Dt.fe0rj)@B_B>3[+uC[KW6Gc<lcLpMkK[u9O1S5@rdiq7\O4)<@N +%$LRtQVkY=Q,:D1J$=kjtL1RtkPIJr6b;WmTPIOshX!+^Xc.bJFS3i"eFO'NK<pLfnK`37mH+:kZ9G;H@c1+S7B,S;<hjDtq!17"U +%GQu#2kNJclh$.og)In+ORo?&&]+rSL+'\k,=7cVbd?1H%)T@tV)<R=0Vf_@IitY,qT)'XbD6(JAl10\bMK[FjN[;u&d;7QsP?Q8; +%qX?!d`ZlDS;^9Pgjmts&p2d<^R(f1Y8^'?=f/Mb\--G:48UsHg3)K;o/apo@:?jL&bjA8/Bbj#n.I1E9gioDh^CEHfGmhW^i_/>k +%PjWL(_=,)A-OD(p$GE4SYlk`5,-7cH=?84Cc-Mor];Q_oUk!=6RY+Y_4X:k!fUmKlhJPc#?N3rd,s^0gNj4+I]kA-,U:nfN?A;6` +%e_I';DHZ,)#9:>hn6O.JD3nnJD>JGMWNXtr6+=%i/=qH(43]b7^@.NFPFM>\!'HZFh1I"rZ'HDZd0@kl5:R6@P+GXsYA?GmQ_Xi! +%Mjg7cgNT<.p6`.!J"_$;\?H['V4.N<phV%Q.qD.m9?nSPTTXELAWfsE<j-&.R>+a9b&3MGN1aIN!#`)Y"C^g.HP.#k$3J'#oi%4k +%4WEcCII*JY(U)h5G&NEUD6*SHS7rGKcLN)hd'UjY<Kd:"WG4ak^-[L,NR[=K7Bq7+a[eN6)5Pu8lfF3Qhiq#Y,o)-UU,XOjIB;Di +%+nP:l00CCN[4`]5be#^=;Vo+A1(un6`L2(=;p];A#DGk%Ng=e2O=XH<GO[b6V/Oeb(h9TAom%qOQIpQZ()sNC"CtJj8o?;`&c<o4 +%j#L7;Gj&t.O<rQl;13bJ0i(I:I2c13mLcYNOCd/nWd./=]nCFEc_ZR_.:K?k4Af;iet0q\,+t^nbdlrTK])L7%K,lt"/os`b?#gg +%E;(IP\[i5r.O.3ZYA4@TQC^Xh">F$5*uE9r]>7rN6b#d6!*+eO+KJNP6aIn!c_HfU,3L`dZ\(1f.@ps[!In6;#@QKN:#$@KcPJcB +%XC7kjF=8lBh8ZEp8-cXOmcDVd)o0I0qN)t3"'@o+=bSjYK<!9?WEkuU-$(uShC&"HLPAaa+O6TU83rTSL(ksa"0qSd'6u0:5Oa0e +%*Z=(&-N_*,Z3[ro:D$EXNle,-<D[20>5Y;JPLtf(A=FN^NQR"]^S#0QqJgX$TA9!M'kp\d7W(i(!F:1-1Qe"mR]7HXh,@7&VV?-4 +%h!*67=B(O[7dfN\j`5Wre(Y,mS9H!S-8#M/.\FZJq83+^l5me@.*jKh.'IkVEob0aY.W`+,(0!IdTXS--6mX'jsK`./Rtnh'AaG4 +%kN:ql?UQg)>C$:<,uSA*It+u;C><UQ(3A7X50?/.&$eAc\`D52S?r!6=jDr`kfHrM!I>N0b&E]amM6JqW's3omjB;1VXX"+++rXf +%c*(?4nMmRNFXfiu]5u:u^J`OsFnQOeSLN6)!h?Un(3Bp>fs^_^YV4n:DG3%ZY\'+2io;ZEPSE@=E)kU"B[!XDQ@t_eJX?3<*J+L? +%XH2OJl7tVFc/a;rB<hC'l$'%=AYQ@SS#1OqMU@=KN@(<A=1nsqQ*C;D#r<q(G%K@o=Z0MNT=(#i8''%Jl7@P557('eRP42nbB<]* +%CggHNe='VZ/ZLMo=E4]f=/#4&rk)c4e'\=XV"VlAqh0IVM?'2/MP%n!osiFg*BD;C8r,FLkbZ&SEEf26nmi!Y'K2,IMuBlAerP$G +%1gYd*OP)?#*q.K5.b^o;"FSD-I;JEY<mT%mY/#mS\KFbsC@0E3N)!sa!;E+LTIAVXJ:uP`4,@cEUB2D(YZ+SJj62W;AZ)PT945>4 +%hZ/WL3Wnn(f97Uab>,ZVQQ>.Te9g_q57P&AEu++WAM/P6P#]*J)n\id",@bq#u_i`f:_k0i,D>O%S2LqJ^-DQ'>Ql@oH4pBTA":` +%1GM^.dj-spl#-""Ng9:opLF.&(M60lEQ*de`NIi*/4ho-#4$8%r`hLU]ROb.Ijt&Gp1qhoaub2m.XHD9QK<9Not7bff$L&grSi03 +%7?+5Fq)7NXW2s!+,jhfF8j1iZ!U)%p"lCN#m$D_C/mF,EYAU9S=F6VRp4h)<A["jpTE#*37U=+ALOq%/TY0m^l-0=[r-!rRp8@&s +%el0os>%0\&\bo=2q7>%4gF"-C7XWZ\@W''1]soaUfW'UI[$TR\>B'.6$o)MJMt@GCCC11XnKY6QC=d4*7DGRm8cm`5[OOP;$<*(T +%kWrc_R'Wa!G@MXMN1$8(N?X2fDV)#XS&DObI]FXl=>Kepem&FaYqs9&g>GBY,us"#O<.3cl<6Vq*hC-XpL(WPlb1/!4f_:525hQV +%GlB/bM_AK\Q]o,WCt[Z#F!#sRMN_:MXRC`<CElWhE2is7R'9VShZ\@!?IAq#*Jr5An;eI_>\:1fL8$,QYK&T,>Y]gX=?q.[XM?Cj +%]0TV:?P3qtn/,Sj8&5P-kd8p)IB/hQ#\Yr5iAIe)=UHO0d&fM0Vk>@cfm;^q+MEMP8P@l/2QohPSEk/b<Gf9Wouqln=k*5O'Q;-j +%\6F8rCJ".9aP7rUp6E4ClKu#t"B26+ic6*UQ-X<.8j7q\XfLNhp"+*Og,e1AG]*oX`M3pPYjKB\/4QlnooWm[*hAM,(sK<jrO7i[ +%D/,MWdJ81pQS9sHbP)g]^L;+u)VODXcW*7\&,V5MNa*Arp'-6Yc>^O*l=g7B;[s'OgV7aMQT-1n/A$h^0apmEN?od=2eMqsT#nf. +%GG:`*\6o1?&b_g^,ZaE1]Jgm@cermaiWYJhX;#=%s-uYR<Fl37.2/6+"-$=,@%J6&LYXdZL/]>QBs*$8Fal>*IV=83KP\E^]Nn`J +%Y05n(g=cR\A1)kim"PDeFrRk+gXgeb?BT;Qg-1(YNXr:Em[$-!P,)%[e],++oY9RTbkA[J0-YL3&8L;0*n^^YJ5MeTio=/oIt*:4 +%^TYr(Ag7S2s'5Qb77lmLp7a$QM\@3mIK&1(I5n9o](]fHZHh_0]u[*l;F`>NcuT$)/IQW59uUM4<m>\AD$80`4mKP5Xpi?5_(b*P +%Z#`5,PF\M)6J"C'ZPUnU[''YOEK^NWig?9<=lCklr9mol!$5pTQ)#U0]'T7i27%TakrhF;IUIeU0u"MV'Ld9OX(f43"0-q7ZJESS +%*c[.=2Y,VY%UGHCnVl3M0ig.U,KXP"+XKgW;Vllg@$[lDi6F7HV4DGm4lSs6;L7sNY?]HV5%:d*n*CJlr)&h^m/7q#%S7;Tm"&Yq +%:#YVlC(ku_rV_8'<YKkKZ2n@$l+%_COF5u9lJ!@p*3Os+s5!#@nD5iHpe/4cro">Rl28<FXY"6q,Wi.q*Qs(%.D)`N),q.&ZB4V* +%g2>#]$sjg!>1Z%UcWa!4,klsX(V5D!7/k<QqY]g91B!PhTe4`CP6l97$1c^Jq*4m;jh^j:1f+ZSmD'lpnkB#`aaG[r'Xk$j(jT[5 +%p>KdX0$j.Wdc]nMefWEO6KL\4)[e7XotQYT[nHn.JR"da]er=uR87:7M*h#%F*V#"-q&H.!cjk<%Z$TSd8;13Ekb=,m6qIS"+r`o +%[)@U";(ZiBOh2`1DgT4d>YB\f6D?3!`TZT2PaG\HD2Yj9kbZ@IY&kUTa&]@4-b8$']:q9nU`JPB6Tk=)V4>0H`u]3*Ks4p!@&*ol +%D9)\sp!&@/_Bg-B?h?_Sgj1gkDsJd(K'T`33?)?m%/hJW^84XifgYb:Qf/W_rCWn!G8L,a*kSQc$/9=2*U>h?VSFd+qNsChkM4(t +%Xp$Ni790#IY8<bt1Jl);Fl#tkT$_TJUekE/!g-GM=?BOHf2F[les:>HSHZi)X\Xf`*`;FE\m:g@AB>DF0Cuad`g%Rs0$IuH-nR#S +%^p'7rXhFGMPC.^Vg?*MZJS/aq#6BVIU0'iDQ1Bh![Gl!'6J@Hgr$!!&pM,0gFC+GLm'quan]2(LAVG&XI3Kub6R/u71C5!<lu?Vg +%KlUL&c#39P'2.>p:"1\HWEHHlVAS*.A2,(uOe^\?AhR6?pia0H6nk+(kGHTF_K*#C+PS)M>gG\l+Ioue&V03m(ebCQ+-df`Np=`8 +%U5k*U"fgK\"S[\H)TeA$CB%QAE:4Lu,cF=[D8nL+F0Z,h`r[oW__c_gAlWL.`9)e]fqe$n>cYt"q>,$OVb`d@o<b+e`hLe;ZdO4( +%BApbo9oim+ha.SPO=E,R,cG2QPU/$OY``H84#cshj-gGtdZ8nD=;lEZa@5#X6\>*rn_J37.UN""7+UARC8,R`!)'>7I7XWi6CEFr +%S_X^WBnoUAY:e$,@B7uP8g#.L,+$,+F?/7J`s@l!cu3bHNkDN,BsNT,_pX+#'ZU+>>VZ)mru]>BVuCDZKb!M_+ui#s`ab.a;&cNn +%9t5,B-h$@Z/%rjh84'F];a*Z>'?;aH9D?$nkX/?HP@oE[njGr,Q/Y5`lp61dMV5eCLBC3:>X4%^)/u5/E=j]YfoeKFbcV`0m<Z]g +%9B#t/)/#-t*0%'LIj_d=F^4.g9jR0X-\QQC^c-Y+D*?kWj=oLbZP5)(3,X#p@r%YF)bGmh+(E&'2Cu1mbo!f^fHJToNPnOR%`?l@ +%KNP4G)W&@\\:pp?QVKj?[U3Ir(F(@!;("BLVn7]>WN46r^@(#;/Kb@F3BqXDR\+>O45@kg"\QH!^:aU@^bt,LFCjSbd:n%N[oNCr +%`%fU2SMgq2qmi=+.h1:></AlraYqV'X2o4-r8uh#e6EjDe,n(%QM>ITmXFeG.p/nEVCDUuP(6O##<70BA3Zt@fsh1TO&pZ-N$gK7 +%3bQJDbt(<13f3Mo2(U-fS'>PMggXGu_g\s5`\us$R_u>i^QgKc8O]mN8Dgc@IYOP$?10?/VEL??Gp-(3$7\Ho,#Y`kGl3lQC45Cj +%B5=B64Z/'CXj]8p80+hPX=Jmh0-*/DIB.F$S[#KH,(_="lEDOU*k[XWhJEQ:X1gaHMhU7:3Nc9[.9G1d_Ue-,jr*T+4l4b4)HP!H +%QBET,a?4ot>;WI3ZRW)#6D7O1[t7A4N&&/.>o(\kE3Gi$>h.%:iC<?L=ZFD>gW7BgJQ2%]/-b-XUuJ*XReNEnS0`AfF*nAq@-4U) +%=(@$WY>!Bn"^SZE9HJN//(8*KQ`^fh.Y^@+ZO8m*^I2ZdKfjKb*e&;qp:S=Zmb=4?egVRPkfE;fDC%FP9qZf,rj&*n+(UEPHgI-k +%\]a+<]X4"D]NK_4>dR!oh9-hQ[p$kYkF=j#Gb$NA-CI)PMq<3^AAhqnO0kd!&q\Z^E=q>SN\u.2D`$U!WZbd/QE3]^C/r6aSUQ)D +%fb\PG8oD9;E;Kr@EgZ5=\0TK&Wn3"=06Lhq=HcuOE\i>IXNmJ-MsRce-=]Mm>Lq1^-U%.^L24E91BBu7kbl52rp[g&YO?Z144ZKV +%4RcjFnnpfN'[Q'tR:qRpdjs+b0Ib`pe4Mt<Pkq<3%mIA/g?a.C1oFN#3]?Y*B2FaF]=;GPe=s.GO.B*ni9FE6O8-hi"E4U4h%.1& +%^&u8PC0VONT8pK_'jMMBR!'!,37m(Nfjg*ajE\Gp6-=<42hE-sG"H13R,;gdr5)#KAb@:"He9/Hg[n9k$,m>"V_^-s_rNid,q,._ +%"suVZ3\5NdfnCCfJoe#Kjo>_u2eK"4?/aldN2j=@&atPi(-S%@a_e&^gQhTOj3GqX,!X<Gqo.S+"cVH^no>,qFomPS_]#cDH]Qt% +%Id,])NPtFLq?K6T0rYC'`A.u=`7Ft&S?*P:m*'K7ZsQh8/"3Q\3K:-a=ui!qC+DO29CW8Hffjo_,!ORRNOrZBc(]Rsdm,Q1PJn,H +%>V51B-ji&rEWRjj2[1S&L'3]U<hs0YK"Y58/2FBh8$`jJR?]%m[>SH/[W7WC*G6BA,m(DeIqd9SGP`k%+u(=:]&u`*D5P'ZjCV:M +%T5!J![*`%/o1TbAqGbHm1dbj/S's&WR_ccP*]YVBjim-J+deHGM7C+]dLW!>+*74=CVqt"/irbVUum!@a?KiYAi=q0m/"m2cn^;* +%m'rF;NL(D-/BG3fT=l7%TFdt=gmU4H!SfoM#aFl2Y-c'hN3Xcb=[n=(a(,;^:e_5QZA$l4WOEU"Pum%UTYQ^S2XXi(dbN^Ao)7"1 +%/hAi%KL76T=GI?qP/[3p!)MGo&"T[k0[j"sb'rWQIJiKY@6"<#Wh.A^<&]QFaiod^P#`?bh_u325]5mSS40]k!&![JMu<=2FtXXE +%NnSF'+A;N*P7!JL"[.@i,/Y,)lYH.,/p7i,7*#^96*4LJ/b:%c;cTKHYkjM-=!tg3#$B=Y,8/e9o)GU/QY9.!XV4kOO'>f@`<*OX +%g@jLZT`e!cjQ393L2IfD$F]=:B)_\[mX@2%QZQ!EYA6d^;l,T=]"qp*,[cXn^H"D3SB`XZI)iOq_?,)jW[\Ygl9FY0g=6/jG1N6g +%;kp3KmIG!6"c1[tf,J#0G:M4[-C<.PkRa&^E;(D0[*#PFXscPtrK':(al8_SM<\ml%e"P:.?jJ/*s.2Y3Yb_lEko9_>EdmI%[Q(H +%]m.D18'AOl(1'p>6?'U2a#kk&f&u`,D-NtO]5j;apio46[i5r)\Fsmgl'%B2OKhG0"4P\@Lp]&7<aTWY3U07jO8XmM+I?n7RbGAe +%OZVsN$]J3(F9HLGpE2n/IT7r&@FVXN#ct$l['."d1C2P5&6IRnCl?Y/cu&RacK8O//7rc__t%s<b*6!Ag4$<2dL\^Y[pVb%@7$N/ +%gK^>@fa-;n.=u-EK"_Cnq\dZ\PY(sR%[keccs;?]HFopi*r?]77*N*h-sF^8'iR#<\:A#^1e"!.8g4[\&map5JO<]V%aGK[ZZK9[ +%`piJ5?ke$bbtP3GMm]_((7S)_"a2,abbGpL808n>eJr(2c^=Jd%/12%Rua5hp-rGP?QA<2#hfnNG5U()>-prU"MgTok/XSeWA<[L +%]an`s?sPS4GCG6pN3>M#_Z:nmBLQmm(4!I2%UhYfOV4WGpXffg_8^ik>Urp2]8@!QdSBsu-ph["Rtd@UR-c:VS%7BXEq_b!mdj4, +%,m\D%ne_*iR$F#%F*XRN:Xp=R#7fjo4`n/2#sH/thF/l(-j'W!NJ4,[bgEIDK%;)XG\!2*frSqKB'"["X/T=)TUj=ON*I*+2Lsdl +%Mp#q>5baj948Rt8E9q/7mZ%0e*_VqKC*Y%M5bBgQMSjW\n@Yo,ej\Ve--W:CD#%L\bRO+a6sXjSLUj!HV=&F?Dk'VI=F"3;95A8V +%nCCIuga2p(d][ta:s%Y%*4.M"KW@b*Eg;Jhdj6Ot\dXaF(XEIHYYP].cXE)#3HrJTb`fD%Rj6F+ER:_c#gWp[HtXiaIS+YnK!#eo +%<RK4EQo<>'I#R!qRU:,_e:XM%fCT><`l/ts1pe"(dEmpOlZ)9j+#>jOCMIH8o@i%6oo!d5WGICTE71OG:c'b]qmOsAR&D@!%MIBQ +%>2)&`0]J87Ofm4DEr/#8UD:<%He>bTY]sY'R/9s<&nJ5>JG$*+4-@`n7.Q+!Ht3S6-p/9YfGf0jFfA.Q\;4D+_5UD13eKb@46l[* +%V&q''.6*O`_Yu)s5QLe2V-S"ZER/8[6+CRdo2[)H+?fY4;/`YA!jFMM_R#.,8Db26$,R/e!YCUBMe$0Z<6):1qmm<M=[VE>e=c1d +%,onUb'Xd)AqZ'RoGh#f6!mPqsZ?R"e@M.K':V/mf#!Q`XZcR8u:l]o8CsIOa0gYh>]^/G2W(Ab$Qp@pq<1^l)kTcf0(O+7YM7O7q +%9`T+/':W]sW:^X)\U!H--$P([K*:7_"Od>\q(NH;P0>6L_>[Q%bkfisMR1iO2[%"<"#sTRd@am8$JtkA^GE<7M&9Z<:7I_^n7&:r +%lY6/seR&MK.02j0WBfaVq$j]j=%bFC^9*$4Pb7d]j>Var6s0<.?u\g]K&-=cR]7VFB'frT4/QA[g48sSd%fO)-:f*$>p=ZtB0jFK +%J9<?Y>eQPF2+7lH,G1F1,tJQZ[V+!RUAhu^]25%:(aE\u3Ps>!A?Ip?dI!O6!YNp`KIV6GHYhR7B(-f\1/5`)[8ZDCioXNk]5eOh +%BW7_M9(Ln09+ektp:e&d;XCUthO,1^5D=T%/T'4KQco7\7jh%IHW=.,8\;d;C"kO=1(ro23B22F)B\\iW1?0JLC$u[WOW0-9cIO_ +%,J3`Q,HXH`-X>b-dO%(M]RD;$ZuEkX]+^^+%2Y5c3/?lSl$R307SjAn]5^O#EY#uqQT6j*>BgWe*Xpb-I*c6:l16]9N6EhiB5K_n +%S`OWHkoW'F+VL_A^Eo"?/VU6;DoH*UrO6qX/iXBIU@liJ=agYJJtd$cY6(#Xek4I]ABe6d*JqkrhYbmkbZ'M:/kuW&FP@pWHU="j +%<K1'M:E40=G"K7Cd]rM/Z-rEU;(c>BN/^PP52i4`&Qk`WqfQnYkLJ3BX[.]GC=)8J>u/W,/djMqA48X`9Zk":S^%*I7XG.YAqpAK +%Ou9Qg,6bsq4^@kNQA\(2RS%N_A"*mY;H5A'a3\DVD=).+2Gn%kOtYTOBc^EeRILL7.o5+WnqtX*/89>0;9Dl1RVDVgFoB*4jguJ9 +%pTfE<dD?&<Hrr\sie1[&fjfT0g>mP7ZQrR?hi!Pn]#p?;+n2R-;&;s20Ntn#pO.I;;kh?DI%n>i9F6H,^n9qWM%[4$8YfqrWO$g6 +%0QMaPlZU"BB;>akg3HSK8:cmef<-_C')_&pqR?B+W(nDG"JSW^;bp6G3+ot1"GtBWGeHd]@r;iV8F>WtSSO6K.II4OX/lD9ZAKhS +%<m`1Rd:g-b\;LIt?C.Wr[pkDV4_EfPI+gV1B7@/7q)&c+?mViBMd&7GMiL1tAuq"q0f!^1<ku4"';66DXK"i]E2@&6</&94]1h(X +%Zk^X887YjRDVAjEO3nrkRX)cabf!I3No6[LB]i^EpV:Fr%IPicM2A_<j]Y:7k0r4DnM2L.@<$8gkt5bm%Dd:M"HpuqC[R@j0Z'*' +%ESr)g[T\r3+]uZAD.u3K@GSi.X2Gn".Z1OT(`.]id)fUIqr;P.(hYP7l2jY=?L9+kk``$mR'ahZ5'5?:T^GuCl,gYEKP#2Y':=)P +%'"c_YI:cqa`''D7Q4,ZEZ%gTT1b;^62DAQ`gVj1Zo#[Ypn1d\GA72,#oDj=C+[O4'\]aVt>CL4sbFQZR-tEo'AQ&*HdJKp0iH`*= +%f6B<m_K_qpH9d9FVWJp!H;*Ub?qg'^8m`@5lOc&)\.a:[l$O.1Sa(S_hb4nf0Pm+lCGcFV#+aV@[F>tBL/>Ve5m5sIGtbo>1U-r) +%S.6lZ&]D9l%7#LuZ&C&-]d0f)a=r37OIR5#N>9n>#PVHHjl$0>6nk^XO6#qp5!NBOV$LS"B%X%)';G95-"MO6hqLGb-6QPuV=F7+ +%&6.?.Shsl:rde?S:o]hsMEQm^$+e6iXEcqsW?)^8Jt1aqjY9m%l1jgk^,?e_pB#[R</@3(@DE!ZXPB>TWZ-F4fFoYG9miE!Lrn/* +%nEG?[JCUAW(HEgU1-,IY\#e-u9Up%%G)313V/Ye^Sp-crJm$Gm!s3:joO(.WV2q$eZ>NB<`+WORN\#ZE.Zo1_Y$R147NWD<7r[nm +%HEE-J)XEs)@2OQD*M]MC;qdm5BDViXR^m@O9>jRdHXGcfi2R85?2Kl9++f?Z7p$G[aSKHio&%H$M+3:ZM+=0G)Q.ib?26.8C$j:D +%OA?AC.re,W:pu+V(!k,,(_s.hWN%tFG5g-TIg/.b:`6=l"Y)kBaY+ssl9Bs-ppns\+6(mJ(O2=6.N'!+]:B>ELRX.i?D'pAGIl", +%Ol]u/Pru>2>-D^H?Or':'f>5j#8HPU`GY?mK,UudE*_/<IQqRR_^(npS-X!K`^(OCd-Dl1q2dt@UCJ?r1^R%qk]*`Uo%[b@pgKSW +%[rW5Q'm'Me/csfAr=X_Pna1&>`_$B_e;QR?=r9QI@%9sFSAA)0e/]\L4I3eXYbEq+f)8iI.ui*LqZI2(QAU4I[:bo<M[KrYHmi*$ +%RIM,5BD-c-,VX+0WIKMl+t0OoF+sG2RqQQ.U"u#/+e<\FJnO9GjuN5YM%g_=V:[5F^9A\q',\*DBHuI$O'YH<&)89_L!H/V.b +%jqL<XG6Z8cd*VLJLBrr.(oZcVj%4CW`]&\E?G,Q'0IGRpoZjU-\jSuH2c^JpTq"NrHf"GdoRSMV3[aBm7sdP+=,/iRZpp([p-GIe +%KNGiEM+Wr08G0QsTp7uQ@q-l(=(?Le_a6$X886$9QZXLh\OS76>J:)UpA#r3%9M^nec/sU/V3r$j([kU??^/tA)Vc._n9j$@qNiW +%AfJ_Qg&L[!eS$5]n@We60p7@'H&>'Abr\O/k#g_<Z;)R0@'oL=0\T&dRPB_nLN@'!Yd1`PhWm4jP*C=)fo/gll?ClL_4Wf2o"$Ym +%C%I%L\31J'DGBl57\Z2L&`&:uc^*'M=]r6je=$i?4Q8,BQ-6[DFJG-<p,.%>ka@S?>=krXK_J&RVJT?,9V`9O^*PgTR[*D/T)GLe +%S]`KNRj(Z,BeWJAh./D6#BgTZ(ja/XrRT7]OSVtV_>lpBT'M1FJ=1E.Q*(Vu6B#]BC8a/$7!Zm^nbgmCe]KYN^$8AEqt]O/[WSfF +%MToAse+-O?htD"'*kl1V1"TEGPh;9@Hdk19+ZOAo`kagoX^&?EHpMer?S0IKoShBo)3rH<;O8oL]dLib/pGr6bU%eiXNhJY4i%]S +%C+I+sS6g-.B.C/VcYP,Vd0#K+'+[XEasG1<[94dlpe'.aSq#91S9SWss!HPh&`8p.rN:53S[GdK,8J]7K:'0*.Sq<1\$dL2I[HI+ +%D;F"m&aTpckMjK>6EKVsGhG[@]D@;ED]ah&_O/e.h07e2C#q8UkVBDIf6=&:@^s8qPWdX\D>FK1OiJT%9g\`8,52qa%OXN,m/uUV +%[dl4J^J]t>Jf"3Om[?MQ)&dM70[`3G1b!)PEn#C-W<"8lMH"9!>2aMmY^S63Tk,1]A[EQ`WhPJ1$S+,f)"+!Qg_VZO>hrXBRoSVt +%$.!uI/&BRY*XktMf=0@Z[3)q"HArV]&,ts>X?,aOp[RWPRun_2"$/'3@m4K!V&7`7;%P#Ho4'Q`!7'k.Fmm"kSJWop/.9E?r:no8 +%J?W]i^_)pAl/"D<VcLBX$+qn.>p^u.,j10B&m&,;'dSM<8OoO=lZ0KbF(1`kb`+LnFM0(hd5iWlT7HHeN\?TK=q.9kXJ)<&LJDD+ +%T)^0B&N8#qV#t0s.e$m";%CF1OQF^"f1^trjanRN[--tlB(G?#l;.aZ.-2pmjC^cgaW^'7('/1M53mo@?n1$l;\deO+Ge1'<*4f3 +%5Q(^gYD1V_l&B;s9IlGR3".#I9+<)8Ot?;k6?%h3jZ^kh9Hn/KB%^f,;:g`P$Q,(3,_A@,#N#.bjVXj9h'jbJDO)B1^W^CD1^Lso +%J(!+*Cs_EUD!ZmbRH-G-p_:!DDt1baG3@ZOj&I*(qOmuje-q*T.RD@d\DA>jPK.>NZY(@u"GOBY2OJ,2Zu6*"j]Sh0_?cAY"0j`@ +%TlH&rW:k5ToP2k5k!&dM?K=SAYRi>i0I!%cV)%B?O&98#ZYg_6HJ9Co*dn*nileM(pT=Magl4`VVqdgKb.-Rm8elf&K0du*+u444 +%=B+_P%9Re%E:jAd*`9TYl.HD5&uhPgS_,_,+"O)0'_@oK5/T-(@fFB3f8SZV=Ob32GDR[t75_.3&JP=A;S9^I:X\(C<XU%V<o$k6 +%W'U]#j?lW9+ne7$XJM6+&+$pLWke[]NJ>[c)0F3h&D*(RAM.=/_Q(/RkN@\p92uco),l%t4s`pm_bV7nWO?*-,fOo?DW3(E\[0_H +%$4FrMpsj%1kZQAkM]FG0"lDnX@Gj^:Ef&<KfN1(V?TAkolXSJC]Q^SLWDUFbe.F?bk(c-!go=]4e-LDd/IA]VT(Ro.26">WObPDk +%I(pK'gdudVio(sd[j3NAXB.?\]&&m+hp)r->e+L%].t9>ocUl_^&LsO^@0hc*!fPmqU\A`8*aXkbmSY@mEEP)X&SFfQI/WaCOY^. +%=2m=q*.Q]'LbDA%0X[Ve(9;7`G>(6hcO0_KbC6p4%WfR0?PF1FVYph\fI-KLN?/lAl4PH<F%/i]Zp87"48,5am?puS\;)?o7'P7- +%2pmZQo25[7m`9#..,u>h[Nfmpq@_k;&RhM"I:Y'SPRs;@@%ho,eXtDo>%$0D<nsk<No+8omE)[I9']\(OQ>3P/(iA%"1[TmVk;l2 +%0;X6tZ2mY`C<)O\S1TR.j2k?/"piIeTl_S*WWpt'&D&gd,X%s%P%[eFfHK>ME9=DsA8G.0!sj2R6aIFF`<[,2Phoi\n*HMSo:e1t +%BKUGi\&$`,@5VE0OI8t,@*</;5Sd/LcB[ZDGNAMGj9pT-T0tei;UbW)V>u'[c8WSIj_d:`A$+OQ2EOZO9?4*[2t"ubeN\#Y+b+%c +%4bC"%GWX."PLia#,#Cu'L-%Q1\\+?-e6`ES@jO1idX3q;DoHC`$2&;;O*`gPSO*mZW<a-<-u5s@GH4<WEaHYe%e]%8B^&lm,^[BF +%o5<4894oV)9iR[PV;XhfJ9[$2=$B4)`RLpG<=c%63<m=k0a#[-;Y60rpeConlGjb=PB<SDi91S0C:9N@6*ZS$;[t1`[k-N$Y&LG: +%U5:WuICQK3V4QC>cb&W5C-'5S5A#DQl9gih4mciN5C>RXQ&?H8pmc`&"!=X,K@Zuho-IHhM_aq32bPb';R>GG>M[hQo`LZtGH)bQ +%+j9p$rY04ph9r7&W(W:GcIH<l^'Op4;F!*j+M&#uRA;5[m9_o_9?V"l<[hLZZ;Np1H<me*P9Tn$ZmgbfdIPq:(][=?T_\/+^EaE0 +%W(C=7(e@o6$@d%uc/PmnJ\5!ibf98K.h)IqRW%WdN>7]qV"<B>=e\6>_@H]8[p7n:j%W_BX.^L07"]_iFd2+7>Ge]QP7q0Sr#fp, +%%)T/Z<E7PD2_`cM;!hXeh=F-A[81YHYANHIlWn\9/!'P9,+)niI+KH0_B6,0MtWD$>$eY\]GibVLrh/qIKM.CYSWW#Z/0Q-XU-2p +%9=-Kf0ijt1Wqh]'?oui/>EmZF%H0kI9Q+s+3H@"`DY)"n6+Le7<CqSA2W-k_B1ZX3)R;Tbf[]ET+'_22$JJ'lfGfEoT0<?q*d=%n +%%\g0O(\tP0kDLKcFC^U+S>f)XKZcoA7&WK(pO5>[qiIG-YZ5!uHHbNDY*u;1BI/`+Z"dFKfLTXa4Z4+5i(:#OB%Ot1(H$iB.;r+G +%oNE==S&!t\#29[_Up9YD6L]et:=!]bKh!g]_$DPI3iT*_DMip!jbsG8KMkdjI1+]f!E+RV!E$iJ_=5"md$#_JM<h\4@K&g)9'fd< +%+BnH6flkS_!ZE,US=_g":XM5I57)qtbb.sS+#d=m0\c/b1KfBXs'B#gi44Q/f"@Eh`nC+UmP19&`@"L<(7-FYPlVLOhk^$93'dl2 +%<D1?9h_qGoiA8!e>mIr04L\P#TB$Bfqdj(lU1Ul1h1I35Ya/"2o-c0k@ncNQ.E:SDY`a8_XEnmXkrp-1Q9AOrQ?Zs5h2T(2Q?u&% +%ii<gXqJ)1baj?deLLu+@&)gC'+aW78:PbZEWO/CI6Jt9Y17"<dYW,"U#tNDUYI_WY#ShsEMAtOB[fDVOK.$-=DusT.[`VCca]95G +%>cHf,TLk.iQcKu4Z*7L/iG<B+7IEp-C(bc,.Y1)&WG^S`if$CM.ICQ#R5/,sKQ7n*#Uu,O!W<m*/_R,An90rN^rl7daY&`DITXM^ +%)))T?-gm5Yf(ug\UmNrV#F@kkK"STeRrWj`N;@LY4n$&>qK]@h1i1j`o6Ziur_Uj'k!Btf!h3/KmI5HpaAS7YP:@(68P-YJJ.d#q +%E7WbR:?>Dr_J1M&YCpifF1ELX,tD6]4W>cl/C3^r4umHqY.tB&^Y'`<Htn0Y2#<NAJup4c]i[[_+]"s;Cur>nq5YFl[@[>!=X>KL +%q[pY]V*[!HH%<rAY)p=OZqlE)U3]R)Vqa%[rOKQ7I5:/DqPr&#(gt3_Ou<!GShO2(aY:-TMY7rJ/IS@;QDaJ>"u+C[cg-`<c#?Z" +%msmJ@+hPO$cT\=Zi#"pFG-tpH4HFmK2h+.;'<OB(T3\sY4B8i0EEA_Wp]97QA3"D=Xt-c^EV&?t4M/k#&U\T)bSZ7)=l/Ki<+FUV +%PJ:Z%Eu'*IWip(^=(/Jkj\PJf6?MX_`Wt<r5AXJQ"QUu,jlWm*/"OMB'&oi(PNRG;I8LqUEgi\nOaUC=B)R//M_uC@)d+#<i,GZ$ +%Pf"2!7m<GNg!qL`dQN.gD>,ZZ(gfqmkMY4n@U5$ITO(aD9t0/3mO^/]_-Fk[fQ"X32bBbk^[ZGJ<*/PWQbC(3#-Dq8F^#S8X))l^ +%cpt>7P5#"UCNl`e>8%"JOW)Re&nVB@qU_MF8(_D4+E%VmD_UY1r))9UrhP?DKU9AA;C6_B.6I#lG6,=0KV52,eGobE#6QOR(t?/V +%aq4'0VPtThgUT;MViN]-"erS.^p=P4D9$T"qhfS[eN6KT.i&K.9mp9Q1.7s2^ZSd'L^/BAXEE^(hNKjVmV;2=OWq<LFn_]_WsMV- +%,gs2^<1<22f[Jd?MNpD\VjAo@^n64$^4J@1n`KFcXE@rhq&2EZ_ct)lZ9t^;h3+_^GXf:?6CiOO!:!/7)5dDTaX2L_0E*d2X61e` +%%](M_<QD^_XO821J#gq`%GNlNgBE2?7>0hufsE"l:`5H!q4o?NZ_\ViNbT\"53(Na<Z6:QI?_q]KkRDh,Qt,Ar,!9"foP%cSeqL9 +%+&L.0hZsQ[D?Ku&/EMs!RQ%"<DF;*#,LO1gpD\s/g3->;Y9d&6VLr*C6(6h%55Fto1%%g^X4g4uj=UUh.P]kjReFDjIPo+.,1Y8X +%XX0C67Y,>A0s`5V]F\_ioMTH/@cdEbI77)hBum&?K6/Acl=$FZ>K?G;QGYkF:A"'?"<!0Mao^rmDa)*7?895rO1Y#Hd])=,=DXmj +%=VaA+L7PKV7YXK,2@@]k1M+,19B2k<pt?Vqoe*rN1$89&D:FPB!NWk8fX"dIrC(.b=&6-YK#/h"<@Y]D,tK/R-7Crg(-j@KX$7AV +%0)co_.Ek`k3%`;qTl&0S/bG>kQ^(nef)JMTi(:&I4@O"8iF?WC"1Y<kZ4;eS7sKAl>`oO&P-GA,>#uR-_ZN0L`B/2-7,H?77Qn9` +%poNoELY[JV^pT5pIC%=UW8$%nM2aekp0sh2>7>I%qf+0UH^DNsdDIDgVI@M!@g()$UPMrF^Fkqljh&'D"W526N"MT@AiB6n7_W%N +%'hfjNU67>Hr>L!J)S*@E$ol^$kspGHL7H6>)..as`F*EJ0PC*^I/S=AhZEu+j/'L(iU)6n$SjU#/lq"n(E`cqoP0uB>XBcY/Hr&9 +%G4SYk+0gKoU0Gi#ESp?%'&;`#*ar,kfO6Oee%,_qDU.Zo6G"l1:A,hZfF5tfQ^DA#+8-k\G7:MU^EJ4k4"[n#j>=*r5?70BZW3u/ +%XB4[df`D^hVX!/SKU),0jCH2iV#XGs^Z2.7O)@+Q_9=G$Sn$VToWf\iJuLVMG<L1.LJI2@m:e*"?A<e0V[W^1$.J2`m-KOWNOi&- +%@pXG;3-*j:^tgq2[k4ci(3U"UbU*''A:.Gek2c\`&o573>!"aqdjh'tg;4T*JOCIN]*.ElE+d@$LtZr0d/fA)W,DFJg<-uV$^*cS +%ZKYmG7[7(iHek".+)sr:`P*"5bD6&a1AD3Gj<'6SD4RODp\PQZ/UC[d^1U9jih0Q2ZBAf*0&!tlRH$p2%-m.r\!94N>G_%q(>mR4 +%>PBef:EFk&\tX5dc<djCK6*iNi.UPMj+"0Q2cSD9[)dSjZQcBHm5'jp%*mGGV,pfFQ7?!b!gh\$D`qpO$iDo6>1oPTUiAA=XJ6[? +%p9@$?j+Off,*K5T,nn'',9[$a`BWr7/oQU,EdUV[r]]$TIQ3N-.(Y4Fl(!nlQB1-QM9`Ni3Cd2jZV<-9_',q\SJ>#gAfcGk2^Nb1 +%&XN"rKB`aNdb=)0DtsZhqtUY8>&#BjI@V=#p-1rap`?:F>"#t3c!3)Mp$qG!fRC)6pJnd2;_*F7O5)G/cITr*VL6OX3eAZG5#_,& +%KV*+g@LHuXEqPX#L0"*J&i1Rf=4L(D#B5fh*P,VXhEcc\Ds>ElP6eY$eQ/"j/0;u5$ijEiE&6N0!$hZ?5Sho;(N?-!YdWlr-P3*D +%b2.qTG%$YRe0cZON)a13[]c=Q,;i:@YCll)B.[bL:gP6L0ZM8mc$.(N6rSQ?WfVP:,uCoF8?tjnSCQ4NDh7/8TI9$>h/cMf!l\)r +%+cqi]5th>lO;Vo(muG_&WrV3o.lCHC_f64.?Z4Nq^H@H*Om(6mC1DXc`'M+M<5FX?Wh7dY>1,Qn?#]R*/&PWFT,@"S&!c,d*8IZN +%Za2R\95PiX([#$(WLZ>4'TOcTXXdu__Co*k>"^ak**7LArCHhcTKr_H9uQ&i_Or%p_[/,`G"CqmRlsIp$:M:8QlWg?MV])#M!'os +%+3o"4_(EN%<En'54j#_KrKP^SDr"]])"oPS6_4rigDV&^G$i4lAeb4jDA'(/%C:CPg4`G)NLuIeYC.F[?"].TOK*"cmr,e*<;)pB +%h*1NjL5e\D[OadSERSo;$#;m->*1l%fKN9"KP69D[6LOARD$Ft2iN=UA3]^L@,4Cpf&Y]>7NO'AF14tmd'p$D3Elh2L=0A4F1HMC +%+cXf+n*fCYZ5+f(X'0@H^D39>T!lM8T6Qs/VSl2,#OWaaA5Bc_\4i@'58BcNl+cK?.lF1uQ=_5l.JpJ_FP:_QV`/473AF#+>S;RR +%lmfob5s1M-(/#X87D=)uVI:dTcYOO+9+ecj8\SbY#u[O$p1`,rfG0L'WsauRR8QQo(=O]uP'A6Ul&tFsLGTs?99'rJjQ_3Zb>^6V +%0WG--(,Sg9X!8GYRD:Qt,SU)<.;!iE(XRlHjfUDC-f_RQ_QJ+<l1.;;(X"]lZ)JdH>@VD>2(>M0K^N;fpN/7r6j%Ad3Z,%+.p:7r +%(8=<JF0pc68sEY:DC0Hf5.+.e7]9,!j:N/[+DY;h9%LIPkH6YtTNS"MAk@8]603tO)dNWb/D=rs/>dHQ."dIL)jAg_`;;HYLGSjM +%jWcHGU-%Qg9_^Ng0I%BoC9:C@fO/l]*:nd$fW6].P5SAR/:!O`VB-VL<c9qe`Cq(9bJ5&4AA@cs)9$4!CS[EDE&1V?`%_4rST5kb +%*aqe*=7R0EA"H.Z265LR"j/Y\E0%QY(FlMYfg?=<@o>W`[M9$(2S5f=fnY3QArGjt@SnlLT9M-m]>1ch:S^&M_$BfO*:+C;V$'c> +%p3bP]7B-HG+%2GrdsbKnPLsXEja)L]C@Pj\BTLgW5F0NB#]&D,$#n.LW[t8BBU2_^6T*dE[-T<D7:%C2qc]:\.TIe"T6s<aOgN.+ +%p)(9rnQBmJ1U^0I.;Qr\H4'NHkE@r`pp$S:O;Ie^dDL<!SZ_2L=9`^'^W+E)&!;KaXf2EDV`I><bdL_gHmH)HM-!#:D32NCQ&4;& +%p0/Y9HB54`oYXc?[kY2_X!rGGQP[[\kua"S2'Nl.[&7OT8hf&,pUaf_Nt#@`JN0haB5Jg1*''g-4HY#>K/qsLG2.NeI97Hb6/bh< +%XtYMJ4(WSt/b+7nacC:SnG/#h=*t=f1$h76U-u*;gdUW1Lq+iRjt<Goi8'_nm-kWO6GS2C$BVlh*mYSF3@Xf`U@$UtIeI`U2I!nn +%gF_K+%bUcS+rQ7RPU)g/CMP"Vpc8.Ig+$-77X4$WflHLLZkkG\E^+H9"'*cr)UoG#!X&D+6T1=47H=*e7SeOi7H5HTOdmd"SseU$ +%&X3ZF"Cp+s?JO>ajtLjiWSX"FkAd12J=fc0A#/Y@K6GqX#Sq8$Loq+*M<*YpqZ)%15jX`>a.<a.@XNCGCta\-oE[cC^4`-4SuDRC +%NtddtCeo^hc#Keo&QXf!qO^'b4eY_F\ZMj^LL3)ckUMm,R]gPE%U2frZ)M,IHb_JW&0kA@EGDm:/^[aU2#(i)E\1eC%h>L<USs)d +%NZA<c5#9GV/FooF(k:YWpo^>QJnoE1,rc&Po[&W"<qk"Dk-g5P4OSAoT`%Z_ihn?<n07HQg?Ac52mgaoJ*_(o>DW9^DDGmAeas0M +%`_Z2mpT^76Jr*0&Y(*afrU63os*1c,Nq:tQs4@;I?Tp^Sj,a65s8INIO#U2;o7+1HEN?H2jp#*A0.Wd%R`<YK%u"$TM/V;-V4/ZT +%Hjf\YWu5dZJnAR`R$NW.3ZkEo97\JAj"i@e"F5'iaA74=:"TS*PLT`M*B\W2.NJWZdb[G"BdI*cS?i*5D=aMKh\g!WOWpq09;f_e +%bRpb-.`0m]iWQj,qR;&*pVN<pg.O\1;aI@1,j$`_3$ut:TTj7*V_"?DZZsV1%O[#H\1'mq/icq>a$?DT\QY+NFT5J38H]67$VRI! +%)63(;'f0)i_Bktp?:UHUcldQgaL<Ieg@"_0OY:Z^]%'l1PX2l8Wg4hs#b!=Z@FFhc!5eVfkr/tqVs9EfFFp_R^-l5&L;Dq`80"QF +%6]Q?0OW@POZQ_=)Ms(,ijm[G+LtlBJd$>[h=qqW+@1hm!lSs8CNDeFK3j82\JkS'EDAk^O&SKX)b#J-@2XN>k_N"5&D9g63VB"OJ +%Gm6?5mbp,j(cbnS-!:N9qj)8Qhnk]<#epAr_g'9mMS"MV_'=jU]!*/nDCn[4S/%*/(L-53"SondMG-)t!\6Ura)6Gp`\>2%=$KC_ +%H4)jNf2npPSsuFQfGZQ9kT,eDFfpLP.gE1bQspQ,H)>F/$`K__/V?b.`=(^[W@fA:X$>YC%SAo`[)r;<c5\;t78R-!o>VcAWC'a6 +%V5ndJYKs7%LV?)=>NnjBD::NdhmL1p!-_O!7buH/ek,hU.HioEs-i^4D\7'!AN0:-PmRW3,G-iNVU)EUC=8+NBbZt-=>a/,LrMP$ +%4e'J@U012<>IS))BRKB$bPu7M<]e`\OKe=RJVFDe1#*F$k3pOI-<!GDn8O/)T$F^4ldt1@.,\Ha!0NgpB1BkW,6N$7<0/<fj@]9f +%bVT[-WpccAP#O*PLT1&%*@jB%kX>2>,<99&;<2Pd%._c4X\iO;0qVQeH"Ph&&iNeg[1Z<d;0%E>#g_k)g`5o,$&"FF8Lu2"T1:iR +%C]dKa/\pj[>R6\mCjt\P9(kYT'1eq0g,'u9'4UtnfOWqUWN0c7X1GtZ.5=mOoR@2VM6J=>jG-F$6]m-Hk=SM+GnRQE@!=h&W/,FF +%Mfh@tBd`k;<mB&CJr_\$CIN6kF^bYJdM@A^pe'B,"3l#Odt9,3+*o$Z+rFb"F2`U'$Ku4-gL@?0$`OC=o8'kNU]sdsqU2'Rp'UGm +%Xc*k3KERs64G:8qNprH(YHkYZ;+dO$HG#b_V@II`R,1%",5+D!m)Wumm^8ub0J1opI'sD;;oH?Os'&0j%eH9Jhh=D<;\`9fG<a^; +%&.b)JAs?uM;T(sjH;R3pmZOme>HAF<IK7KBrI1h+EN%6'%>^%(dWAZZF9J_BWbR^N'S8Zl4?:p.e63*'HQTGaQO?(@ggHB=G?10C +%RQ]ENA'[6U5#_^5%WJ8V>I5nCpfmkTp5D&<.DN)Do;V!3*^_*8Vt3[pYt,/M,_4goTTfC(U,$d!1gS?Zn3jUVO]tLHEJ%ij4g,#X +%oOa:0*H6J@#2S'_`%nO9<s7oqIKa[8/0Cs3`sS":FN'Wi:6F5OI.gLsM1hu)9\7'CbQ3UTO#e:*aF0\5++J@!Fi'7nQ[uj^`ni4m +%^LM-LXs7B0rMcS]]Ss)cHC@R>4!>(NH+@`,iJe8h@HMD>N'SVdQ40)Y$9H4k!5S>=Q)UC=m%AcRSI=U^Asp]\Efb6G"$.k^=g!n, +%H#\'^6S-+>?nR:fKo4kJ\_+T,&F8Z1;$E3^WC5Dpj\OS^KJ$Z4o%Gd@/TUB"nDeEsQhdOhdqfA67eK1\QRLk@[&f(*k;)QMm1qNp +%2\_m9eU)pIk`R?G4G1JRmJF05I+bHC<B&ZjK<[:hHF*.#Y.+D#'LEAGH<3!a4%LBNqJs-)0Y7DC`tm!UYkKU"(TlA`&KUa*GY9q0 +%*.he6-qtJ"M\eba-+]f.a57kcVSgl;8_OtK(%c)9VMFXP3)%W'=9Bq!a<6OG<(?W;'u;["/*JdfCb^8Y)lZUH^YmY4N`>HO>o<15 +%^67C_<e(hh@>G3[9m6"nn?kI"a9?p:h8ikY?:jO1UN4M*4+aGdg"\Am*EF5n<'W6d01(9-'`@`q_lSa/N_Q5hXE^1X_BS%lFkQRB +%5_Cb>he'UD1lk7]WA@dqB"$P7G0W^p*=J#j.qO>ANZZpJ+3o7,3Hh]W[j`WZXLMtsXjHC<pW>>+f0OJLS[6%jm>32s@<VjpGQl@$ +%UhF/+QmGmi/T,P7/dDhA(gTZk;/>6pZ)C(_RM#FQ>GT!s#Z:gX.c0@BTD/O1cHZ8=_>bpD&+e,](0_g4SB$2E,i&<nna/<EBT8)D +%RXS_T^ti_3lR"!:r2J>]kYho&;3@%6[m)$ts*[Acs(C9^!hPl6aU*3d*GK9c"mFtWKuLO=Y5)W\I^GB+l28387jtko:VBo$.)MGK +%TYB*d>9&Bt;Q;o_c,3R6W<ruK<$'h.%EXg!:[us"EfgaUI"i$LjZlf>i<5gI!O)m1_IhPfPc3HK`/1%%$'ksO-N/A'iY6WLl*k.k +%"P%c\"1A=:!-+6?.;;WA'RY`>8[Wt];;mjtF9"TdB`D1N(20_lT%c#a'Ro7R-+:ngCt*t4.5,=N;q;Nb*4;^fr:g\RklcRG:JW;` +%_,8GISp2M4(0&nWi]89"6/aY#Vj_A_%u[uT33qn%n?L]^.uY#9@C=[L%5;=hi8mJGiLmT]PQE&J1f-U5Md4Z&#em3dF=&`TLK>B# +%1:Z"9$O(a.&WFldkMO!*<TqUgFp2ggle3(DE,@gnR2SjuP<OG)4!!Ni7!g?G`1Z<1J=tY>6BlCu4<.jX8KX!h=P5*S$+@g#k'Zq= +%<\*:W/nmjZ(^Fp%-0)dX':=;?R;bPg@h1qmEhPd+;_qs`h<pLDJg!e%11G2Q85<.fokm0ZCW]m8`%gsK!aT_Cr_>,>H)37)jS]Y& +%He?u:grcZCDRR6Vi_u5-rn/(E:@?$?hu7?BR&<To4gX4j=2hP.8'*tP6s2qnF6a1Q\>3*Cih,!R;"qOu4A!8ZZsZ>+L\i^_8W]!' +%o0bFm&I\pbEE`YXmC^URWQ=&GB/b!^9rfmjX7&.t9ANs2)Yh5^1j#bbg&'DffLp:1]sL>F%FTqX+OR,EMjBVc'NF)n%$u_mc;ZFt +%D.=M\p!(n8pQr*cJJZD%%\Hr*U<#$61s\+4ifOA=mD??ggj/OPl2H/!n;_3Tal,5QJ\s8Z;2JtQdgR'\r\@AE]Bq$gk"h\H8qZ:M +%&W&g*KHHerd8r?QY/gBGJU&-fH&*4TIFZ@YI(O:C9A5&]JOOJD@4Q\h4b3tl(AYDKWuODhp[s,3rZ#65[m?!-R+4j]!%K//_.Dg: +%0,Ic#(W[sDO&ELq#!JhI<-#L7[e1_g+4[R+Y5d1;NQA[l5j3eMqWErpnNS\^B#[VHU&-a*"/C+$%-e-UQ8NpiWlnHomG-$OMQ`.I +%;\P_K4OLR^XNIc>lu+,]ooZlf2Apcb8DYq'5umBl)ns"Tl$<qsa^2eg]Yt&^#JnbkLeYOQW!FLsOmVbq*KKIl'MRR'Fn!<i$-j[+ +%Fgl`"bH"\AH\i=>"%rMXn^#aZ[;KVH<+rf0JcMAN*9D)KqAISk0<\jhOKEeZ_mD9.nn47mTn2",,;.E'`FNc>dK32UH7[l<Q^me) +%#.$ooJHTj\Z<NP.7PU:.N5i[Ec0V<IN'%lherOa.]"S9,gjFqTQ%fNr>drk<IR^q1aZa\@@0.62d5_pupduR=^a2[e%'5Dk@G%+- +%;3BXi0CLg&PFLj9Vogr-Vu619;D0YS,a:=QWaO^gaG;h\Yro09]Oa`:46hUfOU?0#in\[C[IZfo#C.&dGP3s#=Eq*o`F?ZLH',p= +%@ntpAKq92+,M?5dMa5H<,7CYZg\+X`O&Ut+]\S`2Ye)ta*H_-&bJ<kWp66#6ba(6#HEBN<C-(.\F`UYN&fUIDqi4n$m5%Y0j-jt] +%W#`b,fB>f]:6P^2mWl<ZgHaiCpjVQjW?+-a&d#u6/QhlC6A,S=1Z%!LTF58*/VqfQ1)uh(Ej/nA<`23nF&ZoE7F8`dOg)0V[Y5iQ +%$;hOA&HMKFm)#Sj/o[tV51$%m1M/mQrE"fHF;A=e=#?LN!B(mp%=72,KH4k0-?fE9Wh9CL'.sfWaIj\s)fmZs6Tb5+h<b1Mnm^Uk +%g:?5M,lqXMqZpX%#%DHb(qDFYO.`@q"cWfR,slj&:G;DHr7>+10F4.O04m*h8!gohAB<@nfM9/e$EBPmT[2QEl1<R,.U79l?V7.0 +%/GC40`!EJ^\r/]mfB!J.bE&i;SGPZ%XBYoHEM]"kMdbKoLO<V./LE&Rj"d(,!@@d^c??I*P+PEp<O3mNIXlSRiCItA7Fj7RJn?\Q +%RXU6!U->]GUSf^TP+8L&aOI(h$YePaTOE+)aM!Tc=Y%7Y+H`RBQB)]h*2&(.+O<<=T^-kT_'p<$Gk6u(ZB-+7p4#.^Ec<qN/r9Qg +%ps`Bld#JA_EOI6CD!3^-HY=R_ka6X;=odC',nhGJ[0.PG;e%hUGAA%a^R)6LFSbJ8ZM?TQ>B/VZGqK]X]/bd^R+P.*=8082_g,L= +%#=VFM^h28M_*TamGi#<L7<gD$e5_bCcM?u_4e#aVJl)Fs!R\)@hS0/eh66!@gA6TA:gW3(:3]Dg=0RoFY9in-$C\9Ur=Bf9Z`l_Y +%G9&0>7'pYRQH+2"p:U8`d*(egC.NY-a&<E7b][r@;`J,)\a/4h(%i9$N(:WFn+W\;MYQGSmT7^n@*n%pT)^VlDRZb6FE7!,g$?bD +%O.GqX%Zgj]a)/tMNh5n5<!NLJe#Z!<^PCdU>m>A28K\VaZIu62JoG%7),0Gh!4u!t/QGH:nM'>C"pA!nk<BOo;=u]KYj6J!bGi[: +%5)14r?p]^d`?nr>o5Y4.c'u?pP^u-noL5ue/-5`a9B2Ik)pgGWZY&W]\#X-CBV!/_O0N7/)@+e#Xc_Y,]YOmAlCW)$(/^c:-+f4I +%&Yjq"8?p.JHJ8>DkN0XP[WXX61ng03rbT'EnK^*JM!nqMS2E5RI40qH\V5;dYgA<p#6SB&;jBc;O2'N=..%?qD#"hhk^J>g(5Xg9 +%1]8MUTI=:"c<_"cnYHd[Ms8PQW2a?hE#C!PIO4^i6G[eD:etl3O!>>6l(/iI4htbAhX(>FIn3OMqTu),)dsQM5UgP^KW6^.RV:<+ +%FgK0F9c$(4>-^>fXtZmqZa"GKDEn6EbPSQBqk_?p)@4mY(UIRD3*=1s5]a!]9nJ%mHS@i.MB?&7`>5q#nAiQ=fkS.u,[#;0R`[8P +%`tb@1LUZTj.>]0:WSk6DembifWRDgPR`h$Y7bf^^P%JV7OOIPjkXin3:i\P`I^4DoZm(^W&J1`kc!El0_SmU#3?sM?0h0Vg<Ns/- +%=[MQ=87h7"lV!K@h"H)X`>`_^b`4oIc\VKZfrle`m;\*s,XF4gATSMW'kqd[COkQ/0')slO<\qTQu))=Tp!G4\^Rg06&6N4WfA)R +%g4(#)e9c8l2&AQ$raJ/K!B$N:p?>(U[tsK6F10U7d<o"uUcX?2YdiU"UHjkj:cuB$b40',UV]nV11SWOhhO/=!$%#,=JX@mq[B`[ +%:(O!,,?V(JR0-+5-E*`+:!eX*7`T5"gCus):a9PS<lfi2g<si^hR7,&%PE<5W,^ng)2uKSTJkSJ$%`W%Hkq(7\d]C]A^]7`XqC8X +%0gJ;s7[Q1jnA<l7oMgMsa8336Wm>DoZFZ<EA\A.ml=.gKSbm_%=a6"#=\&gBn"M'b"X/b;Oodb\))Qb>ifp']7Fb'K]3<>UKeeXr +%.jKB^TOD?;me/bn4uo[]_e`QM"0F(`GERuj6r<WU%b`61>#"I1N(mN<V4BiPN6c_Po.a#7Z+l<aart/&<hk6s.H#];C&P$A8hs^\ +%`is3+)`<sc;&L'PhE`B[W^\R;LOQnJ$eA>OO'lu%giH&[,tZSa:3Y5'6l8nh<PH0/+gKX^KDEa3aFUcX@3D2d;Y*[.\1PFHTV5Ju +%gomb8F<4'Y#>cVLooOT`nA.J`0[JZsm]`=JWsUq3Q3;h[l]lfYWH->nYAsP[a*t.#_IS\n(%t7AoV$PqJP[Y#OBL4RTiH(MjBcI$ +%a+9/"8ced/J9U8gmRm]8_b"#S*U3.s!pL9'lF/?C'M8GG!,?2.+?,u2[G8LU$Q8,]g/AiEmns[<o4GhT&*Ij$gX8:?61Yt`J`uBb +%r%23?:M#UPQej<2+L^Va3'b_D]P502.`4n\i-jtP*^!ETVl=dO-O_!e*@JY"DcZ_PB`QtAidMC@M(^j`nMgJMc!uMp<0?tYjH\86 +%TWj$Lb=hd<..#HgcJb+l;t+MR*W2_?d=/WB7T]f$SYEepp*lsKA7T`6G:h[]eLrZ.UbhW4j&"u"`.'4/>g#;!%N:(%:&99Sa?MM0 +%ghHL>F!B6njtm(9*@C![!^)gO4(H]`'%GA[`L)-^R_=M8,ET<5Q-/6si=]-=<eEekdfsT91Er`ZpNnoXTVbcoNW3-dlJ&RY1'gFQ +%q>*A_bF%bu_qFDu))$.hO)Kpc'7`!M71T/=E/jg$:2N[A`EH!U0:2V>&U_7l-4RE]#i]!!.lO!&Js'Yip"obihdcTKfP1B$Fg\qb +%MGur0WgnG>#$.oqrYeoEY#<k<N1V%uG9_!mYI]8rS,9'oZhFU=V\Y&".Nu^nXl.P&,HgJ!MaZm1)=n<M04;2Ylg)X4.Sm*OCuD!= +%i=-^L!G]hW4_/(,Ob4c"E"5f<SJLgP#c+iO7HthJ/'74\g4)j@RA`o/#fJfgXPN&_$b'3#S+=*QGGBrIZN`!'MPWVqaO7ciK:"=B +%cfsP'^=gl"8/q2]X0J[#)GmB"L4@#_s.us_U8)eHT'LCL%J&=^&*ja[<<e;dOI-M/e!>06bMHnJE=luOcaqc\F3\lZHkL"\/6_Y\ +%aoXuXBtf_M+"QS<h>#W%gV$c4IL+89!\8e6)Y6#3n?Qq.b_Fh]MrEc#D&<58=^*E2rT6Z)E,5Z;@9Xsr?2is<Go-?6T]FYAN5De- +%Wdk-K`TemWU;F7O8-mjTC]R,<h"4[/ISP)']a[i;hXVFQ0RG-Z">^V^If\'-4KV#\n8A(8+M,n'ZAr$U\0m]m=P#^'9*!eh?C7>1 +%YYi<*F/X)[Fr_W*,+la%4Pu#5&7O`1e!mHUI1^$E\%,fpnB/IjVu^O_@KKWCSIpX'9ap_sl.:loQ<Uj9?lHfb#KUUTo4cI>Ef]rZ +%E=]u(N>.6f%^_Rg;a::]Iu2eGFI;RP_;O!PG;f'UYM_,TM2J[(:ZKb%k<&QhfO-L*E\e9.HBHUWi9XOiK`MuM95N1uSNZf?Ok^;' +%Hke>cOr>nB`4*?o;ZZ/g=Wp#J9c#ePmukXW3#S5ubjKS3q_m`K!Mfo)^1fL^qtjXO=pVS$G+3L:K'dG$!(?GC-FbQ-il-"8B5S:( +%3+fEj95WYrSSie85.X7\,r=)(Ag&A"KUDe5A(:bgg:R%to0o+ejS-hG.6Dhu#/@h.X%B#*/7tDOI;JMt=%1kO4u602Iqp\iR5j]] +%PCOpi)7[&NTghhHBW*^k*(&t1qS[n^rq7,@\l8WOCf?PoA?d^dQVrpa*iEF?0g)UCZU0>MGZ9c:9l(H/n:I""@HH;s?b*:fX:\W( +%pmIUWmK%(tg/]tmcCN_A<?p<X,3QP@UA'd*%\>DJ--Hab$G3Gt_'/m"#N)V8)%c(Tp\U^A48'ZU^qF%+NC`c_lti(h,GdJMc(jN- +%n*_SCBPE%67OD*K1oU*R;>5rl_4ul6(O=FRjjJ!Yq^@3`4\,!=U4j<.R+G"l7T"O6RaLI^#1tk:Ht:JQ5<q">pTB/7&KutNAgagk +%5&N#0Df+]Ea[HRL(W(#A$01nQf/1-;#C"nW?3tENL.8s#@-mBDDsieUH#:4=I);%q$?hosI`RJtBrjFKl&-99rc$L9,m[@ijl=.U +%($oP#@'d^+R)r7-FubG(:%Wt)`a$?0V&TgBg3$1VWPE7<=Rj3QTqlJ7M!E&<rtTbF_aTc(@4N&nn.hp:mad=m.XT2gVk6?s`B,o7 +%6k_uVo"<;-Y>AHT\"bKj[S-YdZ&^hc<X+>SpTo7LG*7M)\<5qt;:Daa(P=ZsN^<7NTg_9-F[KBULW7Z/^BHVeDQQrsS\)X'Y.d2# +%n'ik5BUh*-@$6kG:+L>A-au0W@S&.ps%iF!=8)bC=_VN0I=IHG:?)9uV)7-GInZ2L1:0tJCf7(u;tj\)dH1U<UXjXPR9[)P-qsjO +%`I/#uCaoggIb[E)\`G3ESRf"@5[Yl9-t<u<FV9k7_d^YQpqTjML_W41N-\*il[@Pi2XN#XC",nt?D%t:n/1ef.HkNSUY?pkI/s,h +%%`:+!rDuCTNS_d"He>OGm<UMFOW(@mf4.=6mF24TeAlDd$uiD?o(gRJo*nOsIgge:<8BMS.@@O2B"?C`WccpXmsT<[<LH1+d@=H' +%:f/7)dt`r/TF].M7BejaT:)7%AI'qFod&l@)\DgD"RMP)a-Rtb5kQg4ciVZm&U8u#Gm9+5^8)#qkndbAiF]UNpg&+bB``Mlru1N\ +%n@$74n_k*+##MP%,57;!$5)\6pU[usg)J%<AiC1qdb'l@!&h;2J%qp.]I,]ASD2K,cQAKYl_$1Crhs/DDEI?iIM's*=rL_QbWA\_ +%p:c,Ohs3%^Zhh@erSl)]'f`;\;C//O>nhY+k2l.*HOj@6Xgo#1Ra7WPm:E3Zp6&";ha:A*QqW<S)+_K-a-p7e^q!ggfB1QLj7RG? +%O#cIj)e_IffWUt:J`ut!@j>9$`rUkC)0@c5g%OD7\Cl`s!L%B#61jQCN>+A?(pDjf5/h17l.B]Q>6mA;O=elY3.\kWNVRnU\FVfP +%q37.ilctVjm\"PBb@J>I9cZ%u+t0BIZZ(D%'LfZ\^oo1(T]@&l&s!25pW0re38:?m3&M"L[8AE1Rt\D35s/aN>HZJclYK>2h)uUZ +%T4#ee8s&DJPWQWB#YupCmL)IKA2N]N']Q]%mPdnaBV,)%f<tK;XpE"l8=AIEdE$e`pc4cOU<Bc,oX^T`MeVl,/lkYEZ`JTZcMUMc +%qn<=W!ss/nK=*YGp.f'uH:d)EG=tKTrL>DHA[uQc.rgEVLuliB:IA3AX+<1OitgFA`&6_K6!p(*epMl6p/*"-a)>it+9Un48Di1S +%Wo(Ms=Z*]f1+RP$=".-U9WOZq^l.%%\KU,%+@>)hA-E@53WFHqK,NF)kB3VOi*Uag#*#aahob6BZ!s3IfX0G<dg*I,RDiL'e8_O) +%@GP/3=0l+"-J+FgqC]D&P'^fm*>\D&QN-pDC9VDBK6kXBo=DkFK1q[i][8eU>8b'_6snE?";=9L,J1ZHBeAJ"cDT]<^&3fbG;I=9 +%!/?RPdGq6)`QlmJ!*I4.R!'\3Wk!WW^)-4s#L%Dnqjj.JDsL*A!q_poD.'ttIiE@3"*Q#+_V]aaEuG.QG?o&7a"L&m:LJ%+(QRIZ +%bBCXmAd#["j3udB(REpHobVkS15:X.ci8Gg9sR$LSW#)^EEGLZm!fK`&H^m3#:P1GOs\P4_sdfYLDN5_n*cU#%\VArOO5/oc4XF, +%Nrm=R+ZeE2?ggbRTuL"6j'M`7W+NYk)g+;MBJ@%8qii[6S?;>*ObKR'H4%n:\L=SlCE2cLK%Bg?;:;2qolY?:l!j"DI-khmHY)OQ +%9#Rukpd)(;j.;Fsi6NVk'F/KREsmMDm**RB7"ZI\SH.qkiW)X#iCY:maDTgl80R+$hj^s#?<0g.04BCE;\jheWqXuXKO1p+3S0`[ +%/;''rr\h!N/KLg,]C#=ogqT;ZHe`9@kCE!/:j$DFH.a#7G)i<;p/@oLCKN*0CB=Q4=;PY;3P8^3Q6T1X3VPm8JV6KU8d>=?&aSiD +%%K#MpF\6]4NY=HrIXf$T\:(R-.;-^nN4K;``2q6>gY%Jq:-G6$1dMKrbg*&F7,J'$l5irRfFa?Rc(t*oLEJ,%+meh4LQStlP_9K= +%:>Yjo1jDo!1/^NnAB/W97;>G8O?k6`>)@Y3rk_DgLRh\`Q@S@@US:4@DnE7$W@*Vok>FC6Pl8E9*"?j+UJ>f)%LBKn=c(>/?)Wl8 +%38H1j;(S>jRLc&Job_h`H3WNgJNg#/>(oIC3i(@Wr&h/W7ChKqU2ELZIsbu2FiqQO-d+=Bimq,7M=5;OmbkZ^kMGkrWOit_a2U6m +%'8ZdQe8u(@OUTrH>kI:q!i'!]K:rdkQsce02M)/#/G].((WE&0C2JYAP[CAA*oJMMpbdqc:\"l^lG9"cN1?X+QR=K#Za8^ffOcEZ +%haVVCJbh27Ca01H>M&O9!.Rn.gpIKG\R1#ui2^Inb+rqs_O2E=_A1j1HF]TlGn:t)fP&0Y@^-4ZbOk:((YJ1.n$P5I&^re[[\jA< +%dh3Se\;jt6cRE:RnDfDHlWBDKF^:'_7tsj/qKe>k"W[s%QLLg:7kqf`&<B+3"apRfHUi>V=J]j87]7=PK%Xtpl`4r1FuTs^fW?`7 +%m_\D6a0(r0SMdrAP?o<ORdtK)]Sp74#;`df5]JCQ0?:Ntp^G@dkUGFl\X`I(%#e21*$CYBn0VA=Y2Dfu)&5YdN^"W?gh"!1U(IBQ +%'E-%]mi]FRY=f%49"2D&[5(^-L0i)VQ<aou4knbUL_i'[i'V37HscjCDQRnW;Des))M-(jWP/]o#^Z*;K_G;JZhh"td_Llk:@ZPP +%Z(&P,o+N/)GlKUY_4TMte\"rj?7^D+UuiR0.(-kGFc7u3,7K^*Fg:.7B[!2FI=YQNX\moij/'b.:_F[o*NP-Hh<mMcQ)hQL4p0oa +%#Zkq1DrXGbWAWA%c[/9DK%pqJlIIABl=3oPQ^Ou#lfq8JI-=.'Wfl)uO/_HaZLJ?Kqe[MOf5Y0(JJqao@'Y\r4ONPZ*HTgSk@$AA +%_0p[<:Bn4G.VSb='OT5QfUg-XAAk,ajQFKCgfH$'E<e1.@\#_p+ll5?[":IBYOg*-eNJc(`nK6IJZc.\d'I0[A0p9H.+Ifo4-#SX +%.<HGt<2$C^0UO-P:7AAf/:L)Lh\MDiIMAXUT'5?289-(t"q9T`5skXNr]Su*bj:[KTW7fX9n%32PY\\Ib<a@]ro^-6:,;4DVlXM* +%g4SAD!e1@us/"qWLnBUHB7,<a>_oTN&'asN&"no0)7"7_ga3g3T?]EcgYh$8o^BpIXkn4R4\\h&$I7F/bCSXND7>0^%r[89(Z?3? +%lhV'WMJ-f<*c&+G)guQd"-',@4+mT.:IF#)f<-$?;>d#Dpc5gss0)1_?gr%6#C9>K[srk0s4dSEofrKJIsh2j=BEQCIXb9?o!5Iu +%TDnSg>>YJ-^uTj<@/>ZXE7.1!Va>NAk"CI$?1:dBn`X"AeX6q1Y&SF2l\F,D[k82OQMGb/it"d.]G<Z?Zl;6?`GNL\`_cAEfV3DB +%mX9RAd7HtSJg_e_\E;j2/,phRSleZH`"5k4J)KY@K#\Zh2\*Z]=:8eblGl`jrl?8BeV[j2q/4T.f6%SeJrAQO)]\8K;[O#=KYlXX +%8oB!bBM8u1#!ad\h1P=40Qs->C]oY9MWQ-.T7:NjpieCj_/`=gC9<KR;)6q$STj$DRd!ln@]E3dra=FGB(.:%QGRP'@o8=-WdBMU +%ii\o_cKu<thGbWmi&Pp85!SX9;u^i(K9;Fb2H;)kd7bL9nuqq"D#WA"h'!luK;Z:/g@@<YO:$R/#;]hY`)&-Gm)!`13@*%Mc[6eh +%io7GSNG5Xj0,X8IYgDLnn[7rsac4oe-dWT:F3&].(Jt=?M#$:>BOlinN0;^4Hq:p+i@%X_ouWuH2$$K;rii2`h3ajDD"l8ll#q3? +%0`;Y=`,I1IIi-W2)Xp44%,(\5Jt$-I+dpA<FCdW,g#RPYe/p"d%_O$rn?DY(I<ah:dma08^r_8mM_6=46G=0r(P]/=mB\U)BB\qh +%nk$eB$K$^QjN^pHFQ6a3@HeIl<@p@%HY2B?@L[_[cgq%F@b,%gAI%Z3P&H?l!uAR&l4+/lA'hu1@VQ#Q6WcmUi2u?"iku,OB%V@e +%9"._?%9qtip.2kN0[A^`L@O2Z\+Ff.k`\Nf*9+8_6Ns2YIg/CmeJ@&^G8JU',DVr(#la=ls.p>>_PtWq*@'(QQt-iu#^,nQb=;XZ +%@8JpaBQVb(WT'FG?UK2e*]aUcS&]u>YLOaVU]WL!%oPk\mg-NFs5E%dkBI9[5G71&pZonI&lcO'@m7U?C_GkuZYtqH<<U]fEhCB3 +%Y<V5%C@T\7jkRDOO5SXanNI>dp@*JuhP2`BR[P=*'BXE:+kk\jjrY]H`*e4<DLA@Rlm[Xk.7uQk%KWE-pqt9aT^8GKf9BNdF?ieG +%M1tEYSfSfm-]Gp&gUf^.r<cl7Wq\;FhBLU_8+dFqEE\?+[Op`2a=5,ODdSU)JLTX"..bY+2KqnYqFQNf<!4$hW>P@%+o99+=$BHc +%nJW*u_#9pX&1WSO^0iar)CTGj&2af#88L0<g%rUdVH'jr']T7FeE7mdp0)#'Q"4gmWZi;+:S7R5>5IoI(B^bfAd3I^;9XY_+0",B +%1.aB$^5b??K"HBnfN1H&,N9#V((gT-6i^_4BN/C81>UP#n/S(Oi[XB$LDPgB_fXjq-u$UB7cL,N(pWT9p\P3P%5j#&]1J2D*dr\C +%j)V`C10C<>n/C0XXN0YO=iK8p5g`h"_Fa)nfC6jei6-4Sro+W4K&sLS5C?<L,dkg&3Au/)nU6!pb=a+9%-tsV2)B@V-<-4`/dA#= +%CZ`26e.c5Dgk^u-H$6f8)*?qA^D?-@BtjT]>JNjp.mi%TkL!a]CjmB)W)qA]c&<h\!]/suq#Q/[`:D!HHpqnLoW#mq1^CQGO4dWI +%V];Ff2229&q`j]\Ch9Hq.-M]o.6:lSnD&MD7o-?,$XnR`]#j+^-K?\qi`+rR5s$IO`q[G^lJ8SgLb=b+oBn0oF)212De6UImAOOS +%/PELf-\@hsZs'M^6PQrPi=@egRVD)Di"achC5ZK,R,&of&B5fnPquBA5u)@a]h,@LJuI@NC5Ajp>7;[`4QN@ek1?Mu64@;fJXd;' +%3I@@:;#=c#Ti3oR56r.!$0gZo6)pMc#g0XO/D.EEIm=O5L=fcN</FH1a'/)CE.bmG+dST,@kSb2cHdL-O@p?nkQ76rr"fb)g53]" +%Z-q!#&u#go1A2.Qa>3MU7oaHD+&[#_S<L;-\hME]jL$f"0pcPC!:Yh0fDluMHL]BY#&,oN,KIm;[j$m`&<@QeK(&b.2*,-roLZ7e +%Eb$nN:SK`]2NI&j;KuYlq+:H."PFKH@%XVG,]e=V5>o_?8*q%O!-mco`8l%JF6Jd<,C[DBe$a];'_UNX+P-9qgG/n4#EhD7DH6>q +%nOlB-"@)YNb>#GX'Fp(G+rB>0UI7ZhYEq;N+RMAoR7<5IjeoaJo9A!X6/b_PFKi0M_F+"C=tV)6LPK:2"b`R^`dpA$co,(5A/SaK +%;[>h13&<_r8?G@QmVCB&mJWH;6H@Vg:W#FoW&fR(k)kE=o?SC#5A_B"Zlb0T%C3,(E3\(M7]?.A7Jt[#Onkq#3LKfM0g:4sgF0lq +%aC[VV#^3-KCZ4(J2.Z&ZW\tp04]S%=%+\j;l"`Tbb%HI;.5GNuFhN;\ls"TaJ[Z**.YW4q#/.lEW(h2'HW4LlH#j=qLMn'f2j-;_ +%5d?T7G,V#n!\+]TK??*M8PMS$%8W^pdnWH_72=NDUlJUU+LbB+KH,'\!Oo_M`mKCfUH)4aaUt>'Bf',8NrA]8\cPil/i"&di_2bW +%%,j<\2.(E2@)r\(I@bn>^a^E8%=of00sMmXQc_VD#",5J`Ub'Yo?(R>j74!FXq?k6Cm^$*+"$NVY!g.Ch?Q9r;$g4Q[(3;)%&L\L +%)B4*cWkFcq8Q4<ngr+6ODt#ms@pmY<:<@W$mL_n]T]U`I5!i5Wcgu![DL`.UrZDm.5homTq4u&"PM%!Dc[*>.IJMMjPE-!4YT,]+ +%Kl_AZF-RF96Vbfp%P_u0B`jl[<"^"@0#Q/(PuNc'pHFB"b!Xqh/oZA>Z8RXG\4!>mIo70`\FJqXiqnbU[Ut%DrZH&XOPooQ\&$<@ +%FRVS#qNWGFM$mM\gbp?IQ?"Z!Jqrpo*fWI3>&1LHIW%e.hiC:X5D]>X58#\UU>-[5s1T=W8bV9g`%Cbq)t?DnBJNZKob;0rppkP1 +%;HMoU0<(1c1j@J+XBkMG9Y2W5IS1U=,=d8uS<V#gp$>qAH*C0ANJDl\Y[m!G;N.n$X0(#h^^K;PoSPlGNd`a^FlmYSTjAH;^cd;% +%cVSH9K!;A$%Y9&BcXHQBQ<96QlcD)h"E9aVrTl+l2+@2R\3:ZB,:M`j?#<-J+XBj656uVR=p8.C6(>(('Lf'@S07e2r.BLOoB>BB +%n,VnW8TYRB8g7i0$=NicGG6YWjLE.>];LqEf'ur1]ABK]j-'ajD<g42>K^g?F+.sPXVO2/Bg>j=h3/+T^p^=ib2$TO.'>T(p!\6M +%2Ap#M*);NeB$1H4g7k5YWOsYO!,O4`m5g[>*e6q'#qW)u0W<MMJsnOmp\-.LnZ!a%G:"]7,4ohs-Q_I;+[ON0]oI'Sn=8J04G'@@ +%"k2]MRl=I[DNMEuR6qOrM]\1+%aJN?fnE*aU_N&#%H5rGh6W1XGl48]9M%_YbP&GMVV.O(g.`tI2qZAMa8HlCO7,Wn+B$PN+Gtbp +%#YYkY>m>KZOZV,T4mPd+;gF8>S40Q`bQl8HJ:+^NY"57@/9L1*=WFd4UY@QpUH?Cd;,$0_s314Dg$uXV5)V/$fmoR15P"3IVps>Z +%PG[s6j2inDf6nC'HXFbdO5&W2a@2EZn,'oNcb.JtLc9-\UG4T:IV98O?IqVaOPGJiAW]j'\3\_Peg%#%6&[MGmA\op.1.oNG#,D3 +%N*VW!+Q`hk!d[!j&n\CmS$oBpBRpuTh6]S3U-Fr3&*W_Y$l4VAnKSHmn*XXd[>:k%T!6g.mY%_@DP\FtL9$;u,BSh__)uc"ap!aD +%`Y3sY68\CO)#(-^H]3hpZR6U"YWf[2AW>5V0GHfo`Z"18$o[7:BTp.$:@&RiV%Jfjr4ILjHRYAafY946K*TIIq2VU7SEa]^A!mtU +%XAKu;G91U!EEm)2\ZN.MYaQa)'b8D\]PhT=0:dkai^W:BWh-;_=!M<@XKlYT.occH(I^,Dn<ur]&8^o<X5uiKlrk8m)jh@ls1_oN +%G>\!#PJgPK9t:'VJ*")J/RWW/qg%Yq2Qcu3gZs_"O!i]Js,hBZC2U1&^8WD?W73uTn&R(1gZ3'E#<$j$*tGBVAC.#3mrS^beLqKq +%/qpW**A-*$Qk,:kD]1QH?6.\eET8*fI=C=K+>,bB*2ZMY:q7Dm?S+4Fi=@>bIro\oKa2Tb,7JquFf#pO1($I;Mcj6&XcpWm6We#e +%g)>rG&SjnBn@6SaKL6[rLm@4GM3K8KGFQ8?WY]UZrA=iR98ZZ]'-VH"-A+("Jtu2Of%9kfU#.(*e!<$R?S>Kk*ZE)Y3UT-GU":OU +%Zuq\2.u4'q/EL=1P)NK%*L8JH(;8%:2N?.b3\bq=+3?(M#WFk:I5e7Z!kDI5W?E2r56VDndgsf2*eClUh)'KF5jXZb*d!T`M#g<m +%pk)3JZ%K)p9.coAgLM@L?U?Nk6gRkZk+&D&@eYjJSe6Tr=NhAb3tIJIOjS:JD_.I#9F?r>O)%>\eQo$U]?p+2_]<I_\C5;2#H_jN +%e*A"@DjOY3F"X*Ph(^-km]j<ZrfsreOsEE+Q9Xt7k!5q([N."ED5L@u+R6O/[CO,4HTWt?,Q:N:Aq?9!(10Xe@W%94@eC0cDsoo_ +%_k!jN$pgNC2Dh?Ff`#O/(*6pa/%iR*ngG)(kf/l_Hu`/(1A;rrdV)[oh#,[<f:Q+BI)\\is.<<R4@C];'%BsMat6-^DDmGCd*8GI +%!jNf`k">5C-X/Jo:*qS%ReSj5[.=jrFm#YN-f9t;is*7+rcnW+b4'\Z,]u^Z)+I)p3U"dVg:$`$VS&\DD>A!C^>mC"ff\bhn(L9W +%gpo-<nCWT:L%)3.]q0nKIqI>rs*j[3,.#NR2&=g2BP;2H5Y0ei1\a"Pcb.jPk3FUbH=V=^rtG9G&(*J\a7VJ>`g2;o9_EO?;C2DT +%Uq^gM1l^u0CS!q5=05-poOA1#-/b8@hKQgTYJlt[%Uli@2N(/<?Yd'07.JE4EEb%'S!+ko%R/Q7T['$G2Hkrro.87:1Cd7adL!i\ +%O/&JaD=YNKU"!3%(b:`RCY=U)ak*HW5D8MM5528NkNGr)rL+N:XL;8j]d@'R+\=5+0-\rb*"[2P/88t?`,X!O&H,]Z'#C,sB66a$ +%lQ.k6?YFg\r?1$$ZaCE>+'6-1?M?2i7/sJ/>MVkNE8GCE2r(,?<3tdOe_"BBd<8c`@g(J7)ZOq?On&HKW$%B8Xnabol1hG1Rbj`L +%F:^Pk;<m3)o.@kTo[oj@3:r!_`!D80B^!:1IS''!Gnpe@o#dSpOeN[DmH>)al#MIZ\AY%E$]5rU4iBBc?\b+2VX+[-Ch]b*Ra%^9 +%F*!;U?ASC?b4IjnqKDd^MHpN]/UNUW=,nMim&=kT7)4aTEuNbir+Z@K_@j!8&XRo-;\&-naE.7$la2D0P7Y3O'MXP;B8MBhZ'%lH +%LsLH>%t,GX%qO),9@4iX@&P)$\@HgT.c-QW3:1?44(Xj)3%1Q%'V)5h(q+SoF2"29681n]im9,]aeOE!F-ScmO-@Ir*JksXN3Alj +%]#cT%hg+kLDT=@R--(5:/\l+h]3q&(N9>Mhmr='Hq:OBq2<mgidR)]`>#!WZGb96sp*_AhCH\,e'2+9@?f?,?*E9An&>KTt!"s7S +%0IXa:7W_(0ebNaNf$%\ehHq&:@Q(@O'(M^$N,;,GqEW'%B^]rMTET?,TprnAg3:)T&t*$);RmK0\3IZh.`fB&.k=d+J*4c&'<Mml +%#D^98]f/#K:)iFdqp0=b/0s2nIi/%=B>R6('l+"^+,;Y,7(kh:jdpX?h*.\H,'h_pd$0N<S!;1Ib+$QTpH*@^`V,<8erW+Lm@@^G +%G\feYRt;G":h!GrmBEUZrDNUIlXoDa7-@QEL%2(okT0"g'*?Y'&:[M,=A-W6R;MtCT@adVK;7Er0"X93,2F:G6i1ca,>DJuefAJ+ +%46LC88[8)X:XZf`\:\Y1?K8ZS!)14QLd<4Rr8H_rn#![a[*l^VCYTNW,X+$KNSq(%A$5cEd'o7"H\e+=k$k(o+3;qJ^JY%O_,F^W +%O8J^NT^r%pfl]ZCX]i77CO+C=aS%ggIBe%VI^'SS'S6.'q"Up`!C#28Hq4J@+YN,Il]8Op#Z<J`4btc^/Y(PV0@WOkJ^*@/$9AWZ +%-165`;WiO:j[];(+k)d+Lu4OU#);JE=/A[3_#E-dZ'UFf`"Ft<5u#M^E>!Dnkk--Li$+K1<r%*cJC?)]Cm[AqM@8^f7nsnDG#_]s +%q[!;/V.p8O6Nme*7W:TT28lhu8lR]jL3'KaIk2ueMk8/0X'AgjFcuVs$_ci2nJ#'B7,a*HG9*7Af`*UOn,B@jEa=GL5lq/jqNh<c +%@_iOl!Y?6l\hj#.a@P6Weg"-H-%V"&1E[N\Gc*ujfQWctp'a)<!lofn,7am:U*,O1a%kPW1hZ9jeuh'kpGGCWi4qRq1<GraF6flJ +%:7\E`=F70pg6.UK-DXe0V'e#EgM9E7Gupb#P^(3bD4,S:5a%%ZVbP,j3=CG`S[V4?/?[5VOlor'`WD*jC2\:>o:R((YBg%52f?EX +%/[MZ:RAt?Ffo)Z%"!UCepd_HK.IH@A=e1dO')7&H0:r%Pc(:I=KEPW;Mu\?R[;PYH>N'65SnF5sWM$O,R^CT[lmHUF42S<A<e;[O +%4CiG^MLk\g&Y3D;TZ<5M,L,=qL$3-ED1l`_kfgst8E4,s.5V,._DWr%@>(:VVSi;0AE+;+'B!;7Aop^u4*fdnCG9uhQI^0HX\>Dd +%jjfOf>=sid`eta3];Ta4l4tgmS^ugto?;)!H0pJmGSO$p/U=WkD!Sqb0.n!a1C^rblVN!1=M3=+Cod8($u'+,Z7uA36Q-5d.3XGk +%Mh1NE(3HrRnARrYAi#5JVH$BK9EILc*PUI_7T>pF?!4L<fd6_&Mfd<D*=O/AO=G6u6;:9f8UK?-dJ/>tE.5P`I^3;Dpc1M56l9IJ +%OG`_!/PTr=`O%:o&W`[6L6f9pg1G=T>1O6cW%+a*>GO([6[.-S8I]CX/'t<^1Lb/Cr5A]A5h&K1aB([tLQtd'2Su_Y(9B%;E/DhK +%:H3Xt[MDaPad9TrLZTM\FWcSeX*YbcVDK3);Ap&n'8os[g71SYMo(EgcB?\_mojIG3C5HtE[<JJ^j7Hs"&r7J-l;tV$%T0t+,Q[I +%]s@"TJ_8ORQI0S;XHSCr$OL$GUh$&H,s$9?3eH#rJeA0tFU]`-eD1fL6FNs&OP4S`*?E1b)ER'r$)rM8(>Hp+d5^Ee;*qIR6lF3f +%$p\7'd;Yq.D\@&%%;$lhWtr]:eGIm[A38_dkhB^8`/;J/WZVg8L-bT"<fE<VPX%k&C&GQ0?krfrLhhRBd=PCDC6KB_,>fSI`jm8Y +%AT!dYc>+Y?&Vk3M*7hR(<KNChl.RNWX3kVFhhg@K0A"a!?^8D`q*D5g$.Mo%i>=Wco(L;q;G>[gkVDk(GdL=R3Q;!_B92n2/P0E" +%qBjdj*54JJ$@8+cS5#YtT&]ac@pt7EEta:ck3*b5<W&a*h4u^/!SC#mI2->"`?no%VmOp?Ol6'f4/1$G6jJWj`SG9FACdh4GoiXR +%AJIcD'eDVPC?=;T>945E?H@/E]l1RNWYeUB^F.mena8F<$kn^>=sIL$'08p26J!qQS;LL\0jE_hD:N#_#JgqJTp>/elt]0_NkAAP +%9k+6gQQ;aD%cfVZMX)#IHn?/j8L@gP)F\oANo#S!cp5L^A]Pd4'\&:SDUN/Lo]4,0N3"9pq9`W&n=rt?'ZBS_Jt@BF1qGP6qj<^` +%nVoPI2`+W"WCEXFJgZ%K'h;+X]j<&UZGXVXd1JV<:fdLp>:\BE$Y;pUoieeE3(`WLi+/+rkIqnS<l"])obPeE)@gYT.Ug<QcNAME +%,OS1_Bh&)@&Z`p?%k2NLA'\p[;[O?\j6<45TTE9=#AB2kE1dJl\V<[F/="^*<9m)M2Z@*[J;-Oc[B].bE0El<Z$$lP!bu0hQkT\= +%Cb!\5PdihJGt4a6+[=%'1ajF"S3_\,ng&Cs$mQM>1=[uJ]f,%I1ZXMm1?j:lQH]>ZLmr#G`b$JE:YsJlKL:GMY6`o&&43B"O_pVO +%`A;/>)%-uD;'Kua%;eki+JgJBi9JI)nM74deXNOm3S_J@V/MR32THbJ"s<^Q%^Y=&-oc'ia-ubqV+kDP[E\re_Y@TN[_cfWUH;a& +%6^@b3R-Vf$J"nKcLE/s#`1HlGi\!?akX;*&.!_3@Y[*k/4(sL"0XRJS7!H6Rf@\(?d3X&eJV'2m@4jV%MqMrG(M</%)EYq2XQ0!C +%Gt@]7.mP"Y[kf0bE(dHd6NFuB^7'AFahMM#mW!Qa[KWmgTY$CeYYccXES8_Y;:;Mb8bBIbTYU2uAG!1.=+G6F3A[H22=7K-K>,:0 +%c/C@$fE#>NSqI3k8-e!OOD=?qlJ.+R/2LTQ>^MR4h8r8IDSD21AIU]?'#d"/U*jkL]L!?m>hT4XJa?J@YmME"=LId=R0AA66Cf@r +%+7aK*HF+e4<`>\*mC+C_`E_V+E,*MJRfY>Ifr5N.E1&Ja"MGW]$_pk/fhMHR15eoqXlBRk5)ASL8[&J*,h^&L:YoM>.IDZNOu0&U +%7Y^CGQkd#KK0r5[.WXl0R/K#<Lh?=^Y%=XDgLT,VgmK2T,M"=tHHhVE*(Fr\<fenZ=]ljf-8UF4p!DBC+,h<de4)3<JCMpaNF$fT +%+-#P/\9*SO,*8UV2G\CK?J/o\66&Q`eB%Z$VZ@aMJ.3FkYE`J;1uTQ"lq\f`eEE$^9A`U`9m=TpPLm)F4'/j612ja*BA,VYI/n\I +%2:doT<_'WR+R)GhU3^N)Cb1NiCP6D*@p]BZg4@i/q.g.]+jmi7jKb-dhgF1V?m/)&BnDVG!'2kg3Dfo..(/T`S5Ng6Cc>_VZ>unl +%0#Jd-L>[g62!qcF\PFe8YKbOB[@l07?aN"cJLc)LVn5d3:-'/CN#;c@o+[aIk2Q8C+0VED>8Zuqn`adWn#Rr-@l]LPTT"UB()"(, +%3$oU=io0$BIpPn-=UcN,Yf0-*[k-Vk%XU4dIoh^0Ycq+H,@#"abJOl\pT:UrWqDL73m`H@]N7CO$l"\`NN.92h+1s:#':^iNAk'I +%Ji"6odRN8%SahYJ(Ie["2[YK3V.chOS>.'B*&fZ?,Mk#-:t*+`_b*dZ0PN6'm9oTqBl(+P9AG:&^0=hu,G:CC*#Lu]Q_TOZ:P5@D +%++4DU^0qaple.BQ3&iPMs4XtTNl(:aiX$JU.=<`KW+:(F$po&)Vm[Wo4l"8@9OAHLn;R.W%Em]"=?n$V;iI0jOSnCsd0RuGSO<g= +%=4Y(+s4EP)KiE(UF;!B0k[NS#0IA3:-$?t`;HT[^OC_RM!TU1(c&JoKqg\jsDFTV]s.oW"T5[J_5m`OQZ$E)a$+4'?'@h\u`/:F_ +%!+6F\5Hsla,8?7Sc3Xs]Z-F!1=_Y%moY<dj0oCsp9rh^(/7E(XWB0BVd8=Rk09H:1p&O+f0_%We/D8!nC*_=V6>bX_?AEX`C__G^ +%BIn!oOX\Qn3,Y6,H.,nY6`iRd=c3l.ojNYgQ*#UR`mRtR&kc0,gX?jg)O#[j@9%SD>^R`t$[gNbGIlP)b524L6VZ*Z+&uL'PoZ'n +%/lZ(J@j+ohnlSOjjF\r0e2T]:>:aK>=5H7nS,C.*p0'P.js\6n?reUR&,IKiPK#VVSYskf2$DoMWh)`JW+\i,(Lf:fKsp'm[Vc/h +%,j/qd^/s*jeg`)jltL?L`=*RR,a7k$l-t50!Qh"/,W^&t2`"%@.<uP\_at+V\0Gmf;2C\pPAg:Vha0=Amb[ilkATeFH2h)'gc`At +%qWY%656(9CB0pH]p[mb"S^R-L5PXG\*ri(g`]sI`c'oNQ5Q@K3hRrdQo,#19lLf@NqYHDZ?G,-tT--5oL5c(`hu3K%msas%_cJM] +%miT4;d:])HjdlGBZQK/@kF[.pc"H#'rSp*arVY=bc\)?WJF)nUa$4uB)-)CioY5]qU-T64IrP>'T,p]k^FONc^AHd]_qh4Gb'1oJ +%&#TQ#8P^J@7Hdk=N.Ipll>n1L=17;M@O.7b5Tr"]D.,@/]UmNeikU91;>loq\6&Ag=/HGf6Cu<l>?'[p,(h8Dodd%N,dRulQ&*/M +%^4HMsk*#IE[lXV=qj>f/SI>fWn0ZOAb=l=!0?MXY-m24C,mD'm7C(1IG:HD[hS'+e1EXng%U5^h3>a&tT`+k+`QQ7")N5'HU**ih +%hHnk-bC0BVLVJpVQYYe4m]r#-,Zt'9aZGM)VSSD*aUF@k;q[>m12r&pUj&$o.S+okd$r[b.?TlVc@P^/+U5%&8Y]u]2].`XYR[IG +%eJEJ_3kBMp%6!^O'(lnGJM=AqS>*68Lf<m&*OR`pK$4BC&nsBPgU`Y@ZX^9\Ho>&&QhQ&B<*^0l:c^:"VP$d(cHQi+BS<a+feSa% +%K^1%J-'10#gC@5dWo8EF!bHVh;N"6J5bL6?",cZt!M3,ik"1^,W%8NAY0Jt<4W)5nmW%[E/:$L@!:.L7[j&me.%d-?VKQaiIQq9c +%=r@_*-p'hCUAFa_F8LlH9GpURXWtc3??h>a)=>()2;;EbeTr!d#Lk>@nLKDAd^%20Lm(pA4t-M%4o272=-oug<LB!n)E%&D)(D#I +%JPnd8igN8XjpC.Z\*')]#<`2&frF1/X%?g.lU;^RY82:K%_+O9GFCc8(/<$V!,eI^iKOWEi@\*2E<XSR031F&0R<`7;l#7u25=\] +%Qod%7#<N/-[ibR,KOD4Cj2;bk*W$P1+pAaJ<AMb(Mi4Z=9b'g5<)?F$2'&(7!4CI=4n0+R`4rSN_mc4dqYJ1WIWis$Z_'Bd=:p>E +%TW:EGki40,kiB!?kad]_2,ch)q$sh_c$qq9,Y+]KKVTt2TS_XKp<j>,,Cp+H9SfPGYK`l`dqb(laH!]9-'tW&2Q@9!;^X8VdYuXW +%KC)hYRqfGe)e>LC;,Gu1PW=i*6Yf[6+JcT',bu!6N)m"@RUqYrZ"C1G>\sma9ics]A#;5`Z9K]84TH5.c_P[5fR*b>'j;p@gDTNS +%OF`Y96Fq;h#?NSKnb0SCq<Vb@b=1[o7%&dddO%I[[2#:Z*areVe%-B/W&?86F>;.if":2/og4Z]`;rAFKbBc9g!("RXAZK/:-jDr +%`5_mrA$1')"mq7Gqt$Yb/[G/o-7@32O;';tRdk4U$#fr82Q5S'K]AmM^JBrR.Z*,t6%Xk\_Q+,[;T?]J=Y(8tR"@n=*1ZY-)@,X3 +%a??&_S'O>Lq2@7)Nc:fERd9]>bX?Kb2Lt,ckc*3Bl8IjPBlds?JTOEb/&tb%]UXPiCsZo92u$7BD9_:S;M4"2PFK-alK-=8\>sYW +%-Nl_nlY?d?$aHkoDmtnV>E&c]Z)'_*$6(gk3nN8uMFW:cI`#_,Z8+>YU?+],:%#t!^)E<[@S)J/4o(lZ>FS=UbOI1qOH1>gJ;LZ- +%".g883@=#a+)l?,"LQnRi605eB6=CEhq!T2M_Fi#`S57<SF;S^)#/.Keqa?%b:]JF=LT$0k"%M6,mUHN^f$S(M/Eq"Zu<nLAYK#J +%4B>nn+O=t!hRrrNX/RPK,I%>s0rO;,p@=q<X<!uRj1])'P5?f=dHF*_DHCm<F4s!/H/77=%^[.&fMc8h:p!VI+589cJh/e:e[dCq +%fr;.Ja^\&0M!]83UU'dlrX0WL2/t`8WZ3D;aBbO'5gf:?@d9tE7:':Z(N/QV=4b\T(JX7,^=6b4^kqoBgNTP>H\C%jokorqm&C4= +%Z)a=<[PX_c9lP!!?]'9klJa-ff,:sHI!#J%l][;1>VtId<(aeoY>FppMA/>Z6hl35X&JbRm.E!\eA2m!4PI@@C<!*taal<'?tog2 +%Y/KU2<AN.&C#pNUZl3(mncZ0Vjk7R.+HUH"<9m*;Io%"Yf?[99MW.kOi"?hp'au35-\-UAB"XY&dh6qZfTs%S0]/+30^Xja=G3"! +%IdR-AIFP<!n9FiTd!.iNKJ>WJkOCqd0\sf]ZXJ*U6^:Pl1P5'f,i9Y43CqnYXJWlL/0F@U>5<q3O-\UP0s%qr,#F2aBK#67C$neN +%ln"c.NcYO1#b&O6d,H6u_7Y\C`Zd4_gE6TQI"3>M=62>hBdPs?^J@:E?9.tpA<[Yknd&4C;uWKq9p<"4C@O[MKD-5uf<2rTI"k[i +%f9Bl,qa4La.87Qr%rf,8:1q,62B#oIRb%Q):VT:gD3<7Fk[#6)W#@PF@MS*Wd?\Ed<[d>M+<)LE&!_+%l)SU;cu`fWF7DsE_DKi& +%@]DWj[;KrGWtkMVHQdH/C'Nn.1H*/dhDLX+8augU+,p(IG<PFh"3BG0;B9J"P5)`)=`C-6NBs";pCYQ`Dn3755/94%V#I@IAqT4@ +%&e::Xi[PYYf02Lr@9O>#/ePmqi^1Mg,f;*1=WD[MTfYCM$DQ_U>`2(*l(Vi.e_HeZ0rX@YUj+'&Uo99:"+Z\6mH`_\%tS]q-g6c: +%59c39*!7@6D`!Ye[(A7`gHm7qC.*VOoF?1r&.U4EdR[m&Y3k[Ll)Hg/@B$QL<"0rg2:K6npe1]_G6@@gq-l1QW:-cemTn8r>3--Q +%h4)#sBW3gTKhJ;E6+.R+Jk@u^l*?RV"uR@pj`U/gW=$tTX;QR$)?XOjO>YQc)hf#+V4;bWYlhJ38_XfCd`1DSgr4L/Gl)QFn*IKe +%?;bLYR!pL36[Nm3s3fLJ+jqaF67tnVIfNcBh,;JZ>=,u+OJl@YX<<j'-Vh5*'6Yq/aaAs-"S`Fk\L&eOD%deLpf:<cogUQI:=cXj +%2J@7KK&l#u![R2UKLnS,`@ll0.2P_poe3a*n=pJXit5At*!.]RjJ`m&0LYu?Cj<`j!hcN%:^T-r;%M5pTEhCRS!rSuB;1bf,$OZ; +%q""[C;oLX74qu1DqNVS)euB.2%Trf/r4&d>C\#HG(TruqBFIk4!Wl88)(>EY/)rWsX=kgE]QJ_ZK$GraUjc@c2"tNp@C[M.CPu#I +%[d59`f`$WO^Y/'?EZ*1]Bftq6N:g@KEUVJ)J%YRlfKgkFMRr<[-Q1--RjqVu6.CaT5qi>TL5Mq7SXc^,@FD#^hI47Fi5E*6'5pip +%T'V2tXW/.u#)El@@@ld6im!AAI//_#PmL8i(SuZ-]/GBPYXr5&RP[Wb+uanL3GTE%-$Jh4ZogW2Ek@ZTO9T.B9-79X8sQqTSt47s +%ROJNu)*IA%Q[B%KLmW4jj>?pX!Vp$P'hI`f"Lsb\KOYS^d6T2BOj"lZ9EcMO0eF'0!4@GZJR\*YN4I[a(RqbiWuo\^HpY7nhuRa$ +%*+L#)^R*Qs8K!l]5TP^B\A[mX.BCd,d'0!JTbF:@niAYEVq;=qRB1YU&8fCT]rqUn8ZTiYAcm,k(O*SF^".G]aC&uu[aO;oBNX*5 +%_.g:llfflNWT!=@-?"?.O12kZfT?fZRcLTtiqOlZ"63[X+\\.2aP%9oS'hae3fAb8,@5no:m&P9^,L7R\GW14b5m6!MI/PH`mJ<W +%FY]14)dg`^#3fm7dGnuXc`"p/_5/$pBHp[S<#DMNPjogF%1VjlH:.?aUbl*?4s7hO\O=R'UpX@?reG,f=3LJP1Je9R@:jH;?DA$g +%_US8BSjHsJVfJUf?=kY5e#oEm+'/%G$&VXD#CO%$H()W!I;RMV=.#;/5_e"'#,ld&`O@-2'a%DJ(uBH=_3:ohpWEf#>9Ge0D'+5B +%eH<9X\+LoS$;gUXDPX/Ph9%X]h=18$4bNML('@96Rb4K_V@5V8%dV8T42#EX@it'/g[<m9\XQR#2<)$eQ-I:<YF=i-+AgI::AGIX +%?"g&)J]so0@TK'H1GiMl1f']uRj39d&Z&aN?+D>@8%ZLA9j9d8`lK7^@Rtt=#S71B`)DpgV2B\B>@Dlg@4fMlY4Wi\`:W=f2!g-7 +%&b6(6.sg,t.UN9U,W\m-;iCo%)9gRX>-en['99`[&cFhVS!hbKnDd'.6,p6Q"glZLO+j_^:;VIS<KrG:T].P_K!KLlGDR=7j0Bk? +%EM$0;e8R`i"[J&#q*B.4Xk^hg.d+'f3jK(Bl&QS*pdnmp+$a$Gb+0(C*X0*==l2ei@ABX"*VJ>XP@-4V]i3_rm-GF]QRn/Hr;,Mq +%+2;Kt`WWmV-cUqfDDn,J&KFueQD[4FGGYO_/T-PTngm?X>MlShNSBMZ'!V<;�G#9J(I,`XI1-DHo]u$79)O]JgeE6:>naHl0)D +%T$WE,:$@Pe((^76H,JBCU#(er/G9&W"V?3tIEC:hP0M)8ahVbT6Wdjh)6>JnV_^oB<$IJTWgdB,F,@5a[5$`d'?d[YY19Cd9H9>B +%W,]jTSW'5SfH+T#!quQC[W>?)Sr<\npa.>e4H!>q\H4);YirORX$!+(A:TDg+4[ht@Ip_G55BXfC,6bWCSW\ae1WEE;[(XSMF))( +%>b2,m`nE>5%5h""!"j*C,gF3\<O#rl3hC5hX"Qcijn8GKSMia9Mo+&Q\I7R?*j"'IG.[r6![!R".#gZ3%YdW**\W*Jjk[4:i=l?b +%HoD/dieR,'PeUGMp$%5bRMjetc,h(^7cg.oKfF:/V;mN'AqJChBjkCie^%s$44E)i(hBkQk&M%+k_!"nrU:kG@0R7<?[]JG[m0)A +%DPH7GD%CoDPmcVRJ62r5"l?GENcDt:KR1`pk7R:<.:Yhoo\KWLK/@!6c920#p!=bs)>(%A?@s!<\h:)$RIT#tO$Lm[rV*3cX0:FT +%>1*Gq3u['r[;FS&*%0)YDfe4pO/:quGLl0f_ch-JEci1>jV%bB<5QU8R_af\%<gm%(Fe+JY@K26<^Mt'ChK9h..kP+$Fun5`><Aq +%gM5]p3SLLt0331.&&rO=A7k^3O96Mh7ec8modY:#]t!82-FX>^%J"VQfc!`J2*b@AiNo#uejq"g3ubB:BXUBrP(;4`O(n]6g&91R +%Lr"qMIMd9oC>8#o\?cl+UcUmu2M9s<Ju8;C`jZ7@3-Xs+Thd#JAE?$T,FYcY-9=E:b%?B.ak?`OmZP5)MCh8(bgce)&R<f=(e4'& +%YgfU*)5/dgigNO]:ii2o#gdOb.%sm-abEkFi"`[rI)X/&]0-?XXh@OQ=)fC0V)m%3,'m-W^c..W6/u_r.a]YC@XKbsoeMVsA1VUU +%;hT9";^!mi,qc<em''jq"c_!`RE!lg2%hjOHs`+]'H,(^_PZ_@RdXq=CYaATN9NZ6$=aAZeA(-eZWD?/L*Oas-DR?-mskLj5#%K* +%'2dTfJl#sY+=2u+osef<M$=(oEEJIbFrPTOI9WYm]\/7!AK50,M'"pnfkcWr+lmh;jg1H$BJeIG73@P&r#os/S;!42lmd9b86Is3 +%=U@NX3B8B-K"Aj"l\^t.=W&2Jj=6!(ls$EFL)M`b<a<]?O5_`U`3g';<AbOfCZJ2T@H:(1q,fLpjS>.CZ@][Ql?YG=fNa/.+en>/ +%dArb>p+7@-Qu*"%-=.]'@^<gM$ZatXfq!uGF,&O"S!QK4[cT/+R2I]Bh4']qAd!A.h3?Q]4bnO;C-OR,!^,DTIJN7-A(:Z2Ec!6b +%CO@l$Ccche2ggeK_Ma$`'\>S(FqXCiZd6H./]m#.(a)0'%mS#6DB=BGN?;@k,:q8TGf!6iAkent(>u<YlXD;/L8C0@\NUY[`aVaG +%BMV6)&l5nu9Rob,#%gZ<YsnFeIQg'Uan&;j.Um6k_+H49bkb1CpU'qVSo/V+AW6lGOko.,q^4"LUN,mm/MehSobb>[JEKD_eG0*T +%=gH_I]afR-_R,!G9CsS1.CS.43khH>BG[l?nb*oMH0(8d)oS9;m'3>EI^8OKe+Cg;e]$2Ca(X*@S8dS%08RR`hS=Pgo'4c9D=H#T +%j)F<"'qe,Jbk%dhARn-H<@.cVb>N7b#Y,!RDMk-gl&8?7#N22j$8J=KjFj*(Ho2\SrDPNB"K+QGEm64C^nkt'B"Y@6h^/"Xk`5(j +%8iP-^jHh/l\oD+6ULthHB"7*`ag^FJ*T!(u/UX7hSJT_t)AqU.$Ga52rr$5$@MZ^9r>o,'8?5f1c#XZ$QNib=YucfBP>m!5gsaCg +%\6K5DKpfAGPcP[2Nm_c!OT^;iVMTW:$6mKAh-RTfo7F!DY,*!9!9)A5k>.edmWPe^lJ%q(n.Ed>;^3<pmI,8F:rI?'.JSbJC/-[5 +%DEKM$a'5TrNk"TDg.#=`G;_rRRS]aCmh"k!!0#TBFsL=#\9!qXi8%#Prm>+uLi>p4*Rh7gX](bH%InKnoS\lruHH(#[BQ-_Gl_ +%:)6j=^p_T.6X7u6l0>[5dK\5*+`$aX;Q_g1T/bNl:://@QulV!"Aa%bL4sPkgKPrb@?n/NYGAVM4LW*,i"F$X>Ia7r:>CEG`[5LO +%92":NpjA4pnE6]K#oO'lN`Fd<E"Dg1oj?$1S%2cL@T:JCQ3$U)K"M(UmS4tA:9-q.Da4U[5%F5b7#r.aNilAbXYP3fA83M>V)EmX +%.`*I<I)WXn'->9I*uGZDba0Md!>bo2T[ibS`^!T]iH.FfPInV;Y=.TrOk*6]&VV99+e<b9g)N8qXPlfY*M@9#(X[!kEb@m^g0Q\G +%Es;f^E7e<uSP\a:h?ErSE35nG.,>*t8+p..,7.=1Q0G$/B=J/>G$?1H8<-[eIiDH7)WOCFt1*8/4@=7sLB.l-oB^NhaR^9gW0M +%HGp804D((2T#sULVfM.,4Cf]]_F1K`Pk]#SYP]qJmg(SZoOb;6#'s&`1CLY)r-C=1OGbgQS_&O@K'k&n`-8T@,k9,%a=OR=`9=3- +%l=&@m]!D32G.JgXaik(*Q^5EMikrZ',>k_adQe@G85P;qK@=@nbqJ``JU%#\.^&2SUdS]CUrd.5_UXGAG]Ps.D;l@3kl9c]a+&N2 +%V58Yes8DZNc(B7ZF99Ea2GhbaGJl1;(>/qN[\:11%,d\1R>djde&>_B[W5L1C6i[M\Ri^7V8;Bm;o**%XRb@(AX.Bn+=8.QV"<>6 +%O8`;q<d]_FCTj"DF;:HF&/.[\>(P.I+3KtJPsLkof]Ysq7ZiGH<j14uiXqATj0/0>6h5Ce$8'E&NNnUtf4Z2+ED:aW(IdMmpiC;M +%:_GVuOt($(Y#K6fc5Is4g-P.DfspUg4jno.7MJ7-3d&n*W[N]RM/J_9!,;+)!eN'l+%mO&Lg+p+R;@;/[!hG?d=X$1iV^8#<-X.M +%Na@Ku@s-e4?Z.6nh/)_r4oWsAV=cZ*`P_9nUBJr[f8H9?g,>GIK,5<D^6'k"iBoo3:<W;Z+Mi`@1hN=^C-J^P,@Y0*[WS=leDdm` +%5;$NT^_#7q%0kb1%='E.ZpU<LK/SmeX7R\sU`G(P87t'+d=u;.PY&MCiKe9$k=OS9[?,1;?g(feLR^44r]ulC4.nm3BWJ3U$UG]H +%b1S0U]Ej@(:Uo-/7Al9^RtW(!TUW-HmoT3Z09Q9#]_e7:]hT8)Wtk34F[UU&^?jt1,L[fsU0mOU)BGc!0]6Q#$:^]P<SCAsrO&nI +%n*=_3&%J/`m"26oBq1O$iBF@Rds@1T%O@JK[TR?InGb2Z`=&V<JBU_j[Us8,b/]?`7*T'8h@,$HNO99E#Or$qX0_Y&j.sFk\##&) +%o"NIUMkdUPU:*d@DG!_RZD17qcr`ul8r2mpp/H%nVT5\lE2<8+n+gDX?p1lcjQq]Jp=JZ3[79F`8FX]9B&OJ]l"ai\:0Qqi/I_h, +%;EnGXX?m>UW\9N8-D*aEJ]4]_=)a4@mg(WB.'DoK.1NDS(hM<rRQ7*g#&M-h0q=A+@*et>csk-G6dL\j<@b%Npr9XBQ-m[#WCTpn +%gJTnr2RI'3YKq4@U'-##_IE#tM/Q#p#FG's?_t?gl#H,&j8->3M!,VfN#ilEG*U@k)NT@OfBOtC+;C7^(Mc>))Oap1_&O;81ob"U +%V3&J/<_#)k/:hS(2,Y?.^qht'G!sS>D*0P>1b&A)NR)FdK1$fbRr\D>iSl>&Lm6n<nK?(MWZFl./0:V@=k9Uu_FBWOZ@=(goG=C, +%.Gki_"09NdfE]'f'P??+Xgj/LCCPQO1%fcPN3aXSUO;gh9:UpfniU0"J@]T?:`5rXn;($SdpniOY^2\J6>%3<6,U:GK(Z7</k./< +%W&rOt;G/X:HN=A'k@Z;G(/g-FI<OUT(M$mKCkWXNXZ7A=.SIET@HIj8:YM*gT^iS$Y6\$Ap?59RO_X.EJR<OqFR1HIQd)hF[_Cs^ +%"hkp&8Y>9Wj,o@i8@Oi8>7o,ULln4c9U!V`2BhV"9:*g,d'h3\Gf!i\DNLe1OD,p_Ej!C)C6cEWa@>`Wktg?&hLXcKH0VCNPr0Jn +%Qs.=O(Je#.<pQ&B!\Fp375/RT&Qk>q2C<3-clRT=cr[.m3cqRQ\rfO&^`"GSXd6b#*#^4!)RMV3+;>/[dop6b)$(RU1NTNbGoLVf +%)d>gBoqN.KYTT(_TS1i6%ocO5j>iVWF/_f[&0M1=gdJAgC%Q9e?rTU$[IAG^f$OaAL8Pk)V036Ro@6cCkATaO+g!f7"2!.(G]bH1 +%n0NZlPN#N""BS;0_Sb`CO?4?t_GoBOL.WY+7QNp>iP@T(QW9@0Q6]i?67$O#G\0bs,)^hRKVLj93siIEWmIR=>9K!KPqbcib!:#J +%+j:gn^6\[]D&mG1`P6o3Dq\)K9e!>eA##BhFI?><^BB^LOP3.tO?U,q>=/hGTV1=kY7TH&]hqd`W?`:JBkrK3]!TAjPF]btj^eN? +%kJu*TfuR?4-6&qS"e.k,*J8WYc#Ppk#A?[D/A07H;*m'E%p_4=PEBdf;\KXuZQ^q[(^&6JkL#W7XsELKXaQ,1R9*Xo8uYp;'WOa1 +%5+.R*HX%>-IVBg$.s&*-Dk$V(K:Fb`4"3gK+CII&9Kr/%+d`UmR((_nO2eTV0MJi2p9Ppd-Z*9$kdI8-dE''[]p'j9"H2g=fH7HB +%R<?EUh5XMFQ/&7T6iVBkA8'%'WGV_=T'k<Cndq597/ls]m9tlab3tRb-e^P))t#u/gWS;,JQ*);bhYCWC-o/"HWa9(e:Ro82u>+h +%LMF7kHnr)5-[0ZH1BKTDU0*N^7lYZgO4IrE:6:d?]/Hc(.I`nr]`))<`G\N%MV#lSF`Z7aCYHfF#89@*+1@3op1e:<'0%Nu107(G +%@5B`gW/ZYWf_b'5-A`]b`[[$W'0_S>*bg"cY7Hn2]87\1!sMPVE#`uSMZsAncEhetLhkWb\rgn(IL3XbZ$01FL'i."YrWI05SMjR +%Z0Xg5glc93%X"<,3pYk#'\40)#HjS0(<<MW`$JP8\:%A"3Ha?TZIBd24\aJ/:_N/9)VqH9S&$8WD`SAQJ5h%6-ojgVLB5cL\5>RE +%PtpRWN9Mk3[5I)46[0:;R$EG9gVl_o#8r,<e[TeM)!P>U<*[qjJ,s,Sf9j#&:n7XQ&5nBsJZ(=ES<Q.F%Z3=L%_osk+J/uPj;)<? +%F?O_`4Aht3)BjgONg3Bj47CjBQK(s'<\1.K@!kD2JQM'tGX:[MB``/<b`,HC9H+'SS)%o&0Y4A20]U@*WY0SfNN)GVc*7dfo^gKC +%X'_Fr#E]JD7[dJK@<oSA!1d+E-4We1C9BDjYKqM5!cNqnM*L,tYJuj"[LSW[/C)bs,&%?4a80tG/lL1m=)r9#&ckYA,Sdc\_-o9< +%r-EN&OhZkqW>X5-7CXh'HG%-6JH?H^!b<+U7dqN`pE;;6)mKW!c;mSj.kqLDM^=*65S9`>msR,a.ZLGrE.b=oa)NGWW_1GOEQ1aJ +%PmG<R#t6aXCslEagI^O-H-k3H(<'H5&Yk^U\>B9E,m+aJ'A3K=&2SP"T9MeD(@@oYaiX"`=X;S,j[pege0[4)@jANuFjTMja"W(\ +%61LNs4tQI0Y^;74=s?s<02C=*VbQ`BMb:$d7*DW@H`t[S%_!0l[9a[f?d?W0_D&B=2W_nW8FmO#8+COu&;eWl:k`,c/>#?4I!Ak7 +%LK/-4`\hG!d7:a#enGVD`CE%hm]FDRlPkrJ%fRc0:BX<)>9i&Ug6f[kUl71W[iq7S"mUOpKO<PRN%<PBkI2g_q#t.(oJZS4h4kAl +%<taA"+SA95QPQCD85Kh_X)fI_U`rHAnEQ)^K,qk7E&7gjY'FMr\d26J1N&Zp=dl:N-:VADnOi5]N^G5M'f7&CR?MK<E_O[I@!m^E +%7\DEQGd!'+kM=i,qGG"rMA!__T[A2<_rN-rN4c"3=)I(SJELgh]@r2d+O[a03Z(0rb+n7k`^YQK`aG!T,9=^*]$NG*`#VS:CiJ^_ +%8\uq-5Rt`MG!kIWa"<mS?pQ:P)jiR<C1JT+,Y8UOpbBjGc.rQQ!,4_\\#9GL7-2N7DBiA.Ji7A4@uE7BJA"+`"4S\=&f^?u(Z]ma +%LbLbp_q\'-3q!*#>'Ok^*oQ=fd#AOmglr=L"*OI0FHJ-EV'CpNe0bD0H?R93TL[-r6`rDbk:@?uedA$*(rQSD>6B,O+Kfs9"1\io +%1_?-O/+d%3Rq!gX`sU3pT2L8lhXPGtUXh<*Ffb/gG'1["+S>>%_D`[*l:aA2a%g%^c#6bj=(QP66g!1Ph9?nL]fgkMDp`#\"P+SM +%amhTtN_8SF&TrBgp,H<^Bcu0ep,#)`N1K7cJoOG4.S9uRO=ZWVYO\AfVC`-1n<3>nYXX1eZluFqZ%lmZ)m;.K6;s:A/`NM"Ca[t; +%=csC\,"#9W1!T%fKp\8PNML/;"KKQTg6"p*kN*T1A)sAC@$lf0A7&6dZ9frHR2Yig>(cru#,k$D/$Qi>cp,CIdNfK]#]MrVPfq') +%V3OQ-Rfc)'3epP>ZfML,8&s5G&L1A-;oW]7'4=r`/rabIU7D)8LG4+,FnB7/MM5*H8>u7KlJMu_aL.iVMLYbZm/58Kj,2Cnia<iI +%4*bn[KZo*U0rTK-Wm\Ua+iG;2IF\UHN'K3uK7&t?AJ#O%>XGc"bj)_LU!/5AO]UghE:"PK12]O73,l8DP1HQW?Zsn8BhV(:NNEZs +%Y`XjYdZP*<_U.!T;T/DUQEO+Pj5ZJ5fjmK_`$nfsE/K4[q'J&VLC+r=?.XUj94RL53k.`MEG'tUB>s-?,i5V4o33^8;VH"fX$6F; +%3phshSP'3n_Saff>K=slCD=,Hi:!Y(KX4ETY'hXoqPOf/NXSq4c=#3,R@ntB)U&Bd@tdI=Wgn1B%m@2KfpH4/a#$uA*CIf,YRsQ$ +%,78\'iq<J=,6?KL4_LkkOEADVJN6#0`\sQJ,^+.@\;Q@FlJtn56QeSPn>1R%D`G0F1]4J"ODpCF`FK8*)C(Y)$2&r_p[dcB8V)k) +%c5SS8pt6:e<ZVElOBNCsZoZbc"rN,Cm+>CXD9^l4XE[=O]+fHCi\:W'/H`>A/L2[%]5N*_hb!Y(^&]Y%dOl#&V+*O%6fA.a2q0>2 +%\*f_Y"Y-_/bC9H!4+C@n7H2VTqoWnCqpHi$DRU%cF'<:D8<4/89PrQ[2F!P8,6W`[M3nthmtj"`/2X3.m#36OV;\MWlPUL+:#;8m +%m-=cSMDNF`CfF9PD%`-/QH&e-DPRdF,2R\][rGtlb9n5':4H@<`"nrKKL'gL'Vdtr?h+'DR^'lCGVSMhYldi1k8(#\`W`h-3Xjas +%iVH;BMjf]h-c),XirXkB*Vd=1rAY7!h$g`pjQLMM#o\AV2D,5/@$W*KBP1t9:ts@S>L5<dNW@2-^n,X4qguQP0;_qZmF2_n&i$[; +%d(30o"\0hE.qnaWJ`+!\P!MRWSt=@sXGXB5LsENZ6&/aI*e?Zm_Z2;nc>5o6Xjg?ig"a*9mr!t!1"d0?"cB?bHXe]0Io+nB3(Y;( +%jJUNDOaT1i-^YUL7rl1E-FU2=O[%QN>?<>--=KCU;SNa.Be$GBN/=tD+V_01YtsU'1W)%QA5>/-8cFc5.^#jo@7%nkD6\*sO^&oD +%%U*,f.7c<E@s>E.6I<[hO'4?LBT.p%U2+L,"al"8kMZu,Lm/COW-h^rS#"Qi`[8R)=H3L0!c78W_B%r&cWo/^]H\FeEAkV`a6TQ9 +%C0K(NS?R$hl+5cFjjhBDHSN&.[$\:;c'W13#D9IF@Bhk,SLbX9di$Z&;J;:O4-!=$mhkeWIIAZ8-lYZN0IPTjI)"lY:@;=Zq1Xf$ +%0O?i@HO>&n:;pL+-/NoY?t0]0+\pM@O2Yk@ja)9rKDW#unC-!mHp'Kjc&md'*$4F.<ql'Y7$0ZF*0Es-)I3='0B%.+Ns!@22)"R^ +%*@A4t*AnF(D/hi&oS^9V,"r&e"E+r1Ep\lXT#kZX`hihu@WrFQJ>*&*2_>O*<!M,35hN's`9`<0$LF[4RaUUB,-a5p>8e#bS;_OO +%jJmbMabZn4JBPa9*P,/6d<Isa#Y;"AMc3EM>@jY[_=neGm*;II.'`:DTkQp`[#pU>1t,1qfF<n/&a%M6CNE4(D"TcU5sh!!PZ]D> +%Od0"J`Nf&o4"5ThetH9rQt/720V:1&"&O2tSZMp%D]mOUMb%Z?"W>L$7GD6*U2@(*WHMB!<'!E/j^E;-N1oG$rq<&hlnZ`HK2niu +%$V%@X;bC9s0.>ptno4BVLP_=#`H<%tN_aNM`M)M7MZ*_A*OXOQ6V%utJhQdV*q>]B%&aY:W^uWt1mYDH3#"jo&6n@'ZCT8T0]k\j +%2[XD/i1qWe3ul3a*@TH:>\YnGiWd%cKu*?2IN68Cg9IF;-^#fY+I$=9+&k))k@jX^oa-4i5s'%M9QGLQBS+Y0joqVN@VOD=9#ZbJ +%o`R\NZ?m-=V2u2CSk1)J<T?Y]U#tXgMMI!W9->W?G'*'*b4Z1.(THgKIUbt!%PB/F/0KmEX?$!IOTDaFlFm*H4ADet%Wpt9fp+Ku +%dQWSZ'4.f)GBG;[.&Ub;,S5s"06PRGNGtuh`dO69BRgObgMDhJ?#80&cHX7'_8B1'--mVAerr`H\XhtI)*L%-8I3kJ_GHh3gd6_D +%3O=opD05I5jJ+;[CMQEeUH#87XYGmk<u^X!4.;5dHu)]!8Y&uFPt#rT6Wgm+7iE-A*Z?j!<0i$U02eR5qmSDeTdjO0_2ec5%e"=t +%9*b7<mM;F2!=Bmu%0Ip5g`)@K=+02O;hS*!N7o<)M],.i>H?Mp6<;dT4S[Fq)3sORXJ@M$gtR?O+[>VeB9Q85.c3g#I%Qc-A2n/X +%lmZjWA=,5on#X$/n4<3cD-+pb1r="*D?juQTNnGu]6^bFQ9NF.Qfl1jo-?8um$hdK"LMN"7gV+,Mntna-`:;lh7r5=e(/sfh>C_K +%h#@?s9Bk(Z't_pr-OT2lF1ce=M?umFkkGq/+&Be8-ZZNK)W%CNkqr("l(M>(7dj!#<6N[e-'V(_B</(+"-hX`k`Hthc^^$>ch41* +%9*?oT\0Af0)&pp^+n-WAMBcM`%V;]PDMSa!P4Rh5jrd"JEX2F@l41rB-D2S&&0Vc$9VV3b30(h&@O14X-3Na.fcj%.6KC`hL%p&# +%r%+QjeKo?,r+5;mOP6/r7)H</Br7'2>/Cn_'@ug>F.Ym:AC=LFa]2/Jkqf_Qa+jU.c'&@<W2+V5$Z*-#*?gNUA!mmtaDlDb6PY$e +%ii9&r7*mQ0%TFpgE/:`34](Co<L3sJoZ1@lA5H08-lsn6W-YN^=rB&s0jATmV,T6*Ol-]`o]:h1;:lT:H#RP/"'OspTL8fsL[a%& +%TJS,!=V`E$Q'p1V:E,_YRkZn&AGlQjp<IDN=[]gt_lUDSZ*=nBrAqk(hTBaU(8kNt%#,^PSU.Tu!Q",?F^=at8/qJ;.?d.SlaR6O +%`ZPC>`i%3-J\1R<_=t(@]G:$3fmR9148a8"0i8l]\H2c(I`-Aab9Z@:7']c3V_jE/kA8/+Un?8o&-7*7Fa$'j9#RBSc]3f5%QJu% +%YcTNDZr"Ef$FY4]kZ3_LACdj%W#*AUor1(k%!'%6XAKGoW:O!IVu!(';<B0;P&iG)(^\eH=:FHHoFk?RLKVht$TfU<eE?rf5%.3n +%l:sEseHf,0ehbbt?i%YX7YVt`KX`'DTtoW$$bNP.e_<r-.R@WeHA30'&e-"=7g%e<66I>^UDpn:Z3-:X)gH@&c2_r/88as9poEsT +%>_uuJI;i!6E>"/?+OWQk8*!S`iooA=8g>_q_YP;"/u<j5eHaal)B,WN".G%H,A4D]U]XkGDegVFDmgCcIMAS8da:#CJ#)GR!'5`Q +%EeG=j7p36HRaKZ4OuP&fR+W[^i7,8CB,:-#[DOn=eLE7::t1rj/)h*il1.V]Te[ppM;ZAC7b`%AP;o7YiOLqM@Y+'M"99t7J#lX* +%jqk<j`\blI?!&>=YiO^Ss.3)sb_;gtN0.4rj"mVn2Th[Z:`(J8;D\r?-t4cKG%&q8T'5r&3fZQfDB7:fa(^of$eCT'-rVT'=X5#I +%nfsT&?/`IW(kT?_d,I4C0C+3M.:.^EKdne!7\8*DN`=F/aslOU[UrHCjZq_W_c94[:$6SQ-4b)pM/eQoOElC`\I'X:FlHW-/M&/^ +%Z;.7HJos:(,5gtW)3_<pL%T8#.9#bMDJ"mVf1q]E&]?q$_&6MnJ:PonA^fF2g+oIhRu!$GMFPS1CIWnH#>f<ude(4BF@khXKQ8!I +%I.E:sC!X:]lB6>m)@)7Sg+K9a*'N5*8@N1"o-:W&526kG6i$pndk]d=N`l'RH5%j/Ak1TKku4BBLH(Zhg8!M<N/X-X%@AStDDebq +%3p2i=?u.0,=eFd>;l[0@LuqdfdZJ:<_<7BfedZu*NN&P*TV\W"%UWA610drAT&1c"[4RbUXlF$c"*n&j#Ttd"Q5lZPO4C3W&`[R@ +%o2mLTE!G]K6ED*8E[o6,qB1Pf7fmQ;Oc=rXYAUu61(5NXhNZ[mRop&oW+t:jm4TC0RrU-S0f;'1`1h04OSrl^91eD=PN)(JKBho! +%I&1thSeA<!!Ie#JNT+82F;!*"W[39(Ku1]KP1VKKN^>rcgUr//)<Hfn"!LWdlBeaqN"eR<DO.A"(9GYb&A+FdKmFuASRiEL-sIu< +%VC?>[&3/.3Qo1VX=uMsh'(U&Ep?]$Ze<?t6>!hPNDRiV:caT+[HL-)-_pT[Q5\r7Z&"r5<,F!P&(&SoK59_cf]$UnWaQRBH>$De^ +%2&0Y-AQbePXm\^L`<50IAQlB?/KlVhJRV.9Um;U"d-YNV5n/J1<d%p\>SYa-/+l9-gk)CF(\7CSf$TWOp6`P_=p,a%mNUmLg.1D[ +%b\':JZU<)cX2FM%C5gU,bbX#5MZlondDV;u_a[:M^(HQAF6t^KTU)7JEFCk2TpSs">Nqe'\-?h@@90o66H+l:UFX<+?<Q<gIQ2Pe +%!9t,Y7q5_>e@+$0]OeSVAZN#cNl6t#\gYH=Bq&M05@,-2C16MZ'+kOW<R(uJgpkmXYpGrbG7\d5JoPTs\,lNW:0;lq#lP(O36Nqj +%CT3W3!gV@LY,<IgapWd[aLV^g4XdMpTk4'QD(K]1-$E$9(rT-/<-$jIi9Z=;p[Pb2;L%d[:E&'0<XSW+eTpY,,0+pF%OW&j70q]U +%7l^=LJgkP1R(Aqm\+<EZL?R9bM`KS<?,t4"RYbam]&g%U@)D-#:R!4tQo/Z87Upe-`kCT2>Q3&3U=5HHNMI%aph7(T,'n"Mh_r$' +%Wh-A(cPd4j2C$FPC.^cd4.HFOA=[+nF?b2,\\dc5<f/"snDgpfQqqiaZ<j*+!#Y:/'dZ8JM3=%B2ll^c&HX\gJe6<Zj*2/S'C!6b +%8FrT+f4,9;>gbp"b,>a9<iW0ZZm(b"X5d.,p_[p[\npJ[oJAf59T4kj*.bahXe2AQQ#T#s32]>-6)5]+CQ6KMGm&\-J]b&fVcS+/ +%GRE^^pZ`q-KWVP,@'Yh'H=/,#a^iasR%"#,>(Wq";G#/Cg4Q5QV?%?rp!@0bMFsb6mUh/MOfI*=SP$q.p4Vn-R,SiB5ZE')"(=.) +%8p2+50bpe[S>k(QEpl&W\_/@A+_\2\Dht,)'t0LI>f<lEc"2Ya+ZGb$+CJZ9@?E2@(Oa"%m8?A)%O!\@Ct+>Y>`%rD0HT<:)U(J/ +%I#h"t/<"J5p3;2;NKiJbm85:S5hl$ZDR&09nfEdC@Qf+>;UUR7:o0u=VIh(oe_`us%%"!gIdC-gfj!'0fH[36Qo2:h7JBE`N*gZn +%A;R-dMK;lZE=9KmhQ*J$X_f6s8Lm`W[oC'+Bq[EG*#nll##9e[jjUfO\N68=,7+D([hUJUB'+din$+,WUK(FN-e_;WV9M0nW5QhM +%%<7LY#a*f;(3F<.]UbMWJ"ClKX&St86C\OMert;Wj!rO\XZCBFWGqQu1`;b)6ai]TdI'\\;jei.]3/acOh?Nj.KgiW-u8:7=<Y$$ +%fqP5[M@9W;J@]'q/e`Gl:j1TN&Z7WZ\q./i5Qa]+Wjc^_U@tf$K='9r>3_%iKWF"C:t`)SmZ^Fq;?N)f\[BhsQ'3`%Ki8qiS&UVh +%Qc;XgX1^5h^N-S=84P-dfO/PfUT61LX@=+fj@j>`2OXY<h[Gl9#tb8U@Pblr3:3c.'>ukq)CE1YULNlKXkIEG0@OH]j:Tj1P/t%" +%hBeSQf.5++^l(r6-PcB@M==c?V#Fh;rXoNC"nVS.Z^144Cb/<pHETZ''tFRMFMn'3MUXSs&P\-nQ-#k"S/SgY'#iO+BCA^ZA-R+E +%itQqp$+@*jr2l)&M^p6uo/Kbs`83>&o\;ZePWRCpW!t#3L<5QELKaLE@3fM4=$BW`gUX>oTiG`&*0gPD`TiORAK?aFAei9Cg;rY` +%*cf(.41il/;FOIQ1VZ8]8--1dp(!@HUKb$:X<kJs_)U+6#T,^0^mX\t'm4G5HKA<e'_(<ZKCXK5-($_hG:eM`KTETG0XJJ>>G]6a +%,k?ba]I_-;'@p/QmR`\b@<a9@GE%kPODI;%e)tEg#W9NH%BC5M2K/gKmVAja:uMgFGn"(aUW.%b#t.fj*ig*8W,8UTWrQ_<4kZcF +%S&d<!QX15pTeYaAk<T[Gq(oY&E/?;,YUJi2+\Fh=%$`U:@I)i'BGJt5NKHbQTF\R'*nk?3.]DSNIe445&kB#tOs]3d)Ok3cn4/DV +%kA,T504>uZ2dKNTIZ9dnd[7Of2?R&XorsJm08$"SCZ:YcEY=ceQ3M;Q)\+ZdSLIT+^/85g+b;r7*T.M3<4WHL"%-DgkN!j-p,"!c +%W2l9=Q4u&0.9g,"3;s#=PtQa$jK`7<V!+r1#obnZLrK_1h?I&.2ET\p=Vt+W<K4duCZr3&]cR6K*XQ1PX=>[bH!25F!g4LE9%p') +%8JSBRBghAYe^>cX%]WXa)`iKmO@Be1NP^*0)C`?rlsq633:LSqe$1OTQUkAiN(?THTHb3&b6)`=9eer:Y;3&.]""_U!.f';G_TH\ +%s,>?/Zbb>AC/W@/Z$%&TDM>7.ge/%`[3p4.$26GFX##Q:_SgU5.6<h%<#8Bpb\8!t]WAEbRr!a96@j$*Q'3`:%Z@_Y?R'ecQiKW( +%l@S=-J@2#Pm%/\i?QBFn9W0O@?-!"Sb*=+h`eD5P,Qhu0>1WB)bq[q/2Kkui@J9t+&NS.$-k^j4;3M7&'KVf!5d?/+;n@#r\n3(g +%J]i^`*LSrq?ilG!Rt;$5c&pA?c%)/O\%LZ52&rg-YAkqoQr_@0m4X^uBQZ->b"DJJJA>c<#/+D7)6+)06t9QXK*oai,P_^?o27%t +%#H!;,G?MWuVq7Ec047;*:-:'2!'K'%aFhCkZ[h;\lY6h,/%bi:7rd3dkW)b?iBbJD83KX]1iCEW'gadJW30V`^/EKK6R1euNcFBX +%7V^So:b=4HN<CV1f<4LRQ3C^@Z=W?lgXAd0TOp^@X[KEBR62;I[c2SW)j?9r3.eCBW24!l(R8.JDU9A]D]=9hIGKPcf"t9s!9[se +%jBue\U#6O]6+_5dhQ%\%,J,H%%)l?uX/drD1)4FJOqV88C7O>3G=f#99&LL)H#W"jg%[TrM?>RT@\K^2D=5I1K<Z"Yn6NSJfK:)M +%i`848\!'m^9VkUGKmNfs[Z1C2mPT&#[Z3bf#9Kn:-?6g6+jrGuRSk`i<A#PpQ,t/Ir`8"j6htZ.T^6+2DYaHs_H;jOV[;$/!$??O +%2_s6$8m"^"C/S&gZ$`kY\9SeO3`H`98o_5+Ll@1SdQBT[\1fZWkZ1,g@%h3K#cKl/34CL4=,t'+OH<W*EPD%d,;L[^'kfq&G-oSh +%E4*JdQ=*>#.\+S'l!+HoGMfbI[%kHg='tUY<X7/9Z5]+[CApEjX,D8W'G"Nf'L8`b235bmF+99G-JLIh[S^@1BC_:5a42(6>%9pa +%7<'iU\b!<]-fS.nYZ,;@)C./Vi!*7D)_L1r!a(?r>Q@k13>SBkB"jju"0AKW)?oM`YrSc>GM#nhW(9pIq=)3^9_:k;UlK>8*,]BK +%:kbo5qPi//!ZnKjiA=,k8qB2F4UEKmo(AK7psB,Rb,o//jegL>,?#hU!;t3I*kkQ&U1k&=,c3%S8(OX-NF@.nnA[;nWEZL%m?Cg\ +%6"I6q/G1pp_K@&dRUQ6@+]5N]rEb$T'R3S&rGu5/EU"d98FLB\Ls<k&8p,+:XGlK'&Zs4TqWJm[Lt!$j.e?-2YXCfFQ!kl1WE>"8 +%1.d?AobtH%3d<MQYOsW<)&sk9.Q$ADp:Zbip6A/NBnVMLpast=Sni!$&u;?=/g]KS<W:]"mg,+X\ADo;j)+?(pJ"f3;EGDDm)&#g +%q6ds$$/G=#<B.'\=eUVHf^q$E@p1ZY/(37p`LZ3rWNr,OO4TW?qI)E9h$S#-Hck-O2pd0q]^U0XQDL^,c,=;->(YKN6n5HWA_u]; +%Ks93MA*cEW98+7ln\2%S2(+?k&L*i]9XO_Bd"^i"gb?:1A[E<mJp%Qe8l]?`V/.LS;4EO;?Q(6?\P,`;)!3TEV7,"<4P`]Y`W:EF +%M6-Ij!glf(5/Nsm+3VG2H-'!Sn<9<b!oVpQ`0:\,_o`Sa[c>;cd$`J(`GmgO'7$*iga8FBoW8s@;Tg]KLGc@=BiG_q2$BtH#?_JB +%#e%@-NW=SdL;r\3cEoT@b>X@Bcr3'P)d)Lq&`hb"SZA\l4!m\og&,Sq^&,FZ9CS%)PXSd!?Co=WFZ6$1qMl4.Cbp6VIDdEFdP3Z^ +%U^f"L_h@.Vl])=l`V^;"^K*=g-[2(b9Yo@-on*aDRmk1hlUW#887"u(5-0j'kftJtTH$epkfg:4):6AY0p?TkF]Udu6Zf@j:Mucd +%;M]=`>fFF&Z:[.p>cSR*0Z,qlVm^os(eC/ZO?D5d(l[NG&(1IBXH1+LG@5%^PT,)*OkkXmN:Q[uW`s;]rK9PNB.VZSoUj?:bI`0D +%"2eIG#&AX`.:3K+SSrE($YuM5\p%=#@OOICGFf)p3L)-j:EP,%nDS4OmIV%um)Sso_uWttFf9c<XQ]cr91S+(+Ed&Cb19FG!"r3` +%FKQf2=*X_Qh`O]5S,/j3hc[Dpkqk"e<IKAl!j^RafO'Q9G&PBu5B56$=n`&!)4BbJs5`dT\U($k:PH#k)nRD`W>Z@Zii@$E2,UaL +%iXR&+\"Be`?JM8u;@lMR@fm2lIRrlp%<<<PN>F5!W<5st(%7(e"$%H#@c;qrjpMd<MK;9JifP;QUGd_IpA.7MDl_WH6f^Lq&u?=* +%*X6E.Qldogj)jJ`DE'.`$k0(Jotthm!I7HimN4:S-BLTcBPhTSgjIa?^<FTb):;uN)5W11f4tR,p[D6Sc.+cqXSC4a]Hro&=rK[M +%5]]GfFsJo<(Hu[Q#r9Gr?T"#TL`8eO.`d,XgkL*-Z<Kj\.AF'O58kbl)E.Eq$UZ9%P#;1QiN&E099(=H^g_#%YnZF<'hbSA`=L5H +%=i-'6eR^P<Ba$#B(TlW<DU.s$`79)rG/C7*W!4q\5t9r>:dfA71ol1K\LLd6P=9$t?QJ=l^uGXVc($</Y%Y,to3N#&G7$R(24kjf +%NHDUH=JY'&+\jU0Z0Yegl4[k:'9OJ(Cr6deoooiL_,#UeH0kC:`on`C6[an""\!8RK^*m2?=kABi?5ZR5l9fr%;H]ICSQT+rn_.G +%^sIB"^?k-Mjc_""c'[j+eQ"Nu+M]ar.a.m!aT??;D9RF;MN:I?-jfW]-&1hdUP3u9,MTXA*(J\;4WT!be$`e6)n$M>0kW@i8)jRQ +%hpfsR6gX@Z6H;!+J![3Gp[km/2+SrTS#]]i&pOjS@jG1RR_F$Xl530!AiSjr1%#>bY;)0f(*SlnfMZ,VAn*TX1;+MZ9Le9*9R8PV +%\"Fr&3p8pG#.H<Z8k67Z4.HY'V#u:LY[n]K*F(ab^,)RRBUVD2?>*?J2)Z*d&QIYb;^r&L-c634YA9,)M`+aeE-"Gj)'Z1Dm09Ep +%lMt=e<L.q]GT/?e$5._2f[qJE>kLX\df+SiNYVm]28AD\cIg+H.LV[j]fkp!`2hX,W8,Gf<YCL^44:>:hKUU\6EeJ2/rq\fqrIl( +%IH^@(]>?3X+l"Rr`)&8iBlt*p,-E?,Fs)GT:Q-4?@CRiP5hY)+&LB\'7)KS)*a.qq,5i<0,062IeJ>[C``<A%>dQ*2OfXR>3fHTs +%gTF_aI][JeCY#=uf33lqrY1%7)?h.4%!h7CN'YLB5cHY#j:^iV.<Mae].,m+LQH^KKG(#'qRL-s43SGRna_,8)bB%`^jDY)FT(8@ +%0tXGGlE=/\b+aWY3]D)B-+cu/h+Jea^a=5AZIrDk[F/t"0gj6k8HbbTj&*uPeqVY+aX&6o2RdQj?.p,UDK?QFA2t[U6F&0FYu]L] +%Wf#C[Yo90R61cki*XHS/@?3h=W>)q6E'6Trb%bT[TYVj;7aeDfP)+$S-Y>f`h#aWnlp-8&b=..VX@1>QJ[?P)@mC4*Mf=NQHh,1p +%7cWCVdc@Z!+X`'YCNfjEA,_eUf8rPB?;mcfB*YJo=jI0BO\.HK<_W\:k+;(*f*']M,!E3E<+s\rKD7Y*JjCuq'Q3Y5@F`7SRb"Er +%.lS:3ohO(@jeR4!Mr[>gMTI,U@jG?8eZlIP06YV0ik!CffELX?.moi/DXagM9$%O9]s3e7j`.HY'<:gHR=b*&Lur73,-7SS3(og3 +%(52gJTV<W>kqsU1dPp.U_Ed?FMlLpK:BNhkh&E@*ocrk<S)N=@Jpm$@M"f$3O,CU$XZX`I%]DE,"Bi*O=,_%7^YS76dF)_'>%rX< +%=rTT`-YbNi[R,8ilkE)jG2nan/tP(j$]mhL0'kq.C>!34H\qu/1$<;5ZKjr$HUhARWDKu+Z3!^tE7=MCfRCjff#]1j.,Ogb2U<13 +%#;d<od0qmHKT;0OB(@<cOh0kh>uWa_fb?M?TCqkoMQ2YY`u3YA<H-*%Cd0/(L#Fq0%-Ksl<I)PuAr:mi1=Tde73/+>[2FrmLE^^h +%1$<-1-n86%r_NpK8dKiMnr85S="?WW4@&ktL]^=?Ipj@=PF2uK\Y(0u5ZW%q,M-bN[G?Tf#Yf*i));>>Ai5H,]8hf#7;Bdljt\B( +%>..;[!2'cYBkP^7G;^)&.^QNL%GC],8_a4.RA1c0F5[!WZ"dLM_IBKK.(gjmhiknXdnFJ;R,fVNH/-s<-)S'hD1LJNn+P"*.J38l +%kcOV[3`*Os'R0<0mDu>"0EB'!U6f,0g,0S`?E_`;%]WprLkmMH2'(C:l4M2&BOaYNXK-=Md6*e+*I[7`*b''CYC,,[\9[blEDJN6 +%RJt]/HGFa%$[0/6*k`dF%bMF5266?-2Q)Q_+#i!jl*.gcb-9K'^TuN6+tatO6F#c+qB9>([?9#)E18X!j$r&Qri,!kFAGP9PA*4S +%kRs(&6(mOKN#K!.hAB.La2+du*]>lTVhsMm"'P(HqZAHhH_\QP]Z#IU)VZCr>?op>?CaY##=uEao'r&kGOoDE&n\\A"E!D`/qSu> +%*48,T$it]H-&dH"5JLcPkU-isq04gG;UdDG<E5]43!kS#^C1;.=.%\[?fquQV4/Bu6G*]7YBZBZ,Sa*;+[`B4RdmPo6PUX`<_"D& +%N1_=KA:W*A/j?JL<eAV4>b@HYY-SVhmnZ@\2O$>X:nc_4d!Y7+!)OufW[pIGeK$D`,-YZFo*,Y%<V0u_dQdu"h11eh^Zb6^Uc"NE +%8eYnaqbZE#S3mmWlQdH>(,N!me*6B^ckrd(6(j$,,+ru<F.\.XR]$\0'eSQ>794R,[W5C>4g`+:%*6M'UU+@D`R)WD5cYWi&QXC< +%P=:D'EuN#67gTN*cr8XVl8o<o9^b5_9ZnUn)Hl[5'a+sr?R]QXYHOtQG2*tWUr0]"B/[)CFaspGY$/IdbUmdM?(3-*,>Sd5dW_NY +%`![ns7dQ/?iG,M5j\SPDg32(D6[G1f@iiZ/Oo,fh=^7*.%b-%d9U6$j7_Yrl#deSd-Jli'%p,W"_cfT$hC*'Kd3_sclXp9o#$Y;G +%g)$e2.ekp@A$I6d("bY4eU90.41nW2,<R7J6n%u!ccBJuF0&!8X%i3./Q?B=VUI-5[ZjTcJ34VujiB&thOJU_$dWXGj7@Wc>B@s: +%2^4TGOI+/m#rr0AfT.201I65rm1-R]c;f#<23(<E\e:MR_,sdKO0%q1oSMs+YC>,qUWMj[&"<4NB0dd4\!D)6P"C!Z'ASJZ7$WFo +%L/[AlVbK1gCVP>B>?4`O1@_WKec)pu%.?a4B+l/<;SGj^@^jNnH4E4i<CX*ZX7R_`2c=a2@XWP4K77@!qt@UE%qgQ\SWn3HrFqO7 +%=1G#^YSQ']N!OGV0#J8<UJr5t7^iuNi2j*L7KY3+Q414#&%jq[aCuZW47BQ::tqj''4_;/0",7!>+iblmpc30g?@:=NpC\<SQuQa +%R<GC>p)V)T'=t2Z"h#1#m61(c)k?B&]&2pdSU:Kr_V$u/b?$XhZk!l[_P@FRgptfDB\/9M1\>F)O`_)!_^4<S\-B7E1fEd*D^K<K +%<L$m\:VYS-A8)Lmerb6Nk+/cX'/-//H-p>"N'(Dbqr0Mj!M\fC4g3Oh]kK+&Cf)YJk!:BC8p7KL5+u$og*7j0gr+sm3GIf$DFLG[ +%WmK;hfj9'e\#nNEP^e,MrRYt:kHi2fT=t+!PLj0trO2.HmsXNn2g=`'s/d.+*a_)/o[ObMIsUjq++Nk1(O&ZY5(2tG]AGZPqHM!i +%NrT.,h`Um2YDn&0adY4B?@VrE?bC[[g#k#;n($amrq,k2?bL]t?11!1A,kJ25QCAf?TnAWeP#i;#;:Pug#m$ok79fSd?!2?IJ:u6 +%YJ9lagqA48kG+Y6qr7CC5<AdRs7_^ikq3r6Pl9?,?QC/:E;[VGhSm+!hj(flhgOtjiU0Y?bO7PL;a!C'ZPj4je$FB4%hp;P8ler\ +%H`_&O-=*@gF:ldPe^aZ`iA@u&@et<"goN(&I'm@.PLn#pA$;s-R9\)8iRshC[iX.\A$\_]%J>)0h*FcroMb'j3Or-'j)c)8ae.'5 +%29,\8!N1hp#ocVaYDYE%bFs^Q"<VO->41e?Z@(hAb2[9/j-t8]IJ;"PcT_BVh)c^+nG_J.(Jiq6p#ZpuG$A_Omerb!YPpW0Nq75H +%rVl=Oi@s!RIP/AbN4^b0ci<7bgrE0"Xi8+GB*3"MFZ4,ae9fNM@I;[89M^_I;7B$?5R,l0F^%D<Pd""bg_MZnCJh<5BAg,PY?gn1 +%NI(O3*hRlM6iXSYq!mkWht]@+J,[R=Mbiejo_ObI5C7Bd$8HoA(IY>hqsP&EoLr4t%MN4Loq)2X1W=8<VoK$<c[L*ih%)\op6Ntd +%U]4SBVD!$13aUb75P"Z"V#S.\Gk'C8NaTZQLUtoIW^EL$43+aP6pRnX)LZK+=0FM/2U99u+s""qClZs#_*Ck`jq!_V9<;g,>B[@Y +%L\20Z@$SabiQ+r5:V\$>hYgItWu[`WR]9k7N@]FE/lX6Y7\qUqV7P*f7gJ*",_>>Ne%$9Z<3lL0"`#S+'f3Hk?ns&iD2Y&im,g,o +%;4[/$%sVT2:-_*G@F@k#*'un=ei8)2d67Ffk5HWVFdpL4Z:LPpHA0q+_Au@<DOg@H"GXrtW*p[r%-(1T<*2PIJPn9@D'&ht;IUH) +%j<YFC,>#M-/L;&)W2K>9P7S&3;;9$3n!0/F)^uT%;AfRr)V*aWcE/MG#!a-E;)p)Rc0/>T@&ksrV`_C2)Q`$-d$G=u<^]>To#M_^ +%nOSS^OX"C;I#(f5.A]uE#h:b\F4k3W$m;s4W5dgR_22T[h)LhP*?15==$C!_K$sM4$<\o-KGppH,*L?5-cm:7?HZTgZ8)MKgh]t3 +%F((2aG9;+BmK\=TNuC<ppqLBeV1Q4c<;]idTi+QQh-]<g"MJHr"l`VPlrpCkN"0JbY$P6f#W>b`Zl+BI5t73h(nfJN`<-aFJg +%X'jIs,mV(C.@\Ci)kib`P>k8r:8s+24,2rO$j)6=d!fe9V%VlH93q6d?JCXEpD/>_<Lf+D)Ds@]]L*nXP7Hm(X#jK=6tsq%<cm)^ +%`Y2eG5gbd;0[D>u5)>U2K1VP@&g>jICjg/fTBiP#gs0p"2N)j%('_@[R'Z=Ng"j3-Lq*ic/ERuaBOfsD*=`Y6C9<q,1o:T5&boG5 +%VS(`>.M`1ml\]%i3m<E"39Z(eI7.SEgDsGs3=$[`6.ZJk2L04ZI@+r`H6:bLKD/NMgq(_?Z%H1u]fT/#5AiQ9ZZLp[Y1KB&qu_/f +%$=)\:is6p<Pjfo.Fed%\EsNsW<Sa-9a=)X7"cX4lO![l+NG<fZ#XJXt]I?=lKo215"4`s*99&kOd<FG9e(0_+e_;tQIuQL7Dj&1t +%D![XkG)"Y"G"g58RUN!=-'P;3S2&`bf##q;8%uJON63!(U'\h4Bp2)c8I/Q/(R*_$\4q(p5f0L1=(b`2M`'sX^VgUleZlm1]9)u7 +%M\s1=MY3EmW.;?tA'PO?_u0eo5%d'9CAFOgkLN<mqKt.Gf['#]iFKTIHa6*;K.F+k(MXp+X$R<7E+92OMX.Y+`:E"8<r+/-)f'[@ +%"aaGC!t_<X[imbqRpXT3D#O"^9q_U#r'KLq])J'cV'jTI07SSuA)ALVh:5$,hGI6B]_1mq,AsW`,jd[Y!6n`XZ*1k.l@%H0CDL]0 +%<TVloHh!o%CknDV[VJYMWEnr^nq3p$o6DI_4,&4R-\n!]bfOp<RJ1<@=.W$H9#MG(?K[XtoM`GCg;sk[hTfc/KC8J4o^.]<XtH&B +%T?#c"d;GKP(N[m7qSq>s4UWT3P6KX+@D^$QfiV9bmqb*$?E%J7)*H<)UFK.^PFI?u"t0iXCdfd*ClFRs2*nHg1<hWg9f$TEj<Q&h +%j#ENVQBR4SqbYdMXL.]<QrGgL79"-$V`66),.e_l&g"Ffd0l.=_P8IAYo1?WIba8B<0gp)/2muQnRNs[3AeXmPA*1P%<h8NXJkO' +%]N>&EVL7S99Wc9jB=C140ptUuc,UCiAsR^c848"MB^t2q87KgNoI_+(\YbC,G)Kn<5gP;tPiQo$20*lLVUkAJ3bO:CK87,sl,?L4 +%]c^Kb:OJ"Fs1pc>1Xoh[\:_lBjGaOW,gR5b\?J/k_2]e^nj[7>jmIik3qk`;4^E@#VN8@b`6*X5ijB"C/&tq=qV/<qN;.Mdb`s9R +%p1lmAm\uA^1\G_nZ8,'Q8p-*4OqH+8<nNH/UN9r#)OUfd"mlP<s2nNiH`O:uaho)D@RLgD78-*5jEM$(.'_cjk;^Xafo'hjQ'#q$ +%Lgdb0NfZZG_-GA/AWA<#@RIFA+aq!I8^`FiY_Sb2Upe?5HqHF.]!Xu5A4JHkPqDF#KTq1<AQtC8C2tr!@qsGZ)6%-<9c@1%\4,\Y +%Gq`-OW1F3.6Qm21`W*;"OtC.$(0Urqn;&Z"j5AH'KtOp96(Vtk$nfS<`g*cPON\7afDS4/j`/W<hMHs[S#iYcG!1k#)K#AHX-Q-. +%*ZZ;C?&.Hd+iV[noBRph26A%sZATCCDTeb6(2b]JnNgd@=#/5@fkMkCPpuO!;!*$DMq><jg94L0W.a4r8)iUjW6t8q$$U*Cqa/<3 +%-R>tX"N;b"Lc!`8XAJN$Y@;nUWXm9IOCW9LB8=Ga,P[cMFr&<>!X/*S1m`'_Me(F5^0P2\eC(V-%m^9]i9At'j/OKpgElQ+n_<AD +%J#:rq1nqG-^97\:l/IqhV"P#UZnhk+!EuSjoF\SuXFAsX!N)[hbK8,;Yp%N4im(;V07uF[o9$)*+PYJuXdfi%-h@$^q7R6\l:6sU +%2%&q`3n*s;&X-$:$4_Lj]Q]#,_01W64&sl!c#tet&J`+c(%>pnlkI?U\Il;-oP.PO0M-B=FCDt`JEknoJ@/m[;9f2c;$ZLFabWjB +%ZP5>[$mq<u9K=UTN&+I%FQ-AhEZ2V"D&WP2T5"GeCig=f'u_sJ@8Nt5f4N4:q'cSqP&n7/g8i]50=+]%=m+RpJ.X=E?BPH'\L`PC +%^^c]N/bRd[n$>hG]?@79EV%_jd,DO,"U-k\F1uX<eGs+2cU+4.]RFl[T.rd#nOB,I&/Q?[NK@:DToNrrrDT`76dt\NY$5"%&nUZC +%Cmu,$3uIP=LM;"/>fgo4bjOumZG&,=NF^]#FE_]"3f9of&9,6L74^K\*;m.W&1u(nPOq4842LLH:nWGU5O'Io8>SS69-$WF$n.?W +%o?S@%ePteS)LKRC_&!)7@oZp!qW6NtVcnJ&,cl=I]G_3Ak+<G\Uaa:"MH->==cuD+MY`PAf+pVlOLBasW<0grQ(pA&66`>1"g9=[ +%cMW3uaA\+(iR4(?/+"Ic4el(>$S^3VI&0PYqstb.^1BtGT@jX=R$n97Zifa0LZRmJRR[u`pZE+^kE(',/c`lKTJg,2'"(Rd]_>5H +%7IM\3V`%rI=6"lAn&?p&h9i82U$cud_T'O6mLpQ,.L*ND@B?5cOB#<C_Tr!">\0L1@&p_KT1:4;_r[u+SK?s@P^mip(Jf\Bl`4[= +%@/&nWB@l')ND&<kC).S*5J:t>k>*U\Oo28&`45h]eYR+f?_:">>cd&J1:,`CD]*\i_tGr6ise"uHVTd8J#.b`XF*/-2]YKQ.^NLg +%;ZHn[EN^2nJYW9lhY7a9fuAH$gQ3c:![V]^@Ek%ojn@gC_L45q'U%%U\HsFM2d&pTDEID]B5UrJb'dT4oIEeM*=FBo\fDnD!IJhA +%XE<iQ33Bj]G)WOSnAV*!8u/6Y$-=:5IGfpWTY-^u1\9[e]4`M@m'\(;<B-Lb(/8Gf9(QTLLLLTmPJb=fV3&PX_HZKHF5Q0<6^E,+ +%O]G6U_F@]Hpru93\baQ?>+,<s)en722B-?R"u[E7i<q9>eqHTGCts_KfW=$8Ek&?E(F3IrZkmsrZcO$5ibZC`>fLCC0*K=9$PqOX +%_M;7OONhoO.$E\%/]c%f6actES,9Xe/=WEDJ1h^ViI]0f:?2K+D!pG;hcr.=$`p\FZ4#6i3P>e'FQ"DsaO''G06#>$H7p\pKqlA4 +%9:K/#&5LFK?Z;s%@)9]TXiS?\=`"1q"j+=]="F@'(>N"gY:U0gJ706[P6E2c67`L_k+S/r9tL\cCe1uLjOl5*.ibo>jNbT:%8XH" +%9cNY@"f338G7J"tLqXVjg9?&W/@H]*:ZU:MXO%&eBE[A,(SL4uk-/[$>=`;.kcir5>Ynpj:KKc.JS0qSqBkcQ/$m_E*?L0pMUIac +%LQ)1qY81ZjRK\`)+"J4kP[80UYf'?";#5LB,e,@jh7UJ<a*%+mj)9hF<up&F6,c'jOol*531Vq$S@^GuL-W/8htt9,J65]IklQg3 +%\hD9^nFZs,1JD$F-_MiIT*n3Rq*psJDBCaVas8"mG5I@XQ,n=B06K`<YA?bSAtP*:s#8b!h#T;#Q`N]>&R+3#Z24a@+TDU#1j;8U +%CPi&h>=($2(O,I'pkBT#=!1"u\?TI>jiFkg#X=kJd`H)mPc*-n5j8iZQCLbJXk2a$fR/L/..u8S^2bgc]\t2h<=*.BXt'Prd*3Ng +%]m?6>::)f),V84Vcdpe/$m'CMT#`VB$ZW5?Bp<:/4.U<02^?F!Q\gHLHhr(EqHQ<kZY=-q%$IYs6hFJP841#$Gn^'VHd'g#-m\.( +%fhL=3ZA!!!5iMg.0u$g#0tD=K9a04p''mZ$LoA:8"Ik@cS0a^e2'aN+GV0Q7aIC6r@WatS;nLS#=]ak%\<$S87D,^1->JUCRiJ-[ +%Ib\P]cAU+%d6igDUZeoT&Pj`XF=;"?0\LWrD=V_WFr%;`7J4Z''Pb9>A'UTedG8*aaF9K/kb+'hG1ICJX1S_m9qL??[QAf3/*AQ( +%Q)eXUNm1dr+ASbQ>is!:C)eIZ^E\7b#npk_PZH*?dp>@Y=1>HlU'+g:ErX:kqrAd9Xii.1k_=Tg;*bW<TtSIN+M!atG#.8iK`I5( +%o#U)2iklp5lA!pn]`8lc3q/S-R=*H\Wkej]o1&Gc'^8AE03Tu$*kYB28FfJ8YUB^/2O;7dV@"fHBdeVYE?,qLj'3RON;UefUoh:_ +%0;fgY%;D4j>Xkkt5IuTG")m&9IZNcc")&nkUnrS_6H3P^V=UZ;i7\D1KG<$kM><Fm<:(W(VUn9I%3q9URR_K(oT9Cf;n;`V`h4MH +%L(%h=LZgu(H%kSG?#4^5hFJf9:*=DS`*2DMJ>sPVZP#OTVu\HiQQuAc]WkjI'@E7J^=30'i!Pa<$]JoX0sYC6Sre@$^6g)@L-q8& +%GHp&a)?%/-K-e#r>j[&\q&lTA5o3CZ,Z)Y9M-b![!nYdR3^cOj+u_P@_b[Qr]bFd4[oeh#&G'?dBI!hN7H\O"\rHY();r6A`K#B* +%1f+:RL&Ih=O(co&H@jteX4,mp5bG]+dYM0l,cNaTrSir_(a5f4IsE"1/Y:pna!,g"NePmS,pc"@KR!CR)cfXZ]i55'0W0UVYgR^j +%!Q[al..I`N43cYF0?OS2lI5=;\rZ5*2/+lE>@0cRQM0Ru)9U)AQ&@dn=kQ:'NjGF#nlB>L]M@s2)nWltXpj#%F4aRVC%r`+SCIIa +%(],dVZ$O=EXt%1^hEe:Z*Y=4YRZj69k\,X:e/YC8?W*IYHI9p[4p6*(8XS3LVmoK]o,J%1bN,dt)mT"bD=%#\8Q).m:HlbXKCdN_ +%aOri,<DW80><eVa>cG^B>L"+Pp8StZjD,mDd?Jo5SSFDBqr)B4"alHuW0\Y3)eg!khoL85NVXHqTpC`3m$'T+_'LF<U_QAJ9P3L) +%'W5$sH)#eD#5%n4+=bC(>aSso^_i.t_o6g7@o1J%h:6B/[s5ngDN"07g/<BV(--5JS_tWJF0ir)Ledj'nK>p7/+n9V>B*knma+JT +%6!%QGj57mK)ng6AMn:t+iW,DX:<euHW%KB$TL+GDTtlp3XZAbP8ld`U2V_#8=WeAl[_,_4(pfue,)IH%m(4lj%%.e;Tk5C@'Fk`. +%G]=u*>n3kNd6Co?cc8'IFL,&h-P_ec9[JqN5)EN9$L3)q7];Fo1g[kQ3&AAP+uI]h]t6X/#'6*q%m,ZVe_W<>$T_YMa*s4b@-8kM +%/PrY[f:&k@@_jOpm^(dsoR1;.2=,k%i8-Jh)nJlo`%1aO9db[TQeI;W4c9]S,Pu;\=$p6JaS@GAYbUM:Q*jkP$=RtROu^6Li!JO` +%Ks8];[Pn2'e_G[4[R;!87)n;t9Z$s/Bh-u:bB=32)L(sJ?"Y0$h;,`'o0$![#Z8B[O-Hl:cEF"q`f-9n?dRW#Zg3]h@--Xan#%=@ +%(b?o8$f+u8%d&>\RiN$?_r*Hi+P@=BAA5lo0CEf851$,3?Z-Nk^e4^0A[lqF%H\EC^6i@k@rj`=9,Md%`W6f)Mb`#FGp0qUZCc'A +%3rs6&iNj?i>fZ4!5i0s!hS+?[$Tq](s#)"f/]d@G(U/7\*iRX_CbKZ7aM/?FYs#*U=FA!QSq,RC$.WkXoBWEB!4d6!kB5+[<_\0_ +%Xa@&tPZ><"<q:5g/?j-?<;4muo9s)0'Tu)&#k9beo?PZ4o*SQHXQ+mmYkDS<i_;:7pZ?=_mh*3;"8)la*a>B&r&,MM6]j\+O!eFp +%P(]>%i^RHa]L>?5Dbsu,)a3RPf>(tYg3"%BIJ!U][Vb'=\;g)CjuSV5<7^P]O!tjg4:L(U-j.<e$mFn%'TphV.+ai0ge'+@34_0g +%+7DD300i!*5[^2efMsf^=o::PDrYY3OQJ;:'PEgJa4V"!M,(r`XFuO#EU"M*\N8kuQL-#!i6p&r+Rm([;S,Xh=iMuQFfQa,(7iKm +%2nDIi5jXO252XFUo8q)cAKK.E*.a)9\7+M-P38h?>oJfLT&2nJ<`Fin$aUcq\tni%gNLUE!V!YeKpQ80(-o)oNmWW<pd#/B?erdt +%=,'h6A`m8;6*V&4ck.^\!9f(uWS7.KT]Su/aG-XI6dW"<DmfX(dekVXas.H+ZJh8FX#j`RY4(E;H06m_#HDA,]5]/'cj1%jlKh<^ +%OpJ0gA#ob!UoAkZ)T]oU05)`!pBf;tj:Ek_gek2!4elgm9)q%bU3"Ge^(Mi\2mM6^b=N/h23u1B7XH-1)@9K9Q#e8k\JB2u[^D=n +%-pBNj5irtpOedYn$imX(>7n'JnZc^PD-=C'duE]+Bi7?(hPFZ93eqa7gC6!pgS&\gKSfS?jJb\i_le2i8Kp)#Vqk,g'*3tunk_]g +%*he>uI.t'roQW7FaU5XI!F44jKA.uTHsV1U5n!_Y;I(ZGNmKNtG%&`[G[p#04Z09)[?\0Jo,AQqAR1%9@gK0olhe1e;gX[^=L",Z +%$*?1m%-[o2TJ_8K.e=.8o&'CtQ)@f'gkNTsUQE0HXXB4(;rM?cf(7[pGL>s=*U8)[U=OXLP@H\gmG\VZo@KRn]@_T06MPH6[^SN[ +%h?oVX7KU8?[@65n^9)%T'm!;+2K2g,Q"W*opH$1(3#Jgej.+po?BnX&Q1tKrA?3G,cS\KT[Mfo&cd.u\W^hd\e$4+ZM;2Mj^P]9` +%'2nl/**)?udPL)-Ca'm-q>cqoh2C#Ih]jo;(Y43#e(9`;R$$Q<5!2rDBmQC\hEYt8<7?9`8c92&XUmmV29DG(E0O?eV:`KdgOd'N +%L>&L>OrT@(E?f*M!l,;Q\JEtp(8CNN,joU(@:W>64CQ/rPaV>e)hC=gKR#-``u-&1PdOuTmkItt:6C0s$tQo%Ho8d[D;53?!5:c5 +%H@]aQE$<8+G.cr[3)(#OC-g#&2F<ED_%DH'T:gpa,_W&JX&($gmNZ,K;3S[,/^pg1klbP0\;TYna<=.ILXqIA6nhZrRhb6Kf/sL& +%R*IC%Ks,\/&KR[D;EH7=:LQt>eTUcA*Xk+4&'S[KHZN8J#bm7Sf[oN-QGKn52];.tjYRi_eqtTBfk.NBi`q8f]-&*]1d[Q^A3J@m +%9iA1KI:IB+jrhj$]S)O,o!tsmA%Thlr3o0lG,1eO,'HYR7kN$%c4`/h`!dPc7RMK@Nm\Y$d@XV8eOu=k)R$^#90*dZK^Rollo<Aj +%p3>p'AlJ=#n`s7P0AcX%`>:a#;=fs@2u\tn]HU:31>I8i*<FLm%I::U.-4IAW+!\U-!&L=.9?'0jYIPl<m^^T`mrJ:aW.?)>clD\ +%bG.V]n?>^n)<G(^K)oc40c-$ipI6I=Y,9E<l6f<b'fCB?=dbR4`gj.P6KU=deZ<snd':,.3lAkk0Mt5n@YS&CK1bGl9-Ze1O?Bus +%>_G3Kr-UUa,JR(je7#Tl;(r3r[/b'<R_-q9SI+e$0RB+<Zm@Jfm5Bak%%KB"#&'/fQ6`u=5,Z]iX9u]aNJVWV#n.`aI7q\>@Z;NI +%Rbc#lc%:I)#LMW[a`jl"Ca'f__Sg8-@r=#?Dpj>="+YD][;Jo..@n-,3Z0aT5"h]>:oYq[R*M]@I0lG15ZIklK8g69R)f?'"Nnkg +%p!!c_=LZ$e0IBf*8**LInM!EN)Q-60,98G60#EWfITgb!Tn60/"Wi[t?D<n!?qlXB?@CES77Ck_VZ;PT"\1i58c3!NXpm_epL3/h +%WU.X<"sq%h(56A5Su1"825A@o*lU.[6;8*4/a!E[hgFmNI]=nM;?>ATT-%b"Ec;%GrQZ+[P%9b?*pT)^/EW%"#Z7n-7DUH.>@dIL +%A7A/f(R#<t8:p,@f1&C7h&CO8(rE8e]2@Gh&p*lH+b*i;eInhdBek3l_30d/DgFA]@5I32cA\3ZY(ZNPQh3=d7&7Z-7butgpUtQ` +%%Os7I.*8#G3[;?moU[4f@_WF_f3qZZ/qD=WX7auK^UK:lC\pTp#VL$f#ul`s/V$o5b*N<XV%Ap1!`R-k&N-q)Uk6QWDo<mLEXd;L +%WMYT^C#B#T?e\Z7i_hCmH/#"IZ?3d9"FRPZ_r%Q\B%k:&ge2Q9Ml7i6po3K8<'MU^9!)0j_>(>6pWj@CNrClnH*L\KXg5RadmPKc +%X]/$eBItEI)PBP!0u&?ERtkfk4d_[81WCI4qdql@-AMiX6?U-(q(P[ZAsD%Y<]34PG_p<+fH%F-L_Nege[Q-omn`8tFma(4WdrUh +%gqUeMkVLQ67T_#QQ?59aQ6dC:TWW,8J(\as%%iB6YOYm0p+n#P3g[j+,k4c,^`M46cuCSdj,6p%g[pCSh6R(jg.OqG0ZVbqbJ<OD +%dptl2LAg_o013Q>^Nh1o+$6fB0HQ9R`GgjpPf#:U(I/I+=Z+7>IAbV'+8k?U^$*<Ts!l`WLS7rf9fMJc"@gPVXr^eb-?&^re$D8! +%k4?Co\'<=pp4'i(mgid=q9Fo==0FhOVYaT_H/>(4Hf',=aieUPo&fUXInpO'kO3odpMk9Soq/mCrFB1f9b7-odoSb]nUpSN21KR= +%i4EpAHMQP*lXr-Y<Xd<85.u2kl!NHOP1X+0^VN$]MdcVA[m0]A:\::=h0U6VHM-jsSVPNTs2g0pD1]oF0;S;s2-k_$H_8!!n_<sX +%[B..7aj1Ior+J-?jLC-*5Q9no,&JK"-bU<F),PB-:*^"'R9Hl6p[@,3p>XJCf[W4c=8PY(:]**MGAR"\NrKJBdr4G,J*3"STD\Cg +%4I0`3p<g?urR_&Ks!Rj8htfB`lg+JRJ,=$ZXag*&q>,R+f>#%bqs2#efD`IelaQkgGJ<ShHqciun%UsT?iQRDlPk?N>CZMh?dDOH +%NV>[8hB.gYnE]kK^\2#^r7OkpnGE7-fC<)6IJE*rJ+`Anht\1>l>QU:bCB:OrXWrHS)=&\I]NJ(J+-86r."Nh++4U5ocO4mRt(!q +%J,)lirce@J?i=o.a+*^ts5K[LPLk<R)o(s9qWeZ1rmuYi0E:Sb^Z`H'TDGs>^]+iEia;[LJ,]2WNhnK1oRH^Ms6p!\O8nkJYPo.5 +%`j`_XZ[_u#s6Ronr(hh(5P8g\I.Z=pq>^C0s60?pq5aOpj)t=ps82ilB4(Z+fC2_Rp>1;r&,s'<j+%(+DuE:X"GYD(p\mDNhE+9/ +%.U<kjlHVP*k1k$jF(V9h`u+u>MB!Ad3M;'kP;>Fr,mPAAZ,th;-0Isa,_J?R&1"8X+AjCf8<tAh+d-mp1>T_DVR?.7)B."EkMA8s +%%rKn,pY'Ddpoa9Rn+6/g2/Z76?amrQju<(Mf4nk+);23morGgmTDf/spMAO6I0TF^@fECrqAn<G<l6P<\i+lU]7'c2or11T(B7a? +%>3df3)VVsg]Dgoqci$Z;j"J@jA@?>SigDptr65nE`6Z*m$6*]5.Pu%j\D58QhYH'$e0=ma"nahM;kE\t1hp.'E1XQ<k-n.]Z59X; +%qQp+oF77\]=6&,Oja$;Zs2u(hlkuQd#tn"ZYE_hc;q]=BAGbiqqBY4t1O<7#;MOHHJ+fnmX]%.Hg%T^jp<Pu'<CZ5qPtSdcH^.F3 +%Cq[i2dU(/`rdXeC++EXErP^<lX[Y`DP4^VLV`/I!Y@N3sT(od-rqrramo<E!)X5f#$ND94p3N!9mFsKNQe-QZgHWIJi\UW.F'_k\ +%B'gLJoXM'nQ]gfMp[6V4EksjZqUZP@GdH=<Djl8ZeZ)QKS=)',B_AqH*BC&sXh6^9ZYpS,]?$UocE#)lIn<1\Th<o"kqg?RWqTQZ +%kC3G3aU4m3a"i/DCmM,il;b)kZ1d3A?G:O4d$DXL2qi%Ydd'm*+6-p^eB6kBWgM1Cr3D;d2CtDdSc2*Y7pdk*W(#1(IYoNE\6^dj +%*FADTMP"3i4RS,uLC`iW4fdIeWHuYC.l?R^eZsM8%G#0M<iqQl_+n:EWh[9jGkU.]6XS+&=Zsa,mk:MAp$CSL=fHdtf[Elt3jgJ" +%WP0jl.Z@JVm+U:M(D!^=db[diHa,I27h*S?REl=NTlP8pep8^Iq7QXH%6r[jc+SIAc]UROT25GLXlIJoj8(UTT+U^3nN%PI/*/e/ +%<Z&77o_mS#h!7I2O)'p6/2,N<20%cC+g"B70gG+V;R9qHj&10P?n>>ubbh]WJp6&IEW*h7jHWZe)"QXuR3OI[k3$$rQ#"bnX,32+ +%n!1q3]o[m8=uWlrJY\q:[U\JQS3<TXhAJ^6ZXNTZ]cXPRX#=\4V;P@a2i`8?\6SUNV7TH)\7jI?N;ONUcW06eI/L4W7J"0ccE+_2 +%i*D]DIF9_CY#cMMq.Rn0)?&m_B7L_73+1J,8R5!Op&"'GQQ3ON]^"@A/Q4H38c&8=%MKU1><&l\V%c'Ll*=NS?*J_5O=GPS??5Ph +%PP:^W^L,AQH%T(p_4]ISQd$Dq,0r0'>-(.S:]FnAaq*5EH/)V>au:,hY&XL>NgVJ_`^PHYh'OfOFRdje2%&F7pj`08j<*i6T=8h' +%2_2m+:48!s\C9G)2hKAeH#2#mnk$U1SN2#qVk;6ReLJmOa?(!F9(ZH&j2d?'9*Q[)"BVF^?U5Fh>hV'5:!u0(7cV<,/RPb.poHT= +%a*nu8ZqC%!^@1^ij4i^>9%@_7CccS(Q/K":Sldp&WA'$@p\f(,WmBikA8qLr;c,n4D8>=i0&=0dm-?+&;S9+/n22S2#Of7th1E(l +%F%4"?HHfR+B(`GY?*!%#ec!Z5UNT\[rgt:Hp>Gr#,ASVOcTlDZcJ<mtkSZAs[XCt0iO>/RGG"TnL5i7s%t2N%_,J\XHfSPQH7_2q +%N7Ifl%t$++6/oaX@G%%/n6,K]YNqr2r:Y$Kae*GLB(LnZ*T%/:'DH%PJ,ZX68p!,?hfB[TlM3S9qNjqSX?!mF_Rt6aVp@.45<35t +%nu[95Cg&rsDKm<%h\*D/IsgLWaG7IaABL4EY\)ZS]mXdRpa.LUD"Ve81NMrT>1G_6]3_R!@,[E(8+pkgebS#T2/2s^oW&.j#$mY5 +%X+%hmD]\pn@[$"(HbIZo4"nB^jZYZ5Gte.Kla3.qiS_fkqcAc8%*[TSm?.BQkfr<0*-CL0d/LR9<t9X:0\WeT8L\\$YO;@f62W)@ +%=MFP%`RB1#ogoN)is%,Bcb*u)p-0f%Xu:I@aZEU'kB>'`)qpec>C?4jq>9fegHVk/)`9N[IXfecj&^/h%7YSQK)b#0/^i*d\jgd, +%]\R)^!F.L&D]N%DWh,[&MtR)An9'%W0Q6<KgEA>e#!H_qq)`fHn!I-'P1./km?!ocj.51A`5HtufsE?/mp`V.gp<ZC3e=:lG2oR6 +%r3"g:V`)k7'D@r?qg<_R>#*A^*E-]B53ia,lJ`.q[mF4Z@UGAf]DTGZqQM'nNN'psYI0sSj-[$>a#6\,X6--SK2s!##2YX$e'l3^ +%rl8CGp/L%`ra)<gH6k4$_$`/m\FCq_Ym6Whb]!BiWl"4CW)r*C>l.siXR$;Ll,jE=qc!"/f+6)@*9R.1k6q8P3_dE_6AbH*1oftt +%*T-)QnX`AaW5Veq;,MW"q@e(jGND#uIXKnj!uk.q.6D"VWI*!'^5-s#k;<'qK`0<I7;KAGP>O?gJLUi3/b\T;kBD=+!mUGR^X$CP +%r3DfiFtO`!JM/N4nuL6U],k500roRZ)a<_fPqWi0m34DlGOF+Z>e&u3DY)89F0O*U?9c*82bjKFgK?V`5KJhrDP,Uk@U)ikhZX1o +%ou!5,Q,<rUVb2r+DZ'LteLI]4p$CJ0Gh>7'%LcrraR8K<YK!7&iO#5JoWHt2kP'H\k5A[J-pQuIW5G9ZpFY[mW:,&A<o\qbrOAuo +%?dbBc+5!c<mEijtmJTU`j+,FcZu]8h(h-[ll!)Hg96aP+h=LM.)c?Xc=G;n'dGi9]F(X1.9X3^ZjO\;&[TW8IE?AdMlonrJs)sOr +%E%>__hTO9`Y9-l:%>4AnqIA+u^QnSsgcK.m0'l^ffI3jbEJK=k=-Hk2]_kfVgTK5SbJu3*YLi&%FR5s?/P:_>>B.SBI/;EVc[-I` +%KT\J7mCelhM8AZ$2braBXiUj:.W]!_D9=ZhCXq/4manj<aln-Lf<T5tN12N,>?srL^!U9)ri=EFa&WYbl*Oj<`:_/g,eY^q>F#\3 +%<3=d3n#g]Jjb#'R2(ZiE[dH4n:f\iGBT;jOa%W'Y\4ueGa]`u6f?fNGr4%%afpp$ncN!&!mA-(Ss8Ipb<FW?`D3Y]Qn%uf8rHOTM +%1AZqJ4Wq(9ZnFUEZ,?(Q;oeO/(Rc1ZAM*l[-G4-=@!^GJFbVO+Hi@pB]5AWr4hQ0DjFEN$hW3NR]mY&NeRIK`4i^55h4m`8F`0/* +%4+?J55qO=nJb3[6?Gc0jGK#Fr*jt">Mhs+!I:DU5ZEZ@B"Qk9ZQ8al-)-%b1J`j%DO.JCPE:^S6`XA%n%A,ao<*&+b&k`bm&<+r. +%]`se^PTiiBY<$VWU#Y#jZ"@[;=KK[/FYnjXfDQ)h(Nd\-'e@jYjL"/]ZDti'^s0lI5F=LG:]7L1$[5`nr(c[^UFZ2,O<gUS\5`be +%`P:d5nPo[D>tr^!MkkR4,-Z5q".Y,4(.5"GRa`^6MtDC^c6F]4*8D_nF_30gH7S0uTk3&s1p-S,eV>ct9oHK@IbHTVU;&XWYj&NZ +%ir6K,5&,it\k&TI;eJlHoR=G!A7tQ7@+(uK<Pj_oo-HWVH>n$,a)*")NnO>_eVC=r?ZtJf_G%JUb$&gV%>cV4(Ni)$nV%lE-dJ/= +%Ufk>rp0uS=;3T&pBrELYn+Gd<G9:)CrF'eN&*Bl`l],3Xf?E$NHY1dI?`HiUVL$;U6d'gRK9bX_G/i#Tbn?$ZSE<2:9HD\f=V912 +%CqK0ZkOQote`1PR>#*djlt6$qbMQ'p`arA&;EjlqiD4f!.i3%aEpBHO)%#'.Qg,$Mrm=-AHe#Hh*khYX9hqqJNA_kr3tp3)V&^4o +%'A@j0O*B,u/aGtdWRlIK`:86pC%6Je.eK4DGi!Bo:23S]"uF)\SPp/F$#[ce#HgS3Mf38H^?b(`KiqA@DTflV7s0;7ET^G4cmNVC +%SC[kte>tH@%5,n,G>G92E*qu!&XtGP(;%.jH7_fJqlW*,T*m.]/a"jljhT82gK-oKR+*%`lJ(-a4s&.RDOi,&Vm!!>E+Aq7pCc?u +%CV/l=Rdk;9?I4WPTDIqd:4$qtbCgdUCU#c"8+^_kGW>5*qmkIBSN=JtrSfgZ/R6!\`-!X-mA#RqP2Gro)>1.ZV`"r6%NjGDjY<0k +%n"*cCS7^[AX)o78]Q]RXPHaVq^-$H3f$2C9NugE&jQ'mDE:0@tC/D0g44D2fQS6.'n6,5.Yg;0U=Xs-r&"iTj:FT2Va7/%Nl6g\5 +%?uraI4:M/b[r:-9*R7%(%P5b_mXO+FdpUh.A!+1\rhT]I-hR>po6hG)6e;jmDaWZOhdXCbiEanGG+'/#Y!//a`l"Zla1Ntg^TSG( +%>GY*GnCbWcNo"dUlLE\7Fre17QLDu!Bf*PrYEh=lr:!IHik#DB<f/1e(RCh7(CeK2Y=?dJmJ@;2s5DB8H[`Pt'6cslSSORph2\:: +%qIUq4mj>lh2_=Qkps0:N.u!5>fBr/72Ct:[IJW;!?``.rkK'VQG>d<7?5L)#5i]IEa"]BI%W,W%Ib(Y0.6e3?n_34PqtKI1GPKgi +%o2fiV)/dPtn6J#f?`?8/qV2s@S&@Au.L\o)>(#/@FoCUUlSn:fbK9XQa;)&u:-U&1-8/UdZ[_fZd9"$<HM4gnIb*Od_1&3mjI.h" +%PEhcbl4JLe=(]h%+)X8'O8N=n:TWn!N0B,$(9HE#H?Rp"d8q'!2IlWpqiB#I^K8^W4`d(q_u&IgHhM:N-n>cInP7DALTWj&Mu6q+ +%c[7g`hk\SArp\C!c*KLMFi-hH2OmGrr1<,`F7.sF]8iJtG4jq)&"?(OIBU#Fq<c0!orrgNpMX<MG5Ha6h/h>K`iTnlQUM.^4o4]@ +%F6-['G&!$#]8H@[r9,fd$feCj]4]WN^8obV097K!$@\E/`clLi8)I<maQaih3QM*Blh8`fSYHG-V$I$Hn%*^`h4U]V+`6/[A%u%b +%k$7[n@cT'F:6WEl[JEA\on//`7h1RHc3sCH8pqcIS.25CL$s>uq1h$ar5)rH>re8GIbZj04"?:pJ)])F*4`P.>W]<%AFAiioYB!a +%lbacKgblQ.\Gn%G0kJhU?gYaK*a:e)IV@*+oj4rmi\.fl`Ei5`IP\H;7<P3mC;Y%,NrE3fn\KpmbD%n\:Sm],ZaQBOLiN#3fA1M[ +%Q]9)U_Sb8/]g(1qk#Zi]K58Lccg+Y6&)[%P^#@.Yru*Q&J*k17AReoA7Et0CNCPPWH0WC&h",T)?Tbo:adC9T3)JQ\,8P4tn_,YM +%)t.)n\SqGZ+\dk@3YdS&lT8b>pD8=iEH_*1W<8WU:?YTR81a"O[="mO?g^!ur>5::#C!>B5.G2"Zp*rF9H>9b2'9MBlhBR[4R(U@ +%mbPBtik*I-:@6NC<1Y/M[i4o;E93*%0&1i;\(qQQ_FJcd=>H^kdkVHO3PSap`PC0-^--N1lKt58\t&YAD?N&hh&ASN1TGdkg7o50 +%L!$e@3r=hP#C\dZou?C2p[18eh_<,sE;0'cWu'*RpjVt7cf^>Sf=FSZ]T?gSl](J;qG1>$B'\<k5Fa]YqX"#N=)Qg)Hgee'S<Rs: +%aa%jocHY9!592hupR=lmQHpH']61O@q2SE&<2OC(@?]h+rF5H2Y;U7r2V:mD4"jjKR!`2LE:3(l+2?_-c),V6Qd)!\G"Bq[<Sr5; +%Y``)F/mGY^f=lllNYjp.b1pR/ens3LH-=d@gCg]l>ISG*\:3!!3KqGk)pk^0HDOMXkGRU.hrg7Q<OQ.d.d<?a#7Vb4B'd%t.B[Z# +%a,CopYZo:SQ-,s=r<5MM$5H8c;ndX5MQ*`c(!;jn?./[I#UK5$]c`oRFPEZ(9a\/1jWkNu85k)D<DpljWp&.Ljo#6lZMsUumT'<3 +%DrZ(\+@K;9fdIW+Nh,D]9l_Z4Z;Zt]gIR"#8ks0NZ@2V9D4;muQZ&ALXCGnRqe[lLUP)]IbUg[C5FhQSa`3cLOQ)MK3JEm$%bX'? +%Ls*5TUrS%rG>]dhH5mZCDAR:5,S5O2Gi21+Q33=[j;j#s*%CHNH"2K)ChC7t/<P2Z_La0^!u"c:FW/"fV#c&\CGu8EO/oNZ,EhcK +%o4AT\nsD/U[>5R8!NHPOJ43LtCaK;34:qTpKE@%>)ZFb/iD"?KJ-%r.$RlZa?](TU7D?ti)F!4B&Af7Ep-[+Ei)K1SM:+<siJV![ +%KH$jlY2M.p(_]`!"TYD)ch/#'K]lLITh^k'XB0jAM#]XoTZcX])TCJ>9)tsC3LZZ:+-N8B(:k"#Af3VY/;^DZ+5,sH2.2X$]H*\Q +%#d\ZAEB[P+AD6[DJ\s"43S63b#p]VM#*DBJmii2ek_IqPJO%L+)B>=?=Ga9#!F]Dp>"_t"JUr?-*eHd-e4F:Im%?StUt-So=AUpI +%6scC:IXoS]1RTpc(R?Bj;UZ*6QO1CRZe\/&'"s3?)GGp^H(jXd&NBjDNMB&L\fr]QM49T?:e]He16p:j.TZ$i.JF*^MaK$e\fJF7 +%T`gDD&m$M<d=@Hk0`$<n68qji&of%uUZdHR;iu/L]ZU<VP&)QuE^BfeM/CmGI(#.jn:90.&QLl$^*G`\bOh1E72XsUOpk4VYX7%_ +%i@Tos&"ram*+l&]((L1?=O)=1l\*;PMb0=R`E<8:5T\<:"/Vb;XLg[@-B>"bGU&&-a&*%LE]?DdH';![=t$]i9H2WA5kF'Zj0nHd +%"+:SSC_H?$Ja>r^%TqoD#7<9)M+hLQ4S3?]UI5%!_T8[og?6jOQg'IY5Sc[7?*b1k(f2#X771Dg7]Sr<ZLO:_$os`'l*6--3%7qf +%hdT%3Y\>9.Z$hp$Z&-jI33c.T-P)YJf4?uF,'W#[M(B@VC<]\T(@l=C&k)$neHKXK&pd1t4<nHdi(#&T&L\DnW<b"U63]?H4#gRE +%-eKcl;37bKZRMh)"'64#D^[L\TZp!4/mqP?rh<F-?sF?L0.p6/f-(J@0R&PS`tokgH6X:qkGZJ8CA!Ft$^m,/DQf^WR[tQZ+8QmH +%;Y\HN`?au88E=S@3]%t!(3VX63jLn\f`@*O<`$8B();K!F:W`-XV%Hp4miZ8RUq?P$h1Q,UpFGhWr//:?!/'X3"+U\gEi^<E\\sZ +%6,*[q:14Um4$4jgd=M;<0RNsJ!eQK`2'(BiphEG[IgVuFN<2Ct%dIe_9j$%i[f?t3dU36M2kn;K?/coP1>\OK([f&*FRmJJ,K534 +%W%f0U@p$Ziet@Pq(%CmX4m*E$_iOEmrV)G%3E@i[qub=-r9J8CpPEEOl_CW'%]+OOYt6Cg[)^u`Q`+-N0qYDsZ1VT2Lt<V+\B^l< +%MI(GG:@FT#2Cn6shSbIFf6m4-OfRWS"V^2dqR4IF[+DC9N?@JC=G&?gRm,[B`HmR0nsK+)BQ1-h_+G6MCA#k)'oW%6@m!Vj;_p6' +%oV98?UR:U%/ZZm#00Op_iK"S8EKQ"#dpfS6O6FF+7F'^^2J\u)@W1BD*lQ\%&_M3Ek2:u8b!'oXr@Lo\ZWR\*I_J`Bceth]HI7`e +%\p=Sa\/!2#oT6S1X([=>/`!6^HJdUpgobXgO_$sRLX;u?rMBuH$sEB9SLWgmJ6f4eqT.+&Q7a+KYTgc#f2ek\de(Or_k=/-/,-.6 +%_1*8<dkq`C7otC^IFO@*Ds=M74626#V2h*FQKu5X_dt/C1\oDRqqq'EDpRXu4>D-dXsP6<d#e9D]';n*m\)i0VmkEf9/1W*BK'G4 +%%(UPNn)WV[h`(Hf]gIe?-XnZ>c"kXT[b>sf2tokXn@+kBg8,XGc0'L5MLhgnQX%\X4k`-uXnIhW.>$S8k,k'-M#SNB1cP1(i:+3& +%+,iiI&_3MeDJ:Kt]CX>F\S&p;^NH&*$c.#V,Ik\5eZ1'!TYIN[^RBN@F+nA10Q$d:2Xnaoj'r?u0AcV@48sTfM;4V>3m'*YlOU/9 +%J,HuFg_8eII(ae\,Gr*>$`\CRs%mjcnVc:HJ\PM#r@KuPFBu6=1O_pl\i[H(53;Y*\a/t&4l,&"f>?S65=%8Ve"tr=T>k;$o<.95 +%gX-'%XL@b1DXJQn8"jn?r;l&BZ6()H\uI(U]Cs6k6*^:5/+u0J]se_dV;@1+0lSQ_]_;j/fHK/8k2r6R"+O?XH6G6AaqAgIRir4, +%00!56m^mXa,lH'Z9CU86?OiX>droul&4h8`I+VNaFo;e5\Ft3UTQ91d6jM#g[R&oW+*)GkCrXUL;m3\n:oG(gn3P*8F*;.#n(L.= +%[Cn_r0nZ'IDBZBae[1<&EL!Vb+NOkeF)t,NMm_?]&F%)"A$Pa^n)rj"_QU#sXb4i'`qq@HiUec(<:T"H]*2,]Eb;RYmt80](RG2. +%`m5Qj.8s=@/fas$hZ"/D(IF[AReBKmb_b8iLV[9hLQ.D0m<0HPJEco;-9ABGlPHV7luMO-mEhcgmPTDd4as-Fi"8\8HCoO.iIT`j +%[u7ZjqKD;gAMD`d*^<H&mnH"`f,tjp^*D#SH$2K==GO#&EfZ95]39YCIfP*hhs!(H6G6L?"m6L>\@3^HIEgAM]tLU^E*';1$YHg/ +%=4A-IIseA#k,(3HhgOeM?ihdln>Gkb6UR_Hpgg[X7fA0bqS+':\ef;^@DuRPr``U3&VfZKrY+Ko%4BID-o#f9a%m%'Cp*q[gURi) +%R=".S+(sW4mJcdf38b`ORbU4J]^D^Q5s=tY`],#u];=`J^:ocIfXcIDD],3\RSFc">FnA-3kV%Hn\^GjqH)=K%M#.=HYbp[#A1-! +%1P[FsI\hK\lGg%e"MJP<X="ePhM/W6CVKsqY-)ORCV9.p6)pipSHf9rFSC3&j+Wo+BirQf52fkhSBB*i](;,fa,V\V&MO[kB,?Q8 +%qZ_V3Vq+bhkBt_oJ#g6mH=tO*#=70g:f#R]*\;Te<tMT3&=qF^NpRala2f?%qp7<ul5_r0kZ8GC-M4=1p8scIpL&d`^$r")&fOH3 +%P8+f,F@%Y&c+/8aC?2#]GB]?#C/8%i[qT[@jhrMZY9.>=N0TpAlc@Xg5<e@`ghTR5!]oE#h0\te^YdqM6:(p)s6/4rg>,alE?p$0 +%m-cB!$pL8t-P#d7-RL*=C`ZCEi<Q0hoDaiP?29.]Hm_^KaQI3smc,t(nTd<l3B915n0m%\cWAou$CBsYfm3CpWSB<$WL#GEE@HAJ +%gtU'h=+d?+P@5Na\O@Ks=n746nca0L\OH1kpLYGe#6<r4^58PgQp,TcPt*uVpV71p_*L$E^#BV([lXh,e;_FQ%Hm)loFP]SSaSbD +%(JD9<oNqH4Eg.AG3EPrKX./lLE)l;=B\VL08PktiQ]LT>4YA`O"0]l7qi"jqH2%:?#7f1)i5#?JS!K*$g&,9J]ZQXJHhHeO=7;_d +%1D;!:r\L_WEaHdHYA5Ek^8,jfo+A`OZQohs"D>#u5keO7MY(0D-Kr1`g5:nM6pQ?'B1Wf%:_OXtKd%=Pm-_-b%>7SMceAIt@9[j@ +%g"GO:PqMU@pu5Xmmjs9"kTl(`(X\V?*ul(j/[(A5.ZH5l7:,I\Y\XDtI+$3nLd8$nK_LKKqA:?C`TP%KaZ_t/1Qn%*d-QZQ0aM)& +%lu>Hsp,'mA`CCnGF<^aGk+`-?A!+Nf:=st6CYJki-I#S/.9jJZH'JdM8;<REmje+DHkE\q0fDWnN@],-Yfm8#ISqs_Tbooe=[XR] +%EG\MIj]mu(5uh'R,lnH-PP&c]R*,`F-s\ZbJ^Y_,^k9W_=oQWT^!,EkTVM=IaNbU3PA:P:"$fC*K/5asIO^^TDCJ,`4Ea(!H3*Y* +%I$^Z5K5P(q%!:p1%S=EUZ,hpfJjtVJ*`HfB!#[3:@SfD^!kP7,)?GNpV6HuK7sV94c[a$m%/msOX+2,Jk^l3$-a?hqB]-k?)`iW\ +%mR$-01IU)bjnMX`h.5l-`aAiY7#.a:_'LK*##Nj1`d6FgKg6'<JKhOS1O.j)<N>Mr^_&j"_%=k;8!T_>1dL]PUE0Pi?R2!AOt*+7 +%Q,_.>#0Maq\uXWO=bn#Ig1:^Tc^$9c%B7>I."7;?'\9i?>!82?Z"mB.3`+?s]\"Xo+;q\l_qI_aZ&8bsT:X,!JBXEu0mj2q!VAL% +%NAsQOmJm7+0t79Jp?[A4L8T^h`AJ^4Z:b]h\4-8*SjBrL<%0^aJ0@O35'XO&0E[mP_9:*WGk`nU)Y@/EJq*tTY6EY(\k"oV$6p$t +%cuTie(<\QIc_?,F/2!\X!$?dWOD-9&iYj-o:5Nm2SYh]I)(8?R:F8c*kRCV,T*=;(ODcunG$tr*#:+#Z!Am]M_[<W4g^tmfU'T)t +%)k17sk_A7$%%no8gjP*p.ZNC8.%Q7KHBp2A+."a:6kS>Xd2Tr(!0kV9omaKQL8o$f!#m406&M%V5id2bjOC#8WOIGS%!<_\jBRbR +%a;CHJ3l6O__@A'%37P!%P)gf"6XjC^ebVmCemTSB!!P?@.r^b9)^&$P6\0eZ7Mc8aXpH/m,*+^^Ee0$d)J?k716g6$/R0%tL"Sb6 +%#_O'JdD,7:^'\Q+=KJggnq)cLaYYI"8k:!K:K9su^`^uWd?jSokZ1M\JoLof@dtZ-U9(^SmHcq4!MJ.]EV%;0NRFI<2kLS#1kf'J +%e7Do@a0qcH+?S\+X&pS(Uate40Pj2K3U!o_Jl%!E]sN?h#C4IAmV-FH5hE(oN8ZdupoFQ/7kub-PfJGqe9pKaP,k]a]O7#O/7&F2 +%cfQ_(A\eSgc1e'J%,I3AL0#^a0LhNZnc^]Pi",ql-WIbh=paXTe]\5,_))IN@#lYs+S6M>Y8iOJ-US/Q`IUG)YR8+[Tj/2T(j9DR +%S-,h6Z?/`^H(V>fW#\Es3eV\[+XMhd"9bELd"]?#'(?\_R\Bms0np;:$hXRO/O=GN*K#^9dJ?Il]'aUA4LIJ!E=%(!;Y+W=#2N>V +%/h;VJ"j<eoM'aZ$&m3Oi!@WW+W.A@85]Ch!a+A3M&3uU[23E^f$1D;TiMu.!);)*TpqqRCEM@>4C4)2p@6:h/aB1>s%M0a1C^P_U +%.S2)kAk*N=,9(+#'sT$9.UlPX+PCmB6B$4GD:u(*8jW`\i/6_>PkJ'1;Gn0M5jOKL;B;Ad^Tgs]dGkkd4oqJ&'J'e'VK6lA\q5kr +%PR.,oc>m"#!2n37(?IY,/HKZqYJRsYAA$"%"nX7)/c_e1#4GMXTGdABlGkS[n6?#eB!0,8Ub%7VW3f[g)i'q_,0Gbk>[ilgDU;0] +%1+Y*[1ha)0.#l28.]a8oan'dS+XRX$cm.,P'u5d)/V0h\,@OQX^p?aXON*Gf2O?[Z7mUHjd".2DdNf829#tSJns)?Q,g50JK#.XD +%Kg]Z0=M9rX(Y0pIaXZ[H4#GD+AU;uUM2C7B-/_T2$Ia)T*RRR"&$Tp(l?M7t%!o9.$Hb,ng.F:6n6E^(!YAb;-7%B4#D-6Q&iO=k +%6lR7RW8$LF&SS02W_K%\@"jWD3Yno)gk'(56N)Lq+e!$P-O[6.GSgPc`RZodaiU-id9)D>7N=&[P(?%J#\jVS:$NOLK0&-QCmSig +%K1$*4HS+*Y$i$6CG*YY6@ER+C'ibWpn]7GUnOjOc(#@@ChrEp6("aYr9:aF1;J^O/MkOY-Xscj5FP.D]N`]KS$#ICDL%D[F`3+`Q +%iG0jV*Mg6=Q'oWdkib"?D+uV>[NgF]%[AAL#,M4/`C!r=^nQc'bd!IU=<$./"i!+0oE#Q"/lA=f#g:PPY@T3\,H(T+aKQ(a-U?=7 +%js#%G-hBd\OO#I/9t"V!-fXsT$tToWYooOa$js#(&P5Kup.UekVD.$0[1Le73f@C*iR/_l7KNiX7T2[[jXZm6RMnjiD6$p%00h6T +%!u)Va0d24XD-Ab@Ymnf^!*_.cWZ?p&O@7b<EGJ)4L!ahs?Gf_dX9PeBp`_!q%&Y6'"bU>?55_Vd9UbMZdm9.Vo0mUG)TDjS"iWAl +%Fp5%K#nYdsE!O3]<B@@81?kAQ:b>^VKk*XX6R!H[VOU9ZI$C`le"N4&!/6l%LtG$<j-tZhO/7+Z=1Vedep%Ni)0c5:%XJ=0Z\#nF +%RpV7*d^lZfU,sT(F%GH2$'8-Y8<2@;"4Aqr!L+3;"?3)p[#?/%[]s7nTtu(0e7b_=RH;S##`68KF,S`jK6XckBfn;%3oU8'BAINP +%Fq\OD->GT0.;1h@#,(SQ.>pYOpg0Gf&R/!O;5]j=nAn4p$nRh=@%<?b$fFFEoO)^6m1&>Pqq/3jgnS=)+B^'TH^Hr5#OSM-\t\X$ +%%3sM3O5S\j!0+r"_,TFM3FI2V$b&77]kh81au,fD_.j%ZXm2!S#-3I?HMk1%[EaPlJlpT4DkZ[mO[_2'<`_T'+m+=ogeeEK:]M(s +%%2r(WF>?B[P6D5Lo;#->M67iTZDe)$AWs(+CX@WK)J?kK4t-DFgBF<le-PrK76Vnf%MkqfMQPN;I/^2/6:c4NXoss3F#X7c$\Gl@ +%>m.:'cOrbh<^p;JN)'I\+SY6li8er@^qs<eRKmY4p)I.'OTm_C`>^uu#QRIM@9D/6U]E$)Cc=T2el-dHf=SD*2@90)?&/u>4dV8s +%BekVRp$F2N?CW!Kb6`r4ZouAlba\F$,((/GKm`!<5a1T7O"0($3kumbSXuTQ3mF)?,?dY#i1sb`k>P-#R97$M,QoJX=,\f?)C!%) +%[lEA<>$H'5"F]bpMea*?/llF8aun-MPGtCBoWf9&:Y;uFK2jH[CQ&-"a%^"U5qBNo!:Qt.CeFa8KEtC!6CJP27<)T.!,c!H[NW&) +%Hp+$J=u9RHH*i@fkZ5BgNo%Q"f(iMn$;0=l*LRl)]M=Y%+AL-@+@(XH#WONhfIHuo)3^,,H#JJp,&A"`/V'Ocp/HE[0H)r`%"_OD +%6mm4ce!/.i9/@o.E6E!NDBt[-iJ^H2ZX>oE"s4Q":#G)$3W0<=P!:$L3Q8NoP_k4J4/Q\uo8s.:B_)O)V"o.992R4oianTlAf+T[ +%$U>o>mh-cmi@(G?m=f>d&_T=gnnQ<M-MUos3i#&<T?BT+7BS$XeV1-5cZr\V0a,s[BUiRsNJeMd4KiJc=S%fI^`gO=9%6gr$8)cs +%bcmBjS3bRS%Z)O?5Fa::IOO#ILRA>P#dZPT]4q]lbZK6fkW@c,KJ5LEWB_Y%+qS8ela-B`Ggus^%kYbf.ij<HV3ShQhj(u6Qd'=q +%JZ#L`*Kf+\4\:lj_Bb1T7Qr"t%.-8%3(7n@/e=j[(jlm:otV1?)^&7NFg0^K3!?(C*@L(G#2C[pcer:>VRN4"UPD*iTL0*=]n0GN +%brdt+9S3di%AF9';!e!T`VMe>XHJX5rPsgsnKe):@]h-Y,Zp-OhBl708rC7>7s]ddqoEFc44l4c"%93fS1BH9ro[NN:Zs;-qY+>` +%6MB+1CE2G]4^I!f'nQDYg63?6,q#OVe)TOeZLj>RL[(/I4Ln:d;rsRjmq[ajpsn8Yr=6[2NtI]n%6jSnOCPQL-)el`qd\iI7=.!" +%$'`T2(5i2=rOG%58Wp5@6tMFN$T_GPY.Ya<!j9'Mho]1!0E1h>$P?OO^V(Ap4FP`';(*ga=!Lkb-e7nFX04uW]EfpW2>V:2r%:#5 +%%_VUn3#emB=,S!E'#.T_JDi'qD-kp[(452?R%6q1o_YRLh:!L-:o$_Z\,sF7%^>:pCVF#B'oTb+Z.aP]nL2_u*#0p=Ln?Wl[]C7X +%jfKkH!DP[epY"@i@^/6oZ9'=F%DCiWEBLb7]G._ap40(o7]^FPTp`/fo@4X!S6sl1(2G_+GK'>NSFTGIT78X(`a[JQ9H>0#Q)luh +%g#B7M2ZT<;i`G/qc(-Z#6<kQ8X/<p+ZG#B)RFE:e@!W&0(6c=%T>(8Zj/7^unG84C[k6tbpYo<&L@sRPGi#fZO/k3Rna*Et@Xfst +%1'n+6:YZ\9.::pn]:lh9:S8M-Wd2;A7.W>>H9fBi$R[d_@YK3r%^-_S%Vm7bd^*`c(?aFZ0(KoSQaJlm0l"G(6S6&;H$[eEXD&uR +%Nu+s%^J'8_7hlU0qR4cQn$Hkp!Ih:_h1mkEB(@GD,,aVRd=Ad79#<ts3@h.NXT#-\3KMq,5@B`L>ID%ca$3eRra]u4I^nn%_&0.4 +%Hq(lDEtp6+X?_kWf!o/QYuiXhUrY^qTl<ZU*P5]kd,;/io60Jf'*W^IATWTVG7Hg6E`iZ?WBTI.)*q]3/LON_oe.9(rdZ6"fSF\I +%[g\;Im'YioPr#IF7l.+a'VWdG<<Ha->%D%62>V"(1'"eE4\<%B3U!(pS^^kgoZ!^jo2kCqR$2lD>B[AKWi!NO)t_D&9p93bm"Ebf +%/O&""*J0#8&:",ioN9>U3PXh$$b<hBY22R[S*qP@7Bos_[QOh3]QEV^WUEka?r,q=dq?E:Ql__hkhj"!L1e5]m(#hk7[j;Jr.sjh +%o0ll3YSmPaf67jP\F!ALEj$Nf]C73^'jo_'TI5J]Parls'jk)a7Qs$7>cd#%%2UbtVt%Uo*K)dZG9)e<Tch;,<P<'bN]n=mEarUX +%Es/b$<Ta3I*Fd(QcAer.`MEmNkHi@$e'/P%Ko+F4LWra#\nJRDe0T!]^NNN%SYmf"ToVsDc`b#;!qea`>XD\)YEgUTZsNE:r9jH[ +%^2+I`RK*`1\ZnNg:Vg\0S8^H@UgO.FPS-Y>RZ>6:,6`RGB2?iUVf1UX_EZ>K*.-Lg1%tV0(W23HS#0f7Ji2hY!KGn6$L`Ib@Vg(4 +%+O-JE?%XT8WYK<Y8R\lB*gdhbb'J2Fi@H#S%GX&Aq2opMm*!SP`JW/`>!/+Y6V;Uhi62I,C[jk.gbIrhaID4*2>>T*5nE4M>p7cf +%;#5AHc]69tjk:i3qYg*/.O"(<2^oTX6O2-I1H@0C$3lRA(c\[Ff3T]:3hLU;\[OK(MKS`.@_Gn;:?o^J=2c[U241ZFX"A[Y5<Sl% +%o!Z(J[OcYfeo<dF_N0\6b9PSInZJX"*_B^ckOR^V5AqHUc6%J-DgWm7.sC>Ar('5'E1L@`3*'H2IJ(;qEHtNT[-lDjj47Oa6k7%U +%G&E^MD"oa_HZ/Xl*q/b$@f<gpRl3L"qtK=DYY4DD.nQ:mp)Nk%E@a$H@?&0m5TnCGU\OT_!RXT0I=Cb`:Q$.3Aj8'9-MLKd=^mT@ +%i87$O7$mlgX+R<GD>j+Z,P0!iI;o%]&,4Ot3&it1/iQo>7C\sCL>r*n:S+CFDK"eOrL>WacK+0aK^7W,=AqQsK#.8ApkcUXN"2G, +%eU$<p[[attqAF+356e6,f.:9"9[/kB*\r'5]$=*0<QrSm/\DG^:HeQJ`9Y6jO-VDf&fNp<^AEB!pH5s5pA<1i7XE4GT1?kIH1QP? +%BY)FS`9>5=>urrXMaW5BhO'pl+Rsbs@WA_FIk*Htn'>[?F'fH=B]92Rhi.J$p;C=9erH^DMn@DM++?m5nP^sL--9,`cT^o%oX#Fc +%F\Bq&\E\N`4TA+S&'f#4QVtH%c&s1>q*fK[+'LZc[>M!Ap>c+<*`\R42pNH"\,D6,WFFfMWqjIIhk%K,-Z:l!];PCP[:![/Nf>,M +%!E-4;hmmO3n(PBlhnK&:I<XoMKc>7(5Bq/IcF#I?((SEeoT87t.bhU'G1UVPFmn1^c`iI3DuO@h\)2"-[q'_)Yu(8<[qY`bg"BLK +%1E/N:U#@*RqQKCeK^bq)T3A2CIh[..7d#dt=UGkCd@s50AgQ1gCYQ4"PKkc&Q_Lr)WgMs$27p87Q;k4]"^lnRLSI./X,(\_%RsiW +%s3kE3MFW[^ET3bjdPAoDPKcjMQY6p^8)UYdmL!h70Lu>K6ru8)Q>E09YMt4JG"+t*7">B)*DcaAKS+OC!BWXHAf-OAqTq6Oa:o=7 +%]So!MSu,b+_5g7ji-.)uj%'J%=^r6hABO[)QOt_#b\-'A]"ssZEJupkjT$ninj%f9<+d&!6%DaN\%.sH!FLjsak'-qQW_6L3&BW1 +%\-CtT&=9;Bp&k[gj>$c"_-KN1$^"_R-M@J-U,0C1o-3gJ*1Z/9MWtZO+M,q<ft,P^ED^"#lL<Ai(KCjC5WQh$HOXst/eL\O+m#Ij +%EEV9QA#`ULjbNAOm$\%S3eX>?9.V/R]7=\B2oRpp\\=W]#eH[+3,29;].Up;!H$%8#S>-K_&a.T71=X-0*#f;["3HL`F\6;h2L?i +%_@H`f-3M?+2NXY*#*Ks_g'`a<*Q2,mF3ksQ-dZXD9$eW3N5<7YN_E[8kOMbRZ]ZmNOLT0./A@'MLDW[Yo)oabE'>Ur/R\(E)-(fJ +%6NMfP1'autHD;Y:+N,;98dUL#4jKci*J,6o<AjqI!B+>>FIN,=[Lm!/%#La`+V7C8#oO*ZJ4rK/EpX-]gQfQE>;0<4He"MB;DAYB +%J?'6?0*FHoFOj;_X5LAG!(!.Udr_M*_4TL<'"=eQiNE[f\3u+)$FAd]N<D1JMsG]+?oA/8*)$rJPe>M?aL>j5.QFM>KTUVQ5QR]j +%#g+!+HQ+]2!"NV6"NE%)>i.%#d8b.65SlKp,%XF.PdEedMB-diD?U(%H3un^I7&T3RBed*3+9dZI4kF#=VOi"SOR%VRc5t(-iadI +%0_WhEfL,AR]?r#iNOl$c/+.1<F1M^3`'IQ<:e4CtJ;*<\HCfCK+X`*PFB"bB`!G\GA8G)0*BYQ&6s,(<n%(+pSYiQ29U3j^B>E=7 +%Fgl":#TTd[P9:i[rPF(Im[T;pq#JuW-M4_PX$P(t$H<fU)dume'c79c\M!VX"[^,r7AbJCl,OrB:e(qO@k!qTVh03q8fi."<SD+6 +%EWkqJNr&6>Q6.3IaRD;BN(Lt,(r+Y-'W_C5?I[j5(%.M'+p0[8LnT_"GYJO'+F(lZbU>(LO\q70L`Z'G-VhV5&<>(8_%dO08)["A +%6'9h5W977a_]dAJ`9B"W4.u!e_T!DYY00,1M9d\?/JN`1&6t5JcVD"%Ko(q1%B>s24,>^/7WF1c[OjoZ%6ukmjd7Y,S:P?8l5HtP +%#hI`#I#a;T_1B-84HLkP,V1JH2cUDA/>eB*%<4A1$3UBc,L]CX_OT89P3=8?mfngJ0`Hu5Qc1j4N)<1Oc!&P%PQ@F*Khjtr(Pq5t +%e/OX+:jY_6:Y8U>!t`,V)htupp^6JL>7lJB*/[^I0HOFb[5_V8!luWn:Eu'\fW5f.[c7[1$"@Qba<*P,5u7X1Wj<-8e-$[e*da"T +%'A&CT1YW[[qljdbn<`s=!?&m#=hIX*F`VMq$o%N[%OAKaBV6$ZLB=bbd5M%h<eZ>8G;nZ!E`e^Eqk5nbm*'5]AIsenf@T&<Xf[Q- +%a>sQG,8Au!TS]D7(T;6(@3?nSTX$=q;?=Xra"ZE^*XcI43Q0Xf\.B^S.eq-D!9\S7)$4e;mb:a+rIF@5qM$+oWC,TPE&j.!_35L@ +%_*Qq.ab4&1.Y1B;#!aXJL'^F&kUIc@=@WY+&"t't#F'"UV+6dW?g`U38-3Ng9f?"q]o=a41_q7/+5!CR:*QCP0RL5,g0dW"N#SL@ +%R8F!YmQSYtgR@I6_?_Jj$+MA"R_aiCLn$.$rW3C4d4%lrAlesV(WI:KhGXGP5L0O/aF=cW&3snW73/rD!P,0>3DLhT)q`<QNgnD4 +%dKXXZfuf'b:-n5(aWO\M0N:6mic6/XLr,uB5e-l;3L8C'J\f0f0An/3$K_ss.+f\DLSE]NK+X&]gY`g2f:T:Qj4;AWAg(F&<"X14 +%m=?F$NB'ph5:qnGK'8Xo%<.t0A?iPmk!sI:k(l#lGG=C\eJ9SJ7$md)<sp@!2safi/T'_dM\nC=,d*stBqUR0"sHC^q1u-Q"@[@l +%-:Akh*!%9-8<sDURq<pX%QF_B9#1W\LTPQXR?53*h%94T"RAIJ&%<E'"Loj22")ng,:&sY3mGb_]%"qO#*KOfSe2Yu`0:HAN);jL +%JDD@c2F1u-g'BkI%V=:U%2Lu,[kh-dT\5nJ<1:BTs2Uh/q5qYd6msKLk64KC('l7ULI+QWG9`=dT:l3JReU-sh>^-AU^>ZA*du3V +%Y!5(5cPuHW(B4;oYN6G.pq&X\qj6JUYJhY5o>WKH6(@h3rd)d>&_0\$)_IOLX8hi5034r>8G!o!pUi$=hss;k?GB8$V@d4cF)_rd +%mnmKKds9kYbI$`kX$m/up9OLAjOXH1_=Bf*N)uL8X'DR:g$_AVB$^9V,X45JIf"7PV*8D"eno0Bd:'XuV1B!LA^^uVIk"?i']<A. +%Iu]!*lU@l+8rEp&^/M3fT`D1dqN^D,@DeE^eGp`A92:;$/5iWGXg\t3_V](`UGZ#SnUBXJHL/U`UV@PI?bKk6Dsp_'/QefWG#g@/ +%?]c*Ka7Lo)Mq&e$XDofbXS-8%%c)I(^"DpfC+2?tdbVqRWKi]:XOcT24rIKJep6[g5SFh`)u7e2dMiAo/6X]4lG(K'RH%3W9Y]D5 +%fs\)N:]L"?/^nISbhD;VA11NX)cT;#pYIRBs/n=lme#Y`=i?cQhgP(>nWP>]Cms'9ZW1k#+eQUDHEB5YQ)N30&\#F-IJ2HF.B(;E +%*P1@fm2J8134*J_Uoo]7#6X0ML7B$[>889*'g&k-`l"h%\<"Zh9[4h_j5]S]rig"SBBqc$<?!Ig7I$[eV:S1Y>G\FHl-M_F)q7O\ +%q=FJ"99Da%YP50c*c!KM3`BE&-ib-LD:GKsG(CQ7D#n,BB>AjQS$?N#q^Ji7qY?Qd'k9Zo%e!$Iq=gQ7:.A:]pTP!`k1NI\5@/RB +%19NWTfofd?PB&'3lEc2[7K.1[*_ip2(OS6?[2:Zn!tE;n=WPWg3>D.ZLAWYGXdIl/h8Ck5cM:orU7&$(mgad7"oHhPq0k,e7JQ81 +%I9Qk4<&fjSSkBN"^2diFVj&7;HHk[5n<]=r]TX.ifl'(sX#BO4q,fFrLG:$H%18H\=XIY0l4kNW]]&6Bhn=cXm-U[/DA;\W"Sl%9 +%Z0[ATi%(rjB#3QJ_>dlB=H/&WnKFO,?ed"9kDZ7`5BLoZ0rS+i[q+G&=hVBM?fPbE>Q=MdlEOI7"mZu_(R8`3Kr0oce(:aj(&aA; +%PP/@u[2Xs//!!fHk-MV)k"Gn'7-QFAG&3Q<?>SQ^"(1%(Q#>0'?p-r*0A>pkO@\QUhK1>.pXnP/XD6pZeneYVU!KNG9?0Dr[TL': +%kfspL[[k%9B/mVu<?m57PoIAPmE?.;ptcX6pY7harI\\9%NSk7Wd:c.]FCo2<=G=BpnjZ9S2l$Y2ttJKT\08@X_Pp^;ec+)Q,BF8 +%<G-`@0)YV0:LChaqnslHcp/QEXrU_,B]>'_?FY7VjR(aXF'nQXhl1,AE0fnkeQ.70VN'CH"`+$l7-@_=NZJ.G=O8N\efWPNihLq< +%*G7:T);6Vc=tj^c_9\Nr]%Il9U<%ma859'^B;][<>TT+mF2?"5oj`XKhp&i[?r:!C`pt^eqMa0SiTrT0e+DE9LFKn0.F_klq587O +%D\&;Ip%1gAgXK>Qo$4*!UO_R8B`7Z'kHEW[i2>>?=#L\<I-J0hUH.DlhhbaOiQ$"\J!_(R3bh9jip`Pa-P"E*Lp5cHr`A!J+Yhr^ +%N6ogOPlRMgZjNJI6[o5>fi\[u9u>S[ab"A:,&j[@h!_BWIcA1tDs('^C9oW,n9+G_Idb6>";'h21P[mt_\)_4i$IuVc*t+=WNREB +%Ce3I;(bUu^0aWGQjl#u2NmOgZI*%c-7MD]Y?_+VK^*Vt7Q>(JO'kkBA=a;kZMqhQkVEMDMOmL'`:E'L*ZcauBqn\E6h9*cE@@$c< +%+.l9Q6<ttZ8iLEHqr9k+BC(X8`lI8YggX8l3;S_liQf_BPUouigA#Ya)nit<H<Au?P28ss%c1d[6VprFf*F(:rL32!c`.s(!0BGG +%:r<ONc]#@ceu#ASFWFi-aPEFLY?p'C0K'#&jLH_,<4d2b=s_A:IMaGVcH-g7&Y8V]E7^'OT,r\1hu3s>(b51rhMt[F:1$4"$@$"J +%ZI&aZ:#,o2RDUGHZQ$pq(d)[7Up`C)bKi9GYUjh`>s<8hLXYd4VjfmkhQp_B"GMHPqDg77S?%E/l_SF3T*H"@]PVb$)5oat]6kbH +%UXu%=e)JTJoN?qj'5$srVhK,0i4r6ZH18*0G]78;LKMFdhX&93a6aP@LEo6eC<\l&chb_nI=C(om8JSAhOAX1+74+7gl["h=,]d\ +%28W@7g<T<a*r>g%oD?:+34)22pIh=-+_]VMX7i*uG3AjWS5cfKpTFM*rR%RJZke)PI(AL2Dg1WdCNjabh1,4T[6&SN?i+ipR[IIP +%;RVFob%.mJSDC"l?er;9mkoLO\uj_rXIRtA<D%pN^92M$gNRJcpb>4&rj/g.6Bh@!Z>Dj&0i+4Z";mQNiPD>:Q=>`uPn^M-KRp;O +%:bPIt9n6i62(F_Fa5`@r:NI5*MJ)HnYic;e8_8jP#5VP?jjf,SA9T@J$kj0PZO#S0Cgq,m[LS;la3_fGntVeL6f;KZB:Wi!i#qS= +%)fT;Yn7"()"?;&c;kR=<?OZili0k7RPu#mPQ4["[KY1p*d]V*MiO]co&g2X\gpc2J#['Q#<e_&IOfJI11mD7Hnd-NK#?;SsCXTn8 +%A?IZGMt5jM22*KT08aZ%'D>McpC\5F_"aS_&Y+-('FSRkI$5*&)=W0`lbo"kZt-nF?"\$Z$QO+/-P_hK_=>.TR^\SZTNR"YXp!eq +%6$+ZI#Wq+;RfQd0^;O=Y+;[OD*`HKG'(b^FJ'^$+<6J0U7)7"43IIXJ/07\lF<Jj#@;t3Jl7RDj&#:!ReRNP@q?!)t"a*Wc-D(E_ +%@tEQPi^4'1,r?t<.\a5RJOru-h*"1c#6TfK9&L=i%udX#!C=2_\b3<81G/CZLdMrV0:>0;#]WT2MJuu31G^r#OH=TZ3&cB!RUgdj +%o^KX'6_8I?XG/\QQ9Rm5DrH3KiFj:)0&\e"<9,cT)"j<Ak`DJ!);q:>ZN85.=n.1T3hD>FC[&"m/s@Uf4(QqCj8occoNsA1ZEO%% +%:#b:NE!A,%!-OH$[Y+&#@4qG=RFu4\")t[U,V8N!8)-Ib9@1eQlS+l%2?QO(dg@)Z[a'+&iM<cDmh\5#/33(GA=*t$JK5n)f2^'` +%3]F9-S)!$j2A:V8R)2PZ\K]YNMS3&h5OL"IFj#Y5H397]4QVl'T%CgbNF8Bi`Fus%bbHP]Kb;UE9DGV6Ka#^'a5\maC5d^_"]'h9 +%?th:Pfd4F&A1drq"euXH/did/R\'R=+b8FjbCDP&p&tTX1ZB$=I^5T'cTi"L!M2D+I@fkLKSg8<<-`uqUTPd2#q#D+OOFm`r'HbT +%r`J<Z!\ZB,o98@'d3V&\`i`rYLs>8lE?i?!4<F,5d($?YT+gn%>''d*!BI+l;[-;O6!PX?b>EL25ZV!QSWH-:CE4a!_KLG?g?/,c +%NEron1uX4U78=iS%"UYDT]5BM$8k)&")]Mk:^'7G#5k1E?%BJKqiF0mP3b,>Q#86A;@-]$>mk&g!aos^hl[]qG(cmr&$nQX)4n7S +%8M(4dE6LXi==/*cJh'lLeBA(%2uk:9%r#IG1)VhSrbbGB3:'!(/lOmY+^?(YkCR4J$:7+i@U8+T#5"<K?>ST=LT*Nm*.VNRXm#7b +%p]Ai#=YPD\PakFB-;-*O!CI\K'*2Q%#g)*r:d<%ek;$"%#bQXu=_WKB+fKs+Li)KG;LXDsTf$CoJ;$Jl7a!$BbA?jRNZT\N2`Dm! +%/Vi!KktZj2lrHZ'LN!pV)?>C+5mc=VBmqj*W#dL,9M"D9&S]'R8dZ\++"GHbX4T??Po*98VAVZ*L[,q)oYCO$eQXC-HU%_$T$drh +%:n8K_NW^$:,I8T<!)`8k/5q)Y.?+9(5QY22AQp'fG^I7le%nG+aT:=6^`Jag,bQi7>H<8T6Th;gh1e5]'sK-SJF+$U%Ci((,cL_B +%+s8#cQ2$CC#]R`$n+mA&i"QIn;G'2>MRsH3J5=OA*si3,%J0U'5eui[QsD0pGBU^(a!(7MIJl%2/,R`Gs,aF6+o`NJEE?99!\Z_' +%^:^YRm!g\`Yl""$IN'm9/+1TAS\adp'\3&/iS@t(r>gB72ARe[3q_;9hEu0U@"lJoJ+f/*@kjac!ZbCNWY^[A?ID`.,\-o*GkMRp +%ZsU#&`,37mX`5'Z9b>qO;pUYOqJX^#AIs4N%mf"f!J0le>'=X'8;27,f+Zkh5:S3S_0:c'.17E:*aT-+n23TUBW_/S(=2jsl1Nrr +%0.rpOje_5[[>P.kFQ-.NYIkkPRn9Q5VSi81o@()@JfK4M?X1ZMrM3VXmPTW@^@Q6,#O2K%;!dWl(B3]m'3Sj.\4T!rfZ+?4UK"hj +%N1SV0==e&b.Mi+`kf)G8rRJ`AY;^@M#c4Y,^0WP^@kX&r/Z!>?Hf_o+Z.R62C0+G6bHI36NhA>i/SP;NRPRbMESkW\m%*(PZ*`t# +%'jsS%ch;7G=?<CWWf:dc(<H@fH`N)@/)BO/Ki:#fAOD/hK3N+Wjgt\JJ!@)\8;-?SB2>W62m?>t<B<-J[3i#+!2e\$/R+:']l8:9 +%qM<SeV_"7l$9k+Nco&M69oF'&K+HeMGN;-\j]CirJt-"E]620JY;p:9U8?=cVPA@5b.-"!&$8:ffMYH/2=/hf21*-qqr1Lkm\MSQ +%2dJGE".oBoS];2YoD=uOQ`QS1SbQkJ:Yp*McHQGYZ2&\T+#U?B6gF&MV]Nq\VAK#dWnk#Ngq)d,3>7KLV=M\r$\o9@<J_=B_,5C; +%$ZHM5(bomuYa4'+4+@]E-TV'So:nUdD!ZOlV_"In)#eK$baQZ_3fTF;>K%*\)obKm)*>9V/+sjGrpUd(n9t>0H$YG7J.:"Ap?Dh" +%4co3M3-N0HA`)\L+.)Zb25#0*)WG_]=@IlaV^KJnR3,0KZq9;'?[k]Ij+cU6Z7E0N%X)47qgRM^p=2K5%q2uYHXOk3<L]>^_Sj$, +%[suq`?8-MB#2RpS[s0Kbc-$B=p:pS_kC?amR.^:((JfNL8<C3X]+-I5dW]!.LcLoMlka<T@IX:]XbKiRD^)o\4+!@oAFTSVa&_i6 +%(2LQnhlbY^(4?^o*!QWIHqfSD'WkHgZ/Lp.l<)>aMn<':gN`#GV6)#I3_jZe*<./Vk<#MOH>'l:l41M?'NkX?I0S5kF6bT+*m]3B +%h6V)lD/jW,ZWN(HNFgBe4"%$nHgb22ZhN2fER`k@G#2#1M^(&!(Y=_=0WJ&kq2Bd[76O#)<X2X^FB';bdu@Y^VlW*'^$Ft"%3K^j +%R'/Ceig;YWCm[>%@fgYoh=KeBr,NUgN<leTT,k-'HgCU?8%[^)XQgflJ@&\XBUY?Blgg>R;'*9r'DFY]+#N0?eo>\?GHk?#+3P[O +%j7o&TnJT8SeN_j`0HYSqFmGqW+13a@9>#"fYl7%>^?!-'P?[0kWL3<?e4%s$D*M=<qbWF;S/\C#J+ZZ>T&.ABfsAEJZMW"jCT3^R +%mb^"9Do;L%D3E'a/P"9Mh$8A@If&QHMUV]@/Uf[+n\WC84#bCLf-Y)!PD[ei@m$YXn"Ffg0:P*Y]B'^9%SJZmn1[%dIt6k"*060> +%Gg'[tMAt'sZ`o6cn\<>$s3fk@W7@k_)DG%0&$-*>9^j$)$0V(1kuBJh3M2a<aK/0XWG,cN2TAAa@/t]GqpL,/rtfUGo`CuRfjl*N +%/ll`;Vj.$S.C>m!Mc@PlGplW<WEE(.E4Y(K9Gr.?k^:QqF;DgcaQ3WH[>LUs]j+GoR`(m"3rpiH6R]KZ0[i-#b[G'a$BY\\3Kf#/ +%\u\(<C^t^0-K/GOK2agQ6l(2?b4r*'O^:UV@?O�k:U\Ap)VZ.AP?i`j$hE]L`UTnSp!&l&qh03"$G11,tZV1Wb:2E(h-<LhjSZ +%/gD/o8G^3^A=CYmj\7mU<]]p`q?5]XFP]mu)G1e3[e3JeR;Z\P#)qM!`6hss2FkkVaC/0Tf,+5g#s<s;BA6ep"?`oc7+38U$'Rm\ +%,R\Q(pai+hEMA]]l5nQ1$DOoGdiOH/Pdcc+J3#r1JsCL&br<0<+eMK?\f"XSYi`pd@Kk#TU+>=]e;SulQ?_%6;[QF+?j@$N'V2-9 +%gEt&CT=h<Uk8>_R.o'X=K;Kk@cE*5nfqFiU_@q1Xl/6Lg-T6-r5g6])j:;e[Ch_*fJt^fWd:22?n:!Y.P:Si\a"Al"O]0K0I$U!. +%NE=K.n:b?P*57R<a<ZWkKBQ?eT@EMDnPm^P&DfB/*)T(YCD69id0U&8\iL4fJp5"@Q!>$D/ke"CjI>eDi/>HY#^<nT<6TAV'I$9: +%__,Xp;CP^d_tR;b6/$r2:(EfBM?''b;=T\/.bRCGnIpqcP@1)3L;P8[Nc%@PN<q6NN*D`!GRfW/&.DZ63il%*aL2FCKlCPm9L-go +%'=L+"O"J-oTTHJ$9"GLdfEI+dP.:f%#ZN?u&:G2Rhu`?R^J@rm>g_O8.;!\OVQ7=GLifF74QS<,*>2id/KdE.o1<]BP!o`Fk@BS9 +%<,0jK6#,fO4B/>E'Wi[>Pkru\Q*M&l[3Z(,&t;-UY(ucfRBB4H,U"<U_'\V+=+nVOlD-fm!cjU:Kg=8C;j[j.<#qIh6n&L?fYMG2 +%clXEY&82H[OffNOLg\C,aUc8#:_js2^S/QN:(ieCkRnlk<W"d0Zn^Jsp_q#HaG2b9aMqPfF*j:em)&X]#UrtXS7WWsN@'EjH#\D> +%I-RsHe%^,e"F]PK84=1m*4hoEZWL+7EqMc&1-J+p=H#\"lJ^B0.>/611chF@Z:-kc$u&RG"IfF<6BGm-*6(#6Jm*\CQ2kfa%7cE_ +%a"Z%!#SQgoWcSXs/dp#?nc6lFN*GD""oskqGROh=GgJ6lWphm;!eOSb7P]+*he!o@a#'#q..e*(Kh\X];J(\AU&rNB8-l"X:Ml3U +%Lt8&NK>POOifVhQ,I%fKY/[Ute/53OU\Tcf/ieI7+q8Wg/Q_EZ7!8]8/`G]pBgQ>#*7L)5#M(>n\As,.NohJA'hM6[cOl0jQeMVo +%'J!G"6%MP4H#?Jq<Yj"ud&gD<.87Yp_$eL??f4'9eH1t-cBii?@-Ci#V\(#V@=9e7p#BHREZDq.C;S0RENFLjQj#2ai>8d@P9smm +%LQ!)S;CcQT#!kKDW0Tk&:t'Y7@%q$PF]$la=@Q'.!/r7<6%U9?3V5Lg(pL`fOrLbr.iB[J2.M?OGRb(f)1nD)3.QXMOID>n_XMpi +%HE<SbNCUp&ct-?M3WplmL-a"[N16VZ#_5Jb?>B9_>U_B--Hm6%k$Y-o\/6t6'!db24<_0IJ2MVC#.PL`4A!NF1o69rS&O0/[Sf9^ +%M'jtfI5f7lKc42gh7+.;F-M@\MI8b<VjVQaYHqV1Ga;;?U\Kr6`t!Hi/$rcg,<SsSeu-&p5dHfDJilo1'.+<D3V'D<8><"TU*gk. +%bQ<F*X_CBV:j(2rVmFY(hPVObOg)4OEljIY"6ho<ckfBL7$p<KOKnkOE/h?pLo6r0"V&>7Yf!JT3hWclA#dod3_f8u>=/ZD$>6\K +%BumETPF3TtR>0/WF&WXrgC^:L!G%8f:bp"$*Ha;nYAbRuMCtc!*0[V23j-GYJSDps-4O]g?3lW;S]r%g,D-E(/)*d/F^e0,OefcT +%9uoTB_I9La`jLrY#!qpH&6JoVL2e\Sp0c4k.g_jH6kWq/n$>3UXb>AZ61:8.H6HBo7-eNCa?4jDmJ)Y3Zo+O9FU`r@ZJK\*c*.AL +%*tZN9F_"Y!:T>;@<*YU/W)R"/:"#9kV9)'%nekhO'gRkL9XJ38q*"mrZ'Wk/^+JDq/=eDYWEC:+Z1t3YEn+C.c:DIm(I93Mf%<HO +%fgniqX&3sTjV^u@N9Z)FKkE-2MAb]@C-!N)'U'4[8338S5e)@R1J8L'dh]PH"j9Ish6S+%!%<R,K$iQ9=dB@fA@+W/ljm0AKi/'Y +%J=)[bKuJ8JAGRd]1c)uW#=@T7-b>$KAe=;HLkNc)M(Z%eU2O<HS&EgUP8-j;(.4Q:39)\0*@AC:e55<0q[BZ\SKZ8NO9f%mfk),O +%&6M<04l]6p5n?9Q=X]to(sE`;S$3qFq52o0mKqX5_4T[74"D%[N]Q#hU=`%/`fl:iLCW"eBb)?Gq'6=L8hB?$^`$h]$C>K'U8dR9 +%)_D&6Rb5"jJAERWC64-@]&nO2jn#TRC@+n+S(9-PG,GY,i2$X9_"6n%+2S/&2Ts*4(<BXu8F=1o<.mcUODNprNtR(ZNU`R\dM[K> +%dL,!t'i%Po'fRkpO>Bd-Nc\+b3DpZZn0-M5*`b6878k4L2]dS!%t$>:=]cHSct+OcaGhDt/D=j^$__(r$tYd-*IJZ_4TP"5.PV5G +%RrHRm7FA!NgEo7._o(T#38Oe^D]NsZJuJ2EHjM)'4br"n&k.C3<a4]h-tCo^@>'^%-mU@707]uY8Xn`H[qfuBP6N=kjIf^^3Y[b= +%mU@$W95F$Z.e82UZEQa*p<ZeG((QR]]OcaSA,Tk&kZSRh=QTUJm`*UZ@-lt1-$4Gs+h(F(9!X3tN?'Gd4&J?1)@?T$+EjL+&%H#a +%%k`^;a5?:;Tn,s>T2$OiTd@\lDX`:anR4dqE$CGb(/E*q0(ts=W#Rgt%2dH[&6i(Da23BYI6N+aAVK4@J@7i[bi?'VOpe?osi +%,(j[3E!gU;b])1o\]i<TCEFp-)I)6B*!]\Dhr#LDPZ"rk_%3]g]]GI#'F0J\BO@6VX8n_kLO!CSaNb`"/1gK;l)lW.AU(5+M$R.C +%gB\%R$MB70-,PTY[[E:!UX>GNe1ST<@B]gdR'TW93_a0N-_;S@lq/-83]qRo:(@B`BJTi3)oms!^nF:q2Fit"1d$O(a3fg0W\'t4 +%ABJS/%5OBJTtk^"3?6!nGVb6_>S^Ir\u!Mg&M)1[G7n@FdT#'5Xo8kK@VHH0LTdE9atn_OgNCF[7(UGn$f<Y+^Ck8\a:;Z<.`OaL +%SAqY]O;:TZ5rrq1@K$j!A!l@@6RF*REaTeJLUX3r.LXhr7XJ-U#Za`bdk"iP3pL!gGbP^:hS.*1)m\Mq2k*.5W4;#SRNjD#.i1lF +%Rh)&H,8`,&b"2(CO3^de24YAJnfCQ$,h,L_-ug%/95A3REGQUk(&PEnbMldPq]Qkl^s_YlSS!,H!^E%dBo@-]ZeGZlQtNWZ'E'=. +%5:#fbi&2orFpPt8_lpFIU`nATliOFlW$Xo:aHG`pR48b"7LmXZ`SVIK>]O3V+`"I.YW+890Y)dXK+jCC4S04A\M3*hX")++iPGV8 +%C>sOHG(mY`N&[s]RS^^2O3eW:.7B!UfN`Sj[13R.D;)h/MKl.0)+W!W#*.,b$+-&+;74:A<EQ@\16clA(e[fXXLgO63[7]Nf=gEi +%'mhPX!Kn?H14RpneUb^5.8hBheIrk?'J[i%\r^SE*%*/T[)l0D)(LPP3Q>J0Nd1qKOa&om;0bO'8+bS_SB6_6],[Z$%&f[J\Ml35 +%gWYR>=2*"VT`oZ(MG_sQ1_0:Kl%#!U&KSGt?1pG82J&m1kb&njCMf8o_SC\A*ChJ1!1kPQk,98XI:RN>CC,c(L26;7RO?B3;o>%. +%fa7'TY0p;=]f>ckTIX9K<M*+pP\?7j#<Z(B/i;@.>_\+!VNt,1_[G(8R-cju$52U9_%1t0/eeRqbO[1*/^/g!'#Bdm]0]b?OH-p` +%@G=HsY6iH9*7.2Np>H5`@>&]GTdf^>=ob90bak?T+CV2AdJ$!!WCO,NbfC=S/([5[6j"*e%rlhk`'d+,&V3RLU$('g;P74-ai@aJ +%T95O.Vn6?G>$f-rnO1e*=P\D11N5J8Tom[(E\p>*gQ'XG0F(f<q/2m[L.!4%a(A7B+M?+m\1:%S0Pp_S2r2g^dO!:b<@Qqh:dX>D +%$Ls?+Tp7\(KcDoWkRR=(K>loPo0b<(@&9!CF!JC/?VZ6IQKd$D&j;cq^]BoI/a?1!2)r(8aB>K3U'_<NnE"Q2FnA4'VsH`*)oQ7H +%'KR`^(mCqJY_a>?`$+oo"kXuCEJL5<93)+DG+-PS-&TdclP]io8U-kX`a6snn"phEX*i[I!5$^f!ZCA\gUG@@gU'3nODZP0frf%q +%3!>m^rlXPQ[3hG+2s],)C0'LU/_`06e#m2?p)TWECXt4\^T%gc)aK3:\n/V5XptCM,HNl$:pmBbmFsHJ:npV&VEo,"nW[(I"@2gp +%+?;tA,RBN?[ap;6^-(A)6%bR:4mfPKinDU)@`"N_c%0gT5UY<`7N<E/'\)>oh$Ab+k-/nG6$11p@<a%)J9-c[Ogdq&RY9E<3JbJp +%<Hib2B:;Yf+IEDhi1bX.Y`8^6+HS#r8-Gdre)K'0;%2'R7?%0>]E+qPPp"cLq:#qf6oYb%^^Ql'&tI+d;DV=Hi,fjN$4>l\]Ih$` +%*!-[N@`!RXfQ#UCa$Z)j(bFbu1Vd#Qn[8`!8FU,_@VeuMRk/Sn)87Rf0EATiTads3K/"FuQ>%d<,+Q*gE&M,Hkd!FkU2tVoOFJm4 +%!Ue1rGu+2Q!%5Sm:(rS$QcCk:i$\8c1l2#;IYJ,"S,49bMeeeEQXK<+-5/\<$3p@u==")GrbZ\qJhu,40e&\'4D"X6)I-+(;Wh<L +%WW2Y06W`:Za4B$kaN'"*#AP+aDee&O:epH.crCKl-<lofYPr&,_XQP&8gXa4&?Z\\)<RqjXtkG]\-+]+9FpUB<G;mGS4`b`BIN/` +%S23"0qDMQk&ATr\>`":[d#iqC,soM")HA,j-nq"h)Nfj[5\@s!SuGr114UE'oHWYNi#qK=(a*eT=Wq.6Y/N%7PftM\Off!C10==Q +%.I)(;UHM.&5naSH=!cV^:Z]QRa,qT]Ba@Fh:S^g(9l1rhHN=FEk?bCX(mZ$"[]RY;RYV'^JL&,U?$95aOdiO\-+tY9C!rBU,##G! +%I)V?qD(jD5!%BAB(!^/S?-0QU%<ti,jS).ZXRKQe;MTIr%++ScT.bOU\HKVZS--6j8dmKU?Q43:?hoYrV.McIFPnQrFK#i[!?_fe +%2($!:).LZV2B?/mFn"b?=8R^H6rQLq0UZN4hZsr$9u?KFbQ25Fg$rbh*_mr%5oLDDTg&O4*ll)aI5)?X(j\ercVT8D#YA1GLp@.0 +%-/9`Z_/1,3]:Q"a)4_[.K8"]3V!5p#WrsE[E!DUEkm(=B1nH]Rfr)6H-<*Jm\f^W7e[f]8-2D:*0s]GY_3uLg:,jbTAZkXm6e&G9 +%=3f%JgsM2q@QG]8"#_^*EPT2")RAlX.iI,rRM2eUr%QT"P?g."!q.#Y9]QS/26UbWM&DU*gLnSA)^`B!"Xe5E1?8'pWD$L1?s5E- +%l(6lmJn1$SJi#S_8*gh/kWkk!/L-+NGC$:4fRcO^Z@;dTMpT-'!`nnR-;jkr[GJ:$!:15K`"89uO];FfT!mpSXs(J_4S"SMR*&-a +%<(g>q!]e\WeI-Nb/K&BABV*IQC%QFrZ![XoRQIF`A&a2pcLql3-^pRJ](@QE9H0:T#>nDA!Y>d,bt*MI8fR9nd$LMHBJ.;cM3&mY +%5YkIGG+98PaTX+!d@m+qYiP>J\L6[,A@aM#$b9X.#Q_Yn,qIB29S@_;R9kV]P5pot0uQu@/5`^KfGK9DBYnRSB>p,#d(r,kIY>Cn +%%\!Ju/Z8`+N$qB\o4lQO="7=Z97fQTU:Z;G#\q=+o,V@_/?/^*c-iEI0V"9L#+)d[!-%+R'h_77J5h@DeWO`=B;KPnd6bH;XcT\) +%c87:*J6+:lm7a"\&Oj)]'\ef@LX@K^QDRi0TA60j$^><HfotrN<%h=M=#?<U=eQ)9:;X?sbY%)8$+;1?4dR.]EVCqm24A;+d>;BF +%-MrP_`*og_S"^%K80q*/NSGJ%=!ZDY3ljSG(faYKWiOJf`CA+2Rj_8l:L8dr&1DNWl4==K5n.KhcsZSS01Mipj;!C.9+Q'[h5V@G +%Ii74C=oqZ]hTK;Vg8cq4a)L5BR.,E^n#FVRRMm0Ljm_m*Uqnn:jXq*TlM.q9aqk2-8Fb>$[apnq/$fpAVkF_!S'F(9fh!&8E)i'H +%B56aK,pQ<R&eTqRFul5I;[EkDOrGBg"1?)j3C#sSiB[/AS4Lsf$:5T?f-0Q:"pNFSDa:[\_m7R$[A@kukG)j,7%U"[=6;&0$gYbH +%@%nphC5%dqnb7X.PK+82*/"ktZt]P,)2-,'_PDmrqO0*O77n\ZE^8WG'R01ULbI-nc79G\fF$&h/OiV-WhGPHiK<%H*PTAMe-XJR +%)"p:VbcsLJ:M<+JRML&OI&ksb^m<#5lpD3J9B-'!gH+hIR]6mC"Ouu_V=Y2@6A*arl"EE.=W0?BA9UA*_LY6kbW;8K)Mjc8N,d8L +%4?AW0^cY!Q%#BkZPB8qWG/]2TPIJso&W"j"MKoJkL=C_p-AGG2S'>Y^L-f73mg*kR7h!/V<uDii""-TDM6j?gMng;<%9+oQeC5*K +%mO5rI.gTG.2<b8A?*9peN6Z!N$YP:G84O2`";sthRTcR7KB2:lQWPFR(1Ea(&0t3Qn-$cSP_I4`%er=0C&m:H9cPL;9*rma,T7&6 +%OHBq_)hRgQaqQ!e+QgfY(<K(/Op+*iBJX(Y]i6HY+XmO&&e,0V1'D<TE^N5t4OKINS4ZS_.2&TKcefKEiq3U97[1lUClRF/bWfla +%KNZ*bm<Ta1a'n'`.N'4_@1KGD7*,=\hD'`>"VZIF9S.e'>Ctcti4u]/40Rn'Z=&AbT(3l+nd*)<0i?o"b>Hk>*,d@+(9C]8i<hA' +%0oaTimE7V(dh/52OhlR)<Z"G;l@b`Sc[nlB(FC-4d)$(iA7Q80=b3Z9Gd\f!^hGXM`ba3nP-7O2%AGQaV`^uVkC)GH:r!<0UhC6/ +%,_n<("s$[o@mD;-ZLE![LpFBH,^SO\LI=iW\0pZe,n$&:rZ96Y@^Zup!BH6`0G_NkCnm(L31nfF3AC,?(mpmM"C32S/Y%.Q.9S@8 +%2OK*!,F'\f=GPsc.?OZud0e89U<<d19b-_Q.?^bdD>X^9Kc=]GI[J9kLn<j%fCgM*&fpOt=Di]C,3p(aCf@HGP_DEn+o$]1"589e +%:n7[n:_/qq?OFc&fU*6B$"FdF+..a,@0W=eY6&8`7k:FgM9C#8"FG.1iofdMQ$<&en&I/@<',-siJI9hC2#K&qFq;7iC&],&#u5W +%foSc&jC"M1Q607T':^RX]I.d(O;I[6ecG^K[ENO>Ys=_#D-Ai3T'63V$6H^m=paoK_<_tX!?:iR!@'$N@5:PB06lO[L+%D/o<EFl +%:'LP?iO/d]UPH51!i5NVVIklI]m)$ChHn,>R6h2m18Y.dL8N.o?n)M#"2u)'h5_.?&-5L]&V<7u9dH9lD&reT_,;Rq#RE2\%Qagh +%MJ(NBFG]<^^iW*Q$p>QiU*(p_pj=6LL"HB5hP$VNAgR[iW5OXmipYFYr"G#Cad#J`c,\p0:6'>U!e@Q#1!LP#6`3q?8ONpp$$V)= +%RQh4TZ['&GHVdPG%RKQt@(nb@2!@\^WQ7SN-#0,D8[SSj[keY!AH:I9#/S^132-U+0oV4^`F3#07,S-.N9gNE,Psr4!aQTr\Dga( +%]+KSKoRoW%,?ck^]3M^eRY!#Ac%)_XnQcVu:B2ak-?knb$ofjTp4e6_OH&+6a2an8Jh1m12iKA>P_T?7Cj*^ipj*_rJskEH)R1gV +%iR!+_+,()q\)EVj4,0RDWXep'acljm+d'q*$"a#F:jcI]$Z;nqD!]n?]h:B;TiF2\eAb19'LcNb!$"D8l;mtinsRfji,B78JhTa: +%e:RrN$?(Ql3hl'Eibf1J`#sFoJjVd7MBPe)^<\tf$U"Br*WK9>bO#'ZL]kDX>d50r.+BSenoRqM!HAf4*8&3G"Rf9!^]oRo9lh$! +%JOB86peK_U7.J.Tcs-k/LI0uU.`SNA6"c(BKb-[Jd&\4k:U:iAKa3l].km_MZ',Zj:T;fH&Bfr@'_/j\joXL,/e1D(TEuVOUY@M% +%'[I=SFcT'#/;'=i.+,7Q?dk]<VEo)59nLIhQO<%6+$,PpYiGsi"ULScL',GGL5B<'Qr;Wl)7E)1An!PO(H5;374TODO3@N*4J<KV +%Fc1B(Hkk!3Ip.X[2(TJL'da,#S#.W(p;@_bPOG1Qd:,Yni;a2dhOVcrC(T?UjXFdE@+7]L,]!KHn7;-DB],F.liCXrUC^,>A2#dh +%5<@_T7$]/4>mR&l^1dl3(E?Z.^bp6ph8.g_&1L_0/>\j=HlZnM6Mp:b'U_?o*28!9m>B<m/B/GTRg57Abcq07'eTk_+_F@P1_%kh +%;):.O]tbIm@$]%HJO9D\hc,$J9ju_lH;g1u"`^5heW':-YbIOVH2sM,er?I`+[86uE=5C-391AJ$QjqY1Y@QrDGS^dK%_&umg+g\ +%`-=<ukQ/5GRQC4\*2TF)/tpB,M4*uAE/fLnf0)!MGlBIdVM,Y*L[$&$C4bRR'$!!L0I`_]5W**lI'9M(TKZ'!kVO\Lra&OjGp=su +%>rC[cPaPVm+M^nh>YEk-\Vs,c+p'VfLu:X@eRfA[#U5d]1hC3XalKuC_^=B$(4NPaR%8&"LL'2+Q76JB0ZkBt;#qIdgD:&GMV'6E +%FBm`]\>@/Qb$tZIk%q]\EbWp`;9J$_AZIg+KM9`,M&$([?gpTZ)GQ.p?ULCl=MK6W*A`-/9<O/q9!4P?`9A\hWWec4MWHW&12\o$ +%`Ca_bQo.Q2KPFp`R:PkV9HmrSaD_+]%A,(`.VoJ\\<rig%e,:%_Vrli=<CQp_l0R0a5J;`Ps$RkVL>T\nW(/UC'FK2M6mN3O2Grj +%N;5i%Qd3;X-:OZh+e+(3I9e8]I#P5Zfe"=C8iW[:kpX]I3*+.O<kW/I%$0Y:&;pUlR@R/V8,/FlM';'a('0%T"'4^fs/,-$U)sS^ +%7K*MI(%irMHO9sM\#6/;)<Hoq2KUnY9I:Gd"&Nt+/l<hp?)#/^HUS^F)?r5=6/KK0L:A!D<5%>4!@oVA,!&B/Bd$?4-BrPJ)c;Xt +%Lq@;?:qA#_M;\>!Ya26pm73'5RafOP>'-H1*K&-pC4_j'PPnCqIc$eJ`>Bq:'Bt$$Z`q4V[%F4R%uF*:Z"%JdG8B:FFG]I@4Cb&m +%c?3^IM-CYYCL#$os2G;O&H6Q]I"m1;)tc(PQVtKJVdT`lR!;%FOie$OI@;%'DbpL=p7ipam0IEXa]F>>O_'0<^0G,AM:;MF]pds# +%9;pN6/=l9Y3e\J>N$1GJ1\po-%*K/!/&2uFq*f7L!ME/8+.ipFb[Y+8XDg:)n5(D+8"[]_`$NV4L,b>U"&"mIi#%oZ,%5lQ!]<7" +%/b*Hd3u0)gVC):XNo("iTZMXlfJGSSV8P>AJM>IAKZSW4#.Om*2\)h7E?YQ:b'1s<_!uNnF2]FEXBC;&duhH`8&GlI.tAXtKG8eO +%8%c^t3a#=%_XI"!SDgdY*"0ibggL5^B[,8j1r?"f8"b,/IKaeaV_.+)Of;8,<CS'd4^>SMVC5Ob:)s+oggA,DJ0*`i=I2U.@gONe +%%#;)nXS7D9:L`%3#or)9ksu^IeG)Ms<csY9>S$?:l@9G9[;rbXe]?/)^_Q4:?6b;m(fiVsP73`&F=JaBf3l$?JV4'nKa:Fm$?09' +%Xj)6<n?Rkbf5ug&e5.DP&P%`k8liglZG%#`i)'`qqQdW<!`DUm>FK@;_nt(b)!@l7$J1Kp!,-hsB$"R^QRlND#1JjST0l4i(mZ&2 +%mKLU^6)T((&*JY%=F>d!(t#E3muLc.LXLc`EU,V%bK@)+3^`caTUar5$!3X%%SB@9koN+1Bo?h`FrS@kOeiD"S^=!Cj6j55$2;]Y +%-'WZ(Mo"nH\97;Qd&,E:8G8AC;SaA+S`G&OA3Ah,U8&U`PINrF@1?C.c".IKbM50V3aGA_U&tGJT%\CNgBtANNZ?ARn1_![+E,8h +%Bo4;sBWX^'gm!dkIDV_r&RQ^-Ci[`'`O?,lOi]+:Yr75Y<B:/fQ6T4Ah!\eFfnmcIe#"<&J`0D*29\W9UM<]Z?;N&2_K;^m3&1eB +%QFKi.XC*q(kQP?PANpo2#,jI]du,a/s3KPK0.)i4IDaqOE"BrH(i4ih-A)uZ3+IS^,TE4`_X<iTO8%?mQ))^jDDgA.flQinZSSto +%8sNAjP+;4VY.d:2M3L@giV&OIk"3^6RmQ*=A/S>F7Pg+blu9m*KUdi$1E@T`TST=<m_5NBF+K]9Jj<R0jG&KOC4W5#c5A(FKn0** +%lShF/'!rn1:fL%HA_7lL'ac-_Yq$!*BFu'lM33^X]ElG98=u1Ma9@=f60:?N;"Fp_V\m=l)"^`U/7,,jY_(b%;P?EKaiqW;:WZdr +%91c+&Aqub:_D"Yb5;)+$6lV:cW@n]qn\hD=(RHi7TWHS.!&7k[Pa,^8gk19S"P=7`94gRib%?9iI#t.T+c;g:A#4HSM*$UK+ZPqr +%?@U%%.V6Ok;QN(`T1,U.TG*KT/>V@4&jeFI3=]>Ndf<irC*tH.9bC+X.O@)B6ZU$Fr$44@l+ieE;6nme3C,b>!kf1]\;Cn\a&u\W +%i(*mu)8T=0,],$nVNUfbS4-s,;,LXim-qs'e/1rf'W1ej!1(H-Q;c\`/3X,MOQ8;"#\\fDq1tPC9'H]B0PL/t#T=s>*rO,XYWkB_ +%W*:_u^GC^4/D/e`%hqUK8VTL=(]';XFCXYnp+h818]it0UAPb=!9&0)mYdm,!T,A%5tE73;:Ik"7$9B>Z=.&+P\+kN'@$W=o`S%B +%5g;N0J&$W$R7*:R'7cJR,_@2;0.b4&?nDZl+,S280F:;G)4$9s^7<1g/\NM>-\^363*@q,8d#BQHK3qWnZ\gh5ebBo'X0uQcX9\7 +%"ElcLZfDiDSk-(;UBsdEII^i+g_`VNE.E.qKbPZaZ^c\%659S'dR5Blr!gs26a!=4bZKP2r'6R%J=%2>8tAZf*'eBX^qGqj74IIo +%W=eXFd9AXcVm-sIH]7!>,d0Cg1k;3t@1>UoKLJS"?jqBC,#jP`_EJV>R0c=d)OHL,*QLt%_^WJ[,TS[emf>GUkX,tBI55sb7KGk( +%8Bsc^]VlC^&qGDFJUP/_)?eh9*"epqM3>]-+]VC]@8<s5Ymh>0>h7i(-g)%#.s5"t,9XOa5[9'n71+'m8_PZI;F,c\,"up%E4cr@ +%80S"I<"A:)73mRXP[8?`h3X:L`X%rl&/r5>L2^-q:1<99A]9t&%aG_`fQ<>h3oNJ+8->:#,1;t9d`UJU$CW)'P[<g/_,;ie-We19 +%*S_lio$q,$GgDC77#4ToB8o>iTDC^H<>24AdD.T7A=F0OeLg:r1`i)B6,KONFJOpBjXKgIcB:KP2c30-JO1EqnNFZGUjJYCLmmur +%;D'#Q'O:2K4Vj(K/Jb.^Le+S'iHU"V'>G.9%$6m,:cG3fOd7sR8pj:)Hm9oMnW"3L<+uV23Y,4fBTc>Vl4LlWP#ClC"FVGa\[2kE +%:*:XR1h[Zfk3,b0Sba1C8p0-'Kie?O]F0/;6eW;rN<k25;_m9qZm:G6!i2dP0LU%(*28/IHjDY?90Oh5..eg.0OdI"@6/hb!c/Ic +%9LBuFPs^FdEKOSX9BeWZ)K%!N2-/k9?'25AW+8S0\NuBP@q\gs:'V`4^e;Wq!IGQJ6K"Z,EZeH3-@R#(3`un"$_(W&LerU:PG,Y9 +%@uT>RKmKtt6:_RlAdeu%g4U'+,3<0h;S5Ft$Hg8q]AY$[#aV9Z?FWG#H!<YsRSV'o!=:O@1bij'2M#AV@Phs0qh(hM:/Gp)\H+!r +%)I2$Z<35#5OWS9C-)4?NS[`]A'9Z+aTYrBjfoluH?:"0j'7i\2O9fi1#O!ZB,Rtq_U?n-lE&K%jG8R19.n2*AI.s"acmRcipWRZH +%/&SJGqu5;gf<+*J2;X92DpahlOG590k1r/c*hP!s5^=k.Ti0<caS8FMa9Y9BgEO\',\Vq/#cZZo!O*HOm.%qaKUe-1I#$HGM6L)W +%#nkk1FCDDD*Ce)*1_H#m`TV?)?8m_'%+nZ6OWFK(;C.GM;(3h3?cXUO;AI6"?g9781Ut6hdBJ!I*KLeDLO)b;O3&YEe)M]YW$/>` +%I0'JuA4D_[VLN@S7^7)Jk'<,UN@K-krC^'D!S8W;raJi%URK!m705>T&k_FjS9H(i->*HO*n$;a'88P?W0@.8rO,h)_Tt\"q>@%q +%,Ke1d=<!/r"\d(N%Z3G1O<NoO;,Xk:T.:cJ!\q'Ac3#BY[aEX@G"EO@(Sh)/X+TXN@5q(S'-R\/"^/;;aYHX!nuFIo`>jb,YH*5@ +%4rTH^VMl68E`WgL=(^A\Q*/`7jREGN;9B7rV_LieWX_ep*f<c!Yp`<j8i-(d$q!oT0(>;4ou'Hu%2a$YUh+2p#9*%@l)PH`RmuP2 +%UuD<Y+\1!#D``q;UNCbIHW8RU/*h@Z5==N^Q[.c;\0%#;P_M@L'q6#@_f/RqqM2"I%)LIL0LZ/bOHS-`Uk?^l0^+`%^.'1k8<OdR +%kcou_kW<H[C.P-EctI+ZSlAQ1akIk48CsR1ig*it6"X5FF2tjhQdX><mbaEkonH\!-#&_i#(U^n.O>O6hUXIMFd[HhAB`7:A&cd! +%nHt`7B3eT.ghZ6D^`*X$'4NdERWJoM_G=9*60f4q&V;r1@a^/@#uQG75d'ro9M,U)Qe`m\5]q+t\f4=J.J4R$])sCC>i=R7CC*R\ +%N[n7P,gZt5cVbCT`oP@;nOQbSk"9].a67XHdi0q,51=^nn?Y@#*AY:u-N8@_YJ24o:e5p&N]o<7,oQ=DoV0a#PVG[SfeZ<dAnfPb +%)ZE++)2r6&W#pj=16YmiaWu]O<-0I%q8'HQNOpr6q+8_d+XlhRs$7Ada:'t;"X]C`7&`Ze?cYkM:I*/o.9FR^92!8mR_TQJ(8SK3 +%):Pi.9Jbpc2GN#gb'c`',ah]TKZ8asN.pmqVMK7AP`RZN!d2qAZa_P^J_lVRJ2il/G%&0j'D-u8UL-B6gl>u#([6iGdY_LG"p9FG +%^K<hF/#g.:P+#fc>Hofj=I3I7HBN<W6%W/FPJ[EG,RYH"UK;o?aEIK?X-cj(?q<eEe+4df3#\O)l'Rm4iJ&b$V(a.VS/ImCLh%l- +%0]V"m&b<#:HHE6t`nhZ0oN;e)A/*8_IjS'DJLZbfiYjKV9XFj/fg'oc/0"d+0jt&`ckb8)$j18)_,+=OGVIMf/EDVWkgns?m)pIp +%E<?-!&.]?J&aO#h8*RS%#`\,b5K6+aK6\__!4t6)U?&LFH;0p2;^<e_dD8?]Lm+[T;)/LY8LC65`Fk,,-q6XOq^Wua:>d6tHD?!B +%#Gh_63<0Jl.)-FOr[D-;O[kY'*`s^5YWfujalONL-`,9fYGE?\,0<"b&Z"/Q0N]"L3S(F5I`42dOn2>#RmLR@Yo(b&$DG$$6S)-d +%rIbCK(<86uF59^c!^)G\Qh)iYbcZ[\8Fu_l;Ma=Fc/1..KCZN6R!&_*5_/ckEFnDGY)<m>8WYUeh@0@.=oW:qVCl5Q3NT\jZK'X! +%A*(?]W-);(Q-4.\%Dqtr$Mg'iom5H>\2O3I2JC4tE7ioJ$*T;b/(_!:3u19`.fktIQ]FH.@]q[qYptfmU.&\$NLM]&&;:IXJ(/eQ +%D2Zb!D@-oo[X:'1D]4bYjT+]7#;1e$Op^A9C;$g98n6YYf6])m"fZ;ZdFRjG92u6V`@-QYU@SD&NuLHm@7Xt1B`)3fA_^7#d-00t +%^T/OSC^b[.nOd@R*e#i`N13_s.F+Ba*WJ`n:`LZV%D=?]DGBg.dAMjmi*S`+q#AG8P>"C>^K*^mY@j9W8B4U&^K=&&5Nl;GJW;JP +%@^<rnUOS/3VFY".\Qab0R;Z3:cmqt=R1ndK,.X9?Oe+q/Pt(c^j#P.IFOc'eR^0f3E5tLK;#1O7F9A%S?KOO]SR433/]Y\[h-%9+ +%$u5`AF!\K*,5j1A`m+ot04Eh7@58V@d<(!P@d6g@j:-b)lDFjh>Y6r<fO)61>.1P?Q+qQ^W*I+^5rTKUNiFRYmALHQ7lRf.Q?4=l +%JjYiYZV`_HKLt_<%Cn7meS@la4/[_iT*,!%U^d1k_c\!8\P$RQA`j+((27kP)5K+gd?4k)jJ\eTm.Sd_Tdh7@mU1__+M[dC"EnI@ +%D-!LU["c$7Z;S+hkr.$K?nEt2M"pGPb:tT,)H#h5BMQJ0FfR5bb$YlHP%&NJ/%k]BEJZ#W]%(+YYIIV\Wb+L$:9WS^=447:ST8R0 +%A]uGZ*&M<aWQ@!H($Ab<?#QqoeeK`;$*#LkKX3_@i;[/(P1:YsBi[rG(=inR-AtXFMXP0*.f@[4>W/(A91b.QF^,kZg;@pfO,'K( +%bpS!D.F]7XLp"is63UPW_L8H,44Wc+B1k5TBW"a&b%N+UkWiTgkIOY\TDQMj>,A_!'`Y91oiCoh1;X7%IVq.1[d]=iqVqkOSKU&6 +%RMA.p2M_8!s%2NG)BB?dM!_k:>Ffc72.:pEXu3gK1.";'1hkHcBS=?.@lhR%)lQ!TDe6l1>.Pm8:M7cDA$gDpdFp1Y[;i8'6Yu.] +%p#CZL.Zh.VOEo/;#qFeDU]K"9/eWt4'<@(,%E)lKFMmZk1P6/\Cb_lQ`,+G9gRN_+p8?:(ZnDAlNI/&Fr]M)rWfU)o8l+Y062.L( +%>8qd%0MYM25;;J;7\?+NN2?O@\PX%BX2<hFq2lOZ$8_KTpg8LB00f;go:mC>/Ls`akJ*Ib=NiMSCCQ^?9G5s$Wq%VQ;Q?2rh6g2V +%:TH4&+lEm@Y//s3%n@j$U<5uA>]3><WkV$<UX<LYkin-a.\uma37Ms\eZ!_*Z\01YggJ0-]-L>GPYJ`./.J("f[r'-gOBD'7712I +%jh$^RYP*nP'9D>_RB"l;S^`OjQK=S'W"!#h$6NP+bgis,b(4!WrBH];W;'/j-S[gLAu#/^RnW\dK;U<F#%4/!L5iB$]9AQWgWaE[ +%D79"k;De]fN2UkY`gbER/PS?u]Km`eV>=i*p172faKI.sK7;bl2hJCl?*Xbl=age"s+c)dq**g';[oq6eL/8kCtb&*Ltl$Jd.kuc +%0V%*jE`9@V,0/`$<2og^/tP%GAEhOYO\EjId8BX05+p1<Bg7t;,p=M3]_g@lWg1g]?TB]>1<nMYrSqaJp]'WZhRb\maAHe4R3:=% +%-/4oKRC&\AiJ_A06`c,8>%P#uX];>!\<H;PPr"]\nSobA7h%;KD3#Y7cYE=OoAf0:15X#qC:'G3qqt!=s4^&-a6diK_if^%_*]eW +%N;a>:"/T1F]TTCJNr7XG!<8O+a.Kfn,N0n-&S$qW)".bj61Et5Dl%1JjYgA2U"b92"qsaNCqs3+Du*75o1cGEhLp0U2teGJ21SAO +%>''J:@>Ql!(osb:cF)#n?<\$7b)2u\epE%HVEc.04J\1^PAf$l?XtbKnmW*VEbR@u&`RbY.iX]#Hu8ib0PU1!lCg-`j2Tt$%f\.9 +%Enk@,2Kn0PP^7.1[0DA,+ofhI'?W7?c&?tfoPQe)Xq%E3_D7`u:5M!,Ep]PLb@Td):pZ27_*?9&VRUklM`X%V]o?t-3N[*qp4(#h +%rXF;BZC'5<fJUGClXO;)O+$7^>V&L$nP<8,^Oq%"[h9ur82!F8VAKp-&0jiW=(3[P8r\>h(U^o:c2%MAo"KS\mh:0&Jb@pYiKd2" +%ftf7Yoaa$lQ,`hns)p*d[kYSr.IZGFmFQ%HH\>WVj.QAT%TD?q[CG+)m$jQR`@ZBbmR`<'e[(mkG'hZ+6KBk*q!+pOE?jWi-\""+ +%N#4OMBXe*XbW'.SN^H8E/5i#$$?5h85/4edr2Yif0H#R4BCKY6f_f-sr]QWuot_?[#1Y$)]S!2j0'b-Hhr.t_Ie$bCXeu#'F.d54 +%D(ojIR/`GWruU=;j=nW(<6G39))^U-ro.P=J#TPld6_2iQTMprLG=Q,QQt]s63R8i:Hf^W[".j<pb<9WQVA1>I8G`-J4E.$`loe[ +%rhCiu<G'=?LF7tWD)Td%mLarDM%\5G_t-i>Q@^s@a?P!FA4Ikd7kH)L7jReH2pn!L;2FKmS*82NI_Xi0j8\>"'!<1OB,&\DCncc9 +%oL-f]6Gc1G*DQO.-]04J[=:YH(d^GBe))D>oX@];AJ5mYo;FT<bbMa!GK?O+TMbES8capQn3t?f&CEE[1H^-:JEEn77bm#':7NLX +%h=r+T;h)Ooo8eb]&VCDC+^l<t,03'^ec@,_7NI76rdC@\gDK)Kn"W=hA]sO]*?>3$/V*\_<'Ml.GDG/t%gMX2EHP8V,)GOZ34r;1 +%@-'ri<ZVpKEA195O+&JoKl".Vc"VQfV=!K@co]]`UVFuh(^Vjf_>g(Kh!^"3qX9d$LqhQ=NK<q?2K&L(iqd#^>E[:;D"4n'HNf6) +%L8d\eE,/([/7[fS=gg%?O!Jl**+^0gPf*Nq<(R&;TE[IAJ-9$)^d3SB77]-1hb&HL8&cN,"VtbNpOBqYc>+)g<JE^Qg?hpNb+ug^ +%X#BoiE@3],G8e?DB9Ri*>1"3/r>H2\,3%KGF]tB7UHBKC@=pf!)qLkjdONQ]?g)F.!Y"q"KtMF</i&("'gn[Nm+?PubM\$1`Smnk +%$'q!,kT>Y?OTggN)5I"-#0$oV,%D<G!!=,QN5D'+s$QRKIl8l08.#t-<bk5,Sgs\W-AA&m*rX:Q(QB4/R1Pp=p-J_FkqD@us-=JH +%J#>m;heuk$]9C>FETYs\NB&raokL&tdBLuI?*p+Mr^8:gLVO%V1p@[c^\dmK(5C=t\_ai,&8*sib=\bbCJT]f[d2.6KM/0g(<FL_ +%lgBIH,"@&um;06^s*HU(s8H!s4b/#4j]B.bn"*GW_Jpbij/S(d7dV`cr\^+\ZUk+/Z=KEmF!\.$c*Mf&LZ.j014A-McXSCVT9oT7 +%4Mf^MB.%\)&Yji"*nPn0`P9XVYE,m^?Xjkf:c+?RM5"t?;AorBYQ"#E9DC)@6L+#P#sSa.r[[/o=T1GXCg-<VonT)X\)##iO8jj` +%m'RPn)5aC,6\:D-!>_KDRaKLADT.)61*8`('akTT2-H1=Or!.$STO5-oEbG.&<u(oDpD*&aS))n(A4.e''>5G=>1F"a3>XfLag;; +%IHQ>\*3Sn+EkB6YT'O/i,>nmJI9tk[oP8<pS%bhSB;O?)ojm$\pWHpe@7sAdS.I9dN+Bk+2&Q8>DILo9aRAKL51Wq-]8B>a*^mP6 +%?Z$KWHr&AXlNA4CR-tFL`Vm_dppJmRc,Fo$d@I^F5=-V2>$3-3l&UEqo"<O>6r]A"(<FhRXX<im.)rNM<;Jt8`u0u5g[.cZ30!PA +%N(WaqdIHMKSr)qP@i.pj0r.X?gqnGl<YR6TQG>J-\J`hea%^j7[*=A,%jN<<S*CANo^/a7Q[0$,8'k$WNm[If3BurKgL<$c8-u-G +%,BV5q%"_'NA\`d!^chIM_f6&8!;%/4(&f21i[&@tdHZb>9NsBRJV]I+es@D$4!.CG&uVSU-_JPfEGHlpMcNbE+8U)QXb8b]eo_fn +%=*c`<7kpSY-mn"E>N>.Dh8*/gqApq=TjN/Q55eae-&R]seuja\7MCe@h$d.%9X\"%[8KJ28imp2GmRjrPf:mj-f=K.Tl)Oc:uOrs +%^iNmNCMbn6F@sk_NK9B?#D3V%.ggb38OA0FWHr_bOm7>Q"TCN"I+6Y6*lNt7mWMb@'b\A+_k/,-2#6?qn2K@/_e3G*Kq8>r2k@+M +%gd5T+CA#sIot"\e/DJMfQ<UmhXJ-3sCft$rV=`U_9P0+\j.g>E[CW/=s1I*&epa`#^4+a7<u7*:k?F,c@_X51$P,mJfn-plBgq#W +%fan%)XC/$]F0I08%9CpoXZmE:e_2qK.E,DKgpT7$H5nM@;3bWK;]`E0*BkIH'Rn`CUb.HBo4>qDg<0)ij4@6Ts8/U,j(2et/dta$ +%[F)JlBs5)mcn7<ClY>?I5!V%ml64UL3#g8rJ4<:KSQTgR<Egp[eIY77E`F:eTuuJ1g-rU#9'%#"_Du!k*GDB,lAd02[&G\nKkf/k +%GhQqQ<Ki<?,dd$=2lrd:W#4#ILagTP.OcrtOnjR.Zn/q&fdqQ6"LP=`>&Mf?8tRC!X/fYYQ)+OM2!\nUjE3f@&!b2H$>M"A$X%%< +%B#ZIQEgMYbknBAfL'mQSK4pOaX6$CbWeKZ%MdZ@]Y9s]h7I81SYh7K-:h4QJN(0)&1)-l?,\%/b&Rh\T5p]sW,Qe2>*['hXhgu5m +%"L+rN7J65GY`aeM.lh;'5;)nQFOWlUKg@Gp<"]g76.4AJI\[nq_35%&6nT&])>g/C8Qm=[(.9u5\P+!BVYYW22d.jKV3P&GU7msZ +%(B"hF.q`Ef>uJ`Y'j[rR].QQ@bK!s84oYrTjD*Ge,W`p&i);!*cpc//M4mp&)jrgYX%nVN_^qN#_\muDA4V^V]fh"aJgY#CZS3._ +%#a%oJ?iBi*#L30r+Id-=(=j8;$pi'V4rfVIL454FrD<g;nGT#CUK(L>ooL2Ef*!2pQ-<op7sfoITf)bCKjVP[j$tKkce:$SR/RA2 +%mg6:R\s'j8d\\P9S:IFV&,WKn7r($Q@hj@oX+8b(M(8/8FVhHp;B5DAG\>)3d%o2*0OG*ss7p)5#+Ls_9kuB-gQ(oEA7i]n<;&*F +%qu6N[!rVf^&)UQSQ;p*<o:LJMJ-lG;&%H*R;qU]]rr,Cs1H[(IUlGuYk:'/h#@D[1aC\k?!%gs*>S\kO!+ESBquLIY7$<fN\97fM +%62^+[pa]DhXd!OIFF28PCI$),aAu:PfiNudbbi<u"eW5_F%K)@i,4)jnJ?*ppQW$0L-#%GoQ^\*[g$;=_g^=8Y\MDA?b6cq*/rX' +%5G\;:Ri\<AamV8NR):fm3R12"B^U[]0CXSGX]6AZpZT6Yq^n(Z(.Mb`BA('gYaaO#h#.1aF-B)nP>pIj(];R6Kl`B`F.]i>r7`LT +%Ut9J]=,9('OihW$DR?^B\,M\7dLQ)>m1@10J1T!EN&LK+8Gs?'i7ZCFLrY+hGV],bc/q6lg&+E>'\LW#N(/DU=T!BtT0K1M$MmnR +%[#"1iDPJD4@/RL/3be*'C"7u;U`H&7g=+5b[f^p0lm=.:ec$mo1JZjeOgR_:rPM(ko&S&Y#-[S^^b8SR7HR\`<b+,ndNrP$Q*]2; +%1TPY%/*5`'2U[^?Y#$1We^#>>Q"oVLe!38+40@&F^$_,*kZANj&%R>R8o6]0hPlbE%Q5&&`faY@>I$U9_d$d=11`kmLmTkL.OkP) +%/ZBY=D:uKdL)Z%b8Jf,$n<d&^m;(_ulE8lHO`FaeD3C2J\MD%I`C[O'lcD_.OK_acQVcmd2BC&>/(ZXtY0k:\=0>ae-)=d9Lhc4F +%[jE1T2+!c1QY:*0Mb;Ns/N!&72N]NuIgqK/5=C,+:EZJah\4eOchaXO?W8DF7@qI>KFpL"78/Hb'p\Ti3t`1:TTuD_+.$$B3U-fk +%UTO4#'AZH4S4a&>ZQ-2+W\kNl,]gV]R8&J-lHt1$'g`X%.rBRM@pCSS7gfBI<pI)!D9stS[AM*.^25Yp8'Q8o=X>FTe8Jf%\C'W& +%&4M3:k!/&hFO7&@e/1c4*^$bRE0&ES&J[%Lc%4-ORalp7XIQ]tB_?&f$E\bgNm"gbg,ZM]PKKte2R5;19jRr#S[Nu]fp&@UTjM^q +%bN!$CgM9rY]_gnN54g/_q.Y_Po0iol7D5`^)7qF6Ujctj_5EDYPub(fRj'=G)`DFoT[jGKcB;+Hfjf8/rA^u5WW$-+ruq"aIG.O% +%BB]VrO57,?XIR$G7?["rS)[)%Gf96?N1j?j0Gl:h8p8ud80Y1X7(\/mK!Rb\V?kTmd"4*bR#8KGImu^mpL(Ch$4KGLR8&6h>mlXc +%<\W_E^hL/.0H<?Ph[+_hb+^Om;T18_-7+dfdkZ2"8m!C[qN<U`dhUAO2!3)EaM(mI3\#gXJ[V(@cKU79e=*LZbIYBYd(m]VZ4L2$ +%JqC6YUHAB#jT_h^%>+B"[hTXXA&nnGTZOtap;uU!4dZF$Lj`H#%#QlgUN(W/ZY\338?kA,+/uun>jbAe/(h%b^F$jA4%Kbcmc%`q +%P2[lQ*KIYQp5f_.07ZW&`#i/WrMV`6X%(?2=roOk=j<n)HOj\mc<.90Xb[q=NE'tm2FU,,[I4UZ6bAr1WgU)Li/,f9603f$6b-g0 +%%>p"b5JUmN\FA[c54)*l#&foLJ63M:BX\lA6jb`Y.&2nHXAY$t1H7glJY_>3:(WYX1`?Is_aqq/H4<H`@'_^gXO_.js55I&@6o'5 +%C,kWPD-<0umB@Ei'H%?-?#(X:;J<g8;Pnd3;St6IWGQ=Wd2N=%NO)C>UTDU1P&`CL=r\G/WN\EAPp&c,;%B6e]fYW57X>)L<Z9;Y +%2Be>FM@QcQ>:s!Tc=a20c.8]F);$P8BJ^3.PLPIjT[:^j^WL7llqb?)C,_VNA%!ok'iO`V*_iS>HdJ,Fp(8\%8:tS2@U3(^$_f*j +%#J72k$3ZhA-upH%'[;N8(FUVt(/q=H;s-D7RNu^kJg7!Vp58i[g7tK6US`<t:lP)rQSWOk'nKlJA)3Igao^P2`Z"lWAbW"5A0\%7 +%,HMrJj97XT3\6/<+YET+!!e[L$Ekk4R#PZgFu5mK*;OMQBT+danY?>jNQigZ,q!'U&Rq#X00Ak3\c@]r29tZ$=?f9$JnfId>72/q +%PUe8N3`gjO)+D^KnnBC+Sru$2^gUp@NhWqAUhguHM`@ZZC_4,eEPh(t'(8HDbe$2s:;%rRVI)brVIJ[b+iSK[9?C%<b-fri_W0L) +%(+ai:K%^Af(b4C/Q0nW6E'PPPr*MqYo0",g+R3j'j3Qn]IhlV4*6S*:S)b7.+N:TlS"A/Z[3VkS[&Cuf]%H_NRL$EqdHGYZ&TL-] +%>8B\geBSXW2EGj.O'04]W-*G&Z;[cEgMQnGr`caoaAUt@U;a`F*U;:<"t*j#&-!W2=K9j<TW'si][cWZ6kicrS4VgPO@5N5n.3M7 +%Z`^<KJgo`fhJ$gYl5uf:UUD0EfUsF8==lIU>l3W1279i^/Z,tZPI6(4NgEXFah^S9:&]i/*tF$b%u@8t/LT:YA5u^GW"I2^JJQHG +%28[m&F(qb;,,pYA>:<$?iTdr-56i9`I8M7*3(m^icWZe81,hToEboI4.sr#r4tqYiHpqd^[-OW6f<TDO8/3b^WaA.%O-]7\iV;_4 +%engo-bM"tB9P[t\44L:,j$p&7"dd8t[C8_+p=dNfd1gaX#5&=+d5)YZG@4i:91ABab&K%(02*W?C3dseRi?`p@m;#;A)n2p6n,.9 +%mROgp.Z:a^GG8Io3fSu'frX1Ym6;BO.p!,7JZ1-B;kL"t=e2I]]/h@@<*(BGWq.R9>$S>CN3K:a.,N&35iq5!A@7UoV.K*V@'q?1 +%+Snkn#`^%h!XV[I%E.*LUn)@FN<@83am,V.hR(ZL7i[d(4";gC.P7$+NOj(Qdcg`-Op&(-e'd8;LqhZ(UHNLCc]iK$"QOY_R]XCo +%<b:VeNqE@6'(Ee:#kXrn[PR6\78mG'P;X_da-!R0MYGd9T4g^+&h)5;4u`"hNegbY7(f6=iYA!qYNUde746#(lA7G6'UT5]\r$UT +%'m8#A9obs>H<JgMVDosrMGC*OF@*Zm)>2._88K7'-==S$q$N/'=)^RAJeR\i*0IG_KR<qJq8R9m=)^L?JrY5\ku#fk02('H'^$`K +%_$ToE:<5A)7_U.OMf!<Kg'p':h2il8%6:0=O;$=W3MP>k'A<m5BfF%j,uI``5eA0[m910585Hk+NH<Nca9h6ge?k]!0A78gGUYai +%TPuJ4hmU+R`.RD,/p1kU<$'ReH-hScU09mmTpDVj6B=/OoV`EiNuA^C]CHH14K>/sQ<-mi>".Q(g2rRKb+i,i[m"S)-QG0V7__hR +%$JYDl!Z&])CELq:Yg#p3oE:]FXMDlU,>JM(ieW+0:'`i=OFSQN#WSP'@$ZjA?^dI7,MWDAEC.I'T[pS`[2:Xc-JFStb`(=k1)/L. +%C2+:4:dIdqXs#A)<s>#M"jS/WSiqli,2nn&&rnstiKt8kNp0(oc;C%"KO`d_*-4H`0df(CDFTjIMi_duXU^J$L:*u'lc9]O2<(V[ +%'.2"[`)T6jX$A!XXt!Zb3UV]lj%cO5mZ<mt:8g1UULjlk<%cEic#IW9N]Wrs\=/k_n<W+Nf*Z'd=j[3toWDaO]rO'Y%l?T#!J(J[ +%qW>Z_DY5[,7/gEfZ,$4p`.,Oj5<W_fMuG4]F82;SogK?ChtQ/TiD;>d8pLX9TBYCXY[)W@Rr&kq>>HEuDd*IUopq2sRmo3ceRJ2* +%20qj6*b5.=QY/8H?6%tE:k._$VD>dRAHqhQK\"iVmUo;`$>\\lJU:G-bFY?e]H<3fr5%N0ZuD@9^#(8M2UhKB@c]Wq,jm.l]rh7H +%OXDmjY?u,eHq_F1&+=c<8$fs3cYSXp:(C'`PPmm`pFb\#'Sha3gVWa]0ndR<:bD*Hp):%&/2A-NWU00)#"QA]c[,<`r$mo`*XFF` +%"5u/#?Ydpoq-<1[Kf+tjOahS.g+EPLiqhMY4ubX:ai'h/*aG;h_al0l]iXqkg/TBXc*p2l+]COlcLelBhYX4LSWd2?GknU+*_5eW +%O;M1B*St[5ek'9n<3?u7;fAeBrGo0,NGXTSLrMtIn&*'53'F78V;"0D$%^EeC7VZ^\^i$'SDK.,__5rpWjTAPFm&[hOkm';F_gG, +%p+_"&9m20JZ_Y+=J)p;m-K=)+NTN,2gmKFJd-`9qe">h/^H^6?530,B5*''rT<Hn<*lVK]WT2SQZd[P!M_h2.e;Lci=SMI/_sVWu +%m2Jh(c^<O&=a5t.MQ'<NV_6;+A,AAr1=t`FYI<st@!<OZ5B#qH*VN0.Mm&8NRo/V_GO"b_\d]C\VhZUi`n&]GA,i,lV[ou)@f)n: +%l4hKSouOi4'i*VcXLX(G8n-=m=2i5Yl9"E5fZ_hQg-*+g5L9<[PaER!r+b&)jFXi('=B[LK$S(<Y'#b8VD3:8?59gPFCZb6-S7 +%NF+jR<SX^]e&,???<e;6S\?/X?^l1A=qCMYcaZo?a"Z+NpWI+7UNOiLoIB%]s'G/dYr^]5pJUmi:0eo78t-'HLR7?2N]]FWMTO3K +%Zd[H6-bb&c(GAp^L5IW;7GK?5(]@TKCS%`GH-WM?>3KYsrKc:(;(/cuo#2\mSYBH[!`.FV&*R7?!^>EA+'_5-a8ua'kHCVWe&U:k +%=ZdflVn7[Y9<DXh\e[PP6/@7sqRN1\4k<:fNNL17R`/@7:@k1Nc'P6/;jW8_Hi0Eqr#B'K1HV_72o;G_T!g--O@c?GJPbIQO*EF, +%Y,A,I`RCU>a6`GAA'cst[.850?Is=WHBGd%$Jh;6G1iFXKfqB6_qdJ!Vk]GUdnXi=N`N&1O4dbk6[&d5H$6+Kqh;N2X-XW7V_=BD +%a1>#c0=9K[LM4#-dckfsoJ5Y7fUZ>rNr#*a7$uZlgMpVO:8QWKa.CG>gSE;RRo#g55@J`(\-T1I%poAAe7gmu4%3%@iC^Gcp`&V- +%*qnn0NW8OM[Y['\2thYGm7bhmn!g9bFLn[A'K,a_mIEeA5IR>"Kp/3SO*3QIf[A$orEO^?P>8Fp_QfC=DN?/(qekWi:o!\\Y&kYF +%k.3&[=CGo$7QN[D:'3PF\ikpU&4mOA:ZY?ZSZW(XYLNm)D,rmQEMbUXkVjI3FZPA.VPp:N86lCAbI]fO]iU%aD:RKP3pe+p](*KE +%;p'=?f7tlMIr"cN,?0!`bZJ4$k=;U4mkq)(p;";*UO#Z#ZPD)?N?s6:C#"oUK`:;qA+e^?1&W.H+/b])^F$nDlZ_s(+19]0jf<:< +%@VZk/qq*U)IC;!m&C%u@0AC3l=1i"I[EI)i]jt#&;=^#rD^OO\HfI2eC\q_E.k.B5@5Xn]>!JtpU_RBe^Wg\FND71EH0RJ/o<6L9 +%e=Q6]Y[['mfD)pkmE]Kl<&4FKFXq(-=C:<MotQC]Y@b2iFKa+ie#t-.AH1NYCL^2ES=-RJfBk_MhDG17aILjdVI*-;K2oa8`A2=N +%h4HI%*A)sPH^iHR;nfX,lW3[nE^7D%K"LkX=fT1XD._;T,MUhc;Qbg9QO@Wl@ai`j9<Rk`Ki#q9hL;c;%[;,!UUL%c,@t?X:!fk% +%]PZP*1=`Df%Pt(Xot2.keAb:UXmC"IU&"(q"*;#;ODnQ7B'.r49agCVr:QV-qt@GWhL96@h7b9:%/s9s,l!XG#>X0N+SYP@iBnu6 +%'s8h/\8tlq4ro*kf&OmGDI?Cb96TDiUA-WpXrXB0_J9'\CFq#1c.gPQo<3s@f932o`a3pThqBW+n;8Ma@*h#-lc:]8bCR'dj=%L0 +%auqm9jcCe6/r@fVqYKlOD2Us*p?]AGf&c+@iL:4\`T#MK(S5Z"E;GQ(/k@;'m%2fg=p0uEi0qj/EBVs:9!7iF\b8U(kPV+j8,q@L +%bJYKL@1]Pi,TPRNKM"QEZ'VG%#0"q\1pT]/#5fO`>)nJtfT!!s7$'T5G\hc:GIi-DJ*\n5<[-OH,OQSq+uko,Ic'p'>N5At4SA%F +%(\,7JIEZkZX2S7=2a#[L6H.F012Ch]O+'#3(\r:0iB=hn%IRmmVUh!ULNdjJp1V']M3<Tm%"go(-4TF4CMPRuDgBp::q.ssK?L#r +%.be=rW/7R1SaKZr>LUF>Y*R(*WdtEpdFWcXRLd;t,;?N2AZ!?<N=\oI79\S"S-pe%nootuA)9tC]s$gH.lEh4T[OKZR#j9hr5a:S +%hXDADU:EM2(E2CM9_'TTAqe5ll^n#$EUhNUEH;Y)9#XpdT"_ce_hu]V7/?^;r!aP&?cce7md72emN>NG)_\8+8=S9cCnT0V2IV8) +%4Ql[*Y;r;Z)QeXS>'rZWe'$OJm=ART>0U#mmW#Ln\DEq(?8TC*p<2;9'kKSfLb@)$1JcM41p62j7k=$OIipe^6VWhUeEk#9/8kid +%7NS'.7I;r&g1be2ImD>Zp[<,p-!3$Wqo2'd]g(ED%"kU99;[>_H*kKDZle.XBC.C$@]C\p5qSZRbZ^NVmfrXKRS9&mDD]gbH,tZ$ +%H$-R&h:Pi[%1[&fOkhuHpOS,^E0/WVf86&+2>/r5T00\6,Kn2eU_s)l\8`'@L7oU1NEo,gY8fpKTCQA4h9J#dQ\Vgb6X_eJ=UYVY +%kiZCLn.Bb%YE'TlePHqHWlH@_&_Wrb&j$LY<tD;)nYD2R.33AQ(--6O"ap;]/Kj_J-qhXpJ4NIbjBTJp(WZ=lMV6&2aW_,VngHUp +%k%N?^*:70]UgN0/kV["d`ea5UXE"?]F(EC[V):7oog7!VbhXp7?VY#^Rb`j]G*6Fm?<K(/9oHJu<dX2h&!^o(H!$f(amQnZ_X$I8 +%1X07.D(t^a<=X?:I:95060d`_)(V$117f;G^%;qdBJq_e'ASuc8^$qs"r3YL8;d'i%1:di%ng''O>8*GN__m<iRXTp7*)If`-fOc +%dJII\@U=ahe`R`109$m,I!R:YVme:-gWtSG7i(LB.M%r*U0Tq@(?s?fUW!=BiKS-0<'o_08Mh_<O$jX.]4#^IHjR7HVcd\ZB0g4* +%[X'R[Of='ZP_l0Hdj'.t,Gjcqe[ogM<.4a^K&"[9GOiT9Rr'JL!;DEj],>YqFUg#okCQmMT3/S$+[`8B=_LrFM5cWWlnp`F(2`\% +%QcEfu8N2uR\Q@Zf9//6&4Tb*OM5=bG0e[YGo!,XYI7^RpHXDpoqNg`$8W8KO[8UeT#fV^Zc8Kq+/fI5,]XE+(WOLTc-utY"D>2HF +%E&ks8g?dQ*T.T29.>?LP7Z"O;E;++QQo7UZVnnOm,ker0^PAYeg[H<NV5+\8$pf,J+UG"C>fNTk#-l`l/dP)Y2:c$?2cVb@*\i$A +%TiX<YbFt:Cm+n9TkcIEfI`-PT8l*ogFm]tHbtM:qLA=MDb^o;#]j_MQhIWe@rkt&okg#*&:U)d!6juSNJb($>Ch,@NLGlI6O<-l9 +%81r6*lX\.>PTdRs#PH*3c"QM1'2tI:;du]UejKZU?V,#dT!"nZGC>nSX#l,Nlt')@k!%e$;?$4[4"FUgi(cLt6d:To_4_I$@tg:j +%s(*s)`W3*AcHg"V?K"gCcg[aH9l6+-l;Q].HnSEZhJ>-AY0P+SFahSgNFqkce"(An(q^36lioj#gp$"+6kGb`k]r>:((YfgW?_+% +%k$km9*sTW;_hFuLnL@8tf[Pa9mfLW=Ls+i:Lg)F'[0o^f@hocrcopg@FcQX`6uUAD?KO2`:O$/Y/fRk^GWk.m?eC'%Dr7?+K6l4p +%C6?hrej!$W2NhPC:,FcCF2I60ZX9uuGKA&A@-^-HV\1=hm6p"-=2C!8X<C0?E;Y/J1aL*o1m]7"+:fseghj.cQ)OBemu,"u0Vp>/ +%5E5r<>cKCg%oVL<^-on@Lb9uQ"F#2"P[<;?:"`fj+UVI1>(#qO?Uq$&*\OIRn_/8e`Ksa$PfHi7IjckqAG6UP;Ehh.np<)-0O$:3 +%Z;uo-LY7,L]@1qBj'eN;hB>`HM%$DtnU8/3"$f6%T/C]c@^f*%Hf(@QPoD657]k?0[o(qL;AS$Ic+L:_!a86dB^#1*k6Dg\,F_uO +%*L6LgiFR&JH^S@jLN<1X258]`(:gjT_VT:*?!(ESj"[:rpSJoTFP33l=LR_8D=r:=AKs;T#3GS2j6d9'L;B43/.:Y=$0LF7#a=ks +%4N+I`I\W;o2i[V8bEKYbnb'A5HlB*Bh8eijL!/li,)80HSHD0%?Y*M%WGm7I(JZ;&:`8c.9UE1V':)3n[(7bE)'NimP/n'@#3_P* +%7GH2n9HekHdN8iq"j:I!rG[7mn4c.?OMJC!/<3;LgoaAi!#1.-f!<Z&4RCNYq6IOQFEokAe'0)grG#OF#.8%7E6c@!+P(.oq]=F. +%I^3U,@JOq*>klTO7:TOk?DDSDBJ5B_q'IX3a"7fl-iq5-JQ:3*)f'U=$)[)MA:TN_+br6$Nt)*L\YSB*B\E+&rU#cC#gaD/7IQV9 +%SAOmh)HWFAa0Jhe1&Om-Qo9nP7'?@M,?/`BK^e1a;>)"_J]9Ze/mSnOh,GpmMf[]3BP<>NQ4XMZ1)J-AeMA7nJN'V#rb`=QXQ;.Q +%Wj#a5r;;Pn1;q'iogH%K>ZcuQN_jdIC.k(@F,FNdIU=-q?qFh<[X'!"Ne[bY_H&5"4FDqQq0N^YXJ`>=d`!t0F4j%ncRY==`emlA +%H$&R]^m0/T-').tK6snbK5F>$Fr95g/6_TCSe9XoY`cXGiCKgcoPM6_\UVA1\c4SMQMY:n.WqfoCj0]PQ8lelkq.6d9AFoYNK+QK +%b&MEY8OWNcBAYhseR_;>U\4J?g&$P`RFgnYfB]?(MlG=35-aeW=bMsDIH-tg/16Z]iu^Vro<l/'[iu`&PhY3XE@[aq:2Tcj,%&Qs +%E7FOW^b:hpoeGiWF5.CIKIF[jm6Ifn)[4uifKou@VPbERg#j/UMGB:.F^MWH1R7A)@HMl45KsBF_b4R+ABo+^02%gWgk!;l)ka): +%mQ`,sl40=0$PYRKP'h4eIsb;UO!+@$"K6GQj/jJW`,;ICeSi&^KuVq7"6NJ]9]e^V<nT\fqSsn$Yc_mYo3[&K^emVk.M@8S\Pt-s +%[O,Fd,%kD4TCq524`JJ-A0,!VoeDAfjdcra\Z8\t<R0^RPoS-,K)puJ;7Vq,e+7>E28D/;eRETTYM:M3B>[tNa\eG+`?TSkY?W3L +%R>Vq`G!&?5:#oem%ciW)J"4XV$.M4HI/Bf!B30L$5[LfD!Y5Q_CH((a<lMtD%55/up)TVcgOl/kX9[qZ8A!:$6cdptm:!D;]6:G: +%moetOW=092DV2jBnU[@:mPtK,BWQ1CFMtGl)W8C+g0Ls;at=201jV:=gf(NT2ulG:]$n/f3RZab*ZO8]En%(?7e`7k>cDMtm/A\= +%o[N(A5l/D'UWVP5GBsd:h\<LWS&*=FE,^S]S#tri/DYH-bk\Ms/C)6nRYtV`R-X31UC$*]oCgFV+F/]Ja)\h/>&/6`21T,"#"0[@ +%.bG^uWc=quZTlM"jM;_bQn^Re*i`[(49JuL)[erWZG&c&a^pM?2S21(Dn,Ts]Y)]Nl@eMK9A\JAo"e69e'l6>>(DpJ(+)4F]OdZN +%RA*[dXWYg8Ksj^g-2.IE#EPqG`]6oRL:]\l,aT82RgY9dZ%*HW,PrZFJf_?*AfRqgBrNl>R"60#fX>;6S@DnE6"><nb3P]d/Qr@E +%l(W%^*4fes+*aklSVNB9@Y(pu+e^3G;0?4-KH9[&Cq-tZ[:is9KR6.?ijsEu)3Q^H_V1buk?W_Vg"nq9CKQQdk',k:`M(uL/[A,) +%1PURD8(L*2g=>O.7IlJm>bole"u)DXc].paYK4TJ/EgTHJR)t/kJH=jB&'A:[XEu1KJ&>5;qO4l6h'T_,[&tF?&N`5>d3uJ(;>l% +%@h)\Lb1<>pkOS,OaJE*U:B@:p##G4jRR7qfbmW@A)!0(qqnbTQ0"<QH.dI05_NtRbjU>aJXl8-QE,Du_=rDQ?i0CjW9MWsW)S'Ku +%M`EaR[W!SY[<;WMk(6huaE*'$OtSPOSRJ\\r/r1mmXL]4_U=s/\X<\O]$HYE92Y*0FO2IFP=$-T?t$HGi)OV3*76CIM0ADA^:mh" +%;e]"eflY1C*#d.8.u*)kQa1)/X@J:MOn:@a@[QXVC%dWf2KHpMNGLX$h1_LN\s?is\6tIVYCcG?C]bq"p9eV;)n9K8"O1n1AF)Xr +%7r94]Jb1ZtR[]X87uo[72o<g:UL<QVDf4so`#L'"Xg^@EH/X"'a1#KA=fZ#6bp4BGd8%rk1U>P.2r`$1a-0q_GIe+e7.D`XZ5XlD +%*[$f)8YIIie&V'jcq5eVW"HCQYeTSe,25Nn]`@?P4p-G$"k4W5PK]6g$cqErF'2?K$_8`:9[%U>'2o_$>b58teao6R?7FV8Hh[Cb +%98'BCV!so<9G>XZYd"W/'3[,'J1QTnj,^gV6UETgqW@<L!>=,/KuP3M%>-Es6+%bs0&$[@aoOQP%\"o;bcoL1)f<chO77UVJa&>8 +%hZ+;3jmD'=ml=t9^<HnW'tCT,\i^sU*bmF45A6'T+m=*!FLi/S_Pti:YfM]I\AH"3Y[&;3GkNmj+h0WgW-M1.!=<TU`lQ6V@^f*R +%KRb6Ueg(gnFGZt.Zo;$9B/N=MM#jVt*aIhj18%6lS:Esg'X!Z8E+q#RMJ6<M1N/=;9XNS^;Dqob[_pd=Q4;)M.>!n:Qd*AfNOdOi +%5n,Mc_\K`\&SC-Z_H:`/R6<LW)p)E&nL[-)Oqpcp5HJong"h'Ap.M#,Sg`+\md]92pbNJ/[`igPkYX6C)$l[;OWPjBc95iu?q2g> +%?=^'+W-)jR@h`JWqj=5IVuWh%*u=1pWsq"TMb3OCLe1o\^C:MdHf49h3BM5G"5<EAc^7BX$]aRLJ:oi9[EOoD$'oG%Ub.HUL>g;[ +%&*I1K"jmNAlS6RO?oPhP7gVd=j9nB./-jLXC!>PTYs$tIbdW=F12hI#9Vl&bqTAe$$Xc;Es)sO?*>YN:j\MH]B7.gb["[Cd!<^si +%W8]([+?*s*%MPAWn0lSmCj@(5K-TXcdtTHGb&VrOKIR0F0-`Ci6$b=BK$Lu1]ZKVUKW6%*P81sPOa^2GO3e^oZ-:]i/3eVG'$GGq +%SR<p"*[X<8bh^^dEc(JDFm>otIfZg%a!$bZEiHm\nKnRLaeaaNbKCL@Lc2VLH#=-!"u#S*AJYU&HV'VQnR=(S/-G$='$KF"_t/as +%-([aAbGsC5?`mL[)_8O4.UVrm&WqY%k3b"X8ofI[PQ8OBk,UoYaSh?af7h3lpX'hmGgafVi]ch9#BP`fptOHN%:X43S"08<0BaDM +%BkP+Ga:M.CX*'p_plh*P$gJCHY9-#4*I7U"hG!taCX^RWAKOOEo8NkEgR,3QN_iV2=k"flcT_*-m-Jfd$*RR\`KRM+[QD2o\cUpF +%cecDsb]dL,G-ZF2jgfC[[LhhIq"aa)QGOO5@oqX5p$f2OmDVlu]3D!,/)sGKc>W\1[I8E)%[cJf@&D9*JOJFUq,$`r2&"G%<3:ME +%)LUR0n5-O\R;*?D[If6SFlcl"+*jegpIr!f>ipL6g2nr?IAg?D9Js*MQMs^g%`jQSq2'm,Fb>><ncKD&ldjACq2pH4Fb:nso$SV[ +%eicq`kO)I?6e+5V11[-SJVU7JcVuuO*S\CteV;\\J)m;<h/s.Ngp6:%WccWe_hp&8:c0We(*g>Us%p+@E5i\'\3\JHckg.4o";k% +%a$\Cgn9lmoIVB<m;\6=sTNMbZfC2To?bGKp%oqp,\#/\*M`k%a5c/Kb<6YkTB&r;^"Q[iG4KaaS>kk"-?9C";6e0s"-ofHa?l`Bb +%#0nPXGp.Dj#<7(Uf,<*-C^tNN,Au9HT'\4LHs%7J7WA(V/*87q`?IN200G_68:Z%m`ncY4387;R;`6b-_fZ@BE^=rY[F<8,Q0&dP +%c#J'S?^0]-B6,7=(PHF:V#_7"D2c)G%+"&9B<,D<RhMC<!R<UB=RkE<3Pa=n?7fg,ZT2pf/74Y(K4f7aOIZ9'i7T+.CnhL#(nStQ +%c??cPI#lK4fb[D.[Zc--+.g^Xc<ep,lo*d<-$.8bn8+,]UpgYg^p>&q?oTMrRff2*JZa-_2iS!df&9r%O>i.&cF0N'5'Su@D'7_= +%bR`$S5A\-gRMB%=DDM_]Ha+;A5,1"(ME*Q-c#f<ViRsYCZ-emRkZTbLA`RX8)\NgRi!c4%!R>k?XLGd6ZNb&Xhg)\]B5;/6Ee_68 +%Hd?.=DeH+!f`oUAoldbmlr81iCj8+4CThR3cF/(NI5u4Yj4GDCTj56KBBu>AX^9=[%W!-2`T$Q,k;[5-gY);R)j^#;[P:j]"ch:[ +%f23<FrAOLWIQ`SmFF!$=lWGd3!?#P5kI4KJS05hrj8,'u)!?\p?34TkJ/%tp`;"qf13"MX\Q3NTi#9j`Jhc:MLDZWgc/BWsDM>0! +%*b$+8OYGf[LDY5\oN.;BJJdR/*aB72mP$HLS;;16h-VX@HoW]hLD]3&-$(fZ\D#g>3Q1\ZaEhaB3"O;DEQ#A$m-%=Zj*%]&b<_(s +%<#W`7ru>M'EqboT(jBtiho-2f$8)X%pQ$K;kJef.6B#,]U0&1?SC6%Fo<g7`j#/a&,fD\9NUPQ:72A=N0DK-B-XtkBB^mG]j!oo0 +%Ju1++0s:22r"NUFKsJ8b3Q*n4A[)BV\:YT<(I3rFYmEXI(geiK4>1069>2s9(t[3'nMXV?".9ZSY1I'2"u-UZ/+oZj5D'g9bLs9O +%@bd[U1+-NNEi5D2od(g%+ZGYb%V>HlEG'1sc\iWQ7,7_@@XL0mAjhTa@n4cT7>r#F5`G$8C&JHLggtSUrW$D4040/41!]Z.rF1S& +%LUkps7#WpC6S0<5^'"rQ#@^s0@a:#X`YgVAFKtcAc$TP&l%j?1$R!V_N3b970-;odpYP4V&EAf4r`k8!$b=#?`&Pk`E'NMi_5>th +%F+`saieo&$j`jG$GJ`MP^=E(DIgRpUrIWupLiHANpeh^aMLV_QaMknF`43M"[g^3bmR=Q+6B%CH2dIb>*.-Z>T=F&GqZatuoB\+< +%1!W,:=3V?;o:a&:Cq.[[F6IS>*:1jETu.UqZ-2`[k]#ju/.3K$_'Ass3daST&<ljNIg-pr@)H!/]QA8*1,p`C_,$`A'l:B+Z@5)] +%\,fb4,Ns)XE$i[&V4b_kfh3t8rWG8el',d@q@RhZJdnX3`K-\0'l:C>?+CM-h!Cm+jeBX-Cq'oqGp.:>dAQUMk\tm]fJ:h4g7-$Q +%6AO=.@(7J(\?Zp>=G8&r_bGOq91=UdfPnkCh%%fjHkG1mU;PLnh*6Z)B37_iJ.B'-=\*>;&3=(4L@b3:k!b'ONT$GWoJEt<Q[fQI +%[L'^ar^5o=q,,K0"gb0!^b6WIY2&"frgl*I+6LVjiJP=l>d5TK_j/^:o)'Ig>bOTgVR0TM\:P06H%$5DY+.NZ1\)4CE.oKXYEggV +%*Nk2.h)ciS7>EC(8:7X+K+:u:e)sS5-9>DJL>,*a/;+Kll7bGR%X5K;o:a((p18O5E!71u\9hL*3aC>X#0LOlk]#Vpb4toW5_gj_ +%a[C,$#p$2"@=A\,^=7NHU%VXMflAOlYK9F9=5P5Y![RUodn:c;HiM69!7^.b>VhS=;fW$%21NlHjOgnR.T:#0?cIm-VG["=^4pjC +%ja4i+<+bU6of&E-(#t4Wk`d&Q3NZ>@O/(C3fNW<GS6_S_=W?k1W(r@=fn:T<%S>h`5_F+R`inWg6sJuBGF^_\F;Ngl2h9NCYgZ<h +%I[I/ZH=mgOrP4aA]0'\orpa7X0.^F</f7u0$b_sEA5!tL3)aX2_-dtHM'\]NDBbHEMd313bRDm79#mI5([lH)N)nA903DF<*S&5W +%hD`aupb\K)![?/-]Y9UHm4%H<Yh+U0pVdnED.Z\!h'.p"gP:N/>YZ[o5IImHkh>:lQ'f9?2!LAW7,dh"L^.t>l\"Ss3-sH+9Xp]G +%rRJZHjh>DYGf7UBOBhaJV8R_Q:aFZPIS7IO0BnJG'--JSN4<ji-pu.@H.GPq!*iVI>8Ir<f<&:O=tG^:YZpmq3mF.=QU[mSgk0b\ +%G+)`3KF_t/ei:+[AP5+a/$<OPq(kd@(3pE/LR7OqR;mO:kjtBq8LrpM7ahEl9fuLT$bu#*%#MsBWN:1Ga`i\A27]iD61NbMEJ4LX +%(YBOM6H0G*1"rqS&V7d'NaLMJ5Y]hd[Z&f'>d'f$X<k$,O)Y7Yd&s7UiV[fl/HHb)hNrDf:G6uhh"Fp,GM,[.0$?UkqfoU1C_<tS +%1_>Ck.B44SX`#kR`cuBH*'CN-ELnq;d$XXrS.n(l)-E\nph\X%rlVK/]FIulTCZi7M_&Kp`_?[h;na)-Z:o"kOV[cAlEFK'@T,3A +%d63i:7,,OcgLYqDBWUlIc3>22O\'qTZd57a@.M:[Qolu2Pm><2k';67,HJiOE(S^3btNGI40O7\j5#a&*ganO\%WPm.``FAXY7S" +%_2Dk1O>,OLEPs!`Qd*<)=[5!6EhgOEVZX'\VJ395:jC:MNC%+rGlC>QJ0u;=Z'i5dikQ7L+V>a-R"Gh*,t98u#fGG;(Nu`pH`S+J +%qoB`6gPZn'Wm&JnV1g=+e@OB2@/Zh,*A67Aq8G@-CtgA(=Y<S[91GHiN3pZK!TGZb>oBE0NXj:Oo%e?)Z6EYI^R$43CTI2UY9oaV +%n3]^"<Lu<'`k4I3@_&pNkOH*e85mQ;T"gU;Q><PagVu=h\IRL;Y?87+OH:j%(DP&U#)dKeb7Vp2Yo'EPrRHQgZ$aS8Q9i-eLB96M +%Eltk..[JHfDi?V"$]*nkHa1fj15hS<hT!#$B>C^_bY9#ogru#p`eiK#)_Y4ZVgM>HnWmG$l[a?HN&`HZHO'9UZ6aD"anC`+*os?p +%liVjq)=;BirSH>^i\O<P;J/*Y0TXg]SkC^"/1R&8iBm8;_sQgHCAS9A^os6;(%jRe\D<%DQm>TsF)g8hH/NlsR]p#Pfrn2],r-Qa +%I7NjgEjo^+[[<aW7aI>eZ1YomkLU%mjn2MuZ#pfgRZ";78]NqV)!,7L)N6U/R/Pj:G"hdCh3].'9=t2%^CaN:XBMRk2#<V+,;@>0 +%Ha@da%)?.[H`^BU:?C*hF)fZU.5@/Y`g^n-r'KQ<mdX!-Bbg'-SfrO@pBt#1N7=$J()5(IZb;#raBdS,[>MSMk9-5NSZh7l&i5=# +%fiOeV%*61(1lBXhq(Q*fRK5I\PR+e4Zbg#AcE0678;G;G;RL,1nQmW)a5SB)hX$3)Fon8"2gffjbsZ&GPE4apiN0IbC*f%4#>aZH +%X7##Ihjl3&n#S^c`_u,f]=#<7CJ[%GBRPg@Z-(bo>PtOIeiEYS^\Bd*<K]q?kMj&EI9R:QVsVXI<O[0nZu\FCI67#shVN9Wrm-A` +%k@ME@Q#;Yk*Y5/Y:W9dt*f&A'X2EM-`tMYV8GaLT)RiqmX`ND!pNlij-,*aTAO=#@X5i_9WpJSi3BDA0gg]u_\!:i!%R\4^_1&=b +%]dnhteqP!7UW\RVn[NoW(sbD>2^TKu(\M22/=FX[eiF`e5`Y"$>R89o]Ut&U61-SaMdL=0n2?_L[>MuNC2Q>S"d_`GEe2%J/J9]2 +%]=k"eWu&<um_]CrVSq3.e_tD='VW&Cr#=>XC\B7PKLk4bB)R((3/CkMmk.AECmJc.*aIUpHLAuBM0(E:.9DO)2Vot)HUtV>HI$)7 +%?<MKL\l1fnLjX>\D^TK/_i#V6?XA*T';#e!4C!RI\+-rtUiWgW'!InY1@^^K<rTUYE.=5n^$P%^pkV;/Ii#O,PG$*_/>$0ijn#N: +%(8^bGc?LmHc5#jj&pr*`gdg`%!U\Fu21tV^:=I?!^3$4?=BVK3GU^qngE3'^OQrRuhEJ]dGP_HL<QK3#!e7$%JP<T?%d\FI@@QuH +%J\fmCH`I`P_I>nhf@B$nQ`!XjV;o)Qpg#l/"E\)ps"3&Q/UnoBHfmc&>2)3q/[\sVXmpWtdiY/Ud&cZLiO<DRQZ]JQI]d7.\Sc7S +%#_aVohL,:mm37bH*Y#Rc\+_1:A#FPFX/O(@G?FiSnZC<r%LK=SSo"Gt,uMltB!oP(7&UbdCHpD&/i4J^Rtp6l06HPV:T)iY$Al+R +%g>R:Y3R.gA]o.uViU:;,NK%*'C,9jfH5R3FB:u3+`u[t\Vh_7pgh5S/d$YsC*^i-dm+H4Xjq9>]^KljTebl1uLjaV'h[Ve7;NIW( +%B+"Zd5MV7/a)EI)no+J4s5@,"jiR3#)ZaX=#50g@rVB97Z<*Ie=>hqjH7JcGmm=`/Ge-;lG`NuAC/1InLOB!\/tVGNp;50#^(#,G +%5+W\!eG3/?$0^:]%il6`humqBcYjIcp\&a7pu[&eND2pHA[GMDgLr!QhpM(5<(F:+O(>7<Z`V.;R2`HsDQ`(s:J5\,G:eX*O]q9l +%8=Peb_o*qA>V#;sjq<L\r0RV_?+p!n4p&dLdTY!2=*D/OHTth*KC91Pq/+HZkURYqV_59]Vu6)TTi_%Ah%:aCZDF&,2sF,.4Ts^B +%jf,ej'T,&n5+aU^mER]KhH>=Y1tKANjR2uc_Y8,O\EVo-MQN`C.tu":DEp#"$P@NM*FQpM1.!gaYOh'#6j_1La@23.gb%F/hBe'T +%kbEr)l/A^G&H/)ujUg&#^(/'6SPSfPTbANBZ0'V:'0:P()CkbT<mk=E]7fnfD9:8WiHSDY5fE/2)[a2Y'D^SJ7ilSY]%p/cB<L## +%*AicN8cIe!i^M:5mj05s[sH`[iS?GYXs%6KcpNcVI[[e]!Yr@.&4=kc?'5(3KsLC&iGJJS%^FNCZg?5[;+OlN2VPq3I\lgE3br:Z +%F4l?Hl*:-:n=^LV_-(XKI"C\ZfYcCe+mS0s[Jl7PmVQ7jgV`PF@9hc5`LH6W?JVL5ZZ6OHpR*'scquM*PDef'B&`^8m`8H[^ACiS +%\8JpS,CJ5C.Vs5LVeF'#EgL^!6,f9kZnD[MW9rUGS/:tsr3H';>1gr@!krt-&W6mPq1n5n>.43)8=ZP5ag.gcT0C@TmYV75UN5o' +%p*#'QWG2Q_He,Kj8mqT[GJ6#W;1?nPRq/_*/oS%T_<_p*94H7n%N"D3pRmqF#%InCqkIET3\mNWE;Ir)2=J!Bo'NL")mJ7i@R1j7 +%kI56a\(DIC%-2VI]A?M"Y]5:b(A6cnPCj-H4*Ms,eY#`@4I[,D[Vo*;`a5X>&Qlb+na$aJAi]ti#<E9gmq)6pjFfWGk!%e&e40ld +%%Ir[l'kC]-G-dOXAT#0FG?b8+M;1CVPAJQDXl_[8M&VHO49:(-'H5ACJ,Ha!G,.;Tn_:+B.f,oI/++HA*FWQ7InO'hdbRms2:4l8 +%"<TdgW;CtC4+'*[*'JcelIA4#Baf!glqQi\2S-ks%A[.K\*j3'])2!7HhL+fF%]u<ZiS9URb;$:H4/Cl07NOt_2B^*;CMBF#;;M( +%a5nYU^m#ASc_j+3(/=3EO2W8Fg%3YZ(XeMf7t%0tpg:5q_<Zi3^M@u]*:W3Z>j%mYL32b**^c8gWSHKh7BIcbHF&'f*qg\]QdZj6 +%qrq/(1E[IcnRU9)^7WY.PW/^*2nEGphgM#n"t>T&NKeW87Z_*WI=&I[h99d`UQJjS\)!7cS]U'qI5jI5cYDQ77*3R7hE`m,Ibi5] +%S?/![MA<l8XI^6ccb4>`YTIG.g-Z369q2q:O*atg?6^o-4,3@[KcN-B\j/66I2?kZX2Jee*`"`_"1jYLXj's0[eEoh0%9uYa-:/$ +%G,gtRd-)GTNVjQ]ottpZkMK:0.0etr6<rG4LD=!7as0*SpU@mV=P_U=]GH>qp9$f(\C8`&VP@;Vo[0;H`2EJ!HLUT4W-^J\8penC +%4"N'@Qf%d3p2[V#"(kTV[pN4O8o*$K8F&WJrqR$:"+:u6-_ET00Z+H=Cj(MdH5Xiem2Z4Eq*&OE.3\uK=[QGAirnc<[hgJK&&-81 +%DmWY\I!mB)rf[XR='[AMcr&GEKH*DU_c9AX35Nt5s)+lq(C!YP>Cl9/;@oI2iTN-)J=",fZ&n_#Fli8b.A>JgTco,O2NCb3eW4Mh +%Q!Ynt;Z6cdKe55uid*J'Fj^'06oqZ/Q38=;5[p*FfmHsn%CASSXfmjU;B$B9)0pS?G'S8?+7mgtr,umL-2\:VGOLDQmn:,dYFNlF +%>A$7kj^p[Oe*MFkptT-Ci8'1G"N1;g;ksJ%\s'g:j#Pr,nTV=!n's/S(@/"D/,eRIC26%_>KXX/AN04_pXs'HD>MXA9GK]Jq84[k +%.51ROLHNR;cU]-><G=81p5-bHq;+"AK5douZ0CLpYP?]'EPmYKdcF.XI2\4@GC,.QO3Xhol)1tdlpmU>;mX<[BTQ]+`3Xeu\4smW +%g1+cs5hLmQZX;tQ!&55"3H'Or$q5Y>HolKnM>m9^eE%!`2\2"UfhNOn7q\m]:cgVXM>@.eZ1p*I`PqSr^gT3$fIc;:E`Z3%;Go&4 +%j_3X:86t;"SrjMl]-HX[]6MWCcZ,VDmAK5ub/LcT0`,Vhs%^&[3C0R9'o%Z.d9L#1md.UeRh_"XY)m)n)8D!V$6@`,nSP_g6ot?P +%Wpn[5FDt=7hK(HKdcJt>)YQ^Tf0BD7Yn1os[R1q5Q)hn%f#EF)FYN0m/6GR@Q@#tJ$;0@J[X)1G]5cAQh(Qnm&@(,p#B;LbH8C^T +%Lc7c@T2mIumhD7!H0ga\)FY[\ls.4>[Q\">J^)&_Cko=0r[:%AWabk<<MqL(X\%.qe(k,SPKWdfeY<);N&8gb?luHCE9&e40KB9j +%0U1mP`cdH0I5b(^p=O&4`oFae=7IO'q0M9XU?%@3n2mt"GdtBACsl"'fM;U+ii^ek2Y;3o8jX:gJ#oF!(QlVb`E+gA=WV^JHCaU> +%He1FR:"8l0ZZ?;A/#c%o?g.914".Yq9\'>B@ob74gWjoNWP0$)SLa,RF`m`BaE".:eh[Ks6CM\gY^9O"buI!WenT;^B;X_U%ShY3 +%>%sT9Y[U-Cl.=Kjns7cXM?BZk"bX'MYf1)9<qZE[lJV<P*K9+_c#9tdrn:^Jk%ObC"($]HBq0J\OP(3=VOrN`a6i[R1`kMmD!tot +%;e6K37"]2u7cLNEg+KVq,$X."E84!0Mj^XF"In?A<$E44#pI:X'q'KVj5YakjqoYda%(B0pDSnRA./<3Xl?s[M(/^P]"L7U04pdY +%2_p)nYNi/'NI;#b7HniY04sbaYe[D\4!YEpY1U9O*2YhLqMo@cB^e*iFQfCb-MlB]I89ue21uH\nJMYW`^KDU(dMI,1UIW>*UkP/ +%bUrQ>SRSaASHI3gK8O-fK6fPe(fGf\0ccG#K=X2S>7F11.YDaq,\2,?6UEW,*E8u)NEqt_C9h%0KG9`8]Y*W:(13\h6_&l\FV3oP +%`Fd`\]A,pC(idH:3D))Z6B9HOfYcq;204%DH8K`Dc=M9P/F5=6d3jJgKUs=Zo3tfj7dn<nG(-X1'Z=7#0=up""lG$6>@"8YquebB +%c*_BK:<_*SSI?u;3l"B`(A49Hkqh=blt,QicahN'e!-M0<3Z+*=TLBrZE.Scn"u#S[@?U5+WX;;X_]g9\5drO2_NErhGG->8[?>] +%0@in9ZaJp_H5\"A5W^5J(Yq]N&#shp1!bqZjf-G`BM`a[$1Tb,6/bYgq:H9CqtplE#s3H7BHLp3+nak?[gr_L@F?SfO@UX5^Z')1 +%%uIY*RRF]d"*n:"cC]7B>edn+GFLJ$qb"??G=\h59QpGN1]>PO?P_tDJMK9L;U8q5_e2U)GkXphW]liCc)AU<#pmnd<%V%'W^njc +%U3\PX;t%AH)YSkV2U#cKF0^9P(TYqA9UeIKZajSR":n:#UY%r.C::g+Y^/#eY%00/")EBk%fquB@<,TpqF[M8%ndiAG5TTu2?Us* +%_5pd\0&Y/']#JpkNG"WX4M%FnnbrA!b@^)cf\O,1O&K];)s9baDT!iV?R_(n^KdrTb86$I7GHE&"f6"F%A[:FF^3V5RMft[m9G9k +%g:i!K6ba)FiHh]m%O;)d;#J;G/J`9Of9[\?q`q!1T0@^dY2F4YD4]i=aNBM-NI4<Hbu3Eg>`r[eAu1mh2t%GM!A,'epUZn]p*q$Q +%'N_UWhT?;A[\?e8Gi;-F=M,X]YGZE=dP^6tTSa!eYC'9e$?&,D&+pDkTNdRZ?%A19)h&2t11$<=[IW!lY7H!<mh5Gj2uS38gRYIP +%HVn.TDWrcKV6q7:Lt*]>T"iWfZHW_I^p"V]bW0iJn_`r9-g`SV%p"CdYP<kOH;ipqQCO,Ds3HHORI2^&3&]3eNE@(Ng(P$.!oGV> +%ScA="RH)"=aToMn;9XNuh[>E<V>FAk&9%kl2)-k!&47*&AkUZ37EMZHp\>"tDr=D<RuH/A-Sr9,g-sM`n)E0=f-f2sJhMcdf>2gO +%0D0I,\JpX6:qrh7>sI$ZkrPiKHC2;<FgHY;X@"UF'&AJTdXLdJVn^L,?Jhb8Dm>KbnfE$QDPOHE(rsFm"0&h%c7(KhGHVW>r!5%8 +%4)m,<r!5$Ud-*D,@t(Dq!$"Hq%R38g,SR\F*))2TI$pj,js1/t;mP<jb97)V+gKr7b97)_RjfoFYT.*P%V*HsQ9u)Q0$0>:QkMj\ +%5re!Q#,LiP&JPX_W/18be!;jG@*[(C-r,kg/e.#E=7'ilEEK!<leT\7BrZt)\@1,3&M:e^+f7[Ac_\_XZDie\TaR?HCH4FIM7rd5 +%Q^7;@5enWF2nZ_+_pbfgZsr6;RGM<dPg6.@s5Xh:LOCSe5pp1D[D>.B0'_pKDn"pl%=.Nb^"QEY.piVqB0TPkikm:[We9^M6ROg+ +%_h9Df7BK28^bLu$B:j<l0P+Cf;jr?g\^Y:FXf:!)]0&d%L<$jUao2tI>Fmd4H4S@Ud9o8X3?2(rJD?o6rj8-e;6jOjf[>nl-5r)2 +%3/np/meN^DSgQb;8$D+n<_e1_>XGgi/r-#aU=</+K;g`INI>/jB57.hOR8Cu=24P,idW4^>NdcZ37T/=i#^ULSO+tj"u1%o>-cN& +%R,K*a)sC_lQ:&(1*FY]8W*dndKJM(dr/p>=$"'Vc0+@UL7NQ$kLlI?4U=B%-8EfY5+usuj45cSP*C^Aq]$]hR#<-:.VA7@V1"80C +%#2Z@(j:I+tX,L/JB:(dX^'[F9fjgaQhg$3*&6JDEmmd#oaTFr)Pm`S=+)uc&bt2t.Nn3W>)kN,EVVRSV^"K>KVR]p/+["H1rjTM* +%8a^t#p%c>_UgLB^1Z9=U=S+RY5Q&g@H0'D!,SKak!Fi%_,'1-.l1?bR]Xi#+0sS=pil7&4Yp:J$_aO'L%^c6](,fYKd=3/rJ_Sti +%:d7%eL>'AbD(,NtA$u+"HP[P[O(>bos#]!,m+rKrd?;-*T6Xq6^LBuW^6SR$?;:%EMr9mH4?Qu+l,pAl"T@Lq^9_t4b-gu%j6YBA +%&gFX<,-f0j1IAEV+:5?c4[Vot=$7,d)o?h%8,-Z1c3%!>^'bemLm3PW.]V;?%7(IrU]VZ>i:&>UEZ_G"ID[RdKTEniA<Qr%>NY)o +%`!Z$F)Is"QaFR<]'%#PpP<N9UQh%8`qi+#6Rk6Z+D<Q%al)@$?)^*;P2RJ#G`RX,B(Kk'@S.LZgeHtZZ85u*cZt?=BREACu'1qH+ +%&J<4D\c,&V1<YE*D;SZ'I)"tJ0(RD^qhT19?o6E.0@=m:)Ssb(VpQ"T\*OiB1lO4MWCYpMa.^thqZ?[UQ,V%qg-JQCqn\haG!$l? +%N]1/h,l)Cp:QT8LdEaK(+I2$Nf_pK2&1LhY_>mmqlYS'B6:pV;@9hUCBY;HrYVf+hM5o``2]Fmj;hYJ9POk^*6Ej:YNF%.JY0`RG +%Xl7[;1oNP1iEI&*8,\(BrJ-`ad)j[9FR((:%>MRbm5n5rJIpt.67%.U@IXmIqpUaRa@dMp`P=%^Y!/b?*H[FuH-Q&WSuJ#40k@$b +%!MVk28ODL7n"'':e1T&*ZdV&u4q)eq-3ot[MQK8$e1Q3'J`cpKA,*PrabBJhq_\<^;5FSR@k>U(q!W7DGAD,I:$<&84!2B82K9%3 +%_/pC%I7-cD'-qLL8RoD%@X5WpW0\0/ZsiFcmPu3EFTGr>&tub\4:IeC54`I@NeFVq]U<bb&@k$&:s&&Ql7,4m)\uXD&H5ak)IkZO +%FM*(L`_Z%b1_Lgk_n:tc]utjOd<PT--="rF*15,b91D-C0B#TQU;7C)]r=tO3.YJic#ClE%G!j\-&p34<#$s4WLgBn[L8e)3H[ef +%j2pR]F._,g<8j=4Cd!R7cr3C^`HRNCkCK.OF<XW'LQH_/#B?qZ<nMlUN/MVNrfL#<$q109oSIq74,!7W;-;J"rBu,sl_D5NDT(dX +%pn-aP"\_Oqkjn4@,GE*E>4+pm;X2#7kDgrIT0^R1P9csJC@CS4bL\$IUGRA;nP&ghr[PB)^M_^f*3YZ(Nh1[p+FK0\4MjrCZ:ho) +%+Kl[29RAXuMN[ScoEk]^%noqjB0)Wsh]behTWd@n87tI!>@2`5XDXMA9VdK*8Rr_LSYi!!BSS4HUu[Z"6RC&chlnS6g_>JDlc)Vf +%K"7fug[uS4f#$a@Gk-0JD[2jser9u+\RGo.MYk=OY/fqIe9uWP>Ib;`Gug-ZDsbP;kpeNe4qM^;nB$KLRuk/R29D24K/F8H+lp*1 +%LoZPgLUZ[9$lc_7lam[i"P$n(>n@+tl6s>8&>BL5GX&VpbF_Jr2Tbcjd6aH];"lX$4G8^h6H\Lt*`J=h;@"0m$8KqTUiu/>n]'6R +%p8WLb7D)biiZO/>lde++$?mFUj1%npY:%)f5eEtUg3@kIp%?L<=I:Tg[aYZ%?)Dpsd)SIPQ4%\J>n7/&_`E[u<^MC[E\&2QU/>7% +%??(W9!4K9CgFj@)fg'T0NV*]_j?HM'KQ%j&1%5`@W!]sHJrc=hok#f38ld%<pC&Q<0$hCL&7-3L&.!8S9aLFO:`"/lZ.4+j9GI$+ +%YnsHqU%V3%*t@]#9XdCZEOaLEAAA.%QmfU/[T\'j.W1u5MGZO"5),%d8Q!g/<VC"1rOq\MH1]X:\8c&qjUdcfA8<nFpXPt>fb5@Z +%MC_RI&b]Pt*XdtcAdOaX(;lQbojTm:mN"Q;oQmst.W"79(Z%)bp3JM&(fU>D!5F>NL"a$%3UqOhi!`qBMhKffT8,tC2fA/S+=[9[ +%Pl#\TFNB;o>f+(n>0mE__O88T&r)6bL@S&FbWd-rKPdEN$+8)<0-K^3!5gCRK8!;-Q\Rpg=BIFGF$Wc)J5G6]S[(pgK>Bb"UPcUd +%pUgSPpc')8jR6H`3[e1:fi(ko+2j9_;;)C$q9h5^%ZC<a;1r;/.LJ<HK^obakXK)7?u3$6foP#sDa%\u];9jNcZ1MmKi*J>qtA8[ +%]=HK8BcMmg$]SY5mf64jr7tUR7L&@4rW1?m'*!gTr!?0:G7$?c]nKQ#d;2BCc9TL-TS;e%5[Gjag]cQ@_.q3$.CAuZZ">Y=qGQls +%^P)J-B')"2*T^W%;;F^,0eR\DZ<Z`;m<<JlOFVXn^l=V'[t\CtYnL*"$kcTJ_M.EA!.oN>dp(%-PFE0j-L39@[QZhS?N@#k-s5-) +%2YIF95]ZSUS">tmA*(A=9UkjAcYT-:'LW[M$Q*]1%fdiDW#h4Y_+V1rADP?;o$?b\,0shV$o0GjfSbkeIO)KJ@e:bu>c0je\X*-p +%Hi9LQo^"Q-h$M#^4DWa3puLF(^?FCf`j/;o!8!62$GlA9GX`rcB%)aJl(WT6D%u%+M/Rh:^'Z`j[l1(cY`C.FV#COf#fEX:7tp!p +%987dm4A:fh<Uc)XO)[GlO,cBC2s[D5Wpd_8OIBSS)D&Vu/So.H45^AUU8ATJGoTOa@Z&-C^qttJos2]5T"$`oPRZ$l\OW`F>`C8G +%YIDhMl\@.a(uA4/:OknGYI4'hWf8!CS30C\,tjNC=lV'd)OAg->>dJ@\-.sO7Edq^m5K59S@L^E".>WD7GK@A]j$!!SK=Y(&uW#@ +%dRi[+d<_aU/t;tuV>cA'\8e,F$^A_H\p5="hqB$",^Tui1WR;mP3<0YkCc;e%(a4TnHOf'FMC*i=_5t4RkpB@bScTA@jFM!0HDf= +%N[5-VPXs5\NR\&Pr*"(@Zp7FafFQH@YWWc9(d'Ph5qB]Q68Wk@ZqT@r-g][&3\tH;j`Ue+#fGcr%fRi9,&#$ULCjA8#_*NGDk`J> +%OA28=UmWA"?;ed$^%K*`+OinJRUs1uC)cL8p43knF`gt2anFWG;fj[PDK>E#1u/k,9)tN`e.DR11=Wi;0IBZ#4_mVEXQ[qYdGGJ0 +%Zf/M\JeJne9]7=6UE=#!_T1;Q1!uUciTN@"5\D<h"DoN/Vin/DCX03]<:4(_@(]Sk'@(n_%eQ[IU$hjTDQ5c#NTmf_#aX-12S+T3 +%rS=%ALqKpTYR!V9Y?Hoe-(!V"\=.9cq)*TF=9/G2hJB+[s7^]5CMb<4p'LX,+peAbA#/OYe7/*rAk31=Q9^6\#+WU9Cq):mk<Ac+ +%<@rK[4@&8DhgCj1AZ8[8?#-M;p^`-#)DjMP((U65l4nH`91@4/P>tA0gOWf%YD3=Y*KorJV&re82dXC.Ki\b25'?`Paekq*%f:jk +%`PE#'n3F)2fkM8*Y=ge:oO6>\!D1f4)uEFo+bWVbM#77WeU?cl;;!VIVls_FS)&5:O=P60r=&QqU.mSl]X[9>m9rjs/i9NcW(ImS +%kK1D3Ih%&4HPm!>1I2Qlb/Qrei(O[bLO.oK^u.lt"GcMUP$r;V#_I\dD\NW*"@7"rPYj+o'*Q/1Hn6->B7_6cGfhEOS-af*E$&mO +%%*euAE3Lsi?uRFuJj[-W,@GI;#_GG=@j>B#-4#2*WuM:qo5SeI1kWQ40E?_]_'c.XPFar4jRGNT9J)P9K/5e)*(HPnL;B9##S-[8 +%&MQ2>5]H;Qp-rDF^"i%-gJipeXM.Jg%UjMqhr",BT4WRaG-1iu$:fmk-f#!j;bb<BcNeH#QAV0>Q*5hlnY(9"gJ@iqa#u*\*@O=G +%H#o^'\gS,J=K>I[lB4m-J]?g)NJ5BAcSOC$AJZa%=-gFkZcT."N#^3^\3'!JW&[YF20/,M\-W]:m[_$#iF:MJ$1_WQ/q8-'IU\BU +%c8[3tr'3gJ24&61S2i;kD6Mdaj5R[>g<68)Mm,9$JrV9bh/&??G"OQEgG>8CfrIpJ&BkT;gKFn6E_#T69OEm+^[h1nnbOA0-aETF +%l*a06o;je2[g'_,GnTB8'IhD4_(19[R)40!k1<2uiVKFj3s8hKpR.tD%+\'!"<#`:29e`ITE;U[D!-3/Q?JnSIGopLL6peAl@QsH +%,EU)e`HpeD4[^E>WE?M)UN.`gMk)f9q8RTddlkJGmS/I&@OP>#dH[?S[[oe514N5o^"2'I1ZgI-2gt_"Y>a1]#VM&.T3KLIHb$i0 +%B=\H0h9(dfk,EFG06a0Elnm86V3qN*?_r#GIRBE6[r]6)i^7moZiFI%^K`#NhdLI8BP=hSBJb`%ZNjho2g"JAWuL,K+K[2*9`3[0 +%SpLmH,ic&qrc^6]C[G<Ze\8H\jlq!&rMeV_Bsas`C+6QPgN8t'f%"':?*>@"s*cNUeXi6&et]Wd/`cU5S!t>qV07&_\'jWMk20`3 +%F2r3VgKV)O*Y)s=++>L[eY)Y!opRR#/h+Zug0<jhMj;t#lggnd6a9gs[aoqXrHXh2Z*Te?V-D7@d[Kc-(Z/O^Q&:9TZYmm+5Ptn# +%WTb5'nd7ie/p$:Sh6$$ecrnm<b=@ukh5R+bXmNGn]6ILC3@M)l<bb5(7'E[e2<Boa);4=U;C&[KG@W@L\WAJ$N@]^.AZlUTG&nVZ +%O51W2H:8QV<"OgJqWAY!YNt\)\a$<RJ(s@K?prHKBDJ>#Y8R9Uj^!6`V,7[4Ft>3sZL@&D01b!UXKmkG53,O+ZI_cKHM)QVr&ON9 +%NGk@McMHarJ&a15F(.lk=SPqc]qpRV(F_TImQW?;SR:V-ZT[%%[^31l:rQ8S^qhdhic6c%mZoM,F4JZoSrH),[T?B\YQ%ol.:(eI +%bi_0^hX+\hl_a!)=uDc)![\1M_1J3_.dq*iDIIc@>qN3;j!Dh[njWF4Z[R?]]3)$#Im/f-66YJ!+hm=+IoUs+N=,<S&rSj%]f"[7 +%l<EMJSbl,n^;!.ipc?Bf]q<lGI:&SJSRnPYSKh)3I(I[[$:\E;.4eVCL$GPm./se&K>+@;gfsc%4mupNTC2HjV#P`gkga*@q955X +%Yl36SjVS$Crl#$Z$,=^O%sOHLAe3jEm4`bR[?JnE)n!54]j/1Z=[%6II9b(E(Ar=TKPD%HlhBk^c\K_gbN_k<Di[OK3YXdXN>dCF +%Y?sD`WGi`eB2m&1F*i3,leZ-9lM$i<VEUL"#=Qt7L[sfonX&\'m"DpsI$S+c^*BkenoQ`=;%>4jig>e,MQ%!9Jb(0oDX\Gm)l7cM +%[mpa)bZ8`BGgGOt?Yl!)-#tV2^H&KV9Tr?WF,6T<a\d"_]_T'C2.[CH/DVLb\PucrIuE!XO,$h(MRReUhk3j_nTOV!MsZ4kH1nnG +%Agub'I0o3;m2tJu"DXU9h82cE=1bG/mBYJ^dL.5::]Yi[*W'MYBE+;T0.>9@/p"5"no=(=2P>)_=[e4elIONpG%p?Clb14M5mA>E +%)CqkH8\Mu3R;Y:M51cqfgb>7eVU"j5,S420.<N9B^&>&VEUPG?h4/,VKmr5%D>8(e;k\7+lVl5q+gH]5:ZfdUlClqVfum0^W*&<M +%&70V9iKNQh,6.RUQL>,q(TM,B9rtn09)H>.l8Nm@:2Qn)#t]SuSJfHa;!W>*<k>fUqMDbqE?k"/[8M#S`.pMHc#O=L:>]oRc?gYN +%/]34MhbA]0+:P>.^03UQIM\I/C1o!,m!Uk=[5L32FR+\<(L,_U?$DEAX3KYd[t=nm?mjX(K.e8EQB%[:3OBkQndchTci(")LX<me +%MJYL?`A#4Z"me=G.3<-!k*C3+i<"BQYj^T$]:rX"@XkT/(L'i&L\jm>`>Sab>YV&=N]3h!4M5P&\dY-A>dK3E["jiX`8?:A%(CD/ +%YMYSN2q^!no3d/irphrOru&\"#+[X(@SoTIoB%M!ODQZFA+^"bWRC[pbT<D.)r<kL<\XEUGD]Atb]Elsba%Ed1G"Atqhr>tRt^]; +%Q0Xugo@']io#E,CdUhR@hQ+@=BQjXf1tkLEkGM/DX_-grP<fDDSREODS_7@dFF,H;HZ^EA(L+No]Wq&+Wu^0Zp<Z'%kcCCe06=8' +%WB2MspX]7+Md2iRF?Jc%rNKKljVJiUNu;HLNV)4#g2k"R`4un[+5VFJn%./>Sa\4\J'l8M<O]W11%3IVN/hgXV9A,(b@*UE3>Edg +%r8("Ob5-R`f2n!8$X%d_HsN3<?G/YC4m8,*l]3i<_Yac5H9/\)rbPCZ3:GGE\`ic08hG3B9LE\A:qK^XXo.RIS[3\gGP7eR\TcKH +%/g>tqUE?NAq;6*oAVL=^9aBPO>`I)l.;U"@q($sjaLe,4i<F-Fm?Q*)f*aaeD"3b'L&O8XN:*1\Ni;*7TpEP)P]1a]l'78Xed``] +%k6S,u.,BrQY0s7):YNH9h't(EYFL`qmZK7J#rq<TPfU*a,*=<;NtOH27V(^7?\"Y+%Rq^Qjmsm_@q.pT/"L<M,0.]Z,l!mB;'O'# +%LlANd!_VP+(m2n'T1=_X)^DWr4Rd8;O^hlhU>gM@-$!g\8FeGJ"_C?FLkJdB)V"*GOBs0j%/WmGa2Wpoi!fW#-$!g\a@$lL@?ej< +%0d9s+Bf6<Fm,](H8`4tNPfU*a,,&LV!7eas,;KbQ3B9@E*_X/Fru=YlfGKatYmCJ5Nl$V=gA]#UCL:ZMk:]<]HN?S]f&_1AaK[HD +%GqRF:7#m6=BprA#6&?R#,;NI$5;^(j@RSX[_uCjP%&jrH^?8?;a2Wq2M#9bV^9>D0m!4s_jn9u;OVGd+7>W!',Efj^SjeJU)^CM$ +%fOn&*a2Wr%c/i;/,%$3>)1OF`2P8CeTGQOfNVON0Yl+m;T-Z@e@4i425>,`T92/3nr@FrDN12@Fg4#@;Hq$.Tg%MbJjth=I38+#3 +%UujJ^r\2IfZ_Z`iYeBHhrXCc'Gb8[H=]4i/!=hi4r@FrDN4e7_gWu%OcV2OR,hpY.Ra6:&4oaV^YSg9<8[b8)V"*ieq$jdZ?N0!B +%@&"r[PANNWC-KPH9Xt$PWVHr8RrJ7-;Y-<%@l;C%Z_Z_>I[`%=p9URW1\*5`D*L[.4u<)%PAEHVC-JD:(6`T"956ZNQF)LWT-Z@e +%@J)#'Ib&9u>Jf<fNcS'4?1mrYV5C.VfrmV(h9uPq7D=6"BN;)4eCuFm1B6&&O8eSQQ6Wa_>SeJeU/imFZ[An:bZU33CAMB_f7#8/ +%C6+@d<jhme[7I+RS]]o'd9<p$[26>radNAlp'%V==*)m@Fo`(+;RVk.TB![a:O%9T*rl4m5Bb&d1G]M(GkQ2rpYaM<amr`lZO1ar +%rLL5]2KA%IpooI%qul7;93F@-[r^<8U/A\$KQJt1^]^Hp)-a\hC8MtXB9XM1d4.;JnoVn'^&qR5hBZ:^^";3@_\:;U*ciahO.B.d +%3@:DGlq?)i\9Bb6PY,(NGaZAA?/eH])'OD7RZm7CWJIT?Apch=.:EHT;jkGp,i@qI6DjPrWI1=Pg(CLL"@:%/[K+:m\?><Q@=rVB +%9&gOT[ZD-1$PII<Aft;Po<Z8e+.15VJ]il3AX'PV\eLRJ'*6R0ge&i2K<'[-q/7SXN$FQUj/=*9BDelrUo-5_<"TA."eOd`*&f)F +%%BU=H#`$FOJHY;]c$7BR6Q5"c<gCt_5*gdK[VoY4Q_]V/1.q[!U0Nh#nK`R\PB!CRnQdg.g!CfZ97o[R_6QDPCtCc_Ju2\_4r1t7 +%9S0on7CPTk!fnUp]#qpd>];)SOtpY8.5R3HKFa,c!^+S[0U2n:IAqL?"PD'bdfSX!201NrG\]RmXfu!=6/XKBo>%)q]aTf(:P?5d +%O'6+25sb]UY&Bo1m;O=ilq&(pF(!K8UC3B'O64"k-a6aiHn:=!ON\hskX.lSXpg[EH/bKY;A$`r>cbZ5,_h(\(A`c@juA_K:C-Pm +%O?1krs59`L)'FG$pc8qc6?ABKB$I@@qGuB6$8=6)9FEfV6(iL_Fb!>JiFjf"0:iT*a33JQ4=f2?'O7"77QfZH,#ZdCRaGm*$^L9k +%aT8B*#ERm_"a'sTQZRaWMmQ`)QYrS[27I!ddT=YoE.,t6g^1+0:aSV4^oR['[Us'-otePMZAp/4VEXEZNL%ZEXn^[dR.Z5%nh&p' +%n2QdsS;QrTNP@U?8p2pmoUH>8WR/c*QuAjbAf-k$9N6"W-HJ<#qh-uLjcCUd\3u++T!0oBK&B8GSl#5P=.p`;'TFs[%`OS*Oskl+ +%M%*-Z4!$W&'>cG8/&?t!)*)lU50`h<\dc[?&7<e'588aPrIF>Laq;i\*XomTfMYAR$8U%%)i&%L)P0?1a]uCur+:reJ`f*O(2VE? +%E?BIP7:K>L&P.:mK.?G>jFJh3ET0XUM2WHg1*@auecUR2-l*eY+9s)=#WY)r,kMSd0,uO?$_rC8K:.$,-pCZ8WWED5rij]/E7lgQ +%Hlqm@KN2I$03n8fl+7htR$clpf7U`4NtiC%KT=aZL]l&&"0u*60.7-(">'d+-[_c$bnnggFUFcT=@3ujcru/i;?l(9='`QSJ8Ga& +%,SA:TmmZcsYot.PO^M1r`/:]Ac&u[unQ:huVC;;'a+[=kkTaBpfUBk/%]qh4K!,sD1]@pYk/552\D4k-N0AJEEj<nD?V$"/*J0r- +%nH=M#`tJq]^nItDe4j=0?61SWYn/CMmE3ejiZkV$0J!&LLd9sA*LW;:DD2;`;I$(n3+QU,8c7!o6('!QHj39[U]g=U,tf0C@<f:s +%-)DET)K>J9!$O1]ERVd%o^h<RXHU$I0VX<'fuC8<eJL.dZW>L"#rWb2;Z`\T!^SIs,Ut5l;4M\ncWDh'fo[<:%Bq8??U>Te<Ru_b +%;2C#b"-$<iOBGrs\-oMND8E68We6Xg"_RXJk<b9aOV5ITQ/I1P8O,dRE=t_Lm:>km6On-)cmUR;h2mBd6o8`^.8^Ldn=RQd*^CF, +%5PRS?Zmj6LnG%S#5XF?n@?+st@FM<2:5rj$BP!dZ/u?Z&n9c.>es'DVaZ%!BnGM5s9b&Rs>/'LY+_*fD8WQl9Hq7:UWM)tH#ojP2 +%1L,O-&mW6(Ze$uf%uHHYB+WFa#b07r5dT^]!DoZT6bIdU#D*lcm8EKu3M.Hl34PTF#=65#F=]V`TqH%\4]8SHFmF<0(k^RcBsB$a +%TH!#H5)7(E-H]gpA21('"J;nV$.DQ``h9sWKGpin3C;ea(_?m:\Yt@+dNM'!6UX2m+sr:Cc?L+,<PX_-AV"H)FJN\-+UFFJNN5e; +%,0+JoC1(Ba+N\+lFkC-\)KsC`2HA!+#6D\o$D+aPD8fG*J"rqc6[,5OXu/mJ*cTaSenM_81O,'o$q<?05.scE%T@p94(fQUU#lsh +%MsS@2^]St,?t*80P?9.kEi:J#L:/NT;2>a]2M%4c.0+H=QjZM*8!%`b?_thT'?(3'9[Pc/3MQ;+-POlAAn=&o`cpl^R]G\uE-.r[ +%<)Z:LF=F!s+fE#SH8EK@Seb@ScF$WP`s&HSVF7J!>Sq/pO^)7I*l\jGLJsQ!6,br"`=gY0C_?1&#eHHR@)D)>63eq&@T?7nYgX:_ +%80/h@NC&aJ0L\TEAJCZNN<j5^.2(&0?e^^8AsZ$(=\6%3W$qcR7rYIT8<7Qs=?`+WPoBo37G/4]("U6tQ'BVBI;ZjZ:U&&'!R\Si +%Q1@aE;Oq?57i27eD1l^b$-f<AFN?HbTR)VI=!:s^7=oI,Sh%[HcrWo)7a;`l23O70Oj`<2-MVT?.M7VVWXDCl=nIsSdJD6eE'Bp; +%'I3CAGcOP^/<PXrSuK^@DoqCf5adSeKNg>n4<_l!a=D657FhR)#E)"?>[O]]#Zh2,I\ijn-<9_5mR6T'$=?E(WV/*(P0Y'Zn,c/. +%U>Zj_!MZhd0Jo-Y7*6C5a4c9V/#rP^p;A@KPH<-DjJG&j<8:tDr?r'FTgCAR)L;D>EC*6<WiRVs)^a2dE#hQ-V^_G<EGLH[:7;g! +%Rc`%\dNpj1Pmius_&Y9f\k4J`W`<`"fkhlkUre*:1,;@HiB@M.BXC4&4ko$K.!9s@<frPCj?ksA&Gnd55o2MGosrA!A\*?KKUV.P +%j=67tn:lNdNB%`Jl\$:I&Oc!4eCeV6O[es8\.V*)::hr%c)//aN9*V`^r`aDEYR+U&h\sa)l\Lm:!)DC^&cW[ihHAQl#r\Ukp\6@ +%5kE%te*J@1/<h8<j9.<^3_c@oOSTHVLnKIq>qRN'+PIlHG6j'A4R_+oT&+O>4SFSC.Y3WtVo-t4,YpKn4>ARZCi`_2nHBe:[R0QU +%-E=nd\ekZ0Uf;?I)ck8$#UN5Hp-GH-ZshF?S(FkV((uTa_5?7iD]HciK1L#+K5RP?_Asr5XWd.F89#G*kU,?8[#j?iP?`1aKc;*k +%jQGQs?oVO.7Kf$Q!&P[oN04W=Z_;=S$]0SuaI*TI@tC"\Z"P-gkX/4^OIR:9,n[CmK4se>,bDFQjYhh2$n.Dip!ZH>g4UR%MPS4S +%5&GDh,R*Q\po[a/nn_923g/b5X;T/A:*["ZT$(nBRlJ,?Q'.jN/m;"OF1?br$T9L0/=//,QaSb62Hg,?_hG*#Cu-K*-(a0=4PKKX +%,^S/IIiNO/>Z8@[-S`V]=CDZ_.mEVO!@<OV-L068oM)faHhZXTI2R?/(*C`mitXjHeI^'5PHs^\`h&FH-YECr'uFo1dD*WIZ5]"l +%ks\io&sV^nY@n8MZ$h01"Jc%Fru>f9-*=r]?XB(AqY4J9%!k'N/V:).!lH-W$nH0Y<L`[+elDZeo6LB+Y5M/gGq"Hhr0?8#J6+0Q +%*7+&d64@oElPIn!Z.;M6iAP\>UtA2lYI$_&UEP'2j(i5^i;X9IR,j1JU$O%ck0Q"dnqHtbK_,+dQ+VAM>A@I6]@-NNeF`Crl:q5M +%?#BMB[o55VlMoA9C9)LO=FI:.iu@<]?11#mFfTS1pD6\G96C"%FQl^aomb.>&V'~> +%AI9_PrivateDataEnd diff --git a/usr.sbin/bind/doc/arm/isc-logo.pdf b/usr.sbin/bind/doc/arm/isc-logo.pdf Binary files differnew file mode 100644 index 00000000000..71d3fdd0624 --- /dev/null +++ b/usr.sbin/bind/doc/arm/isc-logo.pdf diff --git a/usr.sbin/bind/doc/arm/latex-fixup.pl b/usr.sbin/bind/doc/arm/latex-fixup.pl index a324936dea1..ea3b17c7e88 100644 --- a/usr.sbin/bind/doc/arm/latex-fixup.pl +++ b/usr.sbin/bind/doc/arm/latex-fixup.pl @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: latex-fixup.pl,v 1.2.10.1 2005/05/12 21:36:08 sra Exp $ +# $ISC: latex-fixup.pl,v 1.2.2.2 2005/07/19 05:55:47 marka Exp $ # Sadly, the final stages of generating a presentable PDF file always # seem to require some manual tweaking. Doesn't seem to matter what @@ -31,13 +31,17 @@ while (<>) { - # At the moment, the only tweak we have is fixup for a db2latex - # oops. LaTeX2e does not like having tables with duplicate names. - # Perhaps the dblatex project will fix this someday, but we can - # get by with just deleting the offending LaTeX commands for now. + # Fix a db2latex oops. LaTeX2e does not like having tables with + # duplicate names. Perhaps the dblatex project will fix this + # someday, but we can get by with just deleting the offending + # LaTeX commands for now. s/\\addtocounter\{table\}\{-1\}//g; + # Line break in the middle of quoting one period looks weird. + + s/{\\texttt{{\.\\dbz{}}}}/\\mbox{{\\texttt{{\.\\dbz{}}}}}/; + # Add any further tweaking here. # Write out whatever we have now. diff --git a/usr.sbin/bind/doc/arm/man.dig.html b/usr.sbin/bind/doc/arm/man.dig.html new file mode 100644 index 00000000000..a33516d0f06 --- /dev/null +++ b/usr.sbin/bind/doc/arm/man.dig.html @@ -0,0 +1,665 @@ +<!-- + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2000-2003 Internet Software Consortium. + - + - Permission to use, copy, modify, and distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> +<!-- $ISC: man.dig.html,v 1.2.2.48 2007/10/31 01:35:59 marka Exp $ --> +<html> +<head> +<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> +<title>dig</title> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> +<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> +<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages"> +<link rel="prev" href="Bv9ARM.ch10.html" title="Manual pages"> +<link rel="next" href="man.host.html" title="host"> +</head> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<div class="navheader"> +<table width="100%" summary="Navigation header"> +<tr><th colspan="3" align="center">dig</th></tr> +<tr> +<td width="20%" align="left"> +<a accesskey="p" href="Bv9ARM.ch10.html">Prev</a> </td> +<th width="60%" align="center">Manual pages</th> +<td width="20%" align="right"> <a accesskey="n" href="man.host.html">Next</a> +</td> +</tr> +</table> +<hr> +</div> +<div class="refentry" lang="en"> +<a name="man.dig"></a><div class="titlepage"></div> +<div class="refnamediv"> +<h2>Name</h2> +<p>dig — DNS lookup utility</p> +</div> +<div class="refsynopsisdiv"> +<h2>Synopsis</h2> +<div class="cmdsynopsis"><p><code class="command">dig</code> [@server] [<code class="option">-b <em class="replaceable"><code>address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-k <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port#</code></em></code>] [<code class="option">-q <em class="replaceable"><code>name</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-x <em class="replaceable"><code>addr</code></em></code>] [<code class="option">-y <em class="replaceable"><code>[<span class="optional">hmac:</span>]name:key</code></em></code>] [<code class="option">-4</code>] [<code class="option">-6</code>] [name] [type] [class] [queryopt...]</p></div> +<div class="cmdsynopsis"><p><code class="command">dig</code> [<code class="option">-h</code>]</p></div> +<div class="cmdsynopsis"><p><code class="command">dig</code> [global-queryopt...] [query...]</p></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2564025"></a><h2>DESCRIPTION</h2> +<p><span><strong class="command">dig</strong></span> + (domain information groper) is a flexible tool + for interrogating DNS name servers. It performs DNS lookups and + displays the answers that are returned from the name server(s) that + were queried. Most DNS administrators use <span><strong class="command">dig</strong></span> to + troubleshoot DNS problems because of its flexibility, ease of use and + clarity of output. Other lookup tools tend to have less functionality + than <span><strong class="command">dig</strong></span>. + </p> +<p> + Although <span><strong class="command">dig</strong></span> is normally used with + command-line + arguments, it also has a batch mode of operation for reading lookup + requests from a file. A brief summary of its command-line arguments + and options is printed when the <code class="option">-h</code> option is given. + Unlike earlier versions, the BIND 9 implementation of + <span><strong class="command">dig</strong></span> allows multiple lookups to be issued + from the + command line. + </p> +<p> + Unless it is told to query a specific name server, + <span><strong class="command">dig</strong></span> will try each of the servers listed + in + <code class="filename">/etc/resolv.conf</code>. + </p> +<p> + When no command line arguments or options are given, will perform an + NS query for "." (the root). + </p> +<p> + It is possible to set per-user defaults for <span><strong class="command">dig</strong></span> via + <code class="filename">${HOME}/.digrc</code>. This file is read and + any options in it + are applied before the command line arguments. + </p> +<p> + The IN and CH class names overlap with the IN and CH top level + domains names. Either use the <code class="option">-t</code> and + <code class="option">-c</code> options to specify the type and class or + use the <code class="option">-q</code> the specify the domain name or + use "IN." and "CH." when looking up these top level domains. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2569712"></a><h2>SIMPLE USAGE</h2> +<p> + A typical invocation of <span><strong class="command">dig</strong></span> looks like: + </p> +<pre class="programlisting"> dig @server name type </pre> +<p> + where: + + </p> +<div class="variablelist"><dl> +<dt><span class="term"><code class="constant">server</code></span></dt> +<dd><p> + is the name or IP address of the name server to query. This can + be an IPv4 + address in dotted-decimal notation or an IPv6 + address in colon-delimited notation. When the supplied + <em class="parameter"><code>server</code></em> argument is a + hostname, + <span><strong class="command">dig</strong></span> resolves that name before + querying that name + server. If no <em class="parameter"><code>server</code></em> + argument is provided, + <span><strong class="command">dig</strong></span> consults <code class="filename">/etc/resolv.conf</code> + and queries the name servers listed there. The reply from the + name + server that responds is displayed. + </p></dd> +<dt><span class="term"><code class="constant">name</code></span></dt> +<dd><p> + is the name of the resource record that is to be looked up. + </p></dd> +<dt><span class="term"><code class="constant">type</code></span></dt> +<dd><p> + indicates what type of query is required — + ANY, A, MX, SIG, etc. + <em class="parameter"><code>type</code></em> can be any valid query + type. If no + <em class="parameter"><code>type</code></em> argument is supplied, + <span><strong class="command">dig</strong></span> will perform a lookup for an + A record. + </p></dd> +</dl></div> +<p> + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2623002"></a><h2>OPTIONS</h2> +<p> + The <code class="option">-b</code> option sets the source IP address of the query + to <em class="parameter"><code>address</code></em>. This must be a valid + address on + one of the host's network interfaces or "0.0.0.0" or "::". An optional + port + may be specified by appending "#<port>" + </p> +<p> + The default query class (IN for internet) is overridden by the + <code class="option">-c</code> option. <em class="parameter"><code>class</code></em> is + any valid + class, such as HS for Hesiod records or CH for Chaosnet records. + </p> +<p> + The <code class="option">-f</code> option makes <span><strong class="command">dig </strong></span> + operate + in batch mode by reading a list of lookup requests to process from the + file <em class="parameter"><code>filename</code></em>. The file contains a + number of + queries, one per line. Each entry in the file should be organized in + the same way they would be presented as queries to + <span><strong class="command">dig</strong></span> using the command-line interface. + </p> +<p> + If a non-standard port number is to be queried, the + <code class="option">-p</code> option is used. <em class="parameter"><code>port#</code></em> is + the port number that <span><strong class="command">dig</strong></span> will send its + queries + instead of the standard DNS port number 53. This option would be used + to test a name server that has been configured to listen for queries + on a non-standard port number. + </p> +<p> + The <code class="option">-4</code> option forces <span><strong class="command">dig</strong></span> + to only + use IPv4 query transport. The <code class="option">-6</code> option forces + <span><strong class="command">dig</strong></span> to only use IPv6 query transport. + </p> +<p> + The <code class="option">-t</code> option sets the query type to + <em class="parameter"><code>type</code></em>. It can be any valid query type + which is + supported in BIND 9. The default query type is "A", unless the + <code class="option">-x</code> option is supplied to indicate a reverse lookup. + A zone transfer can be requested by specifying a type of AXFR. When + an incremental zone transfer (IXFR) is required, + <em class="parameter"><code>type</code></em> is set to <code class="literal">ixfr=N</code>. + The incremental zone transfer will contain the changes made to the zone + since the serial number in the zone's SOA record was + <em class="parameter"><code>N</code></em>. + </p> +<p> + The <code class="option">-q</code> option sets the query name to + <em class="parameter"><code>name</code></em>. This useful do distinguish the + <em class="parameter"><code>name</code></em> from other arguments. + </p> +<p> + Reverse lookups — mapping addresses to names — are simplified by the + <code class="option">-x</code> option. <em class="parameter"><code>addr</code></em> is + an IPv4 + address in dotted-decimal notation, or a colon-delimited IPv6 address. + When this option is used, there is no need to provide the + <em class="parameter"><code>name</code></em>, <em class="parameter"><code>class</code></em> and + <em class="parameter"><code>type</code></em> arguments. <span><strong class="command">dig</strong></span> + automatically performs a lookup for a name like + <code class="literal">11.12.13.10.in-addr.arpa</code> and sets the + query type and + class to PTR and IN respectively. By default, IPv6 addresses are + looked up using nibble format under the IP6.ARPA domain. + To use the older RFC1886 method using the IP6.INT domain + specify the <code class="option">-i</code> option. Bit string labels (RFC2874) + are now experimental and are not attempted. + </p> +<p> + To sign the DNS queries sent by <span><strong class="command">dig</strong></span> and + their + responses using transaction signatures (TSIG), specify a TSIG key file + using the <code class="option">-k</code> option. You can also specify the TSIG + key itself on the command line using the <code class="option">-y</code> option; + <em class="parameter"><code>hmac</code></em> is the type of the TSIG, default HMAC-MD5, + <em class="parameter"><code>name</code></em> is the name of the TSIG key and + <em class="parameter"><code>key</code></em> is the actual key. The key is a + base-64 + encoded string, typically generated by + <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>. + + Caution should be taken when using the <code class="option">-y</code> option on + multi-user systems as the key can be visible in the output from + <span class="citerefentry"><span class="refentrytitle">ps</span>(1)</span> + or in the shell's history file. When + using TSIG authentication with <span><strong class="command">dig</strong></span>, the name + server that is queried needs to know the key and algorithm that is + being used. In BIND, this is done by providing appropriate + <span><strong class="command">key</strong></span> and <span><strong class="command">server</strong></span> statements in + <code class="filename">named.conf</code>. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2649413"></a><h2>QUERY OPTIONS</h2> +<p><span><strong class="command">dig</strong></span> + provides a number of query options which affect + the way in which lookups are made and the results displayed. Some of + these set or reset flag bits in the query header, some determine which + sections of the answer get printed, and others determine the timeout + and retry strategies. + </p> +<p> + Each query option is identified by a keyword preceded by a plus sign + (<code class="literal">+</code>). Some keywords set or reset an + option. These may be preceded + by the string <code class="literal">no</code> to negate the meaning of + that keyword. Other + keywords assign values to options like the timeout interval. They + have the form <code class="option">+keyword=value</code>. + The query options are: + + </p> +<div class="variablelist"><dl> +<dt><span class="term"><code class="option">+[no]tcp</code></span></dt> +<dd><p> + Use [do not use] TCP when querying name servers. The default + behavior is to use UDP unless an AXFR or IXFR query is + requested, in + which case a TCP connection is used. + </p></dd> +<dt><span class="term"><code class="option">+[no]vc</code></span></dt> +<dd><p> + Use [do not use] TCP when querying name servers. This alternate + syntax to <em class="parameter"><code>+[no]tcp</code></em> is + provided for backwards + compatibility. The "vc" stands for "virtual circuit". + </p></dd> +<dt><span class="term"><code class="option">+[no]ignore</code></span></dt> +<dd><p> + Ignore truncation in UDP responses instead of retrying with TCP. + By + default, TCP retries are performed. + </p></dd> +<dt><span class="term"><code class="option">+domain=somename</code></span></dt> +<dd><p> + Set the search list to contain the single domain + <em class="parameter"><code>somename</code></em>, as if specified in + a + <span><strong class="command">domain</strong></span> directive in + <code class="filename">/etc/resolv.conf</code>, and enable + search list + processing as if the <em class="parameter"><code>+search</code></em> + option were given. + </p></dd> +<dt><span class="term"><code class="option">+[no]search</code></span></dt> +<dd><p> + Use [do not use] the search list defined by the searchlist or + domain + directive in <code class="filename">resolv.conf</code> (if + any). + The search list is not used by default. + </p></dd> +<dt><span class="term"><code class="option">+[no]showsearch</code></span></dt> +<dd><p> + Perform [do not perform] a search showing intermediate + results. + </p></dd> +<dt><span class="term"><code class="option">+[no]defname</code></span></dt> +<dd><p> + Deprecated, treated as a synonym for <em class="parameter"><code>+[no]search</code></em> + </p></dd> +<dt><span class="term"><code class="option">+[no]aaonly</code></span></dt> +<dd><p> + Sets the "aa" flag in the query. + </p></dd> +<dt><span class="term"><code class="option">+[no]aaflag</code></span></dt> +<dd><p> + A synonym for <em class="parameter"><code>+[no]aaonly</code></em>. + </p></dd> +<dt><span class="term"><code class="option">+[no]adflag</code></span></dt> +<dd><p> + Set [do not set] the AD (authentic data) bit in the query. The + AD bit + currently has a standard meaning only in responses, not in + queries, + but the ability to set the bit in the query is provided for + completeness. + </p></dd> +<dt><span class="term"><code class="option">+[no]cdflag</code></span></dt> +<dd><p> + Set [do not set] the CD (checking disabled) bit in the query. + This + requests the server to not perform DNSSEC validation of + responses. + </p></dd> +<dt><span class="term"><code class="option">+[no]cl</code></span></dt> +<dd><p> + Display [do not display] the CLASS when printing the record. + </p></dd> +<dt><span class="term"><code class="option">+[no]ttlid</code></span></dt> +<dd><p> + Display [do not display] the TTL when printing the record. + </p></dd> +<dt><span class="term"><code class="option">+[no]recurse</code></span></dt> +<dd><p> + Toggle the setting of the RD (recursion desired) bit in the + query. + This bit is set by default, which means <span><strong class="command">dig</strong></span> + normally sends recursive queries. Recursion is automatically + disabled + when the <em class="parameter"><code>+nssearch</code></em> or + <em class="parameter"><code>+trace</code></em> query options are + used. + </p></dd> +<dt><span class="term"><code class="option">+[no]nssearch</code></span></dt> +<dd><p> + When this option is set, <span><strong class="command">dig</strong></span> + attempts to find the + authoritative name servers for the zone containing the name + being + looked up and display the SOA record that each name server has + for the + zone. + </p></dd> +<dt><span class="term"><code class="option">+[no]trace</code></span></dt> +<dd><p> + Toggle tracing of the delegation path from the root name servers + for + the name being looked up. Tracing is disabled by default. When + tracing is enabled, <span><strong class="command">dig</strong></span> makes + iterative queries to + resolve the name being looked up. It will follow referrals from + the + root servers, showing the answer from each server that was used + to + resolve the lookup. + </p></dd> +<dt><span class="term"><code class="option">+[no]cmd</code></span></dt> +<dd><p> + Toggles the printing of the initial comment in the output + identifying + the version of <span><strong class="command">dig</strong></span> and the query + options that have + been applied. This comment is printed by default. + </p></dd> +<dt><span class="term"><code class="option">+[no]short</code></span></dt> +<dd><p> + Provide a terse answer. The default is to print the answer in a + verbose form. + </p></dd> +<dt><span class="term"><code class="option">+[no]identify</code></span></dt> +<dd><p> + Show [or do not show] the IP address and port number that + supplied the + answer when the <em class="parameter"><code>+short</code></em> option + is enabled. If + short form answers are requested, the default is not to show the + source address and port number of the server that provided the + answer. + </p></dd> +<dt><span class="term"><code class="option">+[no]comments</code></span></dt> +<dd><p> + Toggle the display of comment lines in the output. The default + is to + print comments. + </p></dd> +<dt><span class="term"><code class="option">+[no]stats</code></span></dt> +<dd><p> + This query option toggles the printing of statistics: when the + query + was made, the size of the reply and so on. The default + behavior is + to print the query statistics. + </p></dd> +<dt><span class="term"><code class="option">+[no]qr</code></span></dt> +<dd><p> + Print [do not print] the query as it is sent. + By default, the query is not printed. + </p></dd> +<dt><span class="term"><code class="option">+[no]question</code></span></dt> +<dd><p> + Print [do not print] the question section of a query when an + answer is + returned. The default is to print the question section as a + comment. + </p></dd> +<dt><span class="term"><code class="option">+[no]answer</code></span></dt> +<dd><p> + Display [do not display] the answer section of a reply. The + default + is to display it. + </p></dd> +<dt><span class="term"><code class="option">+[no]authority</code></span></dt> +<dd><p> + Display [do not display] the authority section of a reply. The + default is to display it. + </p></dd> +<dt><span class="term"><code class="option">+[no]additional</code></span></dt> +<dd><p> + Display [do not display] the additional section of a reply. + The default is to display it. + </p></dd> +<dt><span class="term"><code class="option">+[no]all</code></span></dt> +<dd><p> + Set or clear all display flags. + </p></dd> +<dt><span class="term"><code class="option">+time=T</code></span></dt> +<dd><p> + + Sets the timeout for a query to + <em class="parameter"><code>T</code></em> seconds. The default + timeout is 5 seconds. + An attempt to set <em class="parameter"><code>T</code></em> to less + than 1 will result + in a query timeout of 1 second being applied. + </p></dd> +<dt><span class="term"><code class="option">+tries=T</code></span></dt> +<dd><p> + Sets the number of times to try UDP queries to server to + <em class="parameter"><code>T</code></em> instead of the default, 3. + If + <em class="parameter"><code>T</code></em> is less than or equal to + zero, the number of + tries is silently rounded up to 1. + </p></dd> +<dt><span class="term"><code class="option">+retry=T</code></span></dt> +<dd><p> + Sets the number of times to retry UDP queries to server to + <em class="parameter"><code>T</code></em> instead of the default, 2. + Unlike + <em class="parameter"><code>+tries</code></em>, this does not include + the initial + query. + </p></dd> +<dt><span class="term"><code class="option">+ndots=D</code></span></dt> +<dd><p> + Set the number of dots that have to appear in + <em class="parameter"><code>name</code></em> to <em class="parameter"><code>D</code></em> for it to be + considered absolute. The default value is that defined using + the + ndots statement in <code class="filename">/etc/resolv.conf</code>, or 1 if no + ndots statement is present. Names with fewer dots are + interpreted as + relative names and will be searched for in the domains listed in + the + <code class="option">search</code> or <code class="option">domain</code> directive in + <code class="filename">/etc/resolv.conf</code>. + </p></dd> +<dt><span class="term"><code class="option">+bufsize=B</code></span></dt> +<dd><p> + Set the UDP message buffer size advertised using EDNS0 to + <em class="parameter"><code>B</code></em> bytes. The maximum and minimum sizes + of this buffer are 65535 and 0 respectively. Values outside + this range are rounded up or down appropriately. + Values other than zero will cause a EDNS query to be sent. + </p></dd> +<dt><span class="term"><code class="option">+edns=#</code></span></dt> +<dd><p> + Specify the EDNS version to query with. Valid values + are 0 to 255. Setting the EDNS version will cause a + EDNS query to be sent. <code class="option">+noedns</code> clears the + remembered EDNS version. + </p></dd> +<dt><span class="term"><code class="option">+[no]multiline</code></span></dt> +<dd><p> + Print records like the SOA records in a verbose multi-line + format with human-readable comments. The default is to print + each record on a single line, to facilitate machine parsing + of the <span><strong class="command">dig</strong></span> output. + </p></dd> +<dt><span class="term"><code class="option">+[no]fail</code></span></dt> +<dd><p> + Do not try the next server if you receive a SERVFAIL. The + default is + to not try the next server which is the reverse of normal stub + resolver + behavior. + </p></dd> +<dt><span class="term"><code class="option">+[no]besteffort</code></span></dt> +<dd><p> + Attempt to display the contents of messages which are malformed. + The default is to not display malformed answers. + </p></dd> +<dt><span class="term"><code class="option">+[no]dnssec</code></span></dt> +<dd><p> + Requests DNSSEC records be sent by setting the DNSSEC OK bit + (DO) + in the OPT record in the additional section of the query. + </p></dd> +<dt><span class="term"><code class="option">+[no]sigchase</code></span></dt> +<dd><p> + Chase DNSSEC signature chains. Requires dig be compiled with + -DDIG_SIGCHASE. + </p></dd> +<dt><span class="term"><code class="option">+trusted-key=####</code></span></dt> +<dd> +<p> + Specifies a file containing trusted keys to be used with + <code class="option">+sigchase</code>. Each DNSKEY record must be + on its own line. + </p> +<p> + If not specified <span><strong class="command">dig</strong></span> will look for + <code class="filename">/etc/trusted-key.key</code> then + <code class="filename">trusted-key.key</code> in the current directory. + </p> +<p> + Requires dig be compiled with -DDIG_SIGCHASE. + </p> +</dd> +<dt><span class="term"><code class="option">+[no]topdown</code></span></dt> +<dd><p> + When chasing DNSSEC signature chains perform a top-down + validation. + Requires dig be compiled with -DDIG_SIGCHASE. + </p></dd> +</dl></div> +<p> + + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2650468"></a><h2>MULTIPLE QUERIES</h2> +<p> + The BIND 9 implementation of <span><strong class="command">dig </strong></span> + supports + specifying multiple queries on the command line (in addition to + supporting the <code class="option">-f</code> batch file option). Each of those + queries can be supplied with its own set of flags, options and query + options. + </p> +<p> + In this case, each <em class="parameter"><code>query</code></em> argument + represent an + individual query in the command-line syntax described above. Each + consists of any of the standard options and flags, the name to be + looked up, an optional query type and class and any query options that + should be applied to that query. + </p> +<p> + A global set of query options, which should be applied to all queries, + can also be supplied. These global query options must precede the + first tuple of name, class, type, options, flags, and query options + supplied on the command line. Any global query options (except + the <code class="option">+[no]cmd</code> option) can be + overridden by a query-specific set of query options. For example: + </p> +<pre class="programlisting"> +dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr +</pre> +<p> + shows how <span><strong class="command">dig</strong></span> could be used from the + command line + to make three lookups: an ANY query for <code class="literal">www.isc.org</code>, a + reverse lookup of 127.0.0.1 and a query for the NS records of + <code class="literal">isc.org</code>. + + A global query option of <em class="parameter"><code>+qr</code></em> is + applied, so + that <span><strong class="command">dig</strong></span> shows the initial query it made + for each + lookup. The final query has a local query option of + <em class="parameter"><code>+noqr</code></em> which means that <span><strong class="command">dig</strong></span> + will not print the initial query when it looks up the NS records for + <code class="literal">isc.org</code>. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2650553"></a><h2>IDN SUPPORT</h2> +<p> + If <span><strong class="command">dig</strong></span> has been built with IDN (internationalized + domain name) support, it can accept and display non-ASCII domain names. + <span><strong class="command">dig</strong></span> appropriately converts character encoding of + domain name before sending a request to DNS server or displaying a + reply from the server. + If you'd like to turn off the IDN support for some reason, defines + the <code class="envar">IDN_DISABLE</code> environment variable. + The IDN support is disabled if the variable is set when + <span><strong class="command">dig</strong></span> runs. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2650582"></a><h2>FILES</h2> +<p><code class="filename">/etc/resolv.conf</code> + </p> +<p><code class="filename">${HOME}/.digrc</code> + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2650603"></a><h2>SEE ALSO</h2> +<p><span class="citerefentry"><span class="refentrytitle">host</span>(1)</span>, + <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>, + <em class="citetitle">RFC1035</em>. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2650641"></a><h2>BUGS</h2> +<p> + There are probably too many query options. + </p> +</div> +</div> +<div class="navfooter"> +<hr> +<table width="100%" summary="Navigation footer"> +<tr> +<td width="40%" align="left"> +<a accesskey="p" href="Bv9ARM.ch10.html">Prev</a> </td> +<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td> +<td width="40%" align="right"> <a accesskey="n" href="man.host.html">Next</a> +</td> +</tr> +<tr> +<td width="40%" align="left" valign="top">Manual pages </td> +<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td> +<td width="40%" align="right" valign="top"> host</td> +</tr> +</table> +</div> +</body> +</html> diff --git a/usr.sbin/bind/doc/arm/man.dnssec-keygen.html b/usr.sbin/bind/doc/arm/man.dnssec-keygen.html new file mode 100644 index 00000000000..0a54c1c2817 --- /dev/null +++ b/usr.sbin/bind/doc/arm/man.dnssec-keygen.html @@ -0,0 +1,269 @@ +<!-- + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2000-2003 Internet Software Consortium. + - + - Permission to use, copy, modify, and distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> +<!-- $ISC: man.dnssec-keygen.html,v 1.2.2.47 2007/10/31 01:35:59 marka Exp $ --> +<html> +<head> +<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> +<title>dnssec-keygen</title> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> +<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> +<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages"> +<link rel="prev" href="man.host.html" title="host"> +<link rel="next" href="man.dnssec-signzone.html" title="dnssec-signzone"> +</head> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<div class="navheader"> +<table width="100%" summary="Navigation header"> +<tr><th colspan="3" align="center"><span class="application">dnssec-keygen</span></th></tr> +<tr> +<td width="20%" align="left"> +<a accesskey="p" href="man.host.html">Prev</a> </td> +<th width="60%" align="center">Manual pages</th> +<td width="20%" align="right"> <a accesskey="n" href="man.dnssec-signzone.html">Next</a> +</td> +</tr> +</table> +<hr> +</div> +<div class="refentry" lang="en"> +<a name="man.dnssec-keygen"></a><div class="titlepage"></div> +<div class="refnamediv"> +<h2>Name</h2> +<p><span class="application">dnssec-keygen</span> — DNSSEC key generation tool</p> +</div> +<div class="refsynopsisdiv"> +<h2>Synopsis</h2> +<div class="cmdsynopsis"><p><code class="command">dnssec-keygen</code> {-a <em class="replaceable"><code>algorithm</code></em>} {-b <em class="replaceable"><code>keysize</code></em>} {-n <em class="replaceable"><code>nametype</code></em>} [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-e</code>] [<code class="option">-f <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-g <em class="replaceable"><code>generator</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k</code>] [<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-s <em class="replaceable"><code>strength</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] {name}</p></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2597830"></a><h2>DESCRIPTION</h2> +<p><span><strong class="command">dnssec-keygen</strong></span> + generates keys for DNSSEC (Secure DNS), as defined in RFC 2535 + and RFC 4034. It can also generate keys for use with + TSIG (Transaction Signatures), as defined in RFC 2845. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2597844"></a><h2>OPTIONS</h2> +<div class="variablelist"><dl> +<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt> +<dd> +<p> + Selects the cryptographic algorithm. The value of + <code class="option">algorithm</code> must be one of RSAMD5 (RSA) or RSASHA1, + DSA, DH (Diffie Hellman), or HMAC-MD5. These values + are case insensitive. + </p> +<p> + Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement + algorithm, + and DSA is recommended. For TSIG, HMAC-MD5 is mandatory. + </p> +<p> + Note 2: HMAC-MD5 and DH automatically set the -k flag. + </p> +</dd> +<dt><span class="term">-b <em class="replaceable"><code>keysize</code></em></span></dt> +<dd><p> + Specifies the number of bits in the key. The choice of key + size depends on the algorithm used. RSAMD5 / RSASHA1 keys must be + between + 512 and 2048 bits. Diffie Hellman keys must be between + 128 and 4096 bits. DSA keys must be between 512 and 1024 + bits and an exact multiple of 64. HMAC-MD5 keys must be + between 1 and 512 bits. + </p></dd> +<dt><span class="term">-n <em class="replaceable"><code>nametype</code></em></span></dt> +<dd><p> + Specifies the owner type of the key. The value of + <code class="option">nametype</code> must either be ZONE (for a DNSSEC + zone key (KEY/DNSKEY)), HOST or ENTITY (for a key associated with + a host (KEY)), + USER (for a key associated with a user(KEY)) or OTHER (DNSKEY). + These values are + case insensitive. + </p></dd> +<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt> +<dd><p> + Indicates that the DNS record containing the key should have + the specified class. If not specified, class IN is used. + </p></dd> +<dt><span class="term">-e</span></dt> +<dd><p> + If generating an RSAMD5/RSASHA1 key, use a large exponent. + </p></dd> +<dt><span class="term">-f <em class="replaceable"><code>flag</code></em></span></dt> +<dd><p> + Set the specified flag in the flag field of the KEY/DNSKEY record. + The only recognized flag is KSK (Key Signing Key) DNSKEY. + </p></dd> +<dt><span class="term">-g <em class="replaceable"><code>generator</code></em></span></dt> +<dd><p> + If generating a Diffie Hellman key, use this generator. + Allowed values are 2 and 5. If no generator + is specified, a known prime from RFC 2539 will be used + if possible; otherwise the default is 2. + </p></dd> +<dt><span class="term">-h</span></dt> +<dd><p> + Prints a short summary of the options and arguments to + <span><strong class="command">dnssec-keygen</strong></span>. + </p></dd> +<dt><span class="term">-k</span></dt> +<dd><p> + Generate KEY records rather than DNSKEY records. + </p></dd> +<dt><span class="term">-p <em class="replaceable"><code>protocol</code></em></span></dt> +<dd><p> + Sets the protocol value for the generated key. The protocol + is a number between 0 and 255. The default is 3 (DNSSEC). + Other possible values for this argument are listed in + RFC 2535 and its successors. + </p></dd> +<dt><span class="term">-r <em class="replaceable"><code>randomdev</code></em></span></dt> +<dd><p> + Specifies the source of randomness. If the operating + system does not provide a <code class="filename">/dev/random</code> + or equivalent device, the default source of randomness + is keyboard input. <code class="filename">randomdev</code> + specifies + the name of a character device or file containing random + data to be used instead of the default. The special value + <code class="filename">keyboard</code> indicates that keyboard + input should be used. + </p></dd> +<dt><span class="term">-s <em class="replaceable"><code>strength</code></em></span></dt> +<dd><p> + Specifies the strength value of the key. The strength is + a number between 0 and 15, and currently has no defined + purpose in DNSSEC. + </p></dd> +<dt><span class="term">-t <em class="replaceable"><code>type</code></em></span></dt> +<dd><p> + Indicates the use of the key. <code class="option">type</code> must be + one of AUTHCONF, NOAUTHCONF, NOAUTH, or NOCONF. The default + is AUTHCONF. AUTH refers to the ability to authenticate + data, and CONF the ability to encrypt data. + </p></dd> +<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt> +<dd><p> + Sets the debugging level. + </p></dd> +</dl></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2598187"></a><h2>GENERATED KEYS</h2> +<p> + When <span><strong class="command">dnssec-keygen</strong></span> completes + successfully, + it prints a string of the form <code class="filename">Knnnn.+aaa+iiiii</code> + to the standard output. This is an identification string for + the key it has generated. + </p> +<div class="itemizedlist"><ul type="disc"> +<li><p><code class="filename">nnnn</code> is the key name. + </p></li> +<li><p><code class="filename">aaa</code> is the numeric representation + of the + algorithm. + </p></li> +<li><p><code class="filename">iiiii</code> is the key identifier (or + footprint). + </p></li> +</ul></div> +<p><span><strong class="command">dnssec-keygen</strong></span> + creates two files, with names based + on the printed string. <code class="filename">Knnnn.+aaa+iiiii.key</code> + contains the public key, and + <code class="filename">Knnnn.+aaa+iiiii.private</code> contains the + private + key. + </p> +<p> + The <code class="filename">.key</code> file contains a DNS KEY record + that + can be inserted into a zone file (directly or with a $INCLUDE + statement). + </p> +<p> + The <code class="filename">.private</code> file contains + algorithm-specific + fields. For obvious security reasons, this file does not have + general read permission. + </p> +<p> + Both <code class="filename">.key</code> and <code class="filename">.private</code> + files are generated for symmetric encryption algorithms such as + HMAC-MD5, even though the public and private key are equivalent. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2598295"></a><h2>EXAMPLE</h2> +<p> + To generate a 768-bit DSA key for the domain + <strong class="userinput"><code>example.com</code></strong>, the following command would be + issued: + </p> +<p><strong class="userinput"><code>dnssec-keygen -a DSA -b 768 -n ZONE example.com</code></strong> + </p> +<p> + The command would print a string of the form: + </p> +<p><strong class="userinput"><code>Kexample.com.+003+26160</code></strong> + </p> +<p> + In this example, <span><strong class="command">dnssec-keygen</strong></span> creates + the files <code class="filename">Kexample.com.+003+26160.key</code> + and + <code class="filename">Kexample.com.+003+26160.private</code>. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2600195"></a><h2>SEE ALSO</h2> +<p><span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>, + <em class="citetitle">BIND 9 Administrator Reference Manual</em>, + <em class="citetitle">RFC 2535</em>, + <em class="citetitle">RFC 2845</em>, + <em class="citetitle">RFC 2539</em>. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2600226"></a><h2>AUTHOR</h2> +<p><span class="corpauthor">Internet Systems Consortium</span> + </p> +</div> +</div> +<div class="navfooter"> +<hr> +<table width="100%" summary="Navigation footer"> +<tr> +<td width="40%" align="left"> +<a accesskey="p" href="man.host.html">Prev</a> </td> +<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td> +<td width="40%" align="right"> <a accesskey="n" href="man.dnssec-signzone.html">Next</a> +</td> +</tr> +<tr> +<td width="40%" align="left" valign="top">host </td> +<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td> +<td width="40%" align="right" valign="top"> <span class="application">dnssec-signzone</span> +</td> +</tr> +</table> +</div> +</body> +</html> diff --git a/usr.sbin/bind/doc/arm/man.dnssec-signzone.html b/usr.sbin/bind/doc/arm/man.dnssec-signzone.html new file mode 100644 index 00000000000..be2e3219482 --- /dev/null +++ b/usr.sbin/bind/doc/arm/man.dnssec-signzone.html @@ -0,0 +1,323 @@ +<!-- + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2000-2003 Internet Software Consortium. + - + - Permission to use, copy, modify, and distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> +<!-- $ISC: man.dnssec-signzone.html,v 1.2.2.46 2007/10/31 01:35:59 marka Exp $ --> +<html> +<head> +<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> +<title>dnssec-signzone</title> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> +<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> +<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages"> +<link rel="prev" href="man.dnssec-keygen.html" title="dnssec-keygen"> +<link rel="next" href="man.named-checkconf.html" title="named-checkconf"> +</head> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<div class="navheader"> +<table width="100%" summary="Navigation header"> +<tr><th colspan="3" align="center"><span class="application">dnssec-signzone</span></th></tr> +<tr> +<td width="20%" align="left"> +<a accesskey="p" href="man.dnssec-keygen.html">Prev</a> </td> +<th width="60%" align="center">Manual pages</th> +<td width="20%" align="right"> <a accesskey="n" href="man.named-checkconf.html">Next</a> +</td> +</tr> +</table> +<hr> +</div> +<div class="refentry" lang="en"> +<a name="man.dnssec-signzone"></a><div class="titlepage"></div> +<div class="refnamediv"> +<h2>Name</h2> +<p><span class="application">dnssec-signzone</span> — DNSSEC zone signing tool</p> +</div> +<div class="refsynopsisdiv"> +<h2>Synopsis</h2> +<div class="cmdsynopsis"><p><code class="command">dnssec-signzone</code> [<code class="option">-a</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-d <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-e <em class="replaceable"><code>end-time</code></em></code>] [<code class="option">-f <em class="replaceable"><code>output-file</code></em></code>] [<code class="option">-g</code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>key</code></em></code>] [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-I <em class="replaceable"><code>input-format</code></em></code>] [<code class="option">-j <em class="replaceable"><code>jitter</code></em></code>] [<code class="option">-N <em class="replaceable"><code>soa-serial-format</code></em></code>] [<code class="option">-o <em class="replaceable"><code>origin</code></em></code>] [<code class="option">-O <em class="replaceable"><code>output-format</code></em></code>] [<code class="option">-p</code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-s <em class="replaceable"><code>start-time</code></em></code>] [<code class="option">-t</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-z</code>] {zonefile} [key...]</p></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2598823"></a><h2>DESCRIPTION</h2> +<p><span><strong class="command">dnssec-signzone</strong></span> + signs a zone. It generates + NSEC and RRSIG records and produces a signed version of the + zone. The security status of delegations from the signed zone + (that is, whether the child zones are secure or not) is + determined by the presence or absence of a + <code class="filename">keyset</code> file for each child zone. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2598842"></a><h2>OPTIONS</h2> +<div class="variablelist"><dl> +<dt><span class="term">-a</span></dt> +<dd><p> + Verify all generated signatures. + </p></dd> +<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt> +<dd><p> + Specifies the DNS class of the zone. + </p></dd> +<dt><span class="term">-k <em class="replaceable"><code>key</code></em></span></dt> +<dd><p> + Treat specified key as a key signing key ignoring any + key flags. This option may be specified multiple times. + </p></dd> +<dt><span class="term">-l <em class="replaceable"><code>domain</code></em></span></dt> +<dd><p> + Generate a DLV set in addition to the key (DNSKEY) and DS sets. + The domain is appended to the name of the records. + </p></dd> +<dt><span class="term">-d <em class="replaceable"><code>directory</code></em></span></dt> +<dd><p> + Look for <code class="filename">keyset</code> files in + <code class="option">directory</code> as the directory + </p></dd> +<dt><span class="term">-g</span></dt> +<dd><p> + Generate DS records for child zones from keyset files. + Existing DS records will be removed. + </p></dd> +<dt><span class="term">-s <em class="replaceable"><code>start-time</code></em></span></dt> +<dd><p> + Specify the date and time when the generated RRSIG records + become valid. This can be either an absolute or relative + time. An absolute start time is indicated by a number + in YYYYMMDDHHMMSS notation; 20000530144500 denotes + 14:45:00 UTC on May 30th, 2000. A relative start time is + indicated by +N, which is N seconds from the current time. + If no <code class="option">start-time</code> is specified, the current + time minus 1 hour (to allow for clock skew) is used. + </p></dd> +<dt><span class="term">-e <em class="replaceable"><code>end-time</code></em></span></dt> +<dd><p> + Specify the date and time when the generated RRSIG records + expire. As with <code class="option">start-time</code>, an absolute + time is indicated in YYYYMMDDHHMMSS notation. A time relative + to the start time is indicated with +N, which is N seconds from + the start time. A time relative to the current time is + indicated with now+N. If no <code class="option">end-time</code> is + specified, 30 days from the start time is used as a default. + </p></dd> +<dt><span class="term">-f <em class="replaceable"><code>output-file</code></em></span></dt> +<dd><p> + The name of the output file containing the signed zone. The + default is to append <code class="filename">.signed</code> to + the + input filename. + </p></dd> +<dt><span class="term">-h</span></dt> +<dd><p> + Prints a short summary of the options and arguments to + <span><strong class="command">dnssec-signzone</strong></span>. + </p></dd> +<dt><span class="term">-i <em class="replaceable"><code>interval</code></em></span></dt> +<dd> +<p> + When a previously-signed zone is passed as input, records + may be resigned. The <code class="option">interval</code> option + specifies the cycle interval as an offset from the current + time (in seconds). If a RRSIG record expires after the + cycle interval, it is retained. Otherwise, it is considered + to be expiring soon, and it will be replaced. + </p> +<p> + The default cycle interval is one quarter of the difference + between the signature end and start times. So if neither + <code class="option">end-time</code> or <code class="option">start-time</code> + are specified, <span><strong class="command">dnssec-signzone</strong></span> + generates + signatures that are valid for 30 days, with a cycle + interval of 7.5 days. Therefore, if any existing RRSIG records + are due to expire in less than 7.5 days, they would be + replaced. + </p> +</dd> +<dt><span class="term">-I <em class="replaceable"><code>input-format</code></em></span></dt> +<dd><p> + The format of the input zone file. + Possible formats are <span><strong class="command">"text"</strong></span> (default) + and <span><strong class="command">"raw"</strong></span>. + This option is primarily intended to be used for dynamic + signed zones so that the dumped zone file in a non-text + format containing updates can be signed directly. + The use of this option does not make much sense for + non-dynamic zones. + </p></dd> +<dt><span class="term">-j <em class="replaceable"><code>jitter</code></em></span></dt> +<dd> +<p> + When signing a zone with a fixed signature lifetime, all + RRSIG records issued at the time of signing expires + simultaneously. If the zone is incrementally signed, i.e. + a previously-signed zone is passed as input to the signer, + all expired signatures have to be regenerated at about the + same time. The <code class="option">jitter</code> option specifies a + jitter window that will be used to randomize the signature + expire time, thus spreading incremental signature + regeneration over time. + </p> +<p> + Signature lifetime jitter also to some extent benefits + validators and servers by spreading out cache expiration, + i.e. if large numbers of RRSIGs don't expire at the same time + from all caches there will be less congestion than if all + validators need to refetch at mostly the same time. + </p> +</dd> +<dt><span class="term">-n <em class="replaceable"><code>ncpus</code></em></span></dt> +<dd><p> + Specifies the number of threads to use. By default, one + thread is started for each detected CPU. + </p></dd> +<dt><span class="term">-N <em class="replaceable"><code>soa-serial-format</code></em></span></dt> +<dd> +<p> + The SOA serial number format of the signed zone. + Possible formats are <span><strong class="command">"keep"</strong></span> (default), + <span><strong class="command">"increment"</strong></span> and + <span><strong class="command">"unixtime"</strong></span>. + </p> +<div class="variablelist"><dl> +<dt><span class="term"><span><strong class="command">"keep"</strong></span></span></dt> +<dd><p>Do not modify the SOA serial number.</p></dd> +<dt><span class="term"><span><strong class="command">"increment"</strong></span></span></dt> +<dd><p>Increment the SOA serial number using RFC 1982 + arithmetics.</p></dd> +<dt><span class="term"><span><strong class="command">"unixtime"</strong></span></span></dt> +<dd><p>Set the SOA serial number to the number of seconds + since epoch.</p></dd> +</dl></div> +</dd> +<dt><span class="term">-o <em class="replaceable"><code>origin</code></em></span></dt> +<dd><p> + The zone origin. If not specified, the name of the zone file + is assumed to be the origin. + </p></dd> +<dt><span class="term">-O <em class="replaceable"><code>output-format</code></em></span></dt> +<dd><p> + The format of the output file containing the signed zone. + Possible formats are <span><strong class="command">"text"</strong></span> (default) + and <span><strong class="command">"raw"</strong></span>. + </p></dd> +<dt><span class="term">-p</span></dt> +<dd><p> + Use pseudo-random data when signing the zone. This is faster, + but less secure, than using real random data. This option + may be useful when signing large zones or when the entropy + source is limited. + </p></dd> +<dt><span class="term">-r <em class="replaceable"><code>randomdev</code></em></span></dt> +<dd><p> + Specifies the source of randomness. If the operating + system does not provide a <code class="filename">/dev/random</code> + or equivalent device, the default source of randomness + is keyboard input. <code class="filename">randomdev</code> + specifies + the name of a character device or file containing random + data to be used instead of the default. The special value + <code class="filename">keyboard</code> indicates that keyboard + input should be used. + </p></dd> +<dt><span class="term">-t</span></dt> +<dd><p> + Print statistics at completion. + </p></dd> +<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt> +<dd><p> + Sets the debugging level. + </p></dd> +<dt><span class="term">-z</span></dt> +<dd><p> + Ignore KSK flag on key when determining what to sign. + </p></dd> +<dt><span class="term">zonefile</span></dt> +<dd><p> + The file containing the zone to be signed. + </p></dd> +<dt><span class="term">key</span></dt> +<dd><p> + Specify which keys should be used to sign the zone. If + no keys are specified, then the zone will be examined + for DNSKEY records at the zone apex. If these are found and + there are matching private keys, in the current directory, + then these will be used for signing. + </p></dd> +</dl></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2641307"></a><h2>EXAMPLE</h2> +<p> + The following command signs the <strong class="userinput"><code>example.com</code></strong> + zone with the DSA key generated by <span><strong class="command">dnssec-keygen</strong></span> + (Kexample.com.+003+17247). The zone's keys must be in the master + file (<code class="filename">db.example.com</code>). This invocation looks + for <code class="filename">keyset</code> files, in the current directory, + so that DS records can be generated from them (<span><strong class="command">-g</strong></span>). + </p> +<pre class="programlisting">% dnssec-signzone -g -o example.com db.example.com \ +Kexample.com.+003+17247 +db.example.com.signed +%</pre> +<p> + In the above example, <span><strong class="command">dnssec-signzone</strong></span> creates + the file <code class="filename">db.example.com.signed</code>. This + file should be referenced in a zone statement in a + <code class="filename">named.conf</code> file. + </p> +<p> + This example re-signs a previously signed zone with default parameters. + The private keys are assumed to be in the current directory. + </p> +<pre class="programlisting">% cp db.example.com.signed db.example.com +% dnssec-signzone -o example.com db.example.com +db.example.com.signed +%</pre> +</div> +<div class="refsect1" lang="en"> +<a name="id2641380"></a><h2>SEE ALSO</h2> +<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>, + <em class="citetitle">BIND 9 Administrator Reference Manual</em>, + <em class="citetitle">RFC 2535</em>. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2641404"></a><h2>AUTHOR</h2> +<p><span class="corpauthor">Internet Systems Consortium</span> + </p> +</div> +</div> +<div class="navfooter"> +<hr> +<table width="100%" summary="Navigation footer"> +<tr> +<td width="40%" align="left"> +<a accesskey="p" href="man.dnssec-keygen.html">Prev</a> </td> +<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td> +<td width="40%" align="right"> <a accesskey="n" href="man.named-checkconf.html">Next</a> +</td> +</tr> +<tr> +<td width="40%" align="left" valign="top"> +<span class="application">dnssec-keygen</span> </td> +<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td> +<td width="40%" align="right" valign="top"> <span class="application">named-checkconf</span> +</td> +</tr> +</table> +</div> +</body> +</html> diff --git a/usr.sbin/bind/doc/arm/man.host.html b/usr.sbin/bind/doc/arm/man.host.html new file mode 100644 index 00000000000..cf2a4d7b8fc --- /dev/null +++ b/usr.sbin/bind/doc/arm/man.host.html @@ -0,0 +1,249 @@ +<!-- + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2000-2003 Internet Software Consortium. + - + - Permission to use, copy, modify, and distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> +<!-- $ISC: man.host.html,v 1.2.2.46 2007/10/31 01:35:59 marka Exp $ --> +<html> +<head> +<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> +<title>host</title> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> +<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> +<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages"> +<link rel="prev" href="man.dig.html" title="dig"> +<link rel="next" href="man.dnssec-keygen.html" title="dnssec-keygen"> +</head> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<div class="navheader"> +<table width="100%" summary="Navigation header"> +<tr><th colspan="3" align="center">host</th></tr> +<tr> +<td width="20%" align="left"> +<a accesskey="p" href="man.dig.html">Prev</a> </td> +<th width="60%" align="center">Manual pages</th> +<td width="20%" align="right"> <a accesskey="n" href="man.dnssec-keygen.html">Next</a> +</td> +</tr> +</table> +<hr> +</div> +<div class="refentry" lang="en"> +<a name="man.host"></a><div class="titlepage"></div> +<div class="refnamediv"> +<h2>Name</h2> +<p>host — DNS lookup utility</p> +</div> +<div class="refsynopsisdiv"> +<h2>Synopsis</h2> +<div class="cmdsynopsis"><p><code class="command">host</code> [<code class="option">-aCdlnrsTwv</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-N <em class="replaceable"><code>ndots</code></em></code>] [<code class="option">-R <em class="replaceable"><code>number</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-W <em class="replaceable"><code>wait</code></em></code>] [<code class="option">-m <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-4</code>] [<code class="option">-6</code>] {name} [server]</p></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2597000"></a><h2>DESCRIPTION</h2> +<p><span><strong class="command">host</strong></span> + is a simple utility for performing DNS lookups. + It is normally used to convert names to IP addresses and vice versa. + When no arguments or options are given, + <span><strong class="command">host</strong></span> + prints a short summary of its command line arguments and options. + </p> +<p><em class="parameter"><code>name</code></em> is the domain name that is to be + looked + up. It can also be a dotted-decimal IPv4 address or a colon-delimited + IPv6 address, in which case <span><strong class="command">host</strong></span> will by + default + perform a reverse lookup for that address. + <em class="parameter"><code>server</code></em> is an optional argument which + is either + the name or IP address of the name server that <span><strong class="command">host</strong></span> + should query instead of the server or servers listed in + <code class="filename">/etc/resolv.conf</code>. + </p> +<p> + The <code class="option">-a</code> (all) option is equivalent to setting the + <code class="option">-v</code> option and asking <span><strong class="command">host</strong></span> to make + a query of type ANY. + </p> +<p> + When the <code class="option">-C</code> option is used, <span><strong class="command">host</strong></span> + will attempt to display the SOA records for zone + <em class="parameter"><code>name</code></em> from all the listed + authoritative name + servers for that zone. The list of name servers is defined by the NS + records that are found for the zone. + </p> +<p> + The <code class="option">-c</code> option instructs to make a DNS query of class + <em class="parameter"><code>class</code></em>. This can be used to lookup + Hesiod or + Chaosnet class resource records. The default class is IN (Internet). + </p> +<p> + Verbose output is generated by <span><strong class="command">host</strong></span> when + the + <code class="option">-d</code> or <code class="option">-v</code> option is used. The two + options are equivalent. They have been provided for backwards + compatibility. In previous versions, the <code class="option">-d</code> option + switched on debugging traces and <code class="option">-v</code> enabled verbose + output. + </p> +<p> + List mode is selected by the <code class="option">-l</code> option. This makes + <span><strong class="command">host</strong></span> perform a zone transfer for zone + <em class="parameter"><code>name</code></em>. Transfer the zone printing out + the NS, PTR + and address records (A/AAAA). If combined with <code class="option">-a</code> + all records will be printed. + </p> +<p> + The <code class="option">-i</code> + option specifies that reverse lookups of IPv6 addresses should + use the IP6.INT domain as defined in RFC1886. + The default is to use IP6.ARPA. + </p> +<p> + The <code class="option">-N</code> option sets the number of dots that have to be + in <em class="parameter"><code>name</code></em> for it to be considered + absolute. The + default value is that defined using the ndots statement in + <code class="filename">/etc/resolv.conf</code>, or 1 if no ndots + statement is + present. Names with fewer dots are interpreted as relative names and + will be searched for in the domains listed in the <span class="type">search</span> + or <span class="type">domain</span> directive in + <code class="filename">/etc/resolv.conf</code>. + </p> +<p> + The number of UDP retries for a lookup can be changed with the + <code class="option">-R</code> option. <em class="parameter"><code>number</code></em> + indicates + how many times <span><strong class="command">host</strong></span> will repeat a query + that does + not get answered. The default number of retries is 1. If + <em class="parameter"><code>number</code></em> is negative or zero, the + number of + retries will default to 1. + </p> +<p> + Non-recursive queries can be made via the <code class="option">-r</code> option. + Setting this option clears the <span class="type">RD</span> — recursion + desired — bit in the query which <span><strong class="command">host</strong></span> makes. + This should mean that the name server receiving the query will not + attempt to resolve <em class="parameter"><code>name</code></em>. The + <code class="option">-r</code> option enables <span><strong class="command">host</strong></span> + to mimic + the behavior of a name server by making non-recursive queries and + expecting to receive answers to those queries that are usually + referrals to other name servers. + </p> +<p> + By default <span><strong class="command">host</strong></span> uses UDP when making + queries. The + <code class="option">-T</code> option makes it use a TCP connection when querying + the name server. TCP will be automatically selected for queries that + require it, such as zone transfer (AXFR) requests. + </p> +<p> + The <code class="option">-4</code> option forces <span><strong class="command">host</strong></span> to only + use IPv4 query transport. The <code class="option">-6</code> option forces + <span><strong class="command">host</strong></span> to only use IPv6 query transport. + </p> +<p> + The <code class="option">-t</code> option is used to select the query type. + <em class="parameter"><code>type</code></em> can be any recognized query + type: CNAME, + NS, SOA, SIG, KEY, AXFR, etc. When no query type is specified, + <span><strong class="command">host</strong></span> automatically selects an appropriate + query + type. By default it looks for A records, but if the + <code class="option">-C</code> option was given, queries will be made for SOA + records, and if <em class="parameter"><code>name</code></em> is a + dotted-decimal IPv4 + address or colon-delimited IPv6 address, <span><strong class="command">host</strong></span> will + query for PTR records. If a query type of IXFR is chosen the starting + serial number can be specified by appending an equal followed by the + starting serial number (e.g. -t IXFR=12345678). + </p> +<p> + The time to wait for a reply can be controlled through the + <code class="option">-W</code> and <code class="option">-w</code> options. The + <code class="option">-W</code> option makes <span><strong class="command">host</strong></span> + wait for + <em class="parameter"><code>wait</code></em> seconds. If <em class="parameter"><code>wait</code></em> + is less than one, the wait interval is set to one second. When the + <code class="option">-w</code> option is used, <span><strong class="command">host</strong></span> + will + effectively wait forever for a reply. The time to wait for a response + will be set to the number of seconds given by the hardware's maximum + value for an integer quantity. + </p> +<p> + The <code class="option">-s</code> option tells <span><strong class="command">host</strong></span> + <span class="emphasis"><em>not</em></span> to send the query to the next nameserver + if any server responds with a SERVFAIL response, which is the + reverse of normal stub resolver behavior. + </p> +<p> + The <code class="option">-m</code> can be used to set the memory usage debugging + flags + <em class="parameter"><code>record</code></em>, <em class="parameter"><code>usage</code></em> and + <em class="parameter"><code>trace</code></em>. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2597514"></a><h2>IDN SUPPORT</h2> +<p> + If <span><strong class="command">host</strong></span> has been built with IDN (internationalized + domain name) support, it can accept and display non-ASCII domain names. + <span><strong class="command">host</strong></span> appropriately converts character encoding of + domain name before sending a request to DNS server or displaying a + reply from the server. + If you'd like to turn off the IDN support for some reason, defines + the <code class="envar">IDN_DISABLE</code> environment variable. + The IDN support is disabled if the variable is set when + <span><strong class="command">host</strong></span> runs. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2597543"></a><h2>FILES</h2> +<p><code class="filename">/etc/resolv.conf</code> + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2597557"></a><h2>SEE ALSO</h2> +<p><span class="citerefentry"><span class="refentrytitle">dig</span>(1)</span>, + <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>. + </p> +</div> +</div> +<div class="navfooter"> +<hr> +<table width="100%" summary="Navigation footer"> +<tr> +<td width="40%" align="left"> +<a accesskey="p" href="man.dig.html">Prev</a> </td> +<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td> +<td width="40%" align="right"> <a accesskey="n" href="man.dnssec-keygen.html">Next</a> +</td> +</tr> +<tr> +<td width="40%" align="left" valign="top">dig </td> +<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td> +<td width="40%" align="right" valign="top"> <span class="application">dnssec-keygen</span> +</td> +</tr> +</table> +</div> +</body> +</html> diff --git a/usr.sbin/bind/doc/arm/man.named-checkconf.html b/usr.sbin/bind/doc/arm/man.named-checkconf.html new file mode 100644 index 00000000000..9904584738c --- /dev/null +++ b/usr.sbin/bind/doc/arm/man.named-checkconf.html @@ -0,0 +1,130 @@ +<!-- + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2000-2003 Internet Software Consortium. + - + - Permission to use, copy, modify, and distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> +<!-- $ISC: man.named-checkconf.html,v 1.2.2.49 2007/10/31 01:35:59 marka Exp $ --> +<html> +<head> +<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> +<title>named-checkconf</title> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> +<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> +<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages"> +<link rel="prev" href="man.dnssec-signzone.html" title="dnssec-signzone"> +<link rel="next" href="man.named-checkzone.html" title="named-checkzone"> +</head> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<div class="navheader"> +<table width="100%" summary="Navigation header"> +<tr><th colspan="3" align="center"><span class="application">named-checkconf</span></th></tr> +<tr> +<td width="20%" align="left"> +<a accesskey="p" href="man.dnssec-signzone.html">Prev</a> </td> +<th width="60%" align="center">Manual pages</th> +<td width="20%" align="right"> <a accesskey="n" href="man.named-checkzone.html">Next</a> +</td> +</tr> +</table> +<hr> +</div> +<div class="refentry" lang="en"> +<a name="man.named-checkconf"></a><div class="titlepage"></div> +<div class="refnamediv"> +<h2>Name</h2> +<p><span class="application">named-checkconf</span> — named configuration file syntax checking tool</p> +</div> +<div class="refsynopsisdiv"> +<h2>Synopsis</h2> +<div class="cmdsynopsis"><p><code class="command">named-checkconf</code> [<code class="option">-v</code>] [<code class="option">-j</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] {filename} [<code class="option">-z</code>]</p></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2599604"></a><h2>DESCRIPTION</h2> +<p><span><strong class="command">named-checkconf</strong></span> + checks the syntax, but not the semantics, of a named + configuration file. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2599618"></a><h2>OPTIONS</h2> +<div class="variablelist"><dl> +<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt> +<dd><p> + Chroot to <code class="filename">directory</code> so that + include + directives in the configuration file are processed as if + run by a similarly chrooted named. + </p></dd> +<dt><span class="term">-v</span></dt> +<dd><p> + Print the version of the <span><strong class="command">named-checkconf</strong></span> + program and exit. + </p></dd> +<dt><span class="term">-z</span></dt> +<dd><p> + Perform a test load of all master zones found in + <code class="filename">named.conf</code>. + </p></dd> +<dt><span class="term">-j</span></dt> +<dd><p> + When loading a zonefile read the journal if it exists. + </p></dd> +<dt><span class="term">filename</span></dt> +<dd><p> + The name of the configuration file to be checked. If not + specified, it defaults to <code class="filename">/etc/named.conf</code>. + </p></dd> +</dl></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2599720"></a><h2>RETURN VALUES</h2> +<p><span><strong class="command">named-checkconf</strong></span> + returns an exit status of 1 if + errors were detected and 0 otherwise. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2599734"></a><h2>SEE ALSO</h2> +<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">named-checkzone</span>(8)</span>, + <em class="citetitle">BIND 9 Administrator Reference Manual</em>. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2599764"></a><h2>AUTHOR</h2> +<p><span class="corpauthor">Internet Systems Consortium</span> + </p> +</div> +</div> +<div class="navfooter"> +<hr> +<table width="100%" summary="Navigation footer"> +<tr> +<td width="40%" align="left"> +<a accesskey="p" href="man.dnssec-signzone.html">Prev</a> </td> +<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td> +<td width="40%" align="right"> <a accesskey="n" href="man.named-checkzone.html">Next</a> +</td> +</tr> +<tr> +<td width="40%" align="left" valign="top"> +<span class="application">dnssec-signzone</span> </td> +<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td> +<td width="40%" align="right" valign="top"> <span class="application">named-checkzone</span> +</td> +</tr> +</table> +</div> +</body> +</html> diff --git a/usr.sbin/bind/doc/arm/man.named-checkzone.html b/usr.sbin/bind/doc/arm/man.named-checkzone.html new file mode 100644 index 00000000000..490b0d42665 --- /dev/null +++ b/usr.sbin/bind/doc/arm/man.named-checkzone.html @@ -0,0 +1,294 @@ +<!-- + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2000-2003 Internet Software Consortium. + - + - Permission to use, copy, modify, and distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> +<!-- $ISC: man.named-checkzone.html,v 1.2.2.52 2007/10/31 01:35:59 marka Exp $ --> +<html> +<head> +<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> +<title>named-checkzone</title> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> +<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> +<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages"> +<link rel="prev" href="man.named-checkconf.html" title="named-checkconf"> +<link rel="next" href="man.named.html" title="named"> +</head> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<div class="navheader"> +<table width="100%" summary="Navigation header"> +<tr><th colspan="3" align="center"><span class="application">named-checkzone</span></th></tr> +<tr> +<td width="20%" align="left"> +<a accesskey="p" href="man.named-checkconf.html">Prev</a> </td> +<th width="60%" align="center">Manual pages</th> +<td width="20%" align="right"> <a accesskey="n" href="man.named.html">Next</a> +</td> +</tr> +</table> +<hr> +</div> +<div class="refentry" lang="en"> +<a name="man.named-checkzone"></a><div class="titlepage"></div> +<div class="refnamediv"> +<h2>Name</h2> +<p><span class="application">named-checkzone</span>, <span class="application">named-compilezone</span> — zone file validity checking or converting tool</p> +</div> +<div class="refsynopsisdiv"> +<h2>Synopsis</h2> +<div class="cmdsynopsis"><p><code class="command">named-checkzone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-M <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-S <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div> +<div class="cmdsynopsis"><p><code class="command">named-compilezone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-C <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2600689"></a><h2>DESCRIPTION</h2> +<p><span><strong class="command">named-checkzone</strong></span> + checks the syntax and integrity of a zone file. It performs the + same checks as <span><strong class="command">named</strong></span> does when loading a + zone. This makes <span><strong class="command">named-checkzone</strong></span> useful for + checking zone files before configuring them into a name server. + </p> +<p> + <span><strong class="command">named-compilezone</strong></span> is similar to + <span><strong class="command">named-checkzone</strong></span>, but it always dumps the + zone contents to a specified file in a specified format. + Additionally, it applies stricter check levels by default, + since the dump output will be used as an actual zone file + loaded by <span><strong class="command">named</strong></span>. + When manually specified otherwise, the check levels must at + least be as strict as those specified in the + <span><strong class="command">named</strong></span> configuration file. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2600739"></a><h2>OPTIONS</h2> +<div class="variablelist"><dl> +<dt><span class="term">-d</span></dt> +<dd><p> + Enable debugging. + </p></dd> +<dt><span class="term">-q</span></dt> +<dd><p> + Quiet mode - exit code only. + </p></dd> +<dt><span class="term">-v</span></dt> +<dd><p> + Print the version of the <span><strong class="command">named-checkzone</strong></span> + program and exit. + </p></dd> +<dt><span class="term">-j</span></dt> +<dd><p> + When loading the zone file read the journal if it exists. + </p></dd> +<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt> +<dd><p> + Specify the class of the zone. If not specified "IN" is assumed. + </p></dd> +<dt><span class="term">-i <em class="replaceable"><code>mode</code></em></span></dt> +<dd> +<p> + Perform post-load zone integrity checks. Possible modes are + <span><strong class="command">"full"</strong></span> (default), + <span><strong class="command">"full-sibling"</strong></span>, + <span><strong class="command">"local"</strong></span>, + <span><strong class="command">"local-sibling"</strong></span> and + <span><strong class="command">"none"</strong></span>. + </p> +<p> + Mode <span><strong class="command">"full"</strong></span> checks that MX records + refer to A or AAAA record (both in-zone and out-of-zone + hostnames). Mode <span><strong class="command">"local"</strong></span> only + checks MX records which refer to in-zone hostnames. + </p> +<p> + Mode <span><strong class="command">"full"</strong></span> checks that SRV records + refer to A or AAAA record (both in-zone and out-of-zone + hostnames). Mode <span><strong class="command">"local"</strong></span> only + checks SRV records which refer to in-zone hostnames. + </p> +<p> + Mode <span><strong class="command">"full"</strong></span> checks that delegation NS + records refer to A or AAAA record (both in-zone and out-of-zone + hostnames). It also checks that glue address records + in the zone match those advertised by the child. + Mode <span><strong class="command">"local"</strong></span> only checks NS records which + refer to in-zone hostnames or that some required glue exists, + that is when the nameserver is in a child zone. + </p> +<p> + Mode <span><strong class="command">"full-sibling"</strong></span> and + <span><strong class="command">"local-sibling"</strong></span> disable sibling glue + checks but are otherwise the same as <span><strong class="command">"full"</strong></span> + and <span><strong class="command">"local"</strong></span> respectively. + </p> +<p> + Mode <span><strong class="command">"none"</strong></span> disables the checks. + </p> +</dd> +<dt><span class="term">-f <em class="replaceable"><code>format</code></em></span></dt> +<dd><p> + Specify the format of the zone file. + Possible formats are <span><strong class="command">"text"</strong></span> (default) + and <span><strong class="command">"raw"</strong></span>. + </p></dd> +<dt><span class="term">-F <em class="replaceable"><code>format</code></em></span></dt> +<dd><p> + Specify the format of the output file specified. + Possible formats are <span><strong class="command">"text"</strong></span> (default) + and <span><strong class="command">"raw"</strong></span>. + For <span><strong class="command">named-checkzone</strong></span>, + this does not cause any effects unless it dumps the zone + contents. + </p></dd> +<dt><span class="term">-k <em class="replaceable"><code>mode</code></em></span></dt> +<dd><p> + Perform <span><strong class="command">"check-names"</strong></span> checks with the + specified failure mode. + Possible modes are <span><strong class="command">"fail"</strong></span> + (default for <span><strong class="command">named-compilezone</strong></span>), + <span><strong class="command">"warn"</strong></span> + (default for <span><strong class="command">named-checkzone</strong></span>) and + <span><strong class="command">"ignore"</strong></span>. + </p></dd> +<dt><span class="term">-m <em class="replaceable"><code>mode</code></em></span></dt> +<dd><p> + Specify whether MX records should be checked to see if they + are addresses. Possible modes are <span><strong class="command">"fail"</strong></span>, + <span><strong class="command">"warn"</strong></span> (default) and + <span><strong class="command">"ignore"</strong></span>. + </p></dd> +<dt><span class="term">-M <em class="replaceable"><code>mode</code></em></span></dt> +<dd><p> + Check if a MX record refers to a CNAME. + Possible modes are <span><strong class="command">"fail"</strong></span>, + <span><strong class="command">"warn"</strong></span> (default) and + <span><strong class="command">"ignore"</strong></span>. + </p></dd> +<dt><span class="term">-n <em class="replaceable"><code>mode</code></em></span></dt> +<dd><p> + Specify whether NS records should be checked to see if they + are addresses. + Possible modes are <span><strong class="command">"fail"</strong></span> + (default for <span><strong class="command">named-compilezone</strong></span>), + <span><strong class="command">"warn"</strong></span> + (default for <span><strong class="command">named-checkzone</strong></span>) and + <span><strong class="command">"ignore"</strong></span>. + </p></dd> +<dt><span class="term">-o <em class="replaceable"><code>filename</code></em></span></dt> +<dd><p> + Write zone output to <code class="filename">filename</code>. + This is mandatory for <span><strong class="command">named-compilezone</strong></span>. + </p></dd> +<dt><span class="term">-s <em class="replaceable"><code>style</code></em></span></dt> +<dd><p> + Specify the style of the dumped zone file. + Possible styles are <span><strong class="command">"full"</strong></span> (default) + and <span><strong class="command">"relative"</strong></span>. + The full format is most suitable for processing + automatically by a separate script. + On the other hand, the relative format is more + human-readable and is thus suitable for editing by hand. + For <span><strong class="command">named-checkzone</strong></span> + this does not cause any effects unless it dumps the zone + contents. + It also does not have any meaning if the output format + is not text. + </p></dd> +<dt><span class="term">-S <em class="replaceable"><code>mode</code></em></span></dt> +<dd><p> + Check if a SRV record refers to a CNAME. + Possible modes are <span><strong class="command">"fail"</strong></span>, + <span><strong class="command">"warn"</strong></span> (default) and + <span><strong class="command">"ignore"</strong></span>. + </p></dd> +<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt> +<dd><p> + Chroot to <code class="filename">directory</code> so that + include + directives in the configuration file are processed as if + run by a similarly chrooted named. + </p></dd> +<dt><span class="term">-w <em class="replaceable"><code>directory</code></em></span></dt> +<dd><p> + chdir to <code class="filename">directory</code> so that + relative + filenames in master file $INCLUDE directives work. This + is similar to the directory clause in + <code class="filename">named.conf</code>. + </p></dd> +<dt><span class="term">-D</span></dt> +<dd><p> + Dump zone file in canonical format. + This is always enabled for <span><strong class="command">named-compilezone</strong></span>. + </p></dd> +<dt><span class="term">-W <em class="replaceable"><code>mode</code></em></span></dt> +<dd><p> + Specify whether to check for non-terminal wildcards. + Non-terminal wildcards are almost always the result of a + failure to understand the wildcard matching algorithm (RFC 1034). + Possible modes are <span><strong class="command">"warn"</strong></span> (default) + and + <span><strong class="command">"ignore"</strong></span>. + </p></dd> +<dt><span class="term">zonename</span></dt> +<dd><p> + The domain name of the zone being checked. + </p></dd> +<dt><span class="term">filename</span></dt> +<dd><p> + The name of the zone file. + </p></dd> +</dl></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2655177"></a><h2>RETURN VALUES</h2> +<p><span><strong class="command">named-checkzone</strong></span> + returns an exit status of 1 if + errors were detected and 0 otherwise. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2655191"></a><h2>SEE ALSO</h2> +<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>, + <em class="citetitle">RFC 1035</em>, + <em class="citetitle">BIND 9 Administrator Reference Manual</em>. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2655224"></a><h2>AUTHOR</h2> +<p><span class="corpauthor">Internet Systems Consortium</span> + </p> +</div> +</div> +<div class="navfooter"> +<hr> +<table width="100%" summary="Navigation footer"> +<tr> +<td width="40%" align="left"> +<a accesskey="p" href="man.named-checkconf.html">Prev</a> </td> +<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td> +<td width="40%" align="right"> <a accesskey="n" href="man.named.html">Next</a> +</td> +</tr> +<tr> +<td width="40%" align="left" valign="top"> +<span class="application">named-checkconf</span> </td> +<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td> +<td width="40%" align="right" valign="top"> <span class="application">named</span> +</td> +</tr> +</table> +</div> +</body> +</html> diff --git a/usr.sbin/bind/doc/arm/man.named.html b/usr.sbin/bind/doc/arm/man.named.html new file mode 100644 index 00000000000..21afccef273 --- /dev/null +++ b/usr.sbin/bind/doc/arm/man.named.html @@ -0,0 +1,293 @@ +<!-- + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2000-2003 Internet Software Consortium. + - + - Permission to use, copy, modify, and distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> +<!-- $ISC: man.named.html,v 1.2.2.53 2007/10/31 01:35:59 marka Exp $ --> +<html> +<head> +<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> +<title>named</title> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> +<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> +<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages"> +<link rel="prev" href="man.named-checkzone.html" title="named-checkzone"> +<link rel="next" href="man.rndc.html" title="rndc"> +</head> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<div class="navheader"> +<table width="100%" summary="Navigation header"> +<tr><th colspan="3" align="center"><span class="application">named</span></th></tr> +<tr> +<td width="20%" align="left"> +<a accesskey="p" href="man.named-checkzone.html">Prev</a> </td> +<th width="60%" align="center">Manual pages</th> +<td width="20%" align="right"> <a accesskey="n" href="man.rndc.html">Next</a> +</td> +</tr> +</table> +<hr> +</div> +<div class="refentry" lang="en"> +<a name="man.named"></a><div class="titlepage"></div> +<div class="refnamediv"> +<h2>Name</h2> +<p><span class="application">named</span> — Internet domain name server</p> +</div> +<div class="refsynopsisdiv"> +<h2>Synopsis</h2> +<div class="cmdsynopsis"><p><code class="command">named</code> [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-m <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>] [<code class="option">-x <em class="replaceable"><code>cache-file</code></em></code>]</p></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2601798"></a><h2>DESCRIPTION</h2> +<p><span><strong class="command">named</strong></span> + is a Domain Name System (DNS) server, + part of the BIND 9 distribution from ISC. For more + information on the DNS, see RFCs 1033, 1034, and 1035. + </p> +<p> + When invoked without arguments, <span><strong class="command">named</strong></span> + will + read the default configuration file + <code class="filename">/etc/named.conf</code>, read any initial + data, and listen for queries. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2601829"></a><h2>OPTIONS</h2> +<div class="variablelist"><dl> +<dt><span class="term">-4</span></dt> +<dd><p> + Use IPv4 only even if the host machine is capable of IPv6. + <code class="option">-4</code> and <code class="option">-6</code> are mutually + exclusive. + </p></dd> +<dt><span class="term">-6</span></dt> +<dd><p> + Use IPv6 only even if the host machine is capable of IPv4. + <code class="option">-4</code> and <code class="option">-6</code> are mutually + exclusive. + </p></dd> +<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt> +<dd><p> + Use <em class="replaceable"><code>config-file</code></em> as the + configuration file instead of the default, + <code class="filename">/etc/named.conf</code>. To + ensure that reloading the configuration file continues + to work after the server has changed its working + directory due to to a possible + <code class="option">directory</code> option in the configuration + file, <em class="replaceable"><code>config-file</code></em> should be + an absolute pathname. + </p></dd> +<dt><span class="term">-d <em class="replaceable"><code>debug-level</code></em></span></dt> +<dd><p> + Set the daemon's debug level to <em class="replaceable"><code>debug-level</code></em>. + Debugging traces from <span><strong class="command">named</strong></span> become + more verbose as the debug level increases. + </p></dd> +<dt><span class="term">-f</span></dt> +<dd><p> + Run the server in the foreground (i.e. do not daemonize). + </p></dd> +<dt><span class="term">-g</span></dt> +<dd><p> + Run the server in the foreground and force all logging + to <code class="filename">stderr</code>. + </p></dd> +<dt><span class="term">-m <em class="replaceable"><code>flag</code></em></span></dt> +<dd><p> + Turn on memory usage debugging flags. Possible flags are + <em class="replaceable"><code>usage</code></em>, + <em class="replaceable"><code>trace</code></em>, + <em class="replaceable"><code>record</code></em>, + <em class="replaceable"><code>size</code></em>, and + <em class="replaceable"><code>mctx</code></em>. + These correspond to the ISC_MEM_DEBUGXXXX flags described in + <code class="filename"><isc/mem.h></code>. + </p></dd> +<dt><span class="term">-n <em class="replaceable"><code>#cpus</code></em></span></dt> +<dd><p> + Create <em class="replaceable"><code>#cpus</code></em> worker threads + to take advantage of multiple CPUs. If not specified, + <span><strong class="command">named</strong></span> will try to determine the + number of CPUs present and create one thread per CPU. + If it is unable to determine the number of CPUs, a + single worker thread will be created. + </p></dd> +<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt> +<dd><p> + Listen for queries on port <em class="replaceable"><code>port</code></em>. If not + specified, the default is port 53. + </p></dd> +<dt><span class="term">-s</span></dt> +<dd> +<p> + Write memory usage statistics to <code class="filename">stdout</code> on exit. + </p> +<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"> +<h3 class="title">Note</h3> +<p> + This option is mainly of interest to BIND 9 developers + and may be removed or changed in a future release. + </p> +</div> +</dd> +<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt> +<dd> +<p>Chroot + to <em class="replaceable"><code>directory</code></em> after + processing the command line arguments, but before + reading the configuration file. + </p> +<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"> +<h3 class="title">Warning</h3> +<p> + This option should be used in conjunction with the + <code class="option">-u</code> option, as chrooting a process + running as root doesn't enhance security on most + systems; the way <code class="function">chroot(2)</code> is + defined allows a process with root privileges to + escape a chroot jail. + </p> +</div> +</dd> +<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt> +<dd> +<p>Setuid + to <em class="replaceable"><code>user</code></em> after completing + privileged operations, such as creating sockets that + listen on privileged ports. + </p> +<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"> +<h3 class="title">Note</h3> +<p> + On Linux, <span><strong class="command">named</strong></span> uses the kernel's + capability mechanism to drop all root privileges + except the ability to <code class="function">bind(2)</code> to + a + privileged port and set process resource limits. + Unfortunately, this means that the <code class="option">-u</code> + option only works when <span><strong class="command">named</strong></span> is + run + on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or + later, since previous kernels did not allow privileges + to be retained after <code class="function">setuid(2)</code>. + </p> +</div> +</dd> +<dt><span class="term">-v</span></dt> +<dd><p> + Report the version number and exit. + </p></dd> +<dt><span class="term">-x <em class="replaceable"><code>cache-file</code></em></span></dt> +<dd> +<p> + Load data from <em class="replaceable"><code>cache-file</code></em> into the + cache of the default view. + </p> +<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"> +<h3 class="title">Warning</h3> +<p> + This option must not be used. It is only of interest + to BIND 9 developers and may be removed or changed in a + future release. + </p> +</div> +</dd> +</dl></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2604492"></a><h2>SIGNALS</h2> +<p> + In routine operation, signals should not be used to control + the nameserver; <span><strong class="command">rndc</strong></span> should be used + instead. + </p> +<div class="variablelist"><dl> +<dt><span class="term">SIGHUP</span></dt> +<dd><p> + Force a reload of the server. + </p></dd> +<dt><span class="term">SIGINT, SIGTERM</span></dt> +<dd><p> + Shut down the server. + </p></dd> +</dl></div> +<p> + The result of sending any other signals to the server is undefined. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2604542"></a><h2>CONFIGURATION</h2> +<p> + The <span><strong class="command">named</strong></span> configuration file is too complex + to describe in detail here. A complete description is provided + in the + <em class="citetitle">BIND 9 Administrator Reference Manual</em>. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2604562"></a><h2>FILES</h2> +<div class="variablelist"><dl> +<dt><span class="term"><code class="filename">/etc/named.conf</code></span></dt> +<dd><p> + The default configuration file. + </p></dd> +<dt><span class="term"><code class="filename">/var/run/named.pid</code></span></dt> +<dd><p> + The default process-id file. + </p></dd> +</dl></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2604605"></a><h2>SEE ALSO</h2> +<p><em class="citetitle">RFC 1033</em>, + <em class="citetitle">RFC 1034</em>, + <em class="citetitle">RFC 1035</em>, + <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">named-checkzone</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">lwresd</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>, + <em class="citetitle">BIND 9 Administrator Reference Manual</em>. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2604881"></a><h2>AUTHOR</h2> +<p><span class="corpauthor">Internet Systems Consortium</span> + </p> +</div> +</div> +<div class="navfooter"> +<hr> +<table width="100%" summary="Navigation footer"> +<tr> +<td width="40%" align="left"> +<a accesskey="p" href="man.named-checkzone.html">Prev</a> </td> +<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td> +<td width="40%" align="right"> <a accesskey="n" href="man.rndc.html">Next</a> +</td> +</tr> +<tr> +<td width="40%" align="left" valign="top"> +<span class="application">named-checkzone</span> </td> +<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td> +<td width="40%" align="right" valign="top"> <span class="application">rndc</span> +</td> +</tr> +</table> +</div> +</body> +</html> diff --git a/usr.sbin/bind/doc/arm/man.rndc-confgen.html b/usr.sbin/bind/doc/arm/man.rndc-confgen.html new file mode 100644 index 00000000000..272af9db068 --- /dev/null +++ b/usr.sbin/bind/doc/arm/man.rndc-confgen.html @@ -0,0 +1,222 @@ +<!-- + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2000-2003 Internet Software Consortium. + - + - Permission to use, copy, modify, and distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> +<!-- $ISC: man.rndc-confgen.html,v 1.2.2.55 2007/10/31 01:35:59 marka Exp $ --> +<html> +<head> +<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> +<title>rndc-confgen</title> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> +<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> +<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages"> +<link rel="prev" href="man.rndc.conf.html" title="rndc.conf"> +</head> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<div class="navheader"> +<table width="100%" summary="Navigation header"> +<tr><th colspan="3" align="center"><span class="application">rndc-confgen</span></th></tr> +<tr> +<td width="20%" align="left"> +<a accesskey="p" href="man.rndc.conf.html">Prev</a> </td> +<th width="60%" align="center">Manual pages</th> +<td width="20%" align="right"> </td> +</tr> +</table> +<hr> +</div> +<div class="refentry" lang="en"> +<a name="man.rndc-confgen"></a><div class="titlepage"></div> +<div class="refnamediv"> +<h2>Name</h2> +<p><span class="application">rndc-confgen</span> — rndc key generation tool</p> +</div> +<div class="refsynopsisdiv"> +<h2>Synopsis</h2> +<div class="cmdsynopsis"><p><code class="command">rndc-confgen</code> [<code class="option">-a</code>] [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>] [<code class="option">-c <em class="replaceable"><code>keyfile</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [<code class="option">-s <em class="replaceable"><code>address</code></em></code>] [<code class="option">-t <em class="replaceable"><code>chrootdir</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>]</p></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2605524"></a><h2>DESCRIPTION</h2> +<p><span><strong class="command">rndc-confgen</strong></span> + generates configuration files + for <span><strong class="command">rndc</strong></span>. It can be used as a + convenient alternative to writing the + <code class="filename">rndc.conf</code> file + and the corresponding <span><strong class="command">controls</strong></span> + and <span><strong class="command">key</strong></span> + statements in <code class="filename">named.conf</code> by hand. + Alternatively, it can be run with the <span><strong class="command">-a</strong></span> + option to set up a <code class="filename">rndc.key</code> file and + avoid the need for a <code class="filename">rndc.conf</code> file + and a <span><strong class="command">controls</strong></span> statement altogether. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2605590"></a><h2>OPTIONS</h2> +<div class="variablelist"><dl> +<dt><span class="term">-a</span></dt> +<dd> +<p> + Do automatic <span><strong class="command">rndc</strong></span> configuration. + This creates a file <code class="filename">rndc.key</code> + in <code class="filename">/etc</code> (or whatever + <code class="varname">sysconfdir</code> + was specified as when <acronym class="acronym">BIND</acronym> was + built) + that is read by both <span><strong class="command">rndc</strong></span> + and <span><strong class="command">named</strong></span> on startup. The + <code class="filename">rndc.key</code> file defines a default + command channel and authentication key allowing + <span><strong class="command">rndc</strong></span> to communicate with + <span><strong class="command">named</strong></span> on the local host + with no further configuration. + </p> +<p> + Running <span><strong class="command">rndc-confgen -a</strong></span> allows + BIND 9 and <span><strong class="command">rndc</strong></span> to be used as + drop-in + replacements for BIND 8 and <span><strong class="command">ndc</strong></span>, + with no changes to the existing BIND 8 + <code class="filename">named.conf</code> file. + </p> +<p> + If a more elaborate configuration than that + generated by <span><strong class="command">rndc-confgen -a</strong></span> + is required, for example if rndc is to be used remotely, + you should run <span><strong class="command">rndc-confgen</strong></span> without + the + <span><strong class="command">-a</strong></span> option and set up a + <code class="filename">rndc.conf</code> and + <code class="filename">named.conf</code> + as directed. + </p> +</dd> +<dt><span class="term">-b <em class="replaceable"><code>keysize</code></em></span></dt> +<dd><p> + Specifies the size of the authentication key in bits. + Must be between 1 and 512 bits; the default is 128. + </p></dd> +<dt><span class="term">-c <em class="replaceable"><code>keyfile</code></em></span></dt> +<dd><p> + Used with the <span><strong class="command">-a</strong></span> option to specify + an alternate location for <code class="filename">rndc.key</code>. + </p></dd> +<dt><span class="term">-h</span></dt> +<dd><p> + Prints a short summary of the options and arguments to + <span><strong class="command">rndc-confgen</strong></span>. + </p></dd> +<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt> +<dd><p> + Specifies the key name of the rndc authentication key. + This must be a valid domain name. + The default is <code class="constant">rndc-key</code>. + </p></dd> +<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt> +<dd><p> + Specifies the command channel port where <span><strong class="command">named</strong></span> + listens for connections from <span><strong class="command">rndc</strong></span>. + The default is 953. + </p></dd> +<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt> +<dd><p> + Specifies a source of random data for generating the + authorization. If the operating + system does not provide a <code class="filename">/dev/random</code> + or equivalent device, the default source of randomness + is keyboard input. <code class="filename">randomdev</code> + specifies + the name of a character device or file containing random + data to be used instead of the default. The special value + <code class="filename">keyboard</code> indicates that keyboard + input should be used. + </p></dd> +<dt><span class="term">-s <em class="replaceable"><code>address</code></em></span></dt> +<dd><p> + Specifies the IP address where <span><strong class="command">named</strong></span> + listens for command channel connections from + <span><strong class="command">rndc</strong></span>. The default is the loopback + address 127.0.0.1. + </p></dd> +<dt><span class="term">-t <em class="replaceable"><code>chrootdir</code></em></span></dt> +<dd><p> + Used with the <span><strong class="command">-a</strong></span> option to specify + a directory where <span><strong class="command">named</strong></span> will run + chrooted. An additional copy of the <code class="filename">rndc.key</code> + will be written relative to this directory so that + it will be found by the chrooted <span><strong class="command">named</strong></span>. + </p></dd> +<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt> +<dd><p> + Used with the <span><strong class="command">-a</strong></span> option to set the + owner + of the <code class="filename">rndc.key</code> file generated. + If + <span><strong class="command">-t</strong></span> is also specified only the file + in + the chroot area has its owner changed. + </p></dd> +</dl></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2606454"></a><h2>EXAMPLES</h2> +<p> + To allow <span><strong class="command">rndc</strong></span> to be used with + no manual configuration, run + </p> +<p><strong class="userinput"><code>rndc-confgen -a</code></strong> + </p> +<p> + To print a sample <code class="filename">rndc.conf</code> file and + corresponding <span><strong class="command">controls</strong></span> and <span><strong class="command">key</strong></span> + statements to be manually inserted into <code class="filename">named.conf</code>, + run + </p> +<p><strong class="userinput"><code>rndc-confgen</code></strong> + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2609036"></a><h2>SEE ALSO</h2> +<p><span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>, + <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, + <em class="citetitle">BIND 9 Administrator Reference Manual</em>. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2609075"></a><h2>AUTHOR</h2> +<p><span class="corpauthor">Internet Systems Consortium</span> + </p> +</div> +</div> +<div class="navfooter"> +<hr> +<table width="100%" summary="Navigation footer"> +<tr> +<td width="40%" align="left"> +<a accesskey="p" href="man.rndc.conf.html">Prev</a> </td> +<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td> +<td width="40%" align="right"> </td> +</tr> +<tr> +<td width="40%" align="left" valign="top"> +<code class="filename">rndc.conf</code> </td> +<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td> +<td width="40%" align="right" valign="top"> </td> +</tr> +</table> +</div> +</body> +</html> diff --git a/usr.sbin/bind/doc/arm/man.rndc.conf.html b/usr.sbin/bind/doc/arm/man.rndc.conf.html new file mode 100644 index 00000000000..fdc0899e303 --- /dev/null +++ b/usr.sbin/bind/doc/arm/man.rndc.conf.html @@ -0,0 +1,255 @@ +<!-- + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2000-2003 Internet Software Consortium. + - + - Permission to use, copy, modify, and distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> +<!-- $ISC: man.rndc.conf.html,v 1.2.2.55 2007/10/31 01:35:59 marka Exp $ --> +<html> +<head> +<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> +<title>rndc.conf</title> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> +<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> +<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages"> +<link rel="prev" href="man.rndc.html" title="rndc"> +<link rel="next" href="man.rndc-confgen.html" title="rndc-confgen"> +</head> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<div class="navheader"> +<table width="100%" summary="Navigation header"> +<tr><th colspan="3" align="center"><code class="filename">rndc.conf</code></th></tr> +<tr> +<td width="20%" align="left"> +<a accesskey="p" href="man.rndc.html">Prev</a> </td> +<th width="60%" align="center">Manual pages</th> +<td width="20%" align="right"> <a accesskey="n" href="man.rndc-confgen.html">Next</a> +</td> +</tr> +</table> +<hr> +</div> +<div class="refentry" lang="en"> +<a name="man.rndc.conf"></a><div class="titlepage"></div> +<div class="refnamediv"> +<h2>Name</h2> +<p><code class="filename">rndc.conf</code> — rndc configuration file</p> +</div> +<div class="refsynopsisdiv"> +<h2>Synopsis</h2> +<div class="cmdsynopsis"><p><code class="command">rndc.conf</code> </p></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2603676"></a><h2>DESCRIPTION</h2> +<p><code class="filename">rndc.conf</code> is the configuration file + for <span><strong class="command">rndc</strong></span>, the BIND 9 name server control + utility. This file has a similar structure and syntax to + <code class="filename">named.conf</code>. Statements are enclosed + in braces and terminated with a semi-colon. Clauses in + the statements are also semi-colon terminated. The usual + comment styles are supported: + </p> +<p> + C style: /* */ + </p> +<p> + C++ style: // to end of line + </p> +<p> + Unix style: # to end of line + </p> +<p><code class="filename">rndc.conf</code> is much simpler than + <code class="filename">named.conf</code>. The file uses three + statements: an options statement, a server statement + and a key statement. + </p> +<p> + The <code class="option">options</code> statement contains five clauses. + The <code class="option">default-server</code> clause is followed by the + name or address of a name server. This host will be used when + no name server is given as an argument to + <span><strong class="command">rndc</strong></span>. The <code class="option">default-key</code> + clause is followed by the name of a key which is identified by + a <code class="option">key</code> statement. If no + <code class="option">keyid</code> is provided on the rndc command line, + and no <code class="option">key</code> clause is found in a matching + <code class="option">server</code> statement, this default key will be + used to authenticate the server's commands and responses. The + <code class="option">default-port</code> clause is followed by the port + to connect to on the remote name server. If no + <code class="option">port</code> option is provided on the rndc command + line, and no <code class="option">port</code> clause is found in a + matching <code class="option">server</code> statement, this default port + will be used to connect. + The <code class="option">default-source-address</code> and + <code class="option">default-source-address-v6</code> clauses which + can be used to set the IPv4 and IPv6 source addresses + respectively. + </p> +<p> + After the <code class="option">server</code> keyword, the server + statement includes a string which is the hostname or address + for a name server. The statement has three possible clauses: + <code class="option">key</code>, <code class="option">port</code> and + <code class="option">addresses</code>. The key name must match the + name of a key statement in the file. The port number + specifies the port to connect to. If an <code class="option">addresses</code> + clause is supplied these addresses will be used instead of + the server name. Each address can take an optional port. + If an <code class="option">source-address</code> or <code class="option">source-address-v6</code> + of supplied then these will be used to specify the IPv4 and IPv6 + source addresses respectively. + </p> +<p> + The <code class="option">key</code> statement begins with an identifying + string, the name of the key. The statement has two clauses. + <code class="option">algorithm</code> identifies the encryption algorithm + for <span><strong class="command">rndc</strong></span> to use; currently only HMAC-MD5 + is + supported. This is followed by a secret clause which contains + the base-64 encoding of the algorithm's encryption key. The + base-64 string is enclosed in double quotes. + </p> +<p> + There are two common ways to generate the base-64 string for the + secret. The BIND 9 program <span><strong class="command">rndc-confgen</strong></span> + can + be used to generate a random key, or the + <span><strong class="command">mmencode</strong></span> program, also known as + <span><strong class="command">mimencode</strong></span>, can be used to generate a + base-64 + string from known input. <span><strong class="command">mmencode</strong></span> does + not + ship with BIND 9 but is available on many systems. See the + EXAMPLE section for sample command lines for each. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2604121"></a><h2>EXAMPLE</h2> +<pre class="programlisting"> + options { + default-server localhost; + default-key samplekey; + }; +</pre> +<p> + </p> +<pre class="programlisting"> + server localhost { + key samplekey; + }; +</pre> +<p> + </p> +<pre class="programlisting"> + server testserver { + key testkey; + addresses { localhost port 5353; }; + }; +</pre> +<p> + </p> +<pre class="programlisting"> + key samplekey { + algorithm hmac-md5; + secret "6FMfj43Osz4lyb24OIe2iGEz9lf1llJO+lz"; + }; +</pre> +<p> + </p> +<pre class="programlisting"> + key testkey { + algorithm hmac-md5; + secret "R3HI8P6BKw9ZwXwN3VZKuQ=="; + }; + </pre> +<p> + </p> +<p> + In the above example, <span><strong class="command">rndc</strong></span> will by + default use + the server at localhost (127.0.0.1) and the key called samplekey. + Commands to the localhost server will use the samplekey key, which + must also be defined in the server's configuration file with the + same name and secret. The key statement indicates that samplekey + uses the HMAC-MD5 algorithm and its secret clause contains the + base-64 encoding of the HMAC-MD5 secret enclosed in double quotes. + </p> +<p> + If <span><strong class="command">rndc -s testserver</strong></span> is used then <span><strong class="command">rndc</strong></span> will + connect to server on localhost port 5353 using the key testkey. + </p> +<p> + To generate a random secret with <span><strong class="command">rndc-confgen</strong></span>: + </p> +<p><strong class="userinput"><code>rndc-confgen</code></strong> + </p> +<p> + A complete <code class="filename">rndc.conf</code> file, including + the + randomly generated key, will be written to the standard + output. Commented-out <code class="option">key</code> and + <code class="option">controls</code> statements for + <code class="filename">named.conf</code> are also printed. + </p> +<p> + To generate a base-64 secret with <span><strong class="command">mmencode</strong></span>: + </p> +<p><strong class="userinput"><code>echo "known plaintext for a secret" | mmencode</code></strong> + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2604994"></a><h2>NAME SERVER CONFIGURATION</h2> +<p> + The name server must be configured to accept rndc connections and + to recognize the key specified in the <code class="filename">rndc.conf</code> + file, using the controls statement in <code class="filename">named.conf</code>. + See the sections on the <code class="option">controls</code> statement in the + BIND 9 Administrator Reference Manual for details. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2605019"></a><h2>SEE ALSO</h2> +<p><span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">rndc-confgen</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">mmencode</span>(1)</span>, + <em class="citetitle">BIND 9 Administrator Reference Manual</em>. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2605058"></a><h2>AUTHOR</h2> +<p><span class="corpauthor">Internet Systems Consortium</span> + </p> +</div> +</div> +<div class="navfooter"> +<hr> +<table width="100%" summary="Navigation footer"> +<tr> +<td width="40%" align="left"> +<a accesskey="p" href="man.rndc.html">Prev</a> </td> +<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td> +<td width="40%" align="right"> <a accesskey="n" href="man.rndc-confgen.html">Next</a> +</td> +</tr> +<tr> +<td width="40%" align="left" valign="top"> +<span class="application">rndc</span> </td> +<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td> +<td width="40%" align="right" valign="top"> <span class="application">rndc-confgen</span> +</td> +</tr> +</table> +</div> +</body> +</html> diff --git a/usr.sbin/bind/doc/arm/man.rndc.html b/usr.sbin/bind/doc/arm/man.rndc.html new file mode 100644 index 00000000000..291538cd92f --- /dev/null +++ b/usr.sbin/bind/doc/arm/man.rndc.html @@ -0,0 +1,202 @@ +<!-- + - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2000-2003 Internet Software Consortium. + - + - Permission to use, copy, modify, and distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> +<!-- $ISC: man.rndc.html,v 1.2.2.54 2007/10/31 01:35:59 marka Exp $ --> +<html> +<head> +<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> +<title>rndc</title> +<meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> +<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual"> +<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages"> +<link rel="prev" href="man.named.html" title="named"> +<link rel="next" href="man.rndc.conf.html" title="rndc.conf"> +</head> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<div class="navheader"> +<table width="100%" summary="Navigation header"> +<tr><th colspan="3" align="center"><span class="application">rndc</span></th></tr> +<tr> +<td width="20%" align="left"> +<a accesskey="p" href="man.named.html">Prev</a> </td> +<th width="60%" align="center">Manual pages</th> +<td width="20%" align="right"> <a accesskey="n" href="man.rndc.conf.html">Next</a> +</td> +</tr> +</table> +<hr> +</div> +<div class="refentry" lang="en"> +<a name="man.rndc"></a><div class="titlepage"></div> +<div class="refnamediv"> +<h2>Name</h2> +<p><span class="application">rndc</span> — name server control utility</p> +</div> +<div class="refsynopsisdiv"> +<h2>Synopsis</h2> +<div class="cmdsynopsis"><p><code class="command">rndc</code> [<code class="option">-b <em class="replaceable"><code>source-address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key-file</code></em></code>] [<code class="option">-s <em class="replaceable"><code>server</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-V</code>] [<code class="option">-y <em class="replaceable"><code>key_id</code></em></code>] {command}</p></div> +</div> +<div class="refsect1" lang="en"> +<a name="id2603169"></a><h2>DESCRIPTION</h2> +<p><span><strong class="command">rndc</strong></span> + controls the operation of a name + server. It supersedes the <span><strong class="command">ndc</strong></span> utility + that was provided in old BIND releases. If + <span><strong class="command">rndc</strong></span> is invoked with no command line + options or arguments, it prints a short summary of the + supported commands and the available options and their + arguments. + </p> +<p><span><strong class="command">rndc</strong></span> + communicates with the name server + over a TCP connection, sending commands authenticated with + digital signatures. In the current versions of + <span><strong class="command">rndc</strong></span> and <span><strong class="command">named</strong></span>, + the only supported authentication algorithm is HMAC-MD5, + which uses a shared secret on each end of the connection. + This provides TSIG-style authentication for the command + request and the name server's response. All commands sent + over the channel must be signed by a key_id known to the + server. + </p> +<p><span><strong class="command">rndc</strong></span> + reads a configuration file to + determine how to contact the name server and decide what + algorithm and key it should use. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2603219"></a><h2>OPTIONS</h2> +<div class="variablelist"><dl> +<dt><span class="term">-b <em class="replaceable"><code>source-address</code></em></span></dt> +<dd><p> + Use <em class="replaceable"><code>source-address</code></em> + as the source address for the connection to the server. + Multiple instances are permitted to allow setting of both + the IPv4 and IPv6 source addresses. + </p></dd> +<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt> +<dd><p> + Use <em class="replaceable"><code>config-file</code></em> + as the configuration file instead of the default, + <code class="filename">/etc/rndc.conf</code>. + </p></dd> +<dt><span class="term">-k <em class="replaceable"><code>key-file</code></em></span></dt> +<dd><p> + Use <em class="replaceable"><code>key-file</code></em> + as the key file instead of the default, + <code class="filename">/etc/rndc.key</code>. The key in + <code class="filename">/etc/rndc.key</code> will be used to + authenticate + commands sent to the server if the <em class="replaceable"><code>config-file</code></em> + does not exist. + </p></dd> +<dt><span class="term">-s <em class="replaceable"><code>server</code></em></span></dt> +<dd><p><em class="replaceable"><code>server</code></em> is + the name or address of the server which matches a + server statement in the configuration file for + <span><strong class="command">rndc</strong></span>. If no server is supplied on the + command line, the host named by the default-server clause + in the options statement of the <span><strong class="command">rndc</strong></span> + configuration file will be used. + </p></dd> +<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt> +<dd><p> + Send commands to TCP port + <em class="replaceable"><code>port</code></em> + instead + of BIND 9's default control channel port, 953. + </p></dd> +<dt><span class="term">-V</span></dt> +<dd><p> + Enable verbose logging. + </p></dd> +<dt><span class="term">-y <em class="replaceable"><code>key_id</code></em></span></dt> +<dd><p> + Use the key <em class="replaceable"><code>key_id</code></em> + from the configuration file. + <em class="replaceable"><code>key_id</code></em> + must be + known by named with the same algorithm and secret string + in order for control message validation to succeed. + If no <em class="replaceable"><code>key_id</code></em> + is specified, <span><strong class="command">rndc</strong></span> will first look + for a key clause in the server statement of the server + being used, or if no server statement is present for that + host, then the default-key clause of the options statement. + Note that the configuration file contains shared secrets + which are used to send authenticated control commands + to name servers. It should therefore not have general read + or write access. + </p></dd> +</dl></div> +<p> + For the complete set of commands supported by <span><strong class="command">rndc</strong></span>, + see the BIND 9 Administrator Reference Manual or run + <span><strong class="command">rndc</strong></span> without arguments to see its help + message. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2603512"></a><h2>LIMITATIONS</h2> +<p><span><strong class="command">rndc</strong></span> + does not yet support all the commands of + the BIND 8 <span><strong class="command">ndc</strong></span> utility. + </p> +<p> + There is currently no way to provide the shared secret for a + <code class="option">key_id</code> without using the configuration file. + </p> +<p> + Several error messages could be clearer. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2603543"></a><h2>SEE ALSO</h2> +<p><span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>, + <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>, + <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>, + <span class="citerefentry"><span class="refentrytitle">ndc</span>(8)</span>, + <em class="citetitle">BIND 9 Administrator Reference Manual</em>. + </p> +</div> +<div class="refsect1" lang="en"> +<a name="id2603590"></a><h2>AUTHOR</h2> +<p><span class="corpauthor">Internet Systems Consortium</span> + </p> +</div> +</div> +<div class="navfooter"> +<hr> +<table width="100%" summary="Navigation footer"> +<tr> +<td width="40%" align="left"> +<a accesskey="p" href="man.named.html">Prev</a> </td> +<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td> +<td width="40%" align="right"> <a accesskey="n" href="man.rndc.conf.html">Next</a> +</td> +</tr> +<tr> +<td width="40%" align="left" valign="top"> +<span class="application">named</span> </td> +<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td> +<td width="40%" align="right" valign="top"> <code class="filename">rndc.conf</code> +</td> +</tr> +</table> +</div> +</body> +</html> diff --git a/usr.sbin/bind/doc/misc/Makefile.in b/usr.sbin/bind/doc/misc/Makefile.in index c9b6eba1ca0..30b04597ea4 100644 --- a/usr.sbin/bind/doc/misc/Makefile.in +++ b/usr.sbin/bind/doc/misc/Makefile.in @@ -1,7 +1,7 @@ -# Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2007 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2001 Internet Software Consortium. # -# Permission to use, copy, modify, and distribute this software for any +# Permission to use, copy, modify, and/or distribute this software for any # purpose with or without fee is hereby granted, provided that the above # copyright notice and this permission notice appear in all copies. # @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.1.12.3 2004/03/08 09:04:25 marka Exp $ +# $ISC: Makefile.in,v 1.3.18.3 2007/08/28 07:20:03 tbox Exp $ srcdir = @srcdir@ VPATH = @srcdir@ @@ -30,7 +30,18 @@ doc man:: ${MANOBJS} docclean manclean maintainer-clean:: rm -f options -options: ../../bin/tests/cfg_test - ../../bin/tests/cfg_test --named --grammar | \ - ${PERL} ${srcdir}/format-options.pl >options || \ - rm -f options +# Do not make options depend on ../../bin/tests/cfg_test, doing so +# will cause excessively clever versions of make to attempt to build +# that program right here, right now, if it is missing, which will +# cause make doc to bomb. + +CFG_TEST = ../../bin/tests/cfg_test + +options: FORCE + if test -x ${CFG_TEST} && \ + ${CFG_TEST} --named --grammar | \ + ${PERL} ${srcdir}/format-options.pl >$@.new ; then \ + mv -f $@.new $@ ; \ + else \ + rm -f $@.new ; \ + fi diff --git a/usr.sbin/bind/doc/misc/format-options.pl b/usr.sbin/bind/doc/misc/format-options.pl index 3eda35a283e..ecdb5311981 100644 --- a/usr.sbin/bind/doc/misc/format-options.pl +++ b/usr.sbin/bind/doc/misc/format-options.pl @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: format-options.pl,v 1.1.206.1 2004/03/06 13:16:19 marka Exp $ +# $ISC: format-options.pl,v 1.2 2004/03/05 05:04:53 marka Exp $ print <<END; diff --git a/usr.sbin/bind/doc/misc/ipv6 b/usr.sbin/bind/doc/misc/ipv6 index bc5487eb7ba..5b1fe4ab264 100644 --- a/usr.sbin/bind/doc/misc/ipv6 +++ b/usr.sbin/bind/doc/misc/ipv6 @@ -110,4 +110,4 @@ RELEVANT RFCs 3542: Advanced Sockets Application Program Interface (API) for IPv6 -$ISC: ipv6,v 1.5.206.4 2004/08/10 04:28:15 jinmei Exp $ +$ISC: ipv6,v 1.6.18.3 2004/08/10 04:28:41 jinmei Exp $ diff --git a/usr.sbin/bind/doc/misc/migration-4to9 b/usr.sbin/bind/doc/misc/migration-4to9 index 81327255b45..d339ce0ca7c 100644 --- a/usr.sbin/bind/doc/misc/migration-4to9 +++ b/usr.sbin/bind/doc/misc/migration-4to9 @@ -2,7 +2,7 @@ Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") Copyright (C) 2001 Internet Software Consortium. See COPYRIGHT in the source root or http://isc.org/copyright.html for terms. -$ISC: migration-4to9,v 1.3.206.1 2004/03/06 13:16:19 marka Exp $ +$ISC: migration-4to9,v 1.4 2004/03/05 05:04:53 marka Exp $ BIND 4 to BIND 9 Migration Notes diff --git a/usr.sbin/bind/doc/misc/options b/usr.sbin/bind/doc/misc/options index 01546b72644..a17c52274eb 100644 --- a/usr.sbin/bind/doc/misc/options +++ b/usr.sbin/bind/doc/misc/options @@ -50,6 +50,7 @@ options { use-ixfr <boolean>; version ( <quoted_string> | none ); flush-zones-on-shutdown <boolean>; + allow-query-cache { <address_match_element>; ... }; allow-recursion { <address_match_element>; ... }; allow-v6-synthesis { <address_match_element>; ... }; // obsolete sortlist { <address_match_element>; ... }; @@ -81,25 +82,41 @@ options { dual-stack-servers [ port <integer> ] { ( <quoted_string> [port <integer>] | <ipv4_address> [port <integer>] | <ipv6_address> [port <integer>] ); ... }; edns-udp-size <integer>; + max-udp-size <integer>; root-delegation-only [ exclude { <quoted_string>; ... } ]; disable-algorithms <string> { <string>; ... }; dnssec-enable <boolean>; + dnssec-validation <boolean>; dnssec-lookaside <string> trust-anchor <string>; dnssec-must-be-secure <string> <boolean>; + dnssec-accept-expired <boolean>; + ixfr-from-differences <ixfrdiff>; + acache-enable <boolean>; + acache-cleaning-interval <integer>; + max-acache-size <size_no_default>; + clients-per-query <integer>; + max-clients-per-query <integer>; + empty-server <string>; + empty-contact <string>; + empty-zones-enable <boolean>; + disable-empty-zone <string>; + zero-no-soa-ttl-cache <boolean>; allow-query { <address_match_element>; ... }; allow-transfer { <address_match_element>; ... }; + allow-update { <address_match_element>; ... }; allow-update-forwarding { <address_match_element>; ... }; allow-notify { <address_match_element>; ... }; + masterfile-format ( text | raw ); notify <notifytype>; notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ]; also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... }; + notify-delay <integer>; dialup <dialuptype>; forward ( first | only ); forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... }; - ixfr-from-differences <boolean>; maintain-ixfr-base <boolean>; // obsolete max-ixfr-log-size <size>; // obsolete max-journal-size <size_no_default>; @@ -122,12 +139,21 @@ options { use-alt-transfer-source <boolean>; zone-statistics <boolean>; key-directory <quoted_string>; + check-wildcard <boolean>; + check-integrity <boolean>; + check-mx ( fail | warn | ignore ); + check-mx-cname ( fail | warn | ignore ); + check-srv-cname ( fail | warn | ignore ); + check-sibling <boolean>; + zero-no-soa-ttl <boolean>; + update-check-ksk <boolean>; }; controls { inet ( <ipv4_address> | <ipv6_address> | * ) [ port ( <integer> | * ) ] allow { <address_match_element>; ... } [ keys { <string>; ... } ]; - unix <unsupported>; // not implemented + unix <quoted_string> perm <integer> owner <integer> group <integer> + [ keys { <string>; ... } ]; }; acl <string> { <address_match_element>; ... }; @@ -160,8 +186,8 @@ view <string> <optional_class> { zone <string> <optional_class> { type ( master | slave | stub | hint | forward | delegation-only ); - allow-update { <address_match_element>; ... }; file <quoted_string>; + journal <quoted_string>; ixfr-base <quoted_string>; // obsolete ixfr-tmp-file <quoted_string>; // obsolete masters [ port <integer> ] { ( <masters> | <ipv4_address> @@ -169,14 +195,17 @@ view <string> <optional_class> { pubkey <integer> <integer> <integer> <quoted_string>; // obsolete update-policy { ( grant | deny ) <string> ( name | - subdomain | wildcard | self ) <string> <rrtypelist>; ... }; + subdomain | wildcard | self | selfsub | selfwild ) <string> <rrtypelist>; ... }; database <string>; delegation-only <boolean>; check-names ( fail | warn | ignore ); + ixfr-from-differences <boolean>; allow-query { <address_match_element>; ... }; allow-transfer { <address_match_element>; ... }; + allow-update { <address_match_element>; ... }; allow-update-forwarding { <address_match_element>; ... }; allow-notify { <address_match_element>; ... }; + masterfile-format ( text | raw ); notify <notifytype>; notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; @@ -184,11 +213,11 @@ view <string> <optional_class> { | * ) ]; also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... }; + notify-delay <integer>; dialup <dialuptype>; forward ( first | only ); forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... }; - ixfr-from-differences <boolean>; maintain-ixfr-base <boolean>; // obsolete max-ixfr-log-size <size>; // obsolete max-journal-size <size_no_default>; @@ -213,8 +242,19 @@ view <string> <optional_class> { use-alt-transfer-source <boolean>; zone-statistics <boolean>; key-directory <quoted_string>; + check-wildcard <boolean>; + check-integrity <boolean>; + check-mx ( fail | warn | ignore ); + check-mx-cname ( fail | warn | ignore ); + check-srv-cname ( fail | warn | ignore ); + check-sibling <boolean>; + zero-no-soa-ttl <boolean>; + update-check-ksk <boolean>; + }; + dlz <string> { + database <string>; }; - server <netaddr> { + server <netprefix> { bogus <boolean>; provide-ixfr <boolean>; request-ixfr <boolean>; @@ -223,6 +263,14 @@ view <string> <optional_class> { transfer-format ( many-answers | one-answer ); keys <server_key>; edns <boolean>; + edns-udp-size <integer>; + max-udp-size <integer>; + notify-source ( <ipv4_address> | * ) [ port ( <integer> | * + ) ]; + notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> + | * ) ]; + query-source <querysource4>; + query-source-v6 <querysource6>; transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; transfer-source-v6 ( <ipv6_address> | * ) [ port ( @@ -230,6 +278,7 @@ view <string> <optional_class> { }; trusted-keys { <string> <integer> <integer> <integer> <quoted_string>; ... }; + allow-query-cache { <address_match_element>; ... }; allow-recursion { <address_match_element>; ... }; allow-v6-synthesis { <address_match_element>; ... }; // obsolete sortlist { <address_match_element>; ... }; @@ -261,25 +310,41 @@ view <string> <optional_class> { dual-stack-servers [ port <integer> ] { ( <quoted_string> [port <integer>] | <ipv4_address> [port <integer>] | <ipv6_address> [port <integer>] ); ... }; edns-udp-size <integer>; + max-udp-size <integer>; root-delegation-only [ exclude { <quoted_string>; ... } ]; disable-algorithms <string> { <string>; ... }; dnssec-enable <boolean>; + dnssec-validation <boolean>; dnssec-lookaside <string> trust-anchor <string>; dnssec-must-be-secure <string> <boolean>; + dnssec-accept-expired <boolean>; + ixfr-from-differences <ixfrdiff>; + acache-enable <boolean>; + acache-cleaning-interval <integer>; + max-acache-size <size_no_default>; + clients-per-query <integer>; + max-clients-per-query <integer>; + empty-server <string>; + empty-contact <string>; + empty-zones-enable <boolean>; + disable-empty-zone <string>; + zero-no-soa-ttl-cache <boolean>; allow-query { <address_match_element>; ... }; allow-transfer { <address_match_element>; ... }; + allow-update { <address_match_element>; ... }; allow-update-forwarding { <address_match_element>; ... }; allow-notify { <address_match_element>; ... }; + masterfile-format ( text | raw ); notify <notifytype>; notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ]; also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... }; + notify-delay <integer>; dialup <dialuptype>; forward ( first | only ); forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... }; - ixfr-from-differences <boolean>; maintain-ixfr-base <boolean>; // obsolete max-ixfr-log-size <size>; // obsolete max-journal-size <size_no_default>; @@ -302,6 +367,15 @@ view <string> <optional_class> { use-alt-transfer-source <boolean>; zone-statistics <boolean>; key-directory <quoted_string>; + check-wildcard <boolean>; + check-integrity <boolean>; + check-mx ( fail | warn | ignore ); + check-mx-cname ( fail | warn | ignore ); + check-srv-cname ( fail | warn | ignore ); + check-sibling <boolean>; + zero-no-soa-ttl <boolean>; + update-check-ksk <boolean>; + database <string>; }; lwres { @@ -319,32 +393,35 @@ key <string> { zone <string> <optional_class> { type ( master | slave | stub | hint | forward | delegation-only ); - allow-update { <address_match_element>; ... }; file <quoted_string>; + journal <quoted_string>; ixfr-base <quoted_string>; // obsolete ixfr-tmp-file <quoted_string>; // obsolete masters [ port <integer> ] { ( <masters> | <ipv4_address> [port <integer>] | <ipv6_address> [port <integer>] ) [ key <string> ]; ... }; pubkey <integer> <integer> <integer> <quoted_string>; // obsolete update-policy { ( grant | deny ) <string> ( name | subdomain | - wildcard | self ) <string> <rrtypelist>; ... }; + wildcard | self | selfsub | selfwild ) <string> <rrtypelist>; ... }; database <string>; delegation-only <boolean>; check-names ( fail | warn | ignore ); + ixfr-from-differences <boolean>; allow-query { <address_match_element>; ... }; allow-transfer { <address_match_element>; ... }; + allow-update { <address_match_element>; ... }; allow-update-forwarding { <address_match_element>; ... }; allow-notify { <address_match_element>; ... }; + masterfile-format ( text | raw ); notify <notifytype>; notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ]; also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... }; + notify-delay <integer>; dialup <dialuptype>; forward ( first | only ); forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> ) [ port <integer> ]; ... }; - ixfr-from-differences <boolean>; maintain-ixfr-base <boolean>; // obsolete max-ixfr-log-size <size>; // obsolete max-journal-size <size_no_default>; @@ -367,9 +444,21 @@ zone <string> <optional_class> { use-alt-transfer-source <boolean>; zone-statistics <boolean>; key-directory <quoted_string>; + check-wildcard <boolean>; + check-integrity <boolean>; + check-mx ( fail | warn | ignore ); + check-mx-cname ( fail | warn | ignore ); + check-srv-cname ( fail | warn | ignore ); + check-sibling <boolean>; + zero-no-soa-ttl <boolean>; + update-check-ksk <boolean>; }; -server <netaddr> { +dlz <string> { + database <string>; +}; + +server <netprefix> { bogus <boolean>; provide-ixfr <boolean>; request-ixfr <boolean>; @@ -378,6 +467,12 @@ server <netaddr> { transfer-format ( many-answers | one-answer ); keys <server_key>; edns <boolean>; + edns-udp-size <integer>; + max-udp-size <integer>; + notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; + notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ]; + query-source <querysource4>; + query-source-v6 <querysource6>; transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ]; transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ]; }; diff --git a/usr.sbin/bind/doc/misc/rfc-compliance b/usr.sbin/bind/doc/misc/rfc-compliance index 1ef8b28647d..9695f261f6f 100644 --- a/usr.sbin/bind/doc/misc/rfc-compliance +++ b/usr.sbin/bind/doc/misc/rfc-compliance @@ -2,7 +2,7 @@ Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") Copyright (C) 2001 Internet Software Consortium. See COPYRIGHT in the source root or http://isc.org/copyright.html for terms. -$ISC: rfc-compliance,v 1.3.206.1 2004/03/06 13:16:20 marka Exp $ +$ISC: rfc-compliance,v 1.4 2004/03/05 05:04:53 marka Exp $ BIND 9 is striving for strict compliance with IETF standards. We believe this release of BIND 9 complies with the following RFCs, with diff --git a/usr.sbin/bind/doc/misc/roadmap b/usr.sbin/bind/doc/misc/roadmap index 3e85526867d..5f930eb5121 100644 --- a/usr.sbin/bind/doc/misc/roadmap +++ b/usr.sbin/bind/doc/misc/roadmap @@ -2,7 +2,7 @@ Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") Copyright (C) 2000, 2001 Internet Software Consortium. See COPYRIGHT in the source root or http://isc.org/copyright.html for terms. -$ISC: roadmap,v 1.1.206.1 2004/03/06 13:16:20 marka Exp $ +$ISC: roadmap,v 1.2 2004/03/05 05:04:54 marka Exp $ Road Map to the BIND 9 Source Tree diff --git a/usr.sbin/bind/doc/misc/sdb b/usr.sbin/bind/doc/misc/sdb index 02236d8c119..39f802b5b56 100644 --- a/usr.sbin/bind/doc/misc/sdb +++ b/usr.sbin/bind/doc/misc/sdb @@ -166,4 +166,4 @@ Future Directions A future release may support dynamic loading of sdb drivers. -$ISC: sdb,v 1.5.206.1 2004/03/06 13:16:20 marka Exp $ +$ISC: sdb,v 1.6 2004/03/05 05:04:54 marka Exp $ diff --git a/usr.sbin/bind/doc/xsl/Makefile.in b/usr.sbin/bind/doc/xsl/Makefile.in index fe1a03049c8..2feb70d4aee 100644 --- a/usr.sbin/bind/doc/xsl/Makefile.in +++ b/usr.sbin/bind/doc/xsl/Makefile.in @@ -12,7 +12,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.2.36.1 2005/09/12 22:41:12 marka Exp $ +# $ISC: Makefile.in,v 1.2.2.1 2005/07/19 05:55:47 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/doc/xsl/copyright.xsl b/usr.sbin/bind/doc/xsl/copyright.xsl index a9caa447c41..00448718edb 100644 --- a/usr.sbin/bind/doc/xsl/copyright.xsl +++ b/usr.sbin/bind/doc/xsl/copyright.xsl @@ -14,7 +14,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: copyright.xsl,v 1.2.10.2 2005/05/13 01:22:35 marka Exp $ --> +<!-- $ISC: copyright.xsl,v 1.2.2.3 2005/07/19 05:55:48 marka Exp $ --> <!-- Generate ISC copyright comments from Docbook copyright metadata. --> @@ -33,6 +33,22 @@ </xsl:if> </xsl:template> + <xsl:variable name="isc.copyright.text"> + <xsl:text> + Permission to use, copy, modify, and distribute this software for any + purpose with or without fee is hereby granted, provided that the above + copyright notice and this permission notice appear in all copies. + + THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + PERFORMANCE OF THIS SOFTWARE. + </xsl:text> + </xsl:variable> + <xsl:variable name="isc.copyright"> <xsl:call-template name="isc.copyright.format"> <xsl:with-param name="text"> @@ -45,19 +61,7 @@ <xsl:value-of select="holder"/> <xsl:text> </xsl:text> </xsl:for-each> - <xsl:text> - Permission to use, copy, modify, and distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. - </xsl:text> + <xsl:value-of select="$isc.copyright.text"/> </xsl:with-param> </xsl:call-template> </xsl:variable> diff --git a/usr.sbin/bind/doc/xsl/isc-docbook-chunk.xsl.in b/usr.sbin/bind/doc/xsl/isc-docbook-chunk.xsl.in index c64acbb5ff6..3c764eaaf8b 100644 --- a/usr.sbin/bind/doc/xsl/isc-docbook-chunk.xsl.in +++ b/usr.sbin/bind/doc/xsl/isc-docbook-chunk.xsl.in @@ -14,7 +14,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: isc-docbook-chunk.xsl.in,v 1.3.4.2 2005/05/13 01:22:35 marka Exp $ --> +<!-- $ISC: isc-docbook-chunk.xsl.in,v 1.2.2.3 2005/05/13 01:32:49 marka Exp $ --> <!-- ISC customizations for Docbook-XSL chunked HTML generator --> diff --git a/usr.sbin/bind/doc/xsl/isc-docbook-html.xsl.in b/usr.sbin/bind/doc/xsl/isc-docbook-html.xsl.in index 37d82332dd4..f06c83ffb6d 100644 --- a/usr.sbin/bind/doc/xsl/isc-docbook-html.xsl.in +++ b/usr.sbin/bind/doc/xsl/isc-docbook-html.xsl.in @@ -14,7 +14,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: isc-docbook-html.xsl.in,v 1.3.4.2 2005/05/13 01:22:35 marka Exp $ --> +<!-- $ISC: isc-docbook-html.xsl.in,v 1.2.2.3 2005/05/13 01:32:49 marka Exp $ --> <!-- ISC customizations for Docbook-XSL HTML generator --> diff --git a/usr.sbin/bind/doc/xsl/isc-docbook-latex-mappings.xml b/usr.sbin/bind/doc/xsl/isc-docbook-latex-mappings.xml new file mode 100644 index 00000000000..1a3281f144f --- /dev/null +++ b/usr.sbin/bind/doc/xsl/isc-docbook-latex-mappings.xml @@ -0,0 +1,37 @@ +<!-- + - Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + - + - Permission to use, copy, modify, and distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> + +<!-- $ISC: isc-docbook-latex-mappings.xml,v 1.2.2.1 2005/07/19 05:55:48 marka Exp $ --> + +<!-- + - ISC modifications to db2latex mapping rules. + - + - We want <refentry/> elements to show up in the table of contents, + - so we need to generate \section{}, not \section*{}. + --> + +<latexbindings> + <latexmapping role="begin"> + <mapping key="refentry" text=""> + <line>% </line> + <line>% ------------------------------------------------------------- </line> + <line>% Refentry </line> + <line>% ------------------------------------------------------------- </line> + <line>\section{%title%} </line> + <line>\label{%id%}\hypertarget{%id%}{}% </line> + </mapping> + </latexmapping> +</latexbindings> diff --git a/usr.sbin/bind/doc/xsl/isc-docbook-latex.xsl.in b/usr.sbin/bind/doc/xsl/isc-docbook-latex.xsl.in index 28ac913e874..11775ad2209 100644 --- a/usr.sbin/bind/doc/xsl/isc-docbook-latex.xsl.in +++ b/usr.sbin/bind/doc/xsl/isc-docbook-latex.xsl.in @@ -14,7 +14,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: isc-docbook-latex.xsl.in,v 1.2.10.2 2005/05/13 01:22:35 marka Exp $ --> +<!-- $ISC: isc-docbook-latex.xsl.in,v 1.2.2.3 2005/07/19 05:55:48 marka Exp $ --> <!-- ISC customizations for db2latex generator --> @@ -31,7 +31,8 @@ <xsl:param name="latex.use.longtable" select="1"/> <!-- LaTeX2e documentclass options. --> - <xsl:param name="latex.documentclass.common" select="''"/> + <xsl:param name="latex.documentclass.common"/> + <xsl:param name="latex.documentclass.book">10pt,twoside,openright</xsl:param> <!-- This documentation is in English (or maybe Bad English) --> <xsl:param name="latex.babel.language" select="'english'"/> @@ -43,6 +44,9 @@ <!-- ANSI C function prototypes, please --> <xsl:param name="funcsynopsis.style">ansi</xsl:param> + <!-- Local modifications to db2latex's mapping rules --> + <xsl:param name="latex.mapping.xml" select="document('isc-docbook-latex-mappings.xml')"/> + <!-- Patch around db2latex (0.8pre1) bug --> <xsl:template match="copyright/year"> <xsl:apply-templates /> @@ -67,12 +71,92 @@ - Add support for multiple <para/> elements in a table entry. - db2latex is already typesetting the table entry as a parbox, - so we just have to insert the paragraph breaks. - --> + --> <xsl:template match="tbody/row/entry/para[position() != last()]"> <xsl:apply-imports/> <xsl:text> \par </xsl:text> </xsl:template> + <!-- + - Add support for <optional/> in <programlisting/>. + --> + <xsl:template match="optional" mode="latex.verbatim"> + <xsl:text>[</xsl:text> + <xsl:apply-templates mode="latex.verbatim"/> + <xsl:text>]</xsl:text> + </xsl:template> + + <!-- + - Customize the title page. Are we having fun yet? + - + - NB: filename of graphic specified without extension. + - LaTeX includes file.eps, PDFLaTeX includes file.pdf. + - + - Spacing and font sizes could probably use some work. + --> + <xsl:param name="latex.maketitle"> + <xsl:text> + \begin{titlepage} + \null\vfil + \vskip 60pt + \begin{center}% + { %\LARGE + \Huge + \bfseries + </xsl:text> + <xsl:for-each select="/book/title"> + <xsl:call-template name="text"/> + </xsl:for-each> + <xsl:text> + \par}% + \vskip 3em% + { %\large + \Large + \lineskip .75em% + </xsl:text> + <xsl:for-each select="/book/bookinfo/releaseinfo[1]"> + <xsl:call-template name="text"/> + </xsl:for-each> + <xsl:text> + \par} + %\vskip 1.5em% + \vfil + \includegraphics{isc-logo} + \end{center}\par + \vfil\null + \end{titlepage} + </xsl:text> + <xsl:text> </xsl:text> + </xsl:param> + + <!-- + - More front matter: copyright notice, CVS revision number, table + - of contents. + --> + <xsl:template match="book/bookinfo"> + <xsl:apply-imports/> + <xsl:text>\begin{center} </xsl:text> + <xsl:value-of select="$isc.copyright.text"/> + <xsl:text>\end{center} </xsl:text> + <xsl:for-each select="/book/bookinfo/releaseinfo[position() > 1]"> + <xsl:text>\begin{center}</xsl:text> + <xsl:call-template name="text"/> + <xsl:text>\end{center} </xsl:text> + </xsl:for-each> + <xsl:text>\tableofcontents </xsl:text> + </xsl:template> + + <!-- + - Try to avoid some weird looking line breaks. + - + - This doesn't really work right, so disable for now. + --> + <xsl:template match="literal" mode="disabled"> + <xsl:text>\mbox{</xsl:text> + <xsl:apply-imports/> + <xsl:text>}</xsl:text> + </xsl:template> + </xsl:stylesheet> <!-- diff --git a/usr.sbin/bind/doc/xsl/isc-docbook-text.xsl b/usr.sbin/bind/doc/xsl/isc-docbook-text.xsl new file mode 100644 index 00000000000..b48af384f57 --- /dev/null +++ b/usr.sbin/bind/doc/xsl/isc-docbook-text.xsl @@ -0,0 +1,50 @@ +<!-- + - Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + - + - Permission to use, copy, modify, and distribute this software for any + - purpose with or without fee is hereby granted, provided that the above + - copyright notice and this permission notice appear in all copies. + - + - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + - PERFORMANCE OF THIS SOFTWARE. +--> + +<!-- $ISC: isc-docbook-text.xsl,v 1.1.10.1 2005/09/05 03:01:47 marka Exp $ --> + +<!-- Tweaks to Docbook-XSL HTML for producing flat ASCII text. --> + +<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0" + xmlns:l="http://docbook.sourceforge.net/xmlns/l10n/1.0"> + + <!-- Import our Docbook HTML stuff --> + <xsl:import href="isc-docbook-html.xsl"/> + + <!-- Disable tables of contents (for now - tweak as needed) --> + <xsl:param name="generate.toc"/> + + <!-- Voodoo to read i18n/l10n overrides directly from this stylesheet --> + <xsl:param name="local.l10n.xml" select="document('')"/> + + <!-- Customize Docbook-XSL i18n/l10n mappings. --> + <l:i18n> + <l:l10n language="en" english-language-name="English"> + + <!-- Please use plain old ASCII quotes --> + <l:dingbat key="startquote" text='"'/> + <l:dingbat key="endquote" text='"'/> + + </l:l10n> + </l:i18n> + +</xsl:stylesheet> + +<!-- + - Local variables: + - mode: sgml + - End: + --> diff --git a/usr.sbin/bind/doc/xsl/isc-manpage.xsl.in b/usr.sbin/bind/doc/xsl/isc-manpage.xsl.in index 13ca7d3ac7b..9705f6bfa11 100644 --- a/usr.sbin/bind/doc/xsl/isc-manpage.xsl.in +++ b/usr.sbin/bind/doc/xsl/isc-manpage.xsl.in @@ -1,7 +1,7 @@ <!-- - - Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: isc-manpage.xsl.in,v 1.4.4.3 2005/09/12 00:05:27 marka Exp $ --> +<!-- $ISC: isc-manpage.xsl.in,v 1.2.2.8 2007/08/28 07:20:03 tbox Exp $ --> <!-- ISC customizations for Docbook-XSL manual page generator. --> @@ -52,6 +52,7 @@ - disable chunking, and suppress output of .so files. --> <xsl:template name="write.text.chunk"> + <xsl:param name="content"/> <xsl:if test="substring($content, 1, 4) != '.so ' or substring-after($content, ' ') != ''"> <xsl:call-template name="isc.no.blanks"> diff --git a/usr.sbin/bind/doc/xsl/pre-latex.xsl b/usr.sbin/bind/doc/xsl/pre-latex.xsl index de60a5a11f7..95595bb9413 100644 --- a/usr.sbin/bind/doc/xsl/pre-latex.xsl +++ b/usr.sbin/bind/doc/xsl/pre-latex.xsl @@ -14,7 +14,7 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: pre-latex.xsl,v 1.2.10.3 2005/09/15 02:28:26 marka Exp $ --> +<!-- $ISC: pre-latex.xsl,v 1.2.2.3 2005/09/15 02:28:05 marka Exp $ --> <!-- - Whack — into something that won't choke LaTeX. diff --git a/usr.sbin/bind/isc-config.sh.in b/usr.sbin/bind/isc-config.sh.in index 6cf7df98eec..e328089331d 100644 --- a/usr.sbin/bind/isc-config.sh.in +++ b/usr.sbin/bind/isc-config.sh.in @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: isc-config.sh.in,v 1.10.12.3 2004/03/08 04:04:12 marka Exp $ +# $ISC: isc-config.sh.in,v 1.15 2004/03/05 04:56:57 marka Exp $ prefix=@prefix@ exec_prefix=@exec_prefix@ diff --git a/usr.sbin/bind/lib/bind9/Makefile.in b/usr.sbin/bind/lib/bind9/Makefile.in index 809628dd731..57b2aa81424 100644 --- a/usr.sbin/bind/lib/bind9/Makefile.in +++ b/usr.sbin/bind/lib/bind9/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.2.200.10 2004/12/10 00:05:48 marka Exp $ +# $ISC: Makefile.in,v 1.4.18.5 2004/12/10 00:11:50 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/bind9/api b/usr.sbin/bind/lib/bind9/api index be7faa6948e..93632d14040 100644 --- a/usr.sbin/bind/lib/bind9/api +++ b/usr.sbin/bind/lib/bind9/api @@ -1,3 +1,3 @@ -LIBINTERFACE = 0 -LIBREVISION = 8 -LIBAGE = 0 +LIBINTERFACE = 31 +LIBREVISION = 0 +LIBAGE = 1 diff --git a/usr.sbin/bind/lib/bind9/check.c b/usr.sbin/bind/lib/bind9/check.c index 63c472b00c9..344c75e5dc6 100644 --- a/usr.sbin/bind/lib/bind9/check.c +++ b/usr.sbin/bind/lib/bind9/check.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001-2003 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,12 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: check.c,v 1.37.6.34 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: check.c,v 1.44.18.35 2007/09/13 05:04:01 each Exp $ */ + +/*! \file */ #include <config.h> #include <stdlib.h> -#include <string.h> #include <isc/buffer.h> #include <isc/log.h> @@ -30,18 +31,25 @@ #include <isc/region.h> #include <isc/result.h> #include <isc/sockaddr.h> +#include <isc/string.h> #include <isc/symtab.h> #include <isc/util.h> +#include <dns/acl.h> #include <dns/fixedname.h> #include <dns/rdataclass.h> #include <dns/rdatatype.h> #include <dns/secalg.h> +#include <isccfg/aclconf.h> #include <isccfg/cfg.h> #include <bind9/check.h> +#ifndef DNS_RDATASET_FIXED +#define DNS_RDATASET_FIXED 1 +#endif + static void freekey(char *key, unsigned int type, isc_symvalue_t value, void *userarg) { UNUSED(type); @@ -118,10 +126,11 @@ check_orderent(const cfg_obj_t *ent, isc_log_t *logctx) { "rrset-order: missing ordering"); result = ISC_R_FAILURE; } else if (strcasecmp(cfg_obj_asstring(obj), "fixed") == 0) { +#if !DNS_RDATASET_FIXED cfg_obj_log(obj, logctx, ISC_LOG_WARNING, "rrset-order: order 'fixed' not fully implemented"); - } else if (/* strcasecmp(cfg_obj_asstring(obj), "fixed") != 0 && */ - strcasecmp(cfg_obj_asstring(obj), "random") != 0 && +#endif + } else if (strcasecmp(cfg_obj_asstring(obj), "random") != 0 && strcasecmp(cfg_obj_asstring(obj), "cyclic") != 0) { cfg_obj_log(obj, logctx, ISC_LOG_ERROR, "rrset-order: invalid order '%s'", @@ -272,7 +281,8 @@ disabled_algorithms(const cfg_obj_t *disabled, isc_log_t *logctx) { } if (tresult != ISC_R_SUCCESS) { cfg_obj_log(cfg_listelt_value(element), logctx, - ISC_LOG_ERROR, "invalid algorithm"); + ISC_LOG_ERROR, "invalid algorithm '%s'", + r.base); result = tresult; } } @@ -345,6 +355,56 @@ mustbesecure(const cfg_obj_t *secure, isc_symtab_t *symtab, isc_log_t *logctx, return (result); } +static isc_result_t +checkacl(const char *aclname, cfg_aclconfctx_t *actx, const cfg_obj_t *zconfig, + const cfg_obj_t *voptions, const cfg_obj_t *config, + isc_log_t *logctx, isc_mem_t *mctx) +{ + isc_result_t result; + const cfg_obj_t *aclobj = NULL; + const cfg_obj_t *options; + dns_acl_t *acl = NULL; + + if (zconfig != NULL) { + options = cfg_tuple_get(zconfig, "options"); + cfg_map_get(options, aclname, &aclobj); + } + if (voptions != NULL && aclobj == NULL) + cfg_map_get(voptions, aclname, &aclobj); + if (config != NULL && aclobj == NULL) { + options = NULL; + cfg_map_get(config, "options", &options); + if (options != NULL) + cfg_map_get(options, aclname, &aclobj); + } + if (aclobj == NULL) + return (ISC_R_SUCCESS); + result = cfg_acl_fromconfig(aclobj, config, logctx, actx, mctx, &acl); + if (acl != NULL) + dns_acl_detach(&acl); + return (result); +} + +static isc_result_t +check_viewacls(cfg_aclconfctx_t *actx, const cfg_obj_t *voptions, + const cfg_obj_t *config, isc_log_t *logctx, isc_mem_t *mctx) +{ + isc_result_t result = ISC_R_SUCCESS, tresult; + int i = 0; + + static const char *acls[] = { "allow-query", "allow-query-cache", + "allow-recursion", "blackhole", "match-clients", + "match-destinations", "sortlist", NULL }; + + while (acls[i] != NULL) { + tresult = checkacl(acls[i++], actx, NULL, voptions, config, + logctx, mctx); + if (tresult != ISC_R_SUCCESS) + result = tresult; + } + return (result); +} + typedef struct { const char *name; unsigned int scale; @@ -359,6 +419,10 @@ check_options(const cfg_obj_t *options, isc_log_t *logctx, isc_mem_t *mctx) { const cfg_obj_t *obj = NULL; const cfg_listelt_t *element; isc_symtab_t *symtab = NULL; + dns_fixedname_t fixed; + const char *str; + dns_name_t *name; + isc_buffer_t b; static intervaltable intervals[] = { { "cleaning-interval", 60, 28 * 24 * 60 }, /* 28 days */ @@ -458,6 +522,9 @@ check_options(const cfg_obj_t *options, isc_log_t *logctx, isc_mem_t *mctx) { } } + dns_fixedname_init(&fixed); + name = dns_fixedname_name(&fixed); + /* * Check the DLV zone name. */ @@ -472,16 +539,11 @@ check_options(const cfg_obj_t *options, isc_log_t *logctx, isc_mem_t *mctx) { element != NULL; element = cfg_list_next(element)) { - dns_fixedname_t fixedname; - dns_name_t *name; const char *dlv; - isc_buffer_t b; obj = cfg_listelt_value(element); dlv = cfg_obj_asstring(cfg_tuple_get(obj, "domain")); - dns_fixedname_init(&fixedname); - name = dns_fixedname_name(&fixedname); isc_buffer_init(&b, dlv, strlen(dlv)); isc_buffer_add(&b, strlen(dlv)); tresult = dns_name_fromtext(name, &b, dns_rootname, @@ -514,7 +576,6 @@ check_options(const cfg_obj_t *options, isc_log_t *logctx, isc_mem_t *mctx) { } dlv = cfg_obj_asstring(cfg_tuple_get(obj, "trust-anchor")); - dns_fixedname_init(&fixedname); isc_buffer_init(&b, dlv, strlen(dlv)); isc_buffer_add(&b, strlen(dlv)); tresult = dns_name_fromtext(name, &b, dns_rootname, @@ -554,6 +615,59 @@ check_options(const cfg_obj_t *options, isc_log_t *logctx, isc_mem_t *mctx) { isc_symtab_destroy(&symtab); } + /* + * Check empty zone configuration. + */ + obj = NULL; + (void)cfg_map_get(options, "empty-server", &obj); + if (obj != NULL) { + str = cfg_obj_asstring(obj); + isc_buffer_init(&b, str, strlen(str)); + isc_buffer_add(&b, strlen(str)); + tresult = dns_name_fromtext(dns_fixedname_name(&fixed), &b, + dns_rootname, ISC_FALSE, NULL); + if (tresult != ISC_R_SUCCESS) { + cfg_obj_log(obj, logctx, ISC_LOG_ERROR, + "empty-server: invalid name '%s'", str); + result = ISC_R_FAILURE; + } + } + + obj = NULL; + (void)cfg_map_get(options, "empty-contact", &obj); + if (obj != NULL) { + str = cfg_obj_asstring(obj); + isc_buffer_init(&b, str, strlen(str)); + isc_buffer_add(&b, strlen(str)); + tresult = dns_name_fromtext(dns_fixedname_name(&fixed), &b, + dns_rootname, ISC_FALSE, NULL); + if (tresult != ISC_R_SUCCESS) { + cfg_obj_log(obj, logctx, ISC_LOG_ERROR, + "empty-contact: invalid name '%s'", str); + result = ISC_R_FAILURE; + } + } + + obj = NULL; + (void)cfg_map_get(options, "disable-empty-zone", &obj); + for (element = cfg_list_first(obj); + element != NULL; + element = cfg_list_next(element)) + { + obj = cfg_listelt_value(element); + str = cfg_obj_asstring(obj); + isc_buffer_init(&b, str, strlen(str)); + isc_buffer_add(&b, strlen(str)); + tresult = dns_name_fromtext(dns_fixedname_name(&fixed), &b, + dns_rootname, ISC_FALSE, NULL); + if (tresult != ISC_R_SUCCESS) { + cfg_obj_log(obj, logctx, ISC_LOG_ERROR, + "disable-empty-zone: invalid name '%s'", + str); + result = ISC_R_FAILURE; + } + } + return (result); } @@ -679,12 +793,87 @@ validate_masters(const cfg_obj_t *obj, const cfg_obj_t *config, return (result); } +static isc_result_t +check_update_policy(const cfg_obj_t *policy, isc_log_t *logctx) { + isc_result_t result = ISC_R_SUCCESS; + isc_result_t tresult; + const cfg_listelt_t *element; + const cfg_listelt_t *element2; + dns_fixedname_t fixed; + const char *str; + isc_buffer_t b; + + for (element = cfg_list_first(policy); + element != NULL; + element = cfg_list_next(element)) + { + const cfg_obj_t *stmt = cfg_listelt_value(element); + const cfg_obj_t *identity = cfg_tuple_get(stmt, "identity"); + const cfg_obj_t *matchtype = cfg_tuple_get(stmt, "matchtype"); + const cfg_obj_t *dname = cfg_tuple_get(stmt, "name"); + const cfg_obj_t *typelist = cfg_tuple_get(stmt, "types"); + + dns_fixedname_init(&fixed); + str = cfg_obj_asstring(identity); + isc_buffer_init(&b, str, strlen(str)); + isc_buffer_add(&b, strlen(str)); + tresult = dns_name_fromtext(dns_fixedname_name(&fixed), &b, + dns_rootname, ISC_FALSE, NULL); + if (tresult != ISC_R_SUCCESS) { + cfg_obj_log(identity, logctx, ISC_LOG_ERROR, + "'%s' is not a valid name", str); + result = tresult; + } + + dns_fixedname_init(&fixed); + str = cfg_obj_asstring(dname); + isc_buffer_init(&b, str, strlen(str)); + isc_buffer_add(&b, strlen(str)); + tresult = dns_name_fromtext(dns_fixedname_name(&fixed), &b, + dns_rootname, ISC_FALSE, NULL); + if (tresult != ISC_R_SUCCESS) { + cfg_obj_log(dname, logctx, ISC_LOG_ERROR, + "'%s' is not a valid name", str); + result = tresult; + } + if (tresult == ISC_R_SUCCESS && + strcasecmp(cfg_obj_asstring(matchtype), "wildcard") == 0 && + !dns_name_iswildcard(dns_fixedname_name(&fixed))) { + cfg_obj_log(identity, logctx, ISC_LOG_ERROR, + "'%s' is not a wildcard", str); + result = ISC_R_FAILURE; + } + + for (element2 = cfg_list_first(typelist); + element2 != NULL; + element2 = cfg_list_next(element2)) + { + const cfg_obj_t *typeobj; + isc_textregion_t r; + dns_rdatatype_t type; + + typeobj = cfg_listelt_value(element2); + DE_CONST(cfg_obj_asstring(typeobj), r.base); + r.length = strlen(r.base); + + tresult = dns_rdatatype_fromtext(&type, &r); + if (tresult != ISC_R_SUCCESS) { + cfg_obj_log(typeobj, logctx, ISC_LOG_ERROR, + "'%s' is not a valid type", r.base); + result = tresult; + } + } + } + return (result); +} + #define MASTERZONE 1 #define SLAVEZONE 2 #define STUBZONE 4 #define HINTZONE 8 #define FORWARDZONE 16 #define DELEGATIONZONE 32 +#define CHECKACL 64 typedef struct { const char *name; @@ -692,8 +881,9 @@ typedef struct { } optionstable; static isc_result_t -check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *config, - isc_symtab_t *symtab, dns_rdataclass_t defclass, +check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions, + const cfg_obj_t *config, isc_symtab_t *symtab, + dns_rdataclass_t defclass, cfg_aclconfctx_t *actx, isc_log_t *logctx, isc_mem_t *mctx) { const char *zname; @@ -709,9 +899,9 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *config, isc_buffer_t b; static optionstable options[] = { - { "allow-query", MASTERZONE | SLAVEZONE | STUBZONE }, - { "allow-notify", SLAVEZONE }, - { "allow-transfer", MASTERZONE | SLAVEZONE }, + { "allow-query", MASTERZONE | SLAVEZONE | STUBZONE | CHECKACL }, + { "allow-notify", SLAVEZONE | CHECKACL }, + { "allow-transfer", MASTERZONE | SLAVEZONE | CHECKACL }, { "notify", MASTERZONE | SLAVEZONE }, { "also-notify", MASTERZONE | SLAVEZONE }, { "dialup", MASTERZONE | SLAVEZONE | STUBZONE }, @@ -734,9 +924,10 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *config, { "min-refresh-time", SLAVEZONE | STUBZONE }, { "sig-validity-interval", MASTERZONE }, { "zone-statistics", MASTERZONE | SLAVEZONE | STUBZONE }, - { "allow-update", MASTERZONE }, - { "allow-update-forwarding", SLAVEZONE }, + { "allow-update", MASTERZONE | CHECKACL }, + { "allow-update-forwarding", SLAVEZONE | CHECKACL }, { "file", MASTERZONE | SLAVEZONE | STUBZONE | HINTZONE }, + { "journal", MASTERZONE | SLAVEZONE }, { "ixfr-base", MASTERZONE | SLAVEZONE }, { "ixfr-tmp-file", MASTERZONE | SLAVEZONE }, { "masters", SLAVEZONE | STUBZONE }, @@ -744,6 +935,13 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *config, { "update-policy", MASTERZONE }, { "database", MASTERZONE | SLAVEZONE | STUBZONE }, { "key-directory", MASTERZONE }, + { "check-wildcard", MASTERZONE }, + { "check-mx", MASTERZONE }, + { "integrity-check", MASTERZONE }, + { "check-mx-cname", MASTERZONE }, + { "check-srv-cname", MASTERZONE }, + { "masterfile-format", MASTERZONE | SLAVEZONE | STUBZONE | HINTZONE }, + { "update-check-ksk", MASTERZONE }, }; static optionstable dialups[] = { @@ -835,6 +1033,7 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *config, /* * Look for inappropriate options for the given zone type. + * Check that ACLs expand correctly. */ for (i = 0; i < sizeof(options) / sizeof(options[0]); i++) { obj = NULL; @@ -855,6 +1054,16 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *config, "in '%s' zone '%s'", options[i].name, typestr, zname); } + obj = NULL; + if ((options[i].allowed & ztype) != 0 && + (options[i].allowed & CHECKACL) != 0) { + + tresult = checkacl(options[i].name, actx, zconfig, + voptions, config, logctx, mctx); + if (tresult != ISC_R_SUCCESS) + result = tresult; + } + } /* @@ -897,7 +1106,9 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *config, "when 'update-policy' is present", zname); result = ISC_R_FAILURE; - } + } else if (res2 == ISC_R_SUCCESS && + check_update_policy(obj, logctx) != ISC_R_SUCCESS) + result = ISC_R_FAILURE; } /* @@ -971,11 +1182,31 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *config, return (result); } + +typedef struct keyalgorithms { + const char *name; + isc_uint16_t size; +} algorithmtable; + isc_result_t bind9_check_key(const cfg_obj_t *key, isc_log_t *logctx) { const cfg_obj_t *algobj = NULL; const cfg_obj_t *secretobj = NULL; const char *keyname = cfg_obj_asstring(cfg_map_getname(key)); + const char *algorithm; + int i; + size_t len = 0; + static const algorithmtable algorithms[] = { + { "hmac-md5", 128 }, + { "hmac-md5.sig-alg.reg.int", 0 }, + { "hmac-md5.sig-alg.reg.int.", 0 }, + { "hmac-sha1", 160 }, + { "hmac-sha224", 224 }, + { "hmac-sha256", 256 }, + { "hmac-sha384", 384 }, + { "hmac-sha512", 512 }, + { NULL, 0 } + }; (void)cfg_map_get(key, "algorithm", &algobj); (void)cfg_map_get(key, "secret", &secretobj); @@ -986,6 +1217,56 @@ bind9_check_key(const cfg_obj_t *key, isc_log_t *logctx) { keyname); return (ISC_R_FAILURE); } + + algorithm = cfg_obj_asstring(algobj); + for (i = 0; algorithms[i].name != NULL; i++) { + len = strlen(algorithms[i].name); + if (strncasecmp(algorithms[i].name, algorithm, len) == 0 && + (algorithm[len] == '\0' || + (algorithms[i].size != 0 && algorithm[len] == '-'))) + break; + } + if (algorithms[i].name == NULL) { + cfg_obj_log(algobj, logctx, ISC_LOG_ERROR, + "unknown algorithm '%s'", algorithm); + return (ISC_R_NOTFOUND); + } + if (algorithm[len] == '-') { + isc_uint16_t digestbits; + isc_result_t result; + result = isc_parse_uint16(&digestbits, algorithm + len + 1, 10); + if (result == ISC_R_SUCCESS || result == ISC_R_RANGE) { + if (result == ISC_R_RANGE || + digestbits > algorithms[i].size) { + cfg_obj_log(algobj, logctx, ISC_LOG_ERROR, + "key '%s' digest-bits too large " + "[%u..%u]", keyname, + algorithms[i].size / 2, + algorithms[i].size); + return (ISC_R_RANGE); + } + if ((digestbits % 8) != 0) { + cfg_obj_log(algobj, logctx, ISC_LOG_ERROR, + "key '%s' digest-bits not multiple" + " of 8", keyname); + return (ISC_R_RANGE); + } + /* + * Recommended minima for hmac algorithms. + */ + if ((digestbits < (algorithms[i].size / 2U) || + (digestbits < 80U))) + cfg_obj_log(algobj, logctx, ISC_LOG_WARNING, + "key '%s' digest-bits too small " + "[<%u]", keyname, + algorithms[i].size/2); + } else { + cfg_obj_log(algobj, logctx, ISC_LOG_ERROR, + "key '%s': unable to parse digest-bits", + keyname); + return (result); + } + } return (ISC_R_SUCCESS); } @@ -1003,6 +1284,10 @@ check_keylist(const cfg_obj_t *keys, isc_symtab_t *symtab, isc_log_t *logctx) { const char *keyname = cfg_obj_asstring(cfg_map_getname(key)); isc_symvalue_t symvalue; + tresult = bind9_check_key(key, logctx); + if (tresult != ISC_R_SUCCESS) + return (tresult); + symvalue.as_cpointer = key; tresult = isc_symtab_define(symtab, keyname, 1, symvalue, isc_symexists_reject); @@ -1024,69 +1309,80 @@ check_keylist(const cfg_obj_t *keys, isc_symtab_t *symtab, isc_log_t *logctx) { result = tresult; } else if (tresult != ISC_R_SUCCESS) return (tresult); - - tresult = bind9_check_key(key, logctx); - if (tresult != ISC_R_SUCCESS) - return (tresult); } return (result); } +static struct { + const char *v4; + const char *v6; +} sources[] = { + { "transfer-source", "transfer-source-v6" }, + { "notify-source", "notify-source-v6" }, + { "query-source", "query-source-v6" }, + { NULL, NULL } +}; + static isc_result_t check_servers(const cfg_obj_t *servers, isc_log_t *logctx) { isc_result_t result = ISC_R_SUCCESS; - const cfg_listelt_t *e1; - const cfg_listelt_t *e2; - const cfg_obj_t *v1; - const cfg_obj_t *v2; - const isc_sockaddr_t *s1; - const isc_sockaddr_t *s2; - isc_netaddr_t na; - const cfg_obj_t *ts; - char buf[128]; + isc_result_t tresult; + const cfg_listelt_t *e1, *e2; + const cfg_obj_t *v1, *v2; + isc_netaddr_t n1, n2; + unsigned int p1, p2; + const cfg_obj_t *obj; + char buf[ISC_NETADDR_FORMATSIZE]; const char *xfr; - isc_buffer_t target; + int source; for (e1 = cfg_list_first(servers); e1 != NULL; e1 = cfg_list_next(e1)) { v1 = cfg_listelt_value(e1); - s1 = cfg_obj_assockaddr(cfg_map_getname(v1)); - ts = NULL; - if (isc_sockaddr_pf(s1) == AF_INET) - xfr = "transfer-source-v6"; - else - xfr = "transfer-source"; - (void)cfg_map_get(v1, xfr, &ts); - if (ts != NULL) { - isc_netaddr_fromsockaddr(&na, s1); - isc_buffer_init(&target, buf, sizeof(buf) - 1); - RUNTIME_CHECK(isc_netaddr_totext(&na, &target) - == ISC_R_SUCCESS); - buf[isc_buffer_usedlength(&target)] = '\0'; + cfg_obj_asnetprefix(cfg_map_getname(v1), &n1, &p1); + /* + * Check that unused bits are zero. + */ + tresult = isc_netaddr_prefixok(&n1, p1); + if (tresult != ISC_R_SUCCESS) { + INSIST(tresult == ISC_R_FAILURE); + isc_netaddr_format(&n1, buf, sizeof(buf)); cfg_obj_log(v1, logctx, ISC_LOG_ERROR, - "server '%s': %s not valid", buf, xfr); - result = ISC_R_FAILURE; + "server '%s/%u': invalid prefix " + "(extra bits specified)", buf, p1); + result = tresult; } + source = 0; + do { + obj = NULL; + if (n1.family == AF_INET) + xfr = sources[source].v6; + else + xfr = sources[source].v4; + (void)cfg_map_get(v1, xfr, &obj); + if (obj != NULL) { + isc_netaddr_format(&n1, buf, sizeof(buf)); + cfg_obj_log(v1, logctx, ISC_LOG_ERROR, + "server '%s': %s not legal", + buf, xfr); + result = ISC_R_FAILURE; + } + } while (sources[++source].v4 != NULL); e2 = e1; while ((e2 = cfg_list_next(e2)) != NULL) { v2 = cfg_listelt_value(e2); - s2 = cfg_obj_assockaddr(cfg_map_getname(v2)); - if (isc_sockaddr_eqaddr(s1, s2)) { + cfg_obj_asnetprefix(cfg_map_getname(v2), &n2, &p2); + if (p1 == p2 && isc_netaddr_equal(&n1, &n2)) { const char *file = cfg_obj_file(v1); unsigned int line = cfg_obj_line(v1); if (file == NULL) file = "<unknown file>"; - isc_netaddr_fromsockaddr(&na, s2); - isc_buffer_init(&target, buf, sizeof(buf) - 1); - RUNTIME_CHECK(isc_netaddr_totext(&na, &target) - == ISC_R_SUCCESS); - buf[isc_buffer_usedlength(&target)] = '\0'; - + isc_netaddr_format(&n2, buf, sizeof(buf)); cfg_obj_log(v2, logctx, ISC_LOG_ERROR, - "server '%s': already exists " + "server '%s/%u': already exists " "previous definition: %s:%u", - buf, file, line); + buf, p2, file, line); result = ISC_R_FAILURE; } } @@ -1095,7 +1391,7 @@ check_servers(const cfg_obj_t *servers, isc_log_t *logctx) { } static isc_result_t -check_viewconf(const cfg_obj_t *config, const cfg_obj_t *vconfig, +check_viewconf(const cfg_obj_t *config, const cfg_obj_t *voptions, dns_rdataclass_t vclass, isc_log_t *logctx, isc_mem_t *mctx) { const cfg_obj_t *servers = NULL; @@ -1105,6 +1401,9 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *vconfig, isc_symtab_t *symtab = NULL; isc_result_t result = ISC_R_SUCCESS; isc_result_t tresult = ISC_R_SUCCESS; + cfg_aclconfctx_t actx; + const cfg_obj_t *obj; + isc_boolean_t enablednssec, enablevalidation; /* * Check that all zone statements are syntactically correct and @@ -1115,8 +1414,10 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *vconfig, if (tresult != ISC_R_SUCCESS) return (ISC_R_NOMEMORY); - if (vconfig != NULL) - (void)cfg_map_get(vconfig, "zone", &zones); + cfg_aclconfctx_init(&actx); + + if (voptions != NULL) + (void)cfg_map_get(voptions, "zone", &zones); else (void)cfg_map_get(config, "zone", &zones); @@ -1127,8 +1428,8 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *vconfig, isc_result_t tresult; const cfg_obj_t *zone = cfg_listelt_value(element); - tresult = check_zoneconf(zone, config, symtab, vclass, - logctx, mctx); + tresult = check_zoneconf(zone, voptions, config, symtab, + vclass, &actx, logctx, mctx); if (tresult != ISC_R_SUCCESS) result = ISC_R_FAILURE; } @@ -1152,9 +1453,9 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *vconfig, return (tresult); } - if (vconfig != NULL) { + if (voptions != NULL) { keys = NULL; - (void)cfg_map_get(vconfig, "key", &keys); + (void)cfg_map_get(voptions, "key", &keys); tresult = check_keylist(keys, symtab, logctx); if (tresult == ISC_R_EXISTS) result = ISC_R_FAILURE; @@ -1169,55 +1470,349 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *vconfig, /* * Check that forwarding is reasonable. */ - if (vconfig == NULL) { + if (voptions == NULL) { const cfg_obj_t *options = NULL; (void)cfg_map_get(config, "options", &options); if (options != NULL) if (check_forward(options, logctx) != ISC_R_SUCCESS) result = ISC_R_FAILURE; } else { - if (check_forward(vconfig, logctx) != ISC_R_SUCCESS) + if (check_forward(voptions, logctx) != ISC_R_SUCCESS) result = ISC_R_FAILURE; } /* * Check that dual-stack-servers is reasonable. */ - if (vconfig == NULL) { + if (voptions == NULL) { const cfg_obj_t *options = NULL; (void)cfg_map_get(config, "options", &options); if (options != NULL) if (check_dual_stack(options, logctx) != ISC_R_SUCCESS) result = ISC_R_FAILURE; } else { - if (check_dual_stack(vconfig, logctx) != ISC_R_SUCCESS) + if (check_dual_stack(voptions, logctx) != ISC_R_SUCCESS) result = ISC_R_FAILURE; } /* * Check that rrset-order is reasonable. */ - if (vconfig != NULL) { - if (check_order(vconfig, logctx) != ISC_R_SUCCESS) + if (voptions != NULL) { + if (check_order(voptions, logctx) != ISC_R_SUCCESS) result = ISC_R_FAILURE; } - if (vconfig != NULL) { - (void)cfg_map_get(vconfig, "server", &servers); + if (voptions != NULL) { + (void)cfg_map_get(voptions, "server", &servers); if (servers != NULL && check_servers(servers, logctx) != ISC_R_SUCCESS) result = ISC_R_FAILURE; } - if (vconfig != NULL) - tresult = check_options(vconfig, logctx, mctx); + /* + * Check that dnssec-enable/dnssec-validation are sensible. + */ + obj = NULL; + if (voptions != NULL) + (void)cfg_map_get(voptions, "dnssec-enable", &obj); + if (obj == NULL) + (void)cfg_map_get(config, "dnssec-enable", &obj); + if (obj == NULL) + enablednssec = ISC_TRUE; + else + enablednssec = cfg_obj_asboolean(obj); + + obj = NULL; + if (voptions != NULL) + (void)cfg_map_get(voptions, "dnssec-validation", &obj); + if (obj == NULL) + (void)cfg_map_get(config, "dnssec-validation", &obj); + if (obj == NULL) + enablevalidation = ISC_FALSE; /* XXXMPA Change for 9.5. */ + else + enablevalidation = cfg_obj_asboolean(obj); + + if (enablevalidation && !enablednssec) + cfg_obj_log(obj, logctx, ISC_LOG_WARNING, + "'dnssec-validation yes;' and 'dnssec-enable no;'"); + + if (voptions != NULL) + tresult = check_options(voptions, logctx, mctx); else tresult = check_options(config, logctx, mctx); if (tresult != ISC_R_SUCCESS) result = tresult; + tresult = check_viewacls(&actx, voptions, config, logctx, mctx); + if (tresult != ISC_R_SUCCESS) + result = tresult; + + cfg_aclconfctx_destroy(&actx); + return (result); } +static const char * +default_channels[] = { + "default_syslog", + "default_stderr", + "default_debug", + "null", + NULL +}; + +static isc_result_t +bind9_check_logging(const cfg_obj_t *config, isc_log_t *logctx, + isc_mem_t *mctx) +{ + const cfg_obj_t *categories = NULL; + const cfg_obj_t *category; + const cfg_obj_t *channels = NULL; + const cfg_obj_t *channel; + const cfg_listelt_t *element; + const cfg_listelt_t *delement; + const char *channelname; + const char *catname; + const cfg_obj_t *fileobj = NULL; + const cfg_obj_t *syslogobj = NULL; + const cfg_obj_t *nullobj = NULL; + const cfg_obj_t *stderrobj = NULL; + const cfg_obj_t *logobj = NULL; + isc_result_t result = ISC_R_SUCCESS; + isc_result_t tresult; + isc_symtab_t *symtab = NULL; + isc_symvalue_t symvalue; + int i; + + (void)cfg_map_get(config, "logging", &logobj); + if (logobj == NULL) + return (ISC_R_SUCCESS); + + result = isc_symtab_create(mctx, 100, NULL, NULL, ISC_FALSE, &symtab); + if (result != ISC_R_SUCCESS) + return (result); + + symvalue.as_cpointer = NULL; + for (i = 0; default_channels[i] != NULL; i++) { + tresult = isc_symtab_define(symtab, default_channels[i], 1, + symvalue, isc_symexists_replace); + if (tresult != ISC_R_SUCCESS) + result = tresult; + } + + cfg_map_get(logobj, "channel", &channels); + + for (element = cfg_list_first(channels); + element != NULL; + element = cfg_list_next(element)) + { + channel = cfg_listelt_value(element); + channelname = cfg_obj_asstring(cfg_map_getname(channel)); + fileobj = syslogobj = nullobj = stderrobj = NULL; + (void)cfg_map_get(channel, "file", &fileobj); + (void)cfg_map_get(channel, "syslog", &syslogobj); + (void)cfg_map_get(channel, "null", &nullobj); + (void)cfg_map_get(channel, "stderr", &stderrobj); + i = 0; + if (fileobj != NULL) + i++; + if (syslogobj != NULL) + i++; + if (nullobj != NULL) + i++; + if (stderrobj != NULL) + i++; + if (i != 1) { + cfg_obj_log(channel, logctx, ISC_LOG_ERROR, + "channel '%s': exactly one of file, syslog, " + "null, and stderr must be present", + channelname); + result = ISC_R_FAILURE; + } + tresult = isc_symtab_define(symtab, channelname, 1, + symvalue, isc_symexists_replace); + if (tresult != ISC_R_SUCCESS) + result = tresult; + } + + cfg_map_get(logobj, "category", &categories); + + for (element = cfg_list_first(categories); + element != NULL; + element = cfg_list_next(element)) + { + category = cfg_listelt_value(element); + catname = cfg_obj_asstring(cfg_tuple_get(category, "name")); + if (isc_log_categorybyname(logctx, catname) == NULL) { + cfg_obj_log(category, logctx, ISC_LOG_ERROR, + "undefined category: '%s'", catname); + result = ISC_R_FAILURE; + } + channels = cfg_tuple_get(category, "destinations"); + for (delement = cfg_list_first(channels); + delement != NULL; + delement = cfg_list_next(delement)) + { + channel = cfg_listelt_value(delement); + channelname = cfg_obj_asstring(channel); + tresult = isc_symtab_lookup(symtab, channelname, 1, + &symvalue); + if (tresult != ISC_R_SUCCESS) { + cfg_obj_log(channel, logctx, ISC_LOG_ERROR, + "undefined channel: '%s'", + channelname); + result = tresult; + } + } + } + isc_symtab_destroy(&symtab); + return (result); +} + +static isc_result_t +key_exists(const cfg_obj_t *keylist, const char *keyname) { + const cfg_listelt_t *element; + const char *str; + const cfg_obj_t *obj; + + if (keylist == NULL) + return (ISC_R_NOTFOUND); + for (element = cfg_list_first(keylist); + element != NULL; + element = cfg_list_next(element)) + { + obj = cfg_listelt_value(element); + str = cfg_obj_asstring(cfg_map_getname(obj)); + if (strcasecmp(str, keyname) == 0) + return (ISC_R_SUCCESS); + } + return (ISC_R_NOTFOUND); +} + +static isc_result_t +bind9_check_controlskeys(const cfg_obj_t *control, const cfg_obj_t *keylist, + isc_log_t *logctx) +{ + isc_result_t result = ISC_R_SUCCESS, tresult; + const cfg_obj_t *control_keylist; + const cfg_listelt_t *element; + const cfg_obj_t *key; + + control_keylist = cfg_tuple_get(control, "keys"); + if (cfg_obj_isvoid(control_keylist)) + return (ISC_R_SUCCESS); + + for (element = cfg_list_first(control_keylist); + element != NULL; + element = cfg_list_next(element)) + { + key = cfg_listelt_value(element); + tresult = key_exists(keylist, cfg_obj_asstring(key)); + if (tresult != ISC_R_SUCCESS) { + cfg_obj_log(key, logctx, ISC_LOG_ERROR, + "unknown key '%s'", cfg_obj_asstring(key)); + result = tresult; + } + } + return (result); +} + +static isc_result_t +bind9_check_controls(const cfg_obj_t *config, isc_log_t *logctx, + isc_mem_t *mctx) +{ + isc_result_t result = ISC_R_SUCCESS, tresult; + cfg_aclconfctx_t actx; + const cfg_listelt_t *element, *element2; + const cfg_obj_t *allow; + const cfg_obj_t *control; + const cfg_obj_t *controls; + const cfg_obj_t *controlslist = NULL; + const cfg_obj_t *inetcontrols; + const cfg_obj_t *unixcontrols; + const cfg_obj_t *keylist = NULL; + const char *path; + isc_uint32_t perm, mask; + dns_acl_t *acl = NULL; + isc_sockaddr_t addr; + int i; + + (void)cfg_map_get(config, "controls", &controlslist); + if (controlslist == NULL) + return (ISC_R_SUCCESS); + + (void)cfg_map_get(config, "key", &keylist); + + cfg_aclconfctx_init(&actx); + + /* + * INET: Check allow clause. + * UNIX: Check "perm" for sanity, check path length. + */ + for (element = cfg_list_first(controlslist); + element != NULL; + element = cfg_list_next(element)) { + controls = cfg_listelt_value(element); + unixcontrols = NULL; + inetcontrols = NULL; + (void)cfg_map_get(controls, "unix", &unixcontrols); + (void)cfg_map_get(controls, "inet", &inetcontrols); + for (element2 = cfg_list_first(inetcontrols); + element2 != NULL; + element2 = cfg_list_next(element2)) { + control = cfg_listelt_value(element2); + allow = cfg_tuple_get(control, "allow"); + tresult = cfg_acl_fromconfig(allow, config, logctx, + &actx, mctx, &acl); + if (acl != NULL) + dns_acl_detach(&acl); + if (tresult != ISC_R_SUCCESS) + result = tresult; + tresult = bind9_check_controlskeys(control, keylist, + logctx); + if (tresult != ISC_R_SUCCESS) + result = tresult; + } + for (element2 = cfg_list_first(unixcontrols); + element2 != NULL; + element2 = cfg_list_next(element2)) { + control = cfg_listelt_value(element2); + path = cfg_obj_asstring(cfg_tuple_get(control, "path")); + tresult = isc_sockaddr_frompath(&addr, path); + if (tresult == ISC_R_NOSPACE) { + cfg_obj_log(control, logctx, ISC_LOG_ERROR, + "unix control '%s': path too long", + path); + result = ISC_R_NOSPACE; + } + perm = cfg_obj_asuint32(cfg_tuple_get(control, "perm")); + for (i = 0; i < 3; i++) { +#ifdef NEED_SECURE_DIRECTORY + mask = (0x1 << (i*3)); /* SEARCH */ +#else + mask = (0x6 << (i*3)); /* READ + WRITE */ +#endif + if ((perm & mask) == mask) + break; + } + if (i == 0) { + cfg_obj_log(control, logctx, ISC_LOG_WARNING, + "unix control '%s' allows access " + "to everyone", path); + } else if (i == 3) { + cfg_obj_log(control, logctx, ISC_LOG_WARNING, + "unix control '%s' allows access " + "to nobody", path); + } + tresult = bind9_check_controlskeys(control, keylist, + logctx); + if (tresult != ISC_R_SUCCESS) + result = tresult; + } + } + cfg_aclconfctx_destroy(&actx); + return (result); +} isc_result_t bind9_check_namedconf(const cfg_obj_t *config, isc_log_t *logctx, @@ -1248,6 +1843,12 @@ bind9_check_namedconf(const cfg_obj_t *config, isc_log_t *logctx, check_servers(servers, logctx) != ISC_R_SUCCESS) result = ISC_R_FAILURE; + if (bind9_check_logging(config, logctx, mctx) != ISC_R_SUCCESS) + result = ISC_R_FAILURE; + + if (bind9_check_controls(config, logctx, mctx) != ISC_R_SUCCESS) + result = ISC_R_FAILURE; + if (options != NULL && check_order(options, logctx) != ISC_R_SUCCESS) result = ISC_R_FAILURE; diff --git a/usr.sbin/bind/lib/bind9/include/Makefile.in b/usr.sbin/bind/lib/bind9/include/Makefile.in index f3464548688..a69a1cc5293 100644 --- a/usr.sbin/bind/lib/bind9/include/Makefile.in +++ b/usr.sbin/bind/lib/bind9/include/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.1.200.3 2004/03/08 09:04:27 marka Exp $ +# $ISC: Makefile.in,v 1.2 2004/03/05 05:09:08 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/bind9/include/bind9/Makefile.in b/usr.sbin/bind/lib/bind9/include/bind9/Makefile.in index a75c355e67d..17e35e6af72 100644 --- a/usr.sbin/bind/lib/bind9/include/bind9/Makefile.in +++ b/usr.sbin/bind/lib/bind9/include/bind9/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.5.200.4 2004/03/08 09:04:28 marka Exp $ +# $ISC: Makefile.in,v 1.6 2004/03/05 05:09:10 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/bind9/include/bind9/check.h b/usr.sbin/bind/lib/bind9/include/bind9/check.h index efc0671dcb8..a6f8461d4e7 100644 --- a/usr.sbin/bind/lib/bind9/include/bind9/check.h +++ b/usr.sbin/bind/lib/bind9/include/bind9/check.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: check.h,v 1.1.200.6 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: check.h,v 1.2.18.4 2006/03/02 00:37:21 marka Exp $ */ #ifndef BIND9_CHECK_H #define BIND9_CHECK_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/types.h> @@ -30,24 +32,24 @@ ISC_LANG_BEGINDECLS isc_result_t bind9_check_namedconf(const cfg_obj_t *config, isc_log_t *logctx, isc_mem_t *mctx); -/* +/*%< * Check the syntactic validity of a configuration parse tree generated from * a named.conf file. * * Requires: - * config is a valid parse tree + *\li config is a valid parse tree * - * logctx is a valid logging context. + *\li logctx is a valid logging context. * * Returns: - * ISC_R_SUCCESS - * ISC_R_FAILURE + * \li #ISC_R_SUCCESS + * \li #ISC_R_FAILURE */ isc_result_t bind9_check_key(const cfg_obj_t *config, isc_log_t *logctx); -/* - * As above, but for a single 'key' statement. +/*%< + * Same as bind9_check_namedconf(), but for a single 'key' statement. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/bind9/include/bind9/getaddresses.h b/usr.sbin/bind/lib/bind9/include/bind9/getaddresses.h index 162a748185f..8af0f00692e 100644 --- a/usr.sbin/bind/lib/bind9/include/bind9/getaddresses.h +++ b/usr.sbin/bind/lib/bind9/include/bind9/getaddresses.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: getaddresses.h,v 1.2.200.3 2004/03/08 09:04:28 marka Exp $ */ +/* $ISC: getaddresses.h,v 1.3.18.2 2005/04/29 00:15:48 marka Exp $ */ #ifndef BIND9_GETADDRESSES_H #define BIND9_GETADDRESSES_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/types.h> @@ -30,7 +32,7 @@ ISC_LANG_BEGINDECLS isc_result_t bind9_getaddresses(const char *hostname, in_port_t port, isc_sockaddr_t *addrs, int addrsize, int *addrcount); -/* +/*%< * Use the system resolver to get the addresses associated with a hostname. * If successful, the number of addresses found is returned in 'addrcount'. * If a hostname lookup is performed and addresses of an unknown family is @@ -41,16 +43,16 @@ bind9_getaddresses(const char *hostname, in_port_t port, * framework, it should be surounded by isc_app_block()/isc_app_unblock(). * * Requires: - * 'hostname' is not NULL. - * 'addrs' is not NULL. - * 'addrsize' > 0 - * 'addrcount' is not NULL. + *\li 'hostname' is not NULL. + *\li 'addrs' is not NULL. + *\li 'addrsize' > 0 + *\li 'addrcount' is not NULL. * * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOTFOUND - * ISC_R_NOFAMILYSUPPORT - 'hostname' is an IPv6 address, and IPv6 is + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOTFOUND + *\li #ISC_R_NOFAMILYSUPPORT - 'hostname' is an IPv6 address, and IPv6 is * not supported. */ diff --git a/usr.sbin/bind/lib/bind9/include/bind9/version.h b/usr.sbin/bind/lib/bind9/include/bind9/version.h index 092fb2420fe..2ef93a7557c 100644 --- a/usr.sbin/bind/lib/bind9/include/bind9/version.h +++ b/usr.sbin/bind/lib/bind9/include/bind9/version.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: version.h,v 1.2.208.3 2004/03/08 09:04:28 marka Exp $ */ +/* $ISC: version.h,v 1.3.18.2 2005/04/29 00:15:48 marka Exp $ */ + +/*! \file */ #include <isc/platform.h> diff --git a/usr.sbin/bind/lib/bind9/version.c b/usr.sbin/bind/lib/bind9/version.c index 40cf3296d34..688267b492b 100644 --- a/usr.sbin/bind/lib/bind9/version.c +++ b/usr.sbin/bind/lib/bind9/version.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: version.c,v 1.3.200.4 2004/03/08 09:04:27 marka Exp $ */ +/* $ISC: version.c,v 1.4.18.2 2005/04/29 00:15:47 marka Exp $ */ + +/*! \file */ #include <bind9/version.h> diff --git a/usr.sbin/bind/lib/dns/acache.c b/usr.sbin/bind/lib/dns/acache.c new file mode 100644 index 00000000000..c318b7548b9 --- /dev/null +++ b/usr.sbin/bind/lib/dns/acache.c @@ -0,0 +1,1778 @@ +/* + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: acache.c,v 1.3.2.16 2006/07/19 00:34:56 marka Exp $ */ + +#include <config.h> + +#include <isc/atomic.h> +#include <isc/event.h> +#include <isc/hash.h> +#include <isc/magic.h> +#include <isc/mem.h> +#include <isc/mutex.h> +#include <isc/random.h> +#include <isc/refcount.h> +#include <isc/rwlock.h> +#include <isc/task.h> +#include <isc/time.h> +#include <isc/timer.h> + +#include <dns/acache.h> +#include <dns/db.h> +#include <dns/events.h> +#include <dns/log.h> +#include <dns/message.h> +#include <dns/name.h> +#include <dns/rdataset.h> +#include <dns/result.h> +#include <dns/zone.h> + +#define ACACHE_MAGIC ISC_MAGIC('A', 'C', 'H', 'E') +#define DNS_ACACHE_VALID(acache) ISC_MAGIC_VALID(acache, ACACHE_MAGIC) + +#define ACACHEENTRY_MAGIC ISC_MAGIC('A', 'C', 'E', 'T') +#define DNS_ACACHEENTRY_VALID(entry) ISC_MAGIC_VALID(entry, ACACHEENTRY_MAGIC) + +#define DBBUCKETS 67 + +#if 0 +#define ATRACE(m) isc_log_write(dns_lctx, \ + DNS_LOGCATEGORY_DATABASE, \ + DNS_LOGMODULE_ACACHE, \ + ISC_LOG_DEBUG(3), \ + "acache %p: %s", acache, (m)) +#define AATRACE(a,m) isc_log_write(dns_lctx, \ + DNS_LOGCATEGORY_DATABASE, \ + DNS_LOGMODULE_ACACHE, \ + ISC_LOG_DEBUG(3), \ + "acache %p: %s", (a), (m)) +#else +#define ATRACE(m) +#define AATRACE(a, m) +#endif + +/* + * The following variables control incremental cleaning. + * MINSIZE is how many bytes is the floor for dns_acache_setcachesize(). + * CLEANERINCREMENT is how many entries are examined in one pass. + * (XXX simply derived from definitions in cache.c There may be better + * constants here.) + */ +#define DNS_ACACHE_MINSIZE 2097152 /* Bytes. 2097152 = 2 MB */ +#define DNS_ACACHE_CLEANERINCREMENT 1000 /* Number of entries. */ + +#define DEFAULT_ACACHE_ENTRY_LOCK_COUNT 1009 /*%< Should be prime. */ + +#if defined(ISC_RWLOCK_USEATOMIC) && defined(ISC_PLATFORM_HAVEATOMICSTORE) +#define ACACHE_USE_RWLOCK 1 +#endif + +#ifdef ACACHE_USE_RWLOCK +#define ACACHE_INITLOCK(l) isc_rwlock_init((l), 0, 0) +#define ACACHE_DESTROYLOCK(l) isc_rwlock_destroy(l) +#define ACACHE_LOCK(l, t) RWLOCK((l), (t)) +#define ACACHE_UNLOCK(l, t) RWUNLOCK((l), (t)) + +#define acache_storetime(entry, t) \ + (isc_atomic_store((isc_int32_t *)&(entry)->lastused, (t))) +#else +#define ACACHE_INITLOCK(l) isc_mutex_init(l) +#define ACACHE_DESTROYLOCK(l) DESTROYLOCK(l) +#define ACACHE_LOCK(l, t) LOCK(l) +#define ACACHE_UNLOCK(l, t) UNLOCK(l) + +#define acache_storetime(entry, t) ((entry)->lastused = (t)) +#endif + +/* Locked by acache lock */ +typedef struct dbentry { + ISC_LINK(struct dbentry) link; + + dns_db_t *db; + ISC_LIST(dns_acacheentry_t) originlist; + ISC_LIST(dns_acacheentry_t) referlist; +} dbentry_t; + +typedef ISC_LIST(dbentry_t) dbentrylist_t; + +typedef struct acache_cleaner acache_cleaner_t; + +typedef enum { + cleaner_s_idle, /* Waiting for cleaning-interval to expire. */ + cleaner_s_busy, /* Currently cleaning. */ + cleaner_s_done /* Freed enough memory after being overmem. */ +} cleaner_state_t; + +/* + * Convenience macros for comprehensive assertion checking. + */ +#define CLEANER_IDLE(c) ((c)->state == cleaner_s_idle && \ + (c)->resched_event != NULL) +#define CLEANER_BUSY(c) ((c)->state == cleaner_s_busy && \ + (c)->resched_event == NULL) + +struct acache_cleaner { + isc_mutex_t lock; + /* + * Locks overmem_event, overmem. (See cache.c) + */ + + dns_acache_t *acache; + unsigned int cleaning_interval; /* The cleaning-interval + from named.conf, + in seconds. */ + + isc_stdtime_t last_cleanup_time; /* The time when the last + cleanup task completed */ + + isc_timer_t *cleaning_timer; + isc_event_t *resched_event; /* Sent by cleaner task to + itself to reschedule */ + isc_event_t *overmem_event; + + dns_acacheentry_t *current_entry; /* The bookmark entry to + restart the cleaning. + Locked by acache lock. */ + int increment; /* Number of entries to + clean in one increment */ + + unsigned long ncleaned; /* Number of entries cleaned + up (for logging purposes) */ + cleaner_state_t state; /* Idle/Busy/Done. */ + isc_boolean_t overmem; /* The acache is in an overmem + state. */ +}; + +struct dns_acachestats { + unsigned int hits; + unsigned int queries; + unsigned int misses; + unsigned int adds; + unsigned int deleted; + unsigned int cleaned; + unsigned int cleaner_runs; + unsigned int overmem; + unsigned int overmem_nocreates; + unsigned int nomem; +}; + +/* + * The actual acache object. + */ + +struct dns_acache { + unsigned int magic; + + isc_mem_t *mctx; + isc_refcount_t refs; + +#ifdef ACACHE_USE_RWLOCK + isc_rwlock_t *entrylocks; +#else + isc_mutex_t *entrylocks; +#endif + + isc_mutex_t lock; + + int live_cleaners; + acache_cleaner_t cleaner; + ISC_LIST(dns_acacheentry_t) entries; + unsigned int dbentries; + dbentrylist_t dbbucket[DBBUCKETS]; + + isc_boolean_t shutting_down; + + isc_task_t *task; + isc_event_t cevent; + isc_boolean_t cevent_sent; + + dns_acachestats_t stats; +}; + +struct dns_acacheentry { + unsigned int magic; + + unsigned int locknum; + isc_refcount_t references; + + dns_acache_t *acache; + + /* Data for Management of cache entries */ + ISC_LINK(dns_acacheentry_t) link; + ISC_LINK(dns_acacheentry_t) olink; + ISC_LINK(dns_acacheentry_t) rlink; + + dns_db_t *origdb; /* reference to the DB + holding this entry */ + + /* Cache data */ + dns_zone_t *zone; /* zone this entry + belongs to */ + dns_db_t *db; /* DB this entry belongs to */ + dns_dbversion_t *version; /* the version of the DB */ + dns_dbnode_t *node; /* node this entry + belongs to */ + dns_name_t *foundname; /* corresponding DNS name + and rdataset */ + + /* Callback function and its argument */ + void (*callback)(dns_acacheentry_t *, void **); + void *cbarg; + + /* Timestamp of the last time this entry is referred to */ + isc_stdtime32_t lastused; +}; + +/* + * Internal functions (and prototypes). + */ +static inline isc_boolean_t check_noentry(dns_acache_t *acache); +static void destroy(dns_acache_t *acache); +static void shutdown_entries(dns_acache_t *acache); +static void shutdown_buckets(dns_acache_t *acache); +static void destroy_entry(dns_acacheentry_t *ent); +static inline void unlink_dbentries(dns_acache_t *acache, + dns_acacheentry_t *ent); +static inline isc_result_t finddbent(dns_acache_t *acache, + dns_db_t *db, dbentry_t **dbentryp); +static inline void clear_entry(dns_acache_t *acache, dns_acacheentry_t *entry); +static isc_result_t acache_cleaner_init(dns_acache_t *acache, + isc_timermgr_t *timermgr, + acache_cleaner_t *cleaner); +static void acache_cleaning_timer_action(isc_task_t *task, isc_event_t *event); +static void acache_incremental_cleaning_action(isc_task_t *task, + isc_event_t *event); +static void acache_overmem_cleaning_action(isc_task_t *task, + isc_event_t *event); +static void acache_cleaner_shutdown_action(isc_task_t *task, + isc_event_t *event); + +/* + * acache should be locked. If it is not, the stats can get out of whack, + * which is not a big deal for us since this is for debugging / stats + */ +static void +reset_stats(dns_acache_t *acache) { + acache->stats.hits = 0; + acache->stats.queries = 0; + acache->stats.misses = 0; + acache->stats.adds = 0; + acache->stats.deleted = 0; + acache->stats.cleaned = 0; + acache->stats.overmem = 0; + acache->stats.overmem_nocreates = 0; + acache->stats.nomem = 0; +} + +/* + * The acache must be locked before calling. + */ +static inline isc_boolean_t +check_noentry(dns_acache_t *acache) { + if (ISC_LIST_EMPTY(acache->entries) && acache->dbentries == 0) { + return (ISC_TRUE); + } + + return (ISC_FALSE); +} + +/* + * The acache must be locked before calling. + */ +static void +shutdown_entries(dns_acache_t *acache) { + dns_acacheentry_t *entry, *entry_next; + + REQUIRE(DNS_ACACHE_VALID(acache)); + INSIST(acache->shutting_down); + + /* + * Release the dependency of all entries, and detach them. + */ + for (entry = ISC_LIST_HEAD(acache->entries); + entry != NULL; + entry = entry_next) { + entry_next = ISC_LIST_NEXT(entry, link); + + ACACHE_LOCK(&acache->entrylocks[entry->locknum], + isc_rwlocktype_write); + + /* + * If the cleaner holds this entry, it will be unlinked and + * freed in the cleaner later. + */ + if (acache->cleaner.current_entry != entry) + ISC_LIST_UNLINK(acache->entries, entry, link); + unlink_dbentries(acache, entry); + if (entry->callback != NULL) { + (entry->callback)(entry, &entry->cbarg); + entry->callback = NULL; + } + + ACACHE_UNLOCK(&acache->entrylocks[entry->locknum], + isc_rwlocktype_write); + + if (acache->cleaner.current_entry != entry) + dns_acache_detachentry(&entry); + } +} + +/* + * The acache must be locked before calling. + */ +static void +shutdown_buckets(dns_acache_t *acache) { + int i; + dbentry_t *dbent; + + REQUIRE(DNS_ACACHE_VALID(acache)); + INSIST(acache->shutting_down); + + for (i = 0; i < DBBUCKETS; i++) { + while ((dbent = ISC_LIST_HEAD(acache->dbbucket[i])) != NULL) { + INSIST(ISC_LIST_EMPTY(dbent->originlist) && + ISC_LIST_EMPTY(dbent->referlist)); + ISC_LIST_UNLINK(acache->dbbucket[i], dbent, link); + + dns_db_detach(&dbent->db); + + isc_mem_put(acache->mctx, dbent, sizeof(*dbent)); + + acache->dbentries--; + } + } + + INSIST(acache->dbentries == 0); +} + +static void +shutdown_task(isc_task_t *task, isc_event_t *ev) { + dns_acache_t *acache; + + UNUSED(task); + + acache = ev->ev_arg; + INSIST(DNS_ACACHE_VALID(acache)); + + isc_event_free(&ev); + + LOCK(&acache->lock); + + shutdown_entries(acache); + shutdown_buckets(acache); + + UNLOCK(&acache->lock); + + dns_acache_detach(&acache); +} + +/* The acache and the entry must be locked before calling. */ +static inline void +unlink_dbentries(dns_acache_t *acache, dns_acacheentry_t *ent) { + isc_result_t result; + dbentry_t *dbent; + + if (ISC_LINK_LINKED(ent, olink)) { + INSIST(ent->origdb != NULL); + dbent = NULL; + result = finddbent(acache, ent->origdb, &dbent); + INSIST(result == ISC_R_SUCCESS); + + ISC_LIST_UNLINK(dbent->originlist, ent, olink); + } + if (ISC_LINK_LINKED(ent, rlink)) { + INSIST(ent->db != NULL); + dbent = NULL; + result = finddbent(acache, ent->db, &dbent); + INSIST(result == ISC_R_SUCCESS); + + ISC_LIST_UNLINK(dbent->referlist, ent, rlink); + } +} + +/* There must not be a reference to this entry. */ +static void +destroy_entry(dns_acacheentry_t *entry) { + dns_acache_t *acache; + + REQUIRE(DNS_ACACHEENTRY_VALID(entry)); + + acache = entry->acache; + REQUIRE(DNS_ACACHE_VALID(acache)); + + /* + * Since there is no reference to this entry, it is safe to call + * clear_entry() here. + */ + clear_entry(acache, entry); + + isc_mem_put(acache->mctx, entry, sizeof(*entry)); + + dns_acache_detach(&acache); +} + +static void +destroy(dns_acache_t *acache) { + int i; + + REQUIRE(DNS_ACACHE_VALID(acache)); + + ATRACE("destroy"); + + isc_mem_setwater(acache->mctx, NULL, NULL, 0, 0); + + if (acache->cleaner.overmem_event != NULL) + isc_event_free(&acache->cleaner.overmem_event); + + if (acache->cleaner.resched_event != NULL) + isc_event_free(&acache->cleaner.resched_event); + + if (acache->task != NULL) + isc_task_detach(&acache->task); + + for (i = 0; i < DEFAULT_ACACHE_ENTRY_LOCK_COUNT; i++) + ACACHE_DESTROYLOCK(&acache->entrylocks[i]); + isc_mem_put(acache->mctx, acache->entrylocks, + sizeof(*acache->entrylocks) * + DEFAULT_ACACHE_ENTRY_LOCK_COUNT); + + DESTROYLOCK(&acache->cleaner.lock); + + DESTROYLOCK(&acache->lock); + acache->magic = 0; + + isc_mem_putanddetach(&acache->mctx, acache, sizeof(*acache)); +} + +static inline isc_result_t +finddbent(dns_acache_t *acache, dns_db_t *db, dbentry_t **dbentryp) { + int bucket; + dbentry_t *dbentry; + + REQUIRE(DNS_ACACHE_VALID(acache)); + REQUIRE(db != NULL); + REQUIRE(dbentryp != NULL && *dbentryp == NULL); + + /* + * The caller must be holding the acache lock. + */ + + bucket = isc_hash_calc((const unsigned char *)&db, + sizeof(db), ISC_TRUE) % DBBUCKETS; + + for (dbentry = ISC_LIST_HEAD(acache->dbbucket[bucket]); + dbentry != NULL; + dbentry = ISC_LIST_NEXT(dbentry, link)) { + if (dbentry->db == db) + break; + } + + *dbentryp = dbentry; + + if (dbentry == NULL) + return (ISC_R_NOTFOUND); + else + return (ISC_R_SUCCESS); +} + +static inline void +clear_entry(dns_acache_t *acache, dns_acacheentry_t *entry) { + REQUIRE(DNS_ACACHE_VALID(acache)); + REQUIRE(DNS_ACACHEENTRY_VALID(entry)); + + /* + * The caller must be holing the entry lock. + */ + + if (entry->foundname) { + dns_rdataset_t *rdataset, *rdataset_next; + + for (rdataset = ISC_LIST_HEAD(entry->foundname->list); + rdataset != NULL; + rdataset = rdataset_next) { + rdataset_next = ISC_LIST_NEXT(rdataset, link); + ISC_LIST_UNLINK(entry->foundname->list, + rdataset, link); + dns_rdataset_disassociate(rdataset); + isc_mem_put(acache->mctx, rdataset, sizeof(*rdataset)); + } + if (dns_name_dynamic(entry->foundname)) + dns_name_free(entry->foundname, acache->mctx); + isc_mem_put(acache->mctx, entry->foundname, + sizeof(*entry->foundname)); + entry->foundname = NULL; + } + + if (entry->node != NULL) { + INSIST(entry->db != NULL); + dns_db_detachnode(entry->db, &entry->node); + } + if (entry->version != NULL) { + INSIST(entry->db != NULL); + dns_db_closeversion(entry->db, &entry->version, ISC_FALSE); + } + if (entry->db != NULL) + dns_db_detach(&entry->db); + if (entry->zone != NULL) + dns_zone_detach(&entry->zone); + + if (entry->origdb != NULL) + dns_db_detach(&entry->origdb); +} + +static isc_result_t +acache_cleaner_init(dns_acache_t *acache, isc_timermgr_t *timermgr, + acache_cleaner_t *cleaner) +{ + int result; + + ATRACE("acache cleaner init"); + + result = isc_mutex_init(&cleaner->lock); + if (result != ISC_R_SUCCESS) + goto fail; + + cleaner->increment = DNS_ACACHE_CLEANERINCREMENT; + cleaner->state = cleaner_s_idle; + cleaner->acache = acache; + cleaner->overmem = ISC_FALSE; + + cleaner->cleaning_timer = NULL; + cleaner->resched_event = NULL; + cleaner->overmem_event = NULL; + cleaner->current_entry = NULL; + + if (timermgr != NULL) { + cleaner->acache->live_cleaners++; + + result = isc_task_onshutdown(acache->task, + acache_cleaner_shutdown_action, + acache); + if (result != ISC_R_SUCCESS) { + UNEXPECTED_ERROR(__FILE__, __LINE__, + "acache cleaner: " + "isc_task_onshutdown() failed: %s", + dns_result_totext(result)); + goto cleanup; + } + + cleaner->cleaning_interval = 0; /* Initially turned off. */ + isc_stdtime_get(&cleaner->last_cleanup_time); + result = isc_timer_create(timermgr, isc_timertype_inactive, + NULL, NULL, + acache->task, + acache_cleaning_timer_action, + cleaner, &cleaner->cleaning_timer); + if (result != ISC_R_SUCCESS) { + UNEXPECTED_ERROR(__FILE__, __LINE__, + "isc_timer_create() failed: %s", + dns_result_totext(result)); + result = ISC_R_UNEXPECTED; + goto cleanup; + } + + cleaner->resched_event = + isc_event_allocate(acache->mctx, cleaner, + DNS_EVENT_ACACHECLEAN, + acache_incremental_cleaning_action, + cleaner, sizeof(isc_event_t)); + if (cleaner->resched_event == NULL) { + result = ISC_R_NOMEMORY; + goto cleanup; + } + + cleaner->overmem_event = + isc_event_allocate(acache->mctx, cleaner, + DNS_EVENT_ACACHEOVERMEM, + acache_overmem_cleaning_action, + cleaner, sizeof(isc_event_t)); + if (cleaner->overmem_event == NULL) { + result = ISC_R_NOMEMORY; + goto cleanup; + } + } + + return (ISC_R_SUCCESS); + + cleanup: + if (cleaner->overmem_event != NULL) + isc_event_free(&cleaner->overmem_event); + if (cleaner->resched_event != NULL) + isc_event_free(&cleaner->resched_event); + if (cleaner->cleaning_timer != NULL) + isc_timer_detach(&cleaner->cleaning_timer); + cleaner->acache->live_cleaners--; + DESTROYLOCK(&cleaner->lock); + fail: + return (result); +} + +static void +begin_cleaning(acache_cleaner_t *cleaner) { + dns_acacheentry_t *head; + dns_acache_t *acache = cleaner->acache; + + /* + * This function does not have to lock the cleaner, since critical + * parameters (except current_entry, which is locked by acache lock,) + * are only used in a single task context. + */ + + REQUIRE(CLEANER_IDLE(cleaner)); + INSIST(DNS_ACACHE_VALID(acache)); + INSIST(cleaner->current_entry == NULL); + + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_ACACHE, ISC_LOG_DEBUG(1), + "begin acache cleaning, mem inuse %lu", + (unsigned long)isc_mem_inuse(cleaner->acache->mctx)); + + LOCK(&acache->lock); + + head = ISC_LIST_HEAD(acache->entries); + if (head != NULL) + dns_acache_attachentry(head, &cleaner->current_entry); + + UNLOCK(&acache->lock); + + if (cleaner->current_entry != NULL) { + cleaner->ncleaned = 0; + cleaner->state = cleaner_s_busy; + isc_task_send(acache->task, &cleaner->resched_event); + } + + return; +} + +static void +end_cleaning(acache_cleaner_t *cleaner, isc_event_t *event) { + dns_acache_t *acache = cleaner->acache; + + REQUIRE(CLEANER_BUSY(cleaner)); + REQUIRE(event != NULL); + REQUIRE(DNS_ACACHEENTRY_VALID(cleaner->current_entry)); + + /* No need to lock the cleaner (see begin_cleaning()). */ + + LOCK(&acache->lock); + + /* + * Even if the cleaner has the last reference to the entry, which means + * the entry has been unused, it may still be linked if unlinking the + * entry has been delayed due to the reference. + */ + if (isc_refcount_current(&cleaner->current_entry->references) == 1) { + INSIST(cleaner->current_entry->callback == NULL); + + if (ISC_LINK_LINKED(cleaner->current_entry, link)) { + ISC_LIST_UNLINK(acache->entries, + cleaner->current_entry, link); + } + } + dns_acache_detachentry(&cleaner->current_entry); + + if (cleaner->overmem) + acache->stats.overmem++; + acache->stats.cleaned += cleaner->ncleaned; + acache->stats.cleaner_runs++; + + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, DNS_LOGMODULE_ACACHE, + ISC_LOG_NOTICE, + "acache %p stats: hits=%d misses=%d queries=%d " + "adds=%d deleted=%d " + "cleaned=%d cleaner_runs=%d overmem=%d " + "overmem_nocreates=%d nomem=%d", + acache, + acache->stats.hits, acache->stats.misses, + acache->stats.queries, + acache->stats.adds, acache->stats.deleted, + acache->stats.cleaned, acache->stats.cleaner_runs, + acache->stats.overmem, acache->stats.overmem_nocreates, + acache->stats.nomem); + reset_stats(acache); + + isc_stdtime_get(&cleaner->last_cleanup_time); + + UNLOCK(&acache->lock); + + dns_acache_setcleaninginterval(cleaner->acache, + cleaner->cleaning_interval); + + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, DNS_LOGMODULE_ACACHE, + ISC_LOG_DEBUG(1), "end acache cleaning, " + "%lu entries cleaned, mem inuse %lu", + cleaner->ncleaned, + (unsigned long)isc_mem_inuse(cleaner->acache->mctx)); + + if (cleaner->overmem) { + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_ACACHE, ISC_LOG_NOTICE, + "acache is still in overmem state " + "after cleaning"); + } + + cleaner->ncleaned = 0; + cleaner->state = cleaner_s_idle; + cleaner->resched_event = event; +} + +/* + * This is run once for every acache-cleaning-interval as defined + * in named.conf. + */ +static void +acache_cleaning_timer_action(isc_task_t *task, isc_event_t *event) { + acache_cleaner_t *cleaner = event->ev_arg; + + UNUSED(task); + + INSIST(event->ev_type == ISC_TIMEREVENT_TICK); + + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, DNS_LOGMODULE_ACACHE, + ISC_LOG_DEBUG(1), "acache cleaning timer fired, " + "cleaner state = %d", cleaner->state); + + if (cleaner->state == cleaner_s_idle) + begin_cleaning(cleaner); + + isc_event_free(&event); +} + +/* The caller must hold entry lock. */ +static inline isc_boolean_t +entry_stale(acache_cleaner_t *cleaner, dns_acacheentry_t *entry, + isc_stdtime32_t now32, unsigned int interval) +{ + /* + * If the callback has been canceled, we definitely do not need the + * entry. + */ + if (entry->callback == NULL) + return (ISC_TRUE); + + if (interval > cleaner->cleaning_interval) + interval = cleaner->cleaning_interval; + + if (entry->lastused + interval < now32) + return (ISC_TRUE); + + /* + * If the acache is in the overmem state, probabilistically decide if + * the entry should be purged, based on the time passed from its last + * use and the cleaning interval. + */ + if (cleaner->overmem) { + unsigned int passed = + now32 - entry->lastused; /* <= interval */ + isc_uint32_t val; + + if (passed > interval / 2) + return (ISC_TRUE); + isc_random_get(&val); + if (passed > interval / 4) + return (ISC_TF(val % 4 == 0)); + return (ISC_TF(val % 8 == 0)); + } + + return (ISC_FALSE); +} + +/* + * Do incremental cleaning. + */ +static void +acache_incremental_cleaning_action(isc_task_t *task, isc_event_t *event) { + acache_cleaner_t *cleaner = event->ev_arg; + dns_acache_t *acache = cleaner->acache; + dns_acacheentry_t *entry, *next = NULL; + int n_entries; + isc_stdtime32_t now32, last32; + isc_stdtime_t now; + unsigned int interval; + + INSIST(DNS_ACACHE_VALID(acache)); + INSIST(task == acache->task); + INSIST(event->ev_type == DNS_EVENT_ACACHECLEAN); + + if (cleaner->state == cleaner_s_done) { + cleaner->state = cleaner_s_busy; + end_cleaning(cleaner, event); + return; + } + + INSIST(CLEANER_BUSY(cleaner)); + + n_entries = cleaner->increment; + + isc_stdtime_get(&now); + isc_stdtime_convert32(now, &now32); + + LOCK(&acache->lock); + + entry = cleaner->current_entry; + isc_stdtime_convert32(cleaner->last_cleanup_time, &last32); + INSIST(now32 > last32); + interval = now32 - last32; + + while (n_entries-- > 0) { + isc_boolean_t is_stale = ISC_FALSE; + + INSIST(entry != NULL); + + next = ISC_LIST_NEXT(entry, link); + + ACACHE_LOCK(&acache->entrylocks[entry->locknum], + isc_rwlocktype_write); + + is_stale = entry_stale(cleaner, entry, now32, interval); + if (is_stale) { + ISC_LIST_UNLINK(acache->entries, entry, link); + unlink_dbentries(acache, entry); + if (entry->callback != NULL) + (entry->callback)(entry, &entry->cbarg); + entry->callback = NULL; + + cleaner->ncleaned++; + } + + ACACHE_UNLOCK(&acache->entrylocks[entry->locknum], + isc_rwlocktype_write); + + if (is_stale) + dns_acache_detachentry(&entry); + + if (next == NULL) { + if (cleaner->overmem) { + entry = ISC_LIST_HEAD(acache->entries); + if (entry != NULL) { + /* + * If we are still in the overmem + * state, keep cleaning. + */ + isc_log_write(dns_lctx, + DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_ACACHE, + ISC_LOG_DEBUG(1), + "acache cleaner: " + "still overmem, " + "reset and try again"); + continue; + } + } + + UNLOCK(&acache->lock); + end_cleaning(cleaner, event); + return; + } + + entry = next; + } + + /* + * We have successfully performed a cleaning increment but have + * not gone through the entire cache. Remember the entry that will + * be the starting point in the next clean-up, and reschedule another + * batch. If it fails, just try to continue anyway. + */ + INSIST(next != NULL && next != cleaner->current_entry); + dns_acache_detachentry(&cleaner->current_entry); + dns_acache_attachentry(next, &cleaner->current_entry); + + UNLOCK(&acache->lock); + + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, DNS_LOGMODULE_ACACHE, + ISC_LOG_DEBUG(1), "acache cleaner: checked %d entries, " + "mem inuse %lu, sleeping", cleaner->increment, + (unsigned long)isc_mem_inuse(cleaner->acache->mctx)); + + isc_task_send(task, &event); + INSIST(CLEANER_BUSY(cleaner)); + + return; +} + +/* + * This is called when the acache either surpasses its upper limit + * or shrinks beyond its lower limit. + */ +static void +acache_overmem_cleaning_action(isc_task_t *task, isc_event_t *event) { + acache_cleaner_t *cleaner = event->ev_arg; + isc_boolean_t want_cleaning = ISC_FALSE; + + UNUSED(task); + + INSIST(event->ev_type == DNS_EVENT_ACACHEOVERMEM); + INSIST(cleaner->overmem_event == NULL); + + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, DNS_LOGMODULE_ACACHE, + ISC_LOG_DEBUG(1), "overmem_cleaning_action called, " + "overmem = %d, state = %d", cleaner->overmem, + cleaner->state); + + LOCK(&cleaner->lock); + + if (cleaner->overmem) { + if (cleaner->state == cleaner_s_idle) + want_cleaning = ISC_TRUE; + } else { + if (cleaner->state == cleaner_s_busy) + /* + * end_cleaning() can't be called here because + * then both cleaner->overmem_event and + * cleaner->resched_event will point to this + * event. Set the state to done, and then + * when the acache_incremental_cleaning_action() event + * is posted, it will handle the end_cleaning. + */ + cleaner->state = cleaner_s_done; + } + + cleaner->overmem_event = event; + + UNLOCK(&cleaner->lock); + + if (want_cleaning) + begin_cleaning(cleaner); +} + +static void +water(void *arg, int mark) { + dns_acache_t *acache = arg; + isc_boolean_t overmem = ISC_TF(mark == ISC_MEM_HIWATER); + + REQUIRE(DNS_ACACHE_VALID(acache)); + + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_ACACHE, ISC_LOG_DEBUG(1), + "acache memory reaches %s watermark, mem inuse %lu", + overmem ? "high" : "low", + (unsigned long)isc_mem_inuse(acache->mctx)); + + LOCK(&acache->cleaner.lock); + + acache->cleaner.overmem = overmem; + + if (acache->cleaner.overmem_event != NULL) + isc_task_send(acache->task, &acache->cleaner.overmem_event); + + UNLOCK(&acache->cleaner.lock); +} + +/* + * The cleaner task is shutting down; do the necessary cleanup. + */ +static void +acache_cleaner_shutdown_action(isc_task_t *task, isc_event_t *event) { + dns_acache_t *acache = event->ev_arg; + isc_boolean_t should_free = ISC_FALSE; + + INSIST(task == acache->task); + INSIST(event->ev_type == ISC_TASKEVENT_SHUTDOWN); + INSIST(DNS_ACACHE_VALID(acache)); + + ATRACE("acache cleaner shutdown"); + + if (CLEANER_BUSY(&acache->cleaner)) + end_cleaning(&acache->cleaner, event); + else + isc_event_free(&event); + + LOCK(&acache->lock); + + acache->live_cleaners--; + INSIST(acache->live_cleaners == 0); + + if (isc_refcount_current(&acache->refs) == 0) { + INSIST(check_noentry(acache) == ISC_TRUE); + should_free = ISC_TRUE; + } + + /* + * By detaching the timer in the context of its task, + * we are guaranteed that there will be no further timer + * events. + */ + if (acache->cleaner.cleaning_timer != NULL) + isc_timer_detach(&acache->cleaner.cleaning_timer); + + /* Make sure we don't reschedule anymore. */ + (void)isc_task_purge(task, NULL, DNS_EVENT_ACACHECLEAN, NULL); + + UNLOCK(&acache->lock); + + if (should_free) + destroy(acache); +} + +/* + * Public functions. + */ + +isc_result_t +dns_acache_create(dns_acache_t **acachep, isc_mem_t *mctx, + isc_taskmgr_t *taskmgr, isc_timermgr_t *timermgr) +{ + int i; + isc_result_t result; + dns_acache_t *acache; + + REQUIRE(acachep != NULL && *acachep == NULL); + REQUIRE(mctx != NULL); + REQUIRE(taskmgr != NULL); + + acache = isc_mem_get(mctx, sizeof(*acache)); + if (acache == NULL) + return (ISC_R_NOMEMORY); + + ATRACE("create"); + + result = isc_refcount_init(&acache->refs, 1); + if (result != ISC_R_SUCCESS) { + isc_mem_put(mctx, acache, sizeof(*acache)); + return (result); + } + + result = isc_mutex_init(&acache->lock); + if (result != ISC_R_SUCCESS) { + isc_refcount_decrement(&acache->refs, NULL); + isc_refcount_destroy(&acache->refs); + isc_mem_put(mctx, acache, sizeof(*acache)); + return (result); + } + + acache->mctx = NULL; + isc_mem_attach(mctx, &acache->mctx); + ISC_LIST_INIT(acache->entries); + + acache->shutting_down = ISC_FALSE; + + acache->task = NULL; + acache->entrylocks = NULL; + + result = isc_task_create(taskmgr, 1, &acache->task); + if (result != ISC_R_SUCCESS) { + UNEXPECTED_ERROR(__FILE__, __LINE__, + "isc_task_create() failed(): %s", + dns_result_totext(result)); + result = ISC_R_UNEXPECTED; + goto cleanup; + } + isc_task_setname(acache->task, "acachetask", acache); + ISC_EVENT_INIT(&acache->cevent, sizeof(acache->cevent), 0, NULL, + DNS_EVENT_ACACHECONTROL, shutdown_task, NULL, + NULL, NULL, NULL); + acache->cevent_sent = ISC_FALSE; + + acache->dbentries = 0; + for (i = 0; i < DBBUCKETS; i++) + ISC_LIST_INIT(acache->dbbucket[i]); + + acache->entrylocks = isc_mem_get(mctx, sizeof(*acache->entrylocks) * + DEFAULT_ACACHE_ENTRY_LOCK_COUNT); + if (acache->entrylocks == NULL) { + result = ISC_R_NOMEMORY; + goto cleanup; + } + for (i = 0; i < DEFAULT_ACACHE_ENTRY_LOCK_COUNT; i++) { + result = ACACHE_INITLOCK(&acache->entrylocks[i]); + if (result != ISC_R_SUCCESS) { + while (i-- > 0) + ACACHE_DESTROYLOCK(&acache->entrylocks[i]); + isc_mem_put(mctx, acache->entrylocks, + sizeof(*acache->entrylocks) * + DEFAULT_ACACHE_ENTRY_LOCK_COUNT); + acache->entrylocks = NULL; + goto cleanup; + } + } + + acache->live_cleaners = 0; + result = acache_cleaner_init(acache, timermgr, &acache->cleaner); + if (result != ISC_R_SUCCESS) + goto cleanup; + + acache->stats.cleaner_runs = 0; + reset_stats(acache); + + acache->magic = ACACHE_MAGIC; + + *acachep = acache; + return (ISC_R_SUCCESS); + + cleanup: + if (acache->task != NULL) + isc_task_detach(&acache->task); + DESTROYLOCK(&acache->lock); + isc_refcount_decrement(&acache->refs, NULL); + isc_refcount_destroy(&acache->refs); + if (acache->entrylocks != NULL) { + for (i = 0; i < DEFAULT_ACACHE_ENTRY_LOCK_COUNT; i++) + ACACHE_DESTROYLOCK(&acache->entrylocks[i]); + isc_mem_put(mctx, acache->entrylocks, + sizeof(*acache->entrylocks) * + DEFAULT_ACACHE_ENTRY_LOCK_COUNT); + } + isc_mem_put(mctx, acache, sizeof(*acache)); + isc_mem_detach(&mctx); + + return (result); +} + +void +dns_acache_attach(dns_acache_t *source, dns_acache_t **targetp) { + REQUIRE(DNS_ACACHE_VALID(source)); + REQUIRE(targetp != NULL && *targetp == NULL); + + AATRACE(source, "attach"); + + isc_refcount_increment(&source->refs, NULL); + + *targetp = source; +} + +void +dns_acache_countquerymiss(dns_acache_t *acache) { + acache->stats.misses++; /* XXXSK danger: unlocked! */ + acache->stats.queries++; /* XXXSK danger: unlocked! */ +} + +void +dns_acache_detach(dns_acache_t **acachep) { + dns_acache_t *acache; + unsigned int refs; + isc_boolean_t should_free = ISC_FALSE; + + REQUIRE(acachep != NULL && DNS_ACACHE_VALID(*acachep)); + acache = *acachep; + + ATRACE("detach"); + + isc_refcount_decrement(&acache->refs, &refs); + if (refs == 0) { + INSIST(check_noentry(acache) == ISC_TRUE); + should_free = ISC_TRUE; + } + + *acachep = NULL; + + /* + * If we're exiting and the cleaner task exists, let it free the cache. + */ + if (should_free && acache->live_cleaners > 0) { + isc_task_shutdown(acache->task); + should_free = ISC_FALSE; + } + + if (should_free) + destroy(acache); +} + +void +dns_acache_shutdown(dns_acache_t *acache) { + REQUIRE(DNS_ACACHE_VALID(acache)); + + LOCK(&acache->lock); + + ATRACE("shutdown"); + + if (!acache->shutting_down) { + isc_event_t *event; + dns_acache_t *acache_evarg = NULL; + + INSIST(!acache->cevent_sent); + + acache->shutting_down = ISC_TRUE; + + isc_mem_setwater(acache->mctx, NULL, NULL, 0, 0); + + /* + * Self attach the object in order to prevent it from being + * destroyed while waiting for the event. + */ + dns_acache_attach(acache, &acache_evarg); + event = &acache->cevent; + event->ev_arg = acache_evarg; + isc_task_send(acache->task, &event); + acache->cevent_sent = ISC_TRUE; + } + + UNLOCK(&acache->lock); +} + +isc_result_t +dns_acache_setdb(dns_acache_t *acache, dns_db_t *db) { + int bucket; + dbentry_t *dbentry; + isc_result_t result = ISC_R_SUCCESS; + + REQUIRE(DNS_ACACHE_VALID(acache)); + REQUIRE(db != NULL); + + ATRACE("setdb"); + + LOCK(&acache->lock); + + dbentry = NULL; + result = finddbent(acache, db, &dbentry); + if (result == ISC_R_SUCCESS) { + result = ISC_R_EXISTS; + goto end; + } + result = ISC_R_SUCCESS; + + dbentry = isc_mem_get(acache->mctx, sizeof(*dbentry)); + if (dbentry == NULL) { + result = ISC_R_NOMEMORY; + goto end; + } + + ISC_LINK_INIT(dbentry, link); + ISC_LIST_INIT(dbentry->originlist); + ISC_LIST_INIT(dbentry->referlist); + + dbentry->db = NULL; + dns_db_attach(db, &dbentry->db); + + bucket = isc_hash_calc((const unsigned char *)&db, + sizeof(db), ISC_TRUE) % DBBUCKETS; + + ISC_LIST_APPEND(acache->dbbucket[bucket], dbentry, link); + + acache->dbentries++; + + end: + UNLOCK(&acache->lock); + + return (result); +} + +isc_result_t +dns_acache_putdb(dns_acache_t *acache, dns_db_t *db) { + int bucket; + isc_result_t result; + dbentry_t *dbentry; + dns_acacheentry_t *entry; + + REQUIRE(DNS_ACACHE_VALID(acache)); + REQUIRE(db != NULL); + + ATRACE("putdb"); + + LOCK(&acache->lock); + + dbentry = NULL; + result = finddbent(acache, db, &dbentry); + if (result != ISC_R_SUCCESS) { + /* + * The entry may have not been created due to memory shortage. + */ + UNLOCK(&acache->lock); + return (ISC_R_NOTFOUND); + } + + /* + * Release corresponding cache entries: for each entry, release all + * links the entry has, and then callback to the entry holder (if any). + * If no other external references exist (this can happen if the + * original holder has canceled callback,) destroy it here. + */ + while ((entry = ISC_LIST_HEAD(dbentry->originlist)) != NULL) { + ACACHE_LOCK(&acache->entrylocks[entry->locknum], + isc_rwlocktype_write); + + /* + * Releasing olink first would avoid finddbent() in + * unlink_dbentries(). + */ + ISC_LIST_UNLINK(dbentry->originlist, entry, olink); + if (acache->cleaner.current_entry != entry) + ISC_LIST_UNLINK(acache->entries, entry, link); + unlink_dbentries(acache, entry); + + if (entry->callback != NULL) + (entry->callback)(entry, &entry->cbarg); + entry->callback = NULL; + + ACACHE_UNLOCK(&acache->entrylocks[entry->locknum], + isc_rwlocktype_write); + + if (acache->cleaner.current_entry != entry) + dns_acache_detachentry(&entry); + } + while ((entry = ISC_LIST_HEAD(dbentry->referlist)) != NULL) { + ACACHE_LOCK(&acache->entrylocks[entry->locknum], + isc_rwlocktype_write); + + ISC_LIST_UNLINK(dbentry->referlist, entry, rlink); + if (acache->cleaner.current_entry != entry) + ISC_LIST_UNLINK(acache->entries, entry, link); + unlink_dbentries(acache, entry); + + if (entry->callback != NULL) + (entry->callback)(entry, &entry->cbarg); + entry->callback = NULL; + + ACACHE_UNLOCK(&acache->entrylocks[entry->locknum], + isc_rwlocktype_write); + + if (acache->cleaner.current_entry != entry) + dns_acache_detachentry(&entry); + } + + INSIST(ISC_LIST_EMPTY(dbentry->originlist) && + ISC_LIST_EMPTY(dbentry->referlist)); + + bucket = isc_hash_calc((const unsigned char *)&db, + sizeof(db), ISC_TRUE) % DBBUCKETS; + ISC_LIST_UNLINK(acache->dbbucket[bucket], dbentry, link); + dns_db_detach(&dbentry->db); + + isc_mem_put(acache->mctx, dbentry, sizeof(*dbentry)); + + acache->dbentries--; + + acache->stats.deleted++; + + UNLOCK(&acache->lock); + + return (ISC_R_SUCCESS); +} + +isc_result_t +dns_acache_createentry(dns_acache_t *acache, dns_db_t *origdb, + void (*callback)(dns_acacheentry_t *, void **), + void *cbarg, dns_acacheentry_t **entryp) +{ + dns_acacheentry_t *newentry; + isc_result_t result; + isc_uint32_t r; + + REQUIRE(DNS_ACACHE_VALID(acache)); + REQUIRE(entryp != NULL && *entryp == NULL); + REQUIRE(origdb != NULL); + + /* + * Should we exceed our memory limit for some reason (for + * example, if the cleaner does not run aggressively enough), + * then we will not create additional entries. + * + * XXXSK: It might be better to lock the acache->cleaner->lock, + * but locking may be an expensive bottleneck. If we misread + * the value, we will occasionally refuse to create a few + * cache entries, or create a few that we should not. I do not + * expect this to happen often, and it will not have very bad + * effects when it does. So no lock for now. + */ + if (acache->cleaner.overmem) { + acache->stats.overmem_nocreates++; /* XXXSK danger: unlocked! */ + return (ISC_R_NORESOURCES); + } + + newentry = isc_mem_get(acache->mctx, sizeof(*newentry)); + if (newentry == NULL) { + acache->stats.nomem++; /* XXXMLG danger: unlocked! */ + return (ISC_R_NOMEMORY); + } + + isc_random_get(&r); + newentry->locknum = r % DEFAULT_ACACHE_ENTRY_LOCK_COUNT; + + result = isc_refcount_init(&newentry->references, 1); + if (result != ISC_R_SUCCESS) { + isc_mem_put(acache->mctx, newentry, sizeof(*newentry)); + return (result); + }; + + ISC_LINK_INIT(newentry, link); + ISC_LINK_INIT(newentry, olink); + ISC_LINK_INIT(newentry, rlink); + + newentry->acache = NULL; + dns_acache_attach(acache, &newentry->acache); + + newentry->zone = NULL; + newentry->db = NULL; + newentry->version = NULL; + newentry->node = NULL; + newentry->foundname = NULL; + + newentry->callback = callback; + newentry->cbarg = cbarg; + newentry->origdb = NULL; + dns_db_attach(origdb, &newentry->origdb); + + isc_stdtime_get(&newentry->lastused); + + newentry->magic = ACACHEENTRY_MAGIC; + + *entryp = newentry; + + return (ISC_R_SUCCESS); +} + +isc_result_t +dns_acache_getentry(dns_acacheentry_t *entry, dns_zone_t **zonep, + dns_db_t **dbp, dns_dbversion_t **versionp, + dns_dbnode_t **nodep, dns_name_t *fname, + dns_message_t *msg, isc_stdtime_t now) +{ + isc_result_t result = ISC_R_SUCCESS; + dns_rdataset_t *erdataset; + isc_stdtime32_t now32; + dns_acache_t *acache; + int locknum; + + REQUIRE(DNS_ACACHEENTRY_VALID(entry)); + REQUIRE(zonep == NULL || *zonep == NULL); + REQUIRE(dbp != NULL && *dbp == NULL); + REQUIRE(versionp != NULL && *versionp == NULL); + REQUIRE(nodep != NULL && *nodep == NULL); + REQUIRE(fname != NULL); + REQUIRE(msg != NULL); + acache = entry->acache; + REQUIRE(DNS_ACACHE_VALID(acache)); + + locknum = entry->locknum; + ACACHE_LOCK(&acache->entrylocks[locknum], isc_rwlocktype_read); + + isc_stdtime_convert32(now, &now32); + acache_storetime(entry, now32); + + if (entry->zone != NULL && zonep != NULL) + dns_zone_attach(entry->zone, zonep); + + if (entry->db == NULL) { + *dbp = NULL; + *versionp = NULL; + } else { + dns_db_attach(entry->db, dbp); + dns_db_attachversion(entry->db, entry->version, versionp); + } + if (entry->node == NULL) + *nodep = NULL; + else { + dns_db_attachnode(entry->db, entry->node, nodep); + + INSIST(entry->foundname != NULL); + dns_name_copy(entry->foundname, fname, NULL); + for (erdataset = ISC_LIST_HEAD(entry->foundname->list); + erdataset != NULL; + erdataset = ISC_LIST_NEXT(erdataset, link)) { + dns_rdataset_t *ardataset; + + ardataset = NULL; + result = dns_message_gettemprdataset(msg, &ardataset); + if (result != ISC_R_SUCCESS) { + ACACHE_UNLOCK(&acache->entrylocks[locknum], + isc_rwlocktype_read); + goto fail; + } + + /* + * XXXJT: if we simply clone the rdataset, we'll get + * lost wrt cyclic ordering. We'll need an additional + * trick to get the latest counter from the original + * header. + */ + dns_rdataset_init(ardataset); + dns_rdataset_clone(erdataset, ardataset); + ISC_LIST_APPEND(fname->list, ardataset, link); + } + } + + entry->acache->stats.hits++; /* XXXMLG danger: unlocked! */ + entry->acache->stats.queries++; + + ACACHE_UNLOCK(&acache->entrylocks[locknum], isc_rwlocktype_read); + + return (result); + + fail: + while ((erdataset = ISC_LIST_HEAD(fname->list)) != NULL) { + ISC_LIST_UNLINK(fname->list, erdataset, link); + dns_rdataset_disassociate(erdataset); + dns_message_puttemprdataset(msg, &erdataset); + } + if (*nodep != NULL) + dns_db_detachnode(*dbp, nodep); + if (*versionp != NULL) + dns_db_closeversion(*dbp, versionp, ISC_FALSE); + if (*dbp != NULL) + dns_db_detach(dbp); + if (zonep != NULL && *zonep != NULL) + dns_zone_detach(zonep); + + return (result); +} + +isc_result_t +dns_acache_setentry(dns_acache_t *acache, dns_acacheentry_t *entry, + dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version, + dns_dbnode_t *node, dns_name_t *fname) +{ + isc_result_t result; + dbentry_t *odbent; + dbentry_t *rdbent = NULL; + isc_boolean_t close_version = ISC_FALSE; + dns_acacheentry_t *dummy_entry = NULL; + + REQUIRE(DNS_ACACHE_VALID(acache)); + REQUIRE(DNS_ACACHEENTRY_VALID(entry)); + + LOCK(&acache->lock); /* XXX: need to lock it here for ordering */ + ACACHE_LOCK(&acache->entrylocks[entry->locknum], isc_rwlocktype_write); + + /* Set zone */ + if (zone != NULL) + dns_zone_attach(zone, &entry->zone); + /* Set DB */ + if (db != NULL) + dns_db_attach(db, &entry->db); + /* + * Set DB version. If the version is not given by the caller, + * which is the case for glue or cache DBs, use the current version. + */ + if (version == NULL) { + if (db != NULL) { + dns_db_currentversion(db, &version); + close_version = ISC_TRUE; + } + } + if (version != NULL) { + INSIST(db != NULL); + dns_db_attachversion(db, version, &entry->version); + } + if (close_version) + dns_db_closeversion(db, &version, ISC_FALSE); + /* Set DB node. */ + if (node != NULL) { + INSIST(db != NULL); + dns_db_attachnode(db, node, &entry->node); + } + + /* + * Set list of the corresponding rdatasets, if given. + * To minimize the overhead and memory consumption, we'll do this for + * positive cache only, in which case the DB node is non NULL. + * We do not want to cache incomplete information, so give up the + * entire entry when a memory shortage happen during the process. + */ + if (node != NULL) { + dns_rdataset_t *ardataset, *crdataset; + + entry->foundname = isc_mem_get(acache->mctx, + sizeof(*entry->foundname)); + + if (entry->foundname == NULL) { + result = ISC_R_NOMEMORY; + goto fail; + } + dns_name_init(entry->foundname, NULL); + result = dns_name_dup(fname, acache->mctx, + entry->foundname); + if (result != ISC_R_SUCCESS) + goto fail; + + for (ardataset = ISC_LIST_HEAD(fname->list); + ardataset != NULL; + ardataset = ISC_LIST_NEXT(ardataset, link)) { + crdataset = isc_mem_get(acache->mctx, + sizeof(*crdataset)); + if (crdataset == NULL) { + result = ISC_R_NOMEMORY; + goto fail; + } + + dns_rdataset_init(crdataset); + dns_rdataset_clone(ardataset, crdataset); + ISC_LIST_APPEND(entry->foundname->list, crdataset, + link); + } + } + + odbent = NULL; + result = finddbent(acache, entry->origdb, &odbent); + if (result != ISC_R_SUCCESS) + goto fail; + if (db != NULL) { + rdbent = NULL; + result = finddbent(acache, db, &rdbent); + if (result != ISC_R_SUCCESS) + goto fail; + } + + ISC_LIST_APPEND(acache->entries, entry, link); + ISC_LIST_APPEND(odbent->originlist, entry, olink); + if (rdbent != NULL) + ISC_LIST_APPEND(rdbent->referlist, entry, rlink); + + /* + * The additional cache needs an implicit reference to entries in its + * link. + */ + dns_acache_attachentry(entry, &dummy_entry); + + ACACHE_UNLOCK(&acache->entrylocks[entry->locknum], + isc_rwlocktype_write); + + acache->stats.adds++; + UNLOCK(&acache->lock); + + return (ISC_R_SUCCESS); + + fail: + clear_entry(acache, entry); + + ACACHE_UNLOCK(&acache->entrylocks[entry->locknum], + isc_rwlocktype_write); + UNLOCK(&acache->lock); + + return (result); +} + +void +dns_acache_cancelentry(dns_acacheentry_t *entry) { + dns_acache_t *acache = entry->acache; + + REQUIRE(DNS_ACACHEENTRY_VALID(entry)); + INSIST(DNS_ACACHE_VALID(acache)); + + LOCK(&acache->lock); + ACACHE_LOCK(&acache->entrylocks[entry->locknum], isc_rwlocktype_write); + + /* + * Release dependencies stored in this entry as much as possible. + * The main link cannot be released, since the acache object has + * a reference to this entry; the empty entry will be released in + * the next cleaning action. + */ + unlink_dbentries(acache, entry); + clear_entry(entry->acache, entry); + + entry->callback = NULL; + entry->cbarg = NULL; + + ACACHE_UNLOCK(&acache->entrylocks[entry->locknum], + isc_rwlocktype_write); + UNLOCK(&acache->lock); +} + +void +dns_acache_attachentry(dns_acacheentry_t *source, + dns_acacheentry_t **targetp) +{ + REQUIRE(DNS_ACACHEENTRY_VALID(source)); + REQUIRE(targetp != NULL && *targetp == NULL); + + isc_refcount_increment(&source->references, NULL); + + *targetp = source; +} + +void +dns_acache_detachentry(dns_acacheentry_t **entryp) { + dns_acacheentry_t *entry; + unsigned int refs; + + REQUIRE(entryp != NULL && DNS_ACACHEENTRY_VALID(*entryp)); + entry = *entryp; + + isc_refcount_decrement(&entry->references, &refs); + + /* + * If there are no references to the entry, the entry must have been + * unlinked and can be destroyed safely. + */ + if (refs == 0) { + INSIST(!ISC_LINK_LINKED(entry, link)); + (*entryp)->acache->stats.deleted++; + destroy_entry(entry); + } + + *entryp = NULL; +} + +void +dns_acache_setcleaninginterval(dns_acache_t *acache, unsigned int t) { + isc_interval_t interval; + isc_result_t result; + + REQUIRE(DNS_ACACHE_VALID(acache)); + + ATRACE("dns_acache_setcleaninginterval"); + + LOCK(&acache->lock); + + /* + * It may be the case that the acache has already shut down. + * If so, it has no timer. (Not sure if this can really happen.) + */ + if (acache->cleaner.cleaning_timer == NULL) + goto unlock; + + acache->cleaner.cleaning_interval = t; + + if (t == 0) { + result = isc_timer_reset(acache->cleaner.cleaning_timer, + isc_timertype_inactive, + NULL, NULL, ISC_TRUE); + } else { + isc_interval_set(&interval, acache->cleaner.cleaning_interval, + 0); + result = isc_timer_reset(acache->cleaner.cleaning_timer, + isc_timertype_ticker, + NULL, &interval, ISC_FALSE); + } + if (result != ISC_R_SUCCESS) + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_ACACHE, ISC_LOG_WARNING, + "could not set acache cleaning interval: %s", + isc_result_totext(result)); + else + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_ACACHE, ISC_LOG_NOTICE, + "acache %p cleaning interval set to %d.", + acache, t); + + unlock: + UNLOCK(&acache->lock); +} + +/* + * This function was derived from cache.c:dns_cache_setcachesize(). See the + * function for more details about the logic. + */ +void +dns_acache_setcachesize(dns_acache_t *acache, isc_uint32_t size) { + isc_uint32_t lowater; + isc_uint32_t hiwater; + + REQUIRE(DNS_ACACHE_VALID(acache)); + + if (size != 0 && size < DNS_ACACHE_MINSIZE) + size = DNS_ACACHE_MINSIZE; + + hiwater = size - (size >> 3); + lowater = size - (size >> 2); + + if (size == 0 || hiwater == 0 || lowater == 0) + isc_mem_setwater(acache->mctx, water, acache, 0, 0); + else + isc_mem_setwater(acache->mctx, water, acache, + hiwater, lowater); +} diff --git a/usr.sbin/bind/lib/dns/acl.c b/usr.sbin/bind/lib/dns/acl.c index e68f841df85..0541b52258a 100644 --- a/usr.sbin/bind/lib/dns/acl.c +++ b/usr.sbin/bind/lib/dns/acl.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: acl.c,v 1.23.52.6 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: acl.c,v 1.25.18.5 2006/03/02 00:37:21 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -41,7 +43,11 @@ dns_acl_create(isc_mem_t *mctx, int n, dns_acl_t **target) { return (ISC_R_NOMEMORY); acl->mctx = mctx; acl->name = NULL; - isc_refcount_init(&acl->refcount, 1); + result = isc_refcount_init(&acl->refcount, 1); + if (result != ISC_R_SUCCESS) { + isc_mem_put(mctx, acl, sizeof(*acl)); + return (result); + } acl->elements = NULL; acl->alloc = 0; acl->length = 0; diff --git a/usr.sbin/bind/lib/dns/callbacks.c b/usr.sbin/bind/lib/dns/callbacks.c index bb93499ce58..89aa94bc4ea 100644 --- a/usr.sbin/bind/lib/dns/callbacks.c +++ b/usr.sbin/bind/lib/dns/callbacks.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: callbacks.c,v 1.12.206.1 2004/03/06 08:13:36 marka Exp $ */ +/* $ISC: callbacks.c,v 1.13.18.2 2005/04/29 00:15:49 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/dns/compress.c b/usr.sbin/bind/lib/dns/compress.c index 423cfb9124f..468bf991566 100644 --- a/usr.sbin/bind/lib/dns/compress.c +++ b/usr.sbin/bind/lib/dns/compress.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: compress.c,v 1.50.206.4 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: compress.c,v 1.52.18.5 2006/03/02 00:37:21 marka Exp $ */ + +/*! \file */ #define DNS_NAME_USEINLINE 1 @@ -82,13 +84,31 @@ void dns_compress_setmethods(dns_compress_t *cctx, unsigned int allowed) { REQUIRE(VALID_CCTX(cctx)); - cctx->allowed = allowed; + cctx->allowed &= ~DNS_COMPRESS_ALL; + cctx->allowed |= (allowed & DNS_COMPRESS_ALL); } unsigned int dns_compress_getmethods(dns_compress_t *cctx) { REQUIRE(VALID_CCTX(cctx)); - return (cctx->allowed); + return (cctx->allowed & DNS_COMPRESS_ALL); +} + +void +dns_compress_setsensitive(dns_compress_t *cctx, isc_boolean_t sensitive) { + REQUIRE(VALID_CCTX(cctx)); + + if (sensitive) + cctx->allowed |= DNS_COMPRESS_CASESENSITIVE; + else + cctx->allowed &= ~DNS_COMPRESS_CASESENSITIVE; +} + +isc_boolean_t +dns_compress_getsensitive(dns_compress_t *cctx) { + REQUIRE(VALID_CCTX(cctx)); + + return (ISC_TF((cctx->allowed & DNS_COMPRESS_CASESENSITIVE) != 0)); } int @@ -138,8 +158,13 @@ dns_compress_findglobal(dns_compress_t *cctx, const dns_name_t *name, for (node = cctx->table[hash]; node != NULL; node = node->next) { NODENAME(node, &nname); - if (dns_name_equal(&nname, &tname)) - break; + if ((cctx->allowed & DNS_COMPRESS_CASESENSITIVE) != 0) { + if (dns_name_caseequal(&nname, &tname)) + break; + } else { + if (dns_name_equal(&nname, &tname)) + break; + } } if (node != NULL) break; diff --git a/usr.sbin/bind/lib/dns/dbiterator.c b/usr.sbin/bind/lib/dns/dbiterator.c index b5df300ef42..bf43c798ce7 100644 --- a/usr.sbin/bind/lib/dns/dbiterator.c +++ b/usr.sbin/bind/lib/dns/dbiterator.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dbiterator.c,v 1.13.206.1 2004/03/06 08:13:37 marka Exp $ */ +/* $ISC: dbiterator.c,v 1.14.18.2 2005/04/29 00:15:50 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/dns/dbtable.c b/usr.sbin/bind/lib/dns/dbtable.c index 206af531ab1..59ecec5c145 100644 --- a/usr.sbin/bind/lib/dns/dbtable.c +++ b/usr.sbin/bind/lib/dns/dbtable.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -16,10 +16,11 @@ */ /* - * $ISC: dbtable.c,v 1.25.12.4 2004/03/09 05:21:08 marka Exp $ + * $ISC: dbtable.c,v 1.28.18.3 2005/07/12 01:22:19 marka Exp $ */ -/* +/*! \file + * \author * Principal Author: DCL */ @@ -86,7 +87,6 @@ dns_dbtable_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, result = isc_rwlock_init(&dbtable->tree_lock, 0, 0); if (result != ISC_R_SUCCESS) goto clean3; - dbtable->default_db = NULL; dbtable->mctx = mctx; diff --git a/usr.sbin/bind/lib/dns/diff.c b/usr.sbin/bind/lib/dns/diff.c index 3a502f2d48b..13982902d34 100644 --- a/usr.sbin/bind/lib/dns/diff.c +++ b/usr.sbin/bind/lib/dns/diff.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: diff.c,v 1.4.2.1.8.4 2004/03/08 02:07:52 marka Exp $ */ +/* $ISC: diff.c,v 1.9.18.3 2005/04/27 05:01:15 sra Exp $ */ + +/*! \file */ #include <config.h> @@ -30,8 +32,10 @@ #include <dns/db.h> #include <dns/diff.h> #include <dns/log.h> +#include <dns/rdataclass.h> #include <dns/rdatalist.h> #include <dns/rdataset.h> +#include <dns/rdatatype.h> #include <dns/result.h> #define CHECK(op) \ @@ -195,6 +199,9 @@ diff_apply(dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver, dns_difftuple_t *t; dns_dbnode_t *node = NULL; isc_result_t result; + char namebuf[DNS_NAME_FORMATSIZE]; + char typebuf[DNS_RDATATYPE_FORMATSIZE]; + char classbuf[DNS_RDATACLASS_FORMATSIZE]; REQUIRE(DNS_DIFF_VALID(diff)); REQUIRE(DNS_DB_VALID(db)); @@ -254,11 +261,19 @@ diff_apply(dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver, t->rdata.type == type && rdata_covers(&t->rdata) == covers) { + dns_name_format(name, namebuf, sizeof(namebuf)); + dns_rdatatype_format(t->rdata.type, typebuf, + sizeof(typebuf)); + dns_rdataclass_format(t->rdata.rdclass, + classbuf, + sizeof(classbuf)); if (t->ttl != rdl.ttl && warn) isc_log_write(DIFF_COMMON_LOGARGS, ISC_LOG_WARNING, - "TTL differs in rdataset, " - "adjusting %lu -> %lu", + "'%s/%s/%s': TTL differs in " + "rdataset, adjusting " + "%lu -> %lu", + namebuf, typebuf, classbuf, (unsigned long) t->ttl, (unsigned long) rdl.ttl); ISC_LIST_APPEND(rdl.rdata, &t->rdata, link); diff --git a/usr.sbin/bind/lib/dns/dlz.c b/usr.sbin/bind/lib/dns/dlz.c new file mode 100644 index 00000000000..47799476989 --- /dev/null +++ b/usr.sbin/bind/lib/dns/dlz.c @@ -0,0 +1,510 @@ +/* + * Portions Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * Copyright (C) 2002 Stichting NLnet, Netherlands, stichting@nlnet.nl. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the + * above copyright notice and this permission notice appear in all + * copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND STICHTING NLNET + * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL + * STICHTING NLNET BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR + * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS + * OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE + * USE OR PERFORMANCE OF THIS SOFTWARE. + * + * The development of Dynamically Loadable Zones (DLZ) for Bind 9 was + * conceived and contributed by Rob Butler. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the + * above copyright notice and this permission notice appear in all + * copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ROB BUTLER + * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL + * ROB BUTLER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR + * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS + * OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE + * USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: dlz.c,v 1.2.2.2 2005/09/06 03:47:17 marka Exp $ */ + +/*! \file */ + +/*** + *** Imports + ***/ + +#include <config.h> + +#include <dns/fixedname.h> +#include <dns/log.h> +#include <dns/master.h> +#include <dns/dlz.h> + + +#include <isc/buffer.h> +#include <isc/magic.h> +#include <isc/mem.h> +#include <isc/once.h> +#include <isc/rwlock.h> +#include <isc/string.h> +#include <isc/util.h> + +/*** + *** Supported DLZ DB Implementations Registry + ***/ + +static ISC_LIST(dns_dlzimplementation_t) dlz_implementations; +static isc_rwlock_t dlz_implock; +static isc_once_t once = ISC_ONCE_INIT; + +static void +dlz_initialize(void) { + RUNTIME_CHECK(isc_rwlock_init(&dlz_implock, 0, 0) == ISC_R_SUCCESS); + ISC_LIST_INIT(dlz_implementations); +} + +/*% + * Searches the dlz_implementations list for a driver matching name. + */ +static inline dns_dlzimplementation_t * +dlz_impfind(const char *name) { + dns_dlzimplementation_t *imp; + + for (imp = ISC_LIST_HEAD(dlz_implementations); + imp != NULL; + imp = ISC_LIST_NEXT(imp, link)) + if (strcasecmp(name, imp->name) == 0) + return (imp); + return (NULL); +} + +/*** + *** Basic DLZ Methods + ***/ + +isc_result_t +dns_dlzallowzonexfr(dns_view_t *view, dns_name_t *name, + isc_sockaddr_t *clientaddr, dns_db_t **dbp) +{ + isc_result_t result; + dns_dlzallowzonexfr_t allowzonexfr; + dns_dlzdb_t *dlzdatabase; + + /* + * Performs checks to make sure data is as we expect it to be. + */ + REQUIRE(DNS_DLZ_VALID(view->dlzdatabase)); + REQUIRE(name != NULL); + REQUIRE(dbp != NULL && *dbp == NULL); + + /* ask driver if the zone is supported */ + dlzdatabase = view->dlzdatabase; + allowzonexfr = dlzdatabase->implementation->methods->allowzonexfr; + result = (*allowzonexfr)(dlzdatabase->implementation->driverarg, + dlzdatabase->dbdata, dlzdatabase->mctx, + view->rdclass, name, clientaddr, dbp); + + if (result == ISC_R_NOTIMPLEMENTED) + return (ISC_R_NOTFOUND); + return (result); +} + +isc_result_t +dns_dlzcreate(isc_mem_t *mctx, const char *dlzname, const char *drivername, + unsigned int argc, char *argv[], dns_dlzdb_t **dbp) +{ + dns_dlzimplementation_t *impinfo; + isc_result_t result; + + /* + * initialize the dlz_implementations list, this is guaranteed + * to only really happen once. + */ + RUNTIME_CHECK(isc_once_do(&once, dlz_initialize) == ISC_R_SUCCESS); + + /* + * Performs checks to make sure data is as we expect it to be. + */ + REQUIRE(dbp != NULL && *dbp == NULL); + REQUIRE(dlzname != NULL); + REQUIRE(drivername != NULL); + REQUIRE(mctx != NULL); + + /* write log message */ + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_DLZ, ISC_LOG_INFO, + "Loading '%s' using driver %s", dlzname, drivername); + + /* lock the dlz_implementations list so we can search it. */ + RWLOCK(&dlz_implock, isc_rwlocktype_read); + + /* search for the driver implementation */ + impinfo = dlz_impfind(drivername); + if (impinfo == NULL) { + RWUNLOCK(&dlz_implock, isc_rwlocktype_read); + + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_DLZ, ISC_LOG_ERROR, + "unsupported DLZ database driver '%s'." + " %s not loaded.", + drivername, dlzname); + + return (ISC_R_NOTFOUND); + } + + /* Allocate memory to hold the DLZ database driver */ + (*dbp) = isc_mem_get(mctx, sizeof(dns_dlzdb_t)); + if ((*dbp) == NULL) { + RWUNLOCK(&dlz_implock, isc_rwlocktype_read); + return (ISC_R_NOMEMORY); + } + + /* Make sure memory region is set to all 0's */ + memset((*dbp), 0, sizeof(dns_dlzdb_t)); + + (*dbp)->implementation = impinfo; + + /* Create a new database using implementation 'drivername'. */ + result = ((impinfo->methods->create)(mctx, dlzname, argc, argv, + impinfo->driverarg, + &(*dbp)->dbdata)); + + /* mark the DLZ driver as valid */ + if (result == ISC_R_SUCCESS) { + RWUNLOCK(&dlz_implock, isc_rwlocktype_read); + (*dbp)->magic = DNS_DLZ_MAGIC; + isc_mem_attach(mctx, &(*dbp)->mctx); + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_DLZ, ISC_LOG_DEBUG(2), + "DLZ driver loaded successfully."); + return (ISC_R_SUCCESS); + } else { + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_DLZ, ISC_LOG_ERROR, + "DLZ driver failed to load."); + } + + /* impinfo->methods->create failed. */ + RWUNLOCK(&dlz_implock, isc_rwlocktype_read); + isc_mem_put(mctx, (*dbp), sizeof(dns_dlzdb_t)); + return (result); +} + +void +dns_dlzdestroy(dns_dlzdb_t **dbp) { + isc_mem_t *mctx; + dns_dlzdestroy_t destroy; + + /* Write debugging message to log */ + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_DLZ, ISC_LOG_DEBUG(2), + "Unloading DLZ driver."); + + /* + * Perform checks to make sure data is as we expect it to be. + */ + REQUIRE(dbp != NULL && DNS_DLZ_VALID(*dbp)); + + /* call the drivers destroy method */ + if ((*dbp) != NULL) { + mctx = (*dbp)->mctx; + destroy = (*dbp)->implementation->methods->destroy; + (*destroy)((*dbp)->implementation->driverarg,(*dbp)->dbdata); + /* return memory */ + isc_mem_put(mctx, (*dbp), sizeof(dns_dlzdb_t)); + isc_mem_detach(&mctx); + } + + *dbp = NULL; +} + + +isc_result_t +dns_dlzfindzone(dns_view_t *view, dns_name_t *name, unsigned int minlabels, + dns_db_t **dbp) +{ + dns_fixedname_t fname; + dns_name_t *zonename; + unsigned int namelabels; + unsigned int i; + isc_result_t result; + dns_dlzfindzone_t findzone; + dns_dlzdb_t *dlzdatabase; + + /* + * Performs checks to make sure data is as we expect it to be. + */ + REQUIRE(DNS_DLZ_VALID(view->dlzdatabase)); + REQUIRE(name != NULL); + REQUIRE(dbp != NULL && *dbp == NULL); + + /* setup a "fixed" dns name */ + dns_fixedname_init(&fname); + zonename = dns_fixedname_name(&fname); + + /* count the number of labels in the name */ + namelabels = dns_name_countlabels(name); + + /* + * loop through starting with the longest domain name and + * trying shorter names portions of the name until we find a + * match, have an error, or are below the 'minlabels' + * threshold. minlabels is 0, if the standard database didn't + * have a zone name match. Otherwise minlables is the number + * of labels in that name. We need to beat that for a + * "better" match for the DLZ database to be authoritative + * instead of the standard database. + */ + for (i = namelabels; i > minlabels && i > 1; i--) { + if (i == namelabels) { + result = dns_name_copy(name, zonename, NULL); + if (result != ISC_R_SUCCESS) + return (result); + } else + dns_name_split(name, i, NULL, zonename); + + /* ask SDLZ driver if the zone is supported */ + dlzdatabase = view->dlzdatabase; + findzone = dlzdatabase->implementation->methods->findzone; + result = (*findzone)(dlzdatabase->implementation->driverarg, + dlzdatabase->dbdata, dlzdatabase->mctx, + view->rdclass, zonename, dbp); + if (result != ISC_R_NOTFOUND) + return (result); + } + return (ISC_R_NOTFOUND); +} + +/*% + * Registers a DLZ driver. This basically just adds the dlz + * driver to the list of available drivers in the dlz_implementations list. + */ +isc_result_t +dns_dlzregister(const char *drivername, const dns_dlzmethods_t *methods, + void *driverarg, isc_mem_t *mctx, + dns_dlzimplementation_t **dlzimp) +{ + + dns_dlzimplementation_t *dlz_imp; + + /* Write debugging message to log */ + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_DLZ, ISC_LOG_DEBUG(2), + "Registering DLZ driver '%s'", drivername); + + /* + * Performs checks to make sure data is as we expect it to be. + */ + REQUIRE(drivername != NULL); + REQUIRE(methods != NULL); + REQUIRE(methods->create != NULL); + REQUIRE(methods->destroy != NULL); + REQUIRE(methods->findzone != NULL); + REQUIRE(mctx != NULL); + REQUIRE(dlzimp != NULL && *dlzimp == NULL); + + /* + * initialize the dlz_implementations list, this is guaranteed + * to only really happen once. + */ + RUNTIME_CHECK(isc_once_do(&once, dlz_initialize) == ISC_R_SUCCESS); + + /* lock the dlz_implementations list so we can modify it. */ + RWLOCK(&dlz_implock, isc_rwlocktype_write); + + /* + * check that another already registered driver isn't using + * the same name + */ + dlz_imp = dlz_impfind(drivername); + if (dlz_imp != NULL) { + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_DLZ, ISC_LOG_DEBUG(2), + "DLZ Driver '%s' already registered", + drivername); + RWUNLOCK(&dlz_implock, isc_rwlocktype_write); + return (ISC_R_EXISTS); + } + + /* + * Allocate memory for a dlz_implementation object. Error if + * we cannot. + */ + dlz_imp = isc_mem_get(mctx, sizeof(dns_dlzimplementation_t)); + if (dlz_imp == NULL) { + RWUNLOCK(&dlz_implock, isc_rwlocktype_write); + return (ISC_R_NOMEMORY); + } + + /* Make sure memory region is set to all 0's */ + memset(dlz_imp, 0, sizeof(dns_dlzimplementation_t)); + + /* Store the data passed into this method */ + dlz_imp->name = drivername; + dlz_imp->methods = methods; + dlz_imp->mctx = NULL; + dlz_imp->driverarg = driverarg; + + /* attach the new dlz_implementation object to a memory context */ + isc_mem_attach(mctx, &dlz_imp->mctx); + + /* + * prepare the dlz_implementation object to be put in a list, + * and append it to the list + */ + ISC_LINK_INIT(dlz_imp, link); + ISC_LIST_APPEND(dlz_implementations, dlz_imp, link); + + /* Unlock the dlz_implementations list. */ + RWUNLOCK(&dlz_implock, isc_rwlocktype_write); + + /* Pass back the dlz_implementation that we created. */ + *dlzimp = dlz_imp; + + return (ISC_R_SUCCESS); +} + +/*% + * Helper function for dns_dlzstrtoargv(). + * Pardon the gratuitous recursion. + */ +static isc_result_t +dns_dlzstrtoargvsub(isc_mem_t *mctx, char *s, unsigned int *argcp, + char ***argvp, unsigned int n) +{ + isc_result_t result; + + restart: + /* Discard leading whitespace. */ + while (*s == ' ' || *s == '\t') + s++; + + if (*s == '\0') { + /* We have reached the end of the string. */ + *argcp = n; + *argvp = isc_mem_get(mctx, n * sizeof(char *)); + if (*argvp == NULL) + return (ISC_R_NOMEMORY); + } else { + char *p = s; + while (*p != ' ' && *p != '\t' && *p != '\0' && *p != '{') { + if (*p == '\n') { + *p = ' '; + goto restart; + } + p++; + } + + /* do "grouping", items between { and } are one arg */ + if (*p == '{') { + char *t = p; + /* + * shift all characters to left by 1 to get rid of '{' + */ + while (*t != '\0') { + t++; + *(t-1) = *t; + } + while (*p != '\0' && *p != '}') { + p++; + } + /* get rid of '}' character */ + if (*p == '}') { + *p = '\0'; + p++; + } + /* normal case, no "grouping" */ + } else if (*p != '\0') + *p++ = '\0'; + + result = dns_dlzstrtoargvsub(mctx, p, argcp, argvp, n + 1); + if (result != ISC_R_SUCCESS) + return (result); + (*argvp)[n] = s; + } + return (ISC_R_SUCCESS); +} + +/*% + * Tokenize the string "s" into whitespace-separated words, + * return the number of words in '*argcp' and an array + * of pointers to the words in '*argvp'. The caller + * must free the array using isc_mem_put(). The string + * is modified in-place. + */ +isc_result_t +dns_dlzstrtoargv(isc_mem_t *mctx, char *s, + unsigned int *argcp, char ***argvp) +{ + return(dns_dlzstrtoargvsub(mctx, s, argcp, argvp, 0)); +} + +/*% + * Unregisters a DLZ driver. This basically just removes the dlz + * driver from the list of available drivers in the dlz_implementations list. + */ +void +dns_dlzunregister(dns_dlzimplementation_t **dlzimp) { + dns_dlzimplementation_t *dlz_imp; + isc_mem_t *mctx; + + /* Write debugging message to log */ + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_DLZ, ISC_LOG_DEBUG(2), + "Unregistering DLZ driver."); + + /* + * Performs checks to make sure data is as we expect it to be. + */ + REQUIRE(dlzimp != NULL && *dlzimp != NULL); + + /* + * initialize the dlz_implementations list, this is guaranteed + * to only really happen once. + */ + RUNTIME_CHECK(isc_once_do(&once, dlz_initialize) == ISC_R_SUCCESS); + + dlz_imp = *dlzimp; + + /* lock the dlz_implementations list so we can modify it. */ + RWLOCK(&dlz_implock, isc_rwlocktype_write); + + /* remove the dlz_implementation object from the list */ + ISC_LIST_UNLINK(dlz_implementations, dlz_imp, link); + mctx = dlz_imp->mctx; + + /* + * return the memory back to the available memory pool and + * remove it from the memory context. + */ + isc_mem_put(mctx, dlz_imp, sizeof(dns_dlzimplementation_t)); + isc_mem_detach(&mctx); + + /* Unlock the dlz_implementations list. */ + RWUNLOCK(&dlz_implock, isc_rwlocktype_write); +} diff --git a/usr.sbin/bind/lib/dns/ds.c b/usr.sbin/bind/lib/dns/ds.c index 9c11af8da52..cf6c7eecb5a 100644 --- a/usr.sbin/bind/lib/dns/ds.c +++ b/usr.sbin/bind/lib/dns/ds.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ds.c,v 1.4.2.1 2004/03/08 02:07:53 marka Exp $ */ +/* $ISC: ds.c,v 1.4.20.5 2006/02/22 23:50:09 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -24,6 +26,7 @@ #include <isc/buffer.h> #include <isc/region.h> #include <isc/sha1.h> +#include <isc/sha2.h> #include <isc/util.h> #include <dns/ds.h> @@ -40,10 +43,9 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key, unsigned int digest_type, unsigned char *buffer, dns_rdata_t *rdata) { - isc_sha1_t sha1; dns_fixedname_t fname; dns_name_t *name; - unsigned char digest[ISC_SHA1_DIGESTLENGTH]; + unsigned char digest[ISC_SHA256_DIGESTLENGTH]; isc_region_t r; isc_buffer_t b; dns_rdata_ds_t ds; @@ -51,7 +53,7 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key, REQUIRE(key != NULL); REQUIRE(key->type == dns_rdatatype_dnskey); - if (digest_type != DNS_DSDIGEST_SHA1) + if (!dns_ds_digest_supported(digest_type)) return (ISC_R_NOTIMPLEMENTED); dns_fixedname_init(&fname); @@ -61,23 +63,42 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key, memset(buffer, 0, DNS_DS_BUFFERSIZE); isc_buffer_init(&b, buffer, DNS_DS_BUFFERSIZE); - isc_sha1_init(&sha1); - dns_name_toregion(name, &r); - isc_sha1_update(&sha1, r.base, r.length); - dns_rdata_toregion(key, &r); - INSIST(r.length >= 4); - isc_sha1_update(&sha1, r.base, r.length); - isc_sha1_final(&sha1, digest); + if (digest_type == DNS_DSDIGEST_SHA1) { + isc_sha1_t sha1; + isc_sha1_init(&sha1); + dns_name_toregion(name, &r); + isc_sha1_update(&sha1, r.base, r.length); + dns_rdata_toregion(key, &r); + INSIST(r.length >= 4); + isc_sha1_update(&sha1, r.base, r.length); + isc_sha1_final(&sha1, digest); + } else { + isc_sha256_t sha256; + isc_sha256_init(&sha256); + dns_name_toregion(name, &r); + isc_sha256_update(&sha256, r.base, r.length); + dns_rdata_toregion(key, &r); + INSIST(r.length >= 4); + isc_sha256_update(&sha256, r.base, r.length); + isc_sha256_final(digest, &sha256); + } ds.mctx = NULL; ds.common.rdclass = key->rdclass; ds.common.rdtype = dns_rdatatype_ds; ds.algorithm = r.base[3]; ds.key_tag = dst_region_computeid(&r, ds.algorithm); - ds.digest_type = DNS_DSDIGEST_SHA1; - ds.length = ISC_SHA1_DIGESTLENGTH; + ds.digest_type = digest_type; + ds.length = (digest_type == DNS_DSDIGEST_SHA1) ? + ISC_SHA1_DIGESTLENGTH : ISC_SHA256_DIGESTLENGTH; ds.digest = digest; return (dns_rdata_fromstruct(rdata, key->rdclass, dns_rdatatype_ds, &ds, &b)); } + +isc_boolean_t +dns_ds_digest_supported(unsigned int digest_type) { + return (ISC_TF(digest_type == DNS_DSDIGEST_SHA1 || + digest_type == DNS_DSDIGEST_SHA256)); +} diff --git a/usr.sbin/bind/lib/dns/dst_internal.h b/usr.sbin/bind/lib/dns/dst_internal.h index 4c086dcd283..9dbf40ecba4 100644 --- a/usr.sbin/bind/lib/dns/dst_internal.h +++ b/usr.sbin/bind/lib/dns/dst_internal.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2000-2002 Internet Software Consortium. * Portions Copyright (C) 1995-2000 by Network Associates, Inc. * @@ -16,7 +16,7 @@ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dst_internal.h,v 1.1.4.1 2004/12/09 04:07:16 marka Exp $ */ +/* $ISC: dst_internal.h,v 1.1.6.5 2006/01/27 23:57:44 marka Exp $ */ #ifndef DST_DST_INTERNAL_H #define DST_DST_INTERNAL_H 1 @@ -46,18 +46,20 @@ extern isc_mem_t *dst__memory_pool; typedef struct dst_func dst_func_t; +/*% DST Key Structure */ struct dst_key { unsigned int magic; - dns_name_t * key_name; /* name of the key */ - unsigned int key_size; /* size of the key in bits */ - unsigned int key_proto; /* protocols this key is used for */ - unsigned int key_alg; /* algorithm of the key */ - isc_uint32_t key_flags; /* flags of the public key */ - isc_uint16_t key_id; /* identifier of the key */ - dns_rdataclass_t key_class; /* class of the key record */ - isc_mem_t *mctx; /* memory context */ - void * opaque; /* pointer to key in crypto pkg fmt */ - dst_func_t * func; /* crypto package specific functions */ + dns_name_t * key_name; /*%< name of the key */ + unsigned int key_size; /*%< size of the key in bits */ + unsigned int key_proto; /*%< protocols this key is used for */ + unsigned int key_alg; /*%< algorithm of the key */ + isc_uint32_t key_flags; /*%< flags of the public key */ + isc_uint16_t key_id; /*%< identifier of the key */ + isc_uint16_t key_bits; /*%< hmac digest bits */ + dns_rdataclass_t key_class; /*%< class of the key record */ + isc_mem_t *mctx; /*%< memory context */ + void * opaque; /*%< pointer to key in crypto pkg fmt */ + dst_func_t * func; /*%< crypto package specific functions */ }; struct dst_context { @@ -100,30 +102,35 @@ struct dst_func { void (*cleanup)(void); }; -/* +/*% * Initializers */ isc_result_t dst__openssl_init(void); isc_result_t dst__hmacmd5_init(struct dst_func **funcp); +isc_result_t dst__hmacsha1_init(struct dst_func **funcp); +isc_result_t dst__hmacsha224_init(struct dst_func **funcp); +isc_result_t dst__hmacsha256_init(struct dst_func **funcp); +isc_result_t dst__hmacsha384_init(struct dst_func **funcp); +isc_result_t dst__hmacsha512_init(struct dst_func **funcp); isc_result_t dst__opensslrsa_init(struct dst_func **funcp); isc_result_t dst__openssldsa_init(struct dst_func **funcp); isc_result_t dst__openssldh_init(struct dst_func **funcp); isc_result_t dst__gssapi_init(struct dst_func **funcp); -/* +/*% * Destructors */ void dst__openssl_destroy(void); -/* +/*% * Memory allocators using the DST memory pool. */ void * dst__mem_alloc(size_t size); void dst__mem_free(void *ptr); void * dst__mem_realloc(void *ptr, size_t size); -/* +/*% * Entropy retriever using the DST entropy pool. */ isc_result_t dst__entropy_getdata(void *buf, unsigned int len, @@ -132,3 +139,4 @@ isc_result_t dst__entropy_getdata(void *buf, unsigned int len, ISC_LANG_ENDDECLS #endif /* DST_DST_INTERNAL_H */ +/*! \file */ diff --git a/usr.sbin/bind/lib/dns/dst_lib.c b/usr.sbin/bind/lib/dns/dst_lib.c index fdfd737e729..8a01fa95712 100644 --- a/usr.sbin/bind/lib/dns/dst_lib.c +++ b/usr.sbin/bind/lib/dns/dst_lib.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -17,9 +17,11 @@ /* * Principal Author: Brian Wellington - * $ISC: dst_lib.c,v 1.1.4.1 2004/12/09 04:07:16 marka Exp $ + * $ISC: dst_lib.c,v 1.1.6.3 2005/04/29 00:15:51 marka Exp $ */ +/*! \file */ + #include <config.h> #include <stddef.h> diff --git a/usr.sbin/bind/lib/dns/dst_openssl.h b/usr.sbin/bind/lib/dns/dst_openssl.h index 2da3cc8bd51..56e781bcce5 100644 --- a/usr.sbin/bind/lib/dns/dst_openssl.h +++ b/usr.sbin/bind/lib/dns/dst_openssl.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dst_openssl.h,v 1.1.2.1 2004/12/09 04:07:17 marka Exp $ */ +/* $ISC: dst_openssl.h,v 1.1.4.3 2005/04/29 00:15:52 marka Exp $ */ #ifndef DST_OPENSSL_H #define DST_OPENSSL_H 1 @@ -31,3 +31,4 @@ dst__openssl_toresult(isc_result_t fallback); ISC_LANG_ENDDECLS #endif /* DST_OPENSSL_H */ +/*! \file */ diff --git a/usr.sbin/bind/lib/dns/dst_parse.c b/usr.sbin/bind/lib/dns/dst_parse.c index 55b977604a3..1db079f507d 100644 --- a/usr.sbin/bind/lib/dns/dst_parse.c +++ b/usr.sbin/bind/lib/dns/dst_parse.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1999-2002 Internet Software Consortium. * Portions Copyright (C) 1995-2000 by Network Associates, Inc. * @@ -16,9 +16,9 @@ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* +/*% * Principal Author: Brian Wellington - * $ISC: dst_parse.c,v 1.1.4.1 2004/12/09 04:07:17 marka Exp $ + * $ISC: dst_parse.c,v 1.1.6.7 2006/05/16 03:59:26 marka Exp $ */ #include <config.h> @@ -67,6 +67,23 @@ static struct parse_map map[] = { {TAG_DSA_PUBLIC, "Public_value(y):"}, {TAG_HMACMD5_KEY, "Key:"}, + {TAG_HMACMD5_BITS, "Bits:"}, + + {TAG_HMACSHA1_KEY, "Key:"}, + {TAG_HMACSHA1_BITS, "Bits:"}, + + {TAG_HMACSHA224_KEY, "Key:"}, + {TAG_HMACSHA224_BITS, "Bits:"}, + + {TAG_HMACSHA256_KEY, "Key:"}, + {TAG_HMACSHA256_BITS, "Bits:"}, + + {TAG_HMACSHA384_KEY, "Key:"}, + {TAG_HMACSHA384_BITS, "Bits:"}, + + {TAG_HMACSHA512_KEY, "Key:"}, + {TAG_HMACSHA512_BITS, "Bits:"}, + {0, NULL} }; @@ -141,16 +158,53 @@ check_dsa(const dst_private_t *priv) { } static int -check_hmac_md5(const dst_private_t *priv) { - if (priv->nelements != HMACMD5_NTAGS) +check_hmac_md5(const dst_private_t *priv, isc_boolean_t old) { + int i, j; + + if (priv->nelements != HMACMD5_NTAGS) { + /* + * If this is a good old format and we are accepting + * the old format return success. + */ + if (old && priv->nelements == OLD_HMACMD5_NTAGS && + priv->elements[0].tag == TAG_HMACMD5_KEY) + return (0); return (-1); - if (priv->elements[0].tag != TAG_HMACMD5_KEY) + } + /* + * We must be new format at this point. + */ + for (i = 0; i < HMACMD5_NTAGS; i++) { + for (j = 0; j < priv->nelements; j++) + if (priv->elements[j].tag == TAG(DST_ALG_HMACMD5, i)) + break; + if (j == priv->nelements) + return (-1); + } + return (0); +} + +static int +check_hmac_sha(const dst_private_t *priv, unsigned int ntags, + unsigned int alg) +{ + unsigned int i, j; + if (priv->nelements != ntags) return (-1); + for (i = 0; i < ntags; i++) { + for (j = 0; j < priv->nelements; j++) + if (priv->elements[j].tag == TAG(alg, i)) + break; + if (j == priv->nelements) + return (-1); + } return (0); } static int -check_data(const dst_private_t *priv, const unsigned int alg) { +check_data(const dst_private_t *priv, const unsigned int alg, + isc_boolean_t old) +{ /* XXXVIX this switch statement is too sparse to gen a jump table. */ switch (alg) { case DST_ALG_RSAMD5: @@ -161,7 +215,17 @@ check_data(const dst_private_t *priv, const unsigned int alg) { case DST_ALG_DSA: return (check_dsa(priv)); case DST_ALG_HMACMD5: - return (check_hmac_md5(priv)); + return (check_hmac_md5(priv, old)); + case DST_ALG_HMACSHA1: + return (check_hmac_sha(priv, HMACSHA1_NTAGS, alg)); + case DST_ALG_HMACSHA224: + return (check_hmac_sha(priv, HMACSHA224_NTAGS, alg)); + case DST_ALG_HMACSHA256: + return (check_hmac_sha(priv, HMACSHA256_NTAGS, alg)); + case DST_ALG_HMACSHA384: + return (check_hmac_sha(priv, HMACSHA384_NTAGS, alg)); + case DST_ALG_HMACSHA512: + return (check_hmac_sha(priv, HMACSHA512_NTAGS, alg)); default: return (DST_R_UNSUPPORTEDALG); } @@ -313,7 +377,7 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, done: priv->nelements = n; - if (check_data(priv, alg) < 0) + if (check_data(priv, alg, ISC_TRUE) < 0) goto fail; return (ISC_R_SUCCESS); @@ -341,7 +405,7 @@ dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv, REQUIRE(priv != NULL); - if (check_data(priv, dst_key_alg(key)) < 0) + if (check_data(priv, dst_key_alg(key), ISC_FALSE) < 0) return (DST_R_INVALIDPRIVATEKEY); isc_buffer_init(&b, filename, sizeof(filename)); @@ -380,6 +444,21 @@ dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv, case DST_ALG_HMACMD5: fprintf(fp, "(HMAC_MD5)\n"); break; + case DST_ALG_HMACSHA1: + fprintf(fp, "(HMAC_SHA1)\n"); + break; + case DST_ALG_HMACSHA224: + fprintf(fp, "(HMAC_SHA224)\n"); + break; + case DST_ALG_HMACSHA256: + fprintf(fp, "(HMAC_SHA256)\n"); + break; + case DST_ALG_HMACSHA384: + fprintf(fp, "(HMAC_SHA384)\n"); + break; + case DST_ALG_HMACSHA512: + fprintf(fp, "(HMAC_SHA512)\n"); + break; default: fprintf(fp, "(?)\n"); break; @@ -410,3 +489,5 @@ dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv, fclose(fp); return (ISC_R_SUCCESS); } + +/*! \file */ diff --git a/usr.sbin/bind/lib/dns/dst_parse.h b/usr.sbin/bind/lib/dns/dst_parse.h index 1e9a5ad6ec4..785db8f5ec1 100644 --- a/usr.sbin/bind/lib/dns/dst_parse.h +++ b/usr.sbin/bind/lib/dns/dst_parse.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2000-2002 Internet Software Consortium. * Portions Copyright (C) 1995-2000 by Network Associates, Inc. * @@ -16,8 +16,9 @@ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dst_parse.h,v 1.1.4.1 2004/12/09 04:07:17 marka Exp $ */ +/* $ISC: dst_parse.h,v 1.1.6.5 2006/01/27 23:57:44 marka Exp $ */ +/*! \file */ #ifndef DST_DST_PARSE_H #define DST_DST_PARSE_H 1 @@ -59,8 +60,30 @@ #define TAG_DSA_PRIVATE ((DST_ALG_DSA << TAG_SHIFT) + 3) #define TAG_DSA_PUBLIC ((DST_ALG_DSA << TAG_SHIFT) + 4) -#define HMACMD5_NTAGS 1 +#define OLD_HMACMD5_NTAGS 1 +#define HMACMD5_NTAGS 2 #define TAG_HMACMD5_KEY ((DST_ALG_HMACMD5 << TAG_SHIFT) + 0) +#define TAG_HMACMD5_BITS ((DST_ALG_HMACMD5 << TAG_SHIFT) + 1) + +#define HMACSHA1_NTAGS 2 +#define TAG_HMACSHA1_KEY ((DST_ALG_HMACSHA1 << TAG_SHIFT) + 0) +#define TAG_HMACSHA1_BITS ((DST_ALG_HMACSHA1 << TAG_SHIFT) + 1) + +#define HMACSHA224_NTAGS 2 +#define TAG_HMACSHA224_KEY ((DST_ALG_HMACSHA224 << TAG_SHIFT) + 0) +#define TAG_HMACSHA224_BITS ((DST_ALG_HMACSHA224 << TAG_SHIFT) + 1) + +#define HMACSHA256_NTAGS 2 +#define TAG_HMACSHA256_KEY ((DST_ALG_HMACSHA256 << TAG_SHIFT) + 0) +#define TAG_HMACSHA256_BITS ((DST_ALG_HMACSHA224 << TAG_SHIFT) + 1) + +#define HMACSHA384_NTAGS 2 +#define TAG_HMACSHA384_KEY ((DST_ALG_HMACSHA384 << TAG_SHIFT) + 0) +#define TAG_HMACSHA384_BITS ((DST_ALG_HMACSHA384 << TAG_SHIFT) + 1) + +#define HMACSHA512_NTAGS 2 +#define TAG_HMACSHA512_KEY ((DST_ALG_HMACSHA512 << TAG_SHIFT) + 0) +#define TAG_HMACSHA512_BITS ((DST_ALG_HMACSHA512 << TAG_SHIFT) + 1) struct dst_private_element { unsigned short tag; diff --git a/usr.sbin/bind/lib/dns/dst_result.c b/usr.sbin/bind/lib/dns/dst_result.c index 82518c1491e..6f42d57949f 100644 --- a/usr.sbin/bind/lib/dns/dst_result.c +++ b/usr.sbin/bind/lib/dns/dst_result.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,9 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* +/*% * Principal Author: Brian Wellington - * $ISC: dst_result.c,v 1.1.4.1 2004/12/09 04:07:17 marka Exp $ + * $ISC: dst_result.c,v 1.1.6.3 2005/04/29 00:15:52 marka Exp $ */ #include <config.h> @@ -29,27 +29,27 @@ #include <dst/lib.h> static const char *text[DST_R_NRESULTS] = { - "algorithm is unsupported", /* 0 */ - "openssl failure", /* 1 */ - "built with no crypto support", /* 2 */ - "illegal operation for a null key", /* 3 */ - "public key is invalid", /* 4 */ - "private key is invalid", /* 5 */ - "UNUSED6", /* 6 */ - "error occurred writing key to disk", /* 7 */ - "invalid algorithm specific parameter", /* 8 */ - "UNUSED9", /* 9 */ - "UNUSED10", /* 10 */ - "sign failure", /* 11 */ - "UNUSED12", /* 12 */ - "UNUSED13", /* 13 */ - "verify failure", /* 14 */ - "not a public key", /* 15 */ - "not a private key", /* 16 */ - "not a key that can compute a secret", /* 17 */ - "failure computing a shared secret", /* 18 */ - "no randomness available", /* 19 */ - "bad key type" /* 20 */ + "algorithm is unsupported", /*%< 0 */ + "openssl failure", /*%< 1 */ + "built with no crypto support", /*%< 2 */ + "illegal operation for a null key", /*%< 3 */ + "public key is invalid", /*%< 4 */ + "private key is invalid", /*%< 5 */ + "UNUSED6", /*%< 6 */ + "error occurred writing key to disk", /*%< 7 */ + "invalid algorithm specific parameter", /*%< 8 */ + "UNUSED9", /*%< 9 */ + "UNUSED10", /*%< 10 */ + "sign failure", /*%< 11 */ + "UNUSED12", /*%< 12 */ + "UNUSED13", /*%< 13 */ + "verify failure", /*%< 14 */ + "not a public key", /*%< 15 */ + "not a private key", /*%< 16 */ + "not a key that can compute a secret", /*%< 17 */ + "failure computing a shared secret", /*%< 18 */ + "no randomness available", /*%< 19 */ + "bad key type" /*%< 20 */ }; #define DST_RESULT_RESULTSET 2 @@ -84,3 +84,5 @@ void dst_result_register(void) { initialize(); } + +/*! \file */ diff --git a/usr.sbin/bind/lib/dns/forward.c b/usr.sbin/bind/lib/dns/forward.c index 352451f1bf4..b607975285c 100644 --- a/usr.sbin/bind/lib/dns/forward.c +++ b/usr.sbin/bind/lib/dns/forward.c @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: forward.c,v 1.5.206.3 2005/03/17 03:58:30 marka Exp $ */ +/* $ISC: forward.c,v 1.6.18.4 2005/07/12 01:22:20 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -62,13 +64,8 @@ dns_fwdtable_create(isc_mem_t *mctx, dns_fwdtable_t **fwdtablep) { goto cleanup_fwdtable; result = isc_rwlock_init(&fwdtable->rwlock, 0, 0); - if (result != ISC_R_SUCCESS) { - UNEXPECTED_ERROR(__FILE__, __LINE__, - "isc_rwlock_init() failed: %s", - isc_result_totext(result)); - result = ISC_R_UNEXPECTED; + if (result != ISC_R_SUCCESS) goto cleanup_rbt; - } fwdtable->mctx = NULL; isc_mem_attach(mctx, &fwdtable->mctx); diff --git a/usr.sbin/bind/lib/dns/gen-unix.h b/usr.sbin/bind/lib/dns/gen-unix.h index 7f151e8d012..fa874ea2f49 100644 --- a/usr.sbin/bind/lib/dns/gen-unix.h +++ b/usr.sbin/bind/lib/dns/gen-unix.h @@ -15,9 +15,10 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: gen-unix.h,v 1.12.12.5 2005/06/09 23:54:29 marka Exp $ */ +/* $ISC: gen-unix.h,v 1.14.18.3 2005/06/08 02:07:54 marka Exp $ */ -/* +/*! \file + * \brief * This file is responsible for defining two operations that are not * directly portable between Unix-like systems and Windows NT, option * parsing and directory scanning. It is here because it was decided diff --git a/usr.sbin/bind/lib/dns/gssapi_link.c b/usr.sbin/bind/lib/dns/gssapi_link.c index b50bb4105a5..d23844006df 100644 --- a/usr.sbin/bind/lib/dns/gssapi_link.c +++ b/usr.sbin/bind/lib/dns/gssapi_link.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -16,7 +16,7 @@ */ /* - * $ISC: gssapi_link.c,v 1.1.4.1 2004/12/09 04:07:17 marka Exp $ + * $ISC: gssapi_link.c,v 1.1.6.3 2005/04/29 00:15:53 marka Exp $ */ #ifdef GSSAPI @@ -194,17 +194,17 @@ static dst_func_t gssapi_functions = { gssapi_adddata, gssapi_sign, gssapi_verify, - NULL, /* computesecret */ + NULL, /*%< computesecret */ gssapi_compare, - NULL, /* paramcompare */ + NULL, /*%< paramcompare */ gssapi_generate, gssapi_isprivate, gssapi_destroy, - NULL, /* todns */ - NULL, /* fromdns */ - NULL, /* tofile */ - NULL, /* parse */ - NULL, /* cleanup */ + NULL, /*%< todns */ + NULL, /*%< fromdns */ + NULL, /*%< tofile */ + NULL, /*%< parse */ + NULL, /*%< cleanup */ }; isc_result_t @@ -218,3 +218,5 @@ dst__gssapi_init(dst_func_t **funcp) { #else int gssapi_link_unneeded = 1; #endif + +/*! \file */ diff --git a/usr.sbin/bind/lib/dns/gssapictx.c b/usr.sbin/bind/lib/dns/gssapictx.c index 146a8095e57..a8212282de6 100644 --- a/usr.sbin/bind/lib/dns/gssapictx.c +++ b/usr.sbin/bind/lib/dns/gssapictx.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: gssapictx.c,v 1.1.4.1 2004/12/09 04:07:17 marka Exp $ */ +/* $ISC: gssapictx.c,v 1.1.6.3 2005/04/29 00:15:54 marka Exp $ */ #include <config.h> @@ -260,3 +260,5 @@ dst_gssapi_acceptctx(dns_name_t *name, void *cred, } #endif + +/*! \file */ diff --git a/usr.sbin/bind/lib/dns/hmac_link.c b/usr.sbin/bind/lib/dns/hmac_link.c index 2703e370a1b..f58e4e02381 100644 --- a/usr.sbin/bind/lib/dns/hmac_link.c +++ b/usr.sbin/bind/lib/dns/hmac_link.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1999-2002 Internet Software Consortium. * Portions Copyright (C) 1995-2000 by Network Associates, Inc. * @@ -18,14 +18,16 @@ /* * Principal Author: Brian Wellington - * $ISC: hmac_link.c,v 1.1.4.1 2004/12/09 04:07:17 marka Exp $ + * $ISC: hmac_link.c,v 1.1.6.5 2006/01/27 23:57:44 marka Exp $ */ #include <config.h> #include <isc/buffer.h> #include <isc/hmacmd5.h> +#include <isc/hmacsha.h> #include <isc/md5.h> +#include <isc/sha1.h> #include <isc/mem.h> #include <isc/string.h> #include <isc/util.h> @@ -46,6 +48,17 @@ typedef struct hmackey { } HMAC_Key; static isc_result_t +getkeybits(dst_key_t *key, struct dst_private_element *element) { + + if (element->length != 2) + return (DST_R_INVALIDPRIVATEKEY); + + key->key_bits = (element->data[0] << 8) + element->data[1]; + + return (ISC_R_SUCCESS); +} + +static isc_result_t hmacmd5_createctx(dst_key_t *key, dst_context_t *dctx) { isc_hmacmd5_t *hmacmd5ctx; HMAC_Key *hkey = key->opaque; @@ -95,10 +108,10 @@ static isc_result_t hmacmd5_verify(dst_context_t *dctx, const isc_region_t *sig) { isc_hmacmd5_t *hmacmd5ctx = dctx->opaque; - if (sig->length < ISC_MD5_DIGESTLENGTH) + if (sig->length > ISC_MD5_DIGESTLENGTH) return (DST_R_VERIFYFAILURE); - if (isc_hmacmd5_verify(hmacmd5ctx, sig->base)) + if (isc_hmacmd5_verify2(hmacmd5ctx, sig->base, sig->length)) return (ISC_R_SUCCESS); else return (DST_R_VERIFYFAILURE); @@ -130,9 +143,9 @@ hmacmd5_generate(dst_key_t *key, int pseudorandom_ok) { unsigned char data[HMAC_LEN]; bytes = (key->key_size + 7) / 8; - if (bytes > 64) { - bytes = 64; - key->key_size = 512; + if (bytes > HMAC_LEN) { + bytes = HMAC_LEN; + key->key_size = HMAC_LEN * 8; } memset(data, 0, HMAC_LEN); @@ -220,6 +233,7 @@ hmacmd5_tofile(const dst_key_t *key, const char *directory) { HMAC_Key *hkey; dst_private_t priv; int bytes = (key->key_size + 7) / 8; + unsigned char buf[2]; if (key->opaque == NULL) return (DST_R_NULLKEY); @@ -230,6 +244,12 @@ hmacmd5_tofile(const dst_key_t *key, const char *directory) { priv.elements[cnt].length = bytes; priv.elements[cnt++].data = hkey->key; + buf[0] = (key->key_bits >> 8) & 0xffU; + buf[1] = key->key_bits & 0xffU; + priv.elements[cnt].tag = TAG_HMACMD5_BITS; + priv.elements[cnt].data = buf; + priv.elements[cnt++].length = 2; + priv.nelements = cnt; return (dst__privstruct_writefile(key, &priv, directory)); } @@ -237,21 +257,40 @@ hmacmd5_tofile(const dst_key_t *key, const char *directory) { static isc_result_t hmacmd5_parse(dst_key_t *key, isc_lex_t *lexer) { dst_private_t priv; - isc_result_t ret; + isc_result_t result, tresult; isc_buffer_t b; isc_mem_t *mctx = key->mctx; + unsigned int i; /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_HMACMD5, lexer, mctx, &priv); - if (ret != ISC_R_SUCCESS) - return (ret); + result = dst__privstruct_parse(key, DST_ALG_HMACMD5, lexer, mctx, &priv); + if (result != ISC_R_SUCCESS) + return (result); - isc_buffer_init(&b, priv.elements[0].data, priv.elements[0].length); - isc_buffer_add(&b, priv.elements[0].length); - ret = hmacmd5_fromdns(key, &b); + key->key_bits = 0; + for (i = 0; i < priv.nelements && result == ISC_R_SUCCESS; i++) { + switch (priv.elements[i].tag) { + case TAG_HMACMD5_KEY: + isc_buffer_init(&b, priv.elements[i].data, + priv.elements[i].length); + isc_buffer_add(&b, priv.elements[i].length); + tresult = hmacmd5_fromdns(key, &b); + if (tresult != ISC_R_SUCCESS) + result = tresult; + break; + case TAG_HMACMD5_BITS: + tresult = getkeybits(key, &priv.elements[i]); + if (tresult != ISC_R_SUCCESS) + result = tresult; + break; + default: + result = DST_R_INVALIDPRIVATEKEY; + break; + } + } dst__privstruct_free(&priv, mctx); memset(&priv, 0, sizeof(priv)); - return (ret); + return (result); } static dst_func_t hmacmd5_functions = { @@ -260,9 +299,9 @@ static dst_func_t hmacmd5_functions = { hmacmd5_adddata, hmacmd5_sign, hmacmd5_verify, - NULL, /* computesecret */ + NULL, /*%< computesecret */ hmacmd5_compare, - NULL, /* paramcompare */ + NULL, /*%< paramcompare */ hmacmd5_generate, hmacmd5_isprivate, hmacmd5_destroy, @@ -270,7 +309,7 @@ static dst_func_t hmacmd5_functions = { hmacmd5_fromdns, hmacmd5_tofile, hmacmd5_parse, - NULL, /* cleanup */ + NULL, /*%< cleanup */ }; isc_result_t @@ -280,3 +319,1350 @@ dst__hmacmd5_init(dst_func_t **funcp) { *funcp = &hmacmd5_functions; return (ISC_R_SUCCESS); } + +static isc_result_t hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data); + +typedef struct { + unsigned char key[ISC_SHA1_DIGESTLENGTH]; +} HMACSHA1_Key; + +static isc_result_t +hmacsha1_createctx(dst_key_t *key, dst_context_t *dctx) { + isc_hmacsha1_t *hmacsha1ctx; + HMACSHA1_Key *hkey = key->opaque; + + hmacsha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_hmacsha1_t)); + if (hmacsha1ctx == NULL) + return (ISC_R_NOMEMORY); + isc_hmacsha1_init(hmacsha1ctx, hkey->key, ISC_SHA1_DIGESTLENGTH); + dctx->opaque = hmacsha1ctx; + return (ISC_R_SUCCESS); +} + +static void +hmacsha1_destroyctx(dst_context_t *dctx) { + isc_hmacsha1_t *hmacsha1ctx = dctx->opaque; + + if (hmacsha1ctx != NULL) { + isc_hmacsha1_invalidate(hmacsha1ctx); + isc_mem_put(dctx->mctx, hmacsha1ctx, sizeof(isc_hmacsha1_t)); + dctx->opaque = NULL; + } +} + +static isc_result_t +hmacsha1_adddata(dst_context_t *dctx, const isc_region_t *data) { + isc_hmacsha1_t *hmacsha1ctx = dctx->opaque; + + isc_hmacsha1_update(hmacsha1ctx, data->base, data->length); + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha1_sign(dst_context_t *dctx, isc_buffer_t *sig) { + isc_hmacsha1_t *hmacsha1ctx = dctx->opaque; + unsigned char *digest; + + if (isc_buffer_availablelength(sig) < ISC_SHA1_DIGESTLENGTH) + return (ISC_R_NOSPACE); + digest = isc_buffer_used(sig); + isc_hmacsha1_sign(hmacsha1ctx, digest, ISC_SHA1_DIGESTLENGTH); + isc_buffer_add(sig, ISC_SHA1_DIGESTLENGTH); + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha1_verify(dst_context_t *dctx, const isc_region_t *sig) { + isc_hmacsha1_t *hmacsha1ctx = dctx->opaque; + + if (sig->length > ISC_SHA1_DIGESTLENGTH || sig->length == 0) + return (DST_R_VERIFYFAILURE); + + if (isc_hmacsha1_verify(hmacsha1ctx, sig->base, sig->length)) + return (ISC_R_SUCCESS); + else + return (DST_R_VERIFYFAILURE); +} + +static isc_boolean_t +hmacsha1_compare(const dst_key_t *key1, const dst_key_t *key2) { + HMACSHA1_Key *hkey1, *hkey2; + + hkey1 = (HMACSHA1_Key *)key1->opaque; + hkey2 = (HMACSHA1_Key *)key2->opaque; + + if (hkey1 == NULL && hkey2 == NULL) + return (ISC_TRUE); + else if (hkey1 == NULL || hkey2 == NULL) + return (ISC_FALSE); + + if (memcmp(hkey1->key, hkey2->key, ISC_SHA1_DIGESTLENGTH) == 0) + return (ISC_TRUE); + else + return (ISC_FALSE); +} + +static isc_result_t +hmacsha1_generate(dst_key_t *key, int pseudorandom_ok) { + isc_buffer_t b; + isc_result_t ret; + int bytes; + unsigned char data[HMAC_LEN]; + + bytes = (key->key_size + 7) / 8; + if (bytes > HMAC_LEN) { + bytes = HMAC_LEN; + key->key_size = HMAC_LEN * 8; + } + + memset(data, 0, HMAC_LEN); + ret = dst__entropy_getdata(data, bytes, ISC_TF(pseudorandom_ok != 0)); + + if (ret != ISC_R_SUCCESS) + return (ret); + + isc_buffer_init(&b, data, bytes); + isc_buffer_add(&b, bytes); + ret = hmacsha1_fromdns(key, &b); + memset(data, 0, ISC_SHA1_DIGESTLENGTH); + + return (ret); +} + +static isc_boolean_t +hmacsha1_isprivate(const dst_key_t *key) { + UNUSED(key); + return (ISC_TRUE); +} + +static void +hmacsha1_destroy(dst_key_t *key) { + HMACSHA1_Key *hkey = key->opaque; + memset(hkey, 0, sizeof(HMACSHA1_Key)); + isc_mem_put(key->mctx, hkey, sizeof(HMACSHA1_Key)); + key->opaque = NULL; +} + +static isc_result_t +hmacsha1_todns(const dst_key_t *key, isc_buffer_t *data) { + HMACSHA1_Key *hkey; + unsigned int bytes; + + REQUIRE(key->opaque != NULL); + + hkey = (HMACSHA1_Key *) key->opaque; + + bytes = (key->key_size + 7) / 8; + if (isc_buffer_availablelength(data) < bytes) + return (ISC_R_NOSPACE); + isc_buffer_putmem(data, hkey->key, bytes); + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data) { + HMACSHA1_Key *hkey; + int keylen; + isc_region_t r; + isc_sha1_t sha1ctx; + + isc_buffer_remainingregion(data, &r); + if (r.length == 0) + return (ISC_R_SUCCESS); + + hkey = (HMACSHA1_Key *) isc_mem_get(key->mctx, sizeof(HMACSHA1_Key)); + if (hkey == NULL) + return (ISC_R_NOMEMORY); + + memset(hkey->key, 0, sizeof(hkey->key)); + + if (r.length > ISC_SHA1_DIGESTLENGTH) { + isc_sha1_init(&sha1ctx); + isc_sha1_update(&sha1ctx, r.base, r.length); + isc_sha1_final(&sha1ctx, hkey->key); + keylen = ISC_SHA1_DIGESTLENGTH; + } + else { + memcpy(hkey->key, r.base, r.length); + keylen = r.length; + } + + key->key_size = keylen * 8; + key->opaque = hkey; + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha1_tofile(const dst_key_t *key, const char *directory) { + int cnt = 0; + HMACSHA1_Key *hkey; + dst_private_t priv; + int bytes = (key->key_size + 7) / 8; + unsigned char buf[2]; + + if (key->opaque == NULL) + return (DST_R_NULLKEY); + + hkey = (HMACSHA1_Key *) key->opaque; + + priv.elements[cnt].tag = TAG_HMACSHA1_KEY; + priv.elements[cnt].length = bytes; + priv.elements[cnt++].data = hkey->key; + + buf[0] = (key->key_bits >> 8) & 0xffU; + buf[1] = key->key_bits & 0xffU; + priv.elements[cnt].tag = TAG_HMACSHA1_BITS; + priv.elements[cnt].data = buf; + priv.elements[cnt++].length = 2; + + priv.nelements = cnt; + return (dst__privstruct_writefile(key, &priv, directory)); +} + +static isc_result_t +hmacsha1_parse(dst_key_t *key, isc_lex_t *lexer) { + dst_private_t priv; + isc_result_t result, tresult; + isc_buffer_t b; + isc_mem_t *mctx = key->mctx; + unsigned int i; + + /* read private key file */ + result = dst__privstruct_parse(key, DST_ALG_HMACSHA1, lexer, mctx, + &priv); + if (result != ISC_R_SUCCESS) + return (result); + + key->key_bits = 0; + for (i = 0; i < priv.nelements; i++) { + switch (priv.elements[i].tag) { + case TAG_HMACSHA1_KEY: + isc_buffer_init(&b, priv.elements[i].data, + priv.elements[i].length); + isc_buffer_add(&b, priv.elements[i].length); + tresult = hmacsha1_fromdns(key, &b); + if (tresult != ISC_R_SUCCESS) + result = tresult; + break; + case TAG_HMACSHA1_BITS: + tresult = getkeybits(key, &priv.elements[i]); + if (tresult != ISC_R_SUCCESS) + result = tresult; + break; + default: + result = DST_R_INVALIDPRIVATEKEY; + break; + } + } + dst__privstruct_free(&priv, mctx); + memset(&priv, 0, sizeof(priv)); + return (result); +} + +static dst_func_t hmacsha1_functions = { + hmacsha1_createctx, + hmacsha1_destroyctx, + hmacsha1_adddata, + hmacsha1_sign, + hmacsha1_verify, + NULL, /* computesecret */ + hmacsha1_compare, + NULL, /* paramcompare */ + hmacsha1_generate, + hmacsha1_isprivate, + hmacsha1_destroy, + hmacsha1_todns, + hmacsha1_fromdns, + hmacsha1_tofile, + hmacsha1_parse, + NULL, /* cleanup */ +}; + +isc_result_t +dst__hmacsha1_init(dst_func_t **funcp) { + REQUIRE(funcp != NULL); + if (*funcp == NULL) + *funcp = &hmacsha1_functions; + return (ISC_R_SUCCESS); +} + +static isc_result_t hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data); + +typedef struct { + unsigned char key[ISC_SHA224_DIGESTLENGTH]; +} HMACSHA224_Key; + +static isc_result_t +hmacsha224_createctx(dst_key_t *key, dst_context_t *dctx) { + isc_hmacsha224_t *hmacsha224ctx; + HMACSHA224_Key *hkey = key->opaque; + + hmacsha224ctx = isc_mem_get(dctx->mctx, sizeof(isc_hmacsha224_t)); + if (hmacsha224ctx == NULL) + return (ISC_R_NOMEMORY); + isc_hmacsha224_init(hmacsha224ctx, hkey->key, ISC_SHA224_DIGESTLENGTH); + dctx->opaque = hmacsha224ctx; + return (ISC_R_SUCCESS); +} + +static void +hmacsha224_destroyctx(dst_context_t *dctx) { + isc_hmacsha224_t *hmacsha224ctx = dctx->opaque; + + if (hmacsha224ctx != NULL) { + isc_hmacsha224_invalidate(hmacsha224ctx); + isc_mem_put(dctx->mctx, hmacsha224ctx, sizeof(isc_hmacsha224_t)); + dctx->opaque = NULL; + } +} + +static isc_result_t +hmacsha224_adddata(dst_context_t *dctx, const isc_region_t *data) { + isc_hmacsha224_t *hmacsha224ctx = dctx->opaque; + + isc_hmacsha224_update(hmacsha224ctx, data->base, data->length); + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha224_sign(dst_context_t *dctx, isc_buffer_t *sig) { + isc_hmacsha224_t *hmacsha224ctx = dctx->opaque; + unsigned char *digest; + + if (isc_buffer_availablelength(sig) < ISC_SHA224_DIGESTLENGTH) + return (ISC_R_NOSPACE); + digest = isc_buffer_used(sig); + isc_hmacsha224_sign(hmacsha224ctx, digest, ISC_SHA224_DIGESTLENGTH); + isc_buffer_add(sig, ISC_SHA224_DIGESTLENGTH); + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha224_verify(dst_context_t *dctx, const isc_region_t *sig) { + isc_hmacsha224_t *hmacsha224ctx = dctx->opaque; + + if (sig->length > ISC_SHA224_DIGESTLENGTH || sig->length == 0) + return (DST_R_VERIFYFAILURE); + + if (isc_hmacsha224_verify(hmacsha224ctx, sig->base, sig->length)) + return (ISC_R_SUCCESS); + else + return (DST_R_VERIFYFAILURE); +} + +static isc_boolean_t +hmacsha224_compare(const dst_key_t *key1, const dst_key_t *key2) { + HMACSHA224_Key *hkey1, *hkey2; + + hkey1 = (HMACSHA224_Key *)key1->opaque; + hkey2 = (HMACSHA224_Key *)key2->opaque; + + if (hkey1 == NULL && hkey2 == NULL) + return (ISC_TRUE); + else if (hkey1 == NULL || hkey2 == NULL) + return (ISC_FALSE); + + if (memcmp(hkey1->key, hkey2->key, ISC_SHA224_DIGESTLENGTH) == 0) + return (ISC_TRUE); + else + return (ISC_FALSE); +} + +static isc_result_t +hmacsha224_generate(dst_key_t *key, int pseudorandom_ok) { + isc_buffer_t b; + isc_result_t ret; + int bytes; + unsigned char data[HMAC_LEN]; + + bytes = (key->key_size + 7) / 8; + if (bytes > HMAC_LEN) { + bytes = HMAC_LEN; + key->key_size = HMAC_LEN * 8; + } + + memset(data, 0, HMAC_LEN); + ret = dst__entropy_getdata(data, bytes, ISC_TF(pseudorandom_ok != 0)); + + if (ret != ISC_R_SUCCESS) + return (ret); + + isc_buffer_init(&b, data, bytes); + isc_buffer_add(&b, bytes); + ret = hmacsha224_fromdns(key, &b); + memset(data, 0, ISC_SHA224_DIGESTLENGTH); + + return (ret); +} + +static isc_boolean_t +hmacsha224_isprivate(const dst_key_t *key) { + UNUSED(key); + return (ISC_TRUE); +} + +static void +hmacsha224_destroy(dst_key_t *key) { + HMACSHA224_Key *hkey = key->opaque; + memset(hkey, 0, sizeof(HMACSHA224_Key)); + isc_mem_put(key->mctx, hkey, sizeof(HMACSHA224_Key)); + key->opaque = NULL; +} + +static isc_result_t +hmacsha224_todns(const dst_key_t *key, isc_buffer_t *data) { + HMACSHA224_Key *hkey; + unsigned int bytes; + + REQUIRE(key->opaque != NULL); + + hkey = (HMACSHA224_Key *) key->opaque; + + bytes = (key->key_size + 7) / 8; + if (isc_buffer_availablelength(data) < bytes) + return (ISC_R_NOSPACE); + isc_buffer_putmem(data, hkey->key, bytes); + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha224_fromdns(dst_key_t *key, isc_buffer_t *data) { + HMACSHA224_Key *hkey; + int keylen; + isc_region_t r; + isc_sha224_t sha224ctx; + + isc_buffer_remainingregion(data, &r); + if (r.length == 0) + return (ISC_R_SUCCESS); + + hkey = (HMACSHA224_Key *) isc_mem_get(key->mctx, sizeof(HMACSHA224_Key)); + if (hkey == NULL) + return (ISC_R_NOMEMORY); + + memset(hkey->key, 0, sizeof(hkey->key)); + + if (r.length > ISC_SHA224_DIGESTLENGTH) { + isc_sha224_init(&sha224ctx); + isc_sha224_update(&sha224ctx, r.base, r.length); + isc_sha224_final(hkey->key, &sha224ctx); + keylen = ISC_SHA224_DIGESTLENGTH; + } + else { + memcpy(hkey->key, r.base, r.length); + keylen = r.length; + } + + key->key_size = keylen * 8; + key->opaque = hkey; + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha224_tofile(const dst_key_t *key, const char *directory) { + int cnt = 0; + HMACSHA224_Key *hkey; + dst_private_t priv; + int bytes = (key->key_size + 7) / 8; + unsigned char buf[2]; + + if (key->opaque == NULL) + return (DST_R_NULLKEY); + + hkey = (HMACSHA224_Key *) key->opaque; + + priv.elements[cnt].tag = TAG_HMACSHA224_KEY; + priv.elements[cnt].length = bytes; + priv.elements[cnt++].data = hkey->key; + + buf[0] = (key->key_bits >> 8) & 0xffU; + buf[1] = key->key_bits & 0xffU; + priv.elements[cnt].tag = TAG_HMACSHA224_BITS; + priv.elements[cnt].data = buf; + priv.elements[cnt++].length = 2; + + priv.nelements = cnt; + return (dst__privstruct_writefile(key, &priv, directory)); +} + +static isc_result_t +hmacsha224_parse(dst_key_t *key, isc_lex_t *lexer) { + dst_private_t priv; + isc_result_t result, tresult; + isc_buffer_t b; + isc_mem_t *mctx = key->mctx; + unsigned int i; + + /* read private key file */ + result = dst__privstruct_parse(key, DST_ALG_HMACSHA224, lexer, mctx, + &priv); + if (result != ISC_R_SUCCESS) + return (result); + + key->key_bits = 0; + for (i = 0; i < priv.nelements; i++) { + switch (priv.elements[i].tag) { + case TAG_HMACSHA224_KEY: + isc_buffer_init(&b, priv.elements[i].data, + priv.elements[i].length); + isc_buffer_add(&b, priv.elements[i].length); + tresult = hmacsha224_fromdns(key, &b); + if (tresult != ISC_R_SUCCESS) + result = tresult; + break; + case TAG_HMACSHA224_BITS: + tresult = getkeybits(key, &priv.elements[i]); + if (tresult != ISC_R_SUCCESS) + result = tresult; + break; + default: + result = DST_R_INVALIDPRIVATEKEY; + break; + } + } + dst__privstruct_free(&priv, mctx); + memset(&priv, 0, sizeof(priv)); + return (result); +} + +static dst_func_t hmacsha224_functions = { + hmacsha224_createctx, + hmacsha224_destroyctx, + hmacsha224_adddata, + hmacsha224_sign, + hmacsha224_verify, + NULL, /* computesecret */ + hmacsha224_compare, + NULL, /* paramcompare */ + hmacsha224_generate, + hmacsha224_isprivate, + hmacsha224_destroy, + hmacsha224_todns, + hmacsha224_fromdns, + hmacsha224_tofile, + hmacsha224_parse, + NULL, /* cleanup */ +}; + +isc_result_t +dst__hmacsha224_init(dst_func_t **funcp) { + REQUIRE(funcp != NULL); + if (*funcp == NULL) + *funcp = &hmacsha224_functions; + return (ISC_R_SUCCESS); +} + +static isc_result_t hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data); + +typedef struct { + unsigned char key[ISC_SHA256_DIGESTLENGTH]; +} HMACSHA256_Key; + +static isc_result_t +hmacsha256_createctx(dst_key_t *key, dst_context_t *dctx) { + isc_hmacsha256_t *hmacsha256ctx; + HMACSHA256_Key *hkey = key->opaque; + + hmacsha256ctx = isc_mem_get(dctx->mctx, sizeof(isc_hmacsha256_t)); + if (hmacsha256ctx == NULL) + return (ISC_R_NOMEMORY); + isc_hmacsha256_init(hmacsha256ctx, hkey->key, ISC_SHA256_DIGESTLENGTH); + dctx->opaque = hmacsha256ctx; + return (ISC_R_SUCCESS); +} + +static void +hmacsha256_destroyctx(dst_context_t *dctx) { + isc_hmacsha256_t *hmacsha256ctx = dctx->opaque; + + if (hmacsha256ctx != NULL) { + isc_hmacsha256_invalidate(hmacsha256ctx); + isc_mem_put(dctx->mctx, hmacsha256ctx, sizeof(isc_hmacsha256_t)); + dctx->opaque = NULL; + } +} + +static isc_result_t +hmacsha256_adddata(dst_context_t *dctx, const isc_region_t *data) { + isc_hmacsha256_t *hmacsha256ctx = dctx->opaque; + + isc_hmacsha256_update(hmacsha256ctx, data->base, data->length); + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha256_sign(dst_context_t *dctx, isc_buffer_t *sig) { + isc_hmacsha256_t *hmacsha256ctx = dctx->opaque; + unsigned char *digest; + + if (isc_buffer_availablelength(sig) < ISC_SHA256_DIGESTLENGTH) + return (ISC_R_NOSPACE); + digest = isc_buffer_used(sig); + isc_hmacsha256_sign(hmacsha256ctx, digest, ISC_SHA256_DIGESTLENGTH); + isc_buffer_add(sig, ISC_SHA256_DIGESTLENGTH); + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha256_verify(dst_context_t *dctx, const isc_region_t *sig) { + isc_hmacsha256_t *hmacsha256ctx = dctx->opaque; + + if (sig->length > ISC_SHA256_DIGESTLENGTH || sig->length == 0) + return (DST_R_VERIFYFAILURE); + + if (isc_hmacsha256_verify(hmacsha256ctx, sig->base, sig->length)) + return (ISC_R_SUCCESS); + else + return (DST_R_VERIFYFAILURE); +} + +static isc_boolean_t +hmacsha256_compare(const dst_key_t *key1, const dst_key_t *key2) { + HMACSHA256_Key *hkey1, *hkey2; + + hkey1 = (HMACSHA256_Key *)key1->opaque; + hkey2 = (HMACSHA256_Key *)key2->opaque; + + if (hkey1 == NULL && hkey2 == NULL) + return (ISC_TRUE); + else if (hkey1 == NULL || hkey2 == NULL) + return (ISC_FALSE); + + if (memcmp(hkey1->key, hkey2->key, ISC_SHA256_DIGESTLENGTH) == 0) + return (ISC_TRUE); + else + return (ISC_FALSE); +} + +static isc_result_t +hmacsha256_generate(dst_key_t *key, int pseudorandom_ok) { + isc_buffer_t b; + isc_result_t ret; + int bytes; + unsigned char data[HMAC_LEN]; + + bytes = (key->key_size + 7) / 8; + if (bytes > HMAC_LEN) { + bytes = HMAC_LEN; + key->key_size = HMAC_LEN * 8; + } + + memset(data, 0, HMAC_LEN); + ret = dst__entropy_getdata(data, bytes, ISC_TF(pseudorandom_ok != 0)); + + if (ret != ISC_R_SUCCESS) + return (ret); + + isc_buffer_init(&b, data, bytes); + isc_buffer_add(&b, bytes); + ret = hmacsha256_fromdns(key, &b); + memset(data, 0, ISC_SHA256_DIGESTLENGTH); + + return (ret); +} + +static isc_boolean_t +hmacsha256_isprivate(const dst_key_t *key) { + UNUSED(key); + return (ISC_TRUE); +} + +static void +hmacsha256_destroy(dst_key_t *key) { + HMACSHA256_Key *hkey = key->opaque; + memset(hkey, 0, sizeof(HMACSHA256_Key)); + isc_mem_put(key->mctx, hkey, sizeof(HMACSHA256_Key)); + key->opaque = NULL; +} + +static isc_result_t +hmacsha256_todns(const dst_key_t *key, isc_buffer_t *data) { + HMACSHA256_Key *hkey; + unsigned int bytes; + + REQUIRE(key->opaque != NULL); + + hkey = (HMACSHA256_Key *) key->opaque; + + bytes = (key->key_size + 7) / 8; + if (isc_buffer_availablelength(data) < bytes) + return (ISC_R_NOSPACE); + isc_buffer_putmem(data, hkey->key, bytes); + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha256_fromdns(dst_key_t *key, isc_buffer_t *data) { + HMACSHA256_Key *hkey; + int keylen; + isc_region_t r; + isc_sha256_t sha256ctx; + + isc_buffer_remainingregion(data, &r); + if (r.length == 0) + return (ISC_R_SUCCESS); + + hkey = (HMACSHA256_Key *) isc_mem_get(key->mctx, sizeof(HMACSHA256_Key)); + if (hkey == NULL) + return (ISC_R_NOMEMORY); + + memset(hkey->key, 0, sizeof(hkey->key)); + + if (r.length > ISC_SHA256_DIGESTLENGTH) { + isc_sha256_init(&sha256ctx); + isc_sha256_update(&sha256ctx, r.base, r.length); + isc_sha256_final(hkey->key, &sha256ctx); + keylen = ISC_SHA256_DIGESTLENGTH; + } + else { + memcpy(hkey->key, r.base, r.length); + keylen = r.length; + } + + key->key_size = keylen * 8; + key->opaque = hkey; + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha256_tofile(const dst_key_t *key, const char *directory) { + int cnt = 0; + HMACSHA256_Key *hkey; + dst_private_t priv; + int bytes = (key->key_size + 7) / 8; + unsigned char buf[2]; + + if (key->opaque == NULL) + return (DST_R_NULLKEY); + + hkey = (HMACSHA256_Key *) key->opaque; + + priv.elements[cnt].tag = TAG_HMACSHA256_KEY; + priv.elements[cnt].length = bytes; + priv.elements[cnt++].data = hkey->key; + + buf[0] = (key->key_bits >> 8) & 0xffU; + buf[1] = key->key_bits & 0xffU; + priv.elements[cnt].tag = TAG_HMACSHA256_BITS; + priv.elements[cnt].data = buf; + priv.elements[cnt++].length = 2; + + priv.nelements = cnt; + return (dst__privstruct_writefile(key, &priv, directory)); +} + +static isc_result_t +hmacsha256_parse(dst_key_t *key, isc_lex_t *lexer) { + dst_private_t priv; + isc_result_t result, tresult; + isc_buffer_t b; + isc_mem_t *mctx = key->mctx; + unsigned int i; + + /* read private key file */ + result = dst__privstruct_parse(key, DST_ALG_HMACSHA256, lexer, mctx, + &priv); + if (result != ISC_R_SUCCESS) + return (result); + + key->key_bits = 0; + for (i = 0; i < priv.nelements; i++) { + switch (priv.elements[i].tag) { + case TAG_HMACSHA256_KEY: + isc_buffer_init(&b, priv.elements[i].data, + priv.elements[i].length); + isc_buffer_add(&b, priv.elements[i].length); + tresult = hmacsha256_fromdns(key, &b); + if (tresult != ISC_R_SUCCESS) + result = tresult; + break; + case TAG_HMACSHA256_BITS: + tresult = getkeybits(key, &priv.elements[i]); + if (tresult != ISC_R_SUCCESS) + result = tresult; + break; + default: + result = DST_R_INVALIDPRIVATEKEY; + break; + } + } + dst__privstruct_free(&priv, mctx); + memset(&priv, 0, sizeof(priv)); + return (result); +} + +static dst_func_t hmacsha256_functions = { + hmacsha256_createctx, + hmacsha256_destroyctx, + hmacsha256_adddata, + hmacsha256_sign, + hmacsha256_verify, + NULL, /* computesecret */ + hmacsha256_compare, + NULL, /* paramcompare */ + hmacsha256_generate, + hmacsha256_isprivate, + hmacsha256_destroy, + hmacsha256_todns, + hmacsha256_fromdns, + hmacsha256_tofile, + hmacsha256_parse, + NULL, /* cleanup */ +}; + +isc_result_t +dst__hmacsha256_init(dst_func_t **funcp) { + REQUIRE(funcp != NULL); + if (*funcp == NULL) + *funcp = &hmacsha256_functions; + return (ISC_R_SUCCESS); +} + +static isc_result_t hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data); + +typedef struct { + unsigned char key[ISC_SHA384_DIGESTLENGTH]; +} HMACSHA384_Key; + +static isc_result_t +hmacsha384_createctx(dst_key_t *key, dst_context_t *dctx) { + isc_hmacsha384_t *hmacsha384ctx; + HMACSHA384_Key *hkey = key->opaque; + + hmacsha384ctx = isc_mem_get(dctx->mctx, sizeof(isc_hmacsha384_t)); + if (hmacsha384ctx == NULL) + return (ISC_R_NOMEMORY); + isc_hmacsha384_init(hmacsha384ctx, hkey->key, ISC_SHA384_DIGESTLENGTH); + dctx->opaque = hmacsha384ctx; + return (ISC_R_SUCCESS); +} + +static void +hmacsha384_destroyctx(dst_context_t *dctx) { + isc_hmacsha384_t *hmacsha384ctx = dctx->opaque; + + if (hmacsha384ctx != NULL) { + isc_hmacsha384_invalidate(hmacsha384ctx); + isc_mem_put(dctx->mctx, hmacsha384ctx, sizeof(isc_hmacsha384_t)); + dctx->opaque = NULL; + } +} + +static isc_result_t +hmacsha384_adddata(dst_context_t *dctx, const isc_region_t *data) { + isc_hmacsha384_t *hmacsha384ctx = dctx->opaque; + + isc_hmacsha384_update(hmacsha384ctx, data->base, data->length); + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha384_sign(dst_context_t *dctx, isc_buffer_t *sig) { + isc_hmacsha384_t *hmacsha384ctx = dctx->opaque; + unsigned char *digest; + + if (isc_buffer_availablelength(sig) < ISC_SHA384_DIGESTLENGTH) + return (ISC_R_NOSPACE); + digest = isc_buffer_used(sig); + isc_hmacsha384_sign(hmacsha384ctx, digest, ISC_SHA384_DIGESTLENGTH); + isc_buffer_add(sig, ISC_SHA384_DIGESTLENGTH); + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha384_verify(dst_context_t *dctx, const isc_region_t *sig) { + isc_hmacsha384_t *hmacsha384ctx = dctx->opaque; + + if (sig->length > ISC_SHA384_DIGESTLENGTH || sig->length == 0) + return (DST_R_VERIFYFAILURE); + + if (isc_hmacsha384_verify(hmacsha384ctx, sig->base, sig->length)) + return (ISC_R_SUCCESS); + else + return (DST_R_VERIFYFAILURE); +} + +static isc_boolean_t +hmacsha384_compare(const dst_key_t *key1, const dst_key_t *key2) { + HMACSHA384_Key *hkey1, *hkey2; + + hkey1 = (HMACSHA384_Key *)key1->opaque; + hkey2 = (HMACSHA384_Key *)key2->opaque; + + if (hkey1 == NULL && hkey2 == NULL) + return (ISC_TRUE); + else if (hkey1 == NULL || hkey2 == NULL) + return (ISC_FALSE); + + if (memcmp(hkey1->key, hkey2->key, ISC_SHA384_DIGESTLENGTH) == 0) + return (ISC_TRUE); + else + return (ISC_FALSE); +} + +static isc_result_t +hmacsha384_generate(dst_key_t *key, int pseudorandom_ok) { + isc_buffer_t b; + isc_result_t ret; + int bytes; + unsigned char data[HMAC_LEN]; + + bytes = (key->key_size + 7) / 8; + if (bytes > HMAC_LEN) { + bytes = HMAC_LEN; + key->key_size = HMAC_LEN * 8; + } + + memset(data, 0, HMAC_LEN); + ret = dst__entropy_getdata(data, bytes, ISC_TF(pseudorandom_ok != 0)); + + if (ret != ISC_R_SUCCESS) + return (ret); + + isc_buffer_init(&b, data, bytes); + isc_buffer_add(&b, bytes); + ret = hmacsha384_fromdns(key, &b); + memset(data, 0, ISC_SHA384_DIGESTLENGTH); + + return (ret); +} + +static isc_boolean_t +hmacsha384_isprivate(const dst_key_t *key) { + UNUSED(key); + return (ISC_TRUE); +} + +static void +hmacsha384_destroy(dst_key_t *key) { + HMACSHA384_Key *hkey = key->opaque; + memset(hkey, 0, sizeof(HMACSHA384_Key)); + isc_mem_put(key->mctx, hkey, sizeof(HMACSHA384_Key)); + key->opaque = NULL; +} + +static isc_result_t +hmacsha384_todns(const dst_key_t *key, isc_buffer_t *data) { + HMACSHA384_Key *hkey; + unsigned int bytes; + + REQUIRE(key->opaque != NULL); + + hkey = (HMACSHA384_Key *) key->opaque; + + bytes = (key->key_size + 7) / 8; + if (isc_buffer_availablelength(data) < bytes) + return (ISC_R_NOSPACE); + isc_buffer_putmem(data, hkey->key, bytes); + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha384_fromdns(dst_key_t *key, isc_buffer_t *data) { + HMACSHA384_Key *hkey; + int keylen; + isc_region_t r; + isc_sha384_t sha384ctx; + + isc_buffer_remainingregion(data, &r); + if (r.length == 0) + return (ISC_R_SUCCESS); + + hkey = (HMACSHA384_Key *) isc_mem_get(key->mctx, sizeof(HMACSHA384_Key)); + if (hkey == NULL) + return (ISC_R_NOMEMORY); + + memset(hkey->key, 0, sizeof(hkey->key)); + + if (r.length > ISC_SHA384_DIGESTLENGTH) { + isc_sha384_init(&sha384ctx); + isc_sha384_update(&sha384ctx, r.base, r.length); + isc_sha384_final(hkey->key, &sha384ctx); + keylen = ISC_SHA384_DIGESTLENGTH; + } + else { + memcpy(hkey->key, r.base, r.length); + keylen = r.length; + } + + key->key_size = keylen * 8; + key->opaque = hkey; + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha384_tofile(const dst_key_t *key, const char *directory) { + int cnt = 0; + HMACSHA384_Key *hkey; + dst_private_t priv; + int bytes = (key->key_size + 7) / 8; + unsigned char buf[2]; + + if (key->opaque == NULL) + return (DST_R_NULLKEY); + + hkey = (HMACSHA384_Key *) key->opaque; + + priv.elements[cnt].tag = TAG_HMACSHA384_KEY; + priv.elements[cnt].length = bytes; + priv.elements[cnt++].data = hkey->key; + + buf[0] = (key->key_bits >> 8) & 0xffU; + buf[1] = key->key_bits & 0xffU; + priv.elements[cnt].tag = TAG_HMACSHA384_BITS; + priv.elements[cnt].data = buf; + priv.elements[cnt++].length = 2; + + priv.nelements = cnt; + return (dst__privstruct_writefile(key, &priv, directory)); +} + +static isc_result_t +hmacsha384_parse(dst_key_t *key, isc_lex_t *lexer) { + dst_private_t priv; + isc_result_t result, tresult; + isc_buffer_t b; + isc_mem_t *mctx = key->mctx; + unsigned int i; + + /* read private key file */ + result = dst__privstruct_parse(key, DST_ALG_HMACSHA384, lexer, mctx, + &priv); + if (result != ISC_R_SUCCESS) + return (result); + + key->key_bits = 0; + for (i = 0; i < priv.nelements; i++) { + switch (priv.elements[i].tag) { + case TAG_HMACSHA384_KEY: + isc_buffer_init(&b, priv.elements[i].data, + priv.elements[i].length); + isc_buffer_add(&b, priv.elements[i].length); + tresult = hmacsha384_fromdns(key, &b); + if (tresult != ISC_R_SUCCESS) + result = tresult; + break; + case TAG_HMACSHA384_BITS: + tresult = getkeybits(key, &priv.elements[i]); + if (tresult != ISC_R_SUCCESS) + result = tresult; + break; + default: + result = DST_R_INVALIDPRIVATEKEY; + break; + } + } + dst__privstruct_free(&priv, mctx); + memset(&priv, 0, sizeof(priv)); + return (result); +} + +static dst_func_t hmacsha384_functions = { + hmacsha384_createctx, + hmacsha384_destroyctx, + hmacsha384_adddata, + hmacsha384_sign, + hmacsha384_verify, + NULL, /* computesecret */ + hmacsha384_compare, + NULL, /* paramcompare */ + hmacsha384_generate, + hmacsha384_isprivate, + hmacsha384_destroy, + hmacsha384_todns, + hmacsha384_fromdns, + hmacsha384_tofile, + hmacsha384_parse, + NULL, /* cleanup */ +}; + +isc_result_t +dst__hmacsha384_init(dst_func_t **funcp) { + REQUIRE(funcp != NULL); + if (*funcp == NULL) + *funcp = &hmacsha384_functions; + return (ISC_R_SUCCESS); +} + +static isc_result_t hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data); + +typedef struct { + unsigned char key[ISC_SHA512_DIGESTLENGTH]; +} HMACSHA512_Key; + +static isc_result_t +hmacsha512_createctx(dst_key_t *key, dst_context_t *dctx) { + isc_hmacsha512_t *hmacsha512ctx; + HMACSHA512_Key *hkey = key->opaque; + + hmacsha512ctx = isc_mem_get(dctx->mctx, sizeof(isc_hmacsha512_t)); + if (hmacsha512ctx == NULL) + return (ISC_R_NOMEMORY); + isc_hmacsha512_init(hmacsha512ctx, hkey->key, ISC_SHA512_DIGESTLENGTH); + dctx->opaque = hmacsha512ctx; + return (ISC_R_SUCCESS); +} + +static void +hmacsha512_destroyctx(dst_context_t *dctx) { + isc_hmacsha512_t *hmacsha512ctx = dctx->opaque; + + if (hmacsha512ctx != NULL) { + isc_hmacsha512_invalidate(hmacsha512ctx); + isc_mem_put(dctx->mctx, hmacsha512ctx, sizeof(isc_hmacsha512_t)); + dctx->opaque = NULL; + } +} + +static isc_result_t +hmacsha512_adddata(dst_context_t *dctx, const isc_region_t *data) { + isc_hmacsha512_t *hmacsha512ctx = dctx->opaque; + + isc_hmacsha512_update(hmacsha512ctx, data->base, data->length); + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha512_sign(dst_context_t *dctx, isc_buffer_t *sig) { + isc_hmacsha512_t *hmacsha512ctx = dctx->opaque; + unsigned char *digest; + + if (isc_buffer_availablelength(sig) < ISC_SHA512_DIGESTLENGTH) + return (ISC_R_NOSPACE); + digest = isc_buffer_used(sig); + isc_hmacsha512_sign(hmacsha512ctx, digest, ISC_SHA512_DIGESTLENGTH); + isc_buffer_add(sig, ISC_SHA512_DIGESTLENGTH); + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha512_verify(dst_context_t *dctx, const isc_region_t *sig) { + isc_hmacsha512_t *hmacsha512ctx = dctx->opaque; + + if (sig->length > ISC_SHA512_DIGESTLENGTH || sig->length == 0) + return (DST_R_VERIFYFAILURE); + + if (isc_hmacsha512_verify(hmacsha512ctx, sig->base, sig->length)) + return (ISC_R_SUCCESS); + else + return (DST_R_VERIFYFAILURE); +} + +static isc_boolean_t +hmacsha512_compare(const dst_key_t *key1, const dst_key_t *key2) { + HMACSHA512_Key *hkey1, *hkey2; + + hkey1 = (HMACSHA512_Key *)key1->opaque; + hkey2 = (HMACSHA512_Key *)key2->opaque; + + if (hkey1 == NULL && hkey2 == NULL) + return (ISC_TRUE); + else if (hkey1 == NULL || hkey2 == NULL) + return (ISC_FALSE); + + if (memcmp(hkey1->key, hkey2->key, ISC_SHA512_DIGESTLENGTH) == 0) + return (ISC_TRUE); + else + return (ISC_FALSE); +} + +static isc_result_t +hmacsha512_generate(dst_key_t *key, int pseudorandom_ok) { + isc_buffer_t b; + isc_result_t ret; + int bytes; + unsigned char data[HMAC_LEN]; + + bytes = (key->key_size + 7) / 8; + if (bytes > HMAC_LEN) { + bytes = HMAC_LEN; + key->key_size = HMAC_LEN * 8; + } + + memset(data, 0, HMAC_LEN); + ret = dst__entropy_getdata(data, bytes, ISC_TF(pseudorandom_ok != 0)); + + if (ret != ISC_R_SUCCESS) + return (ret); + + isc_buffer_init(&b, data, bytes); + isc_buffer_add(&b, bytes); + ret = hmacsha512_fromdns(key, &b); + memset(data, 0, ISC_SHA512_DIGESTLENGTH); + + return (ret); +} + +static isc_boolean_t +hmacsha512_isprivate(const dst_key_t *key) { + UNUSED(key); + return (ISC_TRUE); +} + +static void +hmacsha512_destroy(dst_key_t *key) { + HMACSHA512_Key *hkey = key->opaque; + memset(hkey, 0, sizeof(HMACSHA512_Key)); + isc_mem_put(key->mctx, hkey, sizeof(HMACSHA512_Key)); + key->opaque = NULL; +} + +static isc_result_t +hmacsha512_todns(const dst_key_t *key, isc_buffer_t *data) { + HMACSHA512_Key *hkey; + unsigned int bytes; + + REQUIRE(key->opaque != NULL); + + hkey = (HMACSHA512_Key *) key->opaque; + + bytes = (key->key_size + 7) / 8; + if (isc_buffer_availablelength(data) < bytes) + return (ISC_R_NOSPACE); + isc_buffer_putmem(data, hkey->key, bytes); + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha512_fromdns(dst_key_t *key, isc_buffer_t *data) { + HMACSHA512_Key *hkey; + int keylen; + isc_region_t r; + isc_sha512_t sha512ctx; + + isc_buffer_remainingregion(data, &r); + if (r.length == 0) + return (ISC_R_SUCCESS); + + hkey = (HMACSHA512_Key *) isc_mem_get(key->mctx, sizeof(HMACSHA512_Key)); + if (hkey == NULL) + return (ISC_R_NOMEMORY); + + memset(hkey->key, 0, sizeof(hkey->key)); + + if (r.length > ISC_SHA512_DIGESTLENGTH) { + isc_sha512_init(&sha512ctx); + isc_sha512_update(&sha512ctx, r.base, r.length); + isc_sha512_final(hkey->key, &sha512ctx); + keylen = ISC_SHA512_DIGESTLENGTH; + } + else { + memcpy(hkey->key, r.base, r.length); + keylen = r.length; + } + + key->key_size = keylen * 8; + key->opaque = hkey; + + return (ISC_R_SUCCESS); +} + +static isc_result_t +hmacsha512_tofile(const dst_key_t *key, const char *directory) { + int cnt = 0; + HMACSHA512_Key *hkey; + dst_private_t priv; + int bytes = (key->key_size + 7) / 8; + unsigned char buf[2]; + + if (key->opaque == NULL) + return (DST_R_NULLKEY); + + hkey = (HMACSHA512_Key *) key->opaque; + + priv.elements[cnt].tag = TAG_HMACSHA512_KEY; + priv.elements[cnt].length = bytes; + priv.elements[cnt++].data = hkey->key; + + buf[0] = (key->key_bits >> 8) & 0xffU; + buf[1] = key->key_bits & 0xffU; + priv.elements[cnt].tag = TAG_HMACSHA512_BITS; + priv.elements[cnt].data = buf; + priv.elements[cnt++].length = 2; + + priv.nelements = cnt; + return (dst__privstruct_writefile(key, &priv, directory)); +} + +static isc_result_t +hmacsha512_parse(dst_key_t *key, isc_lex_t *lexer) { + dst_private_t priv; + isc_result_t result, tresult; + isc_buffer_t b; + isc_mem_t *mctx = key->mctx; + unsigned int i; + + /* read private key file */ + result = dst__privstruct_parse(key, DST_ALG_HMACSHA512, lexer, mctx, + &priv); + if (result != ISC_R_SUCCESS) + return (result); + + key->key_bits = 0; + for (i = 0; i < priv.nelements; i++) { + switch (priv.elements[i].tag) { + case TAG_HMACSHA512_KEY: + isc_buffer_init(&b, priv.elements[i].data, + priv.elements[i].length); + isc_buffer_add(&b, priv.elements[i].length); + tresult = hmacsha512_fromdns(key, &b); + if (tresult != ISC_R_SUCCESS) + result = tresult; + break; + case TAG_HMACSHA512_BITS: + tresult = getkeybits(key, &priv.elements[i]); + if (tresult != ISC_R_SUCCESS) + result = tresult; + break; + default: + result = DST_R_INVALIDPRIVATEKEY; + break; + } + } + dst__privstruct_free(&priv, mctx); + memset(&priv, 0, sizeof(priv)); + return (result); +} + +static dst_func_t hmacsha512_functions = { + hmacsha512_createctx, + hmacsha512_destroyctx, + hmacsha512_adddata, + hmacsha512_sign, + hmacsha512_verify, + NULL, /* computesecret */ + hmacsha512_compare, + NULL, /* paramcompare */ + hmacsha512_generate, + hmacsha512_isprivate, + hmacsha512_destroy, + hmacsha512_todns, + hmacsha512_fromdns, + hmacsha512_tofile, + hmacsha512_parse, + NULL, /* cleanup */ +}; + +isc_result_t +dst__hmacsha512_init(dst_func_t **funcp) { + REQUIRE(funcp != NULL); + if (*funcp == NULL) + *funcp = &hmacsha512_functions; + return (ISC_R_SUCCESS); +} + +/*! \file */ diff --git a/usr.sbin/bind/lib/dns/include/Makefile.in b/usr.sbin/bind/lib/dns/include/Makefile.in index 10262d943e4..ae2278a4971 100644 --- a/usr.sbin/bind/lib/dns/include/Makefile.in +++ b/usr.sbin/bind/lib/dns/include/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.11.206.2 2004/12/09 04:07:19 marka Exp $ +# $ISC: Makefile.in,v 1.12.18.1 2004/12/09 04:41:46 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/dns/include/dns/Makefile.in b/usr.sbin/bind/lib/dns/include/dns/Makefile.in index e0f63bf479d..ba1ecbd102a 100644 --- a/usr.sbin/bind/lib/dns/include/dns/Makefile.in +++ b/usr.sbin/bind/lib/dns/include/dns/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.43.2.1.10.6 2004/03/08 09:04:34 marka Exp $ +# $ISC: Makefile.in,v 1.50 2004/03/05 05:09:40 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/dns/include/dns/acache.h b/usr.sbin/bind/lib/dns/include/dns/acache.h new file mode 100644 index 00000000000..9d1c4ac382c --- /dev/null +++ b/usr.sbin/bind/lib/dns/include/dns/acache.h @@ -0,0 +1,445 @@ +/* + * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: acache.h,v 1.3.2.4 2006/05/03 00:07:49 marka Exp $ */ + +#ifndef DNS_ACACHE_H +#define DNS_ACACHE_H 1 + +/***** + ***** Module Info + *****/ + +/* + * Acache + * + * The Additional Cache Object + * + * This module manages internal caching entries that correspond to + * the additional section data of a DNS DB node (an RRset header, more + * accurately). An additional cache entry is expected to be (somehow) + * attached to a particular RR in a particular DB node, and contains a set + * of information of an additional data for the DB node. + * + * An additional cache object is intended to be created as a per-view + * object, and manages all cache entries within the view. + * + * The intended usage of the additional caching is to provide a short cut + * to additional glue RRs of an NS RR. For each NS RR, it is often + * necessary to look for glue RRs to make a proper response. Once the + * glue RRs are known, the additional caching allows the client to + * associate the information to the original NS RR so that further + * expensive lookups can be avoided for the NS RR. + * + * Each additional cache entry contains information to identify a + * particular DB node and (optionally) an associated RRset. The + * information consists of its zone, database, the version of the + * database, database node, and RRset. + * + * A "negative" information can also be cached. For example, if a glue + * RR does not exist as an authoritative data in the same zone as that + * of the NS RR, this fact can be cached by specifying a NULL pointer + * for the database, version, and node. (See the description for + * dns_acache_getentry() below for more details.) + * + * Since each member stored in an additional cache entry holds a reference + * to a corresponding object, a stale cache entry may cause unnecessary + * memory consumption. For instance, when a zone is reloaded, additional + * cache entries that have a reference to the zone (and its DB and/or + * DB nodes) can delay the cleanup of the referred objects. In order to + * minimize such a bad effect, this module provides several cleanup + * mechanisms. + * + * The first one is a shutdown procedure called when the associated view + * is shut down. In this case, dns_acache_shutdown() will be called and + * all cache entries will be purged. This mechanism will help the + * situation when the configuration is reloaded or the main server is + * stopped. + * + * Per-DB cleanup mechanism is also provided. Each additional cache entry + * is associated with related DB, which is expected to have been + * registered when the DB was created by dns_acache_setdb(). If a + * particular DB is going to be destroyed, the primary holder of the DB, + * a typical example of which is a zone, will call dns_acache_putdb(). + * Then this module will clean-up all cache entries associated with the + * DB. This mechanism is effective when a secondary zone DB is going to + * be stale after a zone transfer. + * + * Finally, this module supports for periodic clean-up of stale entries. + * Each cache entry has a timestamp field, which is updated every time + * the entry is referred. A periodically invoked cleaner checks the + * timestamp of each entry, and purge entries that have not been referred + * for a certain period. The cleaner interval can be specified by + * dns_acache_setcleaninginterval(). If the periodic clean-up is not + * enough, it is also possible to specify the upper limit of entries + * in terms of the memory consumption. If the maximum value is + * specified, the cleaner is invoked when the memory consumption reaches + * the high watermark inferred from the maximum value. In this case, + * the cleaner will use more aggressive algorithm to decide the "victim" + * entries. The maximum value can be specified by + * dns_acache_setcachesize(). + * + * When a cache entry is going to be purged within this module, the + * callback function specified at the creation time will be called. + * The callback function is expected to release all internal resources + * related to the entry, which will typically be specific to DB + * implementation, and to call dns_acache_detachentry(). The callback + * mechanism is very important, since the holder of an additional cache + * entry may not be able to initiate the clean-up of the entry, due to + * the reference ordering. For example, as long as an additional cache + * entry has a reference to a DB object, the DB cannot be freed, in which + * a DB node may have a reference to the cache entry. + * + * Credits: + * The basic idea of this kind of short-cut for frequently used + * information is similar to the "pre-compiled answer" approach adopted + * in nsd by NLnet LABS with RIPE NCC. Our work here is an independent + * effort, but the success of nsd encouraged us to pursue this path. + * + * The design and implementation of the periodic memory management and + * the upper limitation of memory consumption was derived from the cache + * DB implementation of BIND9. + * + * MP: + * There are two main locks in this module. One is for each entry, and + * the other is for the additional cache object. + * + * Reliability: + * The callback function for a cache entry is called with holding the + * entry lock. Thus, it implicitly assumes the callback function does not + * call a function that can require the lock. Typically, the only + * function that can be called from the callback function safely is + * dns_acache_detachentry(). The breakage of this implicit assumption + * may cause a deadlock. + * + * Resources: + * In a 32-bit architecture (such as i386), the following additional + * memory is required comparing to the case that disables this module. + * - 76 bytes for each additional cache entry + * - if the entry has a DNS name and associated RRset, + * * 44 bytes + size of the name (1-255 bytes) + * * 52 bytes x number_of_RRs + * - 28 bytes for each DB related to this module + * + * Using the additional cache also requires extra memory consumption in + * the DB implementation. In the current implementation for rbtdb, we + * need: + * - two additional pointers for each DB node (8 bytes for a 32-bit + * architecture + * - for each RR associated to an RR in a DB node, we also need + * a pointer and management objects to support the additional cache + * function. These are allocated on-demand. The total size is + * 32 bytes for a 32-bit architecture. + * + * Security: + * Since this module does not handle any low-level data directly, + * no security issue specific to this module is anticipated. + * + * Standards: + * None. + */ + +/*** + *** Imports + ***/ + +#include <isc/mutex.h> +#include <isc/lang.h> +#include <isc/refcount.h> +#include <isc/stdtime.h> + +#include <dns/types.h> + +/*** + *** Functions + ***/ +ISC_LANG_BEGINDECLS + +isc_result_t +dns_acache_create(dns_acache_t **acachep, isc_mem_t *mctx, + isc_taskmgr_t *taskmgr, isc_timermgr_t *timermgr); +/* + * Create a new DNS additional cache object. + * + * Requires: + * + * 'mctx' is a valid memory context + * + * 'taskmgr' is a valid task manager + * + * 'timermgr' is a valid timer or NULL. If NULL, no periodic cleaning of + * the cache will take place. + * + * 'acachep' is a valid pointer, and *acachep == NULL + * + * Ensures: + * + * '*acachep' is attached to the newly created cache + * + * Returns: + * + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * ISC_R_UNEXPECTED + */ + +void +dns_acache_attach(dns_acache_t *source, dns_acache_t **targetp); +/* + * Attach *targetp to cache. + * + * Requires: + * + * 'acache' is a valid additional cache. + * + * 'targetp' points to a NULL dns_acache_t *. + * + * Ensures: + * + * *targetp is attached to the 'source' additional cache. + */ + +void +dns_acache_detach(dns_acache_t **acachep); +/* + * Detach *acachep from its cache. + * + * Requires: + * + * '*acachep' points to a valid additional cache. + * + * Ensures: + * + * *acachep is NULL. + * + * If '*acachep' is the last reference to the cache and the additional + * cache does not have an outstanding task, all resources used by the + * cache will be freed. + */ + +void +dns_acache_setcleaninginterval(dns_acache_t *acache, unsigned int t); +/* + * Set the periodic cleaning interval of an additional cache to 'interval' + * seconds. + */ + +void +dns_acache_setcachesize(dns_acache_t *acache, isc_uint32_t size); +/* + * Set the maximum additional cache size. 0 means unlimited. + */ + +isc_result_t +dns_acache_setdb(dns_acache_t *acache, dns_db_t *db); +/* + * Set 'db' in 'acache' when the db can be referred from acache, in order + * to provide a hint for resolving the back reference. + * + * Requires: + * 'acache' is a valid acache pointer. + * 'db' is a valid DNS DB pointer. + * + * Ensures: + * 'acache' will have a reference to 'db'. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_EXISTS (which means the specified 'db' is already set) + * ISC_R_NOMEMORY + */ + +isc_result_t +dns_acache_putdb(dns_acache_t *acache, dns_db_t *db); +/* + * Release 'db' from 'acache' if it has been set by dns_acache_setdb(). + * + * Requires: + * 'acache' is a valid acache pointer. + * 'db' is a valid DNS DB pointer. + * + * Ensures: + * 'acache' will release the reference to 'db'. Additionally, the content + * of each cache entry that is related to the 'db' will be released via + * the callback function. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOTFOUND (which means the specified 'db' is not set in 'acache') + * ISC_R_NOMEMORY + */ + +void +dns_acache_shutdown(dns_acache_t *acache); +/* + * Shutdown 'acache'. + * + * Requires: + * + * '*acache' is a valid additional cache. + */ + +isc_result_t +dns_acache_createentry(dns_acache_t *acache, dns_db_t *origdb, + void (*callback)(dns_acacheentry_t *, void **), + void *cbarg, dns_acacheentry_t **entryp); +/* + * Create an additional cache entry. A new entry is created and attached to + * the given additional cache object. A callback function is also associated + * with the created entry, which will be called when the cache entry is purged + * for some reason. + * + * Requires: + * + * 'acache' is a valid additional cache. + * 'entryp' is a valid pointer, and *entryp == NULL + * 'origdb' is a valid DNS DB pointer. + * 'callback' and 'cbarg' can be NULL. In this case, however, the entry + * is meaningless (and will be cleaned-up in the next periodical + * cleaning). + * + * Ensures: + * '*entryp' will point to a new additional cache entry. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +isc_result_t +dns_acache_getentry(dns_acacheentry_t *entry, dns_zone_t **zonep, + dns_db_t **dbp, dns_dbversion_t **versionp, + dns_dbnode_t **nodep, dns_name_t *fname, + dns_message_t *msg, isc_stdtime_t now); +/* + * Get content from a particular additional cache entry. + * + * Requires: + * + * 'entry' is a valid additional cache entry. + * 'zonep' is a NULL pointer or '*zonep' == NULL (this is the only + * optional parameter.) + * 'dbp' is a valid pointer, and '*dbp' == NULL + * 'versionp' is a valid pointer, and '*versionp' == NULL + * 'nodep' is a valid pointer, and '*nodep' == NULL + * 'fname' is a valid DNS name. + * 'msg' is a valid DNS message. + * + * Ensures: + * Several possible cases can happen according to the content. + * 1. For a positive cache entry, + * '*zonep' will point to the corresponding zone (if zonep is a valid + * pointer), + * '*dbp' will point to a DB for the zone, + * '*versionp' will point to its version, and + * '*nodep' will point to the corresponding DB node. + * 'fname' will have the DNS name of the DB node and contain a list of + * rdataset for the node (which can be an empty list). + * + * 2. For a negative cache entry that means no corresponding zone exists, + * '*zonep' == NULL (if zonep is a valid pointer) + * '*dbp', '*versionp', and '*nodep' will be NULL. + * + * 3. For a negative cache entry that means no corresponding DB node + * exists, '*zonep' will point to the corresponding zone (if zonep is a + * valid pointer), + * '*dbp' will point to a corresponding DB for zone, + * '*versionp' will point to its version. + * '*nodep' will be kept as NULL. + * 'fname' will not change. + * + * On failure, no new references will be created. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + */ + +isc_result_t +dns_acache_setentry(dns_acache_t *acache, dns_acacheentry_t *entry, + dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version, + dns_dbnode_t *node, dns_name_t *fname); +/* + * Set content to a particular additional cache entry. + * + * Requires: + * 'acache' is a valid additional cache. + * 'entry' is a valid additional cache entry. + * All the others pointers are NULL or a valid pointer of the + * corresponding type. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_NOMEMORY + * ISC_R_NOTFOUND + */ + +void +dns_acache_cancelentry(dns_acacheentry_t *entry); +/* + * Cancel the use of the cache entry 'entry'. This function is supposed to + * be called when the node that holds the entry finds the content is not + * correct any more. This function will try to release as much dependency as + * possible, and will be ready to be cleaned-up. The registered callback + * function will be canceled and will never called. + * + * Requires: + * 'entry' is a valid additional cache entry. + */ + +void +dns_acache_attachentry(dns_acacheentry_t *source, dns_acacheentry_t **targetp); +/* + * Attach *targetp to the cache entry 'source'. + * + * Requires: + * + * 'source' is a valid additional cache entry. + * + * 'targetp' points to a NULL dns_acacheentry_t *. + * + * Ensures: + * + * *targetp is attached to 'source'. + */ + +void +dns_acache_detachentry(dns_acacheentry_t **entryp); +/* + * Detach *entryp from its cache. + * + * Requires: + * + * '*entryp' points to a valid additional cache entry. + * + * Ensures: + * + * *entryp is NULL. + * + * If '*entryp' is the last reference to the entry, + * cache does not have an outstanding task, all resources used by the + * entry (including the entry object itself) will be freed. + */ + +void +dns_acache_countquerymiss(dns_acache_t *acache); +/* + * Count up a missed acache query. XXXMLG need more docs. + */ + +ISC_LANG_ENDDECLS + +#endif /* DNS_ACACHE_H */ diff --git a/usr.sbin/bind/lib/dns/include/dns/acl.h b/usr.sbin/bind/lib/dns/include/dns/acl.h index 264182c98ff..7aea55f11f7 100644 --- a/usr.sbin/bind/lib/dns/include/dns/acl.h +++ b/usr.sbin/bind/lib/dns/include/dns/acl.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: acl.h,v 1.20.52.5 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: acl.h,v 1.22.18.4 2006/03/02 00:37:21 marka Exp $ */ #ifndef DNS_ACL_H #define DNS_ACL_H 1 @@ -24,7 +24,8 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * Address match list handling. */ @@ -75,10 +76,10 @@ struct dns_acl { isc_mem_t *mctx; isc_refcount_t refcount; dns_aclelement_t *elements; - unsigned int alloc; /* Elements allocated */ - unsigned int length; /* Elements initialized */ - char *name; /* Temporary use only */ - ISC_LINK(dns_acl_t) nextincache; /* Ditto */ + unsigned int alloc; /*%< Elements allocated */ + unsigned int length; /*%< Elements initialized */ + char *name; /*%< Temporary use only */ + ISC_LINK(dns_acl_t) nextincache; /*%< Ditto */ }; struct dns_aclenv { @@ -98,26 +99,26 @@ ISC_LANG_BEGINDECLS isc_result_t dns_acl_create(isc_mem_t *mctx, int n, dns_acl_t **target); -/* +/*%< * Create a new ACL with room for 'n' elements. * The elements are uninitialized and the length is 0. */ isc_result_t dns_acl_appendelement(dns_acl_t *acl, const dns_aclelement_t *elt); -/* +/*%< * Append an element to an existing ACL. */ isc_result_t dns_acl_any(isc_mem_t *mctx, dns_acl_t **target); -/* +/*%< * Create a new ACL that matches everything. */ isc_result_t dns_acl_none(isc_mem_t *mctx, dns_acl_t **target); -/* +/*%< * Create a new ACL that matches nothing. */ @@ -135,13 +136,13 @@ dns_acl_equal(const dns_acl_t *a, const dns_acl_t *b); isc_boolean_t dns_acl_isinsecure(const dns_acl_t *a); -/* - * Return ISC_TRUE iff the acl 'a' is considered insecure, that is, +/*%< + * Return #ISC_TRUE iff the acl 'a' is considered insecure, that is, * if it contains IP addresses other than those of the local host. * This is intended for applications such as printing warning * messages for suspect ACLs; it is not intended for making access * control decisions. We make no guarantee that an ACL for which - * this function returns ISC_FALSE is safe. + * this function returns #ISC_FALSE is safe. */ isc_result_t @@ -160,7 +161,7 @@ dns_acl_match(const isc_netaddr_t *reqaddr, const dns_aclenv_t *env, int *match, const dns_aclelement_t **matchelt); -/* +/*%< * General, low-level ACL matching. This is expected to * be useful even for weird stuff like the topology and sortlist statements. * @@ -181,7 +182,7 @@ dns_acl_match(const isc_netaddr_t *reqaddr, * If there is no match, *match will be set to zero. * * Returns: - * ISC_R_SUCCESS Always succeeds. + *\li #ISC_R_SUCCESS Always succeeds. */ isc_boolean_t @@ -190,7 +191,7 @@ dns_aclelement_match(const isc_netaddr_t *reqaddr, const dns_aclelement_t *e, const dns_aclenv_t *env, const dns_aclelement_t **matchelt); -/* +/*%< * Like dns_acl_match, but matches against the single ACL element 'e' * rather than a complete list and returns ISC_TRUE iff it matched. * To determine whether the match was prositive or negative, the @@ -203,7 +204,7 @@ isc_result_t dns_acl_elementmatch(const dns_acl_t *acl, const dns_aclelement_t *elt, const dns_aclelement_t **matchelt); -/* +/*%< * Search for an ACL element in 'acl' which is exactly the same as 'elt'. * If there is one, and 'matchelt' is non NULL, then '*matchelt' will point * to the entry. @@ -212,8 +213,8 @@ dns_acl_elementmatch(const dns_acl_t *acl, * before adding an entry. * * Returns: - * ISC_R_SUCCESS Match succeeds. - * ISC_R_NOTFOUND Match fails. + *\li #ISC_R_SUCCESS Match succeeds. + *\li #ISC_R_NOTFOUND Match fails. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/bit.h b/usr.sbin/bind/lib/dns/include/dns/bit.h index b7e2601d42b..d1d15c1cd31 100644 --- a/usr.sbin/bind/lib/dns/include/dns/bit.h +++ b/usr.sbin/bind/lib/dns/include/dns/bit.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: bit.h,v 1.7.206.1 2004/03/06 08:13:51 marka Exp $ */ +/* $ISC: bit.h,v 1.8.18.2 2005/04/29 00:16:09 marka Exp $ */ #ifndef DNS_BIT_H #define DNS_BIT_H 1 +/*! \file */ + #include <isc/int.h> #include <isc/boolean.h> diff --git a/usr.sbin/bind/lib/dns/include/dns/cache.h b/usr.sbin/bind/lib/dns/include/dns/cache.h index 23f0b09fec7..79bd67a4aea 100644 --- a/usr.sbin/bind/lib/dns/include/dns/cache.h +++ b/usr.sbin/bind/lib/dns/include/dns/cache.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: cache.h,v 1.17.12.5 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: cache.h,v 1.19.18.3 2005/08/23 02:31:38 marka Exp $ */ #ifndef DNS_CACHE_H #define DNS_CACHE_H 1 @@ -24,18 +24,17 @@ ***** Module Info *****/ -/* - * cache - * +/*! \file + * \brief * Defines dns_cache_t, the cache object. * * Notes: - * A cache object contains DNS data of a single class. + *\li A cache object contains DNS data of a single class. * Multiple classes will be handled by creating multiple * views, each with a different class and its own cache. * * MP: - * See notes at the individual functions. + *\li See notes at the individual functions. * * Reliability: * @@ -66,71 +65,70 @@ dns_cache_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr, isc_timermgr_t *timermgr, dns_rdataclass_t rdclass, const char *db_type, unsigned int db_argc, char **db_argv, dns_cache_t **cachep); -/* +/*%< * Create a new DNS cache. * * Requires: * - * 'mctx' is a valid memory context + *\li 'mctx' is a valid memory context * - * 'taskmgr' is a valid task manager and 'timermgr' is a valid timer + *\li 'taskmgr' is a valid task manager and 'timermgr' is a valid timer * manager, or both are NULL. If NULL, no periodic cleaning of the * cache will take place. * - * 'cachep' is a valid pointer, and *cachep == NULL + *\li 'cachep' is a valid pointer, and *cachep == NULL * * Ensures: * - * '*cachep' is attached to the newly created cache + *\li '*cachep' is attached to the newly created cache * * Returns: * - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY */ void dns_cache_attach(dns_cache_t *cache, dns_cache_t **targetp); -/* +/*%< * Attach *targetp to cache. * * Requires: * - * 'cache' is a valid cache. + *\li 'cache' is a valid cache. * - * 'targetp' points to a NULL dns_cache_t *. + *\li 'targetp' points to a NULL dns_cache_t *. * * Ensures: * - * *targetp is attached to cache. + *\li *targetp is attached to cache. */ void dns_cache_detach(dns_cache_t **cachep); -/* +/*%< * Detach *cachep from its cache. * * Requires: * - * 'cachep' points to a valid cache. + *\li 'cachep' points to a valid cache. * * Ensures: * - * *cachep is NULL. - * - * If '*cachep' is the last reference to the cache, + *\li *cachep is NULL. * - * All resources used by the cache will be freed + *\li If '*cachep' is the last reference to the cache, + * all resources used by the cache will be freed */ void dns_cache_attachdb(dns_cache_t *cache, dns_db_t **dbp); -/* +/*%< * Attach *dbp to the cache's database. * * Notes: * - * This may be used to get a reference to the database for + *\li This may be used to get a reference to the database for * the purpose of cache lookups (XXX currently it is also * the way to add data to the cache, but having a * separate dns_cache_add() interface instead would allow @@ -140,39 +138,39 @@ dns_cache_attachdb(dns_cache_t *cache, dns_db_t **dbp); * * Requires: * - * 'cache' is a valid cache. + *\li 'cache' is a valid cache. * - * 'dbp' points to a NULL dns_db *. + *\li 'dbp' points to a NULL dns_db *. * * Ensures: * - * *dbp is attached to the database. + *\li *dbp is attached to the database. */ isc_result_t -dns_cache_setfilename(dns_cache_t *cahce, const char *filename); -/* +dns_cache_setfilename(dns_cache_t *cache, const char *filename); +/*%< * If 'filename' is non-NULL, make the cache persistent. * The cache's data will be stored in the given file. * If 'filename' is NULL, make the cache non-persistent. * Files that are no longer used are not unlinked automatically. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * Various file-related failures + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li Various file-related failures */ isc_result_t dns_cache_load(dns_cache_t *cache); -/* +/*%< * If the cache has a file name, load the cache contents from the file. * Previous cache contents are not discarded. * If no file name has been set, do nothing and return success. * * MT: - * Multiple simultaneous attempts to load or dump the cache + *\li Multiple simultaneous attempts to load or dump the cache * will be serialized with respect to one another, but * the cache may be read and updated while the dump is * in progress. Updates performed during loading @@ -181,19 +179,19 @@ dns_cache_load(dns_cache_t *cache); * * Returns: * - * ISC_R_SUCCESS - * Various failures depending on the database implementation type + *\li #ISC_R_SUCCESS + * \li Various failures depending on the database implementation type */ isc_result_t dns_cache_dump(dns_cache_t *cache); -/* +/*%< * If the cache has a file name, write the cache contents to disk, * overwriting any preexisting file. If no file name has been set, * do nothing and return success. * * MT: - * Multiple simultaneous attempts to load or dump the cache + *\li Multiple simultaneous attempts to load or dump the cache * will be serialized with respect to one another, but * the cache may be read and updated while the dump is * in progress. Updates performed during the dump may @@ -201,13 +199,13 @@ dns_cache_dump(dns_cache_t *cache); * * Returns: * - * ISC_R_SUCCESS - * Various failures depending on the database implementation type + *\li #ISC_R_SUCCESS + * \li Various failures depending on the database implementation type */ isc_result_t dns_cache_clean(dns_cache_t *cache, isc_stdtime_t now); -/* +/*%< * Force immediate cleaning of the cache, freeing all rdatasets * whose TTL has expired as of 'now' and that have no pending * references. @@ -215,24 +213,24 @@ dns_cache_clean(dns_cache_t *cache, isc_stdtime_t now); void dns_cache_setcleaninginterval(dns_cache_t *cache, unsigned int interval); -/* +/*%< * Set the periodic cache cleaning interval to 'interval' seconds. */ void dns_cache_setcachesize(dns_cache_t *cache, isc_uint32_t size); -/* +/*%< * Set the maximum cache size. 0 means unlimited. */ isc_result_t dns_cache_flush(dns_cache_t *cache); -/* +/*%< * Flushes all data from the cache. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY */ isc_result_t @@ -241,13 +239,13 @@ dns_cache_flushname(dns_cache_t *cache, dns_name_t *name); * Flushes a given name from the cache. * * Requires: - * 'cache' to be valid. - * 'name' to be valid. + *\li 'cache' to be valid. + *\li 'name' to be valid. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * other error returns. + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li other error returns. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/callbacks.h b/usr.sbin/bind/lib/dns/include/dns/callbacks.h index adc41510cbd..f3216defd20 100644 --- a/usr.sbin/bind/lib/dns/include/dns/callbacks.h +++ b/usr.sbin/bind/lib/dns/include/dns/callbacks.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: callbacks.h,v 1.15.2.2.8.1 2004/03/06 08:13:51 marka Exp $ */ +/* $ISC: callbacks.h,v 1.18.18.2 2005/04/29 00:16:10 marka Exp $ */ #ifndef DNS_CALLBACKS_H #define DNS_CALLBACKS_H 1 +/*! \file */ + /*** *** Imports ***/ @@ -35,19 +37,19 @@ ISC_LANG_BEGINDECLS ***/ struct dns_rdatacallbacks { - /* + /*% * dns_load_master calls this when it has rdatasets to commit. */ dns_addrdatasetfunc_t add; - /* + /*% * dns_load_master / dns_rdata_fromtext call this to issue a error. */ void (*error)(struct dns_rdatacallbacks *, const char *, ...); - /* + /*% * dns_load_master / dns_rdata_fromtext call this to issue a warning. */ void (*warn)(struct dns_rdatacallbacks *, const char *, ...); - /* + /*% * Private data handles for use by the above callback functions. */ void *add_private; @@ -61,20 +63,22 @@ struct dns_rdatacallbacks { void dns_rdatacallbacks_init(dns_rdatacallbacks_t *callbacks); -/* +/*%< * Initialize 'callbacks'. - * 'error' and 'warn' are set to default callbacks that print the + * + * + * \li 'error' and 'warn' are set to default callbacks that print the * error message through the DNS library log context. * - * All other elements are initialized to NULL. + *\li All other elements are initialized to NULL. * * Requires: - * 'callbacks' is a valid dns_rdatacallbacks_t, + * \li 'callbacks' is a valid dns_rdatacallbacks_t, */ void dns_rdatacallbacks_init_stdio(dns_rdatacallbacks_t *callbacks); -/* +/*%< * Like dns_rdatacallbacks_init, but logs to stdio. */ diff --git a/usr.sbin/bind/lib/dns/include/dns/cert.h b/usr.sbin/bind/lib/dns/include/dns/cert.h index 029f0cfea94..7e3c63f9afe 100644 --- a/usr.sbin/bind/lib/dns/include/dns/cert.h +++ b/usr.sbin/bind/lib/dns/include/dns/cert.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: cert.h,v 1.12.206.1 2004/03/06 08:13:51 marka Exp $ */ +/* $ISC: cert.h,v 1.13.18.2 2005/04/29 00:16:10 marka Exp $ */ #ifndef DNS_CERT_H #define DNS_CERT_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -28,38 +30,38 @@ ISC_LANG_BEGINDECLS isc_result_t dns_cert_fromtext(dns_cert_t *certp, isc_textregion_t *source); -/* +/*%< * Convert the text 'source' refers to into a certificate type. * The text may contain either a mnemonic type name or a decimal type number. * * Requires: - * 'certp' is a valid pointer. + *\li 'certp' is a valid pointer. * - * 'source' is a valid text region. + *\li 'source' is a valid text region. * * Returns: - * ISC_R_SUCCESS on success - * ISC_R_RANGE numeric type is out of range - * DNS_R_UNKNOWN mnemonic type is unknown + *\li #ISC_R_SUCCESS on success + *\li #ISC_R_RANGE numeric type is out of range + *\li #DNS_R_UNKNOWN mnemonic type is unknown */ isc_result_t dns_cert_totext(dns_cert_t cert, isc_buffer_t *target); -/* +/*%< * Put a textual representation of certificate type 'cert' into 'target'. * * Requires: - * 'cert' is a valid cert. + *\li 'cert' is a valid cert. * - * 'target' is a valid text buffer. + *\li 'target' is a valid text buffer. * * Ensures: - * If the result is success: + *\li If the result is success: * The used space in 'target' is updated. * * Returns: - * ISC_R_SUCCESS on success - * ISC_R_NOSPACE target buffer is too small + *\li #ISC_R_SUCCESS on success + *\li #ISC_R_NOSPACE target buffer is too small */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/compress.h b/usr.sbin/bind/lib/dns/include/dns/compress.h index cc9307ed9c8..127d428b2d6 100644 --- a/usr.sbin/bind/lib/dns/include/dns/compress.h +++ b/usr.sbin/bind/lib/dns/include/dns/compress.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: compress.h,v 1.29.2.2.8.3 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: compress.h,v 1.32.18.6 2006/03/02 00:37:21 marka Exp $ */ #ifndef DNS_COMPRESS_H #define DNS_COMPRESS_H 1 @@ -27,11 +27,12 @@ ISC_LANG_BEGINDECLS -#define DNS_COMPRESS_NONE 0x00 /* no compression */ -#define DNS_COMPRESS_GLOBAL14 0x01 /* "normal" compression. */ -#define DNS_COMPRESS_ALL 0x01 /* all compression. */ +#define DNS_COMPRESS_NONE 0x00 /*%< no compression */ +#define DNS_COMPRESS_GLOBAL14 0x01 /*%< "normal" compression. */ +#define DNS_COMPRESS_ALL 0x01 /*%< all compression. */ +#define DNS_COMPRESS_CASESENSITIVE 0x02 /*%< case sensitive compression. */ -/* +/*! \file * Direct manipulation of the structures is strongly discouraged. */ @@ -49,198 +50,218 @@ struct dns_compressnode { }; struct dns_compress { - unsigned int magic; /* Magic number. */ - unsigned int allowed; /* Allowed methods. */ - int edns; /* Edns version or -1. */ - /* Global compression table. */ + unsigned int magic; /*%< Magic number. */ + unsigned int allowed; /*%< Allowed methods. */ + int edns; /*%< Edns version or -1. */ + /*% Global compression table. */ dns_compressnode_t *table[DNS_COMPRESS_TABLESIZE]; - /* Preallocated nodes for the table. */ + /*% Preallocated nodes for the table. */ dns_compressnode_t initialnodes[DNS_COMPRESS_INITIALNODES]; - isc_uint16_t count; /* Number of nodes. */ - isc_mem_t *mctx; /* Memory context. */ + isc_uint16_t count; /*%< Number of nodes. */ + isc_mem_t *mctx; /*%< Memory context. */ }; typedef enum { - DNS_DECOMPRESS_ANY, /* Any compression */ - DNS_DECOMPRESS_STRICT, /* Allowed compression */ - DNS_DECOMPRESS_NONE /* No compression */ + DNS_DECOMPRESS_ANY, /*%< Any compression */ + DNS_DECOMPRESS_STRICT, /*%< Allowed compression */ + DNS_DECOMPRESS_NONE /*%< No compression */ } dns_decompresstype_t; struct dns_decompress { - unsigned int magic; /* Magic number. */ - unsigned int allowed; /* Allowed methods. */ - int edns; /* Edns version or -1. */ - dns_decompresstype_t type; /* Strict checking */ + unsigned int magic; /*%< Magic number. */ + unsigned int allowed; /*%< Allowed methods. */ + int edns; /*%< Edns version or -1. */ + dns_decompresstype_t type; /*%< Strict checking */ }; isc_result_t dns_compress_init(dns_compress_t *cctx, int edns, isc_mem_t *mctx); -/* +/*%< * Inialise the compression context structure pointed to by 'cctx'. * * Requires: - * 'cctx' is a valid dns_compress_t structure. - * 'mctx' is an initialized memory context. + * \li 'cctx' is a valid dns_compress_t structure. + * \li 'mctx' is an initialized memory context. * Ensures: - * cctx->global is initialized. + * \li cctx->global is initialized. * * Returns: - * ISC_R_SUCCESS - * failures from dns_rbt_create() + * \li #ISC_R_SUCCESS + * \li failures from dns_rbt_create() */ void dns_compress_invalidate(dns_compress_t *cctx); -/* +/*%< * Invalidate the compression structure pointed to by cctx. * * Requires: - * 'cctx' to be initialized. + *\li 'cctx' to be initialized. */ void dns_compress_setmethods(dns_compress_t *cctx, unsigned int allowed); -/* +/*%< * Sets allowed compression methods. * * Requires: - * 'cctx' to be initialized. + *\li 'cctx' to be initialized. */ unsigned int dns_compress_getmethods(dns_compress_t *cctx); -/* +/*%< * Gets allowed compression methods. * * Requires: - * 'cctx' to be initialized. + *\li 'cctx' to be initialized. * * Returns: - * allowed compression bitmap. + *\li allowed compression bitmap. + */ + +void +dns_compress_setsensitive(dns_compress_t *cctx, isc_boolean_t sensitive); + +/* + * Preserve the case of compressed domain names. + * + * Requires: + * 'cctx' to be initialized. + */ + +isc_boolean_t +dns_compress_getsensitive(dns_compress_t *cctx); +/* + * Return whether case is to be preservered when compressing + * domain names. + * + * Requires: + * 'cctx' to be initialized. */ int dns_compress_getedns(dns_compress_t *cctx); -/* +/*%< * Gets edns value. * * Requires: - * 'cctx' to be initialized. + *\li 'cctx' to be initialized. * * Returns: - * -1 .. 255 + *\li -1 .. 255 */ isc_boolean_t dns_compress_findglobal(dns_compress_t *cctx, const dns_name_t *name, dns_name_t *prefix, isc_uint16_t *offset); -/* +/*%< * Finds longest possible match of 'name' in the global compression table. * * Requires: - * 'cctx' to be initialized. - * 'name' to be a absolute name. - * 'prefix' to be initialized. - * 'offset' to point to an isc_uint16_t. + *\li 'cctx' to be initialized. + *\li 'name' to be a absolute name. + *\li 'prefix' to be initialized. + *\li 'offset' to point to an isc_uint16_t. * * Ensures: - * 'prefix' and 'offset' are valid if ISC_TRUE is returned. + *\li 'prefix' and 'offset' are valid if ISC_TRUE is returned. * * Returns: - * ISC_TRUE / ISC_FALSE + *\li #ISC_TRUE / #ISC_FALSE */ void dns_compress_add(dns_compress_t *cctx, const dns_name_t *name, const dns_name_t *prefix, isc_uint16_t offset); -/* +/*%< * Add compression pointers for 'name' to the compression table, * not replacing existing pointers. * * Requires: - * 'cctx' initialized + *\li 'cctx' initialized * - * 'name' must be initialized and absolute, and must remain + *\li 'name' must be initialized and absolute, and must remain * valid until the message compression is complete. * - * 'prefix' must be a prefix returned by + *\li 'prefix' must be a prefix returned by * dns_compress_findglobal(), or the same as 'name'. */ void dns_compress_rollback(dns_compress_t *cctx, isc_uint16_t offset); -/* +/*%< * Remove any compression pointers from global table >= offset. * * Requires: - * 'cctx' is initialized. + *\li 'cctx' is initialized. */ void dns_decompress_init(dns_decompress_t *dctx, int edns, dns_decompresstype_t type); -/* +/*%< * Initializes 'dctx'. * Records 'edns' and 'type' into the structure. * * Requires: - * 'dctx' to be a valid pointer. + *\li 'dctx' to be a valid pointer. */ void dns_decompress_invalidate(dns_decompress_t *dctx); -/* +/*%< * Invalidates 'dctx'. * * Requires: - * 'dctx' to be initialized + *\li 'dctx' to be initialized */ void dns_decompress_setmethods(dns_decompress_t *dctx, unsigned int allowed); -/* +/*%< * Sets 'dctx->allowed' to 'allowed'. * * Requires: - * 'dctx' to be initialized + *\li 'dctx' to be initialized */ unsigned int dns_decompress_getmethods(dns_decompress_t *dctx); -/* +/*%< * Returns 'dctx->allowed' * * Requires: - * 'dctx' to be initialized + *\li 'dctx' to be initialized */ int dns_decompress_edns(dns_decompress_t *dctx); -/* +/*%< * Returns 'dctx->edns' * * Requires: - * 'dctx' to be initialized + *\li 'dctx' to be initialized */ dns_decompresstype_t dns_decompress_type(dns_decompress_t *dctx); -/* +/*%< * Returns 'dctx->type' * * Requires: - * 'dctx' to be initialized + *\li 'dctx' to be initialized */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/dbiterator.h b/usr.sbin/bind/lib/dns/include/dns/dbiterator.h index 9c1381a3974..801541d7d30 100644 --- a/usr.sbin/bind/lib/dns/include/dns/dbiterator.h +++ b/usr.sbin/bind/lib/dns/include/dns/dbiterator.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dbiterator.h,v 1.18.206.1 2004/03/06 08:13:54 marka Exp $ */ +/* $ISC: dbiterator.h,v 1.19.18.2 2005/04/29 00:16:11 marka Exp $ */ #ifndef DNS_DBITERATOR_H #define DNS_DBITERATOR_H 1 @@ -24,9 +24,8 @@ ***** Module Info *****/ -/* - * DNS DB Iterator - * +/*! \file + * \brief * The DNS DB Iterator interface allows iteration of all of the nodes in a * database. * @@ -37,25 +36,25 @@ * It is the client's responsibility to call dns_db_detachnode() on all * nodes returned. * - * XXX <more> XXX + * XXX <more> XXX * * MP: - * The iterator itself is not locked. The caller must ensure + *\li The iterator itself is not locked. The caller must ensure * synchronization. * - * The iterator methods ensure appropriate database locking. + *\li The iterator methods ensure appropriate database locking. * * Reliability: - * No anticipated impact. + *\li No anticipated impact. * * Resources: - * <TBS> + *\li TBS * * Security: - * No anticipated impact. + *\li No anticipated impact. * * Standards: - * None. + *\li None. */ /***** @@ -89,7 +88,7 @@ typedef struct dns_dbiteratormethods { #define DNS_DBITERATOR_MAGIC ISC_MAGIC('D','N','S','I') #define DNS_DBITERATOR_VALID(dbi) ISC_MAGIC_VALID(dbi, DNS_DBITERATOR_MAGIC) -/* +/*% * This structure is actually just the common prefix of a DNS db * implementation's version of a dns_dbiterator_t. * @@ -110,136 +109,136 @@ struct dns_dbiterator { void dns_dbiterator_destroy(dns_dbiterator_t **iteratorp); -/* +/*%< * Destroy '*iteratorp'. * * Requires: * - * '*iteratorp' is a valid iterator. + *\li '*iteratorp' is a valid iterator. * * Ensures: * - * All resources used by the iterator are freed. + *\li All resources used by the iterator are freed. * - * *iteratorp == NULL. + *\li *iteratorp == NULL. */ isc_result_t dns_dbiterator_first(dns_dbiterator_t *iterator); -/* +/*%< * Move the node cursor to the first node in the database (if any). * * Requires: - * 'iterator' is a valid iterator. + *\li 'iterator' is a valid iterator. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMORE There are no nodes in the database. + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMORE There are no nodes in the database. * - * Other results are possible, depending on the DB implementation. + *\li Other results are possible, depending on the DB implementation. */ isc_result_t dns_dbiterator_last(dns_dbiterator_t *iterator); -/* +/*%< * Move the node cursor to the last node in the database (if any). * * Requires: - * 'iterator' is a valid iterator. + *\li 'iterator' is a valid iterator. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMORE There are no nodes in the database. + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMORE There are no nodes in the database. * - * Other results are possible, depending on the DB implementation. + *\li Other results are possible, depending on the DB implementation. */ isc_result_t dns_dbiterator_seek(dns_dbiterator_t *iterator, dns_name_t *name); -/* +/*%< * Move the node cursor to the node with name 'name'. * * Requires: - * 'iterator' is a valid iterator. + *\li 'iterator' is a valid iterator. * - * 'name' is a valid name. + *\li 'name' is a valid name. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOTFOUND + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOTFOUND * - * Other results are possible, depending on the DB implementation. + *\li Other results are possible, depending on the DB implementation. */ isc_result_t dns_dbiterator_prev(dns_dbiterator_t *iterator); -/* +/*%< * Move the node cursor to the previous node in the database (if any). * * Requires: - * 'iterator' is a valid iterator. + *\li 'iterator' is a valid iterator. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMORE There are no more nodes in the + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMORE There are no more nodes in the * database. * - * Other results are possible, depending on the DB implementation. + *\li Other results are possible, depending on the DB implementation. */ isc_result_t dns_dbiterator_next(dns_dbiterator_t *iterator); -/* +/*%< * Move the node cursor to the next node in the database (if any). * * Requires: - * 'iterator' is a valid iterator. + *\li 'iterator' is a valid iterator. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMORE There are no more nodes in the + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMORE There are no more nodes in the * database. * - * Other results are possible, depending on the DB implementation. + *\li Other results are possible, depending on the DB implementation. */ isc_result_t dns_dbiterator_current(dns_dbiterator_t *iterator, dns_dbnode_t **nodep, dns_name_t *name); -/* +/*%< * Return the current node. * * Notes: - * If 'name' is not NULL, it will be set to the name of the node. + *\li If 'name' is not NULL, it will be set to the name of the node. * * Requires: - * 'iterator' is a valid iterator. + *\li 'iterator' is a valid iterator. * - * nodep != NULL && *nodep == NULL + *\li nodep != NULL && *nodep == NULL * - * The node cursor of 'iterator' is at a valid location (i.e. the + *\li The node cursor of 'iterator' is at a valid location (i.e. the * result of last call to a cursor movement command was ISC_R_SUCCESS). * - * 'name' is NULL, or is a valid name with a dedicated buffer. + *\li 'name' is NULL, or is a valid name with a dedicated buffer. * * Returns: * - * ISC_R_SUCCESS - * DNS_R_NEWORIGIN If this iterator was created with + *\li #ISC_R_SUCCESS + *\li #DNS_R_NEWORIGIN If this iterator was created with * 'relative_names' set to ISC_TRUE, - * then DNS_R_NEWORIGIN will be returned + * then #DNS_R_NEWORIGIN will be returned * when the origin the names are * relative to changes. This result * can occur only when 'name' is not * NULL. This is also a successful * result. * - * Other results are possible, depending on the DB implementation. + *\li Other results are possible, depending on the DB implementation. */ isc_result_t dns_dbiterator_pause(dns_dbiterator_t *iterator); -/* +/*%< * Pause iteration. * * Calling a cursor movement method or dns_dbiterator_current() may cause @@ -250,47 +249,47 @@ dns_dbiterator_pause(dns_dbiterator_t *iterator); * iterator method in the immediate future. * * Requires: - * 'iterator' is a valid iterator. + *\li 'iterator' is a valid iterator. * * Ensures: - * Any database locks being held for efficiency of iterator access are + *\li Any database locks being held for efficiency of iterator access are * released. * * Returns: - * ISC_R_SUCCESS + *\li #ISC_R_SUCCESS * - * Other results are possible, depending on the DB implementation. + *\li Other results are possible, depending on the DB implementation. */ isc_result_t dns_dbiterator_origin(dns_dbiterator_t *iterator, dns_name_t *name); -/* +/*%< * Return the origin to which returned node names are relative. * * Requires: * - * 'iterator' is a valid relative_names iterator. + *\li 'iterator' is a valid relative_names iterator. * - * 'name' is a valid name with a dedicated buffer. + *\li 'name' is a valid name with a dedicated buffer. * * Returns: * - * ISC_R_SUCCESS - * ISC_R_NOSPACE + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOSPACE * - * Other results are possible, depending on the DB implementation. + *\li Other results are possible, depending on the DB implementation. */ void dns_dbiterator_setcleanmode(dns_dbiterator_t *iterator, isc_boolean_t mode); -/* +/*%< * Indicate that the given iterator is/is not cleaning the DB. * * Notes: - * When 'mode' is ISC_TRUE, + *\li When 'mode' is ISC_TRUE, * * Requires: - * 'iterator' is a valid iterator. + *\li 'iterator' is a valid iterator. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/dbtable.h b/usr.sbin/bind/lib/dns/include/dns/dbtable.h index 04ea0e63f84..865a98fef96 100644 --- a/usr.sbin/bind/lib/dns/include/dns/dbtable.h +++ b/usr.sbin/bind/lib/dns/include/dns/dbtable.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dbtable.h,v 1.16.206.1 2004/03/06 08:13:55 marka Exp $ */ +/* $ISC: dbtable.h,v 1.17.18.2 2005/04/29 00:16:11 marka Exp $ */ #ifndef DNS_DBTABLE_H #define DNS_DBTABLE_H 1 @@ -24,26 +24,27 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * DNS DB Tables * - * XXX <TBS> XXX + * XXX TBS XXX * * MP: - * The module ensures appropriate synchronization of data structures it + *\li The module ensures appropriate synchronization of data structures it * creates and manipulates. * * Reliability: - * No anticipated impact. + *\li No anticipated impact. * * Resources: - * None. + *\li None. * * Security: - * No anticipated impact. + *\li No anticipated impact. * * Standards: - * None. + *\li None. */ #include <isc/lang.h> @@ -57,106 +58,106 @@ ISC_LANG_BEGINDECLS isc_result_t dns_dbtable_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, dns_dbtable_t **dbtablep); -/* +/*%< * Make a new dbtable of class 'rdclass' * * Requires: - * mctx != NULL - * dbtablep != NULL && *dptablep == NULL - * 'rdclass' is a valid class + *\li mctx != NULL + * \li dbtablep != NULL && *dptablep == NULL + *\li 'rdclass' is a valid class * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * ISC_R_UNEXPECTED + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li #ISC_R_UNEXPECTED */ void dns_dbtable_attach(dns_dbtable_t *source, dns_dbtable_t **targetp); -/* +/*%< * Attach '*targetp' to 'source'. * * Requires: * - * 'source' is a valid dbtable. + *\li 'source' is a valid dbtable. * - * 'targetp' points to a NULL dns_dbtable_t *. + *\li 'targetp' points to a NULL dns_dbtable_t *. * * Ensures: * - * *targetp is attached to source. + *\li *targetp is attached to source. */ void dns_dbtable_detach(dns_dbtable_t **dbtablep); -/* +/*%< * Detach *dbtablep from its dbtable. * * Requires: * - * '*dbtablep' points to a valid dbtable. + *\li '*dbtablep' points to a valid dbtable. * * Ensures: * - * *dbtablep is NULL. - * - * If '*dbtablep' is the last reference to the dbtable, + *\li *dbtablep is NULL. * - * All resources used by the dbtable will be freed + *\li If '*dbtablep' is the last reference to the dbtable, + * all resources used by the dbtable will be freed */ isc_result_t dns_dbtable_add(dns_dbtable_t *dbtable, dns_db_t *db); -/* +/*%< * Add 'db' to 'dbtable'. * * Requires: - * 'dbtable' is a valid dbtable. + *\li 'dbtable' is a valid dbtable. * - * 'db' is a valid database with the same class as 'dbtable' + *\li 'db' is a valid database with the same class as 'dbtable' */ void dns_dbtable_remove(dns_dbtable_t *dbtable, dns_db_t *db); -/* +/*%< * Remove 'db' from 'dbtable'. * * Requires: - * 'db' was previously added to 'dbtable'. + *\li 'db' was previously added to 'dbtable'. */ void dns_dbtable_adddefault(dns_dbtable_t *dbtable, dns_db_t *db); -/* +/*%< * Use 'db' as the result of a dns_dbtable_find() if no better match is * available. */ void dns_dbtable_getdefault(dns_dbtable_t *dbtable, dns_db_t **db); -/* +/*%< * Get the 'db' used as the result of a dns_dbtable_find() * if no better match is available. */ void dns_dbtable_removedefault(dns_dbtable_t *dbtable); -/* +/*%< * Remove the default db from 'dbtable'. */ isc_result_t dns_dbtable_find(dns_dbtable_t *dbtable, dns_name_t *name, unsigned int options, dns_db_t **dbp); -/* +/*%< * Find the deepest match to 'name' in the dbtable, and return it * * Notes: - * If the DNS_DBTABLEFIND_NOEXACT option is set, the best partial + *\li If the DNS_DBTABLEFIND_NOEXACT option is set, the best partial * match (if any) to 'name' will be returned. * - * Returns: ISC_R_SUCCESS on success - * <something else> no default and match + * Returns: + * \li #ISC_R_SUCCESS on success + *\li something else: no default and match */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/diff.h b/usr.sbin/bind/lib/dns/include/dns/diff.h index d4dbb8b3a50..3f829595b97 100644 --- a/usr.sbin/bind/lib/dns/include/dns/diff.h +++ b/usr.sbin/bind/lib/dns/include/dns/diff.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: diff.h,v 1.4.12.3 2004/03/08 09:04:35 marka Exp $ */ +/* $ISC: diff.h,v 1.6.18.2 2005/04/29 00:16:12 marka Exp $ */ #ifndef DNS_DIFF_H #define DNS_DIFF_H 1 @@ -24,7 +24,8 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * A diff is a convenience type representing a list of changes to be * made to a database. */ @@ -44,7 +45,7 @@ *** Types ***/ -/* +/*% * A dns_difftuple_t represents a single RR being added or deleted. * The RR type and class are in the 'rdata' member; the class is always * the real one, not a DynDNS meta-class, so that the rdatas can be @@ -61,9 +62,9 @@ */ typedef enum { - DNS_DIFFOP_ADD, /* Add an RR. */ - DNS_DIFFOP_DEL, /* Delete an RR. */ - DNS_DIFFOP_EXISTS /* Assert RR existence. */ + DNS_DIFFOP_ADD, /*%< Add an RR. */ + DNS_DIFFOP_DEL, /*%< Delete an RR. */ + DNS_DIFFOP_EXISTS /*%< Assert RR existence. */ } dns_diffop_t; typedef struct dns_difftuple dns_difftuple_t; @@ -82,7 +83,7 @@ struct dns_difftuple { /* Variable-size name data and rdata follows. */ }; -/* +/*% * A dns_diff_t represents a set of changes being applied to * a zone. Diffs are also used to represent "RRset exists * (value dependent)" prerequisites. @@ -116,106 +117,106 @@ isc_result_t dns_difftuple_create(isc_mem_t *mctx, dns_diffop_t op, dns_name_t *name, dns_ttl_t ttl, dns_rdata_t *rdata, dns_difftuple_t **tp); -/* +/*%< * Create a tuple. Deep copies are made of the name and rdata, so * they need not remain valid after the call. * * Requires: - * *tp != NULL && *tp == NULL. + *\li *tp != NULL && *tp == NULL. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + *\li ISC_R_SUCCESS + * \li ISC_R_NOMEMORY */ void dns_difftuple_free(dns_difftuple_t **tp); -/* +/*%< * Free a tuple. * * Requires: - * **tp is a valid tuple. + * \li **tp is a valid tuple. * * Ensures: - * *tp == NULL - * All memory used by the tuple is freed. + * \li *tp == NULL + * \li All memory used by the tuple is freed. */ isc_result_t dns_difftuple_copy(dns_difftuple_t *orig, dns_difftuple_t **copyp); -/* +/*%< * Copy a tuple. * * Requires: - * 'orig' points to a valid tuple - * copyp != NULL && *copyp == NULL + * \li 'orig' points to a valid tuple + *\li copyp != NULL && *copyp == NULL */ void dns_diff_init(isc_mem_t *mctx, dns_diff_t *diff); -/* +/*%< * Initialize a diff. * * Requires: - * 'diff' points to an uninitialized dns_diff_t - * allocated by the caller. + * \li 'diff' points to an uninitialized dns_diff_t + * \li allocated by the caller. * * Ensures: - * '*diff' is a valid, empty diff. + * \li '*diff' is a valid, empty diff. */ void dns_diff_clear(dns_diff_t *diff); -/* +/*%< * Clear a diff, destroying all its tuples. * * Requires: - * 'diff' points to a valid dns_diff_t. + * \li 'diff' points to a valid dns_diff_t. * * Ensures: - * Any tuples in the diff are destroyed. + * \li Any tuples in the diff are destroyed. * The diff now empty, but it is still valid * and may be reused without calling dns_diff_init * again. The only memory used is that of the * dns_diff_t structure itself. * * Notes: - * Managing the memory of the dns_diff_t structure itself + * \li Managing the memory of the dns_diff_t structure itself * is the caller's responsibility. */ void dns_diff_append(dns_diff_t *diff, dns_difftuple_t **tuple); -/* +/*%< * Append a single tuple to a diff. * - * 'diff' is a valid diff. - * '*tuple' is a valid tuple. + *\li 'diff' is a valid diff. + * \li '*tuple' is a valid tuple. * * Ensures: - * *tuple is NULL. - * The tuple has been freed, or will be freed when the diff is cleared. + *\li *tuple is NULL. + *\li The tuple has been freed, or will be freed when the diff is cleared. */ void dns_diff_appendminimal(dns_diff_t *diff, dns_difftuple_t **tuple); -/* +/*%< * Append 'tuple' to 'diff', removing any duplicate * or conflicting updates as needed to create a minimal diff. * * Requires: - * 'diff' is a minimal diff. + *\li 'diff' is a minimal diff. * * Ensures: - * 'diff' is still a minimal diff. - * *tuple is NULL. - * The tuple has been freed, or will be freed when the diff is cleared. + *\li 'diff' is still a minimal diff. + * \li *tuple is NULL. + * \li The tuple has been freed, or will be freed when the diff is cleared. * */ isc_result_t dns_diff_sort(dns_diff_t *diff, dns_diff_compare_func *compare); -/* +/*%< * Sort 'diff' in-place according to the comparison function 'compare'. */ @@ -223,7 +224,7 @@ isc_result_t dns_diff_apply(dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver); isc_result_t dns_diff_applysilently(dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver); -/* +/*%< * Apply 'diff' to the database 'db'. * * dns_diff_apply() logs warnings about updates with no effect or @@ -234,44 +235,44 @@ dns_diff_applysilently(dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver); * but less efficient. * * Requires: - * *diff is a valid diff (possibly empty), containing - * tuples of type DNS_DIFFOP_ADD and/or - * For DNS_DIFFOP_DEL tuples, the TTL is ignored. + *\li *diff is a valid diff (possibly empty), containing + * tuples of type #DNS_DIFFOP_ADD and/or + * For #DNS_DIFFOP_DEL tuples, the TTL is ignored. * */ isc_result_t dns_diff_load(dns_diff_t *diff, dns_addrdatasetfunc_t addfunc, void *add_private); -/* +/*%< * Like dns_diff_apply, but for use when loading a new database * instead of modifying an existing one. This bypasses the * database transaction mechanisms. * * Requires: - * 'addfunc' is a valid dns_addradatasetfunc_t obtained from + *\li 'addfunc' is a valid dns_addradatasetfunc_t obtained from * dns_db_beginload() * - * 'add_private' points to a corresponding dns_dbload_t * + *\li 'add_private' points to a corresponding dns_dbload_t * * (XXX why is it a void pointer, then?) */ isc_result_t dns_diff_print(dns_diff_t *diff, FILE *file); -/* +/*%< * Print the differences to 'file' or if 'file' is NULL via the * logging system. * * Require: - * 'diff' to be valid. - * 'file' to refer to a open file or NULL. + *\li 'diff' to be valid. + *\li 'file' to refer to a open file or NULL. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * ISC_R_UNEXPECTED - * any error from dns_rdataset_totext() + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li #ISC_R_UNEXPECTED + *\li any error from dns_rdataset_totext() */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/dlz.h b/usr.sbin/bind/lib/dns/include/dns/dlz.h new file mode 100644 index 00000000000..ff574ed6635 --- /dev/null +++ b/usr.sbin/bind/lib/dns/include/dns/dlz.h @@ -0,0 +1,290 @@ +/* + * Portions Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * Copyright (C) 2002 Stichting NLnet, Netherlands, stichting@nlnet.nl. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the + * above copyright notice and this permission notice appear in all + * copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND STICHTING NLNET + * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL + * STICHTING NLNET BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR + * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS + * OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE + * USE OR PERFORMANCE OF THIS SOFTWARE. + * + * The development of Dynamically Loadable Zones (DLZ) for Bind 9 was + * conceived and contributed by Rob Butler. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the + * above copyright notice and this permission notice appear in all + * copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ROB BUTLER + * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL + * ROB BUTLER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR + * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS + * OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE + * USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: dlz.h,v 1.2.2.2 2005/09/06 03:47:18 marka Exp $ */ + +/*! \file */ + +#ifndef DLZ_H +#define DLZ_H 1 + +/***** + ***** Module Info + *****/ + +/* + * DLZ Interface + * + * The DLZ interface allows zones to be looked up using a driver instead of + * Bind's default in memory zone table. + * + * + * Reliability: + * No anticipated impact. + * + * Resources: + * + * Security: + * No anticipated impact. + * + * Standards: + * None. + */ + +/***** + ***** Imports + *****/ + +#include <dns/name.h> +#include <dns/types.h> +#include <dns/view.h> + +#include <isc/lang.h> + +ISC_LANG_BEGINDECLS + +/*** + *** Types + ***/ + +#define DNS_DLZ_MAGIC ISC_MAGIC('D','L','Z','D') +#define DNS_DLZ_VALID(dlz) ISC_MAGIC_VALID(dlz, DNS_DLZ_MAGIC) + +typedef isc_result_t +(*dns_dlzallowzonexfr_t)(void *driverarg, void *dbdata, isc_mem_t *mctx, + dns_rdataclass_t rdclass, dns_name_t *name, + isc_sockaddr_t *clientaddr, + dns_db_t **dbp); + +/*%< + * Method prototype. Drivers implementing the DLZ interface MUST + * supply an allow zone transfer method. This method is called when + * the DNS server is performing a zone transfer query. The driver's + * method should return ISC_R_SUCCESS and a database pointer to the + * name server if the zone is supported by the database, and zone + * transfer is allowed. Otherwise it will return ISC_R_NOTFOUND if + * the zone is not supported by the database, or ISC_R_NOPERM if zone + * transfers are not allowed. If an error occurs it should return a + * result code indicating the type of error. + */ + +typedef isc_result_t +(*dns_dlzcreate_t)(isc_mem_t *mctx, const char *dlzname, unsigned int argc, + char *argv[], void *driverarg, void **dbdata); + +/*%< + * Method prototype. Drivers implementing the DLZ interface MUST + * supply a create method. This method is called when the DNS server + * is starting up and creating drivers for use later. + */ + +typedef void +(*dns_dlzdestroy_t)(void *driverarg, void **dbdata); + +/*%< + * Method prototype. Drivers implementing the DLZ interface MUST + * supply a destroy method. This method is called when the DNS server + * is shuting down and no longer needs the driver. + */ + +typedef isc_result_t +(*dns_dlzfindzone_t)(void *driverarg, void *dbdata, isc_mem_t *mctx, + dns_rdataclass_t rdclass, dns_name_t *name, + dns_db_t **dbp); + +/*%< + + * Method prototype. Drivers implementing the DLZ interface MUST + * supply a find zone method. This method is called when the DNS + * server is performing a query. The find zone method will be called + * with the longest possible name first, and continue to be called + * with successively shorter domain names, until any of the following + * occur: + * + * \li 1) a match is found, and the function returns (ISC_R_SUCCESS) + * + * \li 2) a problem occurs, and the functions returns anything other + * than (ISC_R_NOTFOUND) + * \li 3) we run out of domain name labels. I.E. we have tried the + * shortest domain name + * \li 4) the number of labels in the domain name is less than + * min_lables for dns_dlzfindzone + * + * The driver's find zone method should return ISC_R_SUCCESS and a + * database pointer to the name server if the zone is supported by the + * database. Otherwise it will return ISC_R_NOTFOUND, and a null + * pointer if the zone is not supported. If an error occurs it should + * return a result code indicating the type of error. + */ + +/*% the methods supplied by a DLZ driver */ +typedef struct dns_dlzmethods { + dns_dlzcreate_t create; + dns_dlzdestroy_t destroy; + dns_dlzfindzone_t findzone; + dns_dlzallowzonexfr_t allowzonexfr; +} dns_dlzmethods_t; + +/*% information about a DLZ driver */ +struct dns_dlzimplementation { + const char *name; + const dns_dlzmethods_t *methods; + isc_mem_t *mctx; + void *driverarg; + ISC_LINK(dns_dlzimplementation_t) link; +}; + +/*% an instance of a DLZ driver */ +struct dns_dlzdb { + unsigned int magic; + isc_mem_t *mctx; + dns_dlzimplementation_t *implementation; + void *dbdata; +}; + + +/*** + *** Method declarations + ***/ + +isc_result_t +dns_dlzallowzonexfr(dns_view_t *view, dns_name_t *name, + isc_sockaddr_t *clientaddr, dns_db_t **dbp); + +/*%< + * This method is called when the DNS server is performing a zone + * transfer query. It will call the DLZ driver's allow zone tranfer + * method. + */ + +isc_result_t +dns_dlzcreate(isc_mem_t *mctx, const char *dlzname, + const char *drivername, unsigned int argc, + char *argv[], dns_dlzdb_t **dbp); + +/*%< + * This method is called when the DNS server is starting up and + * creating drivers for use later. It will search the DLZ driver list + * for 'drivername' and return a DLZ driver via dbp if a match is + * found. If the DLZ driver supplies a create method, this function + * will call it. + */ + +void +dns_dlzdestroy(dns_dlzdb_t **dbp); + +/*%< + * This method is called when the DNS server is shuting down and no + * longer needs the driver. If the DLZ driver supplies a destroy + * methods, this function will call it. + */ + +isc_result_t +dns_dlzfindzone(dns_view_t *view, dns_name_t *name, + unsigned int minlabels, dns_db_t **dbp); + +/*%< + * This method is called when the DNS server is performing a query. + * It will call the DLZ driver's find zone method. + */ + +isc_result_t +dns_dlzregister(const char *drivername, const dns_dlzmethods_t *methods, + void *driverarg, isc_mem_t *mctx, + dns_dlzimplementation_t **dlzimp); + +/*%< + * Register a dynamically loadable zones (DLZ) driver for the database + * type 'drivername', implemented by the functions in '*methods'. + * + * dlzimp must point to a NULL dlz_implementation_t pointer. That is, + * dlzimp != NULL && *dlzimp == NULL. It will be assigned a value that + * will later be used to identify the driver when deregistering it. + */ + +isc_result_t +dns_dlzstrtoargv(isc_mem_t *mctx, char *s, unsigned int *argcp, char ***argvp); + +/*%< + * This method is called when the name server is starting up to parse + * the DLZ driver command line from named.conf. Basically it splits + * up a string into and argc / argv. The primary difference of this + * method is items between braces { } are considered only 1 word. for + * example the command line "this is { one grouped phrase } and this + * isn't" would be parsed into: + * + * \li argv[0]: "this" + * \li argv[1]: "is" + * \li argv{2]: " one grouped phrase " + * \li argv[3]: "and" + * \li argv[4]: "this" + * \li argv{5}: "isn't" + * + * braces should NOT be nested, more than one grouping in the command + * line is allowed. Notice, argv[2] has an extra space at the + * beginning and end. Extra spaces are not stripped between a + * grouping. You can do so in your driver if needed, or be sure not + * to put extra spaces before / after the braces. + */ + +void +dns_dlzunregister(dns_dlzimplementation_t **dlzimp); + +/*%< + * Removes the dlz driver from the list of registered dlz drivers. + * There must be no active dlz drivers of this type when this function + * is called. + */ + +ISC_LANG_ENDDECLS + +#endif /* DLZ_H */ diff --git a/usr.sbin/bind/lib/dns/include/dns/dnssec.h b/usr.sbin/bind/lib/dns/include/dns/dnssec.h index bdfaf4b5448..9c896d9ab65 100644 --- a/usr.sbin/bind/lib/dns/include/dns/dnssec.h +++ b/usr.sbin/bind/lib/dns/include/dns/dnssec.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dnssec.h,v 1.21.12.5 2004/03/08 09:04:35 marka Exp $ */ +/* $ISC: dnssec.h,v 1.26.18.2 2005/04/29 00:16:12 marka Exp $ */ #ifndef DNS_DNSSEC_H #define DNS_DNSSEC_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/stdtime.h> @@ -32,51 +34,51 @@ ISC_LANG_BEGINDECLS isc_result_t dns_dnssec_keyfromrdata(dns_name_t *name, dns_rdata_t *rdata, isc_mem_t *mctx, dst_key_t **key); -/* +/*%< * Creates a DST key from a DNS record. Basically a wrapper around * dst_key_fromdns(). * * Requires: - * 'name' is not NULL - * 'rdata' is not NULL - * 'mctx' is not NULL - * 'key' is not NULL - * '*key' is NULL + *\li 'name' is not NULL + *\li 'rdata' is not NULL + *\li 'mctx' is not NULL + *\li 'key' is not NULL + *\li '*key' is NULL * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * DST_R_INVALIDPUBLICKEY - * various errors from dns_name_totext + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li DST_R_INVALIDPUBLICKEY + *\li various errors from dns_name_totext */ isc_result_t dns_dnssec_sign(dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, isc_stdtime_t *inception, isc_stdtime_t *expire, isc_mem_t *mctx, isc_buffer_t *buffer, dns_rdata_t *sigrdata); -/* +/*%< * Generates a SIG record covering this rdataset. This has no effect * on existing SIG records. * * Requires: - * 'name' (the owner name of the record) is a valid name - * 'set' is a valid rdataset - * 'key' is a valid key - * 'inception' is not NULL - * 'expire' is not NULL - * 'mctx' is not NULL - * 'buffer' is not NULL - * 'sigrdata' is not NULL + *\li 'name' (the owner name of the record) is a valid name + *\li 'set' is a valid rdataset + *\li 'key' is a valid key + *\li 'inception' is not NULL + *\li 'expire' is not NULL + *\li 'mctx' is not NULL + *\li 'buffer' is not NULL + *\li 'sigrdata' is not NULL * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * ISC_R_NOSPACE - * DNS_R_INVALIDTIME - the expiration is before the inception - * DNS_R_KEYUNAUTHORIZED - the key cannot sign this data (either + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li #ISC_R_NOSPACE + *\li #DNS_R_INVALIDTIME - the expiration is before the inception + *\li #DNS_R_KEYUNAUTHORIZED - the key cannot sign this data (either * it is not a zone key or its flags prevent * authentication) - * DST_R_* + *\li DST_R_* */ isc_result_t @@ -88,35 +90,36 @@ isc_result_t dns_dnssec_verify2(dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, isc_boolean_t ignoretime, isc_mem_t *mctx, dns_rdata_t *sigrdata, dns_name_t *wild); -/* +/*%< * Verifies the SIG record covering this rdataset signed by a specific * key. This does not determine if the key's owner is authorized to * sign this record, as this requires a resolver or database. * If 'ignoretime' is ISC_TRUE, temporal validity will not be checked. * * Requires: - * 'name' (the owner name of the record) is a valid name - * 'set' is a valid rdataset - * 'key' is a valid key - * 'mctx' is not NULL - * 'sigrdata' is a valid rdata containing a SIG record - * 'wild' if non-NULL then is a valid and has a buffer. + *\li 'name' (the owner name of the record) is a valid name + *\li 'set' is a valid rdataset + *\li 'key' is a valid key + *\li 'mctx' is not NULL + *\li 'sigrdata' is a valid rdata containing a SIG record + *\li 'wild' if non-NULL then is a valid and has a buffer. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * DNS_R_FROMWILDCARD - the signature is valid and is from + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li #DNS_R_FROMWILDCARD - the signature is valid and is from * a wildcard expansion. dns_dnssec_verify2() only. * 'wild' contains the name of the wildcard if non-NULL. - * DNS_R_SIGINVALID - the signature fails to verify - * DNS_R_SIGEXPIRED - the signature has expired - * DNS_R_SIGFUTURE - the signature's validity period has not begun - * DNS_R_KEYUNAUTHORIZED - the key cannot sign this data (either + *\li #DNS_R_SIGINVALID - the signature fails to verify + *\li #DNS_R_SIGEXPIRED - the signature has expired + *\li #DNS_R_SIGFUTURE - the signature's validity period has not begun + *\li #DNS_R_KEYUNAUTHORIZED - the key cannot sign this data (either * it is not a zone key or its flags prevent * authentication) - * DST_R_* + *\li DST_R_* */ +/*@{*/ isc_result_t dns_dnssec_findzonekeys(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, dns_name_t *name, isc_mem_t *mctx, @@ -128,50 +131,51 @@ dns_dnssec_findzonekeys2(dns_db_t *db, dns_dbversion_t *ver, const char *directory, isc_mem_t *mctx, unsigned int maxkeys, dst_key_t **keys, unsigned int *nkeys); -/* +/*%< * Finds a set of zone keys. * XXX temporary - this should be handled in dns_zone_t. */ +/*@}*/ isc_result_t dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key); -/* +/*%< * Signs a message with a SIG(0) record. This is implicitly called by * dns_message_renderend() if msg->sig0key is not NULL. * * Requires: - * 'msg' is a valid message - * 'key' is a valid key that can be used for signing + *\li 'msg' is a valid message + *\li 'key' is a valid key that can be used for signing * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * DST_R_* + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li DST_R_* */ isc_result_t dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, dst_key_t *key); -/* +/*%< * Verifies a message signed by a SIG(0) record. This is not * called implicitly by dns_message_parse(). If dns_message_signer() * is called before dns_dnssec_verifymessage(), it will return - * DNS_R_NOTVERIFIEDYET. dns_dnssec_verifymessage() will set + * #DNS_R_NOTVERIFIEDYET. dns_dnssec_verifymessage() will set * the verified_sig0 flag in msg if the verify succeeds, and * the sig0status field otherwise. * * Requires: - * 'source' is a valid buffer containing the unparsed message - * 'msg' is a valid message - * 'key' is a valid key + *\li 'source' is a valid buffer containing the unparsed message + *\li 'msg' is a valid message + *\li 'key' is a valid key * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * ISC_R_NOTFOUND - no SIG(0) was found - * DNS_R_SIGINVALID - the SIG record is not well-formed or + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li #ISC_R_NOTFOUND - no SIG(0) was found + *\li #DNS_R_SIGINVALID - the SIG record is not well-formed or * was not generated by the key. - * DST_R_* + *\li DST_R_* */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/ds.h b/usr.sbin/bind/lib/dns/include/dns/ds.h index 4cdb7723e62..7dc027a02e3 100644 --- a/usr.sbin/bind/lib/dns/include/dns/ds.h +++ b/usr.sbin/bind/lib/dns/include/dns/ds.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ds.h,v 1.3.2.1 2004/03/08 02:08:00 marka Exp $ */ +/* $ISC: ds.h,v 1.3.20.5 2006/02/22 23:50:09 marka Exp $ */ #ifndef DNS_DS_H #define DNS_DS_H 1 @@ -25,11 +25,12 @@ #include <dns/types.h> #define DNS_DSDIGEST_SHA1 (1) +#define DNS_DSDIGEST_SHA256 (2) /* - * Assuming SHA-1 digest type. + * Assuming SHA-256 digest type. */ -#define DNS_DS_BUFFERSIZE (24) +#define DNS_DS_BUFFERSIZE (36) ISC_LANG_BEGINDECLS @@ -37,20 +38,26 @@ isc_result_t dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key, unsigned int digest_type, unsigned char *buffer, dns_rdata_t *rdata); -/* +/*%< * Build the rdata of a DS record. * * Requires: - * key Points to a valid DNS KEY record. - * buffer Points to a temporary buffer of at least - * DNS_DS_BUFFERSIZE bytes. - * rdata Points to an initialized dns_rdata_t. + *\li key Points to a valid DNS KEY record. + *\li buffer Points to a temporary buffer of at least + * #DNS_DS_BUFFERSIZE bytes. + *\li rdata Points to an initialized dns_rdata_t. * * Ensures: - * *rdata Contains a valid DS rdata. The 'data' member refers + * \li *rdata Contains a valid DS rdata. The 'data' member refers * to 'buffer'. */ +isc_boolean_t +dns_ds_digest_supported(unsigned int digest_type); +/*%< + * Is this digest algorithm supported by dns_ds_buildrdata()? + */ + ISC_LANG_ENDDECLS #endif /* DNS_DS_H */ diff --git a/usr.sbin/bind/lib/dns/include/dns/fixedname.h b/usr.sbin/bind/lib/dns/include/dns/fixedname.h index 526d2370e7d..3f40ed566aa 100644 --- a/usr.sbin/bind/lib/dns/include/dns/fixedname.h +++ b/usr.sbin/bind/lib/dns/include/dns/fixedname.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: fixedname.h,v 1.12.206.1 2004/03/06 08:13:55 marka Exp $ */ +/* $ISC: fixedname.h,v 1.13.18.2 2005/04/29 00:16:13 marka Exp $ */ #ifndef DNS_FIXEDNAME_H #define DNS_FIXEDNAME_H 1 @@ -24,28 +24,31 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * Fixed-size Names * * dns_fixedname_t is a convenience type containing a name, an offsets table, * and a dedicated buffer big enough for the longest possible name. * * MP: - * The caller must ensure any required synchronization. + *\li The caller must ensure any required synchronization. * * Reliability: - * No anticipated impact. + *\li No anticipated impact. * * Resources: - * Per dns_fixedname_t: + *\li Per dns_fixedname_t: + *\code * sizeof(dns_name_t) + sizeof(dns_offsets_t) + * sizeof(isc_buffer_t) + 255 bytes + structure padding + *\endcode * * Security: - * No anticipated impact. + *\li No anticipated impact. * * Standards: - * None. + *\li None. */ /***** diff --git a/usr.sbin/bind/lib/dns/include/dns/forward.h b/usr.sbin/bind/lib/dns/include/dns/forward.h index b4773b9b65f..ea56e3c8384 100644 --- a/usr.sbin/bind/lib/dns/include/dns/forward.h +++ b/usr.sbin/bind/lib/dns/include/dns/forward.h @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: forward.h,v 1.2.206.3 2005/03/17 03:58:31 marka Exp $ */ +/* $ISC: forward.h,v 1.3.18.3 2005/04/27 05:01:33 sra Exp $ */ #ifndef DNS_FORWARD_H #define DNS_FORWARD_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/result.h> @@ -34,68 +36,81 @@ struct dns_forwarders { isc_result_t dns_fwdtable_create(isc_mem_t *mctx, dns_fwdtable_t **fwdtablep); -/* +/*%< * Creates a new forwarding table. * * Requires: - * mctx is a valid memory context. - * fwdtablep != NULL && *fwdtablep == NULL + * \li mctx is a valid memory context. + * \li fwdtablep != NULL && *fwdtablep == NULL * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + * \li #ISC_R_SUCCESS + * \li #ISC_R_NOMEMORY */ isc_result_t dns_fwdtable_add(dns_fwdtable_t *fwdtable, dns_name_t *name, isc_sockaddrlist_t *addrs, dns_fwdpolicy_t policy); -/* +/*%< * Adds an entry to the forwarding table. The entry associates * a domain with a list of forwarders and a forwarding policy. The * addrs list is copied if not empty, so the caller should free its copy. * * Requires: - * fwdtable is a valid forwarding table. - * name is a valid name - * addrs is a valid list of sockaddrs, which may be empty. + * \li fwdtable is a valid forwarding table. + * \li name is a valid name + * \li addrs is a valid list of sockaddrs, which may be empty. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + * \li #ISC_R_SUCCESS + * \li #ISC_R_NOMEMORY */ isc_result_t dns_fwdtable_find(dns_fwdtable_t *fwdtable, dns_name_t *name, dns_forwarders_t **forwardersp); +/*%< + * Finds a domain in the forwarding table. The closest matching parent + * domain is returned. + * + * Requires: + * \li fwdtable is a valid forwarding table. + * \li name is a valid name + * \li forwardersp != NULL && *forwardersp == NULL + * + * Returns: + * \li #ISC_R_SUCCESS + * \li #ISC_R_NOTFOUND + */ isc_result_t dns_fwdtable_find2(dns_fwdtable_t *fwdtable, dns_name_t *name, dns_name_t *foundname, dns_forwarders_t **forwardersp); -/* +/*%< * Finds a domain in the forwarding table. The closest matching parent * domain is returned. * * Requires: - * fwdtable is a valid forwarding table. - * name is a valid name - * forwardersp != NULL && *forwardersp == NULL - * foundname to be NULL or a valid name with buffer. + * \li fwdtable is a valid forwarding table. + * \li name is a valid name + * \li forwardersp != NULL && *forwardersp == NULL + * \li foundname to be NULL or a valid name with buffer. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOTFOUND + * \li #ISC_R_SUCCESS + * \li #ISC_R_NOTFOUND */ void dns_fwdtable_destroy(dns_fwdtable_t **fwdtablep); -/* +/*%< * Destroys a forwarding table. * * Requires: - * fwtablep != NULL && *fwtablep != NULL + * \li fwtablep != NULL && *fwtablep != NULL * * Ensures: - * all memory associated with the forwarding table is freed. + * \li all memory associated with the forwarding table is freed. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/journal.h b/usr.sbin/bind/lib/dns/include/dns/journal.h index 024428c4048..999c148ee19 100644 --- a/usr.sbin/bind/lib/dns/include/dns/journal.h +++ b/usr.sbin/bind/lib/dns/include/dns/journal.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: journal.h,v 1.23.12.3 2004/03/08 09:04:36 marka Exp $ */ +/* $ISC: journal.h,v 1.25.18.2 2005/04/29 00:16:13 marka Exp $ */ #ifndef DNS_JOURNAL_H #define DNS_JOURNAL_H 1 @@ -24,7 +24,8 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * Database journalling. */ @@ -44,7 +45,7 @@ *** Types ***/ -/* +/*% * A dns_journal_t represents an open journal file. This is an opaque type. * * A particular dns_journal_t object may be opened for writing, in which case @@ -67,19 +68,21 @@ ISC_LANG_BEGINDECLS isc_result_t dns_db_createsoatuple(dns_db_t *db, dns_dbversion_t *ver, isc_mem_t *mctx, dns_diffop_t op, dns_difftuple_t **tp); -/* +/*!< brief * Create a diff tuple for the current database SOA. * XXX this probably belongs somewhere else. */ +/*@{*/ #define DNS_SERIAL_GT(a, b) ((int)(((a) - (b)) & 0xFFFFFFFF) > 0) #define DNS_SERIAL_GE(a, b) ((int)(((a) - (b)) & 0xFFFFFFFF) >= 0) -/* +/*!< brief * Compare SOA serial numbers. DNS_SERIAL_GT(a, b) returns true iff * a is "greater than" b where "greater than" is as defined in RFC1982. * DNS_SERIAL_GE(a, b) returns true iff a is "greater than or equal to" b. */ +/*@}*/ /**************************************************************************/ /* @@ -89,7 +92,7 @@ dns_db_createsoatuple(dns_db_t *db, dns_dbversion_t *ver, isc_mem_t *mctx, isc_result_t dns_journal_open(isc_mem_t *mctx, const char *filename, isc_boolean_t write, dns_journal_t **journalp); -/* +/*%< * Open the journal file 'filename' and create a dns_journal_t object for it. * * If 'write' is ISC_TRUE, the journal is open for writing. If it does @@ -101,7 +104,7 @@ dns_journal_open(isc_mem_t *mctx, const char *filename, isc_boolean_t write, void dns_journal_destroy(dns_journal_t **journalp); -/* +/*%< * Destroy a dns_journal_t, closing any open files and freeing its memory. */ @@ -112,52 +115,52 @@ dns_journal_destroy(dns_journal_t **journalp); isc_result_t dns_journal_begin_transaction(dns_journal_t *j); -/* +/*%< * Prepare to write a new transaction to the open journal file 'j'. * * Requires: - * 'j' is open for writing. + * \li 'j' is open for writing. */ isc_result_t dns_journal_writediff(dns_journal_t *j, dns_diff_t *diff); -/* +/*%< * Write 'diff' to the current transaction of journal file 'j'. * * Requires: - * 'j' is open for writing and dns_journal_begin_transaction() + * \li 'j' is open for writing and dns_journal_begin_transaction() * has been called. * - * 'diff' is a full or partial, correctly ordered IXFR + *\li 'diff' is a full or partial, correctly ordered IXFR * difference sequence. */ isc_result_t dns_journal_commit(dns_journal_t *j); -/* +/*%< * Commit the current transaction of journal file 'j'. * * Requires: - * 'j' is open for writing and dns_journal_begin_transaction() + * \li 'j' is open for writing and dns_journal_begin_transaction() * has been called. * - * dns_journal_writediff() has been called one or more times + * \li dns_journal_writediff() has been called one or more times * to form a complete, correctly ordered IXFR difference * sequence. */ isc_result_t dns_journal_write_transaction(dns_journal_t *j, dns_diff_t *diff); -/* +/*% * Write a complete transaction at once to a journal file, * sorting it if necessary, and commit it. Equivalent to calling * dns_diff_sort(), dns_journal_begin_transaction(), * dns_journal_writediff(), and dns_journal_commit(). * * Requires: - * 'j' is open for writing. + *\li 'j' is open for writing. * - * 'diff' contains exactly one SOA deletion, one SOA addition + * \li 'diff' contains exactly one SOA deletion, one SOA addition * with a greater serial number, and possibly other changes, * in arbitrary order. */ @@ -171,46 +174,48 @@ isc_uint32_t dns_journal_first_serial(dns_journal_t *j); isc_uint32_t dns_journal_last_serial(dns_journal_t *j); -/* +/*%< * Get the first and last addressable serial number in the journal. */ isc_result_t dns_journal_iter_init(dns_journal_t *j, isc_uint32_t begin_serial, isc_uint32_t end_serial); -/* +/*%< * Prepare to iterate over the transactions that will bring the database * from SOA serial number 'begin_serial' to 'end_serial'. * * Returns: - * ISC_R_SUCCESS - * ISC_R_RANGE begin_serial is outside the addressable range. - * ISC_R_NOTFOUND begin_serial is within the range of adressable + *\li ISC_R_SUCCESS + *\li ISC_R_RANGE begin_serial is outside the addressable range. + *\li ISC_R_NOTFOUND begin_serial is within the range of adressable * serial numbers covered by the journal, but * this particular serial number does not exist. */ +/*@{*/ isc_result_t dns_journal_first_rr(dns_journal_t *j); isc_result_t dns_journal_next_rr(dns_journal_t *j); -/* +/*%< * Position the iterator at the first/next RR in a journal * transaction sequence established using dns_journal_iter_init(). * * Requires: - * dns_journal_iter_init() has been called. + * \li dns_journal_iter_init() has been called. * */ +/*@}*/ void dns_journal_current_rr(dns_journal_t *j, dns_name_t **name, isc_uint32_t *ttl, dns_rdata_t **rdata); -/* +/*%< * Get the name, ttl, and rdata of the current journal RR. * * Requires: - * The last call to dns_journal_first_rr() or dns_journal_next_rr() + * \li The last call to dns_journal_first_rr() or dns_journal_next_rr() * returned ISC_R_SUCCESS. */ @@ -221,22 +226,22 @@ dns_journal_current_rr(dns_journal_t *j, dns_name_t **name, isc_uint32_t *ttl, isc_result_t dns_journal_rollforward(isc_mem_t *mctx, dns_db_t *db, const char *filename); -/* +/*%< * Roll forward (play back) the journal file "filename" into the * database "db". This should be called when the server starts * after a shutdown or crash. * * Requires: - * 'mctx' is a valid memory context. - * 'db' is a valid database which does not have a version + *\li 'mctx' is a valid memory context. + *\li 'db' is a valid database which does not have a version * open for writing. - * 'filename' is the name of the journal file belonging to 'db'. + * \li 'filename' is the name of the journal file belonging to 'db'. * * Returns: - * DNS_R_NOJOURNAL when journal does not exist. - * ISC_R_NOTFOUND when current serial in not in journal. - * ISC_R_RANGE when current serial in not in journals range. - * ISC_R_SUCCESS journal has been applied successfully to database. + *\li DNS_R_NOJOURNAL when journal does not exist. + *\li ISC_R_NOTFOUND when current serial in not in journal. + *\li ISC_R_RANGE when current serial in not in journals range. + *\li ISC_R_SUCCESS journal has been applied successfully to database. * others */ @@ -249,7 +254,7 @@ dns_db_diff(isc_mem_t *mctx, dns_db_t *dba, dns_dbversion_t *dbvera, dns_db_t *dbb, dns_dbversion_t *dbverb, const char *journal_filename); -/* +/*%< * Compare the databases 'dba' and 'dbb' and generate a journal * entry containing the changes to make 'dba' from 'dbb' (note * the order). This journal entry will consist of a single, @@ -260,7 +265,7 @@ dns_db_diff(isc_mem_t *mctx, isc_result_t dns_journal_compact(isc_mem_t *mctx, char *filename, isc_uint32_t serial, isc_uint32_t target_size); -/* +/*%< * Attempt to compact the journal if it is greater that 'target_size'. * Changes from 'serial' onwards will be preserved. If the journal * exists and is non-empty 'serial' must exist in the journal. diff --git a/usr.sbin/bind/lib/dns/include/dns/keyflags.h b/usr.sbin/bind/lib/dns/include/dns/keyflags.h index b91650fd3ed..d4cc3c2935f 100644 --- a/usr.sbin/bind/lib/dns/include/dns/keyflags.h +++ b/usr.sbin/bind/lib/dns/include/dns/keyflags.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: keyflags.h,v 1.9.206.1 2004/03/06 08:13:56 marka Exp $ */ +/* $ISC: keyflags.h,v 1.10.18.2 2005/04/29 00:16:13 marka Exp $ */ #ifndef DNS_KEYFLAGS_H #define DNS_KEYFLAGS_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -28,7 +30,7 @@ ISC_LANG_BEGINDECLS isc_result_t dns_keyflags_fromtext(dns_keyflags_t *flagsp, isc_textregion_t *source); -/* +/*%< * Convert the text 'source' refers to into a DNSSEC KEY flags value. * The text may contain either a set of flag mnemonics separated by * vertical bars or a decimal flags value. For compatibility with @@ -37,14 +39,14 @@ dns_keyflags_fromtext(dns_keyflags_t *flagsp, isc_textregion_t *source); * are also accepted. * * Requires: - * 'flagsp' is a valid pointer. + *\li 'flagsp' is a valid pointer. * - * 'source' is a valid text region. + *\li 'source' is a valid text region. * * Returns: - * ISC_R_SUCCESS on success - * ISC_R_RANGE numeric flag value is out of range - * DNS_R_UNKNOWN mnemonic flag is unknown + *\li ISC_R_SUCCESS on success + *\li ISC_R_RANGE numeric flag value is out of range + *\li DNS_R_UNKNOWN mnemonic flag is unknown */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/keytable.h b/usr.sbin/bind/lib/dns/include/dns/keytable.h index 206e3b58ea3..6ff85407560 100644 --- a/usr.sbin/bind/lib/dns/include/dns/keytable.h +++ b/usr.sbin/bind/lib/dns/include/dns/keytable.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: keytable.h,v 1.10.206.3 2006/01/06 00:01:42 marka Exp $ */ +/* $ISC: keytable.h,v 1.11.18.3 2005/12/05 00:00:03 marka Exp $ */ #ifndef DNS_KEYTABLE_H #define DNS_KEYTABLE_H 1 @@ -24,22 +24,21 @@ ***** Module Info *****/ -/* - * Key Tables - * +/*! \file + * \brief * The keytable module provides services for storing and retrieving DNSSEC * trusted keys, as well as the ability to find the deepest matching key * for a given domain name. * * MP: - * The module ensures appropriate synchronization of data structures it + *\li The module ensures appropriate synchronization of data structures it * creates and manipulates. * * Resources: - * <TBS> + *\li TBS * * Security: - * No anticipated impact. + *\li No anticipated impact. */ #include <isc/lang.h> @@ -52,203 +51,202 @@ ISC_LANG_BEGINDECLS isc_result_t dns_keytable_create(isc_mem_t *mctx, dns_keytable_t **keytablep); -/* +/*%< * Create a keytable. * * Requires: * - * 'mctx' is a valid memory context. + *\li 'mctx' is a valid memory context. * - * keytablep != NULL && *keytablep == NULL + *\li keytablep != NULL && *keytablep == NULL * * Ensures: * - * On success, *keytablep is a valid, empty key table. + *\li On success, *keytablep is a valid, empty key table. * * Returns: * - * ISC_R_SUCCESS + *\li ISC_R_SUCCESS * - * Any other result indicates failure. + *\li Any other result indicates failure. */ void dns_keytable_attach(dns_keytable_t *source, dns_keytable_t **targetp); -/* +/*%< * Attach *targetp to source. * * Requires: * - * 'source' is a valid keytable. + *\li 'source' is a valid keytable. * - * 'targetp' points to a NULL dns_keytable_t *. + *\li 'targetp' points to a NULL dns_keytable_t *. * * Ensures: * - * *targetp is attached to source. + *\li *targetp is attached to source. */ void dns_keytable_detach(dns_keytable_t **keytablep); -/* +/*%< * Detach *keytablep from its keytable. * * Requires: * - * 'keytablep' points to a valid keytable. + *\li 'keytablep' points to a valid keytable. * * Ensures: * - * *keytablep is NULL. - * - * If '*keytablep' is the last reference to the keytable, + *\li *keytablep is NULL. * - * All resources used by the keytable will be freed + *\li If '*keytablep' is the last reference to the keytable, + * all resources used by the keytable will be freed */ isc_result_t dns_keytable_add(dns_keytable_t *keytable, dst_key_t **keyp); -/* +/*%< * Add '*keyp' to 'keytable'. * * Notes: * - * Ownership of *keyp is transferred to the keytable. + *\li Ownership of *keyp is transferred to the keytable. * * Requires: * - * keyp != NULL && *keyp is a valid dst_key_t *. + *\li keyp != NULL && *keyp is a valid dst_key_t *. * * Ensures: * - * On success, *keyp == NULL + *\li On success, *keyp == NULL * * Returns: * - * ISC_R_SUCCESS + *\li ISC_R_SUCCESS * - * Any other result indicates failure. + *\li Any other result indicates failure. */ isc_result_t dns_keytable_findkeynode(dns_keytable_t *keytable, dns_name_t *name, dns_secalg_t algorithm, dns_keytag_t tag, dns_keynode_t **keynodep); -/* +/*%< * Search for a key named 'name', matching 'algorithm' and 'tag' in * 'keytable'. This finds the first instance which matches. Use * dns_keytable_findnextkeynode() to find other instances. * * Requires: * - * 'keytable' is a valid keytable. + *\li 'keytable' is a valid keytable. * - * 'name' is a valid absolute name. + *\li 'name' is a valid absolute name. * - * keynodep != NULL && *keynodep == NULL + *\li keynodep != NULL && *keynodep == NULL * * Returns: * - * ISC_R_SUCCESS - * DNS_R_PARTIALMATCH the name existed in the keytable. - * ISC_R_NOTFOUND + *\li ISC_R_SUCCESS + *\li DNS_R_PARTIALMATCH the name existed in the keytable. + *\li ISC_R_NOTFOUND * - * Any other result indicates an error. + *\li Any other result indicates an error. */ isc_result_t dns_keytable_findnextkeynode(dns_keytable_t *keytable, dns_keynode_t *keynode, dns_keynode_t **nextnodep); -/* +/*%< * Search for the next key with the same properties as 'keynode' in * 'keytable' as found by dns_keytable_findkeynode(). * * Requires: * - * 'keytable' is a valid keytable. + *\li 'keytable' is a valid keytable. * - * 'keynode' is a valid keynode. + *\li 'keynode' is a valid keynode. * - * nextnodep != NULL && *nextnodep == NULL + *\li nextnodep != NULL && *nextnodep == NULL * * Returns: * - * ISC_R_SUCCESS - * ISC_R_NOTFOUND + *\li ISC_R_SUCCESS + *\li ISC_R_NOTFOUND * - * Any other result indicates an error. + *\li Any other result indicates an error. */ isc_result_t dns_keytable_finddeepestmatch(dns_keytable_t *keytable, dns_name_t *name, dns_name_t *foundname); -/* +/*%< * Search for the deepest match of 'name' in 'keytable'. * * Requires: * - * 'keytable' is a valid keytable. + *\li 'keytable' is a valid keytable. * - * 'name' is a valid absolute name. + *\li 'name' is a valid absolute name. * - * 'foundname' is a name with a dedicated buffer. + *\li 'foundname' is a name with a dedicated buffer. * * Returns: * - * ISC_R_SUCCESS - * ISC_R_NOTFOUND + *\li ISC_R_SUCCESS + *\li ISC_R_NOTFOUND * - * Any other result indicates an error. + *\li Any other result indicates an error. */ void dns_keytable_detachkeynode(dns_keytable_t *keytable, dns_keynode_t **keynodep); -/* +/*%< * Give back a keynode found via dns_keytable_findkeynode(). * * Requires: * - * 'keytable' is a valid keytable. + *\li 'keytable' is a valid keytable. * - * *keynodep is a valid keynode returned by a call to + *\li *keynodep is a valid keynode returned by a call to * dns_keytable_findkeynode(). * * Ensures: * - * *keynodep == NULL + *\li *keynodep == NULL */ isc_result_t dns_keytable_issecuredomain(dns_keytable_t *keytable, dns_name_t *name, isc_boolean_t *wantdnssecp); -/* +/*%< * Is 'name' at or beneath a trusted key? * * Requires: * - * 'keytable' is a valid keytable. + *\li 'keytable' is a valid keytable. * - * 'name' is a valid absolute name. + *\li 'name' is a valid absolute name. * - * '*wantsdnssecp' is a valid isc_boolean_t. + *\li '*wantsdnssecp' is a valid isc_boolean_t. * * Ensures: * - * On success, *wantsdnssecp will be ISC_TRUE if and only if 'name' + *\li On success, *wantsdnssecp will be ISC_TRUE if and only if 'name' * is at or beneath a trusted key. * * Returns: * - * ISC_R_SUCCESS + *\li ISC_R_SUCCESS * - * Any other result is an error. + *\li Any other result is an error. */ dst_key_t * dns_keynode_key(dns_keynode_t *keynode); -/* +/*%< * Get the DST key associated with keynode. */ diff --git a/usr.sbin/bind/lib/dns/include/dns/keyvalues.h b/usr.sbin/bind/lib/dns/include/dns/keyvalues.h index 396e734a8b1..5c8c8196fd4 100644 --- a/usr.sbin/bind/lib/dns/include/dns/keyvalues.h +++ b/usr.sbin/bind/lib/dns/include/dns/keyvalues.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,36 +15,38 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: keyvalues.h,v 1.11.12.3 2004/03/06 08:13:56 marka Exp $ */ +/* $ISC: keyvalues.h,v 1.15.18.2 2005/04/29 00:16:14 marka Exp $ */ #ifndef DNS_KEYVALUES_H #define DNS_KEYVALUES_H 1 +/*! \file */ + /* * Flags field of the KEY RR rdata */ -#define DNS_KEYFLAG_TYPEMASK 0xC000 /* Mask for "type" bits */ -#define DNS_KEYTYPE_AUTHCONF 0x0000 /* Key usable for both */ -#define DNS_KEYTYPE_CONFONLY 0x8000 /* Key usable for confidentiality */ -#define DNS_KEYTYPE_AUTHONLY 0x4000 /* Key usable for authentication */ -#define DNS_KEYTYPE_NOKEY 0xC000 /* No key usable for either; no key */ +#define DNS_KEYFLAG_TYPEMASK 0xC000 /*%< Mask for "type" bits */ +#define DNS_KEYTYPE_AUTHCONF 0x0000 /*%< Key usable for both */ +#define DNS_KEYTYPE_CONFONLY 0x8000 /*%< Key usable for confidentiality */ +#define DNS_KEYTYPE_AUTHONLY 0x4000 /*%< Key usable for authentication */ +#define DNS_KEYTYPE_NOKEY 0xC000 /*%< No key usable for either; no key */ #define DNS_KEYTYPE_NOAUTH DNS_KEYTYPE_CONFONLY #define DNS_KEYTYPE_NOCONF DNS_KEYTYPE_AUTHONLY -#define DNS_KEYFLAG_RESERVED2 0x2000 /* reserved - must be zero */ -#define DNS_KEYFLAG_EXTENDED 0x1000 /* key has extended flags */ -#define DNS_KEYFLAG_RESERVED4 0x0800 /* reserved - must be zero */ -#define DNS_KEYFLAG_RESERVED5 0x0400 /* reserved - must be zero */ -#define DNS_KEYFLAG_OWNERMASK 0x0300 /* these bits determine the type */ -#define DNS_KEYOWNER_USER 0x0000 /* key is assoc. with user */ -#define DNS_KEYOWNER_ENTITY 0x0200 /* key is assoc. with entity eg host */ -#define DNS_KEYOWNER_ZONE 0x0100 /* key is zone key */ -#define DNS_KEYOWNER_RESERVED 0x0300 /* reserved meaning */ -#define DNS_KEYFLAG_RESERVED8 0x0080 /* reserved - must be zero */ -#define DNS_KEYFLAG_RESERVED9 0x0040 /* reserved - must be zero */ -#define DNS_KEYFLAG_RESERVED10 0x0020 /* reserved - must be zero */ -#define DNS_KEYFLAG_RESERVED11 0x0010 /* reserved - must be zero */ -#define DNS_KEYFLAG_SIGNATORYMASK 0x000F /* key can sign RR's of same name */ +#define DNS_KEYFLAG_RESERVED2 0x2000 /*%< reserved - must be zero */ +#define DNS_KEYFLAG_EXTENDED 0x1000 /*%< key has extended flags */ +#define DNS_KEYFLAG_RESERVED4 0x0800 /*%< reserved - must be zero */ +#define DNS_KEYFLAG_RESERVED5 0x0400 /*%< reserved - must be zero */ +#define DNS_KEYFLAG_OWNERMASK 0x0300 /*%< these bits determine the type */ +#define DNS_KEYOWNER_USER 0x0000 /*%< key is assoc. with user */ +#define DNS_KEYOWNER_ENTITY 0x0200 /*%< key is assoc. with entity eg host */ +#define DNS_KEYOWNER_ZONE 0x0100 /*%< key is zone key */ +#define DNS_KEYOWNER_RESERVED 0x0300 /*%< reserved meaning */ +#define DNS_KEYFLAG_RESERVED8 0x0080 /*%< reserved - must be zero */ +#define DNS_KEYFLAG_RESERVED9 0x0040 /*%< reserved - must be zero */ +#define DNS_KEYFLAG_RESERVED10 0x0020 /*%< reserved - must be zero */ +#define DNS_KEYFLAG_RESERVED11 0x0010 /*%< reserved - must be zero */ +#define DNS_KEYFLAG_SIGNATORYMASK 0x000F /*%< key can sign RR's of same name */ #define DNS_KEYFLAG_RESERVEDMASK (DNS_KEYFLAG_RESERVED2 | \ DNS_KEYFLAG_RESERVED4 | \ @@ -53,21 +55,21 @@ DNS_KEYFLAG_RESERVED9 | \ DNS_KEYFLAG_RESERVED10 | \ DNS_KEYFLAG_RESERVED11 ) -#define DNS_KEYFLAG_KSK 0x0001 /* key signing key */ +#define DNS_KEYFLAG_KSK 0x0001 /*%< key signing key */ -#define DNS_KEYFLAG_RESERVEDMASK2 0xFFFF /* no bits defined here */ +#define DNS_KEYFLAG_RESERVEDMASK2 0xFFFF /*%< no bits defined here */ /* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */ -#define DNS_KEYALG_RSAMD5 1 /* RSA with MD5 */ +#define DNS_KEYALG_RSAMD5 1 /*%< RSA with MD5 */ #define DNS_KEYALG_RSA DNS_KEYALG_RSAMD5 -#define DNS_KEYALG_DH 2 /* Diffie Hellman KEY */ -#define DNS_KEYALG_DSA 3 /* DSA KEY */ +#define DNS_KEYALG_DH 2 /*%< Diffie Hellman KEY */ +#define DNS_KEYALG_DSA 3 /*%< DSA KEY */ #define DNS_KEYALG_DSS NS_ALG_DSA #define DNS_KEYALG_ECC 4 #define DNS_KEYALG_RSASHA1 5 #define DNS_KEYALG_INDIRECT 252 #define DNS_KEYALG_PRIVATEDNS 253 -#define DNS_KEYALG_PRIVATEOID 254 /* Key begins with OID giving alg */ +#define DNS_KEYALG_PRIVATEOID 254 /*%< Key begins with OID giving alg */ /* Protocol values */ #define DNS_KEYPROTO_RESERVED 0 @@ -78,11 +80,11 @@ #define DNS_KEYPROTO_ANY 255 /* Signatures */ -#define DNS_SIG_RSAMINBITS 512 /* Size of a mod or exp in bits */ +#define DNS_SIG_RSAMINBITS 512 /*%< Size of a mod or exp in bits */ #define DNS_SIG_RSAMAXBITS 2552 /* Total of binary mod and exp */ #define DNS_SIG_RSAMAXBYTES ((DNS_SIG_RSAMAXBITS+7/8)*2+3) - /* Max length of text sig block */ + /*%< Max length of text sig block */ #define DNS_SIG_RSAMAXBASE64 (((DNS_SIG_RSAMAXBYTES+2)/3)*4) #define DNS_SIG_RSAMINSIZE ((DNS_SIG_RSAMINBITS+7)/8) #define DNS_SIG_RSAMAXSIZE ((DNS_SIG_RSAMAXBITS+7)/8) diff --git a/usr.sbin/bind/lib/dns/include/dns/lib.h b/usr.sbin/bind/lib/dns/include/dns/lib.h index 1864c20771b..2ddb442c702 100644 --- a/usr.sbin/bind/lib/dns/include/dns/lib.h +++ b/usr.sbin/bind/lib/dns/include/dns/lib.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,21 +15,27 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lib.h,v 1.6.12.3 2004/03/08 09:04:36 marka Exp $ */ +/* $ISC: lib.h,v 1.8.18.4 2005/09/20 04:33:48 marka Exp $ */ #ifndef DNS_LIB_H #define DNS_LIB_H 1 +/*! \file */ + #include <isc/types.h> #include <isc/lang.h> ISC_LANG_BEGINDECLS +/*% + * Tuning: external query load in packets per seconds. + */ +LIBDNS_EXTERNAL_DATA extern unsigned int dns_pps; LIBDNS_EXTERNAL_DATA extern isc_msgcat_t *dns_msgcat; void dns_lib_initmsgcat(void); -/* +/*%< * Initialize the DNS library's message catalog, dns_msgcat, if it * has not already been initialized. */ diff --git a/usr.sbin/bind/lib/dns/include/dns/lookup.h b/usr.sbin/bind/lib/dns/include/dns/lookup.h index b47079bee76..c265dc3fffc 100644 --- a/usr.sbin/bind/lib/dns/include/dns/lookup.h +++ b/usr.sbin/bind/lib/dns/include/dns/lookup.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lookup.h,v 1.5.206.1 2004/03/06 08:13:57 marka Exp $ */ +/* $ISC: lookup.h,v 1.6.18.2 2005/04/29 00:16:15 marka Exp $ */ #ifndef DNS_LOOKUP_H #define DNS_LOOKUP_H 1 @@ -24,29 +24,28 @@ ***** Module Info *****/ -/* - * DNS Lookup - * +/*! \file + * \brief * The lookup module performs simple DNS lookups. It implements * the full resolver algorithm, both looking for local data and * resoving external names as necessary. * * MP: - * The module ensures appropriate synchronization of data structures it + *\li The module ensures appropriate synchronization of data structures it * creates and manipulates. * * Reliability: - * No anticipated impact. + *\li No anticipated impact. * * Resources: - * <TBS> + *\li TBS * * Security: - * No anticipated impact. + *\li No anticipated impact. * * Standards: - * RFCs: 1034, 1035, 2181, <TBS> - * Drafts: <TBS> + *\li RFCs: 1034, 1035, 2181, TBS + *\li Drafts: TBS */ #include <isc/lang.h> @@ -56,7 +55,7 @@ ISC_LANG_BEGINDECLS -/* +/*% * A 'dns_lookupevent_t' is returned when a lookup completes. * The sender field will be set to the lookup that completed. If 'result' * is ISC_R_SUCCESS, then 'names' will contain a list of names associated @@ -77,60 +76,60 @@ isc_result_t dns_lookup_create(isc_mem_t *mctx, dns_name_t *name, dns_rdatatype_t type, dns_view_t *view, unsigned int options, isc_task_t *task, isc_taskaction_t action, void *arg, dns_lookup_t **lookupp); -/* +/*%< * Finds the rrsets matching 'name' and 'type'. * * Requires: * - * 'mctx' is a valid mctx. + *\li 'mctx' is a valid mctx. * - * 'name' is a valid name. + *\li 'name' is a valid name. * - * 'view' is a valid view which has a resolver. + *\li 'view' is a valid view which has a resolver. * - * 'task' is a valid task. + *\li 'task' is a valid task. * - * lookupp != NULL && *lookupp == NULL + *\li lookupp != NULL && *lookupp == NULL * * Returns: * - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + *\li ISC_R_SUCCESS + *\li ISC_R_NOMEMORY * - * Any resolver-related error (e.g. ISC_R_SHUTTINGDOWN) may also be + *\li Any resolver-related error (e.g. ISC_R_SHUTTINGDOWN) may also be * returned. */ void dns_lookup_cancel(dns_lookup_t *lookup); -/* +/*%< * Cancel 'lookup'. * * Notes: * - * If 'lookup' has not completed, post its LOOKUPDONE event with a + *\li If 'lookup' has not completed, post its LOOKUPDONE event with a * result code of ISC_R_CANCELED. * * Requires: * - * 'lookup' is a valid lookup. + *\li 'lookup' is a valid lookup. */ void dns_lookup_destroy(dns_lookup_t **lookupp); -/* +/*%< * Destroy 'lookup'. * * Requires: * - * '*lookupp' is a valid lookup. + *\li '*lookupp' is a valid lookup. * - * The caller has received the LOOKUPDONE event (either because the + *\li The caller has received the LOOKUPDONE event (either because the * lookup completed or because dns_lookup_cancel() was called). * * Ensures: * - * *lookupp == NULL. + *\li *lookupp == NULL. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/masterdump.h b/usr.sbin/bind/lib/dns/include/dns/masterdump.h index b33a03c1bf0..612e199a5a1 100644 --- a/usr.sbin/bind/lib/dns/include/dns/masterdump.h +++ b/usr.sbin/bind/lib/dns/include/dns/masterdump.h @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: masterdump.h,v 1.22.12.10 2005/09/06 02:12:41 marka Exp $ */ +/* $ISC: masterdump.h,v 1.31.14.4 2005/09/01 03:04:28 marka Exp $ */ #ifndef DNS_MASTERDUMP_H #define DNS_MASTERDUMP_H 1 +/*! \file */ + /*** *** Imports ***/ @@ -46,10 +48,10 @@ typedef struct dns_master_style dns_master_style_t; * rdata.h. */ -/* Omit the owner name when possible. */ +/*% Omit the owner name when possible. */ #define DNS_STYLEFLAG_OMIT_OWNER 0x00010000U -/* +/*% * Omit the TTL when possible. If DNS_STYLEFLAG_TTL is * also set, this means no TTLs are ever printed * because $TTL directives are generated before every @@ -67,32 +69,32 @@ typedef struct dns_master_style dns_master_style_t; */ #define DNS_STYLEFLAG_OMIT_TTL 0x00020000U -/* Omit the class when possible. */ +/*% Omit the class when possible. */ #define DNS_STYLEFLAG_OMIT_CLASS 0x00040000U -/* Output $TTL directives. */ +/*% Output $TTL directives. */ #define DNS_STYLEFLAG_TTL 0x00080000U -/* +/*% * Output $ORIGIN directives and print owner names relative to * the origin when possible. */ #define DNS_STYLEFLAG_REL_OWNER 0x00100000U -/* Print domain names in RR data in relative form when possible. +/*% Print domain names in RR data in relative form when possible. For this to take effect, DNS_STYLEFLAG_REL_OWNER must also be set. */ #define DNS_STYLEFLAG_REL_DATA 0x00200000U -/* Print the trust level of each rdataset. */ +/*% Print the trust level of each rdataset. */ #define DNS_STYLEFLAG_TRUST 0x00400000U -/* Print negative caching entries. */ +/*% Print negative caching entries. */ #define DNS_STYLEFLAG_NCACHE 0x00800000U -/* Never print the TTL */ +/*% Never print the TTL */ #define DNS_STYLEFLAG_NO_TTL 0x01000000U -/* Never print the CLASS */ +/*% Never print the CLASS */ #define DNS_STYLEFLAG_NO_CLASS 0x02000000U ISC_LANG_BEGINDECLS @@ -101,7 +103,7 @@ ISC_LANG_BEGINDECLS *** Constants ***/ -/* +/*% * The default master file style. * * This uses $TTL directives to avoid the need to dedicate a @@ -110,13 +112,13 @@ ISC_LANG_BEGINDECLS */ LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_default; -/* +/*% * A master file style that dumps zones to a very generic format easily * imported/checked with external tools. */ LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_full; -/* +/*% * A master file style that prints explicit TTL values on each * record line, never using $TTL statements. The TTL has a tab * stop of its own, but the class and type share one. @@ -124,13 +126,13 @@ LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_full; LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_explicitttl; -/* +/*% * A master style format designed for cache files. It prints explicit TTL * values on each record line and never uses $ORIGIN or relative names. */ LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_cache; -/* +/*% * A master style that prints name, ttl, class, type, and value on * every line. Similar to explicitttl above, but more verbose. * Intended for generating master files which can be easily parsed @@ -138,7 +140,7 @@ LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_cache; */ LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_simple; -/* +/*% * The style used for debugging, "dig" output, etc. */ LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_debug; @@ -149,54 +151,55 @@ LIBDNS_EXTERNAL_DATA extern const dns_master_style_t dns_master_style_debug; void dns_dumpctx_attach(dns_dumpctx_t *source, dns_dumpctx_t **target); -/* +/*%< * Attach to a dump context. * * Require: - * 'source' to be valid. - * 'target' to be non NULL and '*target' to be NULL. + *\li 'source' to be valid. + *\li 'target' to be non NULL and '*target' to be NULL. */ void dns_dumpctx_detach(dns_dumpctx_t **dctxp); -/* +/*%< * Detach from a dump context. * * Require: - * 'dctxp' to point to a valid dump context. + *\li 'dctxp' to point to a valid dump context. * * Ensures: - * '*dctxp' is NULL. + *\li '*dctxp' is NULL. */ void dns_dumpctx_cancel(dns_dumpctx_t *dctx); -/* +/*%< * Cancel a in progress dump. * * Require: - * 'dctx' to be valid. + *\li 'dctx' to be valid. */ dns_dbversion_t * dns_dumpctx_version(dns_dumpctx_t *dctx); -/* +/*%< * Return the version handle (if any) of the database being dumped. * * Require: - * 'dctx' to be valid. + *\li 'dctx' to be valid. */ dns_db_t * dns_dumpctx_db(dns_dumpctx_t *dctx); -/* +/*%< * Return the database being dumped. * * Require: - * 'dctx' to be valid. + *\li 'dctx' to be valid. */ +/*@{*/ isc_result_t dns_master_dumptostreaminc(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, @@ -208,26 +211,37 @@ isc_result_t dns_master_dumptostream(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, const dns_master_style_t *style, FILE *f); -/* - * Dump the database 'db' to the steam 'f' in RFC1035 master - * file format, in the style defined by 'style' - * (e.g., &dns_default_master_style_default) + +isc_result_t +dns_master_dumptostream2(isc_mem_t *mctx, dns_db_t *db, + dns_dbversion_t *version, + const dns_master_style_t *style, + dns_masterformat_t format, FILE *f); +/*%< + * Dump the database 'db' to the steam 'f' in the specified format by + * 'format'. If the format is dns_masterformat_text (the RFC1035 format), + * 'style' specifies the file style (e.g., &dns_master_style_default). + * + * dns_master_dumptostream() is an old form of dns_master_dumptostream2(), + * which always specifies the dns_masterformat_text format. * * Temporary dynamic memory may be allocated from 'mctx'. * * Require: - * 'task' to be valid. - * 'done' to be non NULL. - * 'dctxp' to be non NULL && '*dctxp' to be NULL. + *\li 'task' to be valid. + *\li 'done' to be non NULL. + *\li 'dctxp' to be non NULL && '*dctxp' to be NULL. * * Returns: - * ISC_R_SUCCESS - * DNS_R_CONTINUE dns_master_dumptostreaminc() only. - * ISC_R_NOMEMORY - * Any database or rrset iterator error. - * Any dns_rdata_totext() error code. + *\li ISC_R_SUCCESS + *\li ISC_R_CONTINUE dns_master_dumptostreaminc() only. + *\li ISC_R_NOMEMORY + *\li Any database or rrset iterator error. + *\li Any dns_rdata_totext() error code. */ +/*@}*/ +/*@{*/ isc_result_t dns_master_dumpinc(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, const dns_master_style_t *style, const char *filename, @@ -235,39 +249,56 @@ dns_master_dumpinc(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, dns_dumpctx_t **dctxp); isc_result_t +dns_master_dumpinc2(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, + const dns_master_style_t *style, const char *filename, + isc_task_t *task, dns_dumpdonefunc_t done, void *done_arg, dns_dumpctx_t **dctxp, dns_masterformat_t format); + +isc_result_t dns_master_dump(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, const dns_master_style_t *style, const char *filename); -/* - * Dump the database 'db' to the file 'filename' in RFC1035 master - * file format, in the style defined by 'style' - * (e.g., &dns_default_master_style_default) + +isc_result_t +dns_master_dump2(isc_mem_t *mctx, dns_db_t *db, + dns_dbversion_t *version, + const dns_master_style_t *style, const char *filename, + dns_masterformat_t format); + +/*%< + * Dump the database 'db' to the file 'filename' in the specified format by + * 'format'. If the format is dns_masterformat_text (the RFC1035 format), + * 'style' specifies the file style (e.g., &dns_master_style_default). + * + * dns_master_dumpinc() and dns_master_dump() are old forms of _dumpinc2() + * and _dump2(), respectively, which always specify the dns_masterformat_text + * format. * * Temporary dynamic memory may be allocated from 'mctx'. * * Returns: - * ISC_R_SUCCESS - * DNS_R_CONTINUE dns_master_dumpinc() only. - * ISC_R_NOMEMORY - * Any database or rrset iterator error. - * Any dns_rdata_totext() error code. + *\li ISC_R_SUCCESS + *\li ISC_R_CONTINUE dns_master_dumpinc() only. + *\li ISC_R_NOMEMORY + *\li Any database or rrset iterator error. + *\li Any dns_rdata_totext() error code. */ +/*@}*/ isc_result_t dns_master_rdatasettotext(dns_name_t *owner_name, dns_rdataset_t *rdataset, const dns_master_style_t *style, isc_buffer_t *target); -/* +/*%< * Convert 'rdataset' to text format, storing the result in 'target'. * * Notes: - * The rdata cursor position will be changed. + *\li The rdata cursor position will be changed. * * Requires: - * 'rdataset' is a valid non-question rdataset. + *\li 'rdataset' is a valid non-question rdataset. * - * 'rdataset' is not empty. + *\li 'rdataset' is not empty. */ isc_result_t diff --git a/usr.sbin/bind/lib/dns/include/dns/message.h b/usr.sbin/bind/lib/dns/include/dns/message.h index 4099857a00a..2de3d563359 100644 --- a/usr.sbin/bind/lib/dns/include/dns/message.h +++ b/usr.sbin/bind/lib/dns/include/dns/message.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: message.h,v 1.100.2.3.8.10 2006/02/28 06:32:54 marka Exp $ */ +/* $ISC: message.h,v 1.114.18.6 2006/03/02 23:19:20 marka Exp $ */ #ifndef DNS_MESSAGE_H #define DNS_MESSAGE_H 1 @@ -33,7 +33,9 @@ #include <dst/dst.h> -/* +/*! \file + * \brief Message Handling Module + * * How this beast works: * * When a dns message is received in a buffer, dns_message_fromwire() is called @@ -54,9 +56,9 @@ * one of two ways. Assume a name was allocated via * dns_message_gettempname(): * - * (1) insert it into a section, using dns_message_addname(). + *\li (1) insert it into a section, using dns_message_addname(). * - * (2) return it to the message using dns_message_puttempname(). + *\li (2) return it to the message using dns_message_puttempname(). * * The same applies to rdatasets. * @@ -74,6 +76,7 @@ * Since the buffer itself exists until the message is destroyed, this sort * of code can be written: * + * \code * buffer = isc_buffer_allocate(mctx, 512); * name = NULL; * name = dns_message_gettempname(message, &name); @@ -81,6 +84,7 @@ * result = dns_name_fromtext(name, &source, dns_rootname, ISC_FALSE, * buffer); * dns_message_takebuffer(message, &buffer); + * \endcode * * * TODO: @@ -102,7 +106,7 @@ #define DNS_MESSAGE_REPLYPRESERVE (DNS_MESSAGEFLAG_RD|DNS_MESSAGEFLAG_CD) #define DNS_MESSAGEEXTFLAG_REPLYPRESERVE (DNS_MESSAGEEXTFLAG_DO) -#define DNS_MESSAGE_HEADERLEN 12 /* 6 isc_uint16_t's */ +#define DNS_MESSAGE_HEADERLEN 12 /*%< 6 isc_uint16_t's */ #define DNS_MESSAGE_MAGIC ISC_MAGIC('M','S','G','@') #define DNS_MESSAGE_VALID(msg) ISC_MAGIC_VALID(msg, DNS_MESSAGE_MAGIC) @@ -140,32 +144,32 @@ typedef int dns_messagetextflag_t; /* * These tell the message library how the created dns_message_t will be used. */ -#define DNS_MESSAGE_INTENTUNKNOWN 0 /* internal use only */ -#define DNS_MESSAGE_INTENTPARSE 1 /* parsing messages */ -#define DNS_MESSAGE_INTENTRENDER 2 /* rendering */ +#define DNS_MESSAGE_INTENTUNKNOWN 0 /*%< internal use only */ +#define DNS_MESSAGE_INTENTPARSE 1 /*%< parsing messages */ +#define DNS_MESSAGE_INTENTRENDER 2 /*%< rendering */ /* * Control behavior of parsing */ -#define DNS_MESSAGEPARSE_PRESERVEORDER 0x0001 /* preserve rdata order */ -#define DNS_MESSAGEPARSE_BESTEFFORT 0x0002 /* return a message if a +#define DNS_MESSAGEPARSE_PRESERVEORDER 0x0001 /*%< preserve rdata order */ +#define DNS_MESSAGEPARSE_BESTEFFORT 0x0002 /*%< return a message if a recoverable parse error occurs */ -#define DNS_MESSAGEPARSE_CLONEBUFFER 0x0004 /* save a copy of the +#define DNS_MESSAGEPARSE_CLONEBUFFER 0x0004 /*%< save a copy of the source buffer */ -#define DNS_MESSAGEPARSE_IGNORETRUNCATION 0x0008 /* trucation errors are +#define DNS_MESSAGEPARSE_IGNORETRUNCATION 0x0008 /*%< trucation errors are * not fatal. */ /* * Control behavior of rendering */ -#define DNS_MESSAGERENDER_ORDERED 0x0001 /* don't change order */ -#define DNS_MESSAGERENDER_PARTIAL 0x0002 /* allow a partial rdataset */ -#define DNS_MESSAGERENDER_OMITDNSSEC 0x0004 /* omit DNSSEC records */ -#define DNS_MESSAGERENDER_PREFER_A 0x0008 /* prefer A records in - * additional section. */ -#define DNS_MESSAGERENDER_PREFER_AAAA 0x0010 /* prefer AAAA records in - * additional section. */ +#define DNS_MESSAGERENDER_ORDERED 0x0001 /*%< don't change order */ +#define DNS_MESSAGERENDER_PARTIAL 0x0002 /*%< allow a partial rdataset */ +#define DNS_MESSAGERENDER_OMITDNSSEC 0x0004 /*%< omit DNSSEC records */ +#define DNS_MESSAGERENDER_PREFER_A 0x0008 /*%< prefer A records in + additional section. */ +#define DNS_MESSAGERENDER_PREFER_AAAA 0x0010 /*%< prefer AAAA records in + additional section. */ typedef struct dns_msgblock dns_msgblock_t; @@ -248,32 +252,32 @@ ISC_LANG_BEGINDECLS isc_result_t dns_message_create(isc_mem_t *mctx, unsigned int intent, dns_message_t **msgp); -/* +/*%< * Create msg structure. * * This function will allocate some internal blocks of memory that are * expected to be needed for parsing or rendering nearly any type of message. * * Requires: - * 'mctx' be a valid memory context. + *\li 'mctx' be a valid memory context. * - * 'msgp' be non-null and '*msg' be NULL. + *\li 'msgp' be non-null and '*msg' be NULL. * - * 'intent' must be one of DNS_MESSAGE_INTENTPARSE or - * DNS_MESSAGE_INTENTRENDER. + *\li 'intent' must be one of DNS_MESSAGE_INTENTPARSE or + * #DNS_MESSAGE_INTENTRENDER. * * Ensures: - * The data in "*msg" is set to indicate an unused and empty msg + *\li The data in "*msg" is set to indicate an unused and empty msg * structure. * * Returns: - * ISC_R_NOMEMORY -- out of memory - * ISC_R_SUCCESS -- success + *\li #ISC_R_NOMEMORY -- out of memory + *\li #ISC_R_SUCCESS -- success */ void dns_message_reset(dns_message_t *msg, unsigned int intent); -/* +/*%< * Reset a message structure to default state. All internal lists are freed * or reset to a default state as well. This is simply a more efficient * way to call dns_message_destroy() followed by dns_message_allocate(), @@ -286,22 +290,22 @@ dns_message_reset(dns_message_t *msg, unsigned int intent); * * Requires: * - * 'msg' be valid. + *\li 'msg' be valid. * - * 'intent' is DNS_MESSAGE_INTENTPARSE or DNS_MESSAGE_INTENTRENDER + *\li 'intent' is DNS_MESSAGE_INTENTPARSE or DNS_MESSAGE_INTENTRENDER */ void dns_message_destroy(dns_message_t **msgp); -/* +/*%< * Destroy all state in the message. * * Requires: * - * 'msgp' be valid. + *\li 'msgp' be valid. * * Ensures: - * '*msgp' == NULL + *\li '*msgp' == NULL */ isc_result_t @@ -316,85 +320,83 @@ dns_message_pseudosectiontotext(dns_message_t *msg, const dns_master_style_t *style, dns_messagetextflag_t flags, isc_buffer_t *target); -/* +/*%< * Convert section 'section' or 'pseudosection' of message 'msg' to * a cleartext representation * * Notes: - * See dns_message_totext for meanings of flags. + * \li See dns_message_totext for meanings of flags. * * Requires: * - * 'msg' is a valid message. + *\li 'msg' is a valid message. * - * 'style' is a valid master dump style. + *\li 'style' is a valid master dump style. * - * 'target' is a valid buffer. + *\li 'target' is a valid buffer. * - * 'section' is a valid section label. + *\li 'section' is a valid section label. * * Ensures: * - * If the result is success: - * + *\li If the result is success: * The used space in 'target' is updated. * * Returns: * - * ISC_R_SUCCESS - * ISC_R_NOSPACE - * ISC_R_NOMORE + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOSPACE + *\li #ISC_R_NOMORE * - * Note: On error return, *target may be partially filled with data. + *\li Note: On error return, *target may be partially filled with data. */ isc_result_t dns_message_totext(dns_message_t *msg, const dns_master_style_t *style, dns_messagetextflag_t flags, isc_buffer_t *target); -/* +/*%< * Convert all sections of message 'msg' to a cleartext representation * * Notes: - * In flags, If DNS_MESSAGETEXTFLAG_OMITDOT is set, then the + * \li In flags, If #DNS_MESSAGETEXTFLAG_OMITDOT is set, then the * final '.' in absolute names will not be emitted. If - * DNS_MESSAGETEXTFLAG_NOCOMMENTS is cleared, lines beginning + * #DNS_MESSAGETEXTFLAG_NOCOMMENTS is cleared, lines beginning * with ";;" will be emitted indicating section name. If - * DNS_MESSAGETEXTFLAG_NOHEADERS is cleared, header lines will + * #DNS_MESSAGETEXTFLAG_NOHEADERS is cleared, header lines will * be emitted. * * Requires: * - * 'msg' is a valid message. + *\li 'msg' is a valid message. * - * 'style' is a valid master dump style. + *\li 'style' is a valid master dump style. * - * 'target' is a valid buffer. + *\li 'target' is a valid buffer. * * Ensures: * - * If the result is success: - * + *\li If the result is success: * The used space in 'target' is updated. * * Returns: * - * ISC_R_SUCCESS - * ISC_R_NOSPACE - * ISC_R_NOMORE + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOSPACE + *\li #ISC_R_NOMORE * - * Note: On error return, *target may be partially filled with data. + *\li Note: On error return, *target may be partially filled with data. */ isc_result_t dns_message_parse(dns_message_t *msg, isc_buffer_t *source, unsigned int options); -/* +/*%< * Parse raw wire data in 'source' as a DNS message. * * OPT records are detected and stored in the pseudo-section "opt". * TSIGs are detected and stored in the pseudo-section "tsig". * - * If DNS_MESSAGEPARSE_PRESERVEORDER is set, or if the opcode of the message + * If #DNS_MESSAGEPARSE_PRESERVEORDER is set, or if the opcode of the message * is UPDATE, a separate dns_name_t object will be created for each RR in the * message. Each such dns_name_t will have a single rdataset containing the * single RR, and the order of the RRs in the message is preserved. @@ -403,39 +405,39 @@ dns_message_parse(dns_message_t *msg, isc_buffer_t *source, * of rdatasets. To access the names and their data, use * dns_message_firstname() and dns_message_nextname(). * - * If DNS_MESSAGEPARSE_BESTEFFORT is set, errors in message content will + * If #DNS_MESSAGEPARSE_BESTEFFORT is set, errors in message content will * not be considered FORMERRs. If the entire message can be parsed, it * will be returned and DNS_R_RECOVERABLE will be returned. * - * If DNS_MESSAGEPARSE_IGNORETRUNCATION is set then return as many complete + * If #DNS_MESSAGEPARSE_IGNORETRUNCATION is set then return as many complete * RR's as possible, DNS_R_RECOVERABLE will be returned. * * OPT and TSIG records are always handled specially, regardless of the * 'preserve_order' setting. * * Requires: - * "msg" be valid. + *\li "msg" be valid. * - * "buffer" be a wire format buffer. + *\li "buffer" be a wire format buffer. * * Ensures: - * The buffer's data format is correct. + *\li The buffer's data format is correct. * - * The buffer's contents verify as correct regarding header bits, buffer + *\li The buffer's contents verify as correct regarding header bits, buffer * and rdata sizes, etc. * * Returns: - * ISC_R_SUCCESS -- all is well - * ISC_R_NOMEMORY -- no memory - * DNS_R_RECOVERABLE -- the message parsed properly, but contained + *\li #ISC_R_SUCCESS -- all is well + *\li #ISC_R_NOMEMORY -- no memory + *\li #DNS_R_RECOVERABLE -- the message parsed properly, but contained * errors. - * Many other errors possible XXXMLG + *\li Many other errors possible XXXMLG */ isc_result_t dns_message_renderbegin(dns_message_t *msg, dns_compress_t *cctx, isc_buffer_t *buffer); -/* +/*%< * Begin rendering on a message. Only one call can be made to this function * per message. * @@ -447,24 +449,24 @@ dns_message_renderbegin(dns_message_t *msg, dns_compress_t *cctx, * * Requires: * - * 'msg' be valid. + *\li 'msg' be valid. * - * 'cctx' be valid. + *\li 'cctx' be valid. * - * 'buffer' is a valid buffer. + *\li 'buffer' is a valid buffer. * * Side Effects: * - * The buffer is cleared before it is used. + *\li The buffer is cleared before it is used. * * Returns: - * ISC_R_SUCCESS -- all is well - * ISC_R_NOSPACE -- output buffer is too small + *\li #ISC_R_SUCCESS -- all is well + *\li #ISC_R_NOSPACE -- output buffer is too small */ isc_result_t dns_message_renderchangebuffer(dns_message_t *msg, isc_buffer_t *buffer); -/* +/*%< * Reset the buffer. This can be used after growing the old buffer * on a ISC_R_NOSPACE return from most of the render functions. * @@ -474,20 +476,20 @@ dns_message_renderchangebuffer(dns_message_t *msg, isc_buffer_t *buffer); * * Requires: * - * 'msg' be valid. + *\li 'msg' be valid. * - * dns_message_renderbegin() was called. + *\li dns_message_renderbegin() was called. * - * buffer != NULL. + *\li buffer != NULL. * * Returns: - * ISC_R_NOSPACE -- new buffer is too small - * ISC_R_SUCCESS -- all is well. + *\li #ISC_R_NOSPACE -- new buffer is too small + *\li #ISC_R_SUCCESS -- all is well. */ isc_result_t dns_message_renderreserve(dns_message_t *msg, unsigned int space); -/* +/*%< * XXXMLG should use size_t rather than unsigned int once the buffer * API is cleaned up * @@ -495,18 +497,18 @@ dns_message_renderreserve(dns_message_t *msg, unsigned int space); * * Requires: * - * 'msg' be valid. + *\li 'msg' be valid. * - * dns_message_renderbegin() was called. + *\li dns_message_renderbegin() was called. * * Returns: - * ISC_R_SUCCESS -- all is well. - * ISC_R_NOSPACE -- not enough free space in the buffer. + *\li #ISC_R_SUCCESS -- all is well. + *\li #ISC_R_NOSPACE -- not enough free space in the buffer. */ void dns_message_renderrelease(dns_message_t *msg, unsigned int space); -/* +/*%< * XXXMLG should use size_t rather than unsigned int once the buffer * API is cleaned up * @@ -514,87 +516,87 @@ dns_message_renderrelease(dns_message_t *msg, unsigned int space); * * Requires: * - * 'msg' be valid. + *\li 'msg' be valid. * - * 'space' is less than or equal to the total amount of space reserved + *\li 'space' is less than or equal to the total amount of space reserved * via prior calls to dns_message_renderreserve(). * - * dns_message_renderbegin() was called. + *\li dns_message_renderbegin() was called. */ isc_result_t dns_message_rendersection(dns_message_t *msg, dns_section_t section, unsigned int options); -/* +/*%< * Render all names, rdatalists, etc from the given section at the * specified priority or higher. * * Requires: - * 'msg' be valid. + *\li 'msg' be valid. * - * 'section' be a valid section. + *\li 'section' be a valid section. * - * dns_message_renderbegin() was called. + *\li dns_message_renderbegin() was called. * * Returns: - * ISC_R_SUCCESS -- all records were written, and there are + *\li #ISC_R_SUCCESS -- all records were written, and there are * no more records for this section. - * ISC_R_NOSPACE -- Not enough room in the buffer to write + *\li #ISC_R_NOSPACE -- Not enough room in the buffer to write * all records requested. - * DNS_R_MOREDATA -- All requested records written, and there + *\li #DNS_R_MOREDATA -- All requested records written, and there * are records remaining for this section. */ void dns_message_renderheader(dns_message_t *msg, isc_buffer_t *target); -/* +/*%< * Render the message header. This is implicitly called by * dns_message_renderend(). * * Requires: * - * 'msg' be a valid message. + *\li 'msg' be a valid message. * - * dns_message_renderbegin() was called. + *\li dns_message_renderbegin() was called. * - * 'target' is a valid buffer with enough space to hold a message header + *\li 'target' is a valid buffer with enough space to hold a message header */ isc_result_t dns_message_renderend(dns_message_t *msg); -/* +/*%< * Finish rendering to the buffer. Note that more data can be in the * 'msg' structure. Destroying the structure will free this, or in a multi- * part EDNS1 message this data can be rendered to another buffer later. * * Requires: * - * 'msg' be a valid message. + *\li 'msg' be a valid message. * - * dns_message_renderbegin() was called. + *\li dns_message_renderbegin() was called. * * Returns: - * ISC_R_SUCCESS -- all is well. + *\li #ISC_R_SUCCESS -- all is well. */ void dns_message_renderreset(dns_message_t *msg); -/* +/*%< * Reset the message so that it may be rendered again. * * Notes: * - * If dns_message_renderbegin() has been called, dns_message_renderend() + *\li If dns_message_renderbegin() has been called, dns_message_renderend() * must be called before calling this function. * * Requires: * - * 'msg' be a valid message with rendering intent. + *\li 'msg' be a valid message with rendering intent. */ isc_result_t dns_message_firstname(dns_message_t *msg, dns_section_t section); -/* +/*%< * Set internal per-section name pointer to the beginning of the section. * * The functions dns_message_firstname() and dns_message_nextname() may @@ -602,39 +604,39 @@ dns_message_firstname(dns_message_t *msg, dns_section_t section); * * Requires: * - * 'msg' be valid. + *\li 'msg' be valid. * - * 'section' be a valid section. + *\li 'section' be a valid section. * * Returns: - * ISC_R_SUCCESS -- All is well. - * ISC_R_NOMORE -- No names on given section. + *\li #ISC_R_SUCCESS -- All is well. + *\li #ISC_R_NOMORE -- No names on given section. */ isc_result_t dns_message_nextname(dns_message_t *msg, dns_section_t section); -/* +/*%< * Sets the internal per-section name pointer to point to the next name * in that section. * * Requires: * - * 'msg' be valid. + * \li 'msg' be valid. * - * 'section' be a valid section. + *\li 'section' be a valid section. * - * dns_message_firstname() must have been called on this section, + *\li dns_message_firstname() must have been called on this section, * and the result was ISC_R_SUCCESS. * * Returns: - * ISC_R_SUCCESS -- All is well. - * ISC_R_NOMORE -- No more names in given section. + *\li #ISC_R_SUCCESS -- All is well. + *\li #ISC_R_NOMORE -- No more names in given section. */ void dns_message_currentname(dns_message_t *msg, dns_section_t section, dns_name_t **name); -/* +/*%< * Sets 'name' to point to the name where the per-section internal name * pointer is currently set. * @@ -643,15 +645,15 @@ dns_message_currentname(dns_message_t *msg, dns_section_t section, * * Requires: * - * 'msg' be valid. + *\li 'msg' be valid. * - * 'name' be non-NULL, and *name be NULL. + *\li 'name' be non-NULL, and *name be NULL. * - * 'section' be a valid section. + *\li 'section' be a valid section. * - * dns_message_firstname() must have been called on this section, + *\li dns_message_firstname() must have been called on this section, * and the result of it and any dns_message_nextname() calls was - * ISC_R_SUCCESS. + * #ISC_R_SUCCESS. */ isc_result_t @@ -659,55 +661,55 @@ dns_message_findname(dns_message_t *msg, dns_section_t section, dns_name_t *target, dns_rdatatype_t type, dns_rdatatype_t covers, dns_name_t **foundname, dns_rdataset_t **rdataset); -/* +/*%< * Search for a name in the specified section. If it is found, *name is * set to point to the name, and *rdataset is set to point to the found * rdataset (if type is specified as other than dns_rdatatype_any). * * Requires: - * 'msg' be valid. + *\li 'msg' be valid. * - * 'section' be a valid section. + *\li 'section' be a valid section. * - * If a pointer to the name is desired, 'foundname' should be non-NULL. + *\li If a pointer to the name is desired, 'foundname' should be non-NULL. * If it is non-NULL, '*foundname' MUST be NULL. * - * If a type other than dns_datatype_any is searched for, 'rdataset' + *\li If a type other than dns_datatype_any is searched for, 'rdataset' * may be non-NULL, '*rdataset' be NULL, and will point at the found * rdataset. If the type is dns_datatype_any, 'rdataset' must be NULL. * - * 'target' be a valid name. + *\li 'target' be a valid name. * - * 'type' be a valid type. + *\li 'type' be a valid type. * - * If 'type' is dns_rdatatype_rrsig, 'covers' must be a valid type. + *\li If 'type' is dns_rdatatype_rrsig, 'covers' must be a valid type. * Otherwise it should be 0. * * Returns: - * ISC_R_SUCCESS -- all is well. - * DNS_R_NXDOMAIN -- name does not exist in that section. - * DNS_R_NXRRSET -- The name does exist, but the desired + *\li #ISC_R_SUCCESS -- all is well. + *\li #DNS_R_NXDOMAIN -- name does not exist in that section. + *\li #DNS_R_NXRRSET -- The name does exist, but the desired * type does not. */ isc_result_t dns_message_findtype(dns_name_t *name, dns_rdatatype_t type, dns_rdatatype_t covers, dns_rdataset_t **rdataset); -/* +/*%< * Search the name for the specified type. If it is found, *rdataset is * filled in with a pointer to that rdataset. * * Requires: - * if '**rdataset' is non-NULL, *rdataset needs to be NULL. + *\li if '**rdataset' is non-NULL, *rdataset needs to be NULL. * - * 'type' be a valid type, and NOT dns_rdatatype_any. + *\li 'type' be a valid type, and NOT dns_rdatatype_any. * - * If 'type' is dns_rdatatype_rrsig, 'covers' must be a valid type. + *\li If 'type' is dns_rdatatype_rrsig, 'covers' must be a valid type. * Otherwise it should be 0. * * Returns: - * ISC_R_SUCCESS -- all is well. - * ISC_R_NOTFOUND -- the desired type does not exist. + *\li #ISC_R_SUCCESS -- all is well. + *\li #ISC_R_NOTFOUND -- the desired type does not exist. */ isc_result_t @@ -735,24 +737,24 @@ void dns_message_movename(dns_message_t *msg, dns_name_t *name, dns_section_t fromsection, dns_section_t tosection); -/* +/*%< * Move a name from one section to another. * * Requires: * - * 'msg' be valid. + *\li 'msg' be valid. * - * 'name' must be a name already in 'fromsection'. + *\li 'name' must be a name already in 'fromsection'. * - * 'fromsection' must be a valid section. + *\li 'fromsection' must be a valid section. * - * 'tosection' must be a valid section. + *\li 'tosection' must be a valid section. */ void dns_message_addname(dns_message_t *msg, dns_name_t *name, dns_section_t section); -/* +/*%< * Adds the name to the given section. * * It is the caller's responsibility to enforce any unique name requirements @@ -760,13 +762,32 @@ dns_message_addname(dns_message_t *msg, dns_name_t *name, * * Requires: * - * 'msg' be valid, and be a renderable message. + *\li 'msg' be valid, and be a renderable message. + * + *\li 'name' be a valid absolute name. + * + *\li 'section' be a named section. + */ + +void +dns_message_removename(dns_message_t *msg, dns_name_t *name, + dns_section_t section); +/*%< + * Remove a existing name from a given section. + * + * It is the caller's responsibility to ensure the name is part of the + * given section. + * + * Requires: + * + *\li 'msg' be valid, and be a renderable message. * - * 'name' be a valid absolute name. + *\li 'name' be a valid absolute name. * - * 'section' be a named section. + *\li 'section' be a named section. */ + /* * LOANOUT FUNCTIONS * @@ -777,7 +798,7 @@ dns_message_addname(dns_message_t *msg, dns_name_t *name, isc_result_t dns_message_gettempname(dns_message_t *msg, dns_name_t **item); -/* +/*%< * Return a name that can be used for any temporary purpose, including * inserting into the message's linked lists. The name must be returned * to the message code using dns_message_puttempname() or inserted into @@ -786,180 +807,180 @@ dns_message_gettempname(dns_message_t *msg, dns_name_t **item); * It is the caller's responsibility to initialize this name. * * Requires: - * msg be a valid message + *\li msg be a valid message * - * item != NULL && *item == NULL + *\li item != NULL && *item == NULL * * Returns: - * ISC_R_SUCCESS -- All is well. - * ISC_R_NOMEMORY -- No item can be allocated. + *\li #ISC_R_SUCCESS -- All is well. + *\li #ISC_R_NOMEMORY -- No item can be allocated. */ isc_result_t dns_message_gettempoffsets(dns_message_t *msg, dns_offsets_t **item); -/* +/*%< * Return an offsets array that can be used for any temporary purpose, * such as attaching to a temporary name. The offsets will be freed * when the message is destroyed or reset. * * Requires: - * msg be a valid message + *\li msg be a valid message * - * item != NULL && *item == NULL + *\li item != NULL && *item == NULL * * Returns: - * ISC_R_SUCCESS -- All is well. - * ISC_R_NOMEMORY -- No item can be allocated. + *\li #ISC_R_SUCCESS -- All is well. + *\li #ISC_R_NOMEMORY -- No item can be allocated. */ isc_result_t dns_message_gettemprdata(dns_message_t *msg, dns_rdata_t **item); -/* +/*%< * Return a rdata that can be used for any temporary purpose, including * inserting into the message's linked lists. The rdata will be freed * when the message is destroyed or reset. * * Requires: - * msg be a valid message + *\li msg be a valid message * - * item != NULL && *item == NULL + *\li item != NULL && *item == NULL * * Returns: - * ISC_R_SUCCESS -- All is well. - * ISC_R_NOMEMORY -- No item can be allocated. + *\li #ISC_R_SUCCESS -- All is well. + *\li #ISC_R_NOMEMORY -- No item can be allocated. */ isc_result_t dns_message_gettemprdataset(dns_message_t *msg, dns_rdataset_t **item); -/* +/*%< * Return a rdataset that can be used for any temporary purpose, including * inserting into the message's linked lists. The name must be returned * to the message code using dns_message_puttempname() or inserted into * one of the message's sections before the message is destroyed. * * Requires: - * msg be a valid message + *\li msg be a valid message * - * item != NULL && *item == NULL + *\li item != NULL && *item == NULL * * Returns: - * ISC_R_SUCCESS -- All is well. - * ISC_R_NOMEMORY -- No item can be allocated. + *\li #ISC_R_SUCCESS -- All is well. + *\li #ISC_R_NOMEMORY -- No item can be allocated. */ isc_result_t dns_message_gettemprdatalist(dns_message_t *msg, dns_rdatalist_t **item); -/* +/*%< * Return a rdatalist that can be used for any temporary purpose, including * inserting into the message's linked lists. The rdatalist will be * destroyed when the message is destroyed or reset. * * Requires: - * msg be a valid message + *\li msg be a valid message * - * item != NULL && *item == NULL + *\li item != NULL && *item == NULL * * Returns: - * ISC_R_SUCCESS -- All is well. - * ISC_R_NOMEMORY -- No item can be allocated. + *\li #ISC_R_SUCCESS -- All is well. + *\li #ISC_R_NOMEMORY -- No item can be allocated. */ void dns_message_puttempname(dns_message_t *msg, dns_name_t **item); -/* +/*%< * Return a borrowed name to the message's name free list. * * Requires: - * msg be a valid message + *\li msg be a valid message * - * item != NULL && *item point to a name returned by + *\li item != NULL && *item point to a name returned by * dns_message_gettempname() * * Ensures: - * *item == NULL + *\li *item == NULL */ void dns_message_puttemprdata(dns_message_t *msg, dns_rdata_t **item); -/* +/*%< * Return a borrowed rdata to the message's rdata free list. * * Requires: - * msg be a valid message + *\li msg be a valid message * - * item != NULL && *item point to a rdata returned by + *\li item != NULL && *item point to a rdata returned by * dns_message_gettemprdata() * * Ensures: - * *item == NULL + *\li *item == NULL */ void dns_message_puttemprdataset(dns_message_t *msg, dns_rdataset_t **item); -/* +/*%< * Return a borrowed rdataset to the message's rdataset free list. * * Requires: - * msg be a valid message + *\li msg be a valid message * - * item != NULL && *item point to a rdataset returned by + *\li item != NULL && *item point to a rdataset returned by * dns_message_gettemprdataset() * * Ensures: - * *item == NULL + *\li *item == NULL */ void dns_message_puttemprdatalist(dns_message_t *msg, dns_rdatalist_t **item); -/* +/*%< * Return a borrowed rdatalist to the message's rdatalist free list. * * Requires: - * msg be a valid message + *\li msg be a valid message * - * item != NULL && *item point to a rdatalist returned by + *\li item != NULL && *item point to a rdatalist returned by * dns_message_gettemprdatalist() * * Ensures: - * *item == NULL + *\li *item == NULL */ isc_result_t dns_message_peekheader(isc_buffer_t *source, dns_messageid_t *idp, unsigned int *flagsp); -/* +/*%< * Assume the remaining region of "source" is a DNS message. Peek into * it and fill in "*idp" with the message id, and "*flagsp" with the flags. * * Requires: * - * source != NULL + *\li source != NULL * * Ensures: * - * if (idp != NULL) *idp == message id. + *\li if (idp != NULL) *idp == message id. * - * if (flagsp != NULL) *flagsp == message flags. + *\li if (flagsp != NULL) *flagsp == message flags. * * Returns: * - * ISC_R_SUCCESS -- all is well. + *\li #ISC_R_SUCCESS -- all is well. * - * ISC_R_UNEXPECTEDEND -- buffer doesn't contain enough for a header. + *\li #ISC_R_UNEXPECTEDEND -- buffer doesn't contain enough for a header. */ isc_result_t dns_message_reply(dns_message_t *msg, isc_boolean_t want_question_section); -/* +/*%< * Start formatting a reply to the query in 'msg'. * * Requires: * - * 'msg' is a valid message with parsing intent, and contains a query. + *\li 'msg' is a valid message with parsing intent, and contains a query. * * Ensures: * - * The message will have a rendering intent. If 'want_question_section' + *\li The message will have a rendering intent. If 'want_question_section' * is true, the message opcode is query or notify, and the question * section is present and properly formatted, then the question section * will be included in the reply. All other sections will be cleared. @@ -968,9 +989,9 @@ dns_message_reply(dns_message_t *msg, isc_boolean_t want_question_section); * * Returns: * - * ISC_R_SUCCESS -- all is well. + *\li #ISC_R_SUCCESS -- all is well. * - * DNS_R_FORMERR -- the header or question section of the + *\li #DNS_R_FORMERR -- the header or question section of the * message is invalid, replying is impossible. * If DNS_R_FORMERR is returned when * want_question_section is ISC_FALSE, then @@ -981,308 +1002,308 @@ dns_message_reply(dns_message_t *msg, isc_boolean_t want_question_section); dns_rdataset_t * dns_message_getopt(dns_message_t *msg); -/* +/*%< * Get the OPT record for 'msg'. * * Requires: * - * 'msg' is a valid message. + *\li 'msg' is a valid message. * * Returns: * - * The OPT rdataset of 'msg', or NULL if there isn't one. + *\li The OPT rdataset of 'msg', or NULL if there isn't one. */ isc_result_t dns_message_setopt(dns_message_t *msg, dns_rdataset_t *opt); -/* +/*%< * Set the OPT record for 'msg'. * * Requires: * - * 'msg' is a valid message with rendering intent + *\li 'msg' is a valid message with rendering intent * and no sections have been rendered. * - * 'opt' is a valid OPT record. + *\li 'opt' is a valid OPT record. * * Ensures: * - * The OPT record has either been freed or ownership of it has + *\li The OPT record has either been freed or ownership of it has * been transferred to the message. * - * If ISC_R_SUCCESS was returned, the OPT record will be rendered + *\li If ISC_R_SUCCESS was returned, the OPT record will be rendered * when dns_message_renderend() is called. * * Returns: * - * ISC_R_SUCCESS -- all is well. + *\li #ISC_R_SUCCESS -- all is well. * - * ISC_R_NOSPACE -- there is no space for the OPT record. + *\li #ISC_R_NOSPACE -- there is no space for the OPT record. */ dns_rdataset_t * dns_message_gettsig(dns_message_t *msg, dns_name_t **owner); -/* +/*%< * Get the TSIG record and owner for 'msg'. * * Requires: * - * 'msg' is a valid message. - * 'owner' is NULL or *owner is NULL. + *\li 'msg' is a valid message. + *\li 'owner' is NULL or *owner is NULL. * * Returns: * - * The TSIG rdataset of 'msg', or NULL if there isn't one. + *\li The TSIG rdataset of 'msg', or NULL if there isn't one. * * Ensures: * - * If 'owner' is not NULL, it will point to the owner name. + * \li If 'owner' is not NULL, it will point to the owner name. */ isc_result_t dns_message_settsigkey(dns_message_t *msg, dns_tsigkey_t *key); -/* +/*%< * Set the tsig key for 'msg'. This is only necessary for when rendering a * query or parsing a response. The key (if non-NULL) is attached to, and * will be detached when the message is destroyed. * * Requires: * - * 'msg' is a valid message with rendering intent, + *\li 'msg' is a valid message with rendering intent, * dns_message_renderbegin() has been called, and no sections have been * rendered. - * 'key' is a valid tsig key or NULL. + *\li 'key' is a valid tsig key or NULL. * * Returns: * - * ISC_R_SUCCESS -- all is well. + *\li #ISC_R_SUCCESS -- all is well. * - * ISC_R_NOSPACE -- there is no space for the TSIG record. + *\li #ISC_R_NOSPACE -- there is no space for the TSIG record. */ dns_tsigkey_t * dns_message_gettsigkey(dns_message_t *msg); -/* +/*%< * Gets the tsig key for 'msg'. * * Requires: * - * 'msg' is a valid message + *\li 'msg' is a valid message */ isc_result_t dns_message_setquerytsig(dns_message_t *msg, isc_buffer_t *querytsig); -/* +/*%< * Indicates that 'querytsig' is the TSIG from the signed query for which * 'msg' is the response. This is also used for chained TSIGs in TCP * responses. * * Requires: * - * 'querytsig' is a valid buffer as returned by dns_message_getquerytsig() + *\li 'querytsig' is a valid buffer as returned by dns_message_getquerytsig() * or NULL * - * 'msg' is a valid message + *\li 'msg' is a valid message * * Returns: * - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY */ isc_result_t dns_message_getquerytsig(dns_message_t *msg, isc_mem_t *mctx, isc_buffer_t **querytsig); -/* +/*%< * Gets the tsig from the TSIG from the signed query 'msg'. This is also used * for chained TSIGs in TCP responses. Unlike dns_message_gettsig, this makes * a copy of the data, so can be used if the message is destroyed. * * Requires: * - * 'msg' is a valid signed message - * 'mctx' is a valid memory context - * querytsig != NULL && *querytsig == NULL + *\li 'msg' is a valid signed message + *\li 'mctx' is a valid memory context + *\li querytsig != NULL && *querytsig == NULL * * Returns: * - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY * * Ensures: - * 'tsig' points to NULL or an allocated buffer which must be freed + *\li 'tsig' points to NULL or an allocated buffer which must be freed * by the caller. */ dns_rdataset_t * dns_message_getsig0(dns_message_t *msg, dns_name_t **owner); -/* +/*%< * Get the SIG(0) record and owner for 'msg'. * * Requires: * - * 'msg' is a valid message. - * 'owner' is NULL or *owner is NULL. + *\li 'msg' is a valid message. + *\li 'owner' is NULL or *owner is NULL. * * Returns: * - * The SIG(0) rdataset of 'msg', or NULL if there isn't one. + *\li The SIG(0) rdataset of 'msg', or NULL if there isn't one. * * Ensures: * - * If 'owner' is not NULL, it will point to the owner name. + * \li If 'owner' is not NULL, it will point to the owner name. */ isc_result_t dns_message_setsig0key(dns_message_t *msg, dst_key_t *key); -/* +/*%< * Set the SIG(0) key for 'msg'. * * Requires: * - * 'msg' is a valid message with rendering intent, + *\li 'msg' is a valid message with rendering intent, * dns_message_renderbegin() has been called, and no sections have been * rendered. - * 'key' is a valid sig key or NULL. + *\li 'key' is a valid sig key or NULL. * * Returns: * - * ISC_R_SUCCESS -- all is well. + *\li #ISC_R_SUCCESS -- all is well. * - * ISC_R_NOSPACE -- there is no space for the SIG(0) record. + *\li #ISC_R_NOSPACE -- there is no space for the SIG(0) record. */ dst_key_t * dns_message_getsig0key(dns_message_t *msg); -/* +/*%< * Gets the SIG(0) key for 'msg'. * * Requires: * - * 'msg' is a valid message + *\li 'msg' is a valid message */ void dns_message_takebuffer(dns_message_t *msg, isc_buffer_t **buffer); -/* +/*%< * Give the *buffer to the message code to clean up when it is no * longer needed. This is usually when the message is reset or * destroyed. * * Requires: * - * msg be a valid message. + *\li msg be a valid message. * - * buffer != NULL && *buffer is a valid isc_buffer_t, which was + *\li buffer != NULL && *buffer is a valid isc_buffer_t, which was * dynamincally allocated via isc_buffer_allocate(). */ isc_result_t dns_message_signer(dns_message_t *msg, dns_name_t *signer); -/* +/*%< * If this message was signed, return the identity of the signer. * Unless ISC_R_NOTFOUND is returned, signer will reflect the name of the * key that signed the message. * * Requires: * - * msg is a valid parsed message. - * signer is a valid name + *\li msg is a valid parsed message. + *\li signer is a valid name * * Returns: * - * ISC_R_SUCCESS - the message was signed, and *signer + *\li #ISC_R_SUCCESS - the message was signed, and *signer * contains the signing identity * - * ISC_R_NOTFOUND - no TSIG or SIG(0) record is present in the + *\li #ISC_R_NOTFOUND - no TSIG or SIG(0) record is present in the * message * - * DNS_R_TSIGVERIFYFAILURE - the message was signed by a TSIG, but the + *\li #DNS_R_TSIGVERIFYFAILURE - the message was signed by a TSIG, but the * signature failed to verify * - * DNS_R_TSIGERRORSET - the message was signed by a TSIG and + *\li #DNS_R_TSIGERRORSET - the message was signed by a TSIG and * verified, but the query was rejected by * the server * - * DNS_R_NOIDENTITY - the message was signed by a TSIG and + *\li #DNS_R_NOIDENTITY - the message was signed by a TSIG and * verified, but the key has no identity since * it was generated by an unsigned TKEY process * - * DNS_R_SIGINVALID - the message was signed by a SIG(0), but + *\li #DNS_R_SIGINVALID - the message was signed by a SIG(0), but * the signature failed to verify * - * DNS_R_NOTVERIFIEDYET - the message was signed by a TSIG or SIG(0), + *\li #DNS_R_NOTVERIFIEDYET - the message was signed by a TSIG or SIG(0), * but the signature has not been verified yet */ isc_result_t dns_message_checksig(dns_message_t *msg, dns_view_t *view); -/* +/*%< * If this message was signed, verify the signature. * * Requires: * - * msg is a valid parsed message. - * view is a valid view or NULL + *\li msg is a valid parsed message. + *\li view is a valid view or NULL * * Returns: * - * ISC_R_SUCCESS - the message was unsigned, or the message + *\li #ISC_R_SUCCESS - the message was unsigned, or the message * was signed correctly. * - * DNS_R_EXPECTEDTSIG - A TSIG was expected, but not seen - * DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected - * DNS_R_TSIGVERIFYFAILURE - The TSIG failed to verify + *\li #DNS_R_EXPECTEDTSIG - A TSIG was expected, but not seen + *\li #DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected + *\li #DNS_R_TSIGVERIFYFAILURE - The TSIG failed to verify */ isc_result_t dns_message_rechecksig(dns_message_t *msg, dns_view_t *view); -/* +/*%< * Reset the signature state and then if the message was signed, * verify the message. * * Requires: * - * msg is a valid parsed message. - * view is a valid view or NULL + *\li msg is a valid parsed message. + *\li view is a valid view or NULL * * Returns: * - * ISC_R_SUCCESS - the message was unsigned, or the message + *\li #ISC_R_SUCCESS - the message was unsigned, or the message * was signed correctly. * - * DNS_R_EXPECTEDTSIG - A TSIG was expected, but not seen - * DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected - * DNS_R_TSIGVERIFYFAILURE - The TSIG failed to verify + *\li #DNS_R_EXPECTEDTSIG - A TSIG was expected, but not seen + *\li #DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected + *\li #DNS_R_TSIGVERIFYFAILURE - The TSIG failed to verify */ void dns_message_resetsig(dns_message_t *msg); -/* +/*%< * Reset the signature state. * * Requires: - * 'msg' is a valid parsed message. + *\li 'msg' is a valid parsed message. */ isc_region_t * dns_message_getrawmessage(dns_message_t *msg); -/* +/*%< * Retrieve the raw message in compressed wire format. The message must * have been successfully parsed for it to have been saved. * * Requires: - * msg is a valid parsed message. + *\li msg is a valid parsed message. * * Returns: - * NULL if there is no saved message. + *\li NULL if there is no saved message. * a pointer to a region which refers the dns message. */ void dns_message_setsortorder(dns_message_t *msg, dns_rdatasetorderfunc_t order, const void *order_arg); -/* +/*%< * Define the order in which RR sets get rendered by * dns_message_rendersection() to be the ascending order * defined by the integer value returned by 'order' when @@ -1290,27 +1311,27 @@ dns_message_setsortorder(dns_message_t *msg, dns_rdatasetorderfunc_t order, * 'order_arg' are NULL, a default order is used. * * Requires: - * msg be a valid message. - * order_arg is NULL if and only if order is NULL. + *\li msg be a valid message. + *\li order_arg is NULL if and only if order is NULL. */ void dns_message_settimeadjust(dns_message_t *msg, int timeadjust); -/* +/*%< * Adjust the time used to sign/verify a message by timeadjust. * Currently only TSIG. * * Requires: - * msg be a valid message. + *\li msg be a valid message. */ int dns_message_gettimeadjust(dns_message_t *msg); -/* +/*%< * Return the current time adjustment. * * Requires: - * msg be a valid message. + *\li msg be a valid message. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/ncache.h b/usr.sbin/bind/lib/dns/include/dns/ncache.h index 8875990d03a..755addd3cb5 100644 --- a/usr.sbin/bind/lib/dns/include/dns/ncache.h +++ b/usr.sbin/bind/lib/dns/include/dns/ncache.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ncache.h,v 1.12.12.5 2004/03/08 09:04:37 marka Exp $ */ +/* $ISC: ncache.h,v 1.17.18.2 2005/04/29 00:16:16 marka Exp $ */ #ifndef DNS_NCACHE_H #define DNS_NCACHE_H 1 @@ -24,25 +24,26 @@ ***** Module Info *****/ -/* +/*! \file + *\brief * DNS Ncache * - * XXX <TBS> XXX + * XXX TBS XXX * * MP: - * The caller must ensure any required synchronization. + *\li The caller must ensure any required synchronization. * * Reliability: - * No anticipated impact. + *\li No anticipated impact. * * Resources: - * <TBS> + *\li TBS * * Security: - * No anticipated impact. + *\li No anticipated impact. * * Standards: - * RFC 2308 + *\li RFC2308 */ #include <isc/lang.h> @@ -52,7 +53,7 @@ ISC_LANG_BEGINDECLS -/* +/*% * _OMITDNSSEC: * Omit DNSSEC records when rendering. */ @@ -62,7 +63,7 @@ isc_result_t dns_ncache_add(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node, dns_rdatatype_t covers, isc_stdtime_t now, dns_ttl_t maxttl, dns_rdataset_t *addedrdataset); -/* +/*%< * Convert the authority data from 'message' into a negative cache * rdataset, and store it in 'cache' at 'node' with a TTL limited to * 'maxttl'. @@ -71,21 +72,21 @@ dns_ncache_add(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node, * or dns_rdatatype_any when caching a NXDOMAIN response. * * Note: - * If 'addedrdataset' is not NULL, then it will be attached to the added + *\li If 'addedrdataset' is not NULL, then it will be attached to the added * rdataset. See dns_db_addrdataset() for more details. * * Requires: - * 'message' is a valid message with a properly formatting negative cache + *\li 'message' is a valid message with a properly formatting negative cache * authority section. * - * The requirements of dns_db_addrdataset() apply to 'cache', 'node', + *\li The requirements of dns_db_addrdataset() apply to 'cache', 'node', * 'now', and 'addedrdataset'. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOSPACE + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOSPACE * - * Any result code of dns_db_addrdataset() is a possible result code + *\li Any result code of dns_db_addrdataset() is a possible result code * of dns_ncache_add(). */ @@ -93,63 +94,63 @@ isc_result_t dns_ncache_towire(dns_rdataset_t *rdataset, dns_compress_t *cctx, isc_buffer_t *target, unsigned int options, unsigned int *countp); -/* +/*%< * Convert the negative caching rdataset 'rdataset' to wire format, * compressing names as specified in 'cctx', and storing the result in * 'target'. If 'omit_dnssec' is set, DNSSEC records will not * be added to 'target'. * * Notes: - * The number of RRs added to target will be added to *countp. + *\li The number of RRs added to target will be added to *countp. * * Requires: - * 'rdataset' is a valid negative caching rdataset. + *\li 'rdataset' is a valid negative caching rdataset. * - * 'rdataset' is not empty. + *\li 'rdataset' is not empty. * - * 'countp' is a valid pointer. + *\li 'countp' is a valid pointer. * * Ensures: - * On a return of ISC_R_SUCCESS, 'target' contains a wire format + *\li On a return of ISC_R_SUCCESS, 'target' contains a wire format * for the data contained in 'rdataset'. Any error return leaves * the buffer unchanged. * - * *countp has been incremented by the number of RRs added to + *\li *countp has been incremented by the number of RRs added to * target. * * Returns: - * ISC_R_SUCCESS - all ok - * ISC_R_NOSPACE - 'target' doesn't have enough room + *\li #ISC_R_SUCCESS - all ok + *\li #ISC_R_NOSPACE - 'target' doesn't have enough room * - * Any error returned by dns_rdata_towire(), dns_rdataset_next(), + *\li Any error returned by dns_rdata_towire(), dns_rdataset_next(), * dns_name_towire(). */ isc_result_t dns_ncache_getrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, dns_rdatatype_t type, dns_rdataset_t *rdataset); -/* +/*%< * Search the negative caching rdataset for an rdataset with the * specified name and type. * * Requires: - * 'ncacherdataset' is a valid negative caching rdataset. + *\li 'ncacherdataset' is a valid negative caching rdataset. * - * 'ncacherdataset' is not empty. + *\li 'ncacherdataset' is not empty. * - * 'name' is a valid name. + *\li 'name' is a valid name. * - * 'type' is not SIG, or a meta-RR type. + *\li 'type' is not SIG, or a meta-RR type. * - * 'rdataset' is a valid disassociated rdataset. + *\li 'rdataset' is a valid disassociated rdataset. * * Ensures: - * On a return of ISC_R_SUCCESS, 'rdataset' is bound to the found + *\li On a return of ISC_R_SUCCESS, 'rdataset' is bound to the found * rdataset. * * Returns: - * ISC_R_SUCCESS - the rdataset was found. - * ISC_R_NOTFOUND - the rdataset was not found. + *\li #ISC_R_SUCCESS - the rdataset was found. + *\li #ISC_R_NOTFOUND - the rdataset was not found. * */ diff --git a/usr.sbin/bind/lib/dns/include/dns/nsec.h b/usr.sbin/bind/lib/dns/include/dns/nsec.h index 846e6d74f0c..f1276d065ef 100644 --- a/usr.sbin/bind/lib/dns/include/dns/nsec.h +++ b/usr.sbin/bind/lib/dns/include/dns/nsec.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: nsec.h,v 1.4.2.1 2004/03/08 02:08:00 marka Exp $ */ +/* $ISC: nsec.h,v 1.4.20.2 2005/04/29 00:16:16 marka Exp $ */ #ifndef DNS_NSEC_H #define DNS_NSEC_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -33,33 +35,33 @@ isc_result_t dns_nsec_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, dns_name_t *target, unsigned char *buffer, dns_rdata_t *rdata); -/* +/*%< * Build the rdata of a NSEC record. * * Requires: - * buffer Points to a temporary buffer of at least + *\li buffer Points to a temporary buffer of at least * DNS_NSEC_BUFFERSIZE bytes. - * rdata Points to an initialized dns_rdata_t. + *\li rdata Points to an initialized dns_rdata_t. * * Ensures: - * *rdata Contains a valid NSEC rdata. The 'data' member refers + * \li *rdata Contains a valid NSEC rdata. The 'data' member refers * to 'buffer'. */ isc_result_t dns_nsec_build(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, dns_name_t *target, dns_ttl_t ttl); -/* +/*%< * Build a NSEC record and add it to a database. */ isc_boolean_t dns_nsec_typepresent(dns_rdata_t *nsec, dns_rdatatype_t type); -/* +/*%< * Determine if a type is marked as present in an NSEC record. * * Requires: - * 'nsec' points to a valid rdataset of type NSEC + *\li 'nsec' points to a valid rdataset of type NSEC */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/opcode.h b/usr.sbin/bind/lib/dns/include/dns/opcode.h index 715a382b56a..a80ceba5bea 100644 --- a/usr.sbin/bind/lib/dns/include/dns/opcode.h +++ b/usr.sbin/bind/lib/dns/include/dns/opcode.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: opcode.h,v 1.1.200.3 2004/03/08 09:04:37 marka Exp $ */ +/* $ISC: opcode.h,v 1.2.18.2 2005/04/29 00:16:16 marka Exp $ */ #ifndef DNS_OPCODE_H #define DNS_OPCODE_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -27,21 +29,21 @@ ISC_LANG_BEGINDECLS isc_result_t dns_opcode_totext(dns_opcode_t opcode, isc_buffer_t *target); -/* +/*%< * Put a textual representation of error 'opcode' into 'target'. * * Requires: - * 'opcode' is a valid opcode. + *\li 'opcode' is a valid opcode. * - * 'target' is a valid text buffer. + *\li 'target' is a valid text buffer. * * Ensures: - * If the result is success: + *\li If the result is success: * The used space in 'target' is updated. * * Returns: - * ISC_R_SUCCESS on success - * ISC_R_NOSPACE target buffer is too small + *\li #ISC_R_SUCCESS on success + *\li #ISC_R_NOSPACE target buffer is too small */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/order.h b/usr.sbin/bind/lib/dns/include/dns/order.h index bc45bf572c5..a2854f7bccc 100644 --- a/usr.sbin/bind/lib/dns/include/dns/order.h +++ b/usr.sbin/bind/lib/dns/include/dns/order.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: order.h,v 1.2.202.3 2004/03/08 09:04:37 marka Exp $ */ +/* $ISC: order.h,v 1.3.18.2 2005/04/29 00:16:17 marka Exp $ */ #ifndef DNS_ORDER_H #define DNS_ORDER_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/types.h> @@ -29,67 +31,67 @@ ISC_LANG_BEGINDECLS isc_result_t dns_order_create(isc_mem_t *mctx, dns_order_t **orderp); -/* +/*%< * Create a order object. * * Requires: - * 'orderp' to be non NULL and '*orderp == NULL'. - * 'mctx' to be valid. + * \li 'orderp' to be non NULL and '*orderp == NULL'. + *\li 'mctx' to be valid. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + *\li ISC_R_SUCCESS + *\li ISC_R_NOMEMORY */ isc_result_t dns_order_add(dns_order_t *order, dns_name_t *name, dns_rdatatype_t rdtype, dns_rdataclass_t rdclass, unsigned int mode); -/* +/*%< * Add a entry to the end of the order list. * * Requires: - * 'order' to be valid. - * 'name' to be valid. - * 'mode' to be one of DNS_RDATASERATTR_RANDOMIZE, - * DNS_RDATASERATTR_RANDOMIZE or zero (DNS_RDATASERATTR_CYCLIC). + * \li 'order' to be valid. + *\li 'name' to be valid. + *\li 'mode' to be one of #DNS_RDATASERATTR_RANDOMIZE, + * #DNS_RDATASERATTR_RANDOMIZE or zero (#DNS_RDATASERATTR_CYCLIC). * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY */ unsigned int dns_order_find(dns_order_t *order, dns_name_t *name, dns_rdatatype_t rdtype, dns_rdataclass_t rdclass); -/* +/*%< * Find the first matching entry on the list. * * Requires: - * 'order' to be valid. - * 'name' to be valid. + *\li 'order' to be valid. + *\li 'name' to be valid. * * Returns the mode set by dns_order_add() or zero. */ void dns_order_attach(dns_order_t *source, dns_order_t **target); -/* +/*%< * Attach to the 'source' object. * * Requires: - * 'source' to be valid. - * 'target' to be non NULL and '*target == NULL'. + * \li 'source' to be valid. + *\li 'target' to be non NULL and '*target == NULL'. */ void dns_order_detach(dns_order_t **orderp); -/* +/*%< * Detach from the object. Clean up if last this was the last * reference. * * Requires: - * '*orderp' to be valid. + *\li '*orderp' to be valid. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/peer.h b/usr.sbin/bind/lib/dns/include/dns/peer.h index 7bd6b3fff25..aaf6105de32 100644 --- a/usr.sbin/bind/lib/dns/include/dns/peer.h +++ b/usr.sbin/bind/lib/dns/include/dns/peer.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: peer.h,v 1.16.2.1.10.5 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: peer.h,v 1.20.18.8 2006/02/28 03:10:48 marka Exp $ */ #ifndef DNS_PEER_H #define DNS_PEER_H 1 @@ -24,7 +24,8 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * Data structures for peers (e.g. a 'server' config file statement) */ @@ -64,6 +65,7 @@ struct dns_peer { isc_mem_t *mem; isc_netaddr_t address; + unsigned int prefixlen; isc_boolean_t bogus; dns_transfer_format_t transfer_format; isc_uint32_t transfers; @@ -73,6 +75,10 @@ struct dns_peer { isc_boolean_t support_edns; dns_name_t *key; isc_sockaddr_t *transfer_source; + isc_sockaddr_t *notify_source; + isc_sockaddr_t *query_source; + isc_uint16_t udpsize; /* recieve size */ + isc_uint16_t maxudp; /* transmit size */ isc_uint32_t bitflags; @@ -115,6 +121,10 @@ dns_peerlist_currpeer(dns_peerlist_t *peers, dns_peer_t **retval); isc_result_t dns_peer_new(isc_mem_t *mem, isc_netaddr_t *ipaddr, dns_peer_t **peer); +isc_result_t +dns_peer_newprefix(isc_mem_t *mem, isc_netaddr_t *ipaddr, + unsigned int prefixlen, dns_peer_t **peer); + void dns_peer_attach(dns_peer_t *source, dns_peer_t **target); @@ -173,6 +183,30 @@ dns_peer_settransfersource(dns_peer_t *peer, isc_result_t dns_peer_gettransfersource(dns_peer_t *peer, isc_sockaddr_t *transfer_source); +isc_result_t +dns_peer_setudpsize(dns_peer_t *peer, isc_uint16_t udpsize); + +isc_result_t +dns_peer_getudpsize(dns_peer_t *peer, isc_uint16_t *udpsize); + +isc_result_t +dns_peer_setmaxudp(dns_peer_t *peer, isc_uint16_t maxudp); + +isc_result_t +dns_peer_getmaxudp(dns_peer_t *peer, isc_uint16_t *maxudp); + +isc_result_t +dns_peer_setnotifysource(dns_peer_t *peer, const isc_sockaddr_t *notify_source); + +isc_result_t +dns_peer_getnotifysource(dns_peer_t *peer, isc_sockaddr_t *notify_source); + +isc_result_t +dns_peer_setquerysource(dns_peer_t *peer, const isc_sockaddr_t *query_source); + +isc_result_t +dns_peer_getquerysource(dns_peer_t *peer, isc_sockaddr_t *query_source); + ISC_LANG_ENDDECLS #endif /* DNS_PEER_H */ diff --git a/usr.sbin/bind/lib/dns/include/dns/portlist.h b/usr.sbin/bind/lib/dns/include/dns/portlist.h index e799692e466..efa6a4163ba 100644 --- a/usr.sbin/bind/lib/dns/include/dns/portlist.h +++ b/usr.sbin/bind/lib/dns/include/dns/portlist.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: portlist.h,v 1.2.84.2 2004/03/06 08:13:58 marka Exp $ */ +/* $ISC: portlist.h,v 1.3.18.2 2005/04/29 00:16:17 marka Exp $ */ + +/*! \file */ #include <isc/lang.h> #include <isc/net.h> @@ -27,73 +29,73 @@ ISC_LANG_BEGINDECLS isc_result_t dns_portlist_create(isc_mem_t *mctx, dns_portlist_t **portlistp); -/* +/*%< * Create a port list. * * Requires: - * 'mctx' to be valid. - * 'portlistp' to be non NULL and '*portlistp' to be NULL; + *\li 'mctx' to be valid. + *\li 'portlistp' to be non NULL and '*portlistp' to be NULL; * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * ISC_R_UNEXPECTED + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li #ISC_R_UNEXPECTED */ isc_result_t dns_portlist_add(dns_portlist_t *portlist, int af, in_port_t port); -/* +/*%< * Add the given <port,af> tuple to the portlist. * * Requires: - * 'portlist' to be valid. - * 'af' to be AF_INET or AF_INET6 + *\li 'portlist' to be valid. + *\li 'af' to be AF_INET or AF_INET6 * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY */ void dns_portlist_remove(dns_portlist_t *portlist, int af, in_port_t port); -/* +/*%< * Remove the given <port,af> tuple to the portlist. * * Requires: - * 'portlist' to be valid. - * 'af' to be AF_INET or AF_INET6 + *\li 'portlist' to be valid. + *\li 'af' to be AF_INET or AF_INET6 */ isc_boolean_t dns_portlist_match(dns_portlist_t *portlist, int af, in_port_t port); -/* +/*%< * Find the given <port,af> tuple to the portlist. * * Requires: - * 'portlist' to be valid. - * 'af' to be AF_INET or AF_INET6 + *\li 'portlist' to be valid. + *\li 'af' to be AF_INET or AF_INET6 * * Returns - * ISC_TRUE if the tuple is found, ISC_FALSE otherwise. + * \li #ISC_TRUE if the tuple is found, ISC_FALSE otherwise. */ void dns_portlist_attach(dns_portlist_t *portlist, dns_portlist_t **portlistp); -/* +/*%< * Attach to a port list. * * Requires: - * 'portlist' to be valid. - * 'portlistp' to be non NULL and '*portlistp' to be NULL; + *\li 'portlist' to be valid. + *\li 'portlistp' to be non NULL and '*portlistp' to be NULL; */ void dns_portlist_detach(dns_portlist_t **portlistp); -/* +/*%< * Detach from a port list. * * Requires: - * '*portlistp' to be valid. + *\li '*portlistp' to be valid. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/rbt.h b/usr.sbin/bind/lib/dns/include/dns/rbt.h index fadeb07dfcd..40b0362f07d 100644 --- a/usr.sbin/bind/lib/dns/include/dns/rbt.h +++ b/usr.sbin/bind/lib/dns/include/dns/rbt.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,13 +15,16 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rbt.h,v 1.55.12.6 2004/10/11 05:55:51 marka Exp $ */ +/* $ISC: rbt.h,v 1.59.18.5 2005/10/13 01:26:07 marka Exp $ */ #ifndef DNS_RBT_H #define DNS_RBT_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/magic.h> +#include <isc/refcount.h> #include <dns/types.h> @@ -29,7 +32,8 @@ ISC_LANG_BEGINDECLS #define DNS_RBT_USEHASH 1 -/* +/*@{*/ +/*% * Option values for dns_rbt_findnode() and dns_rbt_findname(). * These are used to form a bitmask. */ @@ -37,6 +41,13 @@ ISC_LANG_BEGINDECLS #define DNS_RBTFIND_EMPTYDATA 0x01 #define DNS_RBTFIND_NOEXACT 0x02 #define DNS_RBTFIND_NOPREDECESSOR 0x04 +/*@}*/ + +#ifndef DNS_RBT_USEISCREFCOUNT +#ifdef ISC_REFCOUNT_HAVEATOMIC +#define DNS_RBT_USEISCREFCOUNT 1 +#endif +#endif /* * These should add up to 30. @@ -51,7 +62,7 @@ ISC_LANG_BEGINDECLS #define DNS_RBTNODE_VALID(n) ISC_TRUE #endif -/* +/*% * This is the structure that is used for each node in the red/black * tree of trees. NOTE WELL: the implementation manages this as a variable * length structure, with the actual wire-format name and other data @@ -69,7 +80,8 @@ typedef struct dns_rbtnode { #ifdef DNS_RBT_USEHASH struct dns_rbtnode *hashnext; #endif - /* + /*@{*/ + /*! * The following bitfields add up to a total bitwidth of 32. * The range of values necessary for each item is indicated, * but in the case of "attributes" the field is wider to accomodate @@ -81,19 +93,21 @@ typedef struct dns_rbtnode { * In each case below the "range" indicated is what's _necessary_ for * the bitfield to hold, not what it actually _can_ hold. */ - unsigned int is_root : 1; /* range is 0..1 */ - unsigned int color : 1; /* range is 0..1 */ - unsigned int find_callback : 1; /* range is 0..1 */ - unsigned int attributes : 4; /* range is 0..2 */ - unsigned int namelen : 8; /* range is 1..255 */ - unsigned int offsetlen : 8; /* range is 1..128 */ - unsigned int padbytes : 9; /* range is 0..380 */ + unsigned int is_root : 1; /*%< range is 0..1 */ + unsigned int color : 1; /*%< range is 0..1 */ + unsigned int find_callback : 1; /*%< range is 0..1 */ + unsigned int attributes : 4; /*%< range is 0..2 */ + unsigned int namelen : 8; /*%< range is 1..255 */ + unsigned int offsetlen : 8; /*%< range is 1..128 */ + unsigned int padbytes : 9; /*%< range is 0..380 */ + /*@}*/ #ifdef DNS_RBT_USEHASH unsigned int hashval; #endif - /* + /*@{*/ + /*! * These values are used in the RBT DB implementation. The appropriate * node lock must be held before accessing them. */ @@ -101,7 +115,12 @@ typedef struct dns_rbtnode { unsigned int dirty:1; unsigned int wild:1; unsigned int locknum:DNS_RBT_LOCKLENGTH; +#ifndef DNS_RBT_USEISCREFCOUNT unsigned int references:DNS_RBT_REFLENGTH; +#else + isc_refcount_t references; /* note that this is not in the bitfield */ +#endif + /*@}*/ } dns_rbtnode_t; typedef isc_result_t (*dns_rbtfindcallback_t)(dns_rbtnode_t *node, @@ -112,7 +131,7 @@ typedef isc_result_t (*dns_rbtfindcallback_t)(dns_rbtnode_t *node, ***** Chain Info *****/ -/* +/*! * A chain is used to keep track of the sequence of nodes to reach any given * node from the root of the tree. Originally nodes did not have parent * pointers in them (for memory usage reasons) so there was no way to find @@ -151,7 +170,7 @@ typedef isc_result_t (*dns_rbtfindcallback_t)(dns_rbtnode_t *node, * functions but additionally can provide the node to which the chain points. */ -/* +/*% * The number of level blocks to allocate at a time. Currently the maximum * number of levels is allocated directly in the structure, but future * revisions of this code might have a static initial block with dynamic @@ -165,14 +184,14 @@ typedef isc_result_t (*dns_rbtfindcallback_t)(dns_rbtnode_t *node, typedef struct dns_rbtnodechain { unsigned int magic; isc_mem_t * mctx; - /* + /*% * The terminal node of the chain. It is not in levels[]. * This is ostensibly private ... but in a pinch it could be * used tell that the chain points nowhere without needing to * call dns_rbtnodechain_current(). */ dns_rbtnode_t * end; - /* + /*% * The maximum number of labels in a name is 128; bitstrings mean * a conceptually very large number (which I have not bothered to * compute) of logical levels because splitting can potentially occur @@ -181,7 +200,7 @@ typedef struct dns_rbtnodechain { * in the worst case. */ dns_rbtnode_t * levels[DNS_RBT_LEVELBLOCK]; - /* + /*% * level_count indicates how deep the chain points into the * tree of trees, and is the index into the levels[] array. * Thus, levels[level_count - 1] is the last level node stored. @@ -190,7 +209,7 @@ typedef struct dns_rbtnodechain { * so on. */ unsigned int level_count; - /* + /*% * level_matches tells how many levels matched above the node * returned by dns_rbt_findnode(). A match (partial or exact) found * in the first level thus results in level_matches being set to 1. @@ -203,44 +222,43 @@ typedef struct dns_rbtnodechain { /***** ***** Public interfaces. *****/ - isc_result_t dns_rbt_create(isc_mem_t *mctx, void (*deleter)(void *, void *), void *deleter_arg, dns_rbt_t **rbtp); -/* +/*%< * Initialize a red-black tree of trees. * * Notes: - * The deleter argument, if non-null, points to a function that is + *\li The deleter argument, if non-null, points to a function that is * responsible for cleaning up any memory associated with the data * pointer of a node when the node is deleted. It is passed the * deleted node's data pointer as its first argument and deleter_arg * as its second argument. * * Requires: - * mctx is a pointer to a valid memory context. - * rbtp != NULL && *rbtp == NULL - * arg == NULL iff deleter == NULL + * \li mctx is a pointer to a valid memory context. + *\li rbtp != NULL && *rbtp == NULL + *\li arg == NULL iff deleter == NULL * * Ensures: - * If result is ISC_R_SUCCESS: + *\li If result is ISC_R_SUCCESS: * *rbtp points to a valid red-black tree manager * - * If result is failure: + *\li If result is failure: * *rbtp does not point to a valid red-black tree manager. * * Returns: - * ISC_R_SUCCESS Success - * ISC_R_NOMEMORY Resource limit: Out of Memory + *\li #ISC_R_SUCCESS Success + *\li #ISC_R_NOMEMORY Resource limit: Out of Memory */ isc_result_t dns_rbt_addname(dns_rbt_t *rbt, dns_name_t *name, void *data); -/* +/*%< * Add 'name' to the tree of trees, associated with 'data'. * * Notes: - * 'data' is never required to be non-NULL, but specifying it + *\li 'data' is never required to be non-NULL, but specifying it * when the name is added is faster than searching for 'name' * again and then setting the data pointer. The lack of a data pointer * for a node also has other ramifications regarding whether @@ -248,106 +266,103 @@ dns_rbt_addname(dns_rbt_t *rbt, dns_name_t *name, void *data); * joins nodes. * * Requires: - * rbt is a valid rbt manager. - * dns_name_isabsolute(name) == TRUE + *\li rbt is a valid rbt manager. + *\li dns_name_isabsolute(name) == TRUE * * Ensures: - * 'name' is not altered in any way. + *\li 'name' is not altered in any way. * - * Any external references to nodes in the tree are unaffected by + *\li Any external references to nodes in the tree are unaffected by * node splits that are necessary to insert the new name. * - * If result is ISC_R_SUCCESS: + *\li If result is #ISC_R_SUCCESS: * 'name' is findable in the red/black tree of trees in O(log N). - * * The data pointer of the node for 'name' is set to 'data'. * - * If result is ISC_R_EXISTS or ISC_R_NOSPACE: + *\li If result is #ISC_R_EXISTS or #ISC_R_NOSPACE: * The tree of trees is unaltered. * - * If result is ISC_R_NOMEMORY: + *\li If result is #ISC_R_NOMEMORY: * No guarantees. * * Returns: - * ISC_R_SUCCESS Success - * ISC_R_EXISTS The name already exists with associated data. - * ISC_R_NOSPACE The name had more logical labels than are allowed. - * ISC_R_NOMEMORY Resource Limit: Out of Memory + *\li #ISC_R_SUCCESS Success + *\li #ISC_R_EXISTS The name already exists with associated data. + *\li #ISC_R_NOSPACE The name had more logical labels than are allowed. + *\li #ISC_R_NOMEMORY Resource Limit: Out of Memory */ isc_result_t dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep); -/* +/*%< * Just like dns_rbt_addname, but returns the address of the node. * * Requires: - * rbt is a valid rbt structure. - * dns_name_isabsolute(name) == TRUE - * nodep != NULL && *nodep == NULL + *\li rbt is a valid rbt structure. + *\li dns_name_isabsolute(name) == TRUE + *\li nodep != NULL && *nodep == NULL * * Ensures: - * 'name' is not altered in any way. + *\li 'name' is not altered in any way. * - * Any external references to nodes in the tree are unaffected by + *\li Any external references to nodes in the tree are unaffected by * node splits that are necessary to insert the new name. * - * If result is ISC_R_SUCCESS: + *\li If result is ISC_R_SUCCESS: * 'name' is findable in the red/black tree of trees in O(log N). - * * *nodep is the node that was added for 'name'. * - * If result is ISC_R_EXISTS: + *\li If result is ISC_R_EXISTS: * The tree of trees is unaltered. - * * *nodep is the existing node for 'name'. * - * If result is ISC_R_NOMEMORY: + *\li If result is ISC_R_NOMEMORY: * No guarantees. * * Returns: - * ISC_R_SUCCESS Success - * ISC_R_EXISTS The name already exists, possibly without data. - * ISC_R_NOMEMORY Resource Limit: Out of Memory + *\li #ISC_R_SUCCESS Success + *\li #ISC_R_EXISTS The name already exists, possibly without data. + *\li #ISC_R_NOMEMORY Resource Limit: Out of Memory */ isc_result_t dns_rbt_findname(dns_rbt_t *rbt, dns_name_t *name, unsigned int options, dns_name_t *foundname, void **data); -/* +/*%< * Get the data pointer associated with 'name'. * * Notes: - * When DNS_RBTFIND_NOEXACT is set, the closest matching superdomain is - * returned (also subject to DNS_RBTFIND_EMPTYDATA), even when there is + *\li When #DNS_RBTFIND_NOEXACT is set, the closest matching superdomain is + * returned (also subject to #DNS_RBTFIND_EMPTYDATA), even when there is * an exact match in the tree. * - * A node that has no data is considered not to exist for this function, - * unless the DNS_RBTFIND_EMPTYDATA option is set. + *\li A node that has no data is considered not to exist for this function, + * unless the #DNS_RBTFIND_EMPTYDATA option is set. * * Requires: - * rbt is a valid rbt manager. - * dns_name_isabsolute(name) == TRUE - * data != NULL && *data == NULL + *\li rbt is a valid rbt manager. + *\li dns_name_isabsolute(name) == TRUE + *\li data != NULL && *data == NULL * * Ensures: - * 'name' and the tree are not altered in any way. + *\li 'name' and the tree are not altered in any way. * - * If result is ISC_R_SUCCESS: + *\li If result is ISC_R_SUCCESS: * *data is the data associated with 'name'. * - * If result is DNS_R_PARTIALMATCH: + *\li If result is DNS_R_PARTIALMATCH: * *data is the data associated with the deepest superdomain * of 'name' which has data. * - * If result is ISC_R_NOTFOUND: + *\li If result is ISC_R_NOTFOUND: * Neither the name nor a superdomain was found with data. * * Returns: - * ISC_R_SUCCESS Success - * DNS_R_PARTIALMATCH Superdomain found with data - * ISC_R_NOTFOUND No match - * ISC_R_NOSPACE Concatenating nodes to form foundname failed + *\li #ISC_R_SUCCESS Success + *\li #DNS_R_PARTIALMATCH Superdomain found with data + *\li #ISC_R_NOTFOUND No match + *\li #ISC_R_NOSPACE Concatenating nodes to form foundname failed */ isc_result_t @@ -355,20 +370,20 @@ dns_rbt_findnode(dns_rbt_t *rbt, dns_name_t *name, dns_name_t *foundname, dns_rbtnode_t **node, dns_rbtnodechain_t *chain, unsigned int options, dns_rbtfindcallback_t callback, void *callback_arg); -/* +/*%< * Find the node for 'name'. * * Notes: - * A node that has no data is considered not to exist for this function, + *\li A node that has no data is considered not to exist for this function, * unless the DNS_RBTFIND_EMPTYDATA option is set. This applies to both * exact matches and partial matches. * - * If the chain parameter is non-NULL, then the path through the tree + *\li If the chain parameter is non-NULL, then the path through the tree * to the DNSSEC predecessor of the searched for name is maintained, * unless the DNS_RBTFIND_NOPREDECESSOR or DNS_RBTFIND_NOEXACT option * is used. (For more details on those options, see below.) * - * If there is no predecessor, then the chain will point to nowhere, as + *\li If there is no predecessor, then the chain will point to nowhere, as * indicated by chain->end being NULL or dns_rbtnodechain_current * returning ISC_R_NOTFOUND. Note that in a normal Internet DNS RBT * there will always be a predecessor for all names except the root @@ -376,23 +391,23 @@ dns_rbt_findnode(dns_rbt_t *rbt, dns_name_t *name, dns_name_t *foundname, * everything. But you can certainly construct a trivial tree and a * search for it that has no predecessor. * - * Within the chain structure, the 'levels' member of the structure holds + *\li Within the chain structure, the 'levels' member of the structure holds * the root node of each level except the first. * - * The 'level_count' of the chain indicates how deep the chain to the + *\li The 'level_count' of the chain indicates how deep the chain to the * predecessor name is, as an index into the 'levels[]' array. It does * not count name elements, per se, but only levels of the tree of trees, * the distinction arrising because multiple labels from a name can be * stored on only one level. It is also does not include the level * that has the node, since that level is not stored in levels[]. * - * The chain's 'level_matches' is not directly related to the predecessor. + *\li The chain's 'level_matches' is not directly related to the predecessor. * It is the number of levels above the level of the found 'node', * regardless of whether it was a partial match or exact match. When * the node is found in the top level tree, or no node is found at all, * level_matches is 0. * - * When DNS_RBTFIND_NOEXACT is set, the closest matching superdomain is + *\li When DNS_RBTFIND_NOEXACT is set, the closest matching superdomain is * returned (also subject to DNS_RBTFIND_EMPTYDATA), even when * there is an exact match in the tree. In this case, the chain * will not point to the DNSSEC predecessor, but will instead point @@ -407,26 +422,29 @@ dns_rbt_findnode(dns_rbt_t *rbt, dns_name_t *name, dns_name_t *foundname, * where you want the chain pointed, so this can be made more firm. * * Requires: - * rbt is a valid rbt manager. - * dns_name_isabsolute(name) == TRUE. - * node != NULL && *node == NULL. - * DNS_RBTFIND_NOEXACT and DNS_RBTFIND_NOPREDECESSOR are mutally + *\li rbt is a valid rbt manager. + *\li dns_name_isabsolute(name) == TRUE. + *\li node != NULL && *node == NULL. + *\li #DNS_RBTFIND_NOEXACT and DNS_RBTFIND_NOPREDECESSOR are mutally * exclusive. * * Ensures: - * 'name' and the tree are not altered in any way. + *\li 'name' and the tree are not altered in any way. * - * If result is ISC_R_SUCCESS: + *\li If result is ISC_R_SUCCESS: + *\verbatim * *node is the terminal node for 'name'. - * + * 'foundname' and 'name' represent the same name (though not * the same memory). - * + * 'chain' points to the DNSSEC predecessor, if any, of 'name'. * * chain->level_matches and chain->level_count are equal. + *\endverbatim * * If result is DNS_R_PARTIALMATCH: + *\verbatim * *node is the data associated with the deepest superdomain * of 'name' which has data. * @@ -434,59 +452,62 @@ dns_rbt_findnode(dns_rbt_t *rbt, dns_name_t *name, dns_name_t *foundname, * data, unless the DNS_RBTFIND_EMPTYDATA option is set). * * 'chain' points to the DNSSEC predecessor, if any, of 'name'. + *\endverbatim * - * If result is ISC_R_NOTFOUND: + *\li If result is ISC_R_NOTFOUND: + *\verbatim * Neither the name nor a superdomain was found. *node is NULL. * * 'chain' points to the DNSSEC predecessor, if any, of 'name'. * * chain->level_matches is 0. + *\endverbatim * * Returns: - * ISC_R_SUCCESS Success - * DNS_R_PARTIALMATCH Superdomain found with data - * ISC_R_NOTFOUND No match, or superdomain with no data - * ISC_R_NOSPACE Concatenating nodes to form foundname failed + *\li #ISC_R_SUCCESS Success + *\li #DNS_R_PARTIALMATCH Superdomain found with data + *\li #ISC_R_NOTFOUND No match, or superdomain with no data + *\li #ISC_R_NOSPACE Concatenating nodes to form foundname failed */ isc_result_t dns_rbt_deletename(dns_rbt_t *rbt, dns_name_t *name, isc_boolean_t recurse); -/* +/*%< * Delete 'name' from the tree of trees. * * Notes: - * When 'name' is removed, if recurse is ISC_TRUE then all of its + *\li When 'name' is removed, if recurse is ISC_TRUE then all of its * subnames are removed too. * * Requires: - * rbt is a valid rbt manager. - * dns_name_isabsolute(name) == TRUE + *\li rbt is a valid rbt manager. + *\li dns_name_isabsolute(name) == TRUE * * Ensures: - * 'name' is not altered in any way. + *\li 'name' is not altered in any way. * - * Does NOT ensure that any external references to nodes in the tree + *\li Does NOT ensure that any external references to nodes in the tree * are unaffected by node joins. * - * If result is ISC_R_SUCCESS: + *\li If result is ISC_R_SUCCESS: * 'name' does not appear in the tree with data; however, * the node for the name might still exist which can be * found with dns_rbt_findnode (but not dns_rbt_findname). * - * If result is ISC_R_NOTFOUND: + *\li If result is ISC_R_NOTFOUND: * 'name' does not appear in the tree with data, because * it did not appear in the tree before the function was called. * - * If result is something else: + *\li If result is something else: * See result codes for dns_rbt_findnode (if it fails, the * node is not deleted) or dns_rbt_deletenode (if it fails, * the node is deleted, but the tree is not optimized when * it could have been). * * Returns: - * ISC_R_SUCCESS Success - * ISC_R_NOTFOUND No match - * something_else Any return code from dns_rbt_findnode except + *\li #ISC_R_SUCCESS Success + *\li #ISC_R_NOTFOUND No match + *\li something_else Any return code from dns_rbt_findnode except * DNS_R_PARTIALMATCH (which causes ISC_R_NOTFOUND * to be returned instead), and any code from * dns_rbt_deletenode. @@ -494,115 +515,115 @@ dns_rbt_deletename(dns_rbt_t *rbt, dns_name_t *name, isc_boolean_t recurse); isc_result_t dns_rbt_deletenode(dns_rbt_t *rbt, dns_rbtnode_t *node, isc_boolean_t recurse); -/* +/*%< * Delete 'node' from the tree of trees. * * Notes: - * When 'node' is removed, if recurse is ISC_TRUE then all nodes + *\li When 'node' is removed, if recurse is ISC_TRUE then all nodes * in levels down from it are removed too. * * Requires: - * rbt is a valid rbt manager. - * node != NULL. + *\li rbt is a valid rbt manager. + *\li node != NULL. * * Ensures: - * Does NOT ensure that any external references to nodes in the tree + *\li Does NOT ensure that any external references to nodes in the tree * are unaffected by node joins. * - * If result is ISC_R_SUCCESS: + *\li If result is ISC_R_SUCCESS: * 'node' does not appear in the tree with data; however, * the node might still exist if it serves as a pointer to * a lower tree level as long as 'recurse' was false, hence * the node could can be found with dns_rbt_findnode whem * that function's empty_data_ok parameter is true. * - * If result is ISC_R_NOMEMORY or ISC_R_NOSPACE: + *\li If result is ISC_R_NOMEMORY or ISC_R_NOSPACE: * The node was deleted, but the tree structure was not * optimized. * * Returns: - * ISC_R_SUCCESS Success - * ISC_R_NOMEMORY Resource Limit: Out of Memory when joining nodes. - * ISC_R_NOSPACE dns_name_concatenate failed when joining nodes. + *\li #ISC_R_SUCCESS Success + *\li #ISC_R_NOMEMORY Resource Limit: Out of Memory when joining nodes. + *\li #ISC_R_NOSPACE dns_name_concatenate failed when joining nodes. */ void dns_rbt_namefromnode(dns_rbtnode_t *node, dns_name_t *name); -/* +/*%< * Convert the sequence of labels stored at 'node' into a 'name'. * * Notes: - * This function does not return the full name, from the root, but + *\li This function does not return the full name, from the root, but * just the labels at the indicated node. * - * The name data pointed to by 'name' is the information stored + *\li The name data pointed to by 'name' is the information stored * in the node, not a copy. Altering the data at this pointer * will likely cause grief. * * Requires: - * name->offsets == NULL + * \li name->offsets == NULL * * Ensures: - * 'name' is DNS_NAMEATTR_READONLY. + * \li 'name' is DNS_NAMEATTR_READONLY. * - * 'name' will point directly to the labels stored after the + * \li 'name' will point directly to the labels stored after the * dns_rbtnode_t struct. * - * 'name' will have offsets that also point to the information stored + * \li 'name' will have offsets that also point to the information stored * as part of the node. */ isc_result_t dns_rbt_fullnamefromnode(dns_rbtnode_t *node, dns_name_t *name); -/* +/*%< * Like dns_rbt_namefromnode, but returns the full name from the root. * * Notes: - * Unlike dns_rbt_namefromnode, the name will not point directly + * \li Unlike dns_rbt_namefromnode, the name will not point directly * to node data. Rather, dns_name_concatenate will be used to copy * the name data from each node into the 'name' argument. * * Requires: - * name != NULL - * name has a dedicated buffer. + * \li name != NULL + * \li name has a dedicated buffer. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOSPACE (possible via dns_name_concatenate) - * DNS_R_NAMETOOLONG (possible via dns_name_concatenate) + * \li ISC_R_SUCCESS + * \li ISC_R_NOSPACE (possible via dns_name_concatenate) + * \li DNS_R_NAMETOOLONG (possible via dns_name_concatenate) */ char * dns_rbt_formatnodename(dns_rbtnode_t *node, char *printname, unsigned int size); -/* +/*%< * Format the full name of a node for printing, using dns_name_format(). * * Notes: - * 'size' is the length of the printname buffer. This should be + * \li 'size' is the length of the printname buffer. This should be * DNS_NAME_FORMATSIZE or larger. * * Requires: - * node and printname are not NULL. + * \li node and printname are not NULL. * * Returns: - * The 'printname' pointer. + * \li The 'printname' pointer. */ unsigned int dns_rbt_nodecount(dns_rbt_t *rbt); -/* +/*%< * Obtain the number of nodes in the tree of trees. * * Requires: - * rbt is a valid rbt manager. + * \li rbt is a valid rbt manager. */ void dns_rbt_destroy(dns_rbt_t **rbtp); isc_result_t dns_rbt_destroy2(dns_rbt_t **rbtp, unsigned int quantum); -/* +/*%< * Stop working with a red-black tree of trees. * If 'quantum' is zero then the entire tree will be destroyed. * If 'quantum' is non zero then up to 'quantum' nodes will be destroyed @@ -612,26 +633,26 @@ dns_rbt_destroy2(dns_rbt_t **rbtp, unsigned int quantum); * performed on the tree of trees. * * Requires: - * *rbt is a valid rbt manager. + * \li *rbt is a valid rbt manager. * * Ensures on ISC_R_SUCCESS: - * All space allocated by the RBT library has been returned. + * \li All space allocated by the RBT library has been returned. * - * *rbt is invalidated as an rbt manager. + * \li *rbt is invalidated as an rbt manager. * * Returns: - * ISC_R_SUCCESS - * ISC_R_QUOTA if 'quantum' nodes have been destroyed. + * \li ISC_R_SUCCESS + * \li ISC_R_QUOTA if 'quantum' nodes have been destroyed. */ void dns_rbt_printall(dns_rbt_t *rbt); -/* +/*%< * Print an ASCII representation of the internal structure of the red-black * tree of trees. * * Notes: - * The name stored at each node, along with the node's color, is printed. + * \li The name stored at each node, along with the node's color, is printed. * Then the down pointer, left and right pointers are displayed * recursively in turn. NULL down pointers are silently omitted; * NULL left and right pointers are printed. @@ -643,70 +664,70 @@ dns_rbt_printall(dns_rbt_t *rbt); void dns_rbtnodechain_init(dns_rbtnodechain_t *chain, isc_mem_t *mctx); -/* +/*%< * Initialize 'chain'. * * Requires: - * 'chain' is a valid pointer. + *\li 'chain' is a valid pointer. * - * 'mctx' is a valid memory context. + *\li 'mctx' is a valid memory context. * * Ensures: - * 'chain' is suitable for use. + *\li 'chain' is suitable for use. */ void dns_rbtnodechain_reset(dns_rbtnodechain_t *chain); -/* +/*%< * Free any dynamic storage associated with 'chain', and then reinitialize * 'chain'. * * Requires: - * 'chain' is a valid pointer. + *\li 'chain' is a valid pointer. * * Ensures: - * 'chain' is suitable for use, and uses no dynamic storage. + *\li 'chain' is suitable for use, and uses no dynamic storage. */ void dns_rbtnodechain_invalidate(dns_rbtnodechain_t *chain); -/* +/*%< * Free any dynamic storage associated with 'chain', and then invalidates it. * * Notes: - * Future calls to any dns_rbtnodechain_ function will need to call + *\li Future calls to any dns_rbtnodechain_ function will need to call * dns_rbtnodechain_init on the chain first (except, of course, * dns_rbtnodechain_init itself). * * Requires: - * 'chain' is a valid chain. + *\li 'chain' is a valid chain. * * Ensures: - * 'chain' is no longer suitable for use, and uses no dynamic storage. + *\li 'chain' is no longer suitable for use, and uses no dynamic storage. */ isc_result_t dns_rbtnodechain_current(dns_rbtnodechain_t *chain, dns_name_t *name, dns_name_t *origin, dns_rbtnode_t **node); -/* +/*%< * Provide the name, origin and node to which the chain is currently pointed. * * Notes: - * The tree need not have be locked against additions for the chain + *\li The tree need not have be locked against additions for the chain * to remain valid, however there are no guarantees if any deletion * has been made since the chain was established. * * Requires: - * 'chain' is a valid chain. + *\li 'chain' is a valid chain. * * Ensures: - * 'node', if non-NULL, is the node to which the chain was pointed + *\li 'node', if non-NULL, is the node to which the chain was pointed * by dns_rbt_findnode, dns_rbtnodechain_first or dns_rbtnodechain_last. * If none were called for the chain since it was initialized or reset, * or if the was no predecessor to the name searched for with * dns_rbt_findnode, then '*node' is NULL and ISC_R_NOTFOUND is returned. * - * 'name', if non-NULL, is the name stored at the terminal level of + *\li 'name', if non-NULL, is the name stored at the terminal level of * the chain. This is typically a single label, like the "www" of * "www.isc.org", but need not be so. At the root of the tree of trees, * if the node is "." then 'name' is ".", otherwise it is relative to ".". @@ -714,124 +735,181 @@ dns_rbtnodechain_current(dns_rbtnodechain_t *chain, dns_name_t *name, * "isc.org." then the root node's stored name is "isc.org." but 'name' * will be "isc.org".) * - * 'origin', if non-NULL, is the sequence of labels in the levels + *\li 'origin', if non-NULL, is the sequence of labels in the levels * above the terminal level, such as "isc.org." in the above example. * 'origin' is always "." for the root node. * * * Returns: - * ISC_R_SUCCESS name, origin & node were successfully set. - * ISC_R_NOTFOUND The chain does not point to any node. - * <something_else> Any error return from dns_name_concatenate. + *\li #ISC_R_SUCCESS name, origin & node were successfully set. + *\li #ISC_R_NOTFOUND The chain does not point to any node. + *\li <something_else> Any error return from dns_name_concatenate. */ isc_result_t dns_rbtnodechain_first(dns_rbtnodechain_t *chain, dns_rbt_t *rbt, dns_name_t *name, dns_name_t *origin); -/* +/*%< * Set the chain to the lexically first node in the tree of trees. * * Notes: - * By the definition of ordering for DNS names, the root of the tree of + *\li By the definition of ordering for DNS names, the root of the tree of * trees is the very first node, since everything else in the megatree * uses it as a common suffix. * * Requires: - * 'chain' is a valid chain. - * 'rbt' is a valid rbt manager. + *\li 'chain' is a valid chain. + *\li 'rbt' is a valid rbt manager. * * Ensures: - * The chain points to the very first node of the tree. + *\li The chain points to the very first node of the tree. * - * 'name' and 'origin', if non-NULL, are set as described for + *\li 'name' and 'origin', if non-NULL, are set as described for * dns_rbtnodechain_current. Thus 'origin' will always be ".". * * Returns: - * DNS_R_NEWORIGIN The name & origin were successfully set. - * <something_else> Any error result from dns_rbtnodechain_current. + *\li #DNS_R_NEWORIGIN The name & origin were successfully set. + *\li <something_else> Any error result from dns_rbtnodechain_current. */ isc_result_t dns_rbtnodechain_last(dns_rbtnodechain_t *chain, dns_rbt_t *rbt, dns_name_t *name, dns_name_t *origin); -/* +/*%< * Set the chain to the lexically last node in the tree of trees. * * Requires: - * 'chain' is a valid chain. - * 'rbt' is a valid rbt manager. + *\li 'chain' is a valid chain. + *\li 'rbt' is a valid rbt manager. * * Ensures: - * The chain points to the very last node of the tree. + *\li The chain points to the very last node of the tree. * - * 'name' and 'origin', if non-NULL, are set as described for + *\li 'name' and 'origin', if non-NULL, are set as described for * dns_rbtnodechain_current. * * Returns: - * DNS_R_NEWORIGIN The name & origin were successfully set. - * ISC_R_NOMEMORY Resource Limit: Out of Memory building chain. - * <something_else> Any error result from dns_name_concatenate. + *\li #DNS_R_NEWORIGIN The name & origin were successfully set. + *\li #ISC_R_NOMEMORY Resource Limit: Out of Memory building chain. + *\li <something_else> Any error result from dns_name_concatenate. */ isc_result_t dns_rbtnodechain_prev(dns_rbtnodechain_t *chain, dns_name_t *name, dns_name_t *origin); -/* +/*%< * Adjusts chain to point the DNSSEC predecessor of the name to which it * is currently pointed. * * Requires: - * 'chain' is a valid chain. - * 'chain' has been pointed somewhere in the tree with dns_rbt_findnode, + *\li 'chain' is a valid chain. + *\li 'chain' has been pointed somewhere in the tree with dns_rbt_findnode, * dns_rbtnodechain_first or dns_rbtnodechain_last -- and remember that * dns_rbt_findnode is not guaranteed to point the chain somewhere, * since there may have been no predecessor to the searched for name. * * Ensures: - * The chain is pointed to the predecessor of its current target. + *\li The chain is pointed to the predecessor of its current target. * - * 'name' and 'origin', if non-NULL, are set as described for + *\li 'name' and 'origin', if non-NULL, are set as described for * dns_rbtnodechain_current. * - * 'origin' is only if a new origin was found. + *\li 'origin' is only if a new origin was found. * * Returns: - * ISC_R_SUCCESS The predecessor was found and 'name' was set. - * DNS_R_NEWORIGIN The predecessor was found with a different + *\li #ISC_R_SUCCESS The predecessor was found and 'name' was set. + *\li #DNS_R_NEWORIGIN The predecessor was found with a different * origin and 'name' and 'origin' were set. - * ISC_R_NOMORE There was no predecessor. - * <something_else> Any error result from dns_rbtnodechain_current. + *\li #ISC_R_NOMORE There was no predecessor. + *\li <something_else> Any error result from dns_rbtnodechain_current. */ isc_result_t dns_rbtnodechain_next(dns_rbtnodechain_t *chain, dns_name_t *name, dns_name_t *origin); -/* +/*%< * Adjusts chain to point the DNSSEC successor of the name to which it * is currently pointed. * * Requires: - * 'chain' is a valid chain. - * 'chain' has been pointed somewhere in the tree with dns_rbt_findnode, + *\li 'chain' is a valid chain. + *\li 'chain' has been pointed somewhere in the tree with dns_rbt_findnode, * dns_rbtnodechain_first or dns_rbtnodechain_last -- and remember that * dns_rbt_findnode is not guaranteed to point the chain somewhere, * since there may have been no predecessor to the searched for name. * * Ensures: - * The chain is pointed to the successor of its current target. + *\li The chain is pointed to the successor of its current target. * - * 'name' and 'origin', if non-NULL, are set as described for + *\li 'name' and 'origin', if non-NULL, are set as described for * dns_rbtnodechain_current. * - * 'origin' is only if a new origin was found. + *\li 'origin' is only if a new origin was found. * * Returns: - * ISC_R_SUCCESS The successor was found and 'name' was set. - * DNS_R_NEWORIGIN The successor was found with a different + *\li #ISC_R_SUCCESS The successor was found and 'name' was set. + *\li #DNS_R_NEWORIGIN The successor was found with a different * origin and 'name' and 'origin' were set. - * ISC_R_NOMORE There was no successor. - * <something_else> Any error result from dns_name_concatenate. + *\li #ISC_R_NOMORE There was no successor. + *\li <something_else> Any error result from dns_name_concatenate. + */ + +/* + * Wrapper macros for manipulating the rbtnode reference counter: + * Since we selectively use isc_refcount_t for the reference counter of + * a rbtnode, operations on the counter depend on the actual type of it. + * The following macros provide a common interface to these operations, + * hiding the back-end. The usage is the same as that of isc_refcount_xxx(). */ +#ifdef DNS_RBT_USEISCREFCOUNT +#define dns_rbtnode_refinit(node, n) \ + do { \ + isc_refcount_init(&(node)->references, (n)); \ + } while (0) +#define dns_rbtnode_refdestroy(node) \ + do { \ + isc_refcount_destroy(&(node)->references); \ + } while (0) +#define dns_rbtnode_refcurrent(node) \ + isc_refcount_current(&(node)->references) +#define dns_rbtnode_refincrement0(node, refs) \ + do { \ + isc_refcount_increment0(&(node)->references, (refs)); \ + } while (0) +#define dns_rbtnode_refincrement(node, refs) \ + do { \ + isc_refcount_increment(&(node)->references, (refs)); \ + } while (0) +#define dns_rbtnode_refdecrement(node, refs) \ + do { \ + isc_refcount_decrement(&(node)->references, (refs)); \ + } while (0) +#else /* DNS_RBT_USEISCREFCOUNT */ +#define dns_rbtnode_refinit(node, n) ((node)->references = (n)) +#define dns_rbtnode_refdestroy(node) (REQUIRE((node)->references == 0)) +#define dns_rbtnode_refcurrent(node) ((node)->references) +#define dns_rbtnode_refincrement0(node, refs) \ + do { \ + unsigned int *_tmp = (unsigned int *)(refs); \ + (node)->references++; \ + if ((_tmp) != NULL) \ + (*_tmp) = (node)->references; \ + } while (0) +#define dns_rbtnode_refincrement(node, refs) \ + do { \ + REQUIRE((node)->references > 0); \ + (node)->references++; \ + if ((refs) != NULL) \ + (*refs) = (node)->references; \ + } while (0) +#define dns_rbtnode_refdecrement(node, refs) \ + do { \ + REQUIRE((node)->references > 0); \ + (node)->references--; \ + if ((refs) != NULL) \ + (*refs) = (node)->references; \ + } while (0) +#endif /* DNS_RBT_USEISCREFCOUNT */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/rcode.h b/usr.sbin/bind/lib/dns/include/dns/rcode.h index e78315f80da..7ccbd0b7678 100644 --- a/usr.sbin/bind/lib/dns/include/dns/rcode.h +++ b/usr.sbin/bind/lib/dns/include/dns/rcode.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rcode.h,v 1.12.206.1 2004/03/06 08:13:59 marka Exp $ */ +/* $ISC: rcode.h,v 1.13.18.2 2005/04/29 00:16:18 marka Exp $ */ #ifndef DNS_RCODE_H #define DNS_RCODE_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -27,68 +29,68 @@ ISC_LANG_BEGINDECLS isc_result_t dns_rcode_fromtext(dns_rcode_t *rcodep, isc_textregion_t *source); -/* +/*%< * Convert the text 'source' refers to into a DNS error value. * * Requires: - * 'rcodep' is a valid pointer. + *\li 'rcodep' is a valid pointer. * - * 'source' is a valid text region. + *\li 'source' is a valid text region. * * Returns: - * ISC_R_SUCCESS on success - * DNS_R_UNKNOWN type is unknown + *\li #ISC_R_SUCCESS on success + *\li #DNS_R_UNKNOWN type is unknown */ isc_result_t dns_rcode_totext(dns_rcode_t rcode, isc_buffer_t *target); -/* +/*%< * Put a textual representation of error 'rcode' into 'target'. * * Requires: - * 'rcode' is a valid rcode. + *\li 'rcode' is a valid rcode. * - * 'target' is a valid text buffer. + *\li 'target' is a valid text buffer. * * Ensures: - * If the result is success: + *\li If the result is success: * The used space in 'target' is updated. * * Returns: - * ISC_R_SUCCESS on success - * ISC_R_NOSPACE target buffer is too small + *\li #ISC_R_SUCCESS on success + *\li #ISC_R_NOSPACE target buffer is too small */ isc_result_t dns_tsigrcode_fromtext(dns_rcode_t *rcodep, isc_textregion_t *source); -/* +/*%< * Convert the text 'source' refers to into a TSIG/TKEY error value. * * Requires: - * 'rcodep' is a valid pointer. + *\li 'rcodep' is a valid pointer. * - * 'source' is a valid text region. + *\li 'source' is a valid text region. * * Returns: - * ISC_R_SUCCESS on success - * DNS_R_UNKNOWN type is unknown + *\li #ISC_R_SUCCESS on success + *\li #DNS_R_UNKNOWN type is unknown */ isc_result_t dns_tsigrcode_totext(dns_rcode_t rcode, isc_buffer_t *target); -/* +/*%< * Put a textual representation of TSIG/TKEY error 'rcode' into 'target'. * * Requires: - * 'rcode' is a valid TSIG/TKEY error code. + *\li 'rcode' is a valid TSIG/TKEY error code. * - * 'target' is a valid text buffer. + *\li 'target' is a valid text buffer. * * Ensures: - * If the result is success: + *\li If the result is success: * The used space in 'target' is updated. * * Returns: - * ISC_R_SUCCESS on success - * ISC_R_NOSPACE target buffer is too small + *\li #ISC_R_SUCCESS on success + *\li #ISC_R_NOSPACE target buffer is too small */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/rdataclass.h b/usr.sbin/bind/lib/dns/include/dns/rdataclass.h index bf79c78e51d..da5cda7138a 100644 --- a/usr.sbin/bind/lib/dns/include/dns/rdataclass.h +++ b/usr.sbin/bind/lib/dns/include/dns/rdataclass.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rdataclass.h,v 1.17.206.1 2004/03/06 08:13:59 marka Exp $ */ +/* $ISC: rdataclass.h,v 1.18.18.2 2005/04/29 00:16:18 marka Exp $ */ #ifndef DNS_RDATACLASS_H #define DNS_RDATACLASS_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -28,49 +30,49 @@ ISC_LANG_BEGINDECLS isc_result_t dns_rdataclass_fromtext(dns_rdataclass_t *classp, isc_textregion_t *source); -/* +/*%< * Convert the text 'source' refers to into a DNS class. * * Requires: - * 'classp' is a valid pointer. + *\li 'classp' is a valid pointer. * - * 'source' is a valid text region. + *\li 'source' is a valid text region. * * Returns: - * ISC_R_SUCCESS on success - * DNS_R_UNKNOWN class is unknown + *\li #ISC_R_SUCCESS on success + *\li #DNS_R_UNKNOWN class is unknown */ isc_result_t dns_rdataclass_totext(dns_rdataclass_t rdclass, isc_buffer_t *target); -/* +/*%< * Put a textual representation of class 'rdclass' into 'target'. * * Requires: - * 'rdclass' is a valid class. + *\li 'rdclass' is a valid class. * - * 'target' is a valid text buffer. + *\li 'target' is a valid text buffer. * - * Ensures: - * If the result is success: - * The used space in 'target' is updated. + * Ensures, + * if the result is success: + *\li The used space in 'target' is updated. * * Returns: - * ISC_R_SUCCESS on success - * ISC_R_NOSPACE target buffer is too small + *\li #ISC_R_SUCCESS on success + *\li #ISC_R_NOSPACE target buffer is too small */ void dns_rdataclass_format(dns_rdataclass_t rdclass, char *array, unsigned int size); -/* +/*%< * Format a human-readable representation of the class 'rdclass' * into the character array 'array', which is of size 'size'. * The resulting string is guaranteed to be null-terminated. */ #define DNS_RDATACLASS_FORMATSIZE sizeof("CLASS65535") -/* +/*%< * Minimum size of array to pass to dns_rdataclass_format(). */ diff --git a/usr.sbin/bind/lib/dns/include/dns/rdatalist.h b/usr.sbin/bind/lib/dns/include/dns/rdatalist.h index f91f8cdb2e5..700eecd215b 100644 --- a/usr.sbin/bind/lib/dns/include/dns/rdatalist.h +++ b/usr.sbin/bind/lib/dns/include/dns/rdatalist.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rdatalist.h,v 1.13.206.1 2004/03/06 08:13:59 marka Exp $ */ +/* $ISC: rdatalist.h,v 1.14.18.2 2005/04/29 00:16:19 marka Exp $ */ #ifndef DNS_RDATALIST_H #define DNS_RDATALIST_H 1 @@ -24,32 +24,31 @@ ***** Module Info *****/ -/* - * DNS Rdatalist - * +/*! \file + * \brief * A DNS rdatalist is a list of rdata of a common type and class. * * MP: - * Clients of this module must impose any required synchronization. + *\li Clients of this module must impose any required synchronization. * * Reliability: - * No anticipated impact. + *\li No anticipated impact. * * Resources: - * <TBS> + *\li TBS * * Security: - * No anticipated impact. + *\li No anticipated impact. * * Standards: - * None. + *\li None. */ #include <isc/lang.h> #include <dns/types.h> -/* +/*% * Clients may use this type directly. */ struct dns_rdatalist { @@ -65,38 +64,38 @@ ISC_LANG_BEGINDECLS void dns_rdatalist_init(dns_rdatalist_t *rdatalist); -/* +/*%< * Initialize rdatalist. * * Ensures: - * All fields of rdatalist have been initialized to their default + *\li All fields of rdatalist have been initialized to their default * values. */ isc_result_t dns_rdatalist_tordataset(dns_rdatalist_t *rdatalist, dns_rdataset_t *rdataset); -/* +/*%< * Make 'rdataset' refer to the rdata in 'rdatalist'. * * Note: - * The caller must ensure that 'rdatalist' remains valid and unchanged + *\li The caller must ensure that 'rdatalist' remains valid and unchanged * while 'rdataset' is associated with it. * * Requires: * - * 'rdatalist' is a valid rdatalist. + *\li 'rdatalist' is a valid rdatalist. * - * 'rdataset' is a valid rdataset that is not currently associated with + *\li 'rdataset' is a valid rdataset that is not currently associated with * any rdata. * - * Ensures: - * On success, + * Ensures, + * on success, * - * 'rdataset' is associated with the rdata in rdatalist. + *\li 'rdataset' is associated with the rdata in rdatalist. * * Returns: - * ISC_R_SUCCESS + *\li #ISC_R_SUCCESS */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/rdatasetiter.h b/usr.sbin/bind/lib/dns/include/dns/rdatasetiter.h index 71518b76a39..a380d3fb59d 100644 --- a/usr.sbin/bind/lib/dns/include/dns/rdatasetiter.h +++ b/usr.sbin/bind/lib/dns/include/dns/rdatasetiter.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rdatasetiter.h,v 1.14.206.1 2004/03/06 08:13:59 marka Exp $ */ +/* $ISC: rdatasetiter.h,v 1.15.18.2 2005/04/29 00:16:19 marka Exp $ */ #ifndef DNS_RDATASETITER_H #define DNS_RDATASETITER_H 1 @@ -24,9 +24,8 @@ ***** Module Info *****/ -/* - * DNS Rdataset Iterator - * +/*! \file + * \brief * The DNS Rdataset Iterator interface allows iteration of all of the * rdatasets at a node. * @@ -37,25 +36,25 @@ * It is the client's responsibility to call dns_rdataset_disassociate() * on all rdatasets returned. * - * XXX <more> XXX + * XXX more XXX * * MP: - * The iterator itself is not locked. The caller must ensure + *\li The iterator itself is not locked. The caller must ensure * synchronization. * - * The iterator methods ensure appropriate database locking. + *\li The iterator methods ensure appropriate database locking. * * Reliability: - * No anticipated impact. + *\li No anticipated impact. * * Resources: - * <TBS> + *\li TBS * * Security: - * No anticipated impact. + *\li No anticipated impact. * * Standards: - * None. + *\li None. */ /***** @@ -85,12 +84,12 @@ typedef struct dns_rdatasetitermethods { #define DNS_RDATASETITER_MAGIC ISC_MAGIC('D','N','S','i') #define DNS_RDATASETITER_VALID(i) ISC_MAGIC_VALID(i, DNS_RDATASETITER_MAGIC) -/* +/*% * This structure is actually just the common prefix of a DNS db * implementation's version of a dns_rdatasetiter_t. - * + * \brief * Direct use of this structure by clients is forbidden. DB implementations - * may change the structure. 'magic' must be DNS_RDATASETITER_MAGIC for + * may change the structure. 'magic' must be #DNS_RDATASETITER_MAGIC for * any of the dns_rdatasetiter routines to work. DB implementations must * maintain all DB rdataset iterator invariants. */ @@ -106,64 +105,64 @@ struct dns_rdatasetiter { void dns_rdatasetiter_destroy(dns_rdatasetiter_t **iteratorp); -/* +/*%< * Destroy '*iteratorp'. * * Requires: * - * '*iteratorp' is a valid iterator. + *\li '*iteratorp' is a valid iterator. * * Ensures: * - * All resources used by the iterator are freed. + *\li All resources used by the iterator are freed. * - * *iteratorp == NULL. + *\li *iteratorp == NULL. */ isc_result_t dns_rdatasetiter_first(dns_rdatasetiter_t *iterator); -/* +/*%< * Move the rdataset cursor to the first rdataset at the node (if any). * * Requires: - * 'iterator' is a valid iterator. + *\li 'iterator' is a valid iterator. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMORE There are no rdatasets at the node. + *\li ISC_R_SUCCESS + *\li ISC_R_NOMORE There are no rdatasets at the node. * - * Other results are possible, depending on the DB implementation. + *\li Other results are possible, depending on the DB implementation. */ isc_result_t dns_rdatasetiter_next(dns_rdatasetiter_t *iterator); -/* +/*%< * Move the rdataset cursor to the next rdataset at the node (if any). * * Requires: - * 'iterator' is a valid iterator. + *\li 'iterator' is a valid iterator. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMORE There are no more rdatasets at the + *\li ISC_R_SUCCESS + *\li ISC_R_NOMORE There are no more rdatasets at the * node. * - * Other results are possible, depending on the DB implementation. + *\li Other results are possible, depending on the DB implementation. */ void dns_rdatasetiter_current(dns_rdatasetiter_t *iterator, dns_rdataset_t *rdataset); -/* +/*%< * Return the current rdataset. * * Requires: - * 'iterator' is a valid iterator. + *\li 'iterator' is a valid iterator. * - * 'rdataset' is a valid, disassociated rdataset. + *\li 'rdataset' is a valid, disassociated rdataset. * - * The rdataset cursor of 'iterator' is at a valid location (i.e. the - * result of last call to a cursor movement command was ISC_R_SUCCESS). + *\li The rdataset cursor of 'iterator' is at a valid location (i.e. the + * result of last call to a cursor movement command was #ISC_R_SUCCESS). */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/rdatatype.h b/usr.sbin/bind/lib/dns/include/dns/rdatatype.h index cfffa17ffeb..078a11cd2ee 100644 --- a/usr.sbin/bind/lib/dns/include/dns/rdatatype.h +++ b/usr.sbin/bind/lib/dns/include/dns/rdatatype.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rdatatype.h,v 1.17.206.1 2004/03/06 08:13:59 marka Exp $ */ +/* $ISC: rdatatype.h,v 1.18.18.2 2005/04/29 00:16:20 marka Exp $ */ #ifndef DNS_RDATATYPE_H #define DNS_RDATATYPE_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -28,49 +30,49 @@ ISC_LANG_BEGINDECLS isc_result_t dns_rdatatype_fromtext(dns_rdatatype_t *typep, isc_textregion_t *source); -/* +/*%< * Convert the text 'source' refers to into a DNS rdata type. * * Requires: - * 'typep' is a valid pointer. + *\li 'typep' is a valid pointer. * - * 'source' is a valid text region. + *\li 'source' is a valid text region. * * Returns: - * ISC_R_SUCCESS on success - * DNS_R_UNKNOWN type is unknown + *\li ISC_R_SUCCESS on success + *\li DNS_R_UNKNOWN type is unknown */ isc_result_t dns_rdatatype_totext(dns_rdatatype_t type, isc_buffer_t *target); -/* +/*%< * Put a textual representation of type 'type' into 'target'. * * Requires: - * 'type' is a valid type. + *\li 'type' is a valid type. * - * 'target' is a valid text buffer. + *\li 'target' is a valid text buffer. * - * Ensures: - * If the result is success: - * The used space in 'target' is updated. + * Ensures, + * if the result is success: + *\li The used space in 'target' is updated. * * Returns: - * ISC_R_SUCCESS on success - * ISC_R_NOSPACE target buffer is too small + *\li #ISC_R_SUCCESS on success + *\li #ISC_R_NOSPACE target buffer is too small */ void dns_rdatatype_format(dns_rdatatype_t rdtype, char *array, unsigned int size); -/* +/*%< * Format a human-readable representation of the type 'rdtype' * into the character array 'array', which is of size 'size'. * The resulting string is guaranteed to be null-terminated. */ #define DNS_RDATATYPE_FORMATSIZE sizeof("TYPE65535") -/* +/*%< * Minimum size of array to pass to dns_rdatatype_format(). * May need to be adjusted if a new RR type with a very long * name is defined. diff --git a/usr.sbin/bind/lib/dns/include/dns/request.h b/usr.sbin/bind/lib/dns/include/dns/request.h index cd6bbac0d12..f082056f7ad 100644 --- a/usr.sbin/bind/lib/dns/include/dns/request.h +++ b/usr.sbin/bind/lib/dns/include/dns/request.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: request.h,v 1.17.12.5 2004/03/08 09:04:39 marka Exp $ */ +/* $ISC: request.h,v 1.21.18.2 2005/04/29 00:16:20 marka Exp $ */ #ifndef DNS_REQUEST_H #define DNS_REQUEST_H 1 @@ -24,21 +24,21 @@ ***** Module Info *****/ -/* - * DNS Request +/*! \file * + * \brief * The request module provides simple request/response services useful for * sending SOA queries, DNS Notify messages, and dynamic update requests. * * MP: - * The module ensures appropriate synchronization of data structures it + *\li The module ensures appropriate synchronization of data structures it * creates and manipulates. * * Resources: - * <TBS> + *\li TBS * * Security: - * No anticipated impact. + *\li No anticipated impact. */ #include <isc/lang.h> @@ -62,102 +62,101 @@ dns_requestmgr_create(isc_mem_t *mctx, isc_timermgr_t *timermgr, dns_dispatchmgr_t *dispatchmgr, dns_dispatch_t *dispatchv4, dns_dispatch_t *dispatchv6, dns_requestmgr_t **requestmgrp); -/* +/*%< * Create a request manager. * * Requires: * - * 'mctx' is a valid memory context. + *\li 'mctx' is a valid memory context. * - * 'timermgr' is a valid timer manager. + *\li 'timermgr' is a valid timer manager. * - * 'socketmgr' is a valid socket manager. + *\li 'socketmgr' is a valid socket manager. * - * 'taskmgr' is a valid task manager. + *\li 'taskmgr' is a valid task manager. * - * 'dispatchv4' is a valid dispatcher with an IPv4 UDP socket, or is NULL. + *\li 'dispatchv4' is a valid dispatcher with an IPv4 UDP socket, or is NULL. * - * 'dispatchv6' is a valid dispatcher with an IPv6 UDP socket, or is NULL. + *\li 'dispatchv6' is a valid dispatcher with an IPv6 UDP socket, or is NULL. * - * requestmgrp != NULL && *requestmgrp == NULL + *\li requestmgrp != NULL && *requestmgrp == NULL * * Ensures: * - * On success, *requestmgrp is a valid request manager. + *\li On success, *requestmgrp is a valid request manager. * * Returns: * - * ISC_R_SUCCESS + *\li ISC_R_SUCCESS * - * Any other result indicates failure. + *\li Any other result indicates failure. */ void dns_requestmgr_whenshutdown(dns_requestmgr_t *requestmgr, isc_task_t *task, isc_event_t **eventp); -/* +/*%< * Send '*eventp' to 'task' when 'requestmgr' has completed shutdown. * * Notes: * - * It is not safe to detach the last reference to 'requestmgr' until + *\li It is not safe to detach the last reference to 'requestmgr' until * shutdown is complete. * * Requires: * - * 'requestmgr' is a valid request manager. + *\li 'requestmgr' is a valid request manager. * - * 'task' is a valid task. + *\li 'task' is a valid task. * - * *eventp is a valid event. + *\li *eventp is a valid event. * * Ensures: * - * *eventp == NULL. + *\li *eventp == NULL. */ void dns_requestmgr_shutdown(dns_requestmgr_t *requestmgr); -/* +/*%< * Start the shutdown process for 'requestmgr'. * * Notes: * - * This call has no effect if the request manager is already shutting + *\li This call has no effect if the request manager is already shutting * down. * * Requires: * - * 'requestmgr' is a valid requestmgr. + *\li 'requestmgr' is a valid requestmgr. */ void dns_requestmgr_attach(dns_requestmgr_t *source, dns_requestmgr_t **targetp); -/* +/*%< * Attach to the request manager. dns_requestmgr_shutdown() must not * have been called on 'source' prior to calling dns_requestmgr_attach(). * * Requires: * - * 'source' is a valid requestmgr. + *\li 'source' is a valid requestmgr. * - * 'targetp' to be non NULL and '*targetp' to be NULL. + *\li 'targetp' to be non NULL and '*targetp' to be NULL. */ void dns_requestmgr_detach(dns_requestmgr_t **requestmgrp); -/* - * +/*%< * Detach from the given requestmgr. If this is the final detach * requestmgr will be destroyed. dns_requestmgr_shutdown() must * be called before the final detach. * * Requires: * - * '*requestmgrp' is a valid requestmgr. + *\li '*requestmgrp' is a valid requestmgr. * * Ensures: - * '*requestmgrp' is NULL. + *\li '*requestmgrp' is NULL. */ isc_result_t @@ -167,31 +166,32 @@ dns_request_create(dns_requestmgr_t *requestmgr, dns_message_t *message, unsigned int timeout, isc_task_t *task, isc_taskaction_t action, void *arg, dns_request_t **requestp); -/* +/*%< * Create and send a request. * * Notes: * - * 'message' will be rendered and sent to 'address'. If the - * DNS_REQUESTOPT_TCP option is set, TCP will be used. The request + *\li 'message' will be rendered and sent to 'address'. If the + * #DNS_REQUESTOPT_TCP option is set, TCP will be used. The request * will timeout after 'timeout' seconds. * - * When the request completes, successfully, due to a timeout, or + *\li When the request completes, successfully, due to a timeout, or * because it was canceled, a completion event will be sent to 'task'. * * Requires: * - * 'message' is a valid DNS message. + *\li 'message' is a valid DNS message. * - * 'address' is a valid sockaddr. + *\li 'address' is a valid sockaddr. * - * 'timeout' > 0 + *\li 'timeout' > 0 * - * 'task' is a valid task. + *\li 'task' is a valid task. * - * requestp != NULL && *requestp == NULL + *\li requestp != NULL && *requestp == NULL */ +/*% See dns_request_createvia3() */ isc_result_t dns_request_createvia(dns_requestmgr_t *requestmgr, dns_message_t *message, isc_sockaddr_t *srcaddr, isc_sockaddr_t *destaddr, @@ -200,6 +200,7 @@ dns_request_createvia(dns_requestmgr_t *requestmgr, dns_message_t *message, isc_taskaction_t action, void *arg, dns_request_t **requestp); +/*% See dns_request_createvia3() */ isc_result_t dns_request_createvia2(dns_requestmgr_t *requestmgr, dns_message_t *message, isc_sockaddr_t *srcaddr, isc_sockaddr_t *destaddr, @@ -216,36 +217,37 @@ dns_request_createvia3(dns_requestmgr_t *requestmgr, dns_message_t *message, unsigned int udpretries, isc_task_t *task, isc_taskaction_t action, void *arg, dns_request_t **requestp); -/* +/*%< * Create and send a request. * * Notes: * - * 'message' will be rendered and sent to 'address'. If the - * DNS_REQUESTOPT_TCP option is set, TCP will be used. The request + *\li 'message' will be rendered and sent to 'address'. If the + * #DNS_REQUESTOPT_TCP option is set, TCP will be used. The request * will timeout after 'timeout' seconds. UDP requests will be resent * at 'udptimeout' intervals if non-zero or 'udpretries' is non-zero. * - * When the request completes, successfully, due to a timeout, or + *\li When the request completes, successfully, due to a timeout, or * because it was canceled, a completion event will be sent to 'task'. * * Requires: * - * 'message' is a valid DNS message. + *\li 'message' is a valid DNS message. * - * 'dstaddr' is a valid sockaddr. + *\li 'dstaddr' is a valid sockaddr. * - * 'srcaddr' is a valid sockaddr or NULL. + *\li 'srcaddr' is a valid sockaddr or NULL. * - * 'srcaddr' and 'dstaddr' are the same protocol family. + *\li 'srcaddr' and 'dstaddr' are the same protocol family. * - * 'timeout' > 0 + *\li 'timeout' > 0 * - * 'task' is a valid task. + *\li 'task' is a valid task. * - * requestp != NULL && *requestp == NULL + *\li requestp != NULL && *requestp == NULL */ +/*% See dns_request_createraw3() */ isc_result_t dns_request_createraw(dns_requestmgr_t *requestmgr, isc_buffer_t *msgbuf, isc_sockaddr_t *srcaddr, isc_sockaddr_t *destaddr, @@ -253,6 +255,7 @@ dns_request_createraw(dns_requestmgr_t *requestmgr, isc_buffer_t *msgbuf, isc_task_t *task, isc_taskaction_t action, void *arg, dns_request_t **requestp); +/*% See dns_request_createraw3() */ isc_result_t dns_request_createraw2(dns_requestmgr_t *requestmgr, isc_buffer_t *msgbuf, isc_sockaddr_t *srcaddr, isc_sockaddr_t *destaddr, @@ -268,55 +271,55 @@ dns_request_createraw3(dns_requestmgr_t *requestmgr, isc_buffer_t *msgbuf, unsigned int udptimeout, unsigned int udpretries, isc_task_t *task, isc_taskaction_t action, void *arg, dns_request_t **requestp); -/* - * Create and send a request. +/*!< + * \brief Create and send a request. * * Notes: * - * 'msgbuf' will be sent to 'destaddr' after setting the id. If the - * DNS_REQUESTOPT_TCP option is set, TCP will be used. The request + *\li 'msgbuf' will be sent to 'destaddr' after setting the id. If the + * #DNS_REQUESTOPT_TCP option is set, TCP will be used. The request * will timeout after 'timeout' seconds. UDP requests will be resent * at 'udptimeout' intervals if non-zero or if 'udpretries' is not zero. * - * When the request completes, successfully, due to a timeout, or + *\li When the request completes, successfully, due to a timeout, or * because it was canceled, a completion event will be sent to 'task'. * * Requires: * - * 'msgbuf' is a valid DNS message in compressed wire format. + *\li 'msgbuf' is a valid DNS message in compressed wire format. * - * 'destaddr' is a valid sockaddr. + *\li 'destaddr' is a valid sockaddr. * - * 'srcaddr' is a valid sockaddr or NULL. + *\li 'srcaddr' is a valid sockaddr or NULL. * - * 'srcaddr' and 'dstaddr' are the same protocol family. + *\li 'srcaddr' and 'dstaddr' are the same protocol family. * - * 'timeout' > 0 + *\li 'timeout' > 0 * - * 'task' is a valid task. + *\li 'task' is a valid task. * - * requestp != NULL && *requestp == NULL + *\li requestp != NULL && *requestp == NULL */ void dns_request_cancel(dns_request_t *request); -/* +/*%< * Cancel 'request'. * * Requires: * - * 'request' is a valid request. + *\li 'request' is a valid request. * * Ensures: * - * If the completion event for 'request' has not yet been sent, it + *\li If the completion event for 'request' has not yet been sent, it * will be sent, and the result code will be ISC_R_CANCELED. */ isc_result_t dns_request_getresponse(dns_request_t *request, dns_message_t *message, unsigned int options); -/* +/*%< * Get the response to 'request' by filling in 'message'. * * 'options' is passed to dns_message_parse(). See dns_message_parse() @@ -324,46 +327,46 @@ dns_request_getresponse(dns_request_t *request, dns_message_t *message, * * Requires: * - * 'request' is a valid request for which the caller has received the + *\li 'request' is a valid request for which the caller has received the * completion event. * - * The result code of the completion event was ISC_R_SUCCESS. + *\li The result code of the completion event was #ISC_R_SUCCESS. * * Returns: * - * ISC_R_SUCCESS + *\li ISC_R_SUCCESS * - * Any result that dns_message_parse() can return. + *\li Any result that dns_message_parse() can return. */ isc_boolean_t dns_request_usedtcp(dns_request_t *request); -/* - * Return whether this query used TCP or not. Setting DNS_REQUESTOPT_TCP +/*%< + * Return whether this query used TCP or not. Setting #DNS_REQUESTOPT_TCP * in the call to dns_request_create() will cause the function to return - * ISC_TRUE, othewise the result is based on the query message size. + * #ISC_TRUE, othewise the result is based on the query message size. * * Requires: - * 'request' is a valid request. + *\li 'request' is a valid request. * * Returns: - * ISC_TRUE if TCP was used. - * ISC_FALSE if UDP was used. + *\li ISC_TRUE if TCP was used. + *\li ISC_FALSE if UDP was used. */ void dns_request_destroy(dns_request_t **requestp); -/* +/*%< * Destroy 'request'. * * Requires: * - * 'request' is a valid request for which the caller has received the + *\li 'request' is a valid request for which the caller has received the * completion event. * * Ensures: * - * *requestp == NULL + *\li *requestp == NULL */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/resolver.h b/usr.sbin/bind/lib/dns/include/dns/resolver.h index 042e833ee6b..74dc0d687f0 100644 --- a/usr.sbin/bind/lib/dns/include/dns/resolver.h +++ b/usr.sbin/bind/lib/dns/include/dns/resolver.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: resolver.h,v 1.34.12.9 2006/02/01 23:48:51 marka Exp $ */ +/* $ISC: resolver.h,v 1.40.18.11 2006/02/01 22:39:17 marka Exp $ */ #ifndef DNS_RESOLVER_H #define DNS_RESOLVER_H 1 @@ -24,9 +24,9 @@ ***** Module Info *****/ -/* - * DNS Resolver +/*! \file * + * \brief * This is the BIND 9 resolver, the module responsible for resolving DNS * requests by iteratively querying authoritative servers and following * referrals. This is a "full resolver", not to be confused with @@ -35,21 +35,21 @@ * daemon the stub resolver talks to. * * MP: - * The module ensures appropriate synchronization of data structures it + *\li The module ensures appropriate synchronization of data structures it * creates and manipulates. * * Reliability: - * No anticipated impact. + *\li No anticipated impact. * * Resources: - * <TBS> + *\li TBS * * Security: - * No anticipated impact. + *\li No anticipated impact. * * Standards: - * RFCs: 1034, 1035, 2181, <TBS> - * Drafts: <TBS> + *\li RFCs: 1034, 1035, 2181, TBS + *\li Drafts: TBS */ #include <isc/lang.h> @@ -60,14 +60,14 @@ ISC_LANG_BEGINDECLS -/* +/*% * A dns_fetchevent_t is sent when a 'fetch' completes. Any of 'db', * 'node', 'rdataset', and 'sigrdataset' may be bound. It is the * receiver's responsibility to detach before freeing the event. - * - * 'rdataset' and 'sigrdataset' are the values that were supplied when - * dns_resolver_createfetch() was called. They are returned to the - * caller so that they may be freed. + * \brief + * 'rdataset', 'sigrdataset', 'client' and 'id' are the values that were + * supplied when dns_resolver_createfetch() was called. They are returned + * to the caller so that they may be freed. */ typedef struct dns_fetchevent { ISC_EVENT_COMMON(struct dns_fetchevent); @@ -79,17 +79,25 @@ typedef struct dns_fetchevent { dns_rdataset_t * rdataset; dns_rdataset_t * sigrdataset; dns_fixedname_t foundname; + isc_sockaddr_t * client; + dns_messageid_t id; } dns_fetchevent_t; /* * Options that modify how a 'fetch' is done. */ -#define DNS_FETCHOPT_TCP 0x01 /* Use TCP. */ -#define DNS_FETCHOPT_UNSHARED 0x02 /* See below. */ -#define DNS_FETCHOPT_RECURSIVE 0x04 /* Set RD? */ -#define DNS_FETCHOPT_NOEDNS0 0x08 /* Do not use EDNS. */ -#define DNS_FETCHOPT_FORWARDONLY 0x10 /* Only use forwarders. */ -#define DNS_FETCHOPT_NOVALIDATE 0x20 /* Disable validation. */ +#define DNS_FETCHOPT_TCP 0x01 /*%< Use TCP. */ +#define DNS_FETCHOPT_UNSHARED 0x02 /*%< See below. */ +#define DNS_FETCHOPT_RECURSIVE 0x04 /*%< Set RD? */ +#define DNS_FETCHOPT_NOEDNS0 0x08 /*%< Do not use EDNS. */ +#define DNS_FETCHOPT_FORWARDONLY 0x10 /*%< Only use forwarders. */ +#define DNS_FETCHOPT_NOVALIDATE 0x20 /*%< Disable validation. */ +#define DNS_FETCHOPT_EDNS512 0x40 /*%< Advertise a 512 byte + UDP buffer. */ + +#define DNS_FETCHOPT_EDNSVERSIONSET 0x00800000 +#define DNS_FETCHOPT_EDNSVERSIONMASK 0xff000000 +#define DNS_FETCHOPT_EDNSVERSIONSHIFT 24 /* * XXXRTH Should this API be made semi-private? (I.e. @@ -110,114 +118,114 @@ dns_resolver_create(dns_view_t *view, dns_dispatch_t *dispatchv6, dns_resolver_t **resp); -/* +/*%< * Create a resolver. * * Notes: * - * Generally, applications should not create a resolver directly, but + *\li Generally, applications should not create a resolver directly, but * should instead call dns_view_createresolver(). * - * No options are currently defined. + *\li No options are currently defined. * * Requires: * - * 'view' is a valid view. + *\li 'view' is a valid view. * - * 'taskmgr' is a valid task manager. + *\li 'taskmgr' is a valid task manager. * - * 'ntasks' > 0. + *\li 'ntasks' > 0. * - * 'socketmgr' is a valid socket manager. + *\li 'socketmgr' is a valid socket manager. * - * 'timermgr' is a valid timer manager. + *\li 'timermgr' is a valid timer manager. * - * 'dispatchv4' is a valid dispatcher with an IPv4 UDP socket, or is NULL. + *\li 'dispatchv4' is a valid dispatcher with an IPv4 UDP socket, or is NULL. * - * 'dispatchv6' is a valid dispatcher with an IPv6 UDP socket, or is NULL. + *\li 'dispatchv6' is a valid dispatcher with an IPv6 UDP socket, or is NULL. * - * resp != NULL && *resp == NULL. + *\li resp != NULL && *resp == NULL. * * Returns: * - * ISC_R_SUCCESS On success. + *\li #ISC_R_SUCCESS On success. * - * Anything else Failure. + *\li Anything else Failure. */ void dns_resolver_freeze(dns_resolver_t *res); -/* +/*%< * Freeze resolver. * * Notes: * - * Certain configuration changes cannot be made after the resolver + *\li Certain configuration changes cannot be made after the resolver * is frozen. Fetches cannot be created until the resolver is frozen. * * Requires: * - * 'res' is a valid, unfrozen resolver. + *\li 'res' is a valid, unfrozen resolver. * * Ensures: * - * 'res' is frozen. + *\li 'res' is frozen. */ void dns_resolver_prime(dns_resolver_t *res); -/* +/*%< * Prime resolver. * * Notes: * - * Resolvers which have a forwarding policy other than dns_fwdpolicy_only + *\li Resolvers which have a forwarding policy other than dns_fwdpolicy_only * need to be primed with the root nameservers, otherwise the root * nameserver hints data may be used indefinitely. This function requests * that the resolver start a priming fetch, if it isn't already priming. * * Requires: * - * 'res' is a valid, frozen resolver. + *\li 'res' is a valid, frozen resolver. */ void dns_resolver_whenshutdown(dns_resolver_t *res, isc_task_t *task, isc_event_t **eventp); -/* +/*%< * Send '*eventp' to 'task' when 'res' has completed shutdown. * * Notes: * - * It is not safe to detach the last reference to 'res' until + *\li It is not safe to detach the last reference to 'res' until * shutdown is complete. * * Requires: * - * 'res' is a valid resolver. + *\li 'res' is a valid resolver. * - * 'task' is a valid task. + *\li 'task' is a valid task. * - * *eventp is a valid event. + *\li *eventp is a valid event. * * Ensures: * - * *eventp == NULL. + *\li *eventp == NULL. */ void dns_resolver_shutdown(dns_resolver_t *res); -/* +/*%< * Start the shutdown process for 'res'. * * Notes: * - * This call has no effect if the resolver is already shutting down. + *\li This call has no effect if the resolver is already shutting down. * * Requires: * - * 'res' is a valid resolver. + *\li 'res' is a valid resolver. */ void @@ -236,88 +244,108 @@ dns_resolver_createfetch(dns_resolver_t *res, dns_name_t *name, dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, dns_fetch_t **fetchp); -/* + +isc_result_t +dns_resolver_createfetch2(dns_resolver_t *res, dns_name_t *name, + dns_rdatatype_t type, + dns_name_t *domain, dns_rdataset_t *nameservers, + dns_forwarders_t *forwarders, + isc_sockaddr_t *client, isc_uint16_t id, + unsigned int options, isc_task_t *task, + isc_taskaction_t action, void *arg, + dns_rdataset_t *rdataset, + dns_rdataset_t *sigrdataset, + dns_fetch_t **fetchp); +/*%< * Recurse to answer a question. * * Notes: * - * This call starts a query for 'name', type 'type'. + *\li This call starts a query for 'name', type 'type'. * - * The 'domain' is a parent domain of 'name' for which + *\li The 'domain' is a parent domain of 'name' for which * a set of name servers 'nameservers' is known. If no * such name server information is available, set * 'domain' and 'nameservers' to NULL. * - * 'forwarders' is unimplemented, and subject to change when + *\li 'forwarders' is unimplemented, and subject to change when * we figure out how selective forwarding will work. * - * When the fetch completes (successfully or otherwise), a - * DNS_EVENT_FETCHDONE event with action 'action' and arg 'arg' will be + *\li When the fetch completes (successfully or otherwise), a + * #DNS_EVENT_FETCHDONE event with action 'action' and arg 'arg' will be * posted to 'task'. * - * The values of 'rdataset' and 'sigrdataset' will be returned in + *\li The values of 'rdataset' and 'sigrdataset' will be returned in * the FETCHDONE event. * + *\li 'client' and 'id' are used for duplicate query detection. '*client' + * must remain stable until after 'action' has been called or + * dns_resolver_cancelfetch() is called. + * * Requires: * - * 'res' is a valid resolver that has been frozen. + *\li 'res' is a valid resolver that has been frozen. * - * 'name' is a valid name. + *\li 'name' is a valid name. * - * 'type' is not a meta type other than ANY. + *\li 'type' is not a meta type other than ANY. * - * 'domain' is a valid name or NULL. + *\li 'domain' is a valid name or NULL. * - * 'nameservers' is a valid NS rdataset (whose owner name is 'domain') + *\li 'nameservers' is a valid NS rdataset (whose owner name is 'domain') * iff. 'domain' is not NULL. * - * 'forwarders' is NULL. + *\li 'forwarders' is NULL. + * + *\li 'client' is a valid sockaddr or NULL. * - * 'options' contains valid options. + *\li 'options' contains valid options. * - * 'rdataset' is a valid, disassociated rdataset. + *\li 'rdataset' is a valid, disassociated rdataset. * - * 'sigrdataset' is NULL, or is a valid, disassociated rdataset. + *\li 'sigrdataset' is NULL, or is a valid, disassociated rdataset. * - * fetchp != NULL && *fetchp == NULL. + *\li fetchp != NULL && *fetchp == NULL. * * Returns: * - * ISC_R_SUCCESS Success + *\li #ISC_R_SUCCESS Success + *\li #DNS_R_DUPLICATE + *\li #DNS_R_DROP * - * Many other values are possible, all of which indicate failure. + *\li Many other values are possible, all of which indicate failure. */ void dns_resolver_cancelfetch(dns_fetch_t *fetch); -/* +/*%< * Cancel 'fetch'. * * Notes: * - * If 'fetch' has not completed, post its FETCHDONE event with a - * result code of ISC_R_CANCELED. + *\li If 'fetch' has not completed, post its FETCHDONE event with a + * result code of #ISC_R_CANCELED. * * Requires: * - * 'fetch' is a valid fetch. + *\li 'fetch' is a valid fetch. */ void dns_resolver_destroyfetch(dns_fetch_t **fetchp); -/* +/*%< * Destroy 'fetch'. * * Requires: * - * '*fetchp' is a valid fetch. + *\li '*fetchp' is a valid fetch. * - * The caller has received the FETCHDONE event (either because the + *\li The caller has received the FETCHDONE event (either because the * fetch completed or because dns_resolver_cancelfetch() was called). * * Ensures: * - * *fetchp == NULL. + *\li *fetchp == NULL. */ dns_dispatchmgr_t * @@ -337,25 +365,25 @@ dns_resolver_taskmgr(dns_resolver_t *resolver); isc_uint32_t dns_resolver_getlamettl(dns_resolver_t *resolver); -/* +/*%< * Get the resolver's lame-ttl. zero => no lame processing. * * Requires: - * 'resolver' to be valid. + *\li 'resolver' to be valid. */ void dns_resolver_setlamettl(dns_resolver_t *resolver, isc_uint32_t lame_ttl); -/* +/*%< * Set the resolver's lame-ttl. zero => no lame processing. * * Requires: - * 'resolver' to be valid. + *\li 'resolver' to be valid. */ unsigned int dns_resolver_nrunning(dns_resolver_t *resolver); -/* +/*%< * Return the number of currently running resolutions in this * resolver. This is may be less than the number of outstanding * fetches due to multiple identical fetches, or more than the @@ -366,56 +394,62 @@ dns_resolver_nrunning(dns_resolver_t *resolver); isc_result_t dns_resolver_addalternate(dns_resolver_t *resolver, isc_sockaddr_t *alt, dns_name_t *name, in_port_t port); -/* +/*%< * Add alternate addresses to be tried in the event that the nameservers * for a zone are not available in the address families supported by the * operating system. * * Require: - * only one of 'name' or 'alt' to be valid. + * \li only one of 'name' or 'alt' to be valid. */ void dns_resolver_setudpsize(dns_resolver_t *resolver, isc_uint16_t udpsize); -/* +/*%< * Set the EDNS UDP buffer size advertised by the server. */ isc_uint16_t dns_resolver_getudpsize(dns_resolver_t *resolver); -/* +/*%< * Get the current EDNS UDP buffer size. */ void dns_resolver_reset_algorithms(dns_resolver_t *resolver); -/* +/*%< * Clear the disabled DNSSEC algorithms. */ isc_result_t dns_resolver_disable_algorithm(dns_resolver_t *resolver, dns_name_t *name, unsigned int alg); -/* +/*%< * Mark the give DNSSEC algorithm as disabled and below 'name'. * Valid algorithms are less than 256. * * Returns: - * ISC_R_SUCCESS - * ISC_R_RANGE - * ISC_R_NOMEMORY + *\li #ISC_R_SUCCESS + *\li #ISC_R_RANGE + *\li #ISC_R_NOMEMORY */ isc_boolean_t dns_resolver_algorithm_supported(dns_resolver_t *resolver, dns_name_t *name, unsigned int alg); -/* +/*%< * Check if the given algorithm is supported by this resolver. * This checks if the algorithm has been disabled via * dns_resolver_disable_algorithm() then the underlying * crypto libraries if not specifically disabled. */ +isc_boolean_t +dns_resolver_digest_supported(dns_resolver_t *resolver, unsigned int digest_type); +/*%< + * Is this digest type supported. + */ + void dns_resolver_resetmustbesecure(dns_resolver_t *resolver); @@ -426,6 +460,20 @@ dns_resolver_setmustbesecure(dns_resolver_t *resolver, dns_name_t *name, isc_boolean_t dns_resolver_getmustbesecure(dns_resolver_t *resolver, dns_name_t *name); +void +dns_resolver_setclientsperquery(dns_resolver_t *resolver, + isc_uint32_t min, isc_uint32_t max); + +void +dns_resolver_getclientsperquery(dns_resolver_t *resolver, isc_uint32_t *cur, + isc_uint32_t *min, isc_uint32_t *max); + +isc_boolean_t +dns_resolver_getzeronosoattl(dns_resolver_t *resolver); + +void +dns_resolver_setzeronosoattl(dns_resolver_t *resolver, isc_boolean_t state); + ISC_LANG_ENDDECLS #endif /* DNS_RESOLVER_H */ diff --git a/usr.sbin/bind/lib/dns/include/dns/rootns.h b/usr.sbin/bind/lib/dns/include/dns/rootns.h index a6f12732eb7..8230de5af39 100644 --- a/usr.sbin/bind/lib/dns/include/dns/rootns.h +++ b/usr.sbin/bind/lib/dns/include/dns/rootns.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rootns.h,v 1.8.206.1 2004/03/06 08:14:00 marka Exp $ */ +/* $ISC: rootns.h,v 1.9.18.3 2005/04/27 05:01:38 sra Exp $ */ #ifndef DNS_ROOTNS_H #define DNS_ROOTNS_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -30,6 +32,14 @@ isc_result_t dns_rootns_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, const char *filename, dns_db_t **target); +void +dns_root_checkhints(dns_view_t *view, dns_db_t *hints, dns_db_t *db); +/* + * Reports differences between hints and the real roots. + * + * Requires view, hints and (cache) db to be valid. + */ + ISC_LANG_ENDDECLS #endif /* DNS_ROOTNS_H */ diff --git a/usr.sbin/bind/lib/dns/include/dns/sdb.h b/usr.sbin/bind/lib/dns/include/dns/sdb.h index e41ab7fe89b..fd126c4e6ff 100644 --- a/usr.sbin/bind/lib/dns/include/dns/sdb.h +++ b/usr.sbin/bind/lib/dns/include/dns/sdb.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: sdb.h,v 1.12.12.3 2004/03/08 09:04:39 marka Exp $ */ +/* $ISC: sdb.h,v 1.15.18.2 2005/04/29 00:16:21 marka Exp $ */ #ifndef DNS_SDB_H #define DNS_SDB_H 1 @@ -24,7 +24,8 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * Simple database API. */ @@ -40,17 +41,17 @@ *** Types ***/ -/* +/*% * A simple database. This is an opaque type. */ typedef struct dns_sdb dns_sdb_t; -/* +/*% * A simple database lookup in progress. This is an opaque type. */ typedef struct dns_sdblookup dns_sdblookup_t; -/* +/*% * A simple database traversal in progress. This is an opaque type. */ typedef struct dns_sdballnodes dns_sdballnodes_t; @@ -96,7 +97,7 @@ isc_result_t dns_sdb_register(const char *drivername, const dns_sdbmethods_t *methods, void *driverdata, unsigned int flags, isc_mem_t *mctx, dns_sdbimplementation_t **sdbimp); -/* +/*%< * Register a simple database driver for the database type 'drivername', * implemented by the functions in '*methods'. * @@ -126,7 +127,7 @@ dns_sdb_register(const char *drivername, const dns_sdbmethods_t *methods, * The allnodes function, if non-NULL, fills in an opaque structure to be * used by a database iterator. This allows the zone to be transferred. * This may use a considerable amount of memory for large zones, and the - * zone transfer may not be fully RFC 1035 compliant if the zone is + * zone transfer may not be fully RFC1035 compliant if the zone is * frequently changed. * * The create function will be called for each zone configured @@ -156,19 +157,20 @@ dns_sdb_register(const char *drivername, const dns_sdbmethods_t *methods, void dns_sdb_unregister(dns_sdbimplementation_t **sdbimp); -/* +/*%< * Removes the simple database driver from the list of registered database * types. There must be no active databases of this type when this function * is called. */ +/*% See dns_sdb_putradata() */ isc_result_t dns_sdb_putrr(dns_sdblookup_t *lookup, const char *type, dns_ttl_t ttl, const char *data); isc_result_t dns_sdb_putrdata(dns_sdblookup_t *lookup, dns_rdatatype_t type, dns_ttl_t ttl, const unsigned char *rdata, unsigned int rdlen); -/* +/*%< * Add a single resource record to the lookup structure to be * returned in the query response. dns_sdb_putrr() takes the * resource record in master file text format as a null-terminated @@ -176,6 +178,7 @@ dns_sdb_putrdata(dns_sdblookup_t *lookup, dns_rdatatype_t type, dns_ttl_t ttl, * uncompressed wire format. */ +/*% See dns_sdb_putnamerdata() */ isc_result_t dns_sdb_putnamedrr(dns_sdballnodes_t *allnodes, const char *name, const char *type, dns_ttl_t ttl, const char *data); @@ -183,7 +186,7 @@ isc_result_t dns_sdb_putnamedrdata(dns_sdballnodes_t *allnodes, const char *name, dns_rdatatype_t type, dns_ttl_t ttl, const void *rdata, unsigned int rdlen); -/* +/*%< * Add a single resource record to the allnodes structure to be * included in a zone transfer response, in text or wire * format as above. @@ -192,7 +195,7 @@ dns_sdb_putnamedrdata(dns_sdballnodes_t *allnodes, const char *name, isc_result_t dns_sdb_putsoa(dns_sdblookup_t *lookup, const char *mname, const char *rname, isc_uint32_t serial); -/* +/*%< * This function may optionally be called from the 'authority' callback * to simplify construction of the SOA record for 'zone'. It will * provide a SOA listing 'mname' as as the master server and 'rname' as diff --git a/usr.sbin/bind/lib/dns/include/dns/sdlz.h b/usr.sbin/bind/lib/dns/include/dns/sdlz.h new file mode 100644 index 00000000000..947e9c0d683 --- /dev/null +++ b/usr.sbin/bind/lib/dns/include/dns/sdlz.h @@ -0,0 +1,266 @@ +/* + * Portions Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * Copyright (C) 2002 Stichting NLnet, Netherlands, stichting@nlnet.nl. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the + * above copyright notice and this permission notice appear in all + * copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND STICHTING NLNET + * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL + * STICHTING NLNET BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR + * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS + * OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE + * USE OR PERFORMANCE OF THIS SOFTWARE. + * + * The development of Dynamically Loadable Zones (DLZ) for Bind 9 was + * conceived and contributed by Rob Butler. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the + * above copyright notice and this permission notice appear in all + * copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ROB BUTLER + * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL + * ROB BUTLER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR + * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS + * OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE + * USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: sdlz.h,v 1.2.2.2 2005/09/06 03:47:19 marka Exp $ */ + +/*! \file */ + +#ifndef SDLZ_H +#define SDLZ_H 1 + +#include <dns/dlz.h> + +ISC_LANG_BEGINDECLS + +#define DNS_SDLZFLAG_THREADSAFE 0x00000001U +#define DNS_SDLZFLAG_RELATIVEOWNER 0x00000002U +#define DNS_SDLZFLAG_RELATIVERDATA 0x00000004U + + /* A simple DLZ database. */ +typedef struct dns_sdlz_db dns_sdlz_db_t; + + /* A simple DLZ database lookup in progress. */ +typedef struct dns_sdlzlookup dns_sdlzlookup_t; + + /* A simple DLZ database traversal in progress. */ +typedef struct dns_sdlzallnodes dns_sdlzallnodes_t; + + +typedef isc_result_t +(*dns_sdlzallnodesfunc_t)(const char *zone, void *driverarg, void *dbdata, + dns_sdlzallnodes_t *allnodes); + +/*%< + * Method prototype. Drivers implementing the SDLZ interface may + * supply an all nodes method. This method is called when the DNS + * server is performing a zone transfer query, after the allow zone + * transfer method has been called. This method is only called if the + * allow zone transfer method returned ISC_R_SUCCESS. This method and + * the allow zone transfer method are both required for zone transfers + * to be supported. If the driver generates data dynamically (instead + * of searching in a database for it) it should not implement this + * function as a zone transfer would be meaningless. A SDLZ driver + * does not have to implement an all nodes method. + */ + +typedef isc_result_t +(*dns_sdlzallowzonexfr_t)(void *driverarg, void *dbdata, const char *name, + const char *client); + +/*%< + * Method prototype. Drivers implementing the SDLZ interface may + * supply an allow zone transfer method. This method is called when + * the DNS server is performing a zone transfer query, before the all + * nodes method can be called. This method and the all node method + * are both required for zone transfers to be supported. If the + * driver generates data dynamically (instead of searching in a + * database for it) it should not implement this function as a zone + * transfer would be meaningless. A SDLZ driver does not have to + * implement an allow zone transfer method. + * + * This method should return ISC_R_SUCCESS if the zone is supported by + * the database and a zone transfer is allowed for the specified + * client. If the zone is supported by the database, but zone + * transfers are not allowed for the specified client this method + * should return ISC_R_NOPERM.. Lastly the method should return + * ISC_R_NOTFOUND if the zone is not supported by the database. If an + * error occurs it should return a result code indicating the type of + * error. + */ + +typedef isc_result_t +(*dns_sdlzauthorityfunc_t)(const char *zone, void *driverarg, void *dbdata, + dns_sdlzlookup_t *lookup); + +/*%< + * Method prototype. Drivers implementing the SDLZ interface may + * supply an authority method. This method is called when the DNS + * server is performing a query, after both the find zone and lookup + * methods have been called. This method is required if the lookup + * function does not supply authority information for the dns + * record. A SDLZ driver does not have to implement an authority + * method. + */ + +typedef isc_result_t +(*dns_sdlzcreate_t)(const char *dlzname, unsigned int argc, char *argv[], + void *driverarg, void **dbdata); + +/*%< + * Method prototype. Drivers implementing the SDLZ interface may + * supply a create method. This method is called when the DNS server + * is starting up and creating drivers for use later. A SDLZ driver + * does not have to implement a create method. + */ + +typedef void +(*dns_sdlzdestroy_t)(void *driverarg, void *dbdata); + +/*%< + * Method prototype. Drivers implementing the SDLZ interface may + * supply a destroy method. This method is called when the DNS server + * is shuting down and no longer needs the driver. A SDLZ driver does + * not have to implement a destroy method. + */ + +typedef isc_result_t +(*dns_sdlzfindzone_t)(void *driverarg, void *dbdata, const char *name); + +/*%< + * Method prototype. Drivers implementing the SDLZ interface MUST + * supply a find zone method. This method is called when the DNS + * server is performing a query to to determine if 'name' is a + * supported dns zone. The find zone method will be called with the + * longest possible name first, and continue to be called with + * successively shorter domain names, until any of the following + * occur: + * + * \li 1) the function returns (ISC_R_SUCCESS) indicating a zone name + * match. + * + * \li 2) a problem occurs, and the functions returns anything other than + * (ISC_R_NOTFOUND) + * + * \li 3) we run out of domain name labels. I.E. we have tried the + * shortest domain name + * + * \li 4) the number of labels in the domain name is less than min_lables + * for dns_dlzfindzone + * + * The driver's find zone method should return ISC_R_SUCCESS if the + * zone is supported by the database. Otherwise it should return + * ISC_R_NOTFOUND, if the zone is not supported. If an error occurs + * it should return a result code indicating the type of error. + */ + +typedef isc_result_t +(*dns_sdlzlookupfunc_t)(const char *zone, const char *name, void *driverarg, + void *dbdata, dns_sdlzlookup_t *lookup); + +/*%< + * Method prototype. Drivers implementing the SDLZ interface MUST + * supply a lookup method. This method is called when the DNS server + * is performing a query, after the find zone and before any other + * methods have been called. This function returns record DNS record + * information using the dns_sdlz_putrr and dns_sdlz_putsoa functions. + * If this function supplies authority information for the DNS record + * the authority method is not required. If it does not, the + * authority function is required. A SDLZ driver must implement a + * lookup method. + */ + +typedef struct dns_sdlzmethods { + dns_sdlzcreate_t create; + dns_sdlzdestroy_t destroy; + dns_sdlzfindzone_t findzone; + dns_sdlzlookupfunc_t lookup; + dns_sdlzauthorityfunc_t authority; + dns_sdlzallnodesfunc_t allnodes; + dns_sdlzallowzonexfr_t allowzonexfr; +} dns_sdlzmethods_t; + +isc_result_t +dns_sdlzregister(const char *drivername, const dns_sdlzmethods_t *methods, + void *driverarg, unsigned int flags, isc_mem_t *mctx, + dns_sdlzimplementation_t **sdlzimp); +/*%< + * Register a dynamically loadable zones (dlz) driver for the database + * type 'drivername', implemented by the functions in '*methods'. + * + * sdlzimp must point to a NULL dns_sdlzimplementation_t pointer. + * That is, sdlzimp != NULL && *sdlzimp == NULL. It will be assigned + * a value that will later be used to identify the driver when + * deregistering it. + */ + +void +dns_sdlzunregister(dns_sdlzimplementation_t **sdlzimp); + +/*%< + * Removes the sdlz driver from the list of registered sdlz drivers. + * There must be no active sdlz drivers of this type when this + * function is called. + */ + +isc_result_t +dns_sdlz_putnamedrr(dns_sdlzallnodes_t *allnodes, const char *name, + const char *type, dns_ttl_t ttl, const char *data); +/*%< + * Add a single resource record to the allnodes structure to be later + * parsed into a zone transfer response. + */ + +isc_result_t +dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl, + const char *data); +/*%< + * Add a single resource record to the lookup structure to be later + * parsed into a query response. + */ + +isc_result_t +dns_sdlz_putsoa(dns_sdlzlookup_t *lookup, const char *mname, const char *rname, + isc_uint32_t serial); +/*%< + * This function may optionally be called from the 'authority' + * callback to simplify construction of the SOA record for 'zone'. It + * will provide a SOA listing 'mname' as as the master server and + * 'rname' as the responsible person mailbox. It is the + * responsibility of the driver to increment the serial number between + * responses if necessary. All other SOA fields will have reasonable + * default values. + */ + + +ISC_LANG_ENDDECLS + +#endif /* SDLZ_H */ diff --git a/usr.sbin/bind/lib/dns/include/dns/secalg.h b/usr.sbin/bind/lib/dns/include/dns/secalg.h index 8bebcd3dcfc..f6a54003d4b 100644 --- a/usr.sbin/bind/lib/dns/include/dns/secalg.h +++ b/usr.sbin/bind/lib/dns/include/dns/secalg.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: secalg.h,v 1.12.206.1 2004/03/06 08:14:00 marka Exp $ */ +/* $ISC: secalg.h,v 1.13.18.2 2005/04/29 00:16:21 marka Exp $ */ #ifndef DNS_SECALG_H #define DNS_SECALG_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -28,40 +30,40 @@ ISC_LANG_BEGINDECLS isc_result_t dns_secalg_fromtext(dns_secalg_t *secalgp, isc_textregion_t *source); -/* +/*%< * Convert the text 'source' refers to into a DNSSEC security algorithm value. * The text may contain either a mnemonic algorithm name or a decimal algorithm * number. * * Requires: - * 'secalgp' is a valid pointer. + *\li 'secalgp' is a valid pointer. * - * 'source' is a valid text region. + *\li 'source' is a valid text region. * * Returns: - * ISC_R_SUCCESS on success - * ISC_R_RANGE numeric type is out of range - * DNS_R_UNKNOWN mnemonic type is unknown + *\li ISC_R_SUCCESS on success + *\li ISC_R_RANGE numeric type is out of range + *\li DNS_R_UNKNOWN mnemonic type is unknown */ isc_result_t dns_secalg_totext(dns_secalg_t secalg, isc_buffer_t *target); -/* +/*%< * Put a textual representation of the DNSSEC security algorithm 'secalg' * into 'target'. * * Requires: - * 'secalg' is a valid secalg. + *\li 'secalg' is a valid secalg. * - * 'target' is a valid text buffer. + *\li 'target' is a valid text buffer. * - * Ensures: - * If the result is success: - * The used space in 'target' is updated. + * Ensures, + * if the result is success: + *\li The used space in 'target' is updated. * * Returns: - * ISC_R_SUCCESS on success - * ISC_R_NOSPACE target buffer is too small + *\li ISC_R_SUCCESS on success + *\li ISC_R_NOSPACE target buffer is too small */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/secproto.h b/usr.sbin/bind/lib/dns/include/dns/secproto.h index 59eb7c01662..6d30b1849b6 100644 --- a/usr.sbin/bind/lib/dns/include/dns/secproto.h +++ b/usr.sbin/bind/lib/dns/include/dns/secproto.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: secproto.h,v 1.9.206.1 2004/03/06 08:14:00 marka Exp $ */ +/* $ISC: secproto.h,v 1.10.18.2 2005/04/29 00:16:21 marka Exp $ */ #ifndef DNS_SECPROTO_H #define DNS_SECPROTO_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -28,40 +30,40 @@ ISC_LANG_BEGINDECLS isc_result_t dns_secproto_fromtext(dns_secproto_t *secprotop, isc_textregion_t *source); -/* +/*%< * Convert the text 'source' refers to into a DNSSEC security protocol value. * The text may contain either a mnemonic protocol name or a decimal protocol * number. * * Requires: - * 'secprotop' is a valid pointer. + *\li 'secprotop' is a valid pointer. * - * 'source' is a valid text region. + *\li 'source' is a valid text region. * * Returns: - * ISC_R_SUCCESS on success - * ISC_R_RANGE numeric type is out of range - * DNS_R_UNKNOWN mnemonic type is unknown + *\li ISC_R_SUCCESS on success + *\li ISC_R_RANGE numeric type is out of range + *\li DNS_R_UNKNOWN mnemonic type is unknown */ isc_result_t dns_secproto_totext(dns_secproto_t secproto, isc_buffer_t *target); -/* +/*%< * Put a textual representation of the DNSSEC security protocol 'secproto' * into 'target'. * * Requires: - * 'secproto' is a valid secproto. + *\li 'secproto' is a valid secproto. * - * 'target' is a valid text buffer. + *\li 'target' is a valid text buffer. * - * Ensures: - * If the result is success: - * The used space in 'target' is updated. + * Ensures, + * if the result is success: + * \li The used space in 'target' is updated. * * Returns: - * ISC_R_SUCCESS on success - * ISC_R_NOSPACE target buffer is too small + *\li ISC_R_SUCCESS on success + *\li ISC_R_NOSPACE target buffer is too small */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/soa.h b/usr.sbin/bind/lib/dns/include/dns/soa.h index 0f0065871c0..af36413b55a 100644 --- a/usr.sbin/bind/lib/dns/include/dns/soa.h +++ b/usr.sbin/bind/lib/dns/include/dns/soa.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: soa.h,v 1.2.206.1 2004/03/06 08:14:00 marka Exp $ */ +/* $ISC: soa.h,v 1.3.18.2 2005/04/29 00:16:22 marka Exp $ */ #ifndef DNS_SOA_H #define DNS_SOA_H 1 @@ -24,7 +24,8 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * SOA utilities. */ diff --git a/usr.sbin/bind/lib/dns/include/dns/ssu.h b/usr.sbin/bind/lib/dns/include/dns/ssu.h index 739953c3100..d3c00614d83 100644 --- a/usr.sbin/bind/lib/dns/include/dns/ssu.h +++ b/usr.sbin/bind/lib/dns/include/dns/ssu.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ssu.h,v 1.11.206.3 2004/03/08 09:04:39 marka Exp $ */ +/* $ISC: ssu.h,v 1.13.18.4 2006/02/16 23:51:32 marka Exp $ */ #ifndef DNS_SSU_H #define DNS_SSU_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -30,46 +32,50 @@ ISC_LANG_BEGINDECLS #define DNS_SSUMATCHTYPE_SUBDOMAIN 1 #define DNS_SSUMATCHTYPE_WILDCARD 2 #define DNS_SSUMATCHTYPE_SELF 3 +#define DNS_SSUMATCHTYPE_SELFSUB 4 +#define DNS_SSUMATCHTYPE_SELFWILD 5 +#define DNS_SSUMATCHTYPE_MAX 5 /* maximum defined value */ + isc_result_t dns_ssutable_create(isc_mem_t *mctx, dns_ssutable_t **table); -/* +/*%< * Creates a table that will be used to store simple-secure-update rules. * Note: all locking must be provided by the client. * * Requires: - * 'mctx' is a valid memory context - * 'table' is not NULL, and '*table' is NULL + *\li 'mctx' is a valid memory context + *\li 'table' is not NULL, and '*table' is NULL * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + *\li ISC_R_SUCCESS + *\li ISC_R_NOMEMORY */ void dns_ssutable_attach(dns_ssutable_t *source, dns_ssutable_t **targetp); -/* +/*%< * Attach '*targetp' to 'source'. * * Requires: - * 'source' is a valid SSU table - * 'targetp' points to a NULL dns_ssutable_t *. + *\li 'source' is a valid SSU table + *\li 'targetp' points to a NULL dns_ssutable_t *. * * Ensures: - * *targetp is attached to source. + *\li *targetp is attached to source. */ void dns_ssutable_detach(dns_ssutable_t **tablep); -/* +/*%< * Detach '*tablep' from its simple-secure-update rule table. * * Requires: - * 'tablep' points to a valid dns_ssutable_t + *\li 'tablep' points to a valid dns_ssutable_t * * Ensures: - * *tablep is NULL - * If '*tablep' is the last reference to the SSU table, all + *\li *tablep is NULL + *\li If '*tablep' is the last reference to the SSU table, all * resources used by the table will be freed. */ @@ -78,78 +84,80 @@ dns_ssutable_addrule(dns_ssutable_t *table, isc_boolean_t grant, dns_name_t *identity, unsigned int matchtype, dns_name_t *name, unsigned int ntypes, dns_rdatatype_t *types); -/* +/*%< * Adds a new rule to a simple-secure-update rule table. The rule * either grants or denies update privileges of an identity (or set of * identities) to modify a name (or set of names) or certain types present * at that name. * * Notes: - * If 'matchtype' is SELF, this rule only matches if the name + *\li If 'matchtype' is SELF, this rule only matches if the name * to be updated matches the signing identity. * - * If 'ntypes' is 0, this rule applies to all types except + *\li If 'ntypes' is 0, this rule applies to all types except * NS, SOA, RRSIG, and NSEC. * - * If 'types' includes ANY, this rule applies to all types + *\li If 'types' includes ANY, this rule applies to all types * except NSEC. * * Requires: - * 'table' is a valid SSU table - * 'identity' is a valid absolute name - * 'matchtype' must be one of the defined constants. - * 'name' is a valid absolute name - * If 'ntypes' > 0, 'types' must not be NULL + *\li 'table' is a valid SSU table + *\li 'identity' is a valid absolute name + *\li 'matchtype' must be one of the defined constants. + *\li 'name' is a valid absolute name + *\li If 'ntypes' > 0, 'types' must not be NULL * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + *\li ISC_R_SUCCESS + *\li ISC_R_NOMEMORY */ isc_boolean_t dns_ssutable_checkrules(dns_ssutable_t *table, dns_name_t *signer, dns_name_t *name, dns_rdatatype_t type); -/* +/*%< * Checks that the attempted update of (name, type) is allowed according * to the rules specified in the simple-secure-update rule table. If * no rules are matched, access is denied. If signer is NULL, access * is denied. * * Requires: - * 'table' is a valid SSU table - * 'signer' is NULL or a valid absolute name - * 'name' is a valid absolute name + *\li 'table' is a valid SSU table + *\li 'signer' is NULL or a valid absolute name + *\li 'name' is a valid absolute name */ +/*% Accessor functions to extract rule components */ isc_boolean_t dns_ssurule_isgrant(const dns_ssurule_t *rule); +/*% Accessor functions to extract rule components */ dns_name_t * dns_ssurule_identity(const dns_ssurule_t *rule); +/*% Accessor functions to extract rule components */ unsigned int dns_ssurule_matchtype(const dns_ssurule_t *rule); +/*% Accessor functions to extract rule components */ dns_name_t * dns_ssurule_name(const dns_ssurule_t *rule); +/*% Accessor functions to extract rule components */ unsigned int dns_ssurule_types(const dns_ssurule_t *rule, dns_rdatatype_t **types); -/* - * Accessor functions to extract rule components - */ isc_result_t dns_ssutable_firstrule(const dns_ssutable_t *table, dns_ssurule_t **rule); -/* +/*%< * Initiates a rule iterator. There is no need to maintain any state. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMORE + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMORE */ isc_result_t dns_ssutable_nextrule(dns_ssurule_t *rule, dns_ssurule_t **nextrule); -/* +/*%< * Returns the next rule in the table. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMORE + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMORE */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/stats.h b/usr.sbin/bind/lib/dns/include/dns/stats.h index 9e4e2fe35b7..929d0266cb7 100644 --- a/usr.sbin/bind/lib/dns/include/dns/stats.h +++ b/usr.sbin/bind/lib/dns/include/dns/stats.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,39 +15,43 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: stats.h,v 1.4.206.1 2004/03/06 08:14:00 marka Exp $ */ +/* $ISC: stats.h,v 1.5.18.4 2005/06/27 00:20:03 marka Exp $ */ #ifndef DNS_STATS_H #define DNS_STATS_H 1 +/*! \file */ + #include <dns/types.h> -/* +/*% * Query statistics counter types. */ typedef enum { - dns_statscounter_success = 0, /* Successful lookup */ - dns_statscounter_referral = 1, /* Referral result */ - dns_statscounter_nxrrset = 2, /* NXRRSET result */ - dns_statscounter_nxdomain = 3, /* NXDOMAIN result */ - dns_statscounter_recursion = 4, /* Recursion was used */ - dns_statscounter_failure = 5 /* Some other failure */ + dns_statscounter_success = 0, /*%< Successful lookup */ + dns_statscounter_referral = 1, /*%< Referral result */ + dns_statscounter_nxrrset = 2, /*%< NXRRSET result */ + dns_statscounter_nxdomain = 3, /*%< NXDOMAIN result */ + dns_statscounter_recursion = 4, /*%< Recursion was used */ + dns_statscounter_failure = 5, /*%< Some other failure */ + dns_statscounter_duplicate = 6, /*%< Duplicate query */ + dns_statscounter_dropped = 7 /*%< Duplicate query */ } dns_statscounter_t; -#define DNS_STATS_NCOUNTERS 6 +#define DNS_STATS_NCOUNTERS 8 LIBDNS_EXTERNAL_DATA extern const char *dns_statscounter_names[]; isc_result_t dns_stats_alloccounters(isc_mem_t *mctx, isc_uint64_t **ctrp); -/* +/*%< * Allocate an array of query statistics counters from the memory * context 'mctx'. */ void dns_stats_freecounters(isc_mem_t *mctx, isc_uint64_t **ctrp); -/* +/*%< * Free an array of query statistics counters allocated from the memory * context 'mctx'. */ diff --git a/usr.sbin/bind/lib/dns/include/dns/tcpmsg.h b/usr.sbin/bind/lib/dns/include/dns/tcpmsg.h index 44391531e70..487ba798230 100644 --- a/usr.sbin/bind/lib/dns/include/dns/tcpmsg.h +++ b/usr.sbin/bind/lib/dns/include/dns/tcpmsg.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: tcpmsg.h,v 1.15.206.1 2004/03/06 08:14:00 marka Exp $ */ +/* $ISC: tcpmsg.h,v 1.16.18.2 2005/04/29 00:16:22 marka Exp $ */ #ifndef DNS_TCPMSG_H #define DNS_TCPMSG_H 1 +/*! \file */ + #include <isc/buffer.h> #include <isc/lang.h> #include <isc/socket.h> @@ -45,56 +47,56 @@ ISC_LANG_BEGINDECLS void dns_tcpmsg_init(isc_mem_t *mctx, isc_socket_t *sock, dns_tcpmsg_t *tcpmsg); -/* +/*%< * Associate a tcp message state with a given memory context and * TCP socket. * * Requires: * - * "mctx" and "sock" be non-NULL and valid types. + *\li "mctx" and "sock" be non-NULL and valid types. * - * "sock" be a read/write TCP socket. + *\li "sock" be a read/write TCP socket. * - * "tcpmsg" be non-NULL and an uninitialized or invalidated structure. + *\li "tcpmsg" be non-NULL and an uninitialized or invalidated structure. * * Ensures: * - * "tcpmsg" is a valid structure. + *\li "tcpmsg" is a valid structure. */ void dns_tcpmsg_setmaxsize(dns_tcpmsg_t *tcpmsg, unsigned int maxsize); -/* +/*%< * Set the maximum packet size to "maxsize" * * Requires: * - * "tcpmsg" be valid. + *\li "tcpmsg" be valid. * - * 512 <= "maxsize" <= 65536 + *\li 512 <= "maxsize" <= 65536 */ isc_result_t dns_tcpmsg_readmessage(dns_tcpmsg_t *tcpmsg, isc_task_t *task, isc_taskaction_t action, void *arg); -/* +/*%< * Schedule an event to be delivered when a DNS message is readable, or * when an error occurs on the socket. * * Requires: * - * "tcpmsg" be valid. + *\li "tcpmsg" be valid. * - * "task", "taskaction", and "arg" be valid. + *\li "task", "taskaction", and "arg" be valid. * * Returns: * - * ISC_R_SUCCESS -- no error - * Anything that the isc_socket_recv() call can return. XXXMLG + *\li ISC_R_SUCCESS -- no error + *\li Anything that the isc_socket_recv() call can return. XXXMLG * * Notes: * - * The event delivered is a fully generic event. It will contain no + *\li The event delivered is a fully generic event. It will contain no * actual data. The sender will be a pointer to the dns_tcpmsg_t. * The result code inside that structure should be checked to see * what the final result was. @@ -102,41 +104,41 @@ dns_tcpmsg_readmessage(dns_tcpmsg_t *tcpmsg, void dns_tcpmsg_cancelread(dns_tcpmsg_t *tcpmsg); -/* +/*%< * Cancel a readmessage() call. The event will still be posted with a * CANCELED result code. * * Requires: * - * "tcpmsg" be valid. + *\li "tcpmsg" be valid. */ void dns_tcpmsg_keepbuffer(dns_tcpmsg_t *tcpmsg, isc_buffer_t *buffer); -/* +/*%< * If a dns buffer is to be kept between calls, this function marks the * internal state-machine buffer as invalid, and copies all the contents * of the state into "buffer". * * Requires: * - * "tcpmsg" be valid. + *\li "tcpmsg" be valid. * - * "buffer" be non-NULL. + *\li "buffer" be non-NULL. */ void dns_tcpmsg_invalidate(dns_tcpmsg_t *tcpmsg); -/* +/*%< * Clean up all allocated state, and invalidate the structure. * * Requires: * - * "tcpmsg" be valid. + *\li "tcpmsg" be valid. * * Ensures: * - * "tcpmsg" is invalidated and disassociated with all memory contexts, + *\li "tcpmsg" is invalidated and disassociated with all memory contexts, * sockets, etc. */ diff --git a/usr.sbin/bind/lib/dns/include/dns/time.h b/usr.sbin/bind/lib/dns/include/dns/time.h index 70ccde3f77b..ad963038b34 100644 --- a/usr.sbin/bind/lib/dns/include/dns/time.h +++ b/usr.sbin/bind/lib/dns/include/dns/time.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: time.h,v 1.9.12.3 2004/03/08 09:04:39 marka Exp $ */ +/* $ISC: time.h,v 1.11.18.2 2005/04/29 00:16:23 marka Exp $ */ #ifndef DNS_TIME_H #define DNS_TIME_H 1 +/*! \file */ + /*** *** Imports ***/ @@ -35,7 +37,7 @@ ISC_LANG_BEGINDECLS isc_result_t dns_time64_fromtext(const char *source, isc_int64_t *target); -/* +/*%< * Convert a date and time in YYYYMMDDHHMMSS text format at 'source' * into to a 64-bit count of seconds since Jan 1 1970 0:00 GMT. * Store the count at 'target'. @@ -43,7 +45,7 @@ dns_time64_fromtext(const char *source, isc_int64_t *target); isc_result_t dns_time32_fromtext(const char *source, isc_uint32_t *target); -/* +/*%< * Like dns_time64_fromtext, but returns the second count modulo 2^32 * as per RFC2535. */ @@ -51,14 +53,14 @@ dns_time32_fromtext(const char *source, isc_uint32_t *target); isc_result_t dns_time64_totext(isc_int64_t value, isc_buffer_t *target); -/* +/*%< * Convert a 64-bit count of seconds since Jan 1 1970 0:00 GMT into * a YYYYMMDDHHMMSS text representation and append it to 'target'. */ isc_result_t dns_time32_totext(isc_uint32_t value, isc_buffer_t *target); -/* +/*%< * Like dns_time64_totext, but for a 32-bit cyclic time value. * Of those dates whose counts of seconds since Jan 1 1970 0:00 GMT * are congruent with 'value' modulo 2^32, the one closest to the diff --git a/usr.sbin/bind/lib/dns/include/dns/timer.h b/usr.sbin/bind/lib/dns/include/dns/timer.h index 4306cdbae15..7bf2b2ae631 100644 --- a/usr.sbin/bind/lib/dns/include/dns/timer.h +++ b/usr.sbin/bind/lib/dns/include/dns/timer.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: timer.h,v 1.2.206.1 2004/03/06 08:14:00 marka Exp $ */ +/* $ISC: timer.h,v 1.3.18.2 2005/04/29 00:16:23 marka Exp $ */ #ifndef DNS_TIMER_H #define DNS_TIMER_H 1 +/*! \file */ + /*** *** Imports ***/ @@ -36,10 +38,10 @@ ISC_LANG_BEGINDECLS isc_result_t dns_timer_setidle(isc_timer_t *timer, unsigned int maxtime, unsigned int idletime, isc_boolean_t purge); -/* +/*%< * Convenience function for setting up simple, one-second-granularity * idle timers as used by zone transfers. - * + * \brief * Set the timer 'timer' to go off after 'idletime' seconds of inactivity, * or after 'maxtime' at the very latest. Events are purged iff * 'purge' is ISC_TRUE. diff --git a/usr.sbin/bind/lib/dns/include/dns/tkey.h b/usr.sbin/bind/lib/dns/include/dns/tkey.h index a759eef98d3..cd3252808b5 100644 --- a/usr.sbin/bind/lib/dns/include/dns/tkey.h +++ b/usr.sbin/bind/lib/dns/include/dns/tkey.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: tkey.h,v 1.18.206.1 2004/03/06 08:14:00 marka Exp $ */ +/* $ISC: tkey.h,v 1.19.18.2 2005/04/29 00:16:23 marka Exp $ */ #ifndef DNS_TKEY_H #define DNS_TKEY_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -45,55 +47,55 @@ struct dns_tkeyctx { isc_result_t dns_tkeyctx_create(isc_mem_t *mctx, isc_entropy_t *ectx, dns_tkeyctx_t **tctxp); -/* +/*%< * Create an empty TKEY context. * * Requires: - * 'mctx' is not NULL - * 'tctx' is not NULL - * '*tctx' is NULL + *\li 'mctx' is not NULL + *\li 'tctx' is not NULL + *\li '*tctx' is NULL * * Returns - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * return codes from dns_name_fromtext() + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li return codes from dns_name_fromtext() */ void dns_tkeyctx_destroy(dns_tkeyctx_t **tctxp); -/* +/*%< * Frees all data associated with the TKEY context * * Requires: - * 'tctx' is not NULL - * '*tctx' is not NULL + *\li 'tctx' is not NULL + *\li '*tctx' is not NULL */ isc_result_t dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, dns_tsig_keyring_t *ring); -/* +/*%< * Processes a query containing a TKEY record, adding or deleting TSIG * keys if necessary, and modifies the message to contain the response. * * Requires: - * 'msg' is a valid message - * 'tctx' is a valid TKEY context - * 'ring' is a valid TSIG keyring + *\li 'msg' is a valid message + *\li 'tctx' is a valid TKEY context + *\li 'ring' is a valid TSIG keyring * * Returns - * ISC_R_SUCCESS msg was updated (the TKEY operation succeeded, + *\li #ISC_R_SUCCESS msg was updated (the TKEY operation succeeded, * or msg now includes a TKEY with an error set) * DNS_R_FORMERR the packet was malformed (missing a TKEY * or KEY). - * other An error occurred while processing the message + *\li other An error occurred while processing the message */ isc_result_t dns_tkey_builddhquery(dns_message_t *msg, dst_key_t *key, dns_name_t *name, dns_name_t *algorithm, isc_buffer_t *nonce, isc_uint32_t lifetime); -/* +/*%< * Builds a query containing a TKEY that will generate a shared * secret using a Diffie-Hellman key exchange. The shared key * will be of the specified algorithm (only DNS_TSIG_HMACMD5_NAME @@ -105,61 +107,61 @@ dns_tkey_builddhquery(dns_message_t *msg, dst_key_t *key, dns_name_t *name, * * * Requires: - * 'msg' is a valid message - * 'key' is a valid Diffie Hellman dst key - * 'name' is a valid name - * 'algorithm' is a valid name + *\li 'msg' is a valid message + *\li 'key' is a valid Diffie Hellman dst key + *\li 'name' is a valid name + *\li 'algorithm' is a valid name * * Returns: - * ISC_R_SUCCESS msg was successfully updated to include the + *\li #ISC_R_SUCCESS msg was successfully updated to include the * query to be sent - * other an error occurred while building the message + *\li other an error occurred while building the message */ isc_result_t dns_tkey_buildgssquery(dns_message_t *msg, dns_name_t *name, dns_name_t *gname, void *cred, isc_uint32_t lifetime, void **context); -/* +/*%< * XXX */ isc_result_t dns_tkey_builddeletequery(dns_message_t *msg, dns_tsigkey_t *key); -/* +/*%< * Builds a query containing a TKEY record that will delete the * specified shared secret from the server. * * Requires: - * 'msg' is a valid message - * 'key' is a valid TSIG key + *\li 'msg' is a valid message + *\li 'key' is a valid TSIG key * * Returns: - * ISC_R_SUCCESS msg was successfully updated to include the + *\li #ISC_R_SUCCESS msg was successfully updated to include the * query to be sent - * other an error occurred while building the message + *\li other an error occurred while building the message */ isc_result_t dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg, dst_key_t *key, isc_buffer_t *nonce, dns_tsigkey_t **outkey, dns_tsig_keyring_t *ring); -/* +/*%< * Processes a response to a query containing a TKEY that was * designed to generate a shared secret using a Diffie-Hellman key * exchange. If the query was successful, a new shared key * is created and added to the list of shared keys. * * Requires: - * 'qmsg' is a valid message (the query) - * 'rmsg' is a valid message (the response) - * 'key' is a valid Diffie Hellman dst key - * 'outkey' is either NULL or a pointer to NULL - * 'ring' is a valid keyring or NULL + *\li 'qmsg' is a valid message (the query) + *\li 'rmsg' is a valid message (the response) + *\li 'key' is a valid Diffie Hellman dst key + *\li 'outkey' is either NULL or a pointer to NULL + *\li 'ring' is a valid keyring or NULL * * Returns: - * ISC_R_SUCCESS the shared key was successfully added - * ISC_R_NOTFOUND an error occurred while looking for a + *\li #ISC_R_SUCCESS the shared key was successfully added + *\li #ISC_R_NOTFOUND an error occurred while looking for a * component of the query or response */ @@ -167,26 +169,26 @@ isc_result_t dns_tkey_processgssresponse(dns_message_t *qmsg, dns_message_t *rmsg, dns_name_t *gname, void *cred, void **context, dns_tsigkey_t **outkey, dns_tsig_keyring_t *ring); -/* +/*%< * XXX */ isc_result_t dns_tkey_processdeleteresponse(dns_message_t *qmsg, dns_message_t *rmsg, dns_tsig_keyring_t *ring); -/* +/*%< * Processes a response to a query containing a TKEY that was * designed to delete a shared secret. If the query was successful, * the shared key is deleted from the list of shared keys. * * Requires: - * 'qmsg' is a valid message (the query) - * 'rmsg' is a valid message (the response) - * 'ring' is not NULL + *\li 'qmsg' is a valid message (the query) + *\li 'rmsg' is a valid message (the response) + *\li 'ring' is not NULL * * Returns: - * ISC_R_SUCCESS the shared key was successfully deleted - * ISC_R_NOTFOUND an error occurred while looking for a + *\li #ISC_R_SUCCESS the shared key was successfully deleted + *\li #ISC_R_NOTFOUND an error occurred while looking for a * component of the query or response */ diff --git a/usr.sbin/bind/lib/dns/include/dns/tsig.h b/usr.sbin/bind/lib/dns/include/dns/tsig.h index d6d983d027b..ce79fd3979b 100644 --- a/usr.sbin/bind/lib/dns/include/dns/tsig.h +++ b/usr.sbin/bind/lib/dns/include/dns/tsig.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: tsig.h,v 1.40.2.2.8.3 2004/03/08 09:04:39 marka Exp $ */ +/* $ISC: tsig.h,v 1.43.18.4 2006/01/27 23:57:44 marka Exp $ */ #ifndef DNS_TSIG_H #define DNS_TSIG_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/refcount.h> #include <isc/rwlock.h> @@ -39,8 +41,18 @@ LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_gssapi_name; #define DNS_TSIG_GSSAPI_NAME dns_tsig_gssapi_name LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_gssapims_name; #define DNS_TSIG_GSSAPIMS_NAME dns_tsig_gssapims_name - -/* +LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_hmacsha1_name; +#define DNS_TSIG_HMACSHA1_NAME dns_tsig_hmacsha1_name +LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_hmacsha224_name; +#define DNS_TSIG_HMACSHA224_NAME dns_tsig_hmacsha224_name +LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_hmacsha256_name; +#define DNS_TSIG_HMACSHA256_NAME dns_tsig_hmacsha256_name +LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_hmacsha384_name; +#define DNS_TSIG_HMACSHA384_NAME dns_tsig_hmacsha384_name +LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_hmacsha512_name; +#define DNS_TSIG_HMACSHA512_NAME dns_tsig_hmacsha512_name + +/*% * Default fudge value. */ #define DNS_TSIG_FUDGE 300 @@ -53,17 +65,17 @@ struct dns_tsig_keyring { struct dns_tsigkey { /* Unlocked */ - unsigned int magic; /* Magic number. */ + unsigned int magic; /*%< Magic number. */ isc_mem_t *mctx; - dst_key_t *key; /* Key */ - dns_name_t name; /* Key name */ - dns_name_t *algorithm; /* Algorithm name */ - dns_name_t *creator; /* name that created secret */ - isc_boolean_t generated; /* was this generated? */ - isc_stdtime_t inception; /* start of validity period */ - isc_stdtime_t expire; /* end of validity period */ - dns_tsig_keyring_t *ring; /* the enclosing keyring */ - isc_refcount_t refs; /* reference counter */ + dst_key_t *key; /*%< Key */ + dns_name_t name; /*%< Key name */ + dns_name_t *algorithm; /*%< Algorithm name */ + dns_name_t *creator; /*%< name that created secret */ + isc_boolean_t generated; /*%< was this generated? */ + isc_stdtime_t inception; /*%< start of validity period */ + isc_stdtime_t expire; /*%< end of validity period */ + dns_tsig_keyring_t *ring; /*%< the enclosing keyring */ + isc_refcount_t refs; /*%< reference counter */ }; #define dns_tsigkey_identity(tsigkey) \ @@ -84,7 +96,7 @@ dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm, dns_name_t *creator, isc_stdtime_t inception, isc_stdtime_t expire, isc_mem_t *mctx, dns_tsig_keyring_t *ring, dns_tsigkey_t **key); -/* +/*%< * Creates a tsig key structure and saves it in the keyring. If key is * not NULL, *key will contain a copy of the key. The keys validity * period is specified by (inception, expire), and will not expire if @@ -95,100 +107,100 @@ dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm, * to generate a BADKEY response. * * Requires: - * 'name' is a valid dns_name_t - * 'algorithm' is a valid dns_name_t - * 'secret' is a valid pointer - * 'length' is an integer >= 0 - * 'key' is a valid dst key or NULL - * 'creator' points to a valid dns_name_t or is NULL - * 'mctx' is a valid memory context - * 'ring' is a valid TSIG keyring or NULL - * 'key' or '*key' must be NULL + *\li 'name' is a valid dns_name_t + *\li 'algorithm' is a valid dns_name_t + *\li 'secret' is a valid pointer + *\li 'length' is an integer >= 0 + *\li 'key' is a valid dst key or NULL + *\li 'creator' points to a valid dns_name_t or is NULL + *\li 'mctx' is a valid memory context + *\li 'ring' is a valid TSIG keyring or NULL + *\li 'key' or '*key' must be NULL * * Returns: - * ISC_R_SUCCESS - * ISC_R_EXISTS - a key with this name already exists - * ISC_R_NOTIMPLEMENTED - algorithm is not implemented - * ISC_R_NOMEMORY + *\li #ISC_R_SUCCESS + *\li #ISC_R_EXISTS - a key with this name already exists + *\li #ISC_R_NOTIMPLEMENTED - algorithm is not implemented + *\li #ISC_R_NOMEMORY */ void dns_tsigkey_attach(dns_tsigkey_t *source, dns_tsigkey_t **targetp); -/* +/*%< * Attach '*targetp' to 'source'. * * Requires: - * 'key' is a valid TSIG key + *\li 'key' is a valid TSIG key * * Ensures: - * *targetp is attached to source. + *\li *targetp is attached to source. */ void dns_tsigkey_detach(dns_tsigkey_t **keyp); -/* +/*%< * Detaches from the tsig key structure pointed to by '*key'. * * Requires: - * 'keyp' is not NULL and '*keyp' is a valid TSIG key + *\li 'keyp' is not NULL and '*keyp' is a valid TSIG key * * Ensures: - * 'keyp' points to NULL + *\li 'keyp' points to NULL */ void dns_tsigkey_setdeleted(dns_tsigkey_t *key); -/* +/*%< * Prevents this key from being used again. It will be deleted when * no references exist. * * Requires: - * 'key' is a valid TSIG key on a keyring + *\li 'key' is a valid TSIG key on a keyring */ isc_result_t dns_tsig_sign(dns_message_t *msg); -/* +/*%< * Generates a TSIG record for this message * * Requires: - * 'msg' is a valid message - * 'msg->tsigkey' is a valid TSIG key - * 'msg->tsig' is NULL + *\li 'msg' is a valid message + *\li 'msg->tsigkey' is a valid TSIG key + *\li 'msg->tsig' is NULL * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * ISC_R_NOSPACE - * DNS_R_EXPECTEDTSIG + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li #ISC_R_NOSPACE + *\li #DNS_R_EXPECTEDTSIG * - this is a response & msg->querytsig is NULL */ isc_result_t dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, dns_tsig_keyring_t *ring1, dns_tsig_keyring_t *ring2); -/* +/*%< * Verifies the TSIG record in this message * * Requires: - * 'source' is a valid buffer containing the unparsed message - * 'msg' is a valid message - * 'msg->tsigkey' is a valid TSIG key if this is a response - * 'msg->tsig' is NULL - * 'msg->querytsig' is not NULL if this is a response - * 'ring1' and 'ring2' are each either a valid keyring or NULL + *\li 'source' is a valid buffer containing the unparsed message + *\li 'msg' is a valid message + *\li 'msg->tsigkey' is a valid TSIG key if this is a response + *\li 'msg->tsig' is NULL + *\li 'msg->querytsig' is not NULL if this is a response + *\li 'ring1' and 'ring2' are each either a valid keyring or NULL * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * DNS_R_EXPECTEDTSIG - A TSIG was expected but not seen - * DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected - * DNS_R_TSIGERRORSET - the TSIG verified but ->error was set + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li #DNS_R_EXPECTEDTSIG - A TSIG was expected but not seen + *\li #DNS_R_UNEXPECTEDTSIG - A TSIG was seen but not expected + *\li #DNS_R_TSIGERRORSET - the TSIG verified but ->error was set * and this is a query - * DNS_R_CLOCKSKEW - the TSIG failed to verify because of + *\li #DNS_R_CLOCKSKEW - the TSIG failed to verify because of * the time was out of the allowed range. - * DNS_R_TSIGVERIFYFAILURE - the TSIG failed to verify - * DNS_R_EXPECTEDRESPONSE - the message was set over TCP and + *\li #DNS_R_TSIGVERIFYFAILURE - the TSIG failed to verify + *\li #DNS_R_EXPECTEDRESPONSE - the message was set over TCP and * should have been a response, * but was not. */ @@ -196,45 +208,45 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, isc_result_t dns_tsigkey_find(dns_tsigkey_t **tsigkey, dns_name_t *name, dns_name_t *algorithm, dns_tsig_keyring_t *ring); -/* +/*%< * Returns the TSIG key corresponding to this name and (possibly) * algorithm. Also increments the key's reference counter. * * Requires: - * 'tsigkey' is not NULL - * '*tsigkey' is NULL - * 'name' is a valid dns_name_t - * 'algorithm' is a valid dns_name_t or NULL - * 'ring' is a valid keyring + *\li 'tsigkey' is not NULL + *\li '*tsigkey' is NULL + *\li 'name' is a valid dns_name_t + *\li 'algorithm' is a valid dns_name_t or NULL + *\li 'ring' is a valid keyring * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOTFOUND + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOTFOUND */ isc_result_t dns_tsigkeyring_create(isc_mem_t *mctx, dns_tsig_keyring_t **ringp); -/* +/*%< * Create an empty TSIG key ring. * * Requires: - * 'mctx' is not NULL - * 'ringp' is not NULL, and '*ringp' is NULL + *\li 'mctx' is not NULL + *\li 'ringp' is not NULL, and '*ringp' is NULL * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY */ void dns_tsigkeyring_destroy(dns_tsig_keyring_t **ringp); -/* +/*%< * Destroy a TSIG key ring. * * Requires: - * 'ringp' is not NULL + *\li 'ringp' is not NULL */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/ttl.h b/usr.sbin/bind/lib/dns/include/dns/ttl.h index c8e1cab38b9..2f8206b5aaf 100644 --- a/usr.sbin/bind/lib/dns/include/dns/ttl.h +++ b/usr.sbin/bind/lib/dns/include/dns/ttl.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ttl.h,v 1.12.206.1 2004/03/06 08:14:01 marka Exp $ */ +/* $ISC: ttl.h,v 1.13.18.2 2005/04/29 00:16:24 marka Exp $ */ #ifndef DNS_TTL_H #define DNS_TTL_H 1 +/*! \file */ + /*** *** Imports ***/ @@ -36,7 +38,7 @@ ISC_LANG_BEGINDECLS isc_result_t dns_ttl_totext(isc_uint32_t src, isc_boolean_t verbose, isc_buffer_t *target); -/* +/*%< * Output a TTL or other time interval in a human-readable form. * The time interval is given as a count of seconds in 'src'. * The text representation is appended to 'target'. @@ -47,28 +49,28 @@ dns_ttl_totext(isc_uint32_t src, isc_boolean_t verbose, * in "dig", like "1 week 2 days 3 hours 4 minutes 5 seconds". * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOSPACE + * \li ISC_R_SUCCESS + * \li ISC_R_NOSPACE */ isc_result_t dns_counter_fromtext(isc_textregion_t *source, isc_uint32_t *ttl); -/* +/*%< * Converts a counter from either a plain number or a BIND 8 style value. * * Returns: - * ISC_R_SUCCESS - * DNS_R_SYNTAX + *\li ISC_R_SUCCESS + *\li DNS_R_SYNTAX */ isc_result_t dns_ttl_fromtext(isc_textregion_t *source, isc_uint32_t *ttl); -/* +/*%< * Converts a ttl from either a plain number or a BIND 8 style value. * * Returns: - * ISC_R_SUCCESS - * DNS_R_BADTTL + *\li ISC_R_SUCCESS + *\li DNS_R_BADTTL */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dns/types.h b/usr.sbin/bind/lib/dns/include/dns/types.h index 638307e25a2..fa308a2a73d 100644 --- a/usr.sbin/bind/lib/dns/include/dns/types.h +++ b/usr.sbin/bind/lib/dns/include/dns/types.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,21 +15,25 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: types.h,v 1.103.12.9 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: types.h,v 1.109.18.12 2006/05/02 12:55:31 shane Exp $ */ #ifndef DNS_TYPES_H #define DNS_TYPES_H 1 -/* +/*! \file + * \brief * Including this file gives you type declarations suitable for use in * .h files, which lets us avoid circular type reference problems. - * + * \brief * To actually use a type or get declarations of its methods, you must * include the appropriate .h file too. */ #include <isc/types.h> +typedef struct dns_acache dns_acache_t; +typedef struct dns_acacheentry dns_acacheentry_t; +typedef struct dns_acachestats dns_acachestats_t; typedef struct dns_acl dns_acl_t; typedef struct dns_aclelement dns_aclelement_t; typedef struct dns_aclenv dns_aclenv_t; @@ -50,6 +54,9 @@ typedef void dns_dbload_t; typedef void dns_dbnode_t; typedef struct dns_dbtable dns_dbtable_t; typedef void dns_dbversion_t; +typedef struct dns_dlzimplementation dns_dlzimplementation_t; +typedef struct dns_dlzdb dns_dlzdb_t; +typedef struct dns_sdlzimplementation dns_sdlzimplementation_t; typedef struct dns_decompress dns_decompress_t; typedef struct dns_dispatch dns_dispatch_t; typedef struct dns_dispatchevent dns_dispatchevent_t; @@ -136,7 +143,8 @@ typedef enum { typedef enum { dns_notifytype_no = 0, dns_notifytype_yes = 1, - dns_notifytype_explicit = 2 + dns_notifytype_explicit = 2, + dns_notifytype_masteronly = 3 } dns_notifytype_t; typedef enum { @@ -148,13 +156,19 @@ typedef enum { dns_dialuptype_passive = 5 } dns_dialuptype_t; +typedef enum { + dns_masterformat_none = 0, + dns_masterformat_text = 1, + dns_masterformat_raw = 2 +} dns_masterformat_t; + /* * These are generated by gen.c. */ #include <dns/enumtype.h> /* Provides dns_rdatatype_t. */ #include <dns/enumclass.h> /* Provides dns_rdataclass_t. */ -/* +/*% * rcodes. */ enum { @@ -190,7 +204,7 @@ enum { #define dns_rcode_badvers ((dns_rcode_t)dns_rcode_badvers) }; -/* +/*% * TSIG errors. */ enum { @@ -199,10 +213,11 @@ enum { dns_tsigerror_badtime = 18, dns_tsigerror_badmode = 19, dns_tsigerror_badname = 20, - dns_tsigerror_badalg = 21 + dns_tsigerror_badalg = 21, + dns_tsigerror_badtrunc = 22 }; -/* +/*% * Opcodes. */ enum { @@ -218,7 +233,7 @@ enum { #define dns_opcode_update ((dns_opcode_t)dns_opcode_update) }; -/* +/*% * Trust levels. Must be kept in sync with trustnames[] in masterdump.c. */ enum { @@ -226,11 +241,11 @@ enum { dns_trust_none = 0, #define dns_trust_none ((dns_trust_t)dns_trust_none) - /* Subject to DNSSEC validation but has not yet been validated */ + /*% Subject to DNSSEC validation but has not yet been validated */ dns_trust_pending = 1, #define dns_trust_pending ((dns_trust_t)dns_trust_pending) - /* Received in the additional section of a response. */ + /*% Received in the additional section of a response. */ dns_trust_additional = 2, #define dns_trust_additional ((dns_trust_t)dns_trust_additional) @@ -260,7 +275,7 @@ enum { #define dns_trust_ultimate ((dns_trust_t)dns_trust_ultimate) }; -/* +/*% * Name checking severites. */ typedef enum { @@ -294,6 +309,20 @@ typedef void (*dns_updatecallback_t)(void *, isc_result_t, dns_message_t *); typedef int -(*dns_rdatasetorderfunc_t)(const dns_rdata_t *rdata, const void *arg); +(*dns_rdatasetorderfunc_t)(const dns_rdata_t *, const void *); + +typedef isc_boolean_t +(*dns_checkmxfunc_t)(dns_zone_t *, dns_name_t *, dns_name_t *); + +typedef isc_boolean_t +(*dns_checksrvfunc_t)(dns_zone_t *, dns_name_t *, dns_name_t *); + +typedef isc_boolean_t +(*dns_checknsfunc_t)(dns_zone_t *, dns_name_t *, dns_name_t *, + dns_rdataset_t *, dns_rdataset_t *); + +typedef isc_boolean_t +(*dns_isselffunc_t)(dns_view_t *, dns_tsigkey_t *, isc_sockaddr_t *, + isc_sockaddr_t *, dns_rdataclass_t, void *); #endif /* DNS_TYPES_H */ diff --git a/usr.sbin/bind/lib/dns/include/dns/validator.h b/usr.sbin/bind/lib/dns/include/dns/validator.h index b6ca3ed8325..793d0ae32fc 100644 --- a/usr.sbin/bind/lib/dns/include/dns/validator.h +++ b/usr.sbin/bind/lib/dns/include/dns/validator.h @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: validator.h,v 1.18.12.11.6.1 2007/01/11 04:51:39 marka Exp $ */ +/* $ISC: validator.h,v 1.27.18.10 2007/09/26 04:39:45 each Exp $ */ #ifndef DNS_VALIDATOR_H #define DNS_VALIDATOR_H 1 @@ -81,11 +81,24 @@ typedef struct dns_validatorevent { ISC_EVENT_COMMON(struct dns_validatorevent); dns_validator_t * validator; isc_result_t result; + /* + * Name and type of the response to be validated. + */ dns_name_t * name; dns_rdatatype_t type; + /* + * Rdata and RRSIG (if any) for positive responses. + */ dns_rdataset_t * rdataset; dns_rdataset_t * sigrdataset; + /* + * The full response. Required for negative responses. + * Also required for positive wildcard responses. + */ dns_message_t * message; + /* + * Proofs to be cached. + */ dns_name_t * proofs[3]; } dns_validatorevent_t; diff --git a/usr.sbin/bind/lib/dns/include/dns/version.h b/usr.sbin/bind/lib/dns/include/dns/version.h index d734273cdb0..78bff755dc5 100644 --- a/usr.sbin/bind/lib/dns/include/dns/version.h +++ b/usr.sbin/bind/lib/dns/include/dns/version.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: version.h,v 1.2.224.3 2004/03/08 09:04:40 marka Exp $ */ +/* $ISC: version.h,v 1.3.18.2 2005/04/29 00:16:25 marka Exp $ */ + +/*! \file */ #include <isc/platform.h> diff --git a/usr.sbin/bind/lib/dns/include/dns/xfrin.h b/usr.sbin/bind/lib/dns/include/dns/xfrin.h index 03027c03996..cbd6b68879d 100644 --- a/usr.sbin/bind/lib/dns/include/dns/xfrin.h +++ b/usr.sbin/bind/lib/dns/include/dns/xfrin.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: xfrin.h,v 1.18.136.4 2006/07/20 01:10:29 marka Exp $ */ +/* $ISC: xfrin.h,v 1.20.18.5 2006/07/20 01:10:30 marka Exp $ */ #ifndef DNS_XFRIN_H #define DNS_XFRIN_H 1 @@ -24,7 +24,8 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * Incoming zone transfers (AXFR + IXFR). */ @@ -40,7 +41,7 @@ *** Types ***/ -/* +/*% * A transfer in progress. This is an opaque type. */ typedef struct dns_xfrin_ctx dns_xfrin_ctx_t; @@ -51,6 +52,7 @@ typedef struct dns_xfrin_ctx dns_xfrin_ctx_t; ISC_LANG_BEGINDECLS +/*% see dns_xfrin_create2() */ isc_result_t dns_xfrin_create(dns_zone_t *zone, dns_rdatatype_t xfrtype, isc_sockaddr_t *masteraddr, dns_tsigkey_t *tsigkey, @@ -65,7 +67,7 @@ dns_xfrin_create2(dns_zone_t *zone, dns_rdatatype_t xfrtype, isc_timermgr_t *timermgr, isc_socketmgr_t *socketmgr, isc_task_t *task, dns_xfrindone_t done, dns_xfrin_ctx_t **xfrp); -/* +/*%< * Attempt to start an incoming zone transfer of 'zone' * from 'masteraddr', creating a dns_xfrin_ctx_t object to * manage it. Attach '*xfrp' to the newly created object. @@ -75,17 +77,17 @@ dns_xfrin_create2(dns_zone_t *zone, dns_rdatatype_t xfrtype, * code as arguments when the transfer finishes. * * Requires: - * 'xfrtype' is dns_rdatatype_axfr, dns_rdatatype_ixfr + *\li 'xfrtype' is dns_rdatatype_axfr, dns_rdatatype_ixfr * or dns_rdatatype_soa (soa query followed by axfr if * serial is greater than current serial). * - * If 'xfrtype' is dns_rdatatype_ixfr or dns_rdatatype_soa, + *\li If 'xfrtype' is dns_rdatatype_ixfr or dns_rdatatype_soa, * the zone has a database. */ void dns_xfrin_shutdown(dns_xfrin_ctx_t *xfr); -/* +/*%< * If the zone transfer 'xfr' has already finished, * do nothing. Otherwise, abort it and cause it to call * its done callback with a status of ISC_R_CANCELLED. @@ -93,14 +95,14 @@ dns_xfrin_shutdown(dns_xfrin_ctx_t *xfr); void dns_xfrin_detach(dns_xfrin_ctx_t **xfrp); -/* +/*%< * Detach a reference to a zone transfer object. * Caller to maintain external locking if required. */ void dns_xfrin_attach(dns_xfrin_ctx_t *source, dns_xfrin_ctx_t **target); -/* +/*%< * Caller to maintain external locking if required. */ diff --git a/usr.sbin/bind/lib/dns/include/dns/zonekey.h b/usr.sbin/bind/lib/dns/include/dns/zonekey.h index 6094f32af0d..c3dad62b1d0 100644 --- a/usr.sbin/bind/lib/dns/include/dns/zonekey.h +++ b/usr.sbin/bind/lib/dns/include/dns/zonekey.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: zonekey.h,v 1.3.206.1 2004/03/06 08:14:01 marka Exp $ */ +/* $ISC: zonekey.h,v 1.4.18.2 2005/04/29 00:16:26 marka Exp $ */ #ifndef DNS_ZONEKEY_H #define DNS_ZONEKEY_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -28,7 +30,7 @@ ISC_LANG_BEGINDECLS isc_boolean_t dns_zonekey_iszonekey(dns_rdata_t *keyrdata); -/* +/*%< * Determines if the key record contained in the rdata is a zone key. * * Requires: diff --git a/usr.sbin/bind/lib/dns/include/dns/zt.h b/usr.sbin/bind/lib/dns/include/dns/zt.h index 84375e1a89c..7ecd04ee587 100644 --- a/usr.sbin/bind/lib/dns/include/dns/zt.h +++ b/usr.sbin/bind/lib/dns/include/dns/zt.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: zt.h,v 1.27.2.2.8.1 2004/03/06 08:14:01 marka Exp $ */ +/* $ISC: zt.h,v 1.30.18.3 2005/04/27 05:01:42 sra Exp $ */ #ifndef DNS_ZT_H #define DNS_ZT_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -30,101 +32,101 @@ ISC_LANG_BEGINDECLS isc_result_t dns_zt_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, dns_zt_t **zt); -/* +/*%< * Creates a new zone table. * * Requires: - * 'mctx' to be initialized. + * \li 'mctx' to be initialized. * * Returns: - * ISC_R_SUCCESS on success. - * ISC_R_NOMEMORY + * \li #ISC_R_SUCCESS on success. + * \li #ISC_R_NOMEMORY */ isc_result_t dns_zt_mount(dns_zt_t *zt, dns_zone_t *zone); -/* +/*%< * Mounts the zone on the zone table. * * Requires: - * 'zt' to be valid - * 'zone' to be valid + * \li 'zt' to be valid + * \li 'zone' to be valid * * Returns: - * ISC_R_SUCCESS - * ISC_R_EXISTS - * ISC_R_NOSPACE - * ISC_R_NOMEMORY + * \li #ISC_R_SUCCESS + * \li #ISC_R_EXISTS + * \li #ISC_R_NOSPACE + * \li #ISC_R_NOMEMORY */ isc_result_t dns_zt_unmount(dns_zt_t *zt, dns_zone_t *zone); -/* +/*%< * Unmount the given zone from the table. * * Requires: * 'zt' to be valid - * 'zone' to be valid + * \li 'zone' to be valid * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOTFOUND - * ISC_R_NOMEMORY + * \li #ISC_R_SUCCESS + * \li #ISC_R_NOTFOUND + * \li #ISC_R_NOMEMORY */ isc_result_t dns_zt_find(dns_zt_t *zt, dns_name_t *name, unsigned int options, dns_name_t *foundname, dns_zone_t **zone); -/* +/*%< * Find the best match for 'name' in 'zt'. If foundname is non NULL * then the name of the zone found is returned. * * Notes: - * If the DNS_ZTFIND_NOEXACT is set, the best partial match (if any) + * \li If the DNS_ZTFIND_NOEXACT is set, the best partial match (if any) * to 'name' will be returned. * * Requires: - * 'zt' to be valid - * 'name' to be valid - * 'foundname' to be initialized and associated with a fixedname or NULL - * 'zone' to be non NULL and '*zone' to be NULL + * \li 'zt' to be valid + * \li 'name' to be valid + * \li 'foundname' to be initialized and associated with a fixedname or NULL + * \li 'zone' to be non NULL and '*zone' to be NULL * * Returns: - * ISC_R_SUCCESS - * DNS_R_PARTIALMATCH - * ISC_R_NOTFOUND - * ISC_R_NOSPACE + * \li #ISC_R_SUCCESS + * \li #DNS_R_PARTIALMATCH + * \li #ISC_R_NOTFOUND + * \li #ISC_R_NOSPACE */ void dns_zt_detach(dns_zt_t **ztp); -/* +/*%< * Detach the given zonetable, if the reference count goes to zero the * zonetable will be freed. In either case 'ztp' is set to NULL. * * Requires: - * '*ztp' to be valid + * \li '*ztp' to be valid */ void dns_zt_flushanddetach(dns_zt_t **ztp); -/* +/*%< * Detach the given zonetable, if the reference count goes to zero the * zonetable will be flushed and then freed. In either case 'ztp' is * set to NULL. * * Requires: - * '*ztp' to be valid + * \li '*ztp' to be valid */ void dns_zt_attach(dns_zt_t *zt, dns_zt_t **ztp); -/* +/*%< * Attach 'zt' to '*ztp'. * * Requires: - * 'zt' to be valid - * '*ztp' to be NULL + * \li 'zt' to be valid + * \li '*ztp' to be NULL */ isc_result_t @@ -132,7 +134,7 @@ dns_zt_load(dns_zt_t *zt, isc_boolean_t stop); isc_result_t dns_zt_loadnew(dns_zt_t *zt, isc_boolean_t stop); -/* +/*%< * Load all zones in the table. If 'stop' is ISC_TRUE, * stop on the first error and return it. If 'stop' * is ISC_FALSE, ignore errors. @@ -142,23 +144,37 @@ dns_zt_loadnew(dns_zt_t *zt, isc_boolean_t stop); * and whose master file has changed since the last load. * * Requires: - * 'zt' to be valid + * \li 'zt' to be valid + */ + +isc_result_t +dns_zt_freezezones(dns_zt_t *zt, isc_boolean_t freeze); +/*%< + * Freeze/thaw updates to master zones. + * Any pending updates will be flushed. + * Zones will be reloaded on thaw. */ isc_result_t dns_zt_apply(dns_zt_t *zt, isc_boolean_t stop, isc_result_t (*action)(dns_zone_t *, void *), void *uap); -/* + +isc_result_t +dns_zt_apply2(dns_zt_t *zt, isc_boolean_t stop, isc_result_t *sub, + isc_result_t (*action)(dns_zone_t *, void *), void *uap); +/*%< * Apply a given 'action' to all zone zones in the table. * If 'stop' is 'ISC_TRUE' then walking the zone tree will stop if * 'action' does not return ISC_R_SUCCESS. * * Requires: - * 'zt' to be valid. - * 'action' to be non NULL. + * \li 'zt' to be valid. + * \li 'action' to be non NULL. * * Returns: - * ISC_R_SUCCESS if action was applied to all nodes. + * \li ISC_R_SUCCESS if action was applied to all nodes. If 'stop' is + * ISC_FALSE and 'sub' is non NULL then the first error (if any) + * reported by 'action' is returned in '*sub'; * any error code from 'action'. */ diff --git a/usr.sbin/bind/lib/dns/include/dst/Makefile.in b/usr.sbin/bind/lib/dns/include/dst/Makefile.in index f7fd53dd72d..f1f02466f7a 100644 --- a/usr.sbin/bind/lib/dns/include/dst/Makefile.in +++ b/usr.sbin/bind/lib/dns/include/dst/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.1.4.1 2004/12/09 04:07:19 marka Exp $ +# $ISC: Makefile.in,v 1.1.6.1 2004/12/09 04:41:47 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/dns/include/dst/dst.h b/usr.sbin/bind/lib/dns/include/dst/dst.h index 06c5518c043..f0834e3c648 100644 --- a/usr.sbin/bind/lib/dns/include/dst/dst.h +++ b/usr.sbin/bind/lib/dns/include/dst/dst.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dst.h,v 1.1.4.1 2004/12/09 04:07:19 marka Exp $ */ +/* $ISC: dst.h,v 1.1.6.5 2006/01/27 23:57:44 marka Exp $ */ #ifndef DST_DST_H #define DST_DST_H 1 +/*! \file */ + #include <isc/lang.h> #include <dns/types.h> @@ -30,7 +32,7 @@ ISC_LANG_BEGINDECLS *** Types ***/ -/* +/*% * The dst_key structure is opaque. Applications should use the accessor * functions provided to retrieve key attributes. If an application needs * to set attributes, new accessor functions will be written. @@ -42,27 +44,32 @@ typedef struct dst_context dst_context_t; /* DST algorithm codes */ #define DST_ALG_UNKNOWN 0 #define DST_ALG_RSAMD5 1 -#define DST_ALG_RSA DST_ALG_RSAMD5 /* backwards compatibility */ +#define DST_ALG_RSA DST_ALG_RSAMD5 /*%< backwards compatibility */ #define DST_ALG_DH 2 #define DST_ALG_DSA 3 #define DST_ALG_ECC 4 #define DST_ALG_RSASHA1 5 #define DST_ALG_HMACMD5 157 #define DST_ALG_GSSAPI 160 +#define DST_ALG_HMACSHA1 161 /* XXXMPA */ +#define DST_ALG_HMACSHA224 162 /* XXXMPA */ +#define DST_ALG_HMACSHA256 163 /* XXXMPA */ +#define DST_ALG_HMACSHA384 164 /* XXXMPA */ +#define DST_ALG_HMACSHA512 165 /* XXXMPA */ #define DST_ALG_PRIVATE 254 #define DST_ALG_EXPAND 255 #define DST_MAX_ALGS 255 -/* A buffer of this size is large enough to hold any key */ +/*% A buffer of this size is large enough to hold any key */ #define DST_KEY_MAXSIZE 1280 -/* +/*% * A buffer of this size is large enough to hold the textual representation * of any key */ #define DST_KEY_MAXTEXTSIZE 2048 -/* 'Type' for dst_read_key() */ +/*% 'Type' for dst_read_key() */ #define DST_TYPE_KEY 0x1000000 /* KEY key */ #define DST_TYPE_PRIVATE 0x2000000 #define DST_TYPE_PUBLIC 0x4000000 @@ -73,239 +80,262 @@ typedef struct dst_context dst_context_t; isc_result_t dst_lib_init(isc_mem_t *mctx, isc_entropy_t *ectx, unsigned int eflags); -/* +/*%< * Initializes the DST subsystem. * * Requires: - * "mctx" is a valid memory context - * "ectx" is a valid entropy context + * \li "mctx" is a valid memory context + * \li "ectx" is a valid entropy context * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + * \li ISC_R_SUCCESS + * \li ISC_R_NOMEMORY * * Ensures: - * DST is properly initialized. + * \li DST is properly initialized. */ void dst_lib_destroy(void); -/* +/*%< * Releases all resources allocated by DST. */ isc_boolean_t dst_algorithm_supported(unsigned int alg); -/* +/*%< * Checks that a given algorithm is supported by DST. * * Returns: - * ISC_TRUE - * ISC_FALSE + * \li ISC_TRUE + * \li ISC_FALSE */ isc_result_t dst_context_create(dst_key_t *key, isc_mem_t *mctx, dst_context_t **dctxp); -/* +/*%< * Creates a context to be used for a sign or verify operation. * * Requires: - * "key" is a valid key. - * "mctx" is a valid memory context. - * dctxp != NULL && *dctxp == NULL + * \li "key" is a valid key. + * \li "mctx" is a valid memory context. + * \li dctxp != NULL && *dctxp == NULL * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + * \li ISC_R_SUCCESS + * \li ISC_R_NOMEMORY * * Ensures: - * *dctxp will contain a usable context. + * \li *dctxp will contain a usable context. */ void dst_context_destroy(dst_context_t **dctxp); -/* +/*%< * Destroys all memory associated with a context. * * Requires: - * *dctxp != NULL && *dctxp == NULL + * \li *dctxp != NULL && *dctxp == NULL * * Ensures: - * *dctxp == NULL + * \li *dctxp == NULL */ isc_result_t dst_context_adddata(dst_context_t *dctx, const isc_region_t *data); -/* +/*%< * Incrementally adds data to the context to be used in a sign or verify * operation. * * Requires: - * "dctx" is a valid context - * "data" is a valid region + * \li "dctx" is a valid context + * \li "data" is a valid region * * Returns: - * ISC_R_SUCCESS - * DST_R_SIGNFAILURE - * all other errors indicate failure + * \li ISC_R_SUCCESS + * \li DST_R_SIGNFAILURE + * \li all other errors indicate failure */ isc_result_t dst_context_sign(dst_context_t *dctx, isc_buffer_t *sig); -/* +/*%< * Computes a signature using the data and key stored in the context. * * Requires: - * "dctx" is a valid context. - * "sig" is a valid buffer. + * \li "dctx" is a valid context. + * \li "sig" is a valid buffer. * * Returns: - * ISC_R_SUCCESS - * DST_R_VERIFYFAILURE - * all other errors indicate failure + * \li ISC_R_SUCCESS + * \li DST_R_VERIFYFAILURE + * \li all other errors indicate failure * * Ensures: - * "sig" will contain the signature + * \li "sig" will contain the signature */ isc_result_t dst_context_verify(dst_context_t *dctx, isc_region_t *sig); -/* +/*%< * Verifies the signature using the data and key stored in the context. * * Requires: - * "dctx" is a valid context. - * "sig" is a valid region. + * \li "dctx" is a valid context. + * \li "sig" is a valid region. * * Returns: - * ISC_R_SUCCESS - * all other errors indicate failure + * \li ISC_R_SUCCESS + * \li all other errors indicate failure * * Ensures: - * "sig" will contain the signature + * \li "sig" will contain the signature */ isc_result_t dst_key_computesecret(const dst_key_t *pub, const dst_key_t *priv, isc_buffer_t *secret); -/* +/*%< * Computes a shared secret from two (Diffie-Hellman) keys. * * Requires: - * "pub" is a valid key that can be used to derive a shared secret - * "priv" is a valid private key that can be used to derive a shared secret - * "secret" is a valid buffer + * \li "pub" is a valid key that can be used to derive a shared secret + * \li "priv" is a valid private key that can be used to derive a shared secret + * \li "secret" is a valid buffer * * Returns: - * ISC_R_SUCCESS - * any other result indicates failure + * \li ISC_R_SUCCESS + * \li any other result indicates failure * * Ensures: - * If successful, secret will contain the derived shared secret. + * \li If successful, secret will contain the derived shared secret. */ isc_result_t dst_key_fromfile(dns_name_t *name, dns_keytag_t id, unsigned int alg, int type, const char *directory, isc_mem_t *mctx, dst_key_t **keyp); -/* +/*%< * Reads a key from permanent storage. The key can either be a public or * private key, and is specified by name, algorithm, and id. If a private key * is specified, the public key must also be present. If directory is NULL, * the current directory is assumed. * * Requires: - * "name" is a valid absolute dns name. - * "id" is a valid key tag identifier. - * "alg" is a supported key algorithm. - * "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union. + * \li "name" is a valid absolute dns name. + * \li "id" is a valid key tag identifier. + * \li "alg" is a supported key algorithm. + * \li "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union. * DST_TYPE_KEY look for a KEY record otherwise DNSKEY - * "mctx" is a valid memory context. - * "keyp" is not NULL and "*keyp" is NULL. + * \li "mctx" is a valid memory context. + * \li "keyp" is not NULL and "*keyp" is NULL. * * Returns: - * ISC_R_SUCCESS - * any other result indicates failure + * \li ISC_R_SUCCESS + * \li any other result indicates failure * * Ensures: - * If successful, *keyp will contain a valid key. + * \li If successful, *keyp will contain a valid key. */ isc_result_t dst_key_fromnamedfile(const char *filename, int type, isc_mem_t *mctx, dst_key_t **keyp); -/* +/*%< * Reads a key from permanent storage. The key can either be a public or * key, and is specified by filename. If a private key is specified, the * public key must also be present. * * Requires: - * "filename" is not NULL - * "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union + * \li "filename" is not NULL + * \li "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union * DST_TYPE_KEY look for a KEY record otherwise DNSKEY - * "mctx" is a valid memory context - * "keyp" is not NULL and "*keyp" is NULL. + * \li "mctx" is a valid memory context + * \li "keyp" is not NULL and "*keyp" is NULL. * * Returns: - * ISC_R_SUCCESS - * any other result indicates failure + * \li ISC_R_SUCCESS + * \li any other result indicates failure * * Ensures: - * If successful, *keyp will contain a valid key. + * \li If successful, *keyp will contain a valid key. + */ + + +isc_result_t +dst_key_read_public(const char *filename, int type, + isc_mem_t *mctx, dst_key_t **keyp); +/*%< + * Reads a public key from permanent storage. The key must be a public key. + * + * Requires: + * \li "filename" is not NULL + * \li "type" is DST_TYPE_KEY look for a KEY record otherwise DNSKEY + * \li "mctx" is a valid memory context + * \li "keyp" is not NULL and "*keyp" is NULL. + * + * Returns: + * \li ISC_R_SUCCESS + * \li DST_R_BADKEYTYPE if the key type is not the expected one + * \li ISC_R_UNEXPECTEDTOKEN if the file can not be parsed as a public key + * \li any other result indicates failure + * + * Ensures: + * \li If successful, *keyp will contain a valid key. */ isc_result_t dst_key_tofile(const dst_key_t *key, int type, const char *directory); -/* +/*%< * Writes a key to permanent storage. The key can either be a public or * private key. Public keys are written in DNS format and private keys * are written as a set of base64 encoded values. If directory is NULL, * the current directory is assumed. * * Requires: - * "key" is a valid key. - * "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union + * \li "key" is a valid key. + * \li "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union * * Returns: - * ISC_R_SUCCESS - * any other result indicates failure + * \li ISC_R_SUCCESS + * \li any other result indicates failure */ isc_result_t dst_key_fromdns(dns_name_t *name, dns_rdataclass_t rdclass, isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp); -/* +/*%< * Converts a DNS KEY record into a DST key. * * Requires: - * "name" is a valid absolute dns name. - * "source" is a valid buffer. There must be at least 4 bytes available. - * "mctx" is a valid memory context. - * "keyp" is not NULL and "*keyp" is NULL. + * \li "name" is a valid absolute dns name. + * \li "source" is a valid buffer. There must be at least 4 bytes available. + * \li "mctx" is a valid memory context. + * \li "keyp" is not NULL and "*keyp" is NULL. * * Returns: - * ISC_R_SUCCESS - * any other result indicates failure + * \li ISC_R_SUCCESS + * \li any other result indicates failure * * Ensures: - * If successful, *keyp will contain a valid key, and the consumed + * \li If successful, *keyp will contain a valid key, and the consumed * pointer in data will be advanced. */ isc_result_t dst_key_todns(const dst_key_t *key, isc_buffer_t *target); -/* +/*%< * Converts a DST key into a DNS KEY record. * * Requires: - * "key" is a valid key. - * "target" is a valid buffer. There must be at least 4 bytes unused. + * \li "key" is a valid key. + * \li "target" is a valid buffer. There must be at least 4 bytes unused. * * Returns: - * ISC_R_SUCCESS - * any other result indicates failure + * \li ISC_R_SUCCESS + * \li any other result indicates failure * * Ensures: - * If successful, the used pointer in 'target' is advanced by at least 4. + * \li If successful, the used pointer in 'target' is advanced by at least 4. */ isc_result_t @@ -313,80 +343,80 @@ dst_key_frombuffer(dns_name_t *name, unsigned int alg, unsigned int flags, unsigned int protocol, dns_rdataclass_t rdclass, isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp); -/* +/*%< * Converts a buffer containing DNS KEY RDATA into a DST key. * * Requires: - * "name" is a valid absolute dns name. - * "alg" is a supported key algorithm. - * "source" is a valid buffer. - * "mctx" is a valid memory context. - * "keyp" is not NULL and "*keyp" is NULL. + *\li "name" is a valid absolute dns name. + *\li "alg" is a supported key algorithm. + *\li "source" is a valid buffer. + *\li "mctx" is a valid memory context. + *\li "keyp" is not NULL and "*keyp" is NULL. * * Returns: - * ISC_R_SUCCESS - * any other result indicates failure + *\li ISC_R_SUCCESS + * \li any other result indicates failure * * Ensures: - * If successful, *keyp will contain a valid key, and the consumed + *\li If successful, *keyp will contain a valid key, and the consumed * pointer in source will be advanced. */ isc_result_t dst_key_tobuffer(const dst_key_t *key, isc_buffer_t *target); -/* +/*%< * Converts a DST key into DNS KEY RDATA format. * * Requires: - * "key" is a valid key. - * "target" is a valid buffer. + *\li "key" is a valid key. + *\li "target" is a valid buffer. * * Returns: - * ISC_R_SUCCESS - * any other result indicates failure + *\li ISC_R_SUCCESS + * \li any other result indicates failure * * Ensures: - * If successful, the used pointer in 'target' is advanced. + *\li If successful, the used pointer in 'target' is advanced. */ isc_result_t dst_key_privatefrombuffer(dst_key_t *key, isc_buffer_t *buffer); -/* +/*%< * Converts a public key into a private key, reading the private key * information from the buffer. The buffer should contain the same data * as the .private key file would. * * Requires: - * "key" is a valid public key. - * "buffer" is not NULL. + *\li "key" is a valid public key. + *\li "buffer" is not NULL. * * Returns: - * ISC_R_SUCCESS - * any other result indicates failure + *\li ISC_R_SUCCESS + * \li any other result indicates failure * * Ensures: - * If successful, key will contain a valid private key. + *\li If successful, key will contain a valid private key. */ isc_result_t dst_key_fromgssapi(dns_name_t *name, void *opaque, isc_mem_t *mctx, dst_key_t **keyp); -/* +/*%< * Converts a GSSAPI opaque context id into a DST key. * * Requires: - * "name" is a valid absolute dns name. - * "opaque" is a GSSAPI context id. - * "mctx" is a valid memory context. - * "keyp" is not NULL and "*keyp" is NULL. + *\li "name" is a valid absolute dns name. + *\li "opaque" is a GSSAPI context id. + *\li "mctx" is a valid memory context. + *\li "keyp" is not NULL and "*keyp" is NULL. * * Returns: - * ISC_R_SUCCESS - * any other result indicates failure + *\li ISC_R_SUCCESS + * \li any other result indicates failure * * Ensures: - * If successful, *keyp will contain a valid key and be responsible for + *\li If successful, *keyp will contain a valid key and be responsible for * the context id. */ @@ -396,9 +426,10 @@ dst_key_generate(dns_name_t *name, unsigned int alg, unsigned int flags, unsigned int protocol, dns_rdataclass_t rdclass, isc_mem_t *mctx, dst_key_t **keyp); -/* +/*%< * Generate a DST key (or keypair) with the supplied parameters. The * interpretation of the "param" field depends on the algorithm: + * \code * RSA: exponent * 0 use exponent 3 * !0 use Fermat4 (2^16 + 1) @@ -410,66 +441,67 @@ dst_key_generate(dns_name_t *name, unsigned int alg, * HMACMD5: entropy * 0 default - require good entropy * !0 lack of good entropy is ok + *\endcode * * Requires: - * "name" is a valid absolute dns name. - * "keyp" is not NULL and "*keyp" is NULL. + *\li "name" is a valid absolute dns name. + *\li "keyp" is not NULL and "*keyp" is NULL. * * Returns: - * ISC_R_SUCCESS - * any other result indicates failure + *\li ISC_R_SUCCESS + * \li any other result indicates failure * * Ensures: - * If successful, *keyp will contain a valid key. + *\li If successful, *keyp will contain a valid key. */ isc_boolean_t dst_key_compare(const dst_key_t *key1, const dst_key_t *key2); -/* +/*%< * Compares two DST keys. * * Requires: - * "key1" is a valid key. - * "key2" is a valid key. + *\li "key1" is a valid key. + *\li "key2" is a valid key. * * Returns: - * ISC_TRUE - * ISC_FALSE + *\li ISC_TRUE + * \li ISC_FALSE */ isc_boolean_t dst_key_paramcompare(const dst_key_t *key1, const dst_key_t *key2); -/* +/*%< * Compares the parameters of two DST keys. This is used to determine if * two (Diffie-Hellman) keys can be used to derive a shared secret. * * Requires: - * "key1" is a valid key. - * "key2" is a valid key. + *\li "key1" is a valid key. + *\li "key2" is a valid key. * * Returns: - * ISC_TRUE - * ISC_FALSE + *\li ISC_TRUE + * \li ISC_FALSE */ void dst_key_free(dst_key_t **keyp); -/* +/*%< * Release all memory associated with the key. * * Requires: - * "keyp" is not NULL and "*keyp" is a valid key. + *\li "keyp" is not NULL and "*keyp" is a valid key. * * Ensures: - * All memory associated with "*keyp" will be freed. - * *keyp == NULL + *\li All memory associated with "*keyp" will be freed. + *\li *keyp == NULL */ -/* +/*%< * Accessor functions to obtain key fields. * * Require: - * "key" is a valid key. + *\li "key" is a valid key. */ dns_name_t * dst_key_name(const dst_key_t *key); @@ -504,65 +536,83 @@ dst_key_isnullkey(const dst_key_t *key); isc_result_t dst_key_buildfilename(const dst_key_t *key, int type, const char *directory, isc_buffer_t *out); -/* +/*%< * Generates the filename used by dst to store the specified key. * If directory is NULL, the current directory is assumed. * * Requires: - * "key" is a valid key - * "type" is either DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or 0 for no suffix. - * "out" is a valid buffer + *\li "key" is a valid key + *\li "type" is either DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or 0 for no suffix. + *\li "out" is a valid buffer * * Ensures: - * the file name will be written to "out", and the used pointer will + *\li the file name will be written to "out", and the used pointer will * be advanced. */ isc_result_t dst_key_sigsize(const dst_key_t *key, unsigned int *n); -/* +/*%< * Computes the size of a signature generated by the given key. * * Requires: - * "key" is a valid key. - * "n" is not NULL + *\li "key" is a valid key. + *\li "n" is not NULL * * Returns: - * ISC_R_SUCCESS - * DST_R_UNSUPPORTEDALG + *\li #ISC_R_SUCCESS + *\li DST_R_UNSUPPORTEDALG * * Ensures: - * "n" stores the size of a generated signature + *\li "n" stores the size of a generated signature */ isc_result_t dst_key_secretsize(const dst_key_t *key, unsigned int *n); -/* +/*%< * Computes the size of a shared secret generated by the given key. * * Requires: - * "key" is a valid key. - * "n" is not NULL + *\li "key" is a valid key. + *\li "n" is not NULL * * Returns: - * ISC_R_SUCCESS - * DST_R_UNSUPPORTEDALG + *\li #ISC_R_SUCCESS + *\li DST_R_UNSUPPORTEDALG * * Ensures: - * "n" stores the size of a generated shared secret + *\li "n" stores the size of a generated shared secret */ isc_uint16_t dst_region_computeid(const isc_region_t *source, unsigned int alg); -/* +/*%< * Computes the key id of the key stored in the provided region with the * given algorithm. * * Requires: - * "source" contains a valid, non-NULL region. + *\li "source" contains a valid, non-NULL region. * * Returns: - * the key id + *\li the key id + */ + +isc_uint16_t +dst_key_getbits(const dst_key_t *key); +/* + * Get the number of digest bits required (0 == MAX). + * + * Requires: + * "key" is a valid key. + */ + +void +dst_key_setbits(dst_key_t *key, isc_uint16_t bits); +/* + * Set the number of digest bits required (0 == MAX). + * + * Requires: + * "key" is a valid key. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/include/dst/gssapi.h b/usr.sbin/bind/lib/dns/include/dst/gssapi.h index 0ef4268d6bd..1e7d1049b8e 100644 --- a/usr.sbin/bind/lib/dns/include/dst/gssapi.h +++ b/usr.sbin/bind/lib/dns/include/dst/gssapi.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: gssapi.h,v 1.1.4.1 2004/12/09 04:07:20 marka Exp $ */ +/* $ISC: gssapi.h,v 1.1.6.3 2005/04/29 00:16:28 marka Exp $ */ #ifndef DST_GSSAPI_H #define DST_GSSAPI_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/types.h> diff --git a/usr.sbin/bind/lib/dns/include/dst/lib.h b/usr.sbin/bind/lib/dns/include/dst/lib.h index b4113a49ac1..01d64ab8414 100644 --- a/usr.sbin/bind/lib/dns/include/dst/lib.h +++ b/usr.sbin/bind/lib/dns/include/dst/lib.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lib.h,v 1.1.4.1 2004/12/09 04:07:20 marka Exp $ */ +/* $ISC: lib.h,v 1.1.6.3 2005/04/29 00:16:29 marka Exp $ */ #ifndef DST_LIB_H #define DST_LIB_H 1 +/*! \file */ + #include <isc/types.h> #include <isc/lang.h> diff --git a/usr.sbin/bind/lib/dns/include/dst/result.h b/usr.sbin/bind/lib/dns/include/dst/result.h index cabd7c233dd..1a7fb9f4723 100644 --- a/usr.sbin/bind/lib/dns/include/dst/result.h +++ b/usr.sbin/bind/lib/dns/include/dst/result.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: result.h,v 1.1.4.1 2004/12/09 04:07:20 marka Exp $ */ +/* $ISC: result.h,v 1.1.6.3 2005/04/29 00:16:29 marka Exp $ */ #ifndef DST_RESULT_H #define DST_RESULT_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/resultclass.h> diff --git a/usr.sbin/bind/lib/dns/journal.c b/usr.sbin/bind/lib/dns/journal.c index 813f0c97b89..d3a0d4e221d 100644 --- a/usr.sbin/bind/lib/dns/journal.c +++ b/usr.sbin/bind/lib/dns/journal.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,12 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: journal.c,v 1.77.2.1.10.13 2005/11/03 23:08:41 marka Exp $ */ +/* $ISC: journal.c,v 1.86.18.12 2007/09/07 05:21:41 marka Exp $ */ #include <config.h> #include <stdlib.h> #include <unistd.h> +#include <errno.h> #include <isc/file.h> #include <isc/mem.h> @@ -40,7 +41,44 @@ #include <dns/result.h> #include <dns/soa.h> -/* +/*! \file + * \brief Journalling. + * + * A journal file consists of + * + * \li A fixed-size header of type journal_rawheader_t. + * + * \li The index. This is an unordered array of index entries + * of type journal_rawpos_t giving the locations + * of some arbitrary subset of the journal's addressable + * transactions. The index entries are used as hints to + * speed up the process of locating a transaction with a given + * serial number. Unused index entries have an "offset" + * field of zero. The size of the index can vary between + * journal files, but does not change during the lifetime + * of a file. The size can be zero. + * + * \li The journal data. This consists of one or more transactions. + * Each transaction begins with a transaction header of type + * journal_rawxhdr_t. The transaction header is followed by a + * sequence of RRs, similar in structure to an IXFR difference + * sequence (RFC1995). That is, the pre-transaction SOA, + * zero or more other deleted RRs, the post-transaction SOA, + * and zero or more other added RRs. Unlike in IXFR, each RR + * is prefixed with a 32-bit length. + * + * The journal data part grows as new transactions are + * appended to the file. Only those transactions + * whose serial number is current-(2^31-1) to current + * are considered "addressable" and may be pointed + * to from the header or index. They may be preceded + * by old transactions that are no longer addressable, + * and they may be followed by transactions that were + * appended to the journal but never committed by updating + * the "end" position in the header. The latter will + * be overwritten when new transactions are added. + */ +/*% * When true, accept IXFR difference sequences where the * SOA serial number does not change (BIND 8 sends such * sequences). @@ -58,7 +96,7 @@ static isc_boolean_t bind8_compat = ISC_TRUE; /* XXX config */ #define JOURNAL_DEBUG_LOGARGS(n) \ JOURNAL_COMMON_LOGARGS, ISC_LOG_DEBUG(n) -/* +/*% * It would be non-sensical (or at least obtuse) to use FAIL() with an * ISC_R_SUCCESS code, but the test is there to keep the Solaris compiler * from complaining about "end-of-loop code not reached". @@ -134,55 +172,16 @@ dns_db_createsoatuple(dns_db_t *db, dns_dbversion_t *ver, isc_mem_t *mctx, return (result); } -/**************************************************************************/ -/* - * Journalling. - */ +/* Journalling */ -/* - * A journal file consists of - * - * - A fixed-size header of type journal_rawheader_t. - * - * - The index. This is an unordered array of index entries - * of type journal_rawpos_t giving the locations - * of some arbitrary subset of the journal's addressable - * transactions. The index entries are used as hints to - * speed up the process of locating a transaction with a given - * serial number. Unused index entries have an "offset" - * field of zero. The size of the index can vary between - * journal files, but does not change during the lifetime - * of a file. The size can be zero. - * - * - The journal data. This consists of one or more transactions. - * Each transaction begins with a transaction header of type - * journal_rawxhdr_t. The transaction header is followed by a - * sequence of RRs, similar in structure to an IXFR difference - * sequence (RFC1995). That is, the pre-transaction SOA, - * zero or more other deleted RRs, the post-transaction SOA, - * and zero or more other added RRs. Unlike in IXFR, each RR - * is prefixed with a 32-bit length. - * - * The journal data part grows as new transactions are - * appended to the file. Only those transactions - * whose serial number is current-(2^31-1) to current - * are considered "addressable" and may be pointed - * to from the header or index. They may be preceded - * by old transactions that are no longer addressable, - * and they may be followed by transactions that were - * appended to the journal but never committed by updating - * the "end" position in the header. The latter will - * be overwritten when new transactions are added. - */ - -/* +/*% * On-disk representation of a "pointer" to a journal entry. * These are used in the journal header to locate the beginning * and end of the journal, and in the journal index to locate * other transactions. */ typedef struct { - unsigned char serial[4]; /* SOA serial before update. */ + unsigned char serial[4]; /*%< SOA serial before update. */ /* * XXXRTH Should offset be 8 bytes? * XXXDCL ... probably, since isc_offset_t is 8 bytes on many OSs. @@ -190,54 +189,54 @@ typedef struct { * platforms as long as we are using fseek() rather * than lseek(). */ - unsigned char offset[4]; /* Offset from beginning of file. */ + unsigned char offset[4]; /*%< Offset from beginning of file. */ } journal_rawpos_t; -/* - * The on-disk representation of the journal header. - * All numbers are stored in big-endian order. - */ -/* +/*% * The header is of a fixed size, with some spare room for future * extensions. */ #define JOURNAL_HEADER_SIZE 64 /* Bytes. */ +/*% + * The on-disk representation of the journal header. + * All numbers are stored in big-endian order. + */ typedef union { struct { - /* File format version ID. */ + /*% File format version ID. */ unsigned char format[16]; - /* Position of the first addressable transaction */ + /*% Position of the first addressable transaction */ journal_rawpos_t begin; - /* Position of the next (yet nonexistent) transaction. */ + /*% Position of the next (yet nonexistent) transaction. */ journal_rawpos_t end; - /* Number of index entries following the header. */ + /*% Number of index entries following the header. */ unsigned char index_size[4]; } h; /* Pad the header to a fixed size. */ unsigned char pad[JOURNAL_HEADER_SIZE]; } journal_rawheader_t; -/* +/*% * The on-disk representation of the transaction header. * There is one of these at the beginning of each transaction. */ typedef struct { - unsigned char size[4]; /* In bytes, excluding header. */ - unsigned char serial0[4]; /* SOA serial before update. */ - unsigned char serial1[4]; /* SOA serial after update. */ + unsigned char size[4]; /*%< In bytes, excluding header. */ + unsigned char serial0[4]; /*%< SOA serial before update. */ + unsigned char serial1[4]; /*%< SOA serial after update. */ } journal_rawxhdr_t; -/* +/*% * The on-disk representation of the RR header. * There is one of these at the beginning of each RR. */ typedef struct { - unsigned char size[4]; /* In bytes, excluding header. */ + unsigned char size[4]; /*%< In bytes, excluding header. */ } journal_rawrrhdr_t; -/* +/*% * The in-core representation of the journal header. */ typedef struct { @@ -255,7 +254,7 @@ typedef struct { isc_uint32_t index_size; } journal_header_t; -/* +/*% * The in-core representation of the transaction header. */ @@ -265,7 +264,7 @@ typedef struct { isc_uint32_t serial1; } journal_xhdr_t; -/* +/*% * The in-core representation of the RR header. */ typedef struct { @@ -273,7 +272,7 @@ typedef struct { } journal_rrhdr_t; -/* +/*% * Initial contents to store in the header of a newly created * journal file. * @@ -297,40 +296,38 @@ typedef enum { } journal_state_t; struct dns_journal { - unsigned int magic; /* JOUR */ - isc_mem_t *mctx; /* Memory context */ + unsigned int magic; /*%< JOUR */ + isc_mem_t *mctx; /*%< Memory context */ journal_state_t state; - const char *filename; /* Journal file name */ - FILE * fp; /* File handle */ - isc_offset_t offset; /* Current file offset */ - journal_header_t header; /* In-core journal header */ - unsigned char *rawindex; /* In-core buffer for journal - index in on-disk format */ - journal_pos_t *index; /* In-core journal index */ - - /* Current transaction state (when writing). */ + const char *filename; /*%< Journal file name */ + FILE * fp; /*%< File handle */ + isc_offset_t offset; /*%< Current file offset */ + journal_header_t header; /*%< In-core journal header */ + unsigned char *rawindex; /*%< In-core buffer for journal index in on-disk format */ + journal_pos_t *index; /*%< In-core journal index */ + + /*% Current transaction state (when writing). */ struct { - unsigned int n_soa; /* Number of SOAs seen */ - journal_pos_t pos[2]; /* Begin/end position */ + unsigned int n_soa; /*%< Number of SOAs seen */ + journal_pos_t pos[2]; /*%< Begin/end position */ } x; - /* Iteration state (when reading). */ + /*% Iteration state (when reading). */ struct { /* These define the part of the journal we iterate over. */ - journal_pos_t bpos; /* Position before first, */ - journal_pos_t epos; /* and after last - transaction */ + journal_pos_t bpos; /*%< Position before first, */ + journal_pos_t epos; /*%< and after last transaction */ /* The rest is iterator state. */ - isc_uint32_t current_serial; /* Current SOA serial */ - isc_buffer_t source; /* Data from disk */ - isc_buffer_t target; /* Data from _fromwire check */ - dns_decompress_t dctx; /* Dummy decompression ctx */ - dns_name_t name; /* Current domain name */ - dns_rdata_t rdata; /* Current rdata */ - isc_uint32_t ttl; /* Current TTL */ - unsigned int xsize; /* Size of transaction data */ - unsigned int xpos; /* Current position in it */ - isc_result_t result; /* Result of last call */ + isc_uint32_t current_serial; /*%< Current SOA serial */ + isc_buffer_t source; /*%< Data from disk */ + isc_buffer_t target; /*%< Data from _fromwire check */ + dns_decompress_t dctx; /*%< Dummy decompression ctx */ + dns_name_t name; /*%< Current domain name */ + dns_rdata_t rdata; /*%< Current rdata */ + isc_uint32_t ttl; /*%< Current TTL */ + unsigned int xsize; /*%< Size of transaction data */ + unsigned int xpos; /*%< Current position in it */ + isc_result_t result; /*%< Result of last call */ } it; }; @@ -674,7 +671,23 @@ journal_open(isc_mem_t *mctx, const char *filename, isc_boolean_t write, isc_result_t dns_journal_open(isc_mem_t *mctx, const char *filename, isc_boolean_t write, dns_journal_t **journalp) { - return (journal_open(mctx, filename, write, write, journalp)); + isc_result_t result; + int namelen; + char backup[1024]; + + result = journal_open(mctx, filename, write, write, journalp); + if (result == ISC_R_NOTFOUND) { + namelen = strlen(filename); + if (namelen > 4 && strcmp(filename + namelen - 4, ".jnl") == 0) + namelen -= 4; + + result = isc_string_printf(backup, sizeof(backup), "%.*s.jbk", + namelen, filename); + if (result != ISC_R_SUCCESS) + return (result); + result = journal_open(mctx, backup, write, write, journalp); + } + return (result); } /* @@ -1616,6 +1629,8 @@ read_one_rr(dns_journal_t *j) { /* * Parse the rdata. */ + if (isc_buffer_remaininglength(&j->it.source) != rdlen) + FAIL(DNS_R_FORMERR); isc_buffer_setactive(&j->it.source, rdlen); dns_rdata_reset(&j->it.rdata); CHECK(dns_rdata_fromwire(&j->it.rdata, rdclass, @@ -1931,15 +1946,39 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, isc_uint32_t serial, journal_pos_t best_guess; journal_pos_t current_pos; dns_journal_t *j = NULL; + dns_journal_t *new = NULL; journal_rawheader_t rawheader; unsigned int copy_length; - unsigned int len; + int namelen; char *buf = NULL; unsigned int size = 0; isc_result_t result; unsigned int indexend; + char newname[1024]; + char backup[1024]; + isc_boolean_t is_backup = ISC_FALSE; - CHECK(journal_open(mctx, filename, ISC_TRUE, ISC_FALSE, &j)); + namelen = strlen(filename); + if (namelen > 4 && strcmp(filename + namelen - 4, ".jnl") == 0) + namelen -= 4; + + result = isc_string_printf(newname, sizeof(newname), "%.*s.jnw", + namelen, filename); + if (result != ISC_R_SUCCESS) + return (result); + + result = isc_string_printf(backup, sizeof(backup), "%.*s.jbk", + namelen, filename); + if (result != ISC_R_SUCCESS) + return (result); + + result = journal_open(mctx, filename, ISC_FALSE, ISC_FALSE, &j); + if (result == ISC_R_NOTFOUND) { + is_backup = ISC_TRUE; + result = journal_open(mctx, backup, ISC_FALSE, ISC_FALSE, &j); + } + if (result != ISC_R_SUCCESS) + return (result); if (JOURNAL_EMPTY(&j->header)) { dns_journal_destroy(&j); @@ -1967,6 +2006,8 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, isc_uint32_t serial, dns_journal_destroy(&j); return (ISC_R_SUCCESS); } + + CHECK(journal_open(mctx, newname, ISC_TRUE, ISC_TRUE, &new)); /* * Remove overhead so space test below can succeed. @@ -2007,47 +2048,12 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, isc_uint32_t serial, CHECK(journal_next(j, &best_guess)); /* - * Enough space to proceed? + * We should now be roughly half target_size provided + * we did not reach 'serial'. If not we will just copy + * all uncommitted deltas regardless of the size. */ - if ((isc_uint32_t) (j->header.end.offset - best_guess.offset) > - (isc_uint32_t) (best_guess.offset - indexend)) { - dns_journal_destroy(&j); - return (ISC_R_NOSPACE); - } - copy_length = j->header.end.offset - best_guess.offset; - /* - * Invalidate entire index, will be rebuilt at end. - */ - for (i = 0; i < j->header.index_size; i++) { - if (POS_VALID(j->index[i])) - POS_INVALIDATE(j->index[i]); - } - - /* - * Convert the index into on-disk format and write - * it to disk. - */ - CHECK(index_to_disk(j)); - CHECK(journal_fsync(j)); - - /* - * Update the journal header. - */ - if (copy_length == 0) { - j->header.begin.serial = 0; - j->header.end.serial = 0; - j->header.begin.offset = 0; - j->header.end.offset = 0; - } else { - j->header.begin = best_guess; - } - journal_header_encode(&j->header, &rawheader); - CHECK(journal_seek(j, 0)); - CHECK(journal_write(j, &rawheader, sizeof(rawheader))); - CHECK(journal_fsync(j)); - if (copy_length != 0) { /* * Copy best_guess to end into space just freed. @@ -2061,56 +2067,90 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, isc_uint32_t serial, goto failure; } + CHECK(journal_seek(j, best_guess.offset)); + CHECK(journal_seek(new, indexend)); for (i = 0; i < copy_length; i += size) { - len = (copy_length - i) > size ? size : + unsigned int len = (copy_length - i) > size ? size : (copy_length - i); - CHECK(journal_seek(j, best_guess.offset + i)); CHECK(journal_read(j, buf, len)); - CHECK(journal_seek(j, indexend + i)); - CHECK(journal_write(j, buf, len)); + CHECK(journal_write(new, buf, len)); } - CHECK(journal_fsync(j)); + CHECK(journal_fsync(new)); /* * Compute new header. */ - j->header.begin.offset = indexend; - j->header.end.offset = indexend + copy_length; + new->header.begin.serial = best_guess.serial; + new->header.begin.offset = indexend; + new->header.end.serial = j->header.end.serial; + new->header.end.offset = indexend + copy_length; + /* * Update the journal header. */ - journal_header_encode(&j->header, &rawheader); - CHECK(journal_seek(j, 0)); - CHECK(journal_write(j, &rawheader, sizeof(rawheader))); - CHECK(journal_fsync(j)); + journal_header_encode(&new->header, &rawheader); + CHECK(journal_seek(new, 0)); + CHECK(journal_write(new, &rawheader, sizeof(rawheader))); + CHECK(journal_fsync(new)); /* * Build new index. */ - current_pos = j->header.begin; - while (current_pos.serial != j->header.end.serial) { - index_add(j, ¤t_pos); - CHECK(journal_next(j, ¤t_pos)); + current_pos = new->header.begin; + while (current_pos.serial != new->header.end.serial) { + index_add(new, ¤t_pos); + CHECK(journal_next(new, ¤t_pos)); } /* * Write index. */ - CHECK(index_to_disk(j)); - CHECK(journal_fsync(j)); + CHECK(index_to_disk(new)); + CHECK(journal_fsync(new)); - indexend = j->header.end.offset; + indexend = new->header.end.offset; } + dns_journal_destroy(&new); + + /* + * With a UFS file system this should just succeed and be atomic. + * Any IXFR outs will just continue and the old journal will be + * removed on final close. + * + * With MSDOS / NTFS we need to do a two stage rename triggered + * bu EEXISTS. Hopefully all IXFR's that were active at the last + * rename are now complete. + */ + if (rename(newname, filename) == -1) { + if (errno == EACCES && !is_backup) { + result = isc_file_remove(backup); + if (result != ISC_R_SUCCESS && + result != ISC_R_FILENOTFOUND) + goto failure; + if (rename(filename, backup) == -1) + goto maperrno; + if (rename(newname, filename) == -1) + goto maperrno; + (void)isc_file_remove(backup); + } else { + maperrno: + result = ISC_R_FAILURE; + goto failure; + } + } + dns_journal_destroy(&j); - (void)isc_file_truncate(filename, (isc_offset_t)indexend); result = ISC_R_SUCCESS; failure: + (void)isc_file_remove(newname); if (buf != NULL) isc_mem_put(mctx, buf, size); if (j != NULL) dns_journal_destroy(&j); + if (new != NULL) + dns_journal_destroy(&new); return (result); } diff --git a/usr.sbin/bind/lib/dns/key.c b/usr.sbin/bind/lib/dns/key.c index e251ce6e29a..02a2eb01747 100644 --- a/usr.sbin/bind/lib/dns/key.c +++ b/usr.sbin/bind/lib/dns/key.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: key.c,v 1.1.4.3 2005/06/09 23:54:29 marka Exp $ */ +/* $ISC: key.c,v 1.1.6.6 2006/01/27 23:57:44 marka Exp $ */ #include <config.h> @@ -125,3 +125,23 @@ dst_key_isnullkey(const dst_key_t *key) { return (ISC_FALSE); return (ISC_TRUE); } + +void +dst_key_setbits(dst_key_t *key, isc_uint16_t bits) { + unsigned int maxbits; + REQUIRE(VALID_KEY(key)); + if (bits != 0) { + RUNTIME_CHECK(dst_key_sigsize(key, &maxbits) == ISC_R_SUCCESS); + maxbits *= 8; + REQUIRE(bits <= maxbits); + } + key->key_bits = bits; +} + +isc_uint16_t +dst_key_getbits(const dst_key_t *key) { + REQUIRE(VALID_KEY(key)); + return (key->key_bits); +} + +/*! \file */ diff --git a/usr.sbin/bind/lib/dns/keytable.c b/usr.sbin/bind/lib/dns/keytable.c index 73b38e723d6..e961c17158f 100644 --- a/usr.sbin/bind/lib/dns/keytable.c +++ b/usr.sbin/bind/lib/dns/keytable.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: keytable.c,v 1.26.12.5 2006/01/06 00:01:42 marka Exp $ */ +/* $ISC: keytable.c,v 1.28.18.4 2005/12/05 00:00:03 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -87,22 +89,12 @@ dns_keytable_create(isc_mem_t *mctx, dns_keytable_t **keytablep) { goto cleanup_keytable; result = isc_mutex_init(&keytable->lock); - if (result != ISC_R_SUCCESS) { - UNEXPECTED_ERROR(__FILE__, __LINE__, - "isc_mutex_init() failed: %s", - isc_result_totext(result)); - result = ISC_R_UNEXPECTED; + if (result != ISC_R_SUCCESS) goto cleanup_rbt; - } result = isc_rwlock_init(&keytable->rwlock, 0, 0); - if (result != ISC_R_SUCCESS) { - UNEXPECTED_ERROR(__FILE__, __LINE__, - "isc_rwlock_init() failed: %s", - isc_result_totext(result)); - result = ISC_R_UNEXPECTED; + if (result != ISC_R_SUCCESS) goto cleanup_lock; - } keytable->mctx = mctx; keytable->active_nodes = 0; diff --git a/usr.sbin/bind/lib/dns/lib.c b/usr.sbin/bind/lib/dns/lib.c index 345393324d2..0b6bd8941c7 100644 --- a/usr.sbin/bind/lib/dns/lib.c +++ b/usr.sbin/bind/lib/dns/lib.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lib.c,v 1.9.12.3 2004/03/08 09:04:30 marka Exp $ */ +/* $ISC: lib.c,v 1.11.18.3 2005/08/15 01:46:50 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -31,6 +33,7 @@ *** Globals ***/ +LIBDNS_EXTERNAL_DATA unsigned int dns_pps = 0U; LIBDNS_EXTERNAL_DATA isc_msgcat_t * dns_msgcat = NULL; diff --git a/usr.sbin/bind/lib/dns/lookup.c b/usr.sbin/bind/lib/dns/lookup.c index b54380e8f94..6a4251c5535 100644 --- a/usr.sbin/bind/lib/dns/lookup.c +++ b/usr.sbin/bind/lib/dns/lookup.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001, 2003 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lookup.c,v 1.9.12.7 2006/01/04 23:50:20 marka Exp $ */ +/* $ISC: lookup.c,v 1.14.18.7 2007/08/28 07:20:04 tbox Exp $ */ + +/*! \file */ #include <config.h> @@ -179,7 +181,7 @@ static void lookup_find(dns_lookup_t *lookup, dns_fetchevent_t *event) { isc_result_t result; isc_boolean_t want_restart; - isc_boolean_t send_event = ISC_FALSE; + isc_boolean_t send_event; dns_name_t *name, *fname, *prefix; dns_fixedname_t foundname, fixed; dns_rdata_t rdata = DNS_RDATA_INIT; @@ -199,6 +201,7 @@ lookup_find(dns_lookup_t *lookup, dns_fetchevent_t *event) { do { lookup->restarts++; want_restart = ISC_FALSE; + send_event = ISC_TRUE; if (event == NULL && !lookup->canceled) { dns_fixedname_init(&foundname); @@ -206,6 +209,15 @@ lookup_find(dns_lookup_t *lookup, dns_fetchevent_t *event) { INSIST(!dns_rdataset_isassociated(&lookup->rdataset)); INSIST(!dns_rdataset_isassociated (&lookup->sigrdataset)); + /* + * If we have restarted then clear the old node. */ + if (lookup->event->node != NULL) { + INSIST(lookup->event->db != NULL); + dns_db_detachnode(lookup->event->db, + &lookup->event->node); + } + if (lookup->event->db != NULL) + dns_db_detach(&lookup->event->db); result = view_find(lookup, fname); if (result == ISC_R_NOTFOUND) { /* @@ -220,8 +232,8 @@ lookup_find(dns_lookup_t *lookup, dns_fetchevent_t *event) { if (lookup->event->db != NULL) dns_db_detach(&lookup->event->db); result = start_fetch(lookup); - if (result != ISC_R_SUCCESS) - send_event = ISC_TRUE; + if (result == ISC_R_SUCCESS) + send_event = ISC_FALSE; goto done; } } else if (event != NULL) { @@ -242,7 +254,6 @@ lookup_find(dns_lookup_t *lookup, dns_fetchevent_t *event) { switch (result) { case ISC_R_SUCCESS: result = build_event(lookup); - send_event = ISC_TRUE; if (event == NULL) break; if (event->db != NULL) @@ -267,8 +278,10 @@ lookup_find(dns_lookup_t *lookup, dns_fetchevent_t *event) { break; result = dns_name_copy(&cname.cname, name, NULL); dns_rdata_freestruct(&cname); - if (result == ISC_R_SUCCESS) + if (result == ISC_R_SUCCESS) { want_restart = ISC_TRUE; + send_event = ISC_FALSE; + } break; case DNS_R_DNAME: namereln = dns_name_fullcompare(name, fname, &order, @@ -294,8 +307,10 @@ lookup_find(dns_lookup_t *lookup, dns_fetchevent_t *event) { result = dns_name_concatenate(prefix, &dname.dname, name, NULL); dns_rdata_freestruct(&dname); - if (result == ISC_R_SUCCESS) + if (result == ISC_R_SUCCESS) { want_restart = ISC_TRUE; + send_event = ISC_FALSE; + } break; default: send_event = ISC_TRUE; @@ -366,7 +381,6 @@ levent_destroy(isc_event_t *event) { isc_mem_put(mctx, event, event->ev_size); } - isc_result_t dns_lookup_create(isc_mem_t *mctx, dns_name_t *name, dns_rdatatype_t type, dns_view_t *view, unsigned int options, isc_task_t *task, diff --git a/usr.sbin/bind/lib/dns/nsec.c b/usr.sbin/bind/lib/dns/nsec.c index c2d82ab72f8..6b5b132669f 100644 --- a/usr.sbin/bind/lib/dns/nsec.c +++ b/usr.sbin/bind/lib/dns/nsec.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: nsec.c,v 1.5.2.1 2004/03/08 02:07:55 marka Exp $ */ +/* $ISC: nsec.c,v 1.5.20.2 2005/04/29 00:15:59 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/dns/openssl_link.c b/usr.sbin/bind/lib/dns/openssl_link.c index 10ba445e210..1bdecdc4f67 100644 --- a/usr.sbin/bind/lib/dns/openssl_link.c +++ b/usr.sbin/bind/lib/dns/openssl_link.c @@ -1,9 +1,9 @@ /* - * Portions Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1999-2003 Internet Software Consortium. * Portions Copyright (C) 1995-2000 by Network Associates, Inc. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -18,7 +18,7 @@ /* * Principal Author: Brian Wellington - * $ISC: openssl_link.c,v 1.1.4.3 2006/05/23 23:51:03 marka Exp $ + * $ISC: openssl_link.c,v 1.1.6.12 2007/08/28 07:20:04 tbox Exp $ */ #ifdef OPENSSL @@ -37,6 +37,8 @@ #include <openssl/err.h> #include <openssl/rand.h> +#include <openssl/evp.h> +#include <openssl/conf.h> #include <openssl/crypto.h> #if defined(CRYPTO_LOCK_ENGINE) && (OPENSSL_VERSION_NUMBER != 0x00907000L) @@ -132,6 +134,11 @@ isc_result_t dst__openssl_init() { isc_result_t result; +#ifdef DNS_CRYPTO_LEAKS + CRYPTO_malloc_debug_init(); + CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); +#endif CRYPTO_set_mem_functions(mem_alloc, mem_realloc, mem_free); nlocks = CRYPTO_num_locks(); locks = mem_alloc(sizeof(isc_mutex_t) * nlocks); @@ -171,6 +178,7 @@ dst__openssl_init() { mem_free(rm); #endif cleanup_mutexinit: + CRYPTO_set_locking_callback(NULL); DESTROYMUTEXBLOCK(locks, nlocks); cleanup_mutexalloc: mem_free(locks); @@ -179,6 +187,33 @@ dst__openssl_init() { void dst__openssl_destroy() { + + /* + * Sequence taken from apps_shutdown() in <apps/apps.h>. + */ +#if (OPENSSL_VERSION_NUMBER >= 0x00907000L) + CONF_modules_unload(1); +#endif + EVP_cleanup(); +#if defined(USE_ENGINE) && OPENSSL_VERSION_NUMBER >= 0x00907000L + ENGINE_cleanup(); +#endif +#if (OPENSSL_VERSION_NUMBER >= 0x00907000L) + CRYPTO_cleanup_all_ex_data(); +#endif + ERR_clear_error(); + ERR_free_strings(); + ERR_remove_state(0); + +#ifdef DNS_CRYPTO_LEAKS + CRYPTO_mem_leaks_fp(stderr); +#endif + +#if 0 + /* + * The old error sequence that leaked. Remove for 9.4.1 if + * there are no issues by then. + */ ERR_clear_error(); #ifdef USE_ENGINE if (e != NULL) { @@ -186,12 +221,18 @@ dst__openssl_destroy() { e = NULL; } #endif +#endif + if (rm != NULL) { +#if OPENSSL_VERSION_NUMBER >= 0x00907000L + RAND_cleanup(); +#endif + mem_free(rm); + } if (locks != NULL) { + CRYPTO_set_locking_callback(NULL); DESTROYMUTEXBLOCK(locks, nlocks); mem_free(locks); } - if (rm != NULL) - mem_free(rm); } isc_result_t @@ -217,3 +258,4 @@ dst__openssl_toresult(isc_result_t fallback) { EMPTY_TRANSLATION_UNIT #endif /* OPENSSL */ +/*! \file */ diff --git a/usr.sbin/bind/lib/dns/openssldh_link.c b/usr.sbin/bind/lib/dns/openssldh_link.c index 878d88108a1..d2b516581d8 100644 --- a/usr.sbin/bind/lib/dns/openssldh_link.c +++ b/usr.sbin/bind/lib/dns/openssldh_link.c @@ -1,9 +1,9 @@ /* - * Portions Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1999-2002 Internet Software Consortium. * Portions Copyright (C) 1995-2000 by Network Associates, Inc. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -18,7 +18,7 @@ /* * Principal Author: Brian Wellington - * $ISC: openssldh_link.c,v 1.1.4.3 2006/03/02 00:37:20 marka Exp $ + * $ISC: openssldh_link.c,v 1.1.6.10 2007/08/28 07:20:04 tbox Exp $ */ #ifdef OPENSSL @@ -138,81 +138,11 @@ openssldh_paramcompare(const dst_key_t *key1, const dst_key_t *key2) { return (ISC_TRUE); } -#ifndef HAVE_DH_GENERATE_PARAMETERS -/* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -static DH * -DH_generate_parameters(int prime_len, int generator, - void (*callback)(int,int,void *), void *cb_arg) -{ - BN_GENCB cb; - DH *dh = NULL; - - dh = DH_new(); - if (dh != NULL) { - BN_GENCB_set_old(&cb, callback, cb_arg); - - if (DH_generate_parameters_ex(dh, prime_len, generator, &cb)) - return (dh); - DH_free(dh); - } - return (NULL); -} -#endif - static isc_result_t openssldh_generate(dst_key_t *key, int generator) { +#if OPENSSL_VERSION_NUMBER > 0x00908000L + BN_GENCB cb; +#endif DH *dh = NULL; if (generator == 0) { @@ -222,7 +152,7 @@ openssldh_generate(dst_key_t *key, int generator) { { dh = DH_new(); if (dh == NULL) - return (ISC_R_NOMEMORY); + return (dst__openssl_toresult(ISC_R_NOMEMORY)); if (key->key_size == 768) dh->p = &bn768; else if (key->key_size == 1024) @@ -230,14 +160,28 @@ openssldh_generate(dst_key_t *key, int generator) { else dh->p = &bn1536; dh->g = &bn2; - } - else + } else generator = 2; } - if (generator != 0) + if (generator != 0) { +#if OPENSSL_VERSION_NUMBER > 0x00908000L + dh = DH_new(); + if (dh == NULL) + return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + + BN_GENCB_set_old(&cb, NULL, NULL); + + if (!DH_generate_parameters_ex(dh, key->key_size, generator, + &cb)) { + DH_free(dh); + return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + } +#else dh = DH_generate_parameters(key->key_size, generator, NULL, NULL); +#endif + } if (dh == NULL) return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); @@ -358,7 +302,7 @@ openssldh_fromdns(dst_key_t *key, isc_buffer_t *data) { dh = DH_new(); if (dh == NULL) - return (ISC_R_NOMEMORY); + return (dst__openssl_toresult(ISC_R_NOMEMORY)); dh->flags &= ~DH_FLAG_CACHE_MONT_P; /* @@ -637,11 +581,11 @@ openssldh_cleanup(void) { } static dst_func_t openssldh_functions = { - NULL, /* createctx */ - NULL, /* destroyctx */ - NULL, /* adddata */ - NULL, /* openssldh_sign */ - NULL, /* openssldh_verify */ + NULL, /*%< createctx */ + NULL, /*%< destroyctx */ + NULL, /*%< adddata */ + NULL, /*%< openssldh_sign */ + NULL, /*%< openssldh_verify */ openssldh_computesecret, openssldh_compare, openssldh_paramcompare, @@ -679,3 +623,4 @@ dst__openssldh_init(dst_func_t **funcp) { EMPTY_TRANSLATION_UNIT #endif /* OPENSSL */ +/*! \file */ diff --git a/usr.sbin/bind/lib/dns/opensslrsa_link.c b/usr.sbin/bind/lib/dns/opensslrsa_link.c index 35d62d85821..d19bd64e0a9 100644 --- a/usr.sbin/bind/lib/dns/opensslrsa_link.c +++ b/usr.sbin/bind/lib/dns/opensslrsa_link.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -17,7 +17,7 @@ /* * Principal Author: Brian Wellington - * $ISC: opensslrsa_link.c,v 1.1.4.9 2006/11/07 21:28:40 marka Exp $ + * $ISC: opensslrsa_link.c,v 1.1.6.11 2006/11/07 21:28:49 marka Exp $ */ #ifdef OPENSSL @@ -50,7 +50,7 @@ #ifdef WIN32 #if !((OPENSSL_VERSION_NUMBER >= 0x009070cfL && \ OPENSSL_VERSION_NUMBER < 0x00908000L) || \ - OPENSSL_VERSION_NUMBER >= 0x0090804fL) + OPENSSL_VERSION_NUMBER >= 0x0090804fL) #error Please upgrade OpenSSL to 0.9.8d/0.9.7l or greater. #endif #endif @@ -367,7 +367,7 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { e_bytes = BN_num_bytes(rsa->e); mod_bytes = BN_num_bytes(rsa->n); - if (e_bytes < 256) { /* key exponent is <= 2040 bits */ + if (e_bytes < 256) { /*%< key exponent is <= 2040 bits */ if (r.length < 1) return (ISC_R_NOSPACE); isc_buffer_putuint8(data, (isc_uint8_t) e_bytes); @@ -403,7 +403,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { rsa = RSA_new(); if (rsa == NULL) - return (ISC_R_NOMEMORY); + return (dst__openssl_toresult(ISC_R_NOMEMORY)); SET_FLAGS(rsa); if (r.length < 1) { @@ -598,9 +598,9 @@ static dst_func_t opensslrsa_functions = { opensslrsa_adddata, opensslrsa_sign, opensslrsa_verify, - NULL, /* computesecret */ + NULL, /*%< computesecret */ opensslrsa_compare, - NULL, /* paramcompare */ + NULL, /*%< paramcompare */ opensslrsa_generate, opensslrsa_isprivate, opensslrsa_destroy, @@ -608,7 +608,7 @@ static dst_func_t opensslrsa_functions = { opensslrsa_fromdns, opensslrsa_tofile, opensslrsa_parse, - NULL, /* cleanup */ + NULL, /*%< cleanup */ }; isc_result_t @@ -626,3 +626,4 @@ dst__opensslrsa_init(dst_func_t **funcp) { EMPTY_TRANSLATION_UNIT #endif /* OPENSSL */ +/*! \file */ diff --git a/usr.sbin/bind/lib/dns/order.c b/usr.sbin/bind/lib/dns/order.c index d8411798e22..8f79913a8a6 100644 --- a/usr.sbin/bind/lib/dns/order.c +++ b/usr.sbin/bind/lib/dns/order.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: order.c,v 1.4.202.4 2004/03/08 09:04:30 marka Exp $ */ +/* $ISC: order.c,v 1.5.18.3 2005/07/12 01:22:21 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -53,6 +55,8 @@ struct dns_order { isc_result_t dns_order_create(isc_mem_t *mctx, dns_order_t **orderp) { dns_order_t *order; + isc_result_t result; + REQUIRE(orderp != NULL && *orderp == NULL); order = isc_mem_get(mctx, sizeof(*order)); @@ -60,7 +64,13 @@ dns_order_create(isc_mem_t *mctx, dns_order_t **orderp) { return (ISC_R_NOMEMORY); ISC_LIST_INIT(order->ents); - isc_refcount_init(&order->references, 1); /* Implicit attach. */ + + /* Implicit attach. */ + result = isc_refcount_init(&order->references, 1); + if (result != ISC_R_SUCCESS) { + isc_mem_put(mctx, order, sizeof(*order)); + return (result); + } order->mctx = NULL; isc_mem_attach(mctx, &order->mctx); diff --git a/usr.sbin/bind/lib/dns/peer.c b/usr.sbin/bind/lib/dns/peer.c index b4b3d981037..df673b248b1 100644 --- a/usr.sbin/bind/lib/dns/peer.c +++ b/usr.sbin/bind/lib/dns/peer.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: peer.c,v 1.14.2.1.10.6 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: peer.c,v 1.19.18.8 2006/02/28 03:10:48 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -29,7 +31,7 @@ #include <dns/name.h> #include <dns/peer.h> -/* +/*% * Bit positions in the dns_peer_t structure flags field */ #define BOGUS_BIT 0 @@ -38,6 +40,8 @@ #define PROVIDE_IXFR_BIT 3 #define REQUEST_IXFR_BIT 4 #define SUPPORT_EDNS_BIT 5 +#define SERVER_UDPSIZE_BIT 6 +#define SERVER_MAXUDP_BIT 7 static void peerlist_delete(dns_peerlist_t **list); @@ -65,7 +69,6 @@ dns_peerlist_new(isc_mem_t *mem, dns_peerlist_t **list) { return (ISC_R_SUCCESS); } - void dns_peerlist_attach(dns_peerlist_t *source, dns_peerlist_t **target) { REQUIRE(DNS_PEERLIST_VALID(source)); @@ -130,7 +133,20 @@ dns_peerlist_addpeer(dns_peerlist_t *peers, dns_peer_t *peer) { dns_peer_attach(peer, &p); - ISC_LIST_APPEND(peers->elements, peer, next); + /* + * More specifics to front of list. + */ + for (p = ISC_LIST_HEAD(peers->elements); + p != NULL; + p = ISC_LIST_NEXT(p, next)) + if (p->prefixlen < peer->prefixlen) + break; + + if (p != NULL) + ISC_LIST_INSERTBEFORE(peers->elements, p, peer, next); + else + ISC_LIST_APPEND(peers->elements, peer, next); + } isc_result_t @@ -145,7 +161,8 @@ dns_peerlist_peerbyaddr(dns_peerlist_t *servers, server = ISC_LIST_HEAD(servers->elements); while (server != NULL) { - if (isc_netaddr_equal(addr, &server->address)) + if (isc_netaddr_eqprefix(addr, &server->address, + server->prefixlen)) break; server = ISC_LIST_NEXT(server, next); @@ -176,6 +193,27 @@ dns_peerlist_currpeer(dns_peerlist_t *peers, dns_peer_t **retval) { isc_result_t dns_peer_new(isc_mem_t *mem, isc_netaddr_t *addr, dns_peer_t **peerptr) { + unsigned int prefixlen = 0; + + REQUIRE(peerptr != NULL); + switch(addr->family) { + case AF_INET: + prefixlen = 32; + break; + case AF_INET6: + prefixlen = 128; + break; + default: + INSIST(0); + } + + return (dns_peer_newprefix(mem, addr, prefixlen, peerptr)); +} + +isc_result_t +dns_peer_newprefix(isc_mem_t *mem, isc_netaddr_t *addr, unsigned int prefixlen, + dns_peer_t **peerptr) +{ dns_peer_t *peer; REQUIRE(peerptr != NULL); @@ -186,6 +224,7 @@ dns_peer_new(isc_mem_t *mem, isc_netaddr_t *addr, dns_peer_t **peerptr) { peer->magic = DNS_PEER_MAGIC; peer->address = *addr; + peer->prefixlen = prefixlen; peer->mem = mem; peer->bogus = ISC_FALSE; peer->transfer_format = dns_one_answer; @@ -195,6 +234,8 @@ dns_peer_new(isc_mem_t *mem, isc_netaddr_t *addr, dns_peer_t **peerptr) { peer->key = NULL; peer->refs = 1; peer->transfer_source = NULL; + peer->notify_source = NULL; + peer->query_source = NULL; memset(&peer->bitflags, 0x0, sizeof(peer->bitflags)); @@ -522,3 +563,123 @@ dns_peer_gettransfersource(dns_peer_t *peer, isc_sockaddr_t *transfer_source) { *transfer_source = *peer->transfer_source; return (ISC_R_SUCCESS); } + +isc_result_t +dns_peer_setnotifysource(dns_peer_t *peer, + const isc_sockaddr_t *notify_source) +{ + REQUIRE(DNS_PEER_VALID(peer)); + + if (peer->notify_source != NULL) { + isc_mem_put(peer->mem, peer->notify_source, + sizeof(*peer->notify_source)); + peer->notify_source = NULL; + } + if (notify_source != NULL) { + peer->notify_source = isc_mem_get(peer->mem, + sizeof(*peer->notify_source)); + if (peer->notify_source == NULL) + return (ISC_R_NOMEMORY); + + *peer->notify_source = *notify_source; + } + return (ISC_R_SUCCESS); +} + +isc_result_t +dns_peer_getnotifysource(dns_peer_t *peer, isc_sockaddr_t *notify_source) { + REQUIRE(DNS_PEER_VALID(peer)); + REQUIRE(notify_source != NULL); + + if (peer->notify_source == NULL) + return (ISC_R_NOTFOUND); + *notify_source = *peer->notify_source; + return (ISC_R_SUCCESS); +} + +isc_result_t +dns_peer_setquerysource(dns_peer_t *peer, const isc_sockaddr_t *query_source) { + REQUIRE(DNS_PEER_VALID(peer)); + + if (peer->query_source != NULL) { + isc_mem_put(peer->mem, peer->query_source, + sizeof(*peer->query_source)); + peer->query_source = NULL; + } + if (query_source != NULL) { + peer->query_source = isc_mem_get(peer->mem, + sizeof(*peer->query_source)); + if (peer->query_source == NULL) + return (ISC_R_NOMEMORY); + + *peer->query_source = *query_source; + } + return (ISC_R_SUCCESS); +} + +isc_result_t +dns_peer_getquerysource(dns_peer_t *peer, isc_sockaddr_t *query_source) { + REQUIRE(DNS_PEER_VALID(peer)); + REQUIRE(query_source != NULL); + + if (peer->query_source == NULL) + return (ISC_R_NOTFOUND); + *query_source = *peer->query_source; + return (ISC_R_SUCCESS); +} + +isc_result_t +dns_peer_setudpsize(dns_peer_t *peer, isc_uint16_t udpsize) { + isc_boolean_t existed; + + REQUIRE(DNS_PEER_VALID(peer)); + + existed = DNS_BIT_CHECK(SERVER_UDPSIZE_BIT, &peer->bitflags); + + peer->udpsize = udpsize; + DNS_BIT_SET(SERVER_UDPSIZE_BIT, &peer->bitflags); + + return (existed ? ISC_R_EXISTS : ISC_R_SUCCESS); +} + +isc_result_t +dns_peer_getudpsize(dns_peer_t *peer, isc_uint16_t *udpsize) { + + REQUIRE(DNS_PEER_VALID(peer)); + REQUIRE(udpsize != NULL); + + if (DNS_BIT_CHECK(SERVER_UDPSIZE_BIT, &peer->bitflags)) { + *udpsize = peer->udpsize; + return (ISC_R_SUCCESS); + } else { + return (ISC_R_NOTFOUND); + } +} + +isc_result_t +dns_peer_setmaxudp(dns_peer_t *peer, isc_uint16_t maxudp) { + isc_boolean_t existed; + + REQUIRE(DNS_PEER_VALID(peer)); + + existed = DNS_BIT_CHECK(SERVER_MAXUDP_BIT, &peer->bitflags); + + peer->maxudp = maxudp; + DNS_BIT_SET(SERVER_MAXUDP_BIT, &peer->bitflags); + + return (existed ? ISC_R_EXISTS : ISC_R_SUCCESS); +} + +isc_result_t +dns_peer_getmaxudp(dns_peer_t *peer, isc_uint16_t *maxudp) { + + REQUIRE(DNS_PEER_VALID(peer)); + REQUIRE(maxudp != NULL); + + if (DNS_BIT_CHECK(SERVER_MAXUDP_BIT, &peer->bitflags)) { + *maxudp = peer->maxudp; + return (ISC_R_SUCCESS); + } else { + return (ISC_R_NOTFOUND); + } +} diff --git a/usr.sbin/bind/lib/dns/portlist.c b/usr.sbin/bind/lib/dns/portlist.c index 9e6332b4393..9a8de8ec9c9 100644 --- a/usr.sbin/bind/lib/dns/portlist.c +++ b/usr.sbin/bind/lib/dns/portlist.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: portlist.c,v 1.3.72.6 2006/08/25 05:25:50 marka Exp $ */ +/* $ISC: portlist.c,v 1.6.18.5 2006/08/25 05:25:51 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -81,12 +83,14 @@ dns_portlist_create(isc_mem_t *mctx, dns_portlist_t **portlistp) { result = isc_mutex_init(&portlist->lock); if (result != ISC_R_SUCCESS) { isc_mem_put(mctx, portlist, sizeof(*portlist)); - UNEXPECTED_ERROR(__FILE__, __LINE__, - "isc_mutex_init() failed: %s", - isc_result_totext(result)); - return (ISC_R_UNEXPECTED); + return (result); + } + result = isc_refcount_init(&portlist->refcount, 1); + if (result != ISC_R_SUCCESS) { + DESTROYLOCK(&portlist->lock); + isc_mem_put(mctx, portlist, sizeof(*portlist)); + return (result); } - isc_refcount_init(&portlist->refcount, 1); portlist->list = NULL; portlist->allocated = 0; portlist->active = 0; diff --git a/usr.sbin/bind/lib/dns/rbtdb.h b/usr.sbin/bind/lib/dns/rbtdb.h index 53ea305a0aa..d33ec618f9a 100644 --- a/usr.sbin/bind/lib/dns/rbtdb.h +++ b/usr.sbin/bind/lib/dns/rbtdb.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rbtdb.h,v 1.13.206.1 2004/03/06 08:13:42 marka Exp $ */ +/* $ISC: rbtdb.h,v 1.14.18.2 2005/04/29 00:16:02 marka Exp $ */ #ifndef DNS_RBTDB_H #define DNS_RBTDB_H 1 @@ -27,7 +27,8 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * DNS Red-Black Tree DB Implementation */ diff --git a/usr.sbin/bind/lib/dns/rbtdb64.c b/usr.sbin/bind/lib/dns/rbtdb64.c index 25bbdffc021..820f7634e67 100644 --- a/usr.sbin/bind/lib/dns/rbtdb64.c +++ b/usr.sbin/bind/lib/dns/rbtdb64.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rbtdb64.c,v 1.6.206.1 2004/03/06 08:13:42 marka Exp $ */ +/* $ISC: rbtdb64.c,v 1.7.18.2 2005/04/29 00:16:02 marka Exp $ */ + +/*! \file */ #define DNS_RBTDB_VERSION64 1 #include "rbtdb.c" diff --git a/usr.sbin/bind/lib/dns/rbtdb64.h b/usr.sbin/bind/lib/dns/rbtdb64.h index e156ea24857..e0e8d8bc2d2 100644 --- a/usr.sbin/bind/lib/dns/rbtdb64.h +++ b/usr.sbin/bind/lib/dns/rbtdb64.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rbtdb64.h,v 1.12.206.1 2004/03/06 08:13:43 marka Exp $ */ +/* $ISC: rbtdb64.h,v 1.13.18.2 2005/04/29 00:16:02 marka Exp $ */ #ifndef DNS_RBTDB64_H #define DNS_RBTDB64_H 1 @@ -26,7 +26,8 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * DNS Red-Black Tree DB Implementation with 64-bit version numbers */ diff --git a/usr.sbin/bind/lib/dns/rdata/any_255/tsig_250.h b/usr.sbin/bind/lib/dns/rdata/any_255/tsig_250.h index ca999d0be0f..2daa2af7beb 100644 --- a/usr.sbin/bind/lib/dns/rdata/any_255/tsig_250.h +++ b/usr.sbin/bind/lib/dns/rdata/any_255/tsig_250.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,13 +15,12 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: tsig_250.h,v 1.20.206.1 2004/03/06 08:14:02 marka Exp $ */ - -/* RFC 2845 */ +/* $ISC: tsig_250.h,v 1.21.18.2 2005/04/29 00:16:29 marka Exp $ */ #ifndef ANY_255_TSIG_250_H #define ANY_255_TSIG_250_H 1 +/*% RFC2845 */ typedef struct dns_rdata_any_tsig { dns_rdatacommon_t common; isc_mem_t * mctx; diff --git a/usr.sbin/bind/lib/dns/rdata/ch_3/a_1.c b/usr.sbin/bind/lib/dns/rdata/ch_3/a_1.c new file mode 100644 index 00000000000..7a09b436f40 --- /dev/null +++ b/usr.sbin/bind/lib/dns/rdata/ch_3/a_1.c @@ -0,0 +1,316 @@ +/* + * Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: a_1.c,v 1.2.2.3 2005/08/23 04:10:09 marka Exp $ */ + +/* by Bjorn.Victor@it.uu.se, 2005-05-07 */ +/* Based on generic/soa_6.c and generic/mx_15.c */ + +#ifndef RDATA_CH_3_A_1_C +#define RDATA_CH_3_A_1_C + +#include <isc/net.h> + +#define RRTYPE_A_ATTRIBUTES (0) + +static inline isc_result_t +fromtext_ch_a(ARGS_FROMTEXT) { + isc_token_t token; + dns_name_t name; + isc_buffer_t buffer; + + REQUIRE(type == 1); + REQUIRE(rdclass == dns_rdataclass_ch); /* 3 */ + + UNUSED(type); + UNUSED(callbacks); + + RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string, + ISC_FALSE)); + + /* get domain name */ + dns_name_init(&name, NULL); + buffer_fromregion(&buffer, &token.value.as_region); + origin = (origin != NULL) ? origin : dns_rootname; + RETTOK(dns_name_fromtext(&name, &buffer, origin, options, target)); + if ((options & DNS_RDATA_CHECKNAMES) != 0 && + (options & DNS_RDATA_CHECKREVERSE) != 0) { + isc_boolean_t ok; + ok = dns_name_ishostname(&name, ISC_FALSE); + if (!ok && (options & DNS_RDATA_CHECKNAMESFAIL) != 0) + RETTOK(DNS_R_BADNAME); + if (!ok && callbacks != NULL) + warn_badname(&name, lexer, callbacks); + } + + /* 16-bit octal address */ + RETERR(isc_lex_getoctaltoken(lexer, &token, ISC_FALSE)); + if (token.value.as_ulong > 0xffffU) + RETTOK(ISC_R_RANGE); + return (uint16_tobuffer(token.value.as_ulong, target)); +} + +static inline isc_result_t +totext_ch_a(ARGS_TOTEXT) { + isc_region_t region; + dns_name_t name; + dns_name_t prefix; + isc_boolean_t sub; + char buf[sizeof("0177777")]; + isc_uint16_t addr; + + REQUIRE(rdata->type == 1); + REQUIRE(rdata->rdclass == dns_rdataclass_ch); /* 3 */ + REQUIRE(rdata->length != 0); + + dns_name_init(&name, NULL); + dns_name_init(&prefix, NULL); + + dns_rdata_toregion(rdata, ®ion); + dns_name_fromregion(&name, ®ion); + isc_region_consume(®ion, name_length(&name)); + addr = uint16_fromregion(®ion); + + sub = name_prefix(&name, tctx->origin, &prefix); + RETERR(dns_name_totext(&prefix, sub, target)); + + sprintf(buf, "%o", addr); /* note octal */ + RETERR(str_totext(" ", target)); + return (str_totext(buf, target)); +} + +static inline isc_result_t +fromwire_ch_a(ARGS_FROMWIRE) { + isc_region_t sregion; + isc_region_t tregion; + dns_name_t name; + + REQUIRE(type == 1); + REQUIRE(rdclass == dns_rdataclass_ch); + + UNUSED(type); + UNUSED(rdclass); + + dns_decompress_setmethods(dctx, DNS_COMPRESS_GLOBAL14); + + dns_name_init(&name, NULL); + + RETERR(dns_name_fromwire(&name, source, dctx, options, target)); + + isc_buffer_activeregion(source, &sregion); + isc_buffer_availableregion(target, &tregion); + if (sregion.length < 2) + return (ISC_R_UNEXPECTEDEND); + if (tregion.length < 2) + return (ISC_R_NOSPACE); + + memcpy(tregion.base, sregion.base, 2); + isc_buffer_forward(source, 2); + isc_buffer_add(target, 2); + + return (ISC_R_SUCCESS); +} + +static inline isc_result_t +towire_ch_a(ARGS_TOWIRE) { + dns_name_t name; + dns_offsets_t offsets; + isc_region_t sregion; + isc_region_t tregion; + + REQUIRE(rdata->type == 1); + REQUIRE(rdata->rdclass == dns_rdataclass_ch); + REQUIRE(rdata->length != 0); + + dns_compress_setmethods(cctx, DNS_COMPRESS_GLOBAL14); + + dns_name_init(&name, offsets); + + dns_rdata_toregion(rdata, &sregion); + + dns_name_fromregion(&name, &sregion); + isc_region_consume(&sregion, name_length(&name)); + RETERR(dns_name_towire(&name, cctx, target)); + + isc_buffer_availableregion(target, &tregion); + if (tregion.length < 2) + return (ISC_R_NOSPACE); + + memcpy(tregion.base, sregion.base, 2); + isc_buffer_add(target, 2); + return (ISC_R_SUCCESS); +} + +static inline int +compare_ch_a(ARGS_COMPARE) { + dns_name_t name1; + dns_name_t name2; + isc_region_t region1; + isc_region_t region2; + int order; + + REQUIRE(rdata1->type == rdata2->type); + REQUIRE(rdata1->rdclass == rdata2->rdclass); + REQUIRE(rdata1->type == 1); + REQUIRE(rdata1->rdclass == dns_rdataclass_ch); + REQUIRE(rdata1->length != 0); + REQUIRE(rdata2->length != 0); + + dns_name_init(&name1, NULL); + dns_name_init(&name2, NULL); + + dns_rdata_toregion(rdata1, ®ion1); + dns_rdata_toregion(rdata2, ®ion2); + + dns_name_fromregion(&name1, ®ion1); + dns_name_fromregion(&name2, ®ion2); + isc_region_consume(®ion1, name_length(&name1)); + isc_region_consume(®ion2, name_length(&name2)); + + order = dns_name_rdatacompare(&name1, &name2); + if (order != 0) + return (order); + + order = memcmp(rdata1->data, rdata2->data, 2); + if (order != 0) + order = (order < 0) ? -1 : 1; + return (order); +} + +static inline isc_result_t +fromstruct_ch_a(ARGS_FROMSTRUCT) { + dns_rdata_ch_a_t *a = source; + isc_region_t region; + + REQUIRE(type == 1); + REQUIRE(source != NULL); + REQUIRE(a->common.rdtype == type); + REQUIRE(a->common.rdclass == rdclass); + + UNUSED(type); + UNUSED(rdclass); + + dns_name_toregion(&a->ch_addr_dom, ®ion); + RETERR(isc_buffer_copyregion(target, ®ion)); + + return (uint16_tobuffer(ntohs(a->ch_addr), target)); +} + +static inline isc_result_t +tostruct_ch_a(ARGS_TOSTRUCT) { + dns_rdata_ch_a_t *a = target; + isc_region_t region; + dns_name_t name; + + REQUIRE(rdata->type == 1); + REQUIRE(rdata->rdclass == dns_rdataclass_ch); + REQUIRE(rdata->length != 0); + + a->common.rdclass = rdata->rdclass; + a->common.rdtype = rdata->type; + ISC_LINK_INIT(&a->common, link); + + dns_rdata_toregion(rdata, ®ion); + + dns_name_init(&name, NULL); + dns_name_fromregion(&name, ®ion); + isc_region_consume(®ion, name_length(&name)); + + dns_name_init(&a->ch_addr_dom, NULL); + RETERR(name_duporclone(&name, mctx, &a->ch_addr_dom)); + a->ch_addr = htons(uint16_fromregion(®ion)); + a->mctx = mctx; + return (ISC_R_SUCCESS); +} + +static inline void +freestruct_ch_a(ARGS_FREESTRUCT) { + dns_rdata_ch_a_t *a = source; + + REQUIRE(source != NULL); + REQUIRE(a->common.rdtype == 1); + + if (a->mctx == NULL) + return; + + dns_name_free(&a->ch_addr_dom, a->mctx); + a->mctx = NULL; +} + +static inline isc_result_t +additionaldata_ch_a(ARGS_ADDLDATA) { + + REQUIRE(rdata->type == 1); + REQUIRE(rdata->rdclass == dns_rdataclass_ch); + + UNUSED(rdata); + UNUSED(add); + UNUSED(arg); + + return (ISC_R_SUCCESS); +} + +static inline isc_result_t +digest_ch_a(ARGS_DIGEST) { + isc_region_t r; + + dns_name_t name; + + REQUIRE(rdata->type == 1); + REQUIRE(rdata->rdclass == dns_rdataclass_ch); + + dns_rdata_toregion(rdata, &r); + dns_name_init(&name, NULL); + dns_name_fromregion(&name, &r); + isc_region_consume(&r, name_length(&name)); + RETERR(dns_name_digest(&name, digest, arg)); + return ((digest)(arg, &r)); +} + +static inline isc_boolean_t +checkowner_ch_a(ARGS_CHECKOWNER) { + + REQUIRE(type == 1); + REQUIRE(rdclass == dns_rdataclass_ch); + + UNUSED(type); + + return (dns_name_ishostname(name, wildcard)); +} + +static inline isc_boolean_t +checknames_ch_a(ARGS_CHECKNAMES) { + isc_region_t region; + dns_name_t name; + + REQUIRE(rdata->type == 1); + REQUIRE(rdata->rdclass == dns_rdataclass_ch); + + UNUSED(owner); + + dns_rdata_toregion(rdata, ®ion); + dns_name_init(&name, NULL); + dns_name_fromregion(&name, ®ion); + if (!dns_name_ishostname(&name, ISC_FALSE)) { + if (bad != NULL) + dns_name_clone(&name, bad); + return (ISC_FALSE); + } + + return (ISC_TRUE); +} + +#endif /* RDATA_CH_3_A_1_C */ diff --git a/usr.sbin/bind/lib/dns/rdata/ch_3/a_1.h b/usr.sbin/bind/lib/dns/rdata/ch_3/a_1.h new file mode 100644 index 00000000000..e4a907ba6bc --- /dev/null +++ b/usr.sbin/bind/lib/dns/rdata/ch_3/a_1.h @@ -0,0 +1,34 @@ +/* + * Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: a_1.h,v 1.2.2.2 2005/06/05 00:02:22 marka Exp $ */ + +/* by Bjorn.Victor@it.uu.se, 2005-05-07 */ +/* Based on generic/mx_15.h */ + +#ifndef CH_3_A_1_H +#define CH_3_A_1_H 1 + +typedef isc_uint16_t ch_addr_t; + +typedef struct dns_rdata_ch_a { + dns_rdatacommon_t common; + isc_mem_t *mctx; + dns_name_t ch_addr_dom; /* ch-addr domain for back mapping */ + ch_addr_t ch_addr; /* chaos address (16 bit) network order */ +} dns_rdata_ch_a_t; + +#endif /* CH_3_A_1_H */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/afsdb_18.h b/usr.sbin/bind/lib/dns/rdata/generic/afsdb_18.h index bbd1d2b19c0..7441f76cbd5 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/afsdb_18.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/afsdb_18.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_AFSDB_18_H #define GENERIC_AFSDB_18_H 1 -/* $ISC: afsdb_18.h,v 1.15.206.1 2004/03/06 08:14:03 marka Exp $ */ +/* $ISC: afsdb_18.h,v 1.16.18.2 2005/04/29 00:16:30 marka Exp $ */ -/* RFC 1183 */ +/*! + * \brief Per RFC1183 */ typedef struct dns_rdata_afsdb { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/cert_37.h b/usr.sbin/bind/lib/dns/rdata/generic/cert_37.h index 458adbc2869..9962bf47283 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/cert_37.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/cert_37.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,12 +15,12 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: cert_37.h,v 1.15.206.1 2004/03/06 08:14:03 marka Exp $ */ +/* $ISC: cert_37.h,v 1.16.18.2 2005/04/29 00:16:31 marka Exp $ */ -/* RFC 2538 */ #ifndef GENERIC_CERT_37_H #define GENERIC_CERT_37_H 1 +/*% RFC2538 */ typedef struct dns_rdata_cert { dns_rdatacommon_t common; isc_mem_t *mctx; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/cname_5.c b/usr.sbin/bind/lib/dns/rdata/generic/cname_5.c index 870234dfd96..575d46faada 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/cname_5.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/cname_5.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: cname_5.c,v 1.43.206.2 2004/03/06 08:14:03 marka Exp $ */ +/* $ISC: cname_5.c,v 1.45 2004/03/05 05:10:10 marka Exp $ */ /* reviewed: Wed Mar 15 16:48:45 PST 2000 by brister */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/cname_5.h b/usr.sbin/bind/lib/dns/rdata/generic/cname_5.h index 35feb2a70c4..14e4551c413 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/cname_5.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/cname_5.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: cname_5.h,v 1.23.206.1 2004/03/06 08:14:04 marka Exp $ */ +/* $ISC: cname_5.h,v 1.24 2004/03/05 05:10:10 marka Exp $ */ #ifndef GENERIC_CNAME_5_H #define GENERIC_CNAME_5_H 1 diff --git a/usr.sbin/bind/lib/dns/rdata/generic/dlv_32769.h b/usr.sbin/bind/lib/dns/rdata/generic/dlv_32769.h index 2db63241524..654d63bf865 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/dlv_32769.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/dlv_32769.h @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dlv_32769.h,v 1.2.4.2 2006/02/19 06:50:46 marka Exp $ */ +/* $ISC: dlv_32769.h,v 1.2.2.2 2006/02/19 06:50:47 marka Exp $ */ /* draft-ietf-dnsext-delegation-signer-05.txt */ #ifndef GENERIC_DLV_32769_H diff --git a/usr.sbin/bind/lib/dns/rdata/generic/dname_39.c b/usr.sbin/bind/lib/dns/rdata/generic/dname_39.c index ee8eebf0da3..194e582aa89 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/dname_39.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/dname_39.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dname_39.c,v 1.34.206.2 2004/03/06 08:14:04 marka Exp $ */ +/* $ISC: dname_39.c,v 1.36 2004/03/05 05:10:10 marka Exp $ */ /* Reviewed: Wed Mar 15 16:52:38 PST 2000 by explorer */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/dname_39.h b/usr.sbin/bind/lib/dns/rdata/generic/dname_39.h index beeac809d1b..9ad469d428f 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/dname_39.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/dname_39.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_DNAME_39_H #define GENERIC_DNAME_39_H 1 -/* $ISC: dname_39.h,v 1.16.206.1 2004/03/06 08:14:04 marka Exp $ */ +/* $ISC: dname_39.h,v 1.17.18.2 2005/04/29 00:16:31 marka Exp $ */ -/* RFC2672 */ +/*! + * \brief per RFC2672 */ typedef struct dns_rdata_dname { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/dnskey_48.h b/usr.sbin/bind/lib/dns/rdata/generic/dnskey_48.h index a998c178762..675574728c0 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/dnskey_48.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/dnskey_48.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_DNSKEY_48_H #define GENERIC_DNSKEY_48_H 1 -/* $ISC: dnskey_48.h,v 1.3.2.1 2004/03/08 02:08:02 marka Exp $ */ +/* $ISC: dnskey_48.h,v 1.3.20.2 2005/04/29 00:16:32 marka Exp $ */ -/* RFC 2535 */ +/*! + * \brief per RFC2535 */ typedef struct dns_rdata_dnskey { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/ds_43.h b/usr.sbin/bind/lib/dns/rdata/generic/ds_43.h index 29c4a436975..bff736c27c8 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/ds_43.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/ds_43.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,12 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ds_43.h,v 1.3.2.1 2004/03/08 02:08:03 marka Exp $ */ +/* $ISC: ds_43.h,v 1.3.20.2 2005/04/29 00:16:32 marka Exp $ */ -/* draft-ietf-dnsext-delegation-signer-05.txt */ #ifndef GENERIC_DS_43_H #define GENERIC_DS_43_H 1 +/*! + * \brief per draft-ietf-dnsext-delegation-signer-05.txt */ typedef struct dns_rdata_ds { dns_rdatacommon_t common; isc_mem_t *mctx; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/gpos_27.c b/usr.sbin/bind/lib/dns/rdata/generic/gpos_27.c index e967b98cfe9..b0fef835f5d 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/gpos_27.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/gpos_27.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: gpos_27.c,v 1.32.12.5 2004/03/08 09:04:40 marka Exp $ */ +/* $ISC: gpos_27.c,v 1.37.18.2 2005/04/29 00:16:32 marka Exp $ */ /* reviewed: Wed Mar 15 16:48:45 PST 2000 by brister */ -/* RFC 1712 */ +/* RFC1712 */ #ifndef RDATA_GENERIC_GPOS_27_C #define RDATA_GENERIC_GPOS_27_C diff --git a/usr.sbin/bind/lib/dns/rdata/generic/gpos_27.h b/usr.sbin/bind/lib/dns/rdata/generic/gpos_27.h index ecd285bb131..d607baa18eb 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/gpos_27.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/gpos_27.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_GPOS_27_H #define GENERIC_GPOS_27_H 1 -/* $ISC: gpos_27.h,v 1.12.206.1 2004/03/06 08:14:04 marka Exp $ */ +/* $ISC: gpos_27.h,v 1.13.18.2 2005/04/29 00:16:32 marka Exp $ */ -/* RFC 1712 */ +/*! + * \brief per RFC1712 */ typedef struct dns_rdata_gpos { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/hinfo_13.c b/usr.sbin/bind/lib/dns/rdata/generic/hinfo_13.c index c6208c7262c..62bba593576 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/hinfo_13.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/hinfo_13.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: hinfo_13.c,v 1.37.12.5 2004/03/08 09:04:40 marka Exp $ */ +/* $ISC: hinfo_13.c,v 1.42 2004/03/05 05:10:11 marka Exp $ */ /* * Reviewed: Wed Mar 15 16:47:10 PST 2000 by halley. diff --git a/usr.sbin/bind/lib/dns/rdata/generic/hinfo_13.h b/usr.sbin/bind/lib/dns/rdata/generic/hinfo_13.h index 5f741adff52..9df9c26caf2 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/hinfo_13.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/hinfo_13.h @@ -18,7 +18,7 @@ #ifndef GENERIC_HINFO_13_H #define GENERIC_HINFO_13_H 1 -/* $ISC: hinfo_13.h,v 1.22.206.1 2004/03/06 08:14:05 marka Exp $ */ +/* $ISC: hinfo_13.h,v 1.23 2004/03/05 05:10:12 marka Exp $ */ typedef struct dns_rdata_hinfo { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/ipseckey_45.c b/usr.sbin/bind/lib/dns/rdata/generic/ipseckey_45.c new file mode 100644 index 00000000000..6c30dea9772 --- /dev/null +++ b/usr.sbin/bind/lib/dns/rdata/generic/ipseckey_45.c @@ -0,0 +1,462 @@ +/* + * Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: ipseckey_45.c,v 1.2.2.1 2005/07/07 03:17:36 marka Exp $ */ + +#ifndef RDATA_GENERIC_IPSECKEY_45_C +#define RDATA_GENERIC_IPSECKEY_45_C + +#include <string.h> + +#include <isc/net.h> + +#define RRTYPE_IPSECKEY_ATTRIBUTES (0) + +static inline isc_result_t +fromtext_ipseckey(ARGS_FROMTEXT) { + isc_token_t token; + dns_name_t name; + isc_buffer_t buffer; + unsigned int gateway; + struct in_addr addr; + unsigned char addr6[16]; + isc_region_t region; + + REQUIRE(type == 45); + + UNUSED(type); + UNUSED(rdclass); + UNUSED(callbacks); + + /* + * Precedence. + */ + RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number, + ISC_FALSE)); + if (token.value.as_ulong > 0xffU) + RETTOK(ISC_R_RANGE); + RETERR(uint8_tobuffer(token.value.as_ulong, target)); + + /* + * Gateway type. + */ + RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number, + ISC_FALSE)); + if (token.value.as_ulong > 0x3U) + RETTOK(ISC_R_RANGE); + RETERR(uint8_tobuffer(token.value.as_ulong, target)); + gateway = token.value.as_ulong; + + /* + * Algorithm. + */ + RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number, + ISC_FALSE)); + if (token.value.as_ulong > 0xffU) + RETTOK(ISC_R_RANGE); + RETERR(uint8_tobuffer(token.value.as_ulong, target)); + + /* + * Gateway. + */ + RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_string, + ISC_FALSE)); + + switch (gateway) { + case 0: + if (strcmp(DNS_AS_STR(token), ".") != 0) + RETTOK(DNS_R_SYNTAX); + break; + + case 1: + if (getquad(DNS_AS_STR(token), &addr, lexer, callbacks) != 1) + RETTOK(DNS_R_BADDOTTEDQUAD); + isc_buffer_availableregion(target, ®ion); + if (region.length < 4) + return (ISC_R_NOSPACE); + memcpy(region.base, &addr, 4); + isc_buffer_add(target, 4); + break; + + case 2: + if (inet_pton(AF_INET6, DNS_AS_STR(token), addr6) != 1) + RETTOK(DNS_R_BADAAAA); + isc_buffer_availableregion(target, ®ion); + if (region.length < 16) + return (ISC_R_NOSPACE); + memcpy(region.base, addr6, 16); + isc_buffer_add(target, 16); + break; + + case 3: + dns_name_init(&name, NULL); + buffer_fromregion(&buffer, &token.value.as_region); + origin = (origin != NULL) ? origin : dns_rootname; + RETTOK(dns_name_fromtext(&name, &buffer, origin, + options, target)); + break; + } + + /* + * Public key. + */ + return (isc_base64_tobuffer(lexer, target, -1)); +} + +static inline isc_result_t +totext_ipseckey(ARGS_TOTEXT) { + isc_region_t region; + dns_name_t name; + dns_name_t prefix; + isc_boolean_t sub; + char buf[sizeof("255 ")]; + unsigned short num; + unsigned short gateway; + + REQUIRE(rdata->type == 45); + REQUIRE(rdata->length >= 3); + + dns_name_init(&name, NULL); + dns_name_init(&prefix, NULL); + + if (rdata->data[1] > 3U) + return (ISC_R_NOTIMPLEMENTED); + + if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) + RETERR(str_totext("( ", target)); + + /* + * Precendence. + */ + dns_rdata_toregion(rdata, ®ion); + num = uint8_fromregion(®ion); + isc_region_consume(®ion, 1); + sprintf(buf, "%u ", num); + RETERR(str_totext(buf, target)); + + /* + * Gateway type. + */ + gateway = uint8_fromregion(®ion); + isc_region_consume(®ion, 1); + sprintf(buf, "%u ", gateway); + RETERR(str_totext(buf, target)); + + /* + * Algorithm. + */ + num = uint8_fromregion(®ion); + isc_region_consume(®ion, 1); + sprintf(buf, "%u ", num); + RETERR(str_totext(buf, target)); + + /* + * Gateway. + */ + switch (gateway) { + case 0: + RETERR(str_totext(".", target)); + break; + + case 1: + RETERR(inet_totext(AF_INET, ®ion, target)); + isc_region_consume(®ion, 4); + break; + + case 2: + RETERR(inet_totext(AF_INET6, ®ion, target)); + isc_region_consume(®ion, 16); + break; + + case 3: + dns_name_fromregion(&name, ®ion); + sub = name_prefix(&name, tctx->origin, &prefix); + RETERR(dns_name_totext(&prefix, sub, target)); + isc_region_consume(®ion, name_length(&name)); + break; + } + + /* + * Key. + */ + if (region.length > 0U) { + RETERR(str_totext(tctx->linebreak, target)); + RETERR(isc_base64_totext(®ion, tctx->width - 2, + tctx->linebreak, target)); + } + + if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) + RETERR(str_totext(" )", target)); + return (ISC_R_SUCCESS); +} + +static inline isc_result_t +fromwire_ipseckey(ARGS_FROMWIRE) { + dns_name_t name; + isc_region_t region; + + REQUIRE(type == 45); + + UNUSED(type); + UNUSED(rdclass); + + dns_decompress_setmethods(dctx, DNS_COMPRESS_NONE); + + dns_name_init(&name, NULL); + + isc_buffer_activeregion(source, ®ion); + if (region.length < 3) + return (ISC_R_UNEXPECTEDEND); + + switch (region.base[1]) { + case 0: + isc_buffer_forward(source, region.length); + return (mem_tobuffer(target, region.base, region.length)); + + case 1: + if (region.length < 7) + return (ISC_R_UNEXPECTEDEND); + isc_buffer_forward(source, region.length); + return (mem_tobuffer(target, region.base, region.length)); + + case 2: + if (region.length < 19) + return (ISC_R_UNEXPECTEDEND); + isc_buffer_forward(source, region.length); + return (mem_tobuffer(target, region.base, region.length)); + + case 3: + RETERR(mem_tobuffer(target, region.base, 3)); + isc_buffer_forward(source, 3); + RETERR(dns_name_fromwire(&name, source, dctx, options, target)); + isc_buffer_activeregion(source, ®ion); + return(mem_tobuffer(target, region.base, region.length)); + + default: + return (ISC_R_NOTIMPLEMENTED); + } +} + +static inline isc_result_t +towire_ipseckey(ARGS_TOWIRE) { + isc_region_t region; + + REQUIRE(rdata->type == 45); + REQUIRE(rdata->length != 0); + + UNUSED(cctx); + + dns_rdata_toregion(rdata, ®ion); + return (mem_tobuffer(target, region.base, region.length)); +} + +static inline int +compare_ipseckey(ARGS_COMPARE) { + isc_region_t region1; + isc_region_t region2; + + REQUIRE(rdata1->type == rdata2->type); + REQUIRE(rdata1->rdclass == rdata2->rdclass); + REQUIRE(rdata1->type == 45); + REQUIRE(rdata1->length >= 3); + REQUIRE(rdata2->length >= 3); + + dns_rdata_toregion(rdata1, ®ion1); + dns_rdata_toregion(rdata2, ®ion2); + + return (isc_region_compare(®ion1, ®ion2)); +} + +static inline isc_result_t +fromstruct_ipseckey(ARGS_FROMSTRUCT) { + dns_rdata_ipseckey_t *ipseckey = source; + isc_region_t region; + isc_uint32_t n; + + REQUIRE(type == 45); + REQUIRE(source != NULL); + REQUIRE(ipseckey->common.rdtype == type); + REQUIRE(ipseckey->common.rdclass == rdclass); + + UNUSED(type); + UNUSED(rdclass); + + if (ipseckey->gateway_type > 3U) + return (ISC_R_NOTIMPLEMENTED); + + RETERR(uint8_tobuffer(ipseckey->precedence, target)); + RETERR(uint8_tobuffer(ipseckey->gateway_type, target)); + RETERR(uint8_tobuffer(ipseckey->algorithm, target)); + + switch (ipseckey->gateway_type) { + case 0: + break; + + case 1: + n = ntohl(ipseckey->in_addr.s_addr); + RETERR(uint32_tobuffer(n, target)); + break; + + case 2: + RETERR(mem_tobuffer(target, ipseckey->in6_addr.s6_addr, 16)); + break; + + case 3: + dns_name_toregion(&ipseckey->gateway, ®ion); + RETERR(isc_buffer_copyregion(target, ®ion)); + break; + } + + return (mem_tobuffer(target, ipseckey->key, ipseckey->keylength)); +} + +static inline isc_result_t +tostruct_ipseckey(ARGS_TOSTRUCT) { + isc_region_t region; + dns_rdata_ipseckey_t *ipseckey = target; + dns_name_t name; + isc_uint32_t n; + + REQUIRE(rdata->type == 45); + REQUIRE(target != NULL); + REQUIRE(rdata->length >= 3); + + if (rdata->data[1] > 3U) + return (ISC_R_NOTIMPLEMENTED); + + ipseckey->common.rdclass = rdata->rdclass; + ipseckey->common.rdtype = rdata->type; + ISC_LINK_INIT(&ipseckey->common, link); + + dns_name_init(&name, NULL); + dns_rdata_toregion(rdata, ®ion); + + ipseckey->precedence = uint8_fromregion(®ion); + isc_region_consume(®ion, 1); + + ipseckey->gateway_type = uint8_fromregion(®ion); + isc_region_consume(®ion, 1); + + ipseckey->algorithm = uint8_fromregion(®ion); + isc_region_consume(®ion, 1); + + switch (ipseckey->gateway_type) { + case 0: + break; + + case 1: + n = uint32_fromregion(®ion); + ipseckey->in_addr.s_addr = htonl(n); + isc_region_consume(®ion, 4); + break; + + case 2: + memcpy(ipseckey->in6_addr.s6_addr, region.base, 16); + isc_region_consume(®ion, 16); + break; + + case 3: + dns_name_init(&ipseckey->gateway, NULL); + dns_name_fromregion(&name, ®ion); + RETERR(name_duporclone(&name, mctx, &ipseckey->gateway)); + isc_region_consume(®ion, name_length(&name)); + break; + } + + ipseckey->keylength = region.length; + if (ipseckey->keylength != 0U) { + ipseckey->key = mem_maybedup(mctx, region.base, + ipseckey->keylength); + if (ipseckey->key == NULL) { + if (ipseckey->gateway_type == 3) + dns_name_free(&ipseckey->gateway, + ipseckey->mctx); + return (ISC_R_NOMEMORY); + } + } else + ipseckey->key = NULL; + + ipseckey->mctx = mctx; + return (ISC_R_SUCCESS); +} + +static inline void +freestruct_ipseckey(ARGS_FREESTRUCT) { + dns_rdata_ipseckey_t *ipseckey = source; + + REQUIRE(source != NULL); + REQUIRE(ipseckey->common.rdtype == 45); + + if (ipseckey->mctx == NULL) + return; + + if (ipseckey->gateway_type == 3) + dns_name_free(&ipseckey->gateway, ipseckey->mctx); + + if (ipseckey->key != NULL) + isc_mem_free(ipseckey->mctx, ipseckey->key); + + ipseckey->mctx = NULL; +} + +static inline isc_result_t +additionaldata_ipseckey(ARGS_ADDLDATA) { + + REQUIRE(rdata->type == 45); + + UNUSED(rdata); + UNUSED(add); + UNUSED(arg); + + return (ISC_R_SUCCESS); +} + +static inline isc_result_t +digest_ipseckey(ARGS_DIGEST) { + isc_region_t region; + + REQUIRE(rdata->type == 45); + + dns_rdata_toregion(rdata, ®ion); + return ((digest)(arg, ®ion)); +} + +static inline isc_boolean_t +checkowner_ipseckey(ARGS_CHECKOWNER) { + + REQUIRE(type == 45); + + UNUSED(name); + UNUSED(type); + UNUSED(rdclass); + UNUSED(wildcard); + + return (ISC_TRUE); +} + +static inline isc_boolean_t +checknames_ipseckey(ARGS_CHECKNAMES) { + + REQUIRE(rdata->type == 45); + + UNUSED(rdata); + UNUSED(owner); + UNUSED(bad); + + return (ISC_TRUE); +} + +#endif /* RDATA_GENERIC_IPSECKEY_45_C */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/ipseckey_45.h b/usr.sbin/bind/lib/dns/rdata/generic/ipseckey_45.h new file mode 100644 index 00000000000..a3f76f8f26a --- /dev/null +++ b/usr.sbin/bind/lib/dns/rdata/generic/ipseckey_45.h @@ -0,0 +1,35 @@ +/* + * Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: ipseckey_45.h,v 1.2.2.1 2005/07/07 03:17:36 marka Exp $ */ + +#ifndef GENERIC_IPSECKEY_45_H +#define GENERIC_IPSECKEY_45_H 1 + +typedef struct dns_rdata_ipseckey { + dns_rdatacommon_t common; + isc_mem_t *mctx; + isc_uint8_t precedence; + isc_uint8_t gateway_type; + isc_uint8_t algorithm; + struct in_addr in_addr; /* gateway type 1 */ + struct in6_addr in6_addr; /* gateway type 2 */ + dns_name_t gateway; /* gateway type 3 */ + unsigned char *key; + isc_uint16_t keylength; +} dns_rdata_ipseckey_t; + +#endif /* GENERIC_IPSECKEY_45_H */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/isdn_20.c b/usr.sbin/bind/lib/dns/rdata/generic/isdn_20.c index 30c66f98d1e..182565cb905 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/isdn_20.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/isdn_20.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: isdn_20.c,v 1.30.12.4 2004/03/08 09:04:41 marka Exp $ */ +/* $ISC: isdn_20.c,v 1.34.18.2 2005/04/29 00:16:33 marka Exp $ */ /* Reviewed: Wed Mar 15 16:53:11 PST 2000 by bwelling */ -/* RFC 1183 */ +/* RFC1183 */ #ifndef RDATA_GENERIC_ISDN_20_C #define RDATA_GENERIC_ISDN_20_C diff --git a/usr.sbin/bind/lib/dns/rdata/generic/isdn_20.h b/usr.sbin/bind/lib/dns/rdata/generic/isdn_20.h index c8060cd5a2c..a632e875476 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/isdn_20.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/isdn_20.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_ISDN_20_H #define GENERIC_ISDN_20_H 1 -/* $ISC: isdn_20.h,v 1.13.206.1 2004/03/06 08:14:05 marka Exp $ */ +/* $ISC: isdn_20.h,v 1.14.18.2 2005/04/29 00:16:33 marka Exp $ */ -/* RFC 1183 */ +/*! + * \brief Per RFC1183 */ typedef struct dns_rdata_isdn { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/key_25.h b/usr.sbin/bind/lib/dns/rdata/generic/key_25.h index 0434ce599df..1848411b16f 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/key_25.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/key_25.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_KEY_25_H #define GENERIC_KEY_25_H 1 -/* $ISC: key_25.h,v 1.14.206.1 2004/03/06 08:14:06 marka Exp $ */ +/* $ISC: key_25.h,v 1.15.18.2 2005/04/29 00:16:33 marka Exp $ */ -/* RFC 2535 */ +/*! + * \brief Per RFC2535 */ typedef struct dns_rdata_key_t { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/loc_29.h b/usr.sbin/bind/lib/dns/rdata/generic/loc_29.h index c3657bf14ba..f68de6fba0f 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/loc_29.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/loc_29.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_LOC_29_H #define GENERIC_LOC_29_H 1 -/* $ISC: loc_29.h,v 1.14.206.1 2004/03/06 08:14:06 marka Exp $ */ +/* $ISC: loc_29.h,v 1.15.18.2 2005/04/29 00:16:34 marka Exp $ */ -/* RFC 1876 */ +/*! + * \brief Per RFC1876 */ typedef struct dns_rdata_loc_0 { isc_uint8_t version; /* must be first and zero */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/mb_7.c b/usr.sbin/bind/lib/dns/rdata/generic/mb_7.c index 9a6647f1eb8..1af0119f52b 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/mb_7.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/mb_7.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: mb_7.c,v 1.41.206.2 2004/03/06 08:14:06 marka Exp $ */ +/* $ISC: mb_7.c,v 1.43 2004/03/05 05:10:13 marka Exp $ */ /* Reviewed: Wed Mar 15 17:31:26 PST 2000 by bwelling */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/mb_7.h b/usr.sbin/bind/lib/dns/rdata/generic/mb_7.h index 246c17807ef..a78abd15f85 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/mb_7.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/mb_7.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef GENERIC_MB_7_H #define GENERIC_MB_7_H 1 -/* $ISC: mb_7.h,v 1.22.206.1 2004/03/06 08:14:06 marka Exp $ */ +/* $ISC: mb_7.h,v 1.23.18.2 2005/04/29 00:16:34 marka Exp $ */ typedef struct dns_rdata_mb { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/md_3.c b/usr.sbin/bind/lib/dns/rdata/generic/md_3.c index 4cced61671c..f25595a696d 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/md_3.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/md_3.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: md_3.c,v 1.43.206.2 2004/03/06 08:14:07 marka Exp $ */ +/* $ISC: md_3.c,v 1.45 2004/03/05 05:10:13 marka Exp $ */ /* Reviewed: Wed Mar 15 17:48:20 PST 2000 by bwelling */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/md_3.h b/usr.sbin/bind/lib/dns/rdata/generic/md_3.h index dbcfe735f60..8d538095da1 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/md_3.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/md_3.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef GENERIC_MD_3_H #define GENERIC_MD_3_H 1 -/* $ISC: md_3.h,v 1.23.206.1 2004/03/06 08:14:07 marka Exp $ */ +/* $ISC: md_3.h,v 1.24.18.2 2005/04/29 00:16:35 marka Exp $ */ typedef struct dns_rdata_md { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/mf_4.c b/usr.sbin/bind/lib/dns/rdata/generic/mf_4.c index c77e39c0316..a160a1f2bc2 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/mf_4.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/mf_4.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: mf_4.c,v 1.41.206.2 2004/03/06 08:14:07 marka Exp $ */ +/* $ISC: mf_4.c,v 1.43 2004/03/05 05:10:14 marka Exp $ */ /* reviewed: Wed Mar 15 17:47:33 PST 2000 by brister */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/mf_4.h b/usr.sbin/bind/lib/dns/rdata/generic/mf_4.h index 05b91bf9522..26f2c06f28e 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/mf_4.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/mf_4.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef GENERIC_MF_4_H #define GENERIC_MF_4_H 1 -/* $ISC: mf_4.h,v 1.21.206.1 2004/03/06 08:14:07 marka Exp $ */ +/* $ISC: mf_4.h,v 1.22.18.2 2005/04/29 00:16:35 marka Exp $ */ typedef struct dns_rdata_mf { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/mg_8.c b/usr.sbin/bind/lib/dns/rdata/generic/mg_8.c index 30269d3a9c9..d25ebfc19ac 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/mg_8.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/mg_8.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: mg_8.c,v 1.39.206.2 2004/03/06 08:14:07 marka Exp $ */ +/* $ISC: mg_8.c,v 1.41 2004/03/05 05:10:14 marka Exp $ */ /* reviewed: Wed Mar 15 17:49:21 PST 2000 by brister */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/mg_8.h b/usr.sbin/bind/lib/dns/rdata/generic/mg_8.h index 5012d0e2686..7e04b6b582f 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/mg_8.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/mg_8.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef GENERIC_MG_8_H #define GENERIC_MG_8_H 1 -/* $ISC: mg_8.h,v 1.21.206.1 2004/03/06 08:14:07 marka Exp $ */ +/* $ISC: mg_8.h,v 1.22.18.2 2005/04/29 00:16:35 marka Exp $ */ typedef struct dns_rdata_mg { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/minfo_14.c b/usr.sbin/bind/lib/dns/rdata/generic/minfo_14.c index 30817b50ed9..537c513ad90 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/minfo_14.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/minfo_14.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: minfo_14.c,v 1.40.12.4 2004/03/08 09:04:41 marka Exp $ */ +/* $ISC: minfo_14.c,v 1.43 2004/03/05 05:10:14 marka Exp $ */ /* reviewed: Wed Mar 15 17:45:32 PST 2000 by brister */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/minfo_14.h b/usr.sbin/bind/lib/dns/rdata/generic/minfo_14.h index f29e4ae85d1..2457f167cc2 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/minfo_14.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/minfo_14.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef GENERIC_MINFO_14_H #define GENERIC_MINFO_14_H 1 -/* $ISC: minfo_14.h,v 1.22.206.1 2004/03/06 08:14:08 marka Exp $ */ +/* $ISC: minfo_14.h,v 1.23.18.2 2005/04/29 00:16:35 marka Exp $ */ typedef struct dns_rdata_minfo { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/mr_9.c b/usr.sbin/bind/lib/dns/rdata/generic/mr_9.c index e7792c623ce..4ed79c71931 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/mr_9.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/mr_9.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: mr_9.c,v 1.38.206.2 2004/03/06 08:14:08 marka Exp $ */ +/* $ISC: mr_9.c,v 1.40 2004/03/05 05:10:15 marka Exp $ */ /* Reviewed: Wed Mar 15 21:30:35 EST 2000 by tale */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/mr_9.h b/usr.sbin/bind/lib/dns/rdata/generic/mr_9.h index 034959b4974..dfc01a83ad7 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/mr_9.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/mr_9.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef GENERIC_MR_9_H #define GENERIC_MR_9_H 1 -/* $ISC: mr_9.h,v 1.21.206.1 2004/03/06 08:14:08 marka Exp $ */ +/* $ISC: mr_9.h,v 1.22.18.2 2005/04/29 00:16:36 marka Exp $ */ typedef struct dns_rdata_mr { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/mx_15.h b/usr.sbin/bind/lib/dns/rdata/generic/mx_15.h index 1722d2a6037..532e2efc3ca 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/mx_15.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/mx_15.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef GENERIC_MX_15_H #define GENERIC_MX_15_H 1 -/* $ISC: mx_15.h,v 1.24.206.1 2004/03/06 08:14:09 marka Exp $ */ +/* $ISC: mx_15.h,v 1.25.18.2 2005/04/29 00:16:36 marka Exp $ */ typedef struct dns_rdata_mx { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/ns_2.c b/usr.sbin/bind/lib/dns/rdata/generic/ns_2.c index d13c4429b10..0b3944b6e2d 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/ns_2.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/ns_2.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ns_2.c,v 1.42.206.2 2004/03/06 08:14:09 marka Exp $ */ +/* $ISC: ns_2.c,v 1.44 2004/03/05 05:10:15 marka Exp $ */ /* Reviewed: Wed Mar 15 18:15:00 PST 2000 by bwelling */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/ns_2.h b/usr.sbin/bind/lib/dns/rdata/generic/ns_2.h index 98276514637..8d1e774efc4 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/ns_2.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/ns_2.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef GENERIC_NS_2_H #define GENERIC_NS_2_H 1 -/* $ISC: ns_2.h,v 1.22.206.1 2004/03/06 08:14:09 marka Exp $ */ +/* $ISC: ns_2.h,v 1.23.18.2 2005/04/29 00:16:37 marka Exp $ */ typedef struct dns_rdata_ns { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/nsec_47.h b/usr.sbin/bind/lib/dns/rdata/generic/nsec_47.h index 3866f042acf..5fc0ee22687 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/nsec_47.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/nsec_47.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_NSEC_47_H #define GENERIC_NSEC_47_H 1 -/* $ISC: nsec_47.h,v 1.4.2.1 2004/03/08 02:08:03 marka Exp $ */ +/* $ISC: nsec_47.h,v 1.4.20.2 2005/04/29 00:16:37 marka Exp $ */ -/* draft-ietf-dnsext-nsec-rdata-01.txt */ +/*! + * \brief Per draft-ietf-dnsext-nsec-rdata-01.txt */ typedef struct dns_rdata_nsec { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/null_10.c b/usr.sbin/bind/lib/dns/rdata/generic/null_10.c index effd1f79ba5..ea55ca31c78 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/null_10.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/null_10.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: null_10.c,v 1.35.2.1.10.4 2004/03/08 09:04:41 marka Exp $ */ +/* $ISC: null_10.c,v 1.40 2004/03/05 05:10:16 marka Exp $ */ /* Reviewed: Thu Mar 16 13:57:50 PST 2000 by explorer */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/null_10.h b/usr.sbin/bind/lib/dns/rdata/generic/null_10.h index 34477d63a99..a418a5add50 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/null_10.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/null_10.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef GENERIC_NULL_10_H #define GENERIC_NULL_10_H 1 -/* $ISC: null_10.h,v 1.20.206.1 2004/03/06 08:14:09 marka Exp $ */ +/* $ISC: null_10.h,v 1.21.18.2 2005/04/29 00:16:37 marka Exp $ */ typedef struct dns_rdata_null { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/nxt_30.h b/usr.sbin/bind/lib/dns/rdata/generic/nxt_30.h index 8ceb8787304..9bbb7d4446c 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/nxt_30.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/nxt_30.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_NXT_30_H #define GENERIC_NXT_30_H 1 -/* $ISC: nxt_30.h,v 1.18.12.3 2004/03/08 09:04:41 marka Exp $ */ +/* $ISC: nxt_30.h,v 1.21.18.2 2005/04/29 00:16:38 marka Exp $ */ -/* RFC 2535 */ +/*! + * \brief RFC2535 */ typedef struct dns_rdata_nxt { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/opt_41.h b/usr.sbin/bind/lib/dns/rdata/generic/opt_41.h index eb8c2918e49..fd2fe6030ef 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/opt_41.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/opt_41.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_OPT_41_H #define GENERIC_OPT_41_H 1 -/* $ISC: opt_41.h,v 1.13.206.1 2004/03/06 08:14:10 marka Exp $ */ +/* $ISC: opt_41.h,v 1.14.18.2 2005/04/29 00:16:38 marka Exp $ */ -/* RFC 2671 */ +/*! + * \brief Per RFC2671 */ typedef struct dns_rdata_opt_opcode { isc_uint16_t opcode; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/proforma.c b/usr.sbin/bind/lib/dns/rdata/generic/proforma.c index 281857fb2df..5b900143db5 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/proforma.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/proforma.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: proforma.c,v 1.30.12.4 2004/03/08 09:04:41 marka Exp $ */ +/* $ISC: proforma.c,v 1.34 2004/03/05 05:10:17 marka Exp $ */ #ifndef RDATA_GENERIC_#_#_C #define RDATA_GENERIC_#_#_C diff --git a/usr.sbin/bind/lib/dns/rdata/generic/proforma.h b/usr.sbin/bind/lib/dns/rdata/generic/proforma.h index 8475de9232b..4c96eb55904 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/proforma.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/proforma.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef GENERIC_PROFORMA_H #define GENERIC_PROFORMA_H 1 -/* $ISC: proforma.h,v 1.18.206.1 2004/03/06 08:14:11 marka Exp $ */ +/* $ISC: proforma.h,v 1.19.18.2 2005/04/29 00:16:39 marka Exp $ */ typedef struct dns_rdata_# { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/ptr_12.c b/usr.sbin/bind/lib/dns/rdata/generic/ptr_12.c index 4dab6446e1d..54e1d1715cf 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/ptr_12.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/ptr_12.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ptr_12.c,v 1.39.206.2 2004/03/06 08:14:11 marka Exp $ */ +/* $ISC: ptr_12.c,v 1.41 2004/03/05 05:10:17 marka Exp $ */ /* Reviewed: Thu Mar 16 14:05:12 PST 2000 by explorer */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/ptr_12.h b/usr.sbin/bind/lib/dns/rdata/generic/ptr_12.h index 54e252311d1..f6532eeca57 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/ptr_12.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/ptr_12.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef GENERIC_PTR_12_H #define GENERIC_PTR_12_H 1 -/* $ISC: ptr_12.h,v 1.22.206.1 2004/03/06 08:14:11 marka Exp $ */ +/* $ISC: ptr_12.h,v 1.23.18.2 2005/04/29 00:16:39 marka Exp $ */ typedef struct dns_rdata_ptr { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/rp_17.c b/usr.sbin/bind/lib/dns/rdata/generic/rp_17.c index a9656b38b26..000b92092b4 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/rp_17.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/rp_17.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,9 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rp_17.c,v 1.35.12.4 2004/03/08 09:04:42 marka Exp $ */ +/* $ISC: rp_17.c,v 1.38.18.2 2005/04/29 00:16:39 marka Exp $ */ -/* RFC 1183 */ +/* RFC1183 */ #ifndef RDATA_GENERIC_RP_17_C #define RDATA_GENERIC_RP_17_C diff --git a/usr.sbin/bind/lib/dns/rdata/generic/rp_17.h b/usr.sbin/bind/lib/dns/rdata/generic/rp_17.h index cd1f1625ac4..cca25d8a151 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/rp_17.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/rp_17.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_RP_17_H #define GENERIC_RP_17_H 1 -/* $ISC: rp_17.h,v 1.16.206.1 2004/03/06 08:14:11 marka Exp $ */ +/* $ISC: rp_17.h,v 1.17.18.2 2005/04/29 00:16:39 marka Exp $ */ -/* RFC 1183 */ +/*! + * \brief Per RFC1183 */ typedef struct dns_rdata_rp { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/rrsig_46.h b/usr.sbin/bind/lib/dns/rdata/generic/rrsig_46.h index 3ceb58cc85b..7a9cfd7aaf3 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/rrsig_46.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/rrsig_46.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_DNSSIG_46_H #define GENERIC_DNSSIG_46_H 1 -/* $ISC: rrsig_46.h,v 1.3.2.1 2004/03/08 02:08:04 marka Exp $ */ +/* $ISC: rrsig_46.h,v 1.3.20.2 2005/04/29 00:16:39 marka Exp $ */ -/* RFC 2535 */ +/*! + * \brief Per RFC2535 */ typedef struct dns_rdata_rrsig { dns_rdatacommon_t common; isc_mem_t * mctx; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/rt_21.h b/usr.sbin/bind/lib/dns/rdata/generic/rt_21.h index 2b4ebf08924..41ecbf296d4 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/rt_21.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/rt_21.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_RT_21_H #define GENERIC_RT_21_H 1 -/* $ISC: rt_21.h,v 1.16.206.1 2004/03/06 08:14:12 marka Exp $ */ +/* $ISC: rt_21.h,v 1.17.18.2 2005/04/29 00:16:40 marka Exp $ */ -/* RFC 1183 */ +/*! + * \brief Per RFC1183 */ typedef struct dns_rdata_rt { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/sig_24.h b/usr.sbin/bind/lib/dns/rdata/generic/sig_24.h index 1da528b7ae0..2855c642db4 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/sig_24.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/sig_24.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_SIG_24_H #define GENERIC_SIG_24_H 1 -/* $ISC: sig_24.h,v 1.21.206.1 2004/03/06 08:14:12 marka Exp $ */ +/* $ISC: sig_24.h,v 1.22.18.2 2005/04/29 00:16:40 marka Exp $ */ -/* RFC 2535 */ +/*! + * \brief Per RFC2535 */ typedef struct dns_rdata_sig_t { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/soa_6.h b/usr.sbin/bind/lib/dns/rdata/generic/soa_6.h index 7ebf650483c..9487626c4cd 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/soa_6.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/soa_6.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,21 +15,22 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef GENERIC_SOA_6_H #define GENERIC_SOA_6_H 1 -/* $ISC: soa_6.h,v 1.27.206.1 2004/03/06 08:14:12 marka Exp $ */ +/* $ISC: soa_6.h,v 1.28.18.2 2005/04/29 00:16:40 marka Exp $ */ typedef struct dns_rdata_soa { dns_rdatacommon_t common; isc_mem_t *mctx; dns_name_t origin; dns_name_t contact; - isc_uint32_t serial; /* host order */ - isc_uint32_t refresh; /* host order */ - isc_uint32_t retry; /* host order */ - isc_uint32_t expire; /* host order */ - isc_uint32_t minimum; /* host order */ + isc_uint32_t serial; /*%< host order */ + isc_uint32_t refresh; /*%< host order */ + isc_uint32_t retry; /*%< host order */ + isc_uint32_t expire; /*%< host order */ + isc_uint32_t minimum; /*%< host order */ } dns_rdata_soa_t; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/spf_99.c b/usr.sbin/bind/lib/dns/rdata/generic/spf_99.c new file mode 100644 index 00000000000..7318ec81f2f --- /dev/null +++ b/usr.sbin/bind/lib/dns/rdata/generic/spf_99.c @@ -0,0 +1,238 @@ +/* + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1998-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: spf_99.c,v 1.1.2.2 2005/07/16 00:40:54 marka Exp $ */ + +/* Reviewed: Thu Mar 16 15:40:00 PST 2000 by bwelling */ + +#ifndef RDATA_GENERIC_SPF_99_C +#define RDATA_GENERIC_SPF_99_C + +#define RRTYPE_SPF_ATTRIBUTES (0) + +static inline isc_result_t +fromtext_spf(ARGS_FROMTEXT) { + isc_token_t token; + int strings; + + REQUIRE(type == 99); + + UNUSED(type); + UNUSED(rdclass); + UNUSED(origin); + UNUSED(options); + UNUSED(callbacks); + + strings = 0; + for (;;) { + RETERR(isc_lex_getmastertoken(lexer, &token, + isc_tokentype_qstring, + ISC_TRUE)); + if (token.type != isc_tokentype_qstring && + token.type != isc_tokentype_string) + break; + RETTOK(txt_fromtext(&token.value.as_textregion, target)); + strings++; + } + /* Let upper layer handle eol/eof. */ + isc_lex_ungettoken(lexer, &token); + return (strings == 0 ? ISC_R_UNEXPECTEDEND : ISC_R_SUCCESS); +} + +static inline isc_result_t +totext_spf(ARGS_TOTEXT) { + isc_region_t region; + + UNUSED(tctx); + + REQUIRE(rdata->type == 99); + + dns_rdata_toregion(rdata, ®ion); + + while (region.length > 0) { + RETERR(txt_totext(®ion, target)); + if (region.length > 0) + RETERR(str_totext(" ", target)); + } + + return (ISC_R_SUCCESS); +} + +static inline isc_result_t +fromwire_spf(ARGS_FROMWIRE) { + isc_result_t result; + + REQUIRE(type == 99); + + UNUSED(type); + UNUSED(dctx); + UNUSED(rdclass); + UNUSED(options); + + do { + result = txt_fromwire(source, target); + if (result != ISC_R_SUCCESS) + return (result); + } while (!buffer_empty(source)); + return (ISC_R_SUCCESS); +} + +static inline isc_result_t +towire_spf(ARGS_TOWIRE) { + isc_region_t region; + + REQUIRE(rdata->type == 99); + + UNUSED(cctx); + + isc_buffer_availableregion(target, ®ion); + if (region.length < rdata->length) + return (ISC_R_NOSPACE); + + memcpy(region.base, rdata->data, rdata->length); + isc_buffer_add(target, rdata->length); + return (ISC_R_SUCCESS); +} + +static inline int +compare_spf(ARGS_COMPARE) { + isc_region_t r1; + isc_region_t r2; + + REQUIRE(rdata1->type == rdata2->type); + REQUIRE(rdata1->rdclass == rdata2->rdclass); + REQUIRE(rdata1->type == 99); + + dns_rdata_toregion(rdata1, &r1); + dns_rdata_toregion(rdata2, &r2); + return (isc_region_compare(&r1, &r2)); +} + +static inline isc_result_t +fromstruct_spf(ARGS_FROMSTRUCT) { + dns_rdata_spf_t *txt = source; + isc_region_t region; + isc_uint8_t length; + + REQUIRE(type == 99); + REQUIRE(source != NULL); + REQUIRE(txt->common.rdtype == type); + REQUIRE(txt->common.rdclass == rdclass); + REQUIRE(txt->txt != NULL && txt->txt_len != 0); + + UNUSED(type); + UNUSED(rdclass); + + region.base = txt->txt; + region.length = txt->txt_len; + while (region.length > 0) { + length = uint8_fromregion(®ion); + isc_region_consume(®ion, 1); + if (region.length <= length) + return (ISC_R_UNEXPECTEDEND); + isc_region_consume(®ion, length); + } + + return (mem_tobuffer(target, txt->txt, txt->txt_len)); +} + +static inline isc_result_t +tostruct_spf(ARGS_TOSTRUCT) { + dns_rdata_spf_t *txt = target; + isc_region_t r; + + REQUIRE(rdata->type == 99); + REQUIRE(target != NULL); + + txt->common.rdclass = rdata->rdclass; + txt->common.rdtype = rdata->type; + ISC_LINK_INIT(&txt->common, link); + + dns_rdata_toregion(rdata, &r); + txt->txt_len = r.length; + txt->txt = mem_maybedup(mctx, r.base, r.length); + if (txt->txt == NULL) + return (ISC_R_NOMEMORY); + + txt->offset = 0; + txt->mctx = mctx; + return (ISC_R_SUCCESS); +} + +static inline void +freestruct_spf(ARGS_FREESTRUCT) { + dns_rdata_spf_t *txt = source; + + REQUIRE(source != NULL); + REQUIRE(txt->common.rdtype == 99); + + if (txt->mctx == NULL) + return; + + if (txt->txt != NULL) + isc_mem_free(txt->mctx, txt->txt); + txt->mctx = NULL; +} + +static inline isc_result_t +additionaldata_spf(ARGS_ADDLDATA) { + REQUIRE(rdata->type == 99); + + UNUSED(rdata); + UNUSED(add); + UNUSED(arg); + + return (ISC_R_SUCCESS); +} + +static inline isc_result_t +digest_spf(ARGS_DIGEST) { + isc_region_t r; + + REQUIRE(rdata->type == 99); + + dns_rdata_toregion(rdata, &r); + + return ((digest)(arg, &r)); +} + +static inline isc_boolean_t +checkowner_spf(ARGS_CHECKOWNER) { + + REQUIRE(type == 99); + + UNUSED(name); + UNUSED(type); + UNUSED(rdclass); + UNUSED(wildcard); + + return (ISC_TRUE); +} + +static inline isc_boolean_t +checknames_spf(ARGS_CHECKNAMES) { + + REQUIRE(rdata->type == 99); + + UNUSED(rdata); + UNUSED(owner); + UNUSED(bad); + + return (ISC_TRUE); +} + +#endif /* RDATA_GENERIC_SPF_99_C */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/spf_99.h b/usr.sbin/bind/lib/dns/rdata/generic/spf_99.h new file mode 100644 index 00000000000..744301c215a --- /dev/null +++ b/usr.sbin/bind/lib/dns/rdata/generic/spf_99.h @@ -0,0 +1,51 @@ +/* + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1998-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef GENERIC_SPF_99_H +#define GENERIC_SPF_99_H 1 + +/* $ISC: spf_99.h,v 1.1.2.2 2005/07/16 00:40:54 marka Exp $ */ + +typedef struct dns_rdata_spf_string { + isc_uint8_t length; + unsigned char *data; +} dns_rdata_spf_string_t; + +typedef struct dns_rdata_spf { + dns_rdatacommon_t common; + isc_mem_t *mctx; + unsigned char *txt; + isc_uint16_t txt_len; + /* private */ + isc_uint16_t offset; +} dns_rdata_spf_t; + +/* + * ISC_LANG_BEGINDECLS and ISC_LANG_ENDDECLS are already done + * via rdatastructpre.h and rdatastructsuf.h. + */ + +isc_result_t +dns_rdata_spf_first(dns_rdata_spf_t *); + +isc_result_t +dns_rdata_spf_next(dns_rdata_spf_t *); + +isc_result_t +dns_rdata_spf_current(dns_rdata_spf_t *, dns_rdata_spf_string_t *); + +#endif /* GENERIC_SPF_99_H */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/tkey_249.h b/usr.sbin/bind/lib/dns/rdata/generic/tkey_249.h index abcc587d21f..e66978abb30 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/tkey_249.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/tkey_249.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_TKEY_249_H #define GENERIC_TKEY_249_H 1 -/* $ISC: tkey_249.h,v 1.18.206.2 2004/03/06 08:14:13 marka Exp $ */ +/* $ISC: tkey_249.h,v 1.20.18.2 2005/04/29 00:16:40 marka Exp $ */ -/* draft-ietf-dnsind-tkey-00.txt */ +/*! + * \brief Per draft-ietf-dnsind-tkey-00.txt */ typedef struct dns_rdata_tkey { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/txt_16.c b/usr.sbin/bind/lib/dns/rdata/generic/txt_16.c index 44f0aef99e3..14cc9dd5982 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/txt_16.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/txt_16.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: txt_16.c,v 1.37.12.4 2004/03/08 09:04:42 marka Exp $ */ +/* $ISC: txt_16.c,v 1.41 2004/03/05 05:10:18 marka Exp $ */ /* Reviewed: Thu Mar 16 15:40:00 PST 2000 by bwelling */ diff --git a/usr.sbin/bind/lib/dns/rdata/generic/txt_16.h b/usr.sbin/bind/lib/dns/rdata/generic/txt_16.h index 9fba0b6fc7f..48673d298a5 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/txt_16.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/txt_16.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef GENERIC_TXT_16_H #define GENERIC_TXT_16_H 1 -/* $ISC: txt_16.h,v 1.23.206.1 2004/03/06 08:14:14 marka Exp $ */ +/* $ISC: txt_16.h,v 1.24.18.2 2005/04/29 00:16:40 marka Exp $ */ typedef struct dns_rdata_txt_string { isc_uint8_t length; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/unspec_103.c b/usr.sbin/bind/lib/dns/rdata/generic/unspec_103.c index d2108dd4113..bc6b88460db 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/unspec_103.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/unspec_103.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: unspec_103.c,v 1.28.2.1.10.4 2004/03/08 09:04:43 marka Exp $ */ +/* $ISC: unspec_103.c,v 1.33 2004/03/05 05:10:18 marka Exp $ */ #ifndef RDATA_GENERIC_UNSPEC_103_C #define RDATA_GENERIC_UNSPEC_103_C diff --git a/usr.sbin/bind/lib/dns/rdata/generic/unspec_103.h b/usr.sbin/bind/lib/dns/rdata/generic/unspec_103.h index bb7b96e1970..e4babd89c2a 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/unspec_103.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/unspec_103.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef GENERIC_UNSPEC_103_H #define GENERIC_UNSPEC_103_H 1 -/* $ISC: unspec_103.h,v 1.12.206.1 2004/03/06 08:14:14 marka Exp $ */ +/* $ISC: unspec_103.h,v 1.13.18.2 2005/04/29 00:16:40 marka Exp $ */ typedef struct dns_rdata_unspec_t { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/generic/x25_19.c b/usr.sbin/bind/lib/dns/rdata/generic/x25_19.c index 9300265a53c..36bb57583e4 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/x25_19.c +++ b/usr.sbin/bind/lib/dns/rdata/generic/x25_19.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: x25_19.c,v 1.31.12.4 2004/03/08 09:04:43 marka Exp $ */ +/* $ISC: x25_19.c,v 1.35.18.2 2005/04/29 00:16:40 marka Exp $ */ /* Reviewed: Thu Mar 16 16:15:57 PST 2000 by bwelling */ -/* RFC 1183 */ +/* RFC1183 */ #ifndef RDATA_GENERIC_X25_19_C #define RDATA_GENERIC_X25_19_C diff --git a/usr.sbin/bind/lib/dns/rdata/generic/x25_19.h b/usr.sbin/bind/lib/dns/rdata/generic/x25_19.h index 8bb70108027..97fd6d0f759 100644 --- a/usr.sbin/bind/lib/dns/rdata/generic/x25_19.h +++ b/usr.sbin/bind/lib/dns/rdata/generic/x25_19.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef GENERIC_X25_19_H #define GENERIC_X25_19_H 1 -/* $ISC: x25_19.h,v 1.13.206.1 2004/03/06 08:14:14 marka Exp $ */ +/* $ISC: x25_19.h,v 1.14.18.2 2005/04/29 00:16:40 marka Exp $ */ -/* RFC 1183 */ +/*! + * \brief Per RFC1183 */ typedef struct dns_rdata_x25 { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/hs_4/a_1.c b/usr.sbin/bind/lib/dns/rdata/hs_4/a_1.c index fb8135fa896..2440fe6e2f0 100644 --- a/usr.sbin/bind/lib/dns/rdata/hs_4/a_1.c +++ b/usr.sbin/bind/lib/dns/rdata/hs_4/a_1.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: a_1.c,v 1.25.12.4 2004/03/08 09:04:43 marka Exp $ */ +/* $ISC: a_1.c,v 1.29 2004/03/05 05:10:20 marka Exp $ */ /* reviewed: Thu Mar 16 15:58:36 PST 2000 by brister */ diff --git a/usr.sbin/bind/lib/dns/rdata/hs_4/a_1.h b/usr.sbin/bind/lib/dns/rdata/hs_4/a_1.h index 634f11075a2..b6fd4979251 100644 --- a/usr.sbin/bind/lib/dns/rdata/hs_4/a_1.h +++ b/usr.sbin/bind/lib/dns/rdata/hs_4/a_1.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef HS_4_A_1_H #define HS_4_A_1_H 1 -/* $ISC: a_1.h,v 1.7.206.1 2004/03/06 08:14:15 marka Exp $ */ +/* $ISC: a_1.h,v 1.8.18.2 2005/04/29 00:16:41 marka Exp $ */ typedef struct dns_rdata_hs_a { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/a6_38.h b/usr.sbin/bind/lib/dns/rdata/in_1/a6_38.h index 1c5f531a0ed..4b3afb9f2f4 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/a6_38.h +++ b/usr.sbin/bind/lib/dns/rdata/in_1/a6_38.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef IN_1_A6_38_H #define IN_1_A6_38_H 1 -/* $ISC: a6_38.h,v 1.19.206.1 2004/03/06 08:14:15 marka Exp $ */ +/* $ISC: a6_38.h,v 1.20.18.2 2005/04/29 00:16:41 marka Exp $ */ -/* RFC2874 */ +/*! + * \brief Per RFC2874 */ typedef struct dns_rdata_in_a6 { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/a_1.c b/usr.sbin/bind/lib/dns/rdata/in_1/a_1.c index f562839955a..6aae94a668f 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/a_1.c +++ b/usr.sbin/bind/lib/dns/rdata/in_1/a_1.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: a_1.c,v 1.46.12.5 2004/03/08 09:04:43 marka Exp $ */ +/* $ISC: a_1.c,v 1.51 2004/03/05 05:10:23 marka Exp $ */ /* Reviewed: Thu Mar 16 16:52:50 PST 2000 by bwelling */ diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/a_1.h b/usr.sbin/bind/lib/dns/rdata/in_1/a_1.h index 2f9e61e44fa..069a4f6be3b 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/a_1.h +++ b/usr.sbin/bind/lib/dns/rdata/in_1/a_1.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef IN_1_A_1_H #define IN_1_A_1_H 1 -/* $ISC: a_1.h,v 1.23.206.1 2004/03/06 08:14:16 marka Exp $ */ +/* $ISC: a_1.h,v 1.24.18.2 2005/04/29 00:16:41 marka Exp $ */ typedef struct dns_rdata_in_a { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/aaaa_28.c b/usr.sbin/bind/lib/dns/rdata/in_1/aaaa_28.c index 497f0e2ffa1..a3e993eb2ee 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/aaaa_28.c +++ b/usr.sbin/bind/lib/dns/rdata/in_1/aaaa_28.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: aaaa_28.c,v 1.36.12.5 2004/03/08 09:04:44 marka Exp $ */ +/* $ISC: aaaa_28.c,v 1.41.18.2 2005/04/29 00:16:41 marka Exp $ */ /* Reviewed: Thu Mar 16 16:52:50 PST 2000 by bwelling */ -/* RFC 1886 */ +/* RFC1886 */ #ifndef RDATA_IN_1_AAAA_28_C #define RDATA_IN_1_AAAA_28_C diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/aaaa_28.h b/usr.sbin/bind/lib/dns/rdata/in_1/aaaa_28.h index ddf2d7881f4..abb7ca250f3 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/aaaa_28.h +++ b/usr.sbin/bind/lib/dns/rdata/in_1/aaaa_28.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef IN_1_AAAA_28_H #define IN_1_AAAA_28_H 1 -/* $ISC: aaaa_28.h,v 1.16.206.1 2004/03/06 08:14:16 marka Exp $ */ +/* $ISC: aaaa_28.h,v 1.17.18.2 2005/04/29 00:16:42 marka Exp $ */ -/* RFC 1886 */ +/*! + * \brief Per RFC1886 */ typedef struct dns_rdata_in_aaaa { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/apl_42.h b/usr.sbin/bind/lib/dns/rdata/in_1/apl_42.h index cf4f6c1e420..93c83839b38 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/apl_42.h +++ b/usr.sbin/bind/lib/dns/rdata/in_1/apl_42.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/* */ #ifndef IN_1_APL_42_H #define IN_1_APL_42_H 1 -/* $ISC: apl_42.h,v 1.1.202.3 2004/03/08 09:04:44 marka Exp $ */ +/* $ISC: apl_42.h,v 1.2.18.2 2005/04/29 00:16:42 marka Exp $ */ typedef struct dns_rdata_apl_ent { isc_boolean_t negative; diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/kx_36.h b/usr.sbin/bind/lib/dns/rdata/in_1/kx_36.h index 77d05054281..39ebd4fb79a 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/kx_36.h +++ b/usr.sbin/bind/lib/dns/rdata/in_1/kx_36.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef IN_1_KX_36_H #define IN_1_KX_36_H 1 -/* $ISC: kx_36.h,v 1.15.206.1 2004/03/06 08:14:17 marka Exp $ */ +/* $ISC: kx_36.h,v 1.16.18.2 2005/04/29 00:16:42 marka Exp $ */ -/* RFC 2230 */ +/*! + * \brief Per RFC2230 */ typedef struct dns_rdata_in_kx { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/naptr_35.h b/usr.sbin/bind/lib/dns/rdata/in_1/naptr_35.h index 3ffa50eec2d..67e7c1b4a83 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/naptr_35.h +++ b/usr.sbin/bind/lib/dns/rdata/in_1/naptr_35.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef IN_1_NAPTR_35_H #define IN_1_NAPTR_35_H 1 -/* $ISC: naptr_35.h,v 1.18.206.1 2004/03/06 08:14:17 marka Exp $ */ +/* $ISC: naptr_35.h,v 1.19.18.2 2005/04/29 00:16:42 marka Exp $ */ -/* RFC 2915 */ +/*! + * \brief Per RFC2915 */ typedef struct dns_rdata_in_naptr { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/nsap-ptr_23.c b/usr.sbin/bind/lib/dns/rdata/in_1/nsap-ptr_23.c index 619a889febf..e0d4d25cc71 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/nsap-ptr_23.c +++ b/usr.sbin/bind/lib/dns/rdata/in_1/nsap-ptr_23.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: nsap-ptr_23.c,v 1.32.206.2 2004/03/06 08:14:17 marka Exp $ */ +/* $ISC: nsap-ptr_23.c,v 1.34.18.2 2005/04/29 00:16:42 marka Exp $ */ /* Reviewed: Fri Mar 17 10:16:02 PST 2000 by gson */ -/* RFC 1348. Obsoleted in RFC 1706 - use PTR instead. */ +/* RFC1348. Obsoleted in RFC 1706 - use PTR instead. */ #ifndef RDATA_IN_1_NSAP_PTR_23_C #define RDATA_IN_1_NSAP_PTR_23_C diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/nsap-ptr_23.h b/usr.sbin/bind/lib/dns/rdata/in_1/nsap-ptr_23.h index a2879f2d781..30aecb2a920 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/nsap-ptr_23.h +++ b/usr.sbin/bind/lib/dns/rdata/in_1/nsap-ptr_23.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef IN_1_NSAP_PTR_23_H #define IN_1_NSAP_PTR_23_H 1 -/* $ISC: nsap-ptr_23.h,v 1.14.206.1 2004/03/06 08:14:18 marka Exp $ */ +/* $ISC: nsap-ptr_23.h,v 1.15.18.2 2005/04/29 00:16:43 marka Exp $ */ -/* RFC 1348. Obsoleted in RFC 1706 - use PTR instead. */ +/*! + * \brief Per RFC1348. Obsoleted in RFC 1706 - use PTR instead. */ typedef struct dns_rdata_in_nsap_ptr { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/nsap_22.h b/usr.sbin/bind/lib/dns/rdata/in_1/nsap_22.h index 353b4f08096..df2f4a8a2f0 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/nsap_22.h +++ b/usr.sbin/bind/lib/dns/rdata/in_1/nsap_22.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef IN_1_NSAP_22_H #define IN_1_NSAP_22_H 1 -/* $ISC: nsap_22.h,v 1.13.206.1 2004/03/06 08:14:18 marka Exp $ */ +/* $ISC: nsap_22.h,v 1.14.18.2 2005/04/29 00:16:43 marka Exp $ */ -/* RFC 1706 */ +/*! + * \brief Per RFC1706 */ typedef struct dns_rdata_in_nsap { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/px_26.h b/usr.sbin/bind/lib/dns/rdata/in_1/px_26.h index 334bb693bcc..06f7a6c98dd 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/px_26.h +++ b/usr.sbin/bind/lib/dns/rdata/in_1/px_26.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,9 +18,10 @@ #ifndef IN_1_PX_26_H #define IN_1_PX_26_H 1 -/* $ISC: px_26.h,v 1.14.206.1 2004/03/06 08:14:18 marka Exp $ */ +/* $ISC: px_26.h,v 1.15.18.2 2005/04/29 00:16:43 marka Exp $ */ -/* RFC 2163 */ +/*! + * \brief Per RFC2163 */ typedef struct dns_rdata_in_px { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/srv_33.h b/usr.sbin/bind/lib/dns/rdata/in_1/srv_33.h index d1c16897690..983f1f00c27 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/srv_33.h +++ b/usr.sbin/bind/lib/dns/rdata/in_1/srv_33.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,11 +18,12 @@ #ifndef IN_1_SRV_33_H #define IN_1_SRV_33_H 1 -/* $ISC: srv_33.h,v 1.14.206.1 2004/03/06 08:14:19 marka Exp $ */ +/* $ISC: srv_33.h,v 1.15.18.2 2005/04/29 00:16:43 marka Exp $ */ /* Reviewed: Fri Mar 17 13:01:00 PST 2000 by bwelling */ -/* RFC 2782 */ +/*! + * \brief Per RFC2782 */ typedef struct dns_rdata_in_srv { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/wks_11.h b/usr.sbin/bind/lib/dns/rdata/in_1/wks_11.h index a782fdf491d..faa166636be 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/wks_11.h +++ b/usr.sbin/bind/lib/dns/rdata/in_1/wks_11.h @@ -18,7 +18,7 @@ #ifndef IN_1_WKS_11_H #define IN_1_WKS_11_H 1 -/* $ISC: wks_11.h,v 1.19.206.1 2004/03/06 08:14:19 marka Exp $ */ +/* $ISC: wks_11.h,v 1.20 2004/03/05 05:10:25 marka Exp $ */ typedef struct dns_rdata_in_wks { dns_rdatacommon_t common; diff --git a/usr.sbin/bind/lib/dns/rdata/rdatastructpre.h b/usr.sbin/bind/lib/dns/rdata/rdatastructpre.h index 8823f7af425..e1fd26a7b9e 100644 --- a/usr.sbin/bind/lib/dns/rdata/rdatastructpre.h +++ b/usr.sbin/bind/lib/dns/rdata/rdatastructpre.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rdatastructpre.h,v 1.13.206.1 2004/03/06 08:14:02 marka Exp $ */ +/* $ISC: rdatastructpre.h,v 1.14 2004/03/05 05:10:04 marka Exp $ */ #ifndef DNS_RDATASTRUCT_H #define DNS_RDATASTRUCT_H 1 diff --git a/usr.sbin/bind/lib/dns/rdata/rdatastructsuf.h b/usr.sbin/bind/lib/dns/rdata/rdatastructsuf.h index 231ad227b1e..ccc72447cf3 100644 --- a/usr.sbin/bind/lib/dns/rdata/rdatastructsuf.h +++ b/usr.sbin/bind/lib/dns/rdata/rdatastructsuf.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rdatastructsuf.h,v 1.7.206.1 2004/03/06 08:14:02 marka Exp $ */ +/* $ISC: rdatastructsuf.h,v 1.8 2004/03/05 05:10:04 marka Exp $ */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/dns/rdatalist_p.h b/usr.sbin/bind/lib/dns/rdatalist_p.h index fad6c862d50..b8677a0a2ca 100644 --- a/usr.sbin/bind/lib/dns/rdatalist_p.h +++ b/usr.sbin/bind/lib/dns/rdatalist_p.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rdatalist_p.h,v 1.3.206.2 2004/03/08 02:07:56 marka Exp $ */ +/* $ISC: rdatalist_p.h,v 1.5.18.2 2005/04/29 00:16:03 marka Exp $ */ #ifndef DNS_RDATALIST_P_H #define DNS_RDATALIST_P_H +/*! \file */ + #include <isc/result.h> #include <dns/types.h> diff --git a/usr.sbin/bind/lib/dns/rdatasetiter.c b/usr.sbin/bind/lib/dns/rdatasetiter.c index 5aa9d3df4cc..6fb14397ec9 100644 --- a/usr.sbin/bind/lib/dns/rdatasetiter.c +++ b/usr.sbin/bind/lib/dns/rdatasetiter.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rdatasetiter.c,v 1.11.206.1 2004/03/06 08:13:44 marka Exp $ */ +/* $ISC: rdatasetiter.c,v 1.12.18.2 2005/04/29 00:16:03 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/dns/sdlz.c b/usr.sbin/bind/lib/dns/sdlz.c new file mode 100644 index 00000000000..9ad1896771a --- /dev/null +++ b/usr.sbin/bind/lib/dns/sdlz.c @@ -0,0 +1,1786 @@ +/* + * Portions Copyright (C) 2005-2007 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * Copyright (C) 2002 Stichting NLnet, Netherlands, stichting@nlnet.nl. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the + * above copyright notice and this permission notice appear in all + * copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND STICHTING NLNET + * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL + * STICHTING NLNET BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR + * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS + * OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE + * USE OR PERFORMANCE OF THIS SOFTWARE. + * + * The development of Dynamically Loadable Zones (DLZ) for Bind 9 was + * conceived and contributed by Rob Butler. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the + * above copyright notice and this permission notice appear in all + * copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ROB BUTLER + * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL + * ROB BUTLER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR + * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS + * OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE + * USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: sdlz.c,v 1.2.2.11 2007/08/28 07:20:05 tbox Exp $ */ + +/*! \file */ + +#include <config.h> +#include <string.h> + +#include <isc/buffer.h> +#include <isc/lex.h> +#include <isc/log.h> +#include <isc/rwlock.h> +#include <isc/string.h> +#include <isc/util.h> +#include <isc/magic.h> +#include <isc/mem.h> +#include <isc/once.h> +#include <isc/print.h> +#include <isc/region.h> + +#include <dns/callbacks.h> +#include <dns/db.h> +#include <dns/dbiterator.h> +#include <dns/dlz.h> +#include <dns/fixedname.h> +#include <dns/log.h> +#include <dns/rdata.h> +#include <dns/rdatalist.h> +#include <dns/rdataset.h> +#include <dns/rdatasetiter.h> +#include <dns/rdatatype.h> +#include <dns/result.h> +#include <dns/master.h> +#include <dns/sdlz.h> +#include <dns/types.h> + +#include "rdatalist_p.h" + +/* + * Private Types + */ + +struct dns_sdlzimplementation { + const dns_sdlzmethods_t *methods; + isc_mem_t *mctx; + void *driverarg; + unsigned int flags; + isc_mutex_t driverlock; + dns_dlzimplementation_t *dlz_imp; +}; + +struct dns_sdlz_db { + /* Unlocked */ + dns_db_t common; + void *dbdata; + dns_sdlzimplementation_t *dlzimp; + isc_mutex_t refcnt_lock; + /* Locked */ + unsigned int references; +}; + +struct dns_sdlzlookup { + /* Unlocked */ + unsigned int magic; + dns_sdlz_db_t *sdlz; + ISC_LIST(dns_rdatalist_t) lists; + ISC_LIST(isc_buffer_t) buffers; + dns_name_t *name; + ISC_LINK(dns_sdlzlookup_t) link; + isc_mutex_t lock; + dns_rdatacallbacks_t callbacks; + /* Locked */ + unsigned int references; +}; + +typedef struct dns_sdlzlookup dns_sdlznode_t; + +struct dns_sdlzallnodes { + dns_dbiterator_t common; + ISC_LIST(dns_sdlznode_t) nodelist; + dns_sdlznode_t *current; + dns_sdlznode_t *origin; +}; + +typedef dns_sdlzallnodes_t sdlz_dbiterator_t; + +typedef struct sdlz_rdatasetiter { + dns_rdatasetiter_t common; + dns_rdatalist_t *current; +} sdlz_rdatasetiter_t; + + +#define SDLZDB_MAGIC ISC_MAGIC('D', 'L', 'Z', 'S') + +/* + * Note that "impmagic" is not the first four bytes of the struct, so + * ISC_MAGIC_VALID cannot be used. + */ + +#define VALID_SDLZDB(sdlzdb) ((sdlzdb) != NULL && \ + (sdlzdb)->common.impmagic == SDLZDB_MAGIC) + +#define SDLZLOOKUP_MAGIC ISC_MAGIC('D','L','Z','L') +#define VALID_SDLZLOOKUP(sdlzl) ISC_MAGIC_VALID(sdlzl, SDLZLOOKUP_MAGIC) +#define VALID_SDLZNODE(sdlzn) VALID_SDLZLOOKUP(sdlzn) + +/* These values are taken from RFC 1537 */ +#define SDLZ_DEFAULT_REFRESH (60 * 60 * 8) +#define SDLZ_DEFAULT_RETRY (60 * 60 * 2) +#define SDLZ_DEFAULT_EXPIRE (60 * 60 * 24 * 7) +#define SDLZ_DEFAULT_MINIMUM (60 * 60 * 24) + +/* This is a reasonable value */ +#define SDLZ_DEFAULT_TTL (60 * 60 * 24) + +static int dummy; + +#ifdef __COVERITY__ +#define MAYBE_LOCK(imp) LOCK(&imp->driverlock) +#define MAYBE_UNLOCK(imp) UNLOCK(&imp->driverlock) +#else +#define MAYBE_LOCK(imp) \ + do { \ + unsigned int flags = imp->flags; \ + if ((flags & DNS_SDLZFLAG_THREADSAFE) == 0) \ + LOCK(&imp->driverlock); \ + } while (0) + +#define MAYBE_UNLOCK(imp) \ + do { \ + unsigned int flags = imp->flags; \ + if ((flags & DNS_SDLZFLAG_THREADSAFE) == 0) \ + UNLOCK(&imp->driverlock); \ + } while (0) +#endif + +/* + * Forward references. Try to keep these to a minimum. + */ + +static void list_tordataset(dns_rdatalist_t *rdatalist, + dns_db_t *db, dns_dbnode_t *node, + dns_rdataset_t *rdataset); + +static void detachnode(dns_db_t *db, dns_dbnode_t **targetp); + +static void dbiterator_destroy(dns_dbiterator_t **iteratorp); +static isc_result_t dbiterator_first(dns_dbiterator_t *iterator); +static isc_result_t dbiterator_last(dns_dbiterator_t *iterator); +static isc_result_t dbiterator_seek(dns_dbiterator_t *iterator, + dns_name_t *name); +static isc_result_t dbiterator_prev(dns_dbiterator_t *iterator); +static isc_result_t dbiterator_next(dns_dbiterator_t *iterator); +static isc_result_t dbiterator_current(dns_dbiterator_t *iterator, + dns_dbnode_t **nodep, + dns_name_t *name); +static isc_result_t dbiterator_pause(dns_dbiterator_t *iterator); +static isc_result_t dbiterator_origin(dns_dbiterator_t *iterator, + dns_name_t *name); + +static dns_dbiteratormethods_t dbiterator_methods = { + dbiterator_destroy, + dbiterator_first, + dbiterator_last, + dbiterator_seek, + dbiterator_prev, + dbiterator_next, + dbiterator_current, + dbiterator_pause, + dbiterator_origin +}; + +/* + * Utility functions + */ + +/*% Converts the input string to lowercase, in place. */ + +static void +dns_sdlz_tolower(char *str) { + + unsigned int len = strlen(str); + unsigned int i; + + for (i = 0; i < len; i++) { + if (str[i] >= 'A' && str[i] <= 'Z') + str[i] += 32; + } + +} + +static inline unsigned int +initial_size(const char *data) { + unsigned int len = (strlen(data) / 64) + 1; + return (len * 64 + 64); +} + +/* + * Rdataset Iterator Methods. These methods were "borrowed" from the SDB + * driver interface. See the SDB driver interface documentation for more info. + */ + +static void +rdatasetiter_destroy(dns_rdatasetiter_t **iteratorp) { + sdlz_rdatasetiter_t *sdlziterator = + (sdlz_rdatasetiter_t *)(*iteratorp); + + detachnode(sdlziterator->common.db, &sdlziterator->common.node); + isc_mem_put(sdlziterator->common.db->mctx, sdlziterator, + sizeof(sdlz_rdatasetiter_t)); + *iteratorp = NULL; +} + +static isc_result_t +rdatasetiter_first(dns_rdatasetiter_t *iterator) { + sdlz_rdatasetiter_t *sdlziterator = (sdlz_rdatasetiter_t *)iterator; + dns_sdlznode_t *sdlznode = (dns_sdlznode_t *)iterator->node; + + if (ISC_LIST_EMPTY(sdlznode->lists)) + return (ISC_R_NOMORE); + sdlziterator->current = ISC_LIST_HEAD(sdlznode->lists); + return (ISC_R_SUCCESS); +} + +static isc_result_t +rdatasetiter_next(dns_rdatasetiter_t *iterator) { + sdlz_rdatasetiter_t *sdlziterator = (sdlz_rdatasetiter_t *)iterator; + + sdlziterator->current = ISC_LIST_NEXT(sdlziterator->current, link); + if (sdlziterator->current == NULL) + return (ISC_R_NOMORE); + else + return (ISC_R_SUCCESS); +} + +static void +rdatasetiter_current(dns_rdatasetiter_t *iterator, dns_rdataset_t *rdataset) { + sdlz_rdatasetiter_t *sdlziterator = (sdlz_rdatasetiter_t *)iterator; + + list_tordataset(sdlziterator->current, iterator->db, iterator->node, + rdataset); +} + +static dns_rdatasetitermethods_t rdatasetiter_methods = { + rdatasetiter_destroy, + rdatasetiter_first, + rdatasetiter_next, + rdatasetiter_current +}; + +/* + * DB routines. These methods were "borrowed" from the SDB driver interface. + * See the SDB driver interface documentation for more info. + */ + +static void +attach(dns_db_t *source, dns_db_t **targetp) { + dns_sdlz_db_t *sdlz = (dns_sdlz_db_t *) source; + + REQUIRE(VALID_SDLZDB(sdlz)); + + LOCK(&sdlz->refcnt_lock); + REQUIRE(sdlz->references > 0); + sdlz->references++; + UNLOCK(&sdlz->refcnt_lock); + + *targetp = source; +} + +static void +destroy(dns_sdlz_db_t *sdlz) { + isc_mem_t *mctx; + mctx = sdlz->common.mctx; + + sdlz->common.magic = 0; + sdlz->common.impmagic = 0; + + isc_mutex_destroy(&sdlz->refcnt_lock); + + dns_name_free(&sdlz->common.origin, mctx); + + isc_mem_put(mctx, sdlz, sizeof(dns_sdlz_db_t)); + isc_mem_detach(&mctx); +} + +static void +detach(dns_db_t **dbp) { + dns_sdlz_db_t *sdlz = (dns_sdlz_db_t *)(*dbp); + isc_boolean_t need_destroy = ISC_FALSE; + + REQUIRE(VALID_SDLZDB(sdlz)); + LOCK(&sdlz->refcnt_lock); + REQUIRE(sdlz->references > 0); + sdlz->references--; + if (sdlz->references == 0) + need_destroy = ISC_TRUE; + UNLOCK(&sdlz->refcnt_lock); + + if (need_destroy) + destroy(sdlz); + + *dbp = NULL; +} + +static isc_result_t +beginload(dns_db_t *db, dns_addrdatasetfunc_t *addp, dns_dbload_t **dbloadp) { + UNUSED(db); + UNUSED(addp); + UNUSED(dbloadp); + return (ISC_R_NOTIMPLEMENTED); +} + +static isc_result_t +endload(dns_db_t *db, dns_dbload_t **dbloadp) { + UNUSED(db); + UNUSED(dbloadp); + return (ISC_R_NOTIMPLEMENTED); +} + +static isc_result_t +dump(dns_db_t *db, dns_dbversion_t *version, const char *filename, + dns_masterformat_t masterformat) +{ + UNUSED(db); + UNUSED(version); + UNUSED(filename); + UNUSED(masterformat); + return (ISC_R_NOTIMPLEMENTED); +} + +static void +currentversion(dns_db_t *db, dns_dbversion_t **versionp) { + REQUIRE(versionp != NULL && *versionp == NULL); + + UNUSED(db); + + *versionp = (void *) &dummy; + return; +} + +static isc_result_t +newversion(dns_db_t *db, dns_dbversion_t **versionp) { + UNUSED(db); + UNUSED(versionp); + + return (ISC_R_NOTIMPLEMENTED); +} + +static void +attachversion(dns_db_t *db, dns_dbversion_t *source, + dns_dbversion_t **targetp) +{ + REQUIRE(source != NULL && source == (void *) &dummy); + + UNUSED(db); + UNUSED(source); + UNUSED(targetp); + *targetp = source; +} + +static void +closeversion(dns_db_t *db, dns_dbversion_t **versionp, isc_boolean_t commit) { + REQUIRE(versionp != NULL && *versionp == (void *) &dummy); + REQUIRE(commit == ISC_FALSE); + + UNUSED(db); + UNUSED(commit); + + *versionp = NULL; +} + +static isc_result_t +createnode(dns_sdlz_db_t *sdlz, dns_sdlznode_t **nodep) { + dns_sdlznode_t *node; + isc_result_t result; + + node = isc_mem_get(sdlz->common.mctx, sizeof(dns_sdlznode_t)); + if (node == NULL) + return (ISC_R_NOMEMORY); + + node->sdlz = NULL; + attach((dns_db_t *)sdlz, (dns_db_t **)&node->sdlz); + ISC_LIST_INIT(node->lists); + ISC_LIST_INIT(node->buffers); + ISC_LINK_INIT(node, link); + node->name = NULL; + result = isc_mutex_init(&node->lock); + if (result != ISC_R_SUCCESS) { + UNEXPECTED_ERROR(__FILE__, __LINE__, + "isc_mutex_init() failed: %s", + isc_result_totext(result)); + isc_mem_put(sdlz->common.mctx, node, sizeof(dns_sdlznode_t)); + return (ISC_R_UNEXPECTED); + } + dns_rdatacallbacks_init(&node->callbacks); + node->references = 1; + node->magic = SDLZLOOKUP_MAGIC; + + *nodep = node; + return (ISC_R_SUCCESS); +} + +static void +destroynode(dns_sdlznode_t *node) { + dns_rdatalist_t *list; + dns_rdata_t *rdata; + isc_buffer_t *b; + dns_sdlz_db_t *sdlz; + dns_db_t *db; + isc_mem_t *mctx; + + sdlz = node->sdlz; + mctx = sdlz->common.mctx; + + while (!ISC_LIST_EMPTY(node->lists)) { + list = ISC_LIST_HEAD(node->lists); + while (!ISC_LIST_EMPTY(list->rdata)) { + rdata = ISC_LIST_HEAD(list->rdata); + ISC_LIST_UNLINK(list->rdata, rdata, link); + isc_mem_put(mctx, rdata, sizeof(dns_rdata_t)); + } + ISC_LIST_UNLINK(node->lists, list, link); + isc_mem_put(mctx, list, sizeof(dns_rdatalist_t)); + } + + while (!ISC_LIST_EMPTY(node->buffers)) { + b = ISC_LIST_HEAD(node->buffers); + ISC_LIST_UNLINK(node->buffers, b, link); + isc_buffer_free(&b); + } + + if (node->name != NULL) { + dns_name_free(node->name, mctx); + isc_mem_put(mctx, node->name, sizeof(dns_name_t)); + } + DESTROYLOCK(&node->lock); + node->magic = 0; + isc_mem_put(mctx, node, sizeof(dns_sdlznode_t)); + db = &sdlz->common; + detach(&db); +} + +static isc_result_t +findnode(dns_db_t *db, dns_name_t *name, isc_boolean_t create, + dns_dbnode_t **nodep) +{ + dns_sdlz_db_t *sdlz = (dns_sdlz_db_t *)db; + dns_sdlznode_t *node = NULL; + isc_result_t result; + isc_buffer_t b; + char namestr[DNS_NAME_MAXTEXT + 1]; + isc_buffer_t b2; + char zonestr[DNS_NAME_MAXTEXT + 1]; + isc_boolean_t isorigin; + dns_sdlzauthorityfunc_t authority; + + REQUIRE(VALID_SDLZDB(sdlz)); + REQUIRE(create == ISC_FALSE); + REQUIRE(nodep != NULL && *nodep == NULL); + + UNUSED(name); + UNUSED(create); + + isc_buffer_init(&b, namestr, sizeof(namestr)); + if ((sdlz->dlzimp->flags & DNS_SDLZFLAG_RELATIVEOWNER) != 0) { + dns_name_t relname; + unsigned int labels; + + labels = dns_name_countlabels(name) - + dns_name_countlabels(&db->origin); + dns_name_init(&relname, NULL); + dns_name_getlabelsequence(name, 0, labels, &relname); + result = dns_name_totext(&relname, ISC_TRUE, &b); + if (result != ISC_R_SUCCESS) + return (result); + } else { + result = dns_name_totext(name, ISC_TRUE, &b); + if (result != ISC_R_SUCCESS) + return (result); + } + isc_buffer_putuint8(&b, 0); + + isc_buffer_init(&b2, zonestr, sizeof(zonestr)); + result = dns_name_totext(&sdlz->common.origin, ISC_TRUE, &b2); + if (result != ISC_R_SUCCESS) + return (result); + isc_buffer_putuint8(&b2, 0); + + result = createnode(sdlz, &node); + if (result != ISC_R_SUCCESS) + return (result); + + isorigin = dns_name_equal(name, &sdlz->common.origin); + + /* make sure strings are always lowercase */ + dns_sdlz_tolower(zonestr); + dns_sdlz_tolower(namestr); + + MAYBE_LOCK(sdlz->dlzimp); + + /* try to lookup the host (namestr) */ + result = sdlz->dlzimp->methods->lookup(zonestr, namestr, + sdlz->dlzimp->driverarg, + sdlz->dbdata, node); + + /* + * if the host (namestr) was not found, try to lookup a + * "wildcard" host. + */ + if (result != ISC_R_SUCCESS) { + result = sdlz->dlzimp->methods->lookup(zonestr, "*", + sdlz->dlzimp->driverarg, + sdlz->dbdata, node); + } + + MAYBE_UNLOCK(sdlz->dlzimp); + + if (result != ISC_R_SUCCESS && !isorigin) { + destroynode(node); + return (result); + } + + if (isorigin && sdlz->dlzimp->methods->authority != NULL) { + MAYBE_LOCK(sdlz->dlzimp); + authority = sdlz->dlzimp->methods->authority; + result = (*authority)(zonestr, sdlz->dlzimp->driverarg, + sdlz->dbdata, node); + MAYBE_UNLOCK(sdlz->dlzimp); + if (result != ISC_R_SUCCESS && + result != ISC_R_NOTIMPLEMENTED) { + destroynode(node); + return (result); + } + } + + *nodep = node; + return (ISC_R_SUCCESS); +} + +static isc_result_t +findzonecut(dns_db_t *db, dns_name_t *name, unsigned int options, + isc_stdtime_t now, dns_dbnode_t **nodep, dns_name_t *foundname, + dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset) +{ + UNUSED(db); + UNUSED(name); + UNUSED(options); + UNUSED(now); + UNUSED(nodep); + UNUSED(foundname); + UNUSED(rdataset); + UNUSED(sigrdataset); + + return (ISC_R_NOTIMPLEMENTED); +} + +static void +attachnode(dns_db_t *db, dns_dbnode_t *source, dns_dbnode_t **targetp) { + dns_sdlz_db_t *sdlz = (dns_sdlz_db_t *)db; + dns_sdlznode_t *node = (dns_sdlznode_t *)source; + + REQUIRE(VALID_SDLZDB(sdlz)); + + UNUSED(sdlz); + + LOCK(&node->lock); + INSIST(node->references > 0); + node->references++; + INSIST(node->references != 0); /* Catch overflow. */ + UNLOCK(&node->lock); + + *targetp = source; +} + +static void +detachnode(dns_db_t *db, dns_dbnode_t **targetp) { + dns_sdlz_db_t *sdlz = (dns_sdlz_db_t *)db; + dns_sdlznode_t *node; + isc_boolean_t need_destroy = ISC_FALSE; + + REQUIRE(VALID_SDLZDB(sdlz)); + REQUIRE(targetp != NULL && *targetp != NULL); + + UNUSED(sdlz); + + node = (dns_sdlznode_t *)(*targetp); + + LOCK(&node->lock); + INSIST(node->references > 0); + node->references--; + if (node->references == 0) + need_destroy = ISC_TRUE; + UNLOCK(&node->lock); + + if (need_destroy) + destroynode(node); + + *targetp = NULL; +} + +static isc_result_t +expirenode(dns_db_t *db, dns_dbnode_t *node, isc_stdtime_t now) { + UNUSED(db); + UNUSED(node); + UNUSED(now); + INSIST(0); + return (ISC_R_UNEXPECTED); +} + +static void +printnode(dns_db_t *db, dns_dbnode_t *node, FILE *out) { + UNUSED(db); + UNUSED(node); + UNUSED(out); + return; +} + +static isc_result_t +createiterator(dns_db_t *db, isc_boolean_t relative_names, + dns_dbiterator_t **iteratorp) +{ + dns_sdlz_db_t *sdlz = (dns_sdlz_db_t *)db; + sdlz_dbiterator_t *sdlziter; + isc_result_t result; + isc_buffer_t b; + char zonestr[DNS_NAME_MAXTEXT + 1]; + + REQUIRE(VALID_SDLZDB(sdlz)); + + if (sdlz->dlzimp->methods->allnodes == NULL) + return (ISC_R_NOTIMPLEMENTED); + + isc_buffer_init(&b, zonestr, sizeof(zonestr)); + result = dns_name_totext(&sdlz->common.origin, ISC_TRUE, &b); + if (result != ISC_R_SUCCESS) + return (result); + isc_buffer_putuint8(&b, 0); + + sdlziter = isc_mem_get(sdlz->common.mctx, sizeof(sdlz_dbiterator_t)); + if (sdlziter == NULL) + return (ISC_R_NOMEMORY); + + sdlziter->common.methods = &dbiterator_methods; + sdlziter->common.db = NULL; + dns_db_attach(db, &sdlziter->common.db); + sdlziter->common.relative_names = relative_names; + sdlziter->common.magic = DNS_DBITERATOR_MAGIC; + ISC_LIST_INIT(sdlziter->nodelist); + sdlziter->current = NULL; + sdlziter->origin = NULL; + + /* make sure strings are always lowercase */ + dns_sdlz_tolower(zonestr); + + MAYBE_LOCK(sdlz->dlzimp); + result = sdlz->dlzimp->methods->allnodes(zonestr, + sdlz->dlzimp->driverarg, + sdlz->dbdata, sdlziter); + MAYBE_UNLOCK(sdlz->dlzimp); + if (result != ISC_R_SUCCESS) { + dns_dbiterator_t *iter = &sdlziter->common; + dbiterator_destroy(&iter); + return (result); + } + + if (sdlziter->origin != NULL) { + ISC_LIST_UNLINK(sdlziter->nodelist, sdlziter->origin, link); + ISC_LIST_PREPEND(sdlziter->nodelist, sdlziter->origin, link); + } + + *iteratorp = (dns_dbiterator_t *)sdlziter; + + return (ISC_R_SUCCESS); +} + +static isc_result_t +findrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, + dns_rdatatype_t type, dns_rdatatype_t covers, + isc_stdtime_t now, dns_rdataset_t *rdataset, + dns_rdataset_t *sigrdataset) +{ + dns_rdatalist_t *list; + dns_sdlznode_t *sdlznode = (dns_sdlznode_t *)node; + + REQUIRE(VALID_SDLZNODE(node)); + + UNUSED(db); + UNUSED(version); + UNUSED(covers); + UNUSED(now); + UNUSED(sigrdataset); + + if (type == dns_rdatatype_sig || type == dns_rdatatype_rrsig) + return (ISC_R_NOTIMPLEMENTED); + + list = ISC_LIST_HEAD(sdlznode->lists); + while (list != NULL) { + if (list->type == type) + break; + list = ISC_LIST_NEXT(list, link); + } + if (list == NULL) + return (ISC_R_NOTFOUND); + + list_tordataset(list, db, node, rdataset); + + return (ISC_R_SUCCESS); +} + +static isc_result_t +find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, + dns_rdatatype_t type, unsigned int options, isc_stdtime_t now, + dns_dbnode_t **nodep, dns_name_t *foundname, + dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset) +{ + dns_sdlz_db_t *sdlz = (dns_sdlz_db_t *)db; + dns_dbnode_t *node = NULL; + dns_fixedname_t fname; + dns_rdataset_t xrdataset; + dns_name_t *xname; + unsigned int nlabels, olabels; + isc_result_t result; + unsigned int i; + + REQUIRE(VALID_SDLZDB(sdlz)); + REQUIRE(nodep == NULL || *nodep == NULL); + REQUIRE(version == NULL || version == (void *) &dummy); + + UNUSED(options); + UNUSED(sdlz); + + if (!dns_name_issubdomain(name, &db->origin)) + return (DNS_R_NXDOMAIN); + + olabels = dns_name_countlabels(&db->origin); + nlabels = dns_name_countlabels(name); + + dns_fixedname_init(&fname); + xname = dns_fixedname_name(&fname); + + if (rdataset == NULL) { + dns_rdataset_init(&xrdataset); + rdataset = &xrdataset; + } + + result = DNS_R_NXDOMAIN; + + for (i = olabels; i <= nlabels; i++) { + /* + * Unless this is an explicit lookup at the origin, don't + * look at the origin. + */ + if (i == olabels && i != nlabels) + continue; + + /* + * Look up the next label. + */ + dns_name_getlabelsequence(name, nlabels - i, i, xname); + result = findnode(db, xname, ISC_FALSE, &node); + if (result != ISC_R_SUCCESS) { + result = DNS_R_NXDOMAIN; + continue; + } + + /* + * Look for a DNAME at the current label, unless this is + * the qname. + */ + if (i < nlabels) { + result = findrdataset(db, node, version, + dns_rdatatype_dname, + 0, now, rdataset, sigrdataset); + if (result == ISC_R_SUCCESS) { + result = DNS_R_DNAME; + break; + } + } + + /* + * Look for an NS at the current label, unless this is the + * origin or glue is ok. + */ + if (i != olabels && (options & DNS_DBFIND_GLUEOK) == 0) { + result = findrdataset(db, node, version, + dns_rdatatype_ns, + 0, now, rdataset, sigrdataset); + if (result == ISC_R_SUCCESS) { + if (i == nlabels && type == dns_rdatatype_any) + { + result = DNS_R_ZONECUT; + dns_rdataset_disassociate(rdataset); + if (sigrdataset != NULL) + dns_rdataset_disassociate + (sigrdataset); + } else + result = DNS_R_DELEGATION; + break; + } + } + + /* + * If the current name is not the qname, add another label + * and try again. + */ + if (i < nlabels) { + destroynode(node); + node = NULL; + continue; + } + + /* + * If we're looking for ANY, we're done. + */ + if (type == dns_rdatatype_any) { + result = ISC_R_SUCCESS; + break; + } + + /* + * Look for the qtype. + */ + result = findrdataset(db, node, version, type, + 0, now, rdataset, sigrdataset); + if (result == ISC_R_SUCCESS) + break; + + /* + * Look for a CNAME + */ + if (type != dns_rdatatype_cname) { + result = findrdataset(db, node, version, + dns_rdatatype_cname, + 0, now, rdataset, sigrdataset); + if (result == ISC_R_SUCCESS) { + result = DNS_R_CNAME; + break; + } + } + + result = DNS_R_NXRRSET; + break; + } + + if (rdataset == &xrdataset && dns_rdataset_isassociated(rdataset)) + dns_rdataset_disassociate(rdataset); + + if (foundname != NULL) { + isc_result_t xresult; + + xresult = dns_name_copy(xname, foundname, NULL); + if (xresult != ISC_R_SUCCESS) { + if (node != NULL) + destroynode(node); + if (dns_rdataset_isassociated(rdataset)) + dns_rdataset_disassociate(rdataset); + return (DNS_R_BADDB); + } + } + + if (nodep != NULL) + *nodep = node; + else if (node != NULL) + detachnode(db, &node); + + return (result); +} + +static isc_result_t +allrdatasets(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, + isc_stdtime_t now, dns_rdatasetiter_t **iteratorp) +{ + sdlz_rdatasetiter_t *iterator; + + REQUIRE(version == NULL || version == &dummy); + + UNUSED(version); + UNUSED(now); + + iterator = isc_mem_get(db->mctx, sizeof(sdlz_rdatasetiter_t)); + if (iterator == NULL) + return (ISC_R_NOMEMORY); + + iterator->common.magic = DNS_RDATASETITER_MAGIC; + iterator->common.methods = &rdatasetiter_methods; + iterator->common.db = db; + iterator->common.node = NULL; + attachnode(db, node, &iterator->common.node); + iterator->common.version = version; + iterator->common.now = now; + + *iteratorp = (dns_rdatasetiter_t *)iterator; + + return (ISC_R_SUCCESS); +} + +static isc_result_t +addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, + isc_stdtime_t now, dns_rdataset_t *rdataset, unsigned int options, + dns_rdataset_t *addedrdataset) +{ + UNUSED(db); + UNUSED(node); + UNUSED(version); + UNUSED(now); + UNUSED(rdataset); + UNUSED(options); + UNUSED(addedrdataset); + + return (ISC_R_NOTIMPLEMENTED); +} + +static isc_result_t +subtractrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, + dns_rdataset_t *rdataset, unsigned int options, + dns_rdataset_t *newrdataset) +{ + UNUSED(db); + UNUSED(node); + UNUSED(version); + UNUSED(rdataset); + UNUSED(options); + UNUSED(newrdataset); + + return (ISC_R_NOTIMPLEMENTED); +} + +static isc_result_t +deleterdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, + dns_rdatatype_t type, dns_rdatatype_t covers) +{ + UNUSED(db); + UNUSED(node); + UNUSED(version); + UNUSED(type); + UNUSED(covers); + + return (ISC_R_NOTIMPLEMENTED); +} + +static isc_boolean_t +issecure(dns_db_t *db) { + UNUSED(db); + + return (ISC_FALSE); +} + +static unsigned int +nodecount(dns_db_t *db) { + UNUSED(db); + + return (0); +} + +static isc_boolean_t +ispersistent(dns_db_t *db) { + UNUSED(db); + return (ISC_TRUE); +} + +static void +overmem(dns_db_t *db, isc_boolean_t overmem) { + UNUSED(db); + UNUSED(overmem); +} + +static void +settask(dns_db_t *db, isc_task_t *task) { + UNUSED(db); + UNUSED(task); +} + + +static dns_dbmethods_t sdlzdb_methods = { + attach, + detach, + beginload, + endload, + dump, + currentversion, + newversion, + attachversion, + closeversion, + findnode, + find, + findzonecut, + attachnode, + detachnode, + expirenode, + printnode, + createiterator, + findrdataset, + allrdatasets, + addrdataset, + subtractrdataset, + deleterdataset, + issecure, + nodecount, + ispersistent, + overmem, + settask, + NULL, +}; + +/* + * Database Iterator Methods. These methods were "borrowed" from the SDB + * driver interface. See the SDB driver interface documentation for more info. + */ + +static void +dbiterator_destroy(dns_dbiterator_t **iteratorp) { + sdlz_dbiterator_t *sdlziter = (sdlz_dbiterator_t *)(*iteratorp); + dns_sdlz_db_t *sdlz = (dns_sdlz_db_t *)sdlziter->common.db; + + while (!ISC_LIST_EMPTY(sdlziter->nodelist)) { + dns_sdlznode_t *node; + node = ISC_LIST_HEAD(sdlziter->nodelist); + ISC_LIST_UNLINK(sdlziter->nodelist, node, link); + destroynode(node); + } + + dns_db_detach(&sdlziter->common.db); + isc_mem_put(sdlz->common.mctx, sdlziter, sizeof(sdlz_dbiterator_t)); + + *iteratorp = NULL; +} + +static isc_result_t +dbiterator_first(dns_dbiterator_t *iterator) { + sdlz_dbiterator_t *sdlziter = (sdlz_dbiterator_t *)iterator; + + sdlziter->current = ISC_LIST_HEAD(sdlziter->nodelist); + if (sdlziter->current == NULL) + return (ISC_R_NOMORE); + else + return (ISC_R_SUCCESS); +} + +static isc_result_t +dbiterator_last(dns_dbiterator_t *iterator) { + sdlz_dbiterator_t *sdlziter = (sdlz_dbiterator_t *)iterator; + + sdlziter->current = ISC_LIST_TAIL(sdlziter->nodelist); + if (sdlziter->current == NULL) + return (ISC_R_NOMORE); + else + return (ISC_R_SUCCESS); +} + +static isc_result_t +dbiterator_seek(dns_dbiterator_t *iterator, dns_name_t *name) { + sdlz_dbiterator_t *sdlziter = (sdlz_dbiterator_t *)iterator; + + sdlziter->current = ISC_LIST_HEAD(sdlziter->nodelist); + while (sdlziter->current != NULL) + if (dns_name_equal(sdlziter->current->name, name)) + return (ISC_R_SUCCESS); + return (ISC_R_NOTFOUND); +} + +static isc_result_t +dbiterator_prev(dns_dbiterator_t *iterator) { + sdlz_dbiterator_t *sdlziter = (sdlz_dbiterator_t *)iterator; + + sdlziter->current = ISC_LIST_PREV(sdlziter->current, link); + if (sdlziter->current == NULL) + return (ISC_R_NOMORE); + else + return (ISC_R_SUCCESS); +} + +static isc_result_t +dbiterator_next(dns_dbiterator_t *iterator) { + sdlz_dbiterator_t *sdlziter = (sdlz_dbiterator_t *)iterator; + + sdlziter->current = ISC_LIST_NEXT(sdlziter->current, link); + if (sdlziter->current == NULL) + return (ISC_R_NOMORE); + else + return (ISC_R_SUCCESS); +} + +static isc_result_t +dbiterator_current(dns_dbiterator_t *iterator, dns_dbnode_t **nodep, + dns_name_t *name) +{ + sdlz_dbiterator_t *sdlziter = (sdlz_dbiterator_t *)iterator; + + attachnode(iterator->db, sdlziter->current, nodep); + if (name != NULL) + return (dns_name_copy(sdlziter->current->name, name, NULL)); + return (ISC_R_SUCCESS); +} + +static isc_result_t +dbiterator_pause(dns_dbiterator_t *iterator) { + UNUSED(iterator); + return (ISC_R_SUCCESS); +} + +static isc_result_t +dbiterator_origin(dns_dbiterator_t *iterator, dns_name_t *name) { + UNUSED(iterator); + return (dns_name_copy(dns_rootname, name, NULL)); +} + +/* + * Rdataset Methods. These methods were "borrowed" from the SDB driver + * interface. See the SDB driver interface documentation for more info. + */ + +static void +disassociate(dns_rdataset_t *rdataset) { + dns_dbnode_t *node = rdataset->private5; + dns_sdlznode_t *sdlznode = (dns_sdlznode_t *) node; + dns_db_t *db = (dns_db_t *) sdlznode->sdlz; + + detachnode(db, &node); + isc__rdatalist_disassociate(rdataset); +} + +static void +rdataset_clone(dns_rdataset_t *source, dns_rdataset_t *target) { + dns_dbnode_t *node = source->private5; + dns_sdlznode_t *sdlznode = (dns_sdlznode_t *) node; + dns_db_t *db = (dns_db_t *) sdlznode->sdlz; + dns_dbnode_t *tempdb = NULL; + + isc__rdatalist_clone(source, target); + attachnode(db, node, &tempdb); + source->private5 = tempdb; +} + +static dns_rdatasetmethods_t rdataset_methods = { + disassociate, + isc__rdatalist_first, + isc__rdatalist_next, + isc__rdatalist_current, + rdataset_clone, + isc__rdatalist_count, + isc__rdatalist_addnoqname, + isc__rdatalist_getnoqname, + NULL, + NULL, + NULL +}; + +static void +list_tordataset(dns_rdatalist_t *rdatalist, + dns_db_t *db, dns_dbnode_t *node, + dns_rdataset_t *rdataset) +{ + /* + * The sdlz rdataset is an rdatalist with some additions. + * - private1 & private2 are used by the rdatalist. + * - private3 & private 4 are unused. + * - private5 is the node. + */ + + /* This should never fail. */ + RUNTIME_CHECK(dns_rdatalist_tordataset(rdatalist, rdataset) == + ISC_R_SUCCESS); + + rdataset->methods = &rdataset_methods; + dns_db_attachnode(db, node, &rdataset->private5); +} + +/* + * SDLZ core methods. This is the core of the new DLZ functionality. + */ + +/*% + * Build a 'bind' database driver structure to be returned by + * either the find zone or the allow zone transfer method. + * This method is only available in this source file, it is + * not made available anywhere else. + */ + +static isc_result_t +dns_sdlzcreateDBP(isc_mem_t *mctx, void *driverarg, void *dbdata, + dns_name_t *name, dns_rdataclass_t rdclass, dns_db_t **dbp) +{ + isc_result_t result; + dns_sdlz_db_t *sdlzdb; + dns_sdlzimplementation_t *imp; + + /* check that things are as we expect */ + REQUIRE(dbp != NULL && *dbp == NULL); + REQUIRE(name != NULL); + + imp = (dns_sdlzimplementation_t *) driverarg; + + /* allocate and zero memory for driver structure */ + sdlzdb = isc_mem_get(mctx, sizeof(dns_sdlz_db_t)); + if (sdlzdb == NULL) + return (ISC_R_NOMEMORY); + memset(sdlzdb, 0, sizeof(dns_sdlz_db_t)); + + /* initialize and set origin */ + dns_name_init(&sdlzdb->common.origin, NULL); + result = dns_name_dupwithoffsets(name, mctx, &sdlzdb->common.origin); + if (result != ISC_R_SUCCESS) + goto mem_cleanup; + + /* initialize the reference count mutex */ + result = isc_mutex_init(&sdlzdb->refcnt_lock); + if (result != ISC_R_SUCCESS) + goto name_cleanup; + + /* set the rest of the database structure attributes */ + sdlzdb->dlzimp = imp; + sdlzdb->common.methods = &sdlzdb_methods; + sdlzdb->common.attributes = 0; + sdlzdb->common.rdclass = rdclass; + sdlzdb->common.mctx = NULL; + sdlzdb->dbdata = dbdata; + sdlzdb->references = 1; + + /* attach to the memory context */ + isc_mem_attach(mctx, &sdlzdb->common.mctx); + + /* mark structure as valid */ + sdlzdb->common.magic = DNS_DB_MAGIC; + sdlzdb->common.impmagic = SDLZDB_MAGIC; + *dbp = (dns_db_t *) sdlzdb; + + return (result); + + /* + * reference count mutex could not be initialized, clean up + * name memory + */ + name_cleanup: + dns_name_free(&sdlzdb->common.origin, mctx); + mem_cleanup: + isc_mem_put(mctx, sdlzdb, sizeof(dns_sdlz_db_t)); + return (result); +} + +static isc_result_t +dns_sdlzallowzonexfr(void *driverarg, void *dbdata, isc_mem_t *mctx, + dns_rdataclass_t rdclass, dns_name_t *name, + isc_sockaddr_t *clientaddr, dns_db_t **dbp) +{ + isc_buffer_t b; + isc_buffer_t b2; + char namestr[DNS_NAME_MAXTEXT + 1]; + char clientstr[(sizeof "xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:255.255.255.255") + + 1]; + isc_netaddr_t netaddr; + isc_result_t result; + dns_sdlzimplementation_t *imp; + + /* + * Perform checks to make sure data is as we expect it to be. + */ + REQUIRE(driverarg != NULL); + REQUIRE(name != NULL); + REQUIRE(clientaddr != NULL); + REQUIRE(dbp != NULL && *dbp == NULL); + + imp = (dns_sdlzimplementation_t *) driverarg; + + /* Convert DNS name to ascii text */ + isc_buffer_init(&b, namestr, sizeof(namestr)); + result = dns_name_totext(name, ISC_TRUE, &b); + if (result != ISC_R_SUCCESS) + return (result); + isc_buffer_putuint8(&b, 0); + + /* convert client address to ascii text */ + isc_buffer_init(&b2, clientstr, sizeof(clientstr)); + isc_netaddr_fromsockaddr(&netaddr, clientaddr); + result = isc_netaddr_totext(&netaddr, &b2); + if (result != ISC_R_SUCCESS) + return (result); + isc_buffer_putuint8(&b2, 0); + + /* make sure strings are always lowercase */ + dns_sdlz_tolower(namestr); + dns_sdlz_tolower(clientstr); + + /* Call SDLZ driver's find zone method */ + if (imp->methods->allowzonexfr != NULL) { + MAYBE_LOCK(imp); + result = imp->methods->allowzonexfr(imp->driverarg, dbdata, + namestr, clientstr); + MAYBE_UNLOCK(imp); + /* + * if zone is supported and transfers allowed build a 'bind' + * database driver + */ + if (result == ISC_R_SUCCESS) + result = dns_sdlzcreateDBP(mctx, driverarg, dbdata, + name, rdclass, dbp); + return (result); + } + + return (ISC_R_NOTIMPLEMENTED); +} + +static isc_result_t +dns_sdlzcreate(isc_mem_t *mctx, const char *dlzname, unsigned int argc, + char *argv[], void *driverarg, void **dbdata) +{ + dns_sdlzimplementation_t *imp; + isc_result_t result = ISC_R_NOTFOUND; + + /* Write debugging message to log */ + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_DLZ, ISC_LOG_DEBUG(2), + "Loading SDLZ driver."); + + /* + * Performs checks to make sure data is as we expect it to be. + */ + REQUIRE(driverarg != NULL); + REQUIRE(dlzname != NULL); + REQUIRE(dbdata != NULL); + UNUSED(mctx); + + imp = driverarg; + + /* If the create method exists, call it. */ + if (imp->methods->create != NULL) { + MAYBE_LOCK(imp); + result = imp->methods->create(dlzname, argc, argv, + imp->driverarg, dbdata); + MAYBE_UNLOCK(imp); + } + + /* Write debugging message to log */ + if (result == ISC_R_SUCCESS) { + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_DLZ, ISC_LOG_DEBUG(2), + "SDLZ driver loaded successfully."); + } else { + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_DLZ, ISC_LOG_ERROR, + "SDLZ driver failed to load."); + } + + return (result); +} + +static void +dns_sdlzdestroy(void *driverdata, void **dbdata) +{ + + dns_sdlzimplementation_t *imp; + + /* Write debugging message to log */ + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_DLZ, ISC_LOG_DEBUG(2), + "Unloading SDLZ driver."); + + imp = driverdata; + + /* If the destroy method exists, call it. */ + if (imp->methods->destroy != NULL) { + MAYBE_LOCK(imp); + imp->methods->destroy(imp->driverarg, dbdata); + MAYBE_UNLOCK(imp); + } +} + +static isc_result_t +dns_sdlzfindzone(void *driverarg, void *dbdata, isc_mem_t *mctx, + dns_rdataclass_t rdclass, dns_name_t *name, dns_db_t **dbp) +{ + isc_buffer_t b; + char namestr[DNS_NAME_MAXTEXT + 1]; + isc_result_t result; + dns_sdlzimplementation_t *imp; + + /* + * Perform checks to make sure data is as we expect it to be. + */ + REQUIRE(driverarg != NULL); + REQUIRE(name != NULL); + REQUIRE(dbp != NULL && *dbp == NULL); + + imp = (dns_sdlzimplementation_t *) driverarg; + + /* Convert DNS name to ascii text */ + isc_buffer_init(&b, namestr, sizeof(namestr)); + result = dns_name_totext(name, ISC_TRUE, &b); + if (result != ISC_R_SUCCESS) + return (result); + isc_buffer_putuint8(&b, 0); + + /* make sure strings are always lowercase */ + dns_sdlz_tolower(namestr); + + /* Call SDLZ driver's find zone method */ + MAYBE_LOCK(imp); + result = imp->methods->findzone(imp->driverarg, dbdata, namestr); + MAYBE_UNLOCK(imp); + + /* + * if zone is supported build a 'bind' database driver + * structure to return + */ + if (result == ISC_R_SUCCESS) + result = dns_sdlzcreateDBP(mctx, driverarg, dbdata, name, + rdclass, dbp); + + return (result); +} + +static dns_dlzmethods_t sdlzmethods = { + dns_sdlzcreate, + dns_sdlzdestroy, + dns_sdlzfindzone, + dns_sdlzallowzonexfr +}; + +/* + * Public functions. + */ + +isc_result_t +dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl, + const char *data) +{ + dns_rdatalist_t *rdatalist; + dns_rdata_t *rdata; + dns_rdatatype_t typeval; + isc_consttextregion_t r; + isc_buffer_t b; + isc_buffer_t *rdatabuf = NULL; + isc_lex_t *lex; + isc_result_t result; + unsigned int size; + isc_mem_t *mctx; + dns_name_t *origin; + + REQUIRE(VALID_SDLZLOOKUP(lookup)); + REQUIRE(type != NULL); + REQUIRE(data != NULL); + + mctx = lookup->sdlz->common.mctx; + + r.base = type; + r.length = strlen(type); + result = dns_rdatatype_fromtext(&typeval, (void *) &r); + if (result != ISC_R_SUCCESS) + return (result); + + rdatalist = ISC_LIST_HEAD(lookup->lists); + while (rdatalist != NULL) { + if (rdatalist->type == typeval) + break; + rdatalist = ISC_LIST_NEXT(rdatalist, link); + } + + if (rdatalist == NULL) { + rdatalist = isc_mem_get(mctx, sizeof(dns_rdatalist_t)); + if (rdatalist == NULL) + return (ISC_R_NOMEMORY); + rdatalist->rdclass = lookup->sdlz->common.rdclass; + rdatalist->type = typeval; + rdatalist->covers = 0; + rdatalist->ttl = ttl; + ISC_LIST_INIT(rdatalist->rdata); + ISC_LINK_INIT(rdatalist, link); + ISC_LIST_APPEND(lookup->lists, rdatalist, link); + } else + if (rdatalist->ttl != ttl) + return (DNS_R_BADTTL); + + rdata = isc_mem_get(mctx, sizeof(dns_rdata_t)); + if (rdata == NULL) + return (ISC_R_NOMEMORY); + dns_rdata_init(rdata); + + if ((lookup->sdlz->dlzimp->flags & DNS_SDLZFLAG_RELATIVERDATA) != 0) + origin = &lookup->sdlz->common.origin; + else + origin = dns_rootname; + + lex = NULL; + result = isc_lex_create(mctx, 64, &lex); + if (result != ISC_R_SUCCESS) + goto failure; + + size = initial_size(data); + do { + isc_buffer_init(&b, data, strlen(data)); + isc_buffer_add(&b, strlen(data)); + + result = isc_lex_openbuffer(lex, &b); + if (result != ISC_R_SUCCESS) + goto failure; + + rdatabuf = NULL; + result = isc_buffer_allocate(mctx, &rdatabuf, size); + if (result != ISC_R_SUCCESS) + goto failure; + + result = dns_rdata_fromtext(rdata, rdatalist->rdclass, + rdatalist->type, lex, + origin, ISC_FALSE, + mctx, rdatabuf, + &lookup->callbacks); + if (result != ISC_R_SUCCESS) + isc_buffer_free(&rdatabuf); + size *= 2; + } while (result == ISC_R_NOSPACE); + + if (result != ISC_R_SUCCESS) + goto failure; + + ISC_LIST_APPEND(rdatalist->rdata, rdata, link); + ISC_LIST_APPEND(lookup->buffers, rdatabuf, link); + + if (lex != NULL) + isc_lex_destroy(&lex); + + return (ISC_R_SUCCESS); + + failure: + if (rdatabuf != NULL) + isc_buffer_free(&rdatabuf); + if (lex != NULL) + isc_lex_destroy(&lex); + isc_mem_put(mctx, rdata, sizeof(dns_rdata_t)); + + return (result); +} + +isc_result_t +dns_sdlz_putnamedrr(dns_sdlzallnodes_t *allnodes, const char *name, + const char *type, dns_ttl_t ttl, const char *data) +{ + dns_name_t *newname, *origin; + dns_fixedname_t fnewname; + dns_sdlz_db_t *sdlz = (dns_sdlz_db_t *)allnodes->common.db; + dns_sdlznode_t *sdlznode; + isc_mem_t *mctx = sdlz->common.mctx; + isc_buffer_t b; + isc_result_t result; + + dns_fixedname_init(&fnewname); + newname = dns_fixedname_name(&fnewname); + + if ((sdlz->dlzimp->flags & DNS_SDLZFLAG_RELATIVERDATA) != 0) + origin = &sdlz->common.origin; + else + origin = dns_rootname; + isc_buffer_init(&b, name, strlen(name)); + isc_buffer_add(&b, strlen(name)); + + result = dns_name_fromtext(newname, &b, origin, ISC_FALSE, NULL); + if (result != ISC_R_SUCCESS) + return (result); + + if (allnodes->common.relative_names) { + /* All names are relative to the root */ + unsigned int nlabels = dns_name_countlabels(newname); + dns_name_getlabelsequence(newname, 0, nlabels - 1, newname); + } + + sdlznode = ISC_LIST_HEAD(allnodes->nodelist); + if (sdlznode == NULL || !dns_name_equal(sdlznode->name, newname)) { + sdlznode = NULL; + result = createnode(sdlz, &sdlznode); + if (result != ISC_R_SUCCESS) + return (result); + sdlznode->name = isc_mem_get(mctx, sizeof(dns_name_t)); + if (sdlznode->name == NULL) { + destroynode(sdlznode); + return (ISC_R_NOMEMORY); + } + dns_name_init(sdlznode->name, NULL); + result = dns_name_dup(newname, mctx, sdlznode->name); + if (result != ISC_R_SUCCESS) { + isc_mem_put(mctx, sdlznode->name, sizeof(dns_name_t)); + destroynode(sdlznode); + return (result); + } + ISC_LIST_PREPEND(allnodes->nodelist, sdlznode, link); + if (allnodes->origin == NULL && + dns_name_equal(newname, &sdlz->common.origin)) + allnodes->origin = sdlznode; + } + return (dns_sdlz_putrr(sdlznode, type, ttl, data)); + +} + +isc_result_t +dns_sdlz_putsoa(dns_sdlzlookup_t *lookup, const char *mname, const char *rname, + isc_uint32_t serial) +{ + char str[2 * DNS_NAME_MAXTEXT + 5 * (sizeof("2147483647")) + 7]; + int n; + + REQUIRE(mname != NULL); + REQUIRE(rname != NULL); + + n = snprintf(str, sizeof str, "%s %s %u %u %u %u %u", + mname, rname, serial, + SDLZ_DEFAULT_REFRESH, SDLZ_DEFAULT_RETRY, + SDLZ_DEFAULT_EXPIRE, SDLZ_DEFAULT_MINIMUM); + if (n >= (int)sizeof(str) || n < 0) + return (ISC_R_NOSPACE); + return (dns_sdlz_putrr(lookup, "SOA", SDLZ_DEFAULT_TTL, str)); +} + +isc_result_t +dns_sdlzregister(const char *drivername, const dns_sdlzmethods_t *methods, + void *driverarg, unsigned int flags, isc_mem_t *mctx, + dns_sdlzimplementation_t **sdlzimp) +{ + + dns_sdlzimplementation_t *imp; + isc_result_t result; + + /* + * Performs checks to make sure data is as we expect it to be. + */ + REQUIRE(drivername != NULL); + REQUIRE(methods != NULL); + REQUIRE(methods->findzone != NULL); + REQUIRE(methods->lookup != NULL); + REQUIRE(mctx != NULL); + REQUIRE(sdlzimp != NULL && *sdlzimp == NULL); + REQUIRE((flags & ~(DNS_SDLZFLAG_RELATIVEOWNER | + DNS_SDLZFLAG_RELATIVERDATA | + DNS_SDLZFLAG_THREADSAFE)) == 0); + + /* Write debugging message to log */ + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_DLZ, ISC_LOG_DEBUG(2), + "Registering SDLZ driver '%s'", drivername); + + /* + * Allocate memory for a sdlz_implementation object. Error if + * we cannot. + */ + imp = isc_mem_get(mctx, sizeof(dns_sdlzimplementation_t)); + if (imp == NULL) + return (ISC_R_NOMEMORY); + + /* Make sure memory region is set to all 0's */ + memset(imp, 0, sizeof(dns_sdlzimplementation_t)); + + /* Store the data passed into this method */ + imp->methods = methods; + imp->driverarg = driverarg; + imp->flags = flags; + imp->mctx = NULL; + + /* attach the new sdlz_implementation object to a memory context */ + isc_mem_attach(mctx, &imp->mctx); + + /* + * initialize the driver lock, error if we cannot + * (used if a driver does not support multiple threads) + */ + result = isc_mutex_init(&imp->driverlock); + if (result != ISC_R_SUCCESS) { + UNEXPECTED_ERROR(__FILE__, __LINE__, + "isc_mutex_init() failed: %s", + isc_result_totext(result)); + goto cleanup_mctx; + } + + imp->dlz_imp = NULL; + + /* + * register the DLZ driver. Pass in our "extra" sdlz information as + * a driverarg. (that's why we stored the passed in driver arg in our + * sdlz_implementation structure) Also, store the dlz_implementation + * structure in our sdlz_implementation. + */ + result = dns_dlzregister(drivername, &sdlzmethods, imp, mctx, + &imp->dlz_imp); + + /* if registration fails, cleanup and get outta here. */ + if (result != ISC_R_SUCCESS) + goto cleanup_mutex; + + *sdlzimp = imp; + + return (ISC_R_SUCCESS); + + cleanup_mutex: + /* destroy the driver lock, we don't need it anymore */ + DESTROYLOCK(&imp->driverlock); + + cleanup_mctx: + /* + * return the memory back to the available memory pool and + * remove it from the memory context. + */ + isc_mem_put(mctx, imp, sizeof(dns_sdlzimplementation_t)); + isc_mem_detach(&mctx); + return (result); +} + +void +dns_sdlzunregister(dns_sdlzimplementation_t **sdlzimp) { + dns_sdlzimplementation_t *imp; + isc_mem_t *mctx; + + /* Write debugging message to log */ + isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, + DNS_LOGMODULE_DLZ, ISC_LOG_DEBUG(2), + "Unregistering SDLZ driver."); + + /* + * Performs checks to make sure data is as we expect it to be. + */ + REQUIRE(sdlzimp != NULL && *sdlzimp != NULL); + + imp = *sdlzimp; + + /* Unregister the DLZ driver implementation */ + dns_dlzunregister(&imp->dlz_imp); + + /* destroy the driver lock, we don't need it anymore */ + DESTROYLOCK(&imp->driverlock); + + mctx = imp->mctx; + + /* + * return the memory back to the available memory pool and + * remove it from the memory context. + */ + isc_mem_put(mctx, imp, sizeof(dns_sdlzimplementation_t)); + isc_mem_detach(&mctx); + + *sdlzimp = NULL; +} diff --git a/usr.sbin/bind/lib/dns/soa.c b/usr.sbin/bind/lib/dns/soa.c index 04d5dfae5a8..43c2e22f65a 100644 --- a/usr.sbin/bind/lib/dns/soa.c +++ b/usr.sbin/bind/lib/dns/soa.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: soa.c,v 1.3.206.1 2004/03/06 08:13:45 marka Exp $ */ +/* $ISC: soa.c,v 1.4.18.2 2005/04/29 00:16:05 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/dns/ssu.c b/usr.sbin/bind/lib/dns/ssu.c index 63594075eb5..df8c47cf7e0 100644 --- a/usr.sbin/bind/lib/dns/ssu.c +++ b/usr.sbin/bind/lib/dns/ssu.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,8 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/*! \file */ /* - * $ISC: ssu.c,v 1.22.206.3 2004/03/08 09:04:32 marka Exp $ + * $ISC: ssu.c,v 1.24.18.4 2006/02/16 23:51:32 marka Exp $ * Principal Author: Brian Wellington */ @@ -24,9 +25,11 @@ #include <isc/magic.h> #include <isc/mem.h> +#include <isc/result.h> #include <isc/string.h> /* Required for HP/UX (and others?) */ #include <isc/util.h> +#include <dns/fixedname.h> #include <dns/name.h> #include <dns/ssu.h> @@ -38,13 +41,13 @@ struct dns_ssurule { unsigned int magic; - isc_boolean_t grant; /* is this a grant or a deny? */ - unsigned int matchtype; /* which type of pattern match? */ - dns_name_t *identity; /* the identity to match */ - dns_name_t *name; /* the name being updated */ - unsigned int ntypes; /* number of data types covered */ - dns_rdatatype_t *types; /* the data types. Can include ANY, */ - /* defaults to all but SIG,SOA,NS if NULL*/ + isc_boolean_t grant; /*%< is this a grant or a deny? */ + unsigned int matchtype; /*%< which type of pattern match? */ + dns_name_t *identity; /*%< the identity to match */ + dns_name_t *name; /*%< the name being updated */ + unsigned int ntypes; /*%< number of data types covered */ + dns_rdatatype_t *types; /*%< the data types. Can include ANY, */ + /*%< defaults to all but SIG,SOA,NS if NULL */ ISC_LINK(dns_ssurule_t) link; }; @@ -160,7 +163,7 @@ dns_ssutable_addrule(dns_ssutable_t *table, isc_boolean_t grant, REQUIRE(VALID_SSUTABLE(table)); REQUIRE(dns_name_isabsolute(identity)); REQUIRE(dns_name_isabsolute(name)); - REQUIRE(matchtype <= DNS_SSUMATCHTYPE_SELF); + REQUIRE(matchtype <= DNS_SSUMATCHTYPE_MAX); if (matchtype == DNS_SSUMATCHTYPE_WILDCARD) REQUIRE(dns_name_iswildcard(name)); if (ntypes > 0) @@ -208,8 +211,7 @@ dns_ssutable_addrule(dns_ssutable_t *table, isc_boolean_t grant, goto failure; } memcpy(rule->types, types, ntypes * sizeof(dns_rdatatype_t)); - } - else + } else rule->types = NULL; rule->magic = SSURULEMAGIC; @@ -249,6 +251,9 @@ dns_ssutable_checkrules(dns_ssutable_t *table, dns_name_t *signer, { dns_ssurule_t *rule; unsigned int i; + dns_fixedname_t fixed; + dns_name_t *wildcard; + isc_result_t result; REQUIRE(VALID_SSUTABLE(table)); REQUIRE(signer == NULL || dns_name_isabsolute(signer)); @@ -265,35 +270,39 @@ dns_ssutable_checkrules(dns_ssutable_t *table, dns_name_t *signer, if (dns_name_iswildcard(rule->identity)) { if (!dns_name_matcheswildcard(signer, rule->identity)) continue; - } - else { - if (!dns_name_equal(signer, rule->identity)) + } else if (!dns_name_equal(signer, rule->identity)) continue; - } if (rule->matchtype == DNS_SSUMATCHTYPE_NAME) { if (!dns_name_equal(name, rule->name)) continue; - } - else if (rule->matchtype == DNS_SSUMATCHTYPE_SUBDOMAIN) { + } else if (rule->matchtype == DNS_SSUMATCHTYPE_SUBDOMAIN) { if (!dns_name_issubdomain(name, rule->name)) continue; - } - else if (rule->matchtype == DNS_SSUMATCHTYPE_WILDCARD) { + } else if (rule->matchtype == DNS_SSUMATCHTYPE_WILDCARD) { if (!dns_name_matcheswildcard(name, rule->name)) continue; - - } - else if (rule->matchtype == DNS_SSUMATCHTYPE_SELF) { + } else if (rule->matchtype == DNS_SSUMATCHTYPE_SELF) { if (!dns_name_equal(signer, name)) continue; + } else if (rule->matchtype == DNS_SSUMATCHTYPE_SELFSUB) { + if (!dns_name_issubdomain(name, signer)) + continue; + } else if (rule->matchtype == DNS_SSUMATCHTYPE_SELFWILD) { + dns_fixedname_init(&fixed); + wildcard = dns_fixedname_name(&fixed); + result = dns_name_concatenate(dns_wildcardname, signer, + wildcard, NULL); + if (result != ISC_R_SUCCESS) + continue; + if (!dns_name_matcheswildcard(name, wildcard)) + continue; } if (rule->ntypes == 0) { if (!isusertype(type)) continue; - } - else { + } else { for (i = 0; i < rule->ntypes; i++) { if (rule->types[i] == dns_rdatatype_any || rule->types[i] == type) diff --git a/usr.sbin/bind/lib/dns/stats.c b/usr.sbin/bind/lib/dns/stats.c index 6635661c8f5..c74b4ec42b3 100644 --- a/usr.sbin/bind/lib/dns/stats.c +++ b/usr.sbin/bind/lib/dns/stats.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: stats.c,v 1.5.206.1 2004/03/06 08:13:46 marka Exp $ */ +/* $ISC: stats.c,v 1.6.18.4 2005/06/27 00:20:02 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -30,7 +32,9 @@ LIBDNS_EXTERNAL_DATA const char *dns_statscounter_names[DNS_STATS_NCOUNTERS] = "nxrrset", "nxdomain", "recursion", - "failure" + "failure", + "duplicate", + "dropped" }; isc_result_t diff --git a/usr.sbin/bind/lib/dns/tcpmsg.c b/usr.sbin/bind/lib/dns/tcpmsg.c index c5d2d2ed39f..a6ba555aa59 100644 --- a/usr.sbin/bind/lib/dns/tcpmsg.c +++ b/usr.sbin/bind/lib/dns/tcpmsg.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: tcpmsg.c,v 1.24.206.3 2006/08/10 23:59:28 marka Exp $ */ +/* $ISC: tcpmsg.c,v 1.25.18.4 2006/08/10 23:59:29 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/dns/timer.c b/usr.sbin/bind/lib/dns/timer.c index 6bad0f8050c..f22dfd2d338 100644 --- a/usr.sbin/bind/lib/dns/timer.c +++ b/usr.sbin/bind/lib/dns/timer.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: timer.c,v 1.2.206.1 2004/03/06 08:13:46 marka Exp $ */ +/* $ISC: timer.c,v 1.3.18.2 2005/04/29 00:16:06 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/dns/tkey.c b/usr.sbin/bind/lib/dns/tkey.c index e82ebe164b0..5eebcc3b30d 100644 --- a/usr.sbin/bind/lib/dns/tkey.c +++ b/usr.sbin/bind/lib/dns/tkey.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -16,9 +16,9 @@ */ /* - * $ISC: tkey.c,v 1.71.2.1.10.9 2006/01/04 23:50:20 marka Exp $ + * $ISC: tkey.c,v 1.76.18.5 2005/11/30 03:44:39 marka Exp $ */ - +/*! \file */ #include <config.h> #include <isc/buffer.h> diff --git a/usr.sbin/bind/lib/dns/version.c b/usr.sbin/bind/lib/dns/version.c index ae93aab19cb..896c4a11a8f 100644 --- a/usr.sbin/bind/lib/dns/version.c +++ b/usr.sbin/bind/lib/dns/version.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: version.c,v 1.9.12.3 2004/03/08 09:04:33 marka Exp $ */ +/* $ISC: version.c,v 1.11.18.2 2005/04/29 00:16:07 marka Exp $ */ + +/*! \file */ #include <dns/version.h> diff --git a/usr.sbin/bind/lib/dns/zonekey.c b/usr.sbin/bind/lib/dns/zonekey.c index 0a398bbb787..16bb8431a31 100644 --- a/usr.sbin/bind/lib/dns/zonekey.c +++ b/usr.sbin/bind/lib/dns/zonekey.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: zonekey.c,v 1.3.206.3 2004/03/08 09:04:33 marka Exp $ */ +/* $ISC: zonekey.c,v 1.5.18.2 2005/04/29 00:16:08 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/dns/zt.c b/usr.sbin/bind/lib/dns/zt.c index 2c3bb860fba..c75787d0eba 100644 --- a/usr.sbin/bind/lib/dns/zt.c +++ b/usr.sbin/bind/lib/dns/zt.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,16 +15,24 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: zt.c,v 1.33.12.6 2004/03/08 21:06:28 marka Exp $ */ +/* $ISC: zt.c,v 1.38.18.5 2005/11/30 03:44:39 marka Exp $ */ + +/*! \file */ #include <config.h> +#include <isc/file.h> #include <isc/magic.h> #include <isc/mem.h> +#include <isc/string.h> #include <isc/util.h> +#include <dns/log.h> +#include <dns/name.h> #include <dns/rbt.h> +#include <dns/rdataclass.h> #include <dns/result.h> +#include <dns/view.h> #include <dns/zone.h> #include <dns/zt.h> @@ -51,6 +59,9 @@ load(dns_zone_t *zone, void *uap); static isc_result_t loadnew(dns_zone_t *zone, void *uap); +static isc_result_t +freezezones(dns_zone_t *zone, void *uap); + isc_result_t dns_zt_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, dns_zt_t **ztp) { dns_zt_t *zt; @@ -68,13 +79,8 @@ dns_zt_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, dns_zt_t **ztp) { goto cleanup_zt; result = isc_rwlock_init(&zt->rwlock, 0, 0); - if (result != ISC_R_SUCCESS) { - UNEXPECTED_ERROR(__FILE__, __LINE__, - "isc_rwlock_init() failed: %s", - isc_result_totext(result)); - result = ISC_R_UNEXPECTED; + if (result != ISC_R_SUCCESS) goto cleanup_rbt; - } zt->mctx = mctx; zt->references = 1; @@ -266,12 +272,90 @@ loadnew(dns_zone_t *zone, void *uap) { } isc_result_t +dns_zt_freezezones(dns_zt_t *zt, isc_boolean_t freeze) { + isc_result_t result, tresult; + + REQUIRE(VALID_ZT(zt)); + + RWLOCK(&zt->rwlock, isc_rwlocktype_read); + result = dns_zt_apply2(zt, ISC_FALSE, &tresult, freezezones, &freeze); + RWUNLOCK(&zt->rwlock, isc_rwlocktype_read); + return ((result == ISC_R_SUCCESS) ? tresult : result); +} + +static isc_result_t +freezezones(dns_zone_t *zone, void *uap) { + isc_boolean_t freeze = *(isc_boolean_t *)uap; + isc_boolean_t frozen; + isc_result_t result = ISC_R_SUCCESS; + char classstr[DNS_RDATACLASS_FORMATSIZE]; + char zonename[DNS_NAME_FORMATSIZE]; + dns_view_t *view; + char *journal; + const char *vname; + const char *sep; + int level; + + if (dns_zone_gettype(zone) != dns_zone_master) + return (ISC_R_SUCCESS); + + frozen = dns_zone_getupdatedisabled(zone); + if (freeze) { + if (frozen) + result = DNS_R_FROZEN; + if (result == ISC_R_SUCCESS) + result = dns_zone_flush(zone); + if (result == ISC_R_SUCCESS) { + journal = dns_zone_getjournal(zone); + if (journal != NULL) + (void)isc_file_remove(journal); + } + } else { + if (frozen) { + result = dns_zone_load(zone); + if (result == DNS_R_CONTINUE || + result == DNS_R_UPTODATE) + result = ISC_R_SUCCESS; + } + } + if (result == ISC_R_SUCCESS) + dns_zone_setupdatedisabled(zone, freeze); + view = dns_zone_getview(zone); + if (strcmp(view->name, "_bind") == 0 || + strcmp(view->name, "_default") == 0) + { + vname = ""; + sep = ""; + } else { + vname = view->name; + sep = " "; + } + dns_rdataclass_format(dns_zone_getclass(zone), classstr, + sizeof(classstr)); + dns_name_format(dns_zone_getorigin(zone), zonename, sizeof(zonename)); + level = (result != ISC_R_SUCCESS) ? ISC_LOG_ERROR : ISC_LOG_DEBUG(1); + isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_ZONE, + level, "%s zone '%s/%s'%s%s: %s", + freeze ? "freezing" : "thawing", + zonename, classstr, sep, vname, + isc_result_totext(result)); + return (result); +} + +isc_result_t dns_zt_apply(dns_zt_t *zt, isc_boolean_t stop, isc_result_t (*action)(dns_zone_t *, void *), void *uap) { + return (dns_zt_apply2(zt, stop, NULL, action, uap)); +} + +isc_result_t +dns_zt_apply2(dns_zt_t *zt, isc_boolean_t stop, isc_result_t *sub, + isc_result_t (*action)(dns_zone_t *, void *), void *uap) +{ dns_rbtnode_t *node; dns_rbtnodechain_t chain; - isc_result_t result; + isc_result_t result, tresult = ISC_R_SUCCESS; dns_zone_t *zone; REQUIRE(VALID_ZT(zt)); @@ -292,8 +376,12 @@ dns_zt_apply(dns_zt_t *zt, isc_boolean_t stop, zone = node->data; if (zone != NULL) result = (action)(zone, uap); - if (result != ISC_R_SUCCESS && stop) + if (result != ISC_R_SUCCESS && stop) { + tresult = result; goto cleanup; /* don't break */ + } else if (result != ISC_R_SUCCESS && + tresult == ISC_R_SUCCESS) + tresult = result; } result = dns_rbtnodechain_next(&chain, NULL, NULL); } @@ -302,6 +390,8 @@ dns_zt_apply(dns_zt_t *zt, isc_boolean_t stop, cleanup: dns_rbtnodechain_invalidate(&chain); + if (sub != NULL) + *sub = tresult; return (result); } diff --git a/usr.sbin/bind/lib/isc/alpha/Makefile.in b/usr.sbin/bind/lib/isc/alpha/Makefile.in new file mode 100644 index 00000000000..19a13a8cc02 --- /dev/null +++ b/usr.sbin/bind/lib/isc/alpha/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = include +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/alpha/include/Makefile.in b/usr.sbin/bind/lib/isc/alpha/include/Makefile.in new file mode 100644 index 00000000000..26103230cdc --- /dev/null +++ b/usr.sbin/bind/lib/isc/alpha/include/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = isc +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/alpha/include/isc/Makefile.in b/usr.sbin/bind/lib/isc/alpha/include/isc/Makefile.in new file mode 100644 index 00000000000..b571c74337e --- /dev/null +++ b/usr.sbin/bind/lib/isc/alpha/include/isc/Makefile.in @@ -0,0 +1,36 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +@BIND9_VERSION@ + +HEADERS = atomic.h + +SUBDIRS = +TARGETS = + +@BIND9_MAKE_RULES@ + +installdirs: + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${includedir}/isc + +install:: installdirs + for i in ${HEADERS}; do \ + ${INSTALL_DATA} $(srcdir)/$$i ${DESTDIR}${includedir}/isc ; \ + done diff --git a/usr.sbin/bind/lib/isc/alpha/include/isc/atomic.h b/usr.sbin/bind/lib/isc/alpha/include/isc/atomic.h new file mode 100644 index 00000000000..757b0cfc627 --- /dev/null +++ b/usr.sbin/bind/lib/isc/alpha/include/isc/atomic.h @@ -0,0 +1,170 @@ +/* + * Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: atomic.h,v 1.2.2.2 2005/06/16 22:01:01 jinmei Exp $ */ + +/* + * This code was written based on FreeBSD's kernel source whose copyright + * follows: + */ + +/*- + * Copyright (c) 1998 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD: src/sys/alpha/include/atomic.h,v 1.18.6.1 2004/09/13 21:52:04 wilko Exp $ + */ + +#ifndef ISC_ATOMIC_H +#define ISC_ATOMIC_H 1 + +#include <isc/platform.h> +#include <isc/types.h> + +#ifdef ISC_PLATFORM_USEOSFASM +#include <c_asm.h> + +#pragma intrinsic(asm) + +/* + * This routine atomically increments the value stored in 'p' by 'val', and + * returns the previous value. + */ +static inline isc_int32_t +isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) { + return (asm("1:" + "ldl_l %t0, 0(%a0);" /* load old value */ + "mov %t0, %v0;" /* copy the old value */ + "addl %t0, %a1, %t0;" /* calculate new value */ + "stl_c %t0, 0(%a0);" /* attempt to store */ + "beq %t0, 1b;", /* spin if failed */ + p, val)); +} + +/* + * This routine atomically stores the value 'val' in 'p'. + */ +static inline void +isc_atomic_store(isc_int32_t *p, isc_int32_t val) { + (void)asm("1:" + "ldl_l %t0, 0(%a0);" /* load old value */ + "mov %a1, %t0;" /* value to store */ + "stl_c %t0, 0(%a0);" /* attempt to store */ + "beq %t0, 1b;", /* spin if failed */ + p, val); +} + +/* + * This routine atomically replaces the value in 'p' with 'val', if the + * original value is equal to 'cmpval'. The original value is returned in any + * case. + */ +static inline isc_int32_t +isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val) { + + return(asm("1:" + "ldl_l %t0, 0(%a0);" /* load old value */ + "mov %t0, %v0;" /* copy the old value */ + "cmpeq %t0, %a1, %t0;" /* compare */ + "beq %t0, 2f;" /* exit if not equal */ + "mov %a2, %t0;" /* value to store */ + "stl_c %t0, 0(%a0);" /* attempt to store */ + "beq %t0, 1b;" /* if it failed, spin */ + "2:", + p, cmpval, val)); +} +#elif defined (ISC_PLATFORM_USEGCCASM) +static inline isc_int32_t +isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) { + isc_int32_t temp, prev; + + __asm__ volatile( + "1:" + "ldl_l %0, %1;" /* load old value */ + "mov %0, %2;" /* copy the old value */ + "addl %0, %3, %0;" /* calculate new value */ + "stl_c %0, %1;" /* attempt to store */ + "beq %0, 1b;" /* spin if failed */ + : "=&r"(temp), "+m"(*p), "=r"(prev) + : "r"(val) + : "memory"); + + return (prev); +} + +static inline void +isc_atomic_store(isc_int32_t *p, isc_int32_t val) { + isc_int32_t temp; + + __asm__ volatile( + "1:" + "ldl_l %0, %1;" /* load old value */ + "mov %2, %0;" /* value to store */ + "stl_c %0, %1;" /* attempt to store */ + "beq %0, 1b;" /* if it failed, spin */ + : "=&r"(temp), "+m"(*p) + : "r"(val) + : "memory"); +} + +static inline isc_int32_t +isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val) { + isc_int32_t temp, prev; + + __asm__ volatile( + "1:" + "ldl_l %0, %1;" /* load old value */ + "mov %0, %2;" /* copy the old value */ + "cmpeq %0, %3, %0;" /* compare */ + "beq %0, 2f;" /* exit if not equal */ + "mov %4, %0;" /* value to store */ + "stl_c %0, %1;" /* attempt to store */ + "beq %0, 1b;" /* if it failed, spin */ + "2:" + : "=&r"(temp), "+m"(*p), "=r"(prev) + : "r"(cmpval), "r"(val) + : "memory"); + + return (prev); +} +#else + +#error "unsupported compiler. disable atomic ops by --disable-atomic" + +#endif + +#endif /* ISC_ATOMIC_H */ diff --git a/usr.sbin/bind/lib/isc/assertions.c b/usr.sbin/bind/lib/isc/assertions.c index 8284bed31f7..b2d280f6e1e 100644 --- a/usr.sbin/bind/lib/isc/assertions.c +++ b/usr.sbin/bind/lib/isc/assertions.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1997-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: assertions.c,v 1.16.206.1 2004/03/06 08:14:27 marka Exp $ */ +/* $ISC: assertions.c,v 1.17.18.2 2005/04/29 00:16:44 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -25,20 +27,20 @@ #include <isc/assertions.h> #include <isc/msgs.h> -/* +/*% * Forward. */ - static void default_callback(const char *, int, isc_assertiontype_t, const char *); -/* +/*% * Public. */ LIBISC_EXTERNAL_DATA isc_assertioncallback_t isc_assertion_failed = default_callback; +/*% Set callback. */ void isc_assertion_setcallback(isc_assertioncallback_t cb) { if (cb == NULL) @@ -47,6 +49,7 @@ isc_assertion_setcallback(isc_assertioncallback_t cb) { isc_assertion_failed = cb; } +/*% Type to Text */ const char * isc_assertion_typetotext(isc_assertiontype_t type) { const char *result; diff --git a/usr.sbin/bind/lib/isc/bitstring.c b/usr.sbin/bind/lib/isc/bitstring.c index 9347a8a5700..664ef8645d7 100644 --- a/usr.sbin/bind/lib/isc/bitstring.c +++ b/usr.sbin/bind/lib/isc/bitstring.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: bitstring.c,v 1.12.206.1 2004/03/06 08:14:27 marka Exp $ */ +/* $ISC: bitstring.c,v 1.13.18.2 2005/04/29 00:16:44 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/buffer.c b/usr.sbin/bind/lib/isc/buffer.c index 492130a2905..d97795ada78 100644 --- a/usr.sbin/bind/lib/isc/buffer.c +++ b/usr.sbin/bind/lib/isc/buffer.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: buffer.c,v 1.36.12.2 2004/03/08 09:04:48 marka Exp $ */ +/* $ISC: buffer.c,v 1.40.18.2 2005/04/29 00:16:44 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/bufferlist.c b/usr.sbin/bind/lib/isc/bufferlist.c index efffc56bcd4..ea65b855855 100644 --- a/usr.sbin/bind/lib/isc/bufferlist.c +++ b/usr.sbin/bind/lib/isc/bufferlist.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: bufferlist.c,v 1.12.206.1 2004/03/06 08:14:28 marka Exp $ */ +/* $ISC: bufferlist.c,v 1.13.18.2 2005/04/29 00:16:45 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/error.c b/usr.sbin/bind/lib/isc/error.c index e14998f956a..2a3012f3604 100644 --- a/usr.sbin/bind/lib/isc/error.c +++ b/usr.sbin/bind/lib/isc/error.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: error.c,v 1.16.206.1 2004/03/06 08:14:28 marka Exp $ */ +/* $ISC: error.c,v 1.17.18.2 2005/04/29 00:16:45 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -25,14 +27,17 @@ #include <isc/error.h> #include <isc/msgs.h> +/*% Default unexpected callback. */ static void default_unexpected_callback(const char *, int, const char *, va_list) ISC_FORMAT_PRINTF(3, 0); +/*% Default fatal callback. */ static void default_fatal_callback(const char *, int, const char *, va_list) ISC_FORMAT_PRINTF(3, 0); +/*% unexpected_callback */ static isc_errorcallback_t unexpected_callback = default_unexpected_callback; static isc_errorcallback_t fatal_callback = default_fatal_callback; diff --git a/usr.sbin/bind/lib/isc/event.c b/usr.sbin/bind/lib/isc/event.c index 09c054b583d..bb6b2140c66 100644 --- a/usr.sbin/bind/lib/isc/event.c +++ b/usr.sbin/bind/lib/isc/event.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: event.c,v 1.15.12.3 2004/03/08 09:04:48 marka Exp $ */ +/* $ISC: event.c,v 1.17.18.2 2005/04/29 00:16:45 marka Exp $ */ -/* - * Principal Author: Bob Halley +/*! + * \file + * \author Principal Author: Bob Halley */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/fsaccess.c b/usr.sbin/bind/lib/isc/fsaccess.c index 8cec4c85424..2a638b4a55e 100644 --- a/usr.sbin/bind/lib/isc/fsaccess.c +++ b/usr.sbin/bind/lib/isc/fsaccess.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,16 +15,17 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: fsaccess.c,v 1.5.206.1 2004/03/06 08:14:29 marka Exp $ */ +/* $ISC: fsaccess.c,v 1.6.18.2 2005/04/29 00:16:45 marka Exp $ */ -/* +/*! \file + * \brief * This file contains the OS-independent functionality of the API. */ #include <isc/fsaccess.h> #include <isc/result.h> #include <isc/util.h> -/* +/*! * Shorthand. Maybe ISC__FSACCESS_PERMISSIONBITS should not even be in * <isc/fsaccess.h>. Could check consistency with sizeof(isc_fsaccess_t) * and the number of bits in each function. diff --git a/usr.sbin/bind/lib/isc/heap.c b/usr.sbin/bind/lib/isc/heap.c index a605df3d423..836f581c247 100644 --- a/usr.sbin/bind/lib/isc/heap.c +++ b/usr.sbin/bind/lib/isc/heap.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: heap.c,v 1.28.12.4 2006/04/17 18:27:20 explorer Exp $ */ +/* $ISC: heap.c,v 1.30.18.3 2006/04/17 18:27:33 explorer Exp $ */ /*! \file * Heap implementation of priority queues adapted from the following: diff --git a/usr.sbin/bind/lib/isc/hex.c b/usr.sbin/bind/lib/isc/hex.c index 2acdbd63b1b..44f4090a618 100644 --- a/usr.sbin/bind/lib/isc/hex.c +++ b/usr.sbin/bind/lib/isc/hex.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: hex.c,v 1.8.2.2.8.3 2004/03/06 08:14:30 marka Exp $ */ +/* $ISC: hex.c,v 1.14.18.2 2005/04/29 00:16:46 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -73,13 +75,13 @@ isc_hex_totext(isc_region_t *source, int wordlength, return (ISC_R_SUCCESS); } -/* +/*% * State of a hex decoding process in progress. */ typedef struct { - int length; /* Desired length of binary data or -1 */ - isc_buffer_t *target; /* Buffer for resulting binary data */ - int digits; /* Number of buffered hex digits */ + int length; /*%< Desired length of binary data or -1 */ + isc_buffer_t *target; /*%< Buffer for resulting binary data */ + int digits; /*%< Number of buffered hex digits */ int val[2]; } hex_decode_ctx_t; diff --git a/usr.sbin/bind/lib/isc/hmacmd5.c b/usr.sbin/bind/lib/isc/hmacmd5.c index 08b42a07de1..40f5d5fbf2b 100644 --- a/usr.sbin/bind/lib/isc/hmacmd5.c +++ b/usr.sbin/bind/lib/isc/hmacmd5.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: hmacmd5.c,v 1.5.12.5 2006/02/26 23:49:48 marka Exp $ */ +/* $ISC: hmacmd5.c,v 1.7.18.5 2006/02/26 22:30:56 marka Exp $ */ -/* +/*! \file * This code implements the HMAC-MD5 keyed hash algorithm - * described in RFC 2104. + * described in RFC2104. */ #include "config.h" @@ -35,7 +35,7 @@ #define IPAD 0x36 #define OPAD 0x5C -/* +/*! * Start HMAC-MD5 process. Initialize an md5 context and digest the key. */ void @@ -67,7 +67,7 @@ isc_hmacmd5_invalidate(isc_hmacmd5_t *ctx) { memset(ctx->key, 0, sizeof(ctx->key)); } -/* +/*! * Update context to reflect the concatenation of another buffer full * of bytes. */ @@ -78,7 +78,7 @@ isc_hmacmd5_update(isc_hmacmd5_t *ctx, const unsigned char *buf, isc_md5_update(&ctx->md5ctx, buf, len); } -/* +/*! * Compute signature - finalize MD5 operation and reapply MD5. */ void @@ -99,14 +99,20 @@ isc_hmacmd5_sign(isc_hmacmd5_t *ctx, unsigned char *digest) { isc_hmacmd5_invalidate(ctx); } -/* +/*! * Verify signature - finalize MD5 operation and reapply MD5, then * compare to the supplied digest. */ isc_boolean_t isc_hmacmd5_verify(isc_hmacmd5_t *ctx, unsigned char *digest) { + return (isc_hmacmd5_verify2(ctx, digest, ISC_MD5_DIGESTLENGTH)); +} + +isc_boolean_t +isc_hmacmd5_verify2(isc_hmacmd5_t *ctx, unsigned char *digest, size_t len) { unsigned char newdigest[ISC_MD5_DIGESTLENGTH]; + REQUIRE(len <= ISC_MD5_DIGESTLENGTH); isc_hmacmd5_sign(ctx, newdigest); - return (ISC_TF(memcmp(digest, newdigest, ISC_MD5_DIGESTLENGTH) == 0)); + return (ISC_TF(memcmp(digest, newdigest, len) == 0)); } diff --git a/usr.sbin/bind/lib/isc/hmacsha.c b/usr.sbin/bind/lib/isc/hmacsha.c new file mode 100644 index 00000000000..d6ac59ef6bd --- /dev/null +++ b/usr.sbin/bind/lib/isc/hmacsha.c @@ -0,0 +1,438 @@ +/* + * Copyright (C) 2005-2007 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: hmacsha.c,v 1.2.2.7 2007/08/28 07:20:06 tbox Exp $ */ + +/* + * This code implements the HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384 + * and HMAC-SHA512 keyed hash algorithm described in RFC 2104 and + * draft-ietf-dnsext-tsig-sha-01.txt. + */ + +#include "config.h" + +#include <isc/assertions.h> +#include <isc/hmacsha.h> +#include <isc/sha1.h> +#include <isc/sha2.h> +#include <isc/string.h> +#include <isc/types.h> +#include <isc/util.h> + +#define IPAD 0x36 +#define OPAD 0x5C + +/* + * Start HMAC-SHA1 process. Initialize an sha1 context and digest the key. + */ +void +isc_hmacsha1_init(isc_hmacsha1_t *ctx, const unsigned char *key, + unsigned int len) +{ + unsigned char ipad[ISC_SHA1_BLOCK_LENGTH]; + unsigned int i; + + memset(ctx->key, 0, sizeof(ctx->key)); + if (len > sizeof(ctx->key)) { + isc_sha1_t sha1ctx; + isc_sha1_init(&sha1ctx); + isc_sha1_update(&sha1ctx, key, len); + isc_sha1_final(&sha1ctx, ctx->key); + } else + memcpy(ctx->key, key, len); + + isc_sha1_init(&ctx->sha1ctx); + memset(ipad, IPAD, sizeof(ipad)); + for (i = 0; i < ISC_SHA1_BLOCK_LENGTH; i++) + ipad[i] ^= ctx->key[i]; + isc_sha1_update(&ctx->sha1ctx, ipad, sizeof(ipad)); +} + +void +isc_hmacsha1_invalidate(isc_hmacsha1_t *ctx) { + isc_sha1_invalidate(&ctx->sha1ctx); + memset(ctx->key, 0, sizeof(ctx->key)); + memset(ctx, 0, sizeof(ctx)); +} + +/* + * Update context to reflect the concatenation of another buffer full + * of bytes. + */ +void +isc_hmacsha1_update(isc_hmacsha1_t *ctx, const unsigned char *buf, + unsigned int len) +{ + isc_sha1_update(&ctx->sha1ctx, buf, len); +} + +/* + * Compute signature - finalize SHA1 operation and reapply SHA1. + */ +void +isc_hmacsha1_sign(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len) { + unsigned char opad[ISC_SHA1_BLOCK_LENGTH]; + unsigned char newdigest[ISC_SHA1_DIGESTLENGTH]; + unsigned int i; + + REQUIRE(len <= ISC_SHA1_DIGESTLENGTH); + isc_sha1_final(&ctx->sha1ctx, newdigest); + + memset(opad, OPAD, sizeof(opad)); + for (i = 0; i < ISC_SHA1_BLOCK_LENGTH; i++) + opad[i] ^= ctx->key[i]; + + isc_sha1_init(&ctx->sha1ctx); + isc_sha1_update(&ctx->sha1ctx, opad, sizeof(opad)); + isc_sha1_update(&ctx->sha1ctx, newdigest, ISC_SHA1_DIGESTLENGTH); + isc_sha1_final(&ctx->sha1ctx, newdigest); + isc_hmacsha1_invalidate(ctx); + memcpy(digest, newdigest, len); + memset(newdigest, 0, sizeof(newdigest)); +} + +/* + * Verify signature - finalize SHA1 operation and reapply SHA1, then + * compare to the supplied digest. + */ +isc_boolean_t +isc_hmacsha1_verify(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len) { + unsigned char newdigest[ISC_SHA1_DIGESTLENGTH]; + + REQUIRE(len <= ISC_SHA1_DIGESTLENGTH); + isc_hmacsha1_sign(ctx, newdigest, ISC_SHA1_DIGESTLENGTH); + return (ISC_TF(memcmp(digest, newdigest, len) == 0)); +} + +/* + * Start HMAC-SHA224 process. Initialize an sha224 context and digest the key. + */ +void +isc_hmacsha224_init(isc_hmacsha224_t *ctx, const unsigned char *key, + unsigned int len) +{ + unsigned char ipad[ISC_SHA224_BLOCK_LENGTH]; + unsigned int i; + + memset(ctx->key, 0, sizeof(ctx->key)); + if (len > sizeof(ctx->key)) { + isc_sha224_t sha224ctx; + isc_sha224_init(&sha224ctx); + isc_sha224_update(&sha224ctx, key, len); + isc_sha224_final(ctx->key, &sha224ctx); + } else + memcpy(ctx->key, key, len); + + isc_sha224_init(&ctx->sha224ctx); + memset(ipad, IPAD, sizeof(ipad)); + for (i = 0; i < ISC_SHA224_BLOCK_LENGTH; i++) + ipad[i] ^= ctx->key[i]; + isc_sha224_update(&ctx->sha224ctx, ipad, sizeof(ipad)); +} + +void +isc_hmacsha224_invalidate(isc_hmacsha224_t *ctx) { + memset(ctx->key, 0, sizeof(ctx->key)); + memset(ctx, 0, sizeof(ctx)); +} + +/* + * Update context to reflect the concatenation of another buffer full + * of bytes. + */ +void +isc_hmacsha224_update(isc_hmacsha224_t *ctx, const unsigned char *buf, + unsigned int len) +{ + isc_sha224_update(&ctx->sha224ctx, buf, len); +} + +/* + * Compute signature - finalize SHA224 operation and reapply SHA224. + */ +void +isc_hmacsha224_sign(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len) { + unsigned char opad[ISC_SHA224_BLOCK_LENGTH]; + unsigned char newdigest[ISC_SHA224_DIGESTLENGTH]; + unsigned int i; + + REQUIRE(len <= ISC_SHA224_DIGESTLENGTH); + isc_sha224_final(newdigest, &ctx->sha224ctx); + + memset(opad, OPAD, sizeof(opad)); + for (i = 0; i < ISC_SHA224_BLOCK_LENGTH; i++) + opad[i] ^= ctx->key[i]; + + isc_sha224_init(&ctx->sha224ctx); + isc_sha224_update(&ctx->sha224ctx, opad, sizeof(opad)); + isc_sha224_update(&ctx->sha224ctx, newdigest, ISC_SHA224_DIGESTLENGTH); + isc_sha224_final(newdigest, &ctx->sha224ctx); + memcpy(digest, newdigest, len); + memset(newdigest, 0, sizeof(newdigest)); +} + +/* + * Verify signature - finalize SHA224 operation and reapply SHA224, then + * compare to the supplied digest. + */ +isc_boolean_t +isc_hmacsha224_verify(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len) { + unsigned char newdigest[ISC_SHA224_DIGESTLENGTH]; + + REQUIRE(len <= ISC_SHA224_DIGESTLENGTH); + isc_hmacsha224_sign(ctx, newdigest, ISC_SHA224_DIGESTLENGTH); + return (ISC_TF(memcmp(digest, newdigest, len) == 0)); +} + +/* + * Start HMAC-SHA256 process. Initialize an sha256 context and digest the key. + */ +void +isc_hmacsha256_init(isc_hmacsha256_t *ctx, const unsigned char *key, + unsigned int len) +{ + unsigned char ipad[ISC_SHA256_BLOCK_LENGTH]; + unsigned int i; + + memset(ctx->key, 0, sizeof(ctx->key)); + if (len > sizeof(ctx->key)) { + isc_sha256_t sha256ctx; + isc_sha256_init(&sha256ctx); + isc_sha256_update(&sha256ctx, key, len); + isc_sha256_final(ctx->key, &sha256ctx); + } else + memcpy(ctx->key, key, len); + + isc_sha256_init(&ctx->sha256ctx); + memset(ipad, IPAD, sizeof(ipad)); + for (i = 0; i < ISC_SHA256_BLOCK_LENGTH; i++) + ipad[i] ^= ctx->key[i]; + isc_sha256_update(&ctx->sha256ctx, ipad, sizeof(ipad)); +} + +void +isc_hmacsha256_invalidate(isc_hmacsha256_t *ctx) { + memset(ctx->key, 0, sizeof(ctx->key)); + memset(ctx, 0, sizeof(ctx)); +} + +/* + * Update context to reflect the concatenation of another buffer full + * of bytes. + */ +void +isc_hmacsha256_update(isc_hmacsha256_t *ctx, const unsigned char *buf, + unsigned int len) +{ + isc_sha256_update(&ctx->sha256ctx, buf, len); +} + +/* + * Compute signature - finalize SHA256 operation and reapply SHA256. + */ +void +isc_hmacsha256_sign(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len) { + unsigned char opad[ISC_SHA256_BLOCK_LENGTH]; + unsigned char newdigest[ISC_SHA256_DIGESTLENGTH]; + unsigned int i; + + REQUIRE(len <= ISC_SHA256_DIGESTLENGTH); + isc_sha256_final(newdigest, &ctx->sha256ctx); + + memset(opad, OPAD, sizeof(opad)); + for (i = 0; i < ISC_SHA256_BLOCK_LENGTH; i++) + opad[i] ^= ctx->key[i]; + + isc_sha256_init(&ctx->sha256ctx); + isc_sha256_update(&ctx->sha256ctx, opad, sizeof(opad)); + isc_sha256_update(&ctx->sha256ctx, newdigest, ISC_SHA256_DIGESTLENGTH); + isc_sha256_final(newdigest, &ctx->sha256ctx); + memcpy(digest, newdigest, len); + memset(newdigest, 0, sizeof(newdigest)); +} + +/* + * Verify signature - finalize SHA256 operation and reapply SHA256, then + * compare to the supplied digest. + */ +isc_boolean_t +isc_hmacsha256_verify(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len) { + unsigned char newdigest[ISC_SHA256_DIGESTLENGTH]; + + REQUIRE(len <= ISC_SHA256_DIGESTLENGTH); + isc_hmacsha256_sign(ctx, newdigest, ISC_SHA256_DIGESTLENGTH); + return (ISC_TF(memcmp(digest, newdigest, len) == 0)); +} + +/* + * Start HMAC-SHA384 process. Initialize an sha384 context and digest the key. + */ +void +isc_hmacsha384_init(isc_hmacsha384_t *ctx, const unsigned char *key, + unsigned int len) +{ + unsigned char ipad[ISC_SHA384_BLOCK_LENGTH]; + unsigned int i; + + memset(ctx->key, 0, sizeof(ctx->key)); + if (len > sizeof(ctx->key)) { + isc_sha384_t sha384ctx; + isc_sha384_init(&sha384ctx); + isc_sha384_update(&sha384ctx, key, len); + isc_sha384_final(ctx->key, &sha384ctx); + } else + memcpy(ctx->key, key, len); + + isc_sha384_init(&ctx->sha384ctx); + memset(ipad, IPAD, sizeof(ipad)); + for (i = 0; i < ISC_SHA384_BLOCK_LENGTH; i++) + ipad[i] ^= ctx->key[i]; + isc_sha384_update(&ctx->sha384ctx, ipad, sizeof(ipad)); +} + +void +isc_hmacsha384_invalidate(isc_hmacsha384_t *ctx) { + memset(ctx->key, 0, sizeof(ctx->key)); + memset(ctx, 0, sizeof(ctx)); +} + +/* + * Update context to reflect the concatenation of another buffer full + * of bytes. + */ +void +isc_hmacsha384_update(isc_hmacsha384_t *ctx, const unsigned char *buf, + unsigned int len) +{ + isc_sha384_update(&ctx->sha384ctx, buf, len); +} + +/* + * Compute signature - finalize SHA384 operation and reapply SHA384. + */ +void +isc_hmacsha384_sign(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len) { + unsigned char opad[ISC_SHA384_BLOCK_LENGTH]; + unsigned char newdigest[ISC_SHA384_DIGESTLENGTH]; + unsigned int i; + + REQUIRE(len <= ISC_SHA384_DIGESTLENGTH); + isc_sha384_final(newdigest, &ctx->sha384ctx); + + memset(opad, OPAD, sizeof(opad)); + for (i = 0; i < ISC_SHA384_BLOCK_LENGTH; i++) + opad[i] ^= ctx->key[i]; + + isc_sha384_init(&ctx->sha384ctx); + isc_sha384_update(&ctx->sha384ctx, opad, sizeof(opad)); + isc_sha384_update(&ctx->sha384ctx, newdigest, ISC_SHA384_DIGESTLENGTH); + isc_sha384_final(newdigest, &ctx->sha384ctx); + memcpy(digest, newdigest, len); + memset(newdigest, 0, sizeof(newdigest)); +} + +/* + * Verify signature - finalize SHA384 operation and reapply SHA384, then + * compare to the supplied digest. + */ +isc_boolean_t +isc_hmacsha384_verify(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len) { + unsigned char newdigest[ISC_SHA384_DIGESTLENGTH]; + + REQUIRE(len <= ISC_SHA384_DIGESTLENGTH); + isc_hmacsha384_sign(ctx, newdigest, ISC_SHA384_DIGESTLENGTH); + return (ISC_TF(memcmp(digest, newdigest, len) == 0)); +} + +/* + * Start HMAC-SHA512 process. Initialize an sha512 context and digest the key. + */ +void +isc_hmacsha512_init(isc_hmacsha512_t *ctx, const unsigned char *key, + unsigned int len) +{ + unsigned char ipad[ISC_SHA512_BLOCK_LENGTH]; + unsigned int i; + + memset(ctx->key, 0, sizeof(ctx->key)); + if (len > sizeof(ctx->key)) { + isc_sha512_t sha512ctx; + isc_sha512_init(&sha512ctx); + isc_sha512_update(&sha512ctx, key, len); + isc_sha512_final(ctx->key, &sha512ctx); + } else + memcpy(ctx->key, key, len); + + isc_sha512_init(&ctx->sha512ctx); + memset(ipad, IPAD, sizeof(ipad)); + for (i = 0; i < ISC_SHA512_BLOCK_LENGTH; i++) + ipad[i] ^= ctx->key[i]; + isc_sha512_update(&ctx->sha512ctx, ipad, sizeof(ipad)); +} + +void +isc_hmacsha512_invalidate(isc_hmacsha512_t *ctx) { + memset(ctx->key, 0, sizeof(ctx->key)); + memset(ctx, 0, sizeof(ctx)); +} + +/* + * Update context to reflect the concatenation of another buffer full + * of bytes. + */ +void +isc_hmacsha512_update(isc_hmacsha512_t *ctx, const unsigned char *buf, + unsigned int len) +{ + isc_sha512_update(&ctx->sha512ctx, buf, len); +} + +/* + * Compute signature - finalize SHA512 operation and reapply SHA512. + */ +void +isc_hmacsha512_sign(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len) { + unsigned char opad[ISC_SHA512_BLOCK_LENGTH]; + unsigned char newdigest[ISC_SHA512_DIGESTLENGTH]; + unsigned int i; + + REQUIRE(len <= ISC_SHA512_DIGESTLENGTH); + isc_sha512_final(newdigest, &ctx->sha512ctx); + + memset(opad, OPAD, sizeof(opad)); + for (i = 0; i < ISC_SHA512_BLOCK_LENGTH; i++) + opad[i] ^= ctx->key[i]; + + isc_sha512_init(&ctx->sha512ctx); + isc_sha512_update(&ctx->sha512ctx, opad, sizeof(opad)); + isc_sha512_update(&ctx->sha512ctx, newdigest, ISC_SHA512_DIGESTLENGTH); + isc_sha512_final(newdigest, &ctx->sha512ctx); + memcpy(digest, newdigest, len); + memset(newdigest, 0, sizeof(newdigest)); +} + +/* + * Verify signature - finalize SHA512 operation and reapply SHA512, then + * compare to the supplied digest. + */ +isc_boolean_t +isc_hmacsha512_verify(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len) { + unsigned char newdigest[ISC_SHA512_DIGESTLENGTH]; + + REQUIRE(len <= ISC_SHA512_DIGESTLENGTH); + isc_hmacsha512_sign(ctx, newdigest, ISC_SHA512_DIGESTLENGTH); + return (ISC_TF(memcmp(digest, newdigest, len) == 0)); +} diff --git a/usr.sbin/bind/lib/isc/ia64/Makefile.in b/usr.sbin/bind/lib/isc/ia64/Makefile.in new file mode 100644 index 00000000000..19a13a8cc02 --- /dev/null +++ b/usr.sbin/bind/lib/isc/ia64/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = include +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/ia64/include/Makefile.in b/usr.sbin/bind/lib/isc/ia64/include/Makefile.in new file mode 100644 index 00000000000..26103230cdc --- /dev/null +++ b/usr.sbin/bind/lib/isc/ia64/include/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = isc +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/ia64/include/isc/Makefile.in b/usr.sbin/bind/lib/isc/ia64/include/isc/Makefile.in new file mode 100644 index 00000000000..b571c74337e --- /dev/null +++ b/usr.sbin/bind/lib/isc/ia64/include/isc/Makefile.in @@ -0,0 +1,36 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +@BIND9_VERSION@ + +HEADERS = atomic.h + +SUBDIRS = +TARGETS = + +@BIND9_MAKE_RULES@ + +installdirs: + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${includedir}/isc + +install:: installdirs + for i in ${HEADERS}; do \ + ${INSTALL_DATA} $(srcdir)/$$i ${DESTDIR}${includedir}/isc ; \ + done diff --git a/usr.sbin/bind/lib/isc/ia64/include/isc/atomic.h b/usr.sbin/bind/lib/isc/ia64/include/isc/atomic.h new file mode 100644 index 00000000000..b3a8a91bbaa --- /dev/null +++ b/usr.sbin/bind/lib/isc/ia64/include/isc/atomic.h @@ -0,0 +1,88 @@ +/* + * Copyright (C) 2006 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: atomic.h,v 1.2.2.1 2006/06/21 03:38:32 marka Exp $ */ + +#ifndef ISC_ATOMIC_H +#define ISC_ATOMIC_H 1 + +#include <isc/platform.h> +#include <isc/types.h> + +#ifdef ISC_PLATFORM_USEGCCASM +/* + * This routine atomically increments the value stored in 'p' by 'val', and + * returns the previous value. + * + * Open issue: can 'fetchadd' make the code faster for some particular values + * (e.g., 1 and -1)? + */ +static inline isc_int32_t +isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) { + isc_int32_t prev, swapped; + + for (prev = *(volatile isc_int32_t *)p; ; prev = swapped) { + swapped = prev + val; + __asm__ volatile( + "mov ar.ccv=%2;" + "cmpxchg4.acq %0=%4,%3,ar.ccv" + : "=r" (swapped), "=m" (*p) + : "r" (prev), "r" (swapped), "m" (*p) + : "memory"); + if (swapped == prev) + break; + } + + return (prev); +} + +/* + * This routine atomically stores the value 'val' in 'p'. + */ +static inline void +isc_atomic_store(isc_int32_t *p, isc_int32_t val) { + __asm__ volatile( + "st4.rel %0=%1" + : "=m" (*p) + : "r" (val) + : "memory" + ); +} + +/* + * This routine atomically replaces the value in 'p' with 'val', if the + * original value is equal to 'cmpval'. The original value is returned in any + * case. + */ +static inline isc_int32_t +isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val) { + isc_int32_t ret; + + __asm__ volatile( + "mov ar.ccv=%2;" + "cmpxchg4.acq %0=%4,%3,ar.ccv" + : "=r" (ret), "=m" (*p) + : "r" (cmpval), "r" (val), "m" (*p) + : "memory"); + + return (ret); +} +#else /* !ISC_PLATFORM_USEGCCASM */ + +#error "unsupported compiler. disable atomic ops by --disable-atomic" + +#endif +#endif /* ISC_ATOMIC_H */ diff --git a/usr.sbin/bind/lib/isc/include/Makefile.in b/usr.sbin/bind/lib/isc/include/Makefile.in index ddf1712e38c..d98301a76d9 100644 --- a/usr.sbin/bind/lib/isc/include/Makefile.in +++ b/usr.sbin/bind/lib/isc/include/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.10.206.1 2004/03/06 08:14:38 marka Exp $ +# $ISC: Makefile.in,v 1.11 2004/03/05 05:10:53 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/isc/include/isc/app.h b/usr.sbin/bind/lib/isc/include/isc/app.h index 51acbcff361..0276467306a 100644 --- a/usr.sbin/bind/lib/isc/include/isc/app.h +++ b/usr.sbin/bind/lib/isc/include/isc/app.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: app.h,v 1.1.206.1 2004/03/06 08:14:38 marka Exp $ */ +/* $ISC: app.h,v 1.2.18.2 2005/04/29 00:16:52 marka Exp $ */ #ifndef ISC_APP_H #define ISC_APP_H 1 @@ -24,18 +24,18 @@ ***** Module Info *****/ -/* - * ISC Application Support +/*! \file + * \brief ISC Application Support * * Dealing with program termination can be difficult, especially in a * multithreaded program. The routines in this module help coordinate * the shutdown process. They are used as follows by the initial (main) * thread of the application: * - * isc_app_start(); Call very early in main(), before + *\li isc_app_start(); Call very early in main(), before * any other threads have been created. * - * isc_app_run(); This will post any on-run events, + *\li isc_app_run(); This will post any on-run events, * and then block until application * shutdown is requested. A shutdown * request is made by calling @@ -44,7 +44,7 @@ * After isc_app_run() returns, the * application should shutdown itself. * - * isc_app_finish(); Call very late in main(). + *\li isc_app_finish(); Call very late in main(). * * Applications that want to use SIGHUP/isc_app_reload() to trigger reloading * should check the result of isc_app_run() and call the reload routine if @@ -54,22 +54,22 @@ * Use of this module is not required. In particular, isc_app_start() is * NOT an ISC library initialization routine. * - * MP: + * \li MP: * Clients must ensure that isc_app_start(), isc_app_run(), and * isc_app_finish() are called at most once. isc_app_shutdown() * is safe to use by any thread (provided isc_app_start() has been * called previously). * - * Reliability: + * \li Reliability: * No anticipated impact. * - * Resources: + * \li Resources: * None. * - * Security: + * \li Security: * No anticipated impact. * - * Standards: + * \li Standards: * None. */ @@ -87,8 +87,8 @@ ISC_LANG_BEGINDECLS isc_result_t isc_app_start(void); -/* - * Start an ISC library application. +/*!< + * \brief Start an ISC library application. * * Notes: * This call should be made before any other ISC library call, and as @@ -98,8 +98,8 @@ isc_app_start(void); isc_result_t isc_app_onrun(isc_mem_t *mctx, isc_task_t *task, isc_taskaction_t action, void *arg); -/* - * Request delivery of an event when the application is run. +/*!< + * \brief Request delivery of an event when the application is run. * * Requires: * isc_app_start() has been called. @@ -111,99 +111,99 @@ isc_app_onrun(isc_mem_t *mctx, isc_task_t *task, isc_taskaction_t action, isc_result_t isc_app_run(void); -/* - * Run an ISC library application. +/*!< + * \brief Run an ISC library application. * * Notes: - * The caller (typically the initial thread of an application) will + *\li The caller (typically the initial thread of an application) will * block until shutdown is requested. When the call returns, the * caller should start shutting down the application. * * Requires: - * isc_app_start() has been called. + *\li isc_app_start() has been called. * * Ensures: - * Any events requested via isc_app_onrun() will have been posted (in + *\li Any events requested via isc_app_onrun() will have been posted (in * FIFO order) before isc_app_run() blocks. * * Returns: - * ISC_R_SUCCESS Shutdown has been requested. - * ISC_R_RELOAD Reload has been requested. + *\li ISC_R_SUCCESS Shutdown has been requested. + *\li ISC_R_RELOAD Reload has been requested. */ isc_result_t isc_app_shutdown(void); -/* - * Request application shutdown. +/*!< + * \brief Request application shutdown. * * Notes: - * It is safe to call isc_app_shutdown() multiple times. Shutdown will + *\li It is safe to call isc_app_shutdown() multiple times. Shutdown will * only be triggered once. * * Requires: - * isc_app_run() has been called. + *\li isc_app_run() has been called. * * Returns: - * ISC_R_SUCCESS - * ISC_R_UNEXPECTED + *\li ISC_R_SUCCESS + *\li ISC_R_UNEXPECTED */ isc_result_t isc_app_reload(void); -/* - * Request application reload. +/*!< + * \brief Request application reload. * * Requires: - * isc_app_run() has been called. + *\li isc_app_run() has been called. * * Returns: - * ISC_R_SUCCESS - * ISC_R_UNEXPECTED + *\li ISC_R_SUCCESS + *\li ISC_R_UNEXPECTED */ void isc_app_finish(void); -/* - * Finish an ISC library application. +/*!< + * \brief Finish an ISC library application. * * Notes: - * This call should be made at or near the end of main(). + *\li This call should be made at or near the end of main(). * * Requires: - * isc_app_start() has been called. + *\li isc_app_start() has been called. * * Ensures: - * Any resources allocated by isc_app_start() have been released. + *\li Any resources allocated by isc_app_start() have been released. */ void isc_app_block(void); -/* - * Indicate that a blocking operation will be performed. +/*!< + * \brief Indicate that a blocking operation will be performed. * * Notes: - * If a blocking operation is in process, a call to isc_app_shutdown() + *\li If a blocking operation is in process, a call to isc_app_shutdown() * or an external signal will abort the program, rather than allowing * clean shutdown. This is primarily useful for reading user input. * * Requires: - * isc_app_start() has been called. - * No other blocking operations are in progress. + * \li isc_app_start() has been called. + * \li No other blocking operations are in progress. */ void isc_app_unblock(void); -/* - * Indicate that a blocking operation is complete. +/*!< + * \brief Indicate that a blocking operation is complete. * * Notes: - * When a blocking operation has completed, return the program to a + * \li When a blocking operation has completed, return the program to a * state where a call to isc_app_shutdown() or an external signal will * shutdown normally. * * Requires: - * isc_app_start() has been called. - * isc_app_block() has been called by the same thread. + * \li isc_app_start() has been called. + * \li isc_app_block() has been called by the same thread. */ diff --git a/usr.sbin/bind/lib/isc/include/isc/assertions.h b/usr.sbin/bind/lib/isc/include/isc/assertions.h index 79c5aaa9fc2..bc102c78d38 100644 --- a/usr.sbin/bind/lib/isc/include/isc/assertions.h +++ b/usr.sbin/bind/lib/isc/include/isc/assertions.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1997-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -16,7 +16,9 @@ */ /* - * $ISC: assertions.h,v 1.17.206.1 2004/03/06 08:14:38 marka Exp $ + * $ISC: assertions.h,v 1.18.18.2 2005/04/29 00:16:52 marka Exp $ + */ +/*! \file assertions.h */ #ifndef ISC_ASSERTIONS_H @@ -27,6 +29,7 @@ ISC_LANG_BEGINDECLS +/*% isc assertion type */ typedef enum { isc_assertiontype_require, isc_assertiontype_ensure, diff --git a/usr.sbin/bind/lib/isc/include/isc/base64.h b/usr.sbin/bind/lib/isc/include/isc/base64.h index 7881d84413f..06881e065a5 100644 --- a/usr.sbin/bind/lib/isc/include/isc/base64.h +++ b/usr.sbin/bind/lib/isc/include/isc/base64.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: base64.h,v 1.15.206.1 2004/03/06 08:14:38 marka Exp $ */ +/* $ISC: base64.h,v 1.16.18.2 2005/04/29 00:16:53 marka Exp $ */ #ifndef ISC_BASE64_H #define ISC_BASE64_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/types.h> @@ -32,59 +34,59 @@ ISC_LANG_BEGINDECLS isc_result_t isc_base64_totext(isc_region_t *source, int wordlength, const char *wordbreak, isc_buffer_t *target); -/* - * Convert data into base64 encoded text. +/*!< + * \brief Convert data into base64 encoded text. * * Notes: - * The base64 encoded text in 'target' will be divided into + *\li The base64 encoded text in 'target' will be divided into * words of at most 'wordlength' characters, separated by * the 'wordbreak' string. No parentheses will surround * the text. * * Requires: - * 'source' is a region containing binary data - * 'target' is a text buffer containing available space - * 'wordbreak' points to a null-terminated string of + *\li 'source' is a region containing binary data + *\li 'target' is a text buffer containing available space + *\li 'wordbreak' points to a null-terminated string of * zero or more whitespace characters * * Ensures: - * target will contain the base64 encoded version of the data + *\li target will contain the base64 encoded version of the data * in source. The 'used' pointer in target will be advanced as * necessary. */ isc_result_t isc_base64_decodestring(const char *cstr, isc_buffer_t *target); -/* - * Decode a null-terminated base64 string. +/*!< + * \brief Decode a null-terminated base64 string. * * Requires: - * 'cstr' is non-null. - * 'target' is a valid buffer. + *\li 'cstr' is non-null. + *\li 'target' is a valid buffer. * * Returns: - * ISC_R_SUCCESS -- the entire decoded representation of 'cstring' + *\li #ISC_R_SUCCESS -- the entire decoded representation of 'cstring' * fit in 'target'. - * ISC_R_BADBASE64 -- 'cstr' is not a valid base64 encoding. + *\li #ISC_R_BADBASE64 -- 'cstr' is not a valid base64 encoding. * * Other error returns are any possible error code from: - * isc_lex_create(), - * isc_lex_openbuffer(), - * isc_base64_tobuffer(). + *\li isc_lex_create(), + *\li isc_lex_openbuffer(), + *\li isc_base64_tobuffer(). */ isc_result_t isc_base64_tobuffer(isc_lex_t *lexer, isc_buffer_t *target, int length); -/* - * Convert base64 encoded text from a lexer context into data. +/*!< + * \brief Convert base64 encoded text from a lexer context into data. * * Requires: - * 'lex' is a valid lexer context - * 'target' is a buffer containing binary data - * 'length' is an integer + *\li 'lex' is a valid lexer context + *\li 'target' is a buffer containing binary data + *\li 'length' is an integer * * Ensures: - * target will contain the data represented by the base64 encoded + *\li target will contain the data represented by the base64 encoded * string parsed by the lexer. No more than length bytes will be read, * if length is positive. The 'used' pointer in target will be * advanced as necessary. diff --git a/usr.sbin/bind/lib/isc/include/isc/bitstring.h b/usr.sbin/bind/lib/isc/include/isc/bitstring.h index 7bdc8c4e58b..56fa8afb0af 100644 --- a/usr.sbin/bind/lib/isc/include/isc/bitstring.h +++ b/usr.sbin/bind/lib/isc/include/isc/bitstring.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: bitstring.h,v 1.7.206.1 2004/03/06 08:14:38 marka Exp $ */ +/* $ISC: bitstring.h,v 1.8.18.2 2005/04/29 00:16:53 marka Exp $ */ #ifndef ISC_BITSTRING_H #define ISC_BITSTRING_H 1 @@ -24,8 +24,9 @@ ***** Module Info *****/ -/* - * Bitstring +/*! \file bitstring.h + * + * \brief Bitstring manipulation functions. * * A bitstring is a packed array of bits, stored in a contiguous * sequence of octets. The "most significant bit" (msb) of a bitstring @@ -46,21 +47,25 @@ * long and will take two octets. Let "p" denote a pad bit. In the msb0 * encoding, it would be * + * \verbatim * Octet 0 Octet 1 * | * 1 1 0 1 0 0 0 1 | 1 1 1 p p p p p * ^ | ^ * | | * bit 0 bit 15 + * \endverbatim * * In the lsb0 encoding, it would be * + * \verbatim * Octet 0 Octet 1 * | * p p p p p 1 1 0 | 1 0 0 0 1 1 1 1 * ^ | ^ * | | * bit 15 bit 0 + * \endverbatim */ /*** @@ -91,59 +96,59 @@ struct isc_bitstring { void isc_bitstring_init(isc_bitstring_t *bitstring, unsigned char *data, unsigned int length, unsigned int size, isc_boolean_t lsb0); -/* - * Make 'bitstring' refer to the bitstring of 'size' bits starting +/*!< + * \brief Make 'bitstring' refer to the bitstring of 'size' bits starting * at 'data'. 'length' bits of the bitstring are valid. If 'lsb0' * is set then, bit 0 refers to the least significant bit of the * bitstring. Otherwise bit 0 is the most significant bit. * * Requires: * - * 'bitstring' points to a isc_bitstring_t. + *\li 'bitstring' points to a isc_bitstring_t. * - * 'data' points to an array of unsigned char large enough to hold + *\li 'data' points to an array of unsigned char large enough to hold * 'size' bits. * - * 'length' <= 'size'. + *\li 'length' <= 'size'. * * Ensures: * - * 'bitstring' is a valid bitstring. + *\li 'bitstring' is a valid bitstring. */ void isc_bitstring_invalidate(isc_bitstring_t *bitstring); -/* - * Invalidate 'bitstring'. +/*!< + * \brief Invalidate 'bitstring'. * * Requires: * - * 'bitstring' is a valid bitstring. + *\li 'bitstring' is a valid bitstring. * * Ensures: * - * 'bitstring' is not a valid bitstring. + *\li 'bitstring' is not a valid bitstring. */ void isc_bitstring_copy(isc_bitstring_t *source, unsigned int sbitpos, isc_bitstring_t *target, unsigned int tbitpos, unsigned int n); -/* - * Starting at bit 'sbitpos', copy 'n' bits from 'source' to +/*!< + * \brief Starting at bit 'sbitpos', copy 'n' bits from 'source' to * the 'n' bits of 'target' starting at 'tbitpos'. * * Requires: * - * 'source' and target are valid bitstrings with the same lsb0 setting. + *\li 'source' and target are valid bitstrings with the same lsb0 setting. * - * 'sbitpos' + 'n' is less than or equal to the length of 'source'. + *\li 'sbitpos' + 'n' is less than or equal to the length of 'source'. * - * 'tbitpos' + 'n' is less than or equal to the size of 'target'. + *\li 'tbitpos' + 'n' is less than or equal to the size of 'target'. * * Ensures: * - * The specified bits have been copied, and the length of 'target' + *\li The specified bits have been copied, and the length of 'target' * adjusted (if required). */ diff --git a/usr.sbin/bind/lib/isc/include/isc/boolean.h b/usr.sbin/bind/lib/isc/include/isc/boolean.h index 8dbe172b8ba..525283f8a94 100644 --- a/usr.sbin/bind/lib/isc/include/isc/boolean.h +++ b/usr.sbin/bind/lib/isc/include/isc/boolean.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: boolean.h,v 1.12.206.1 2004/03/06 08:14:39 marka Exp $ */ +/* $ISC: boolean.h,v 1.13.18.2 2005/04/29 00:16:53 marka Exp $ */ #ifndef ISC_BOOLEAN_H #define ISC_BOOLEAN_H 1 +/*! \file */ + typedef enum { isc_boolean_false = 0, isc_boolean_true = 1 } isc_boolean_t; #define ISC_FALSE isc_boolean_false diff --git a/usr.sbin/bind/lib/isc/include/isc/buffer.h b/usr.sbin/bind/lib/isc/include/isc/buffer.h index 73c25e1e8cd..10037cf8037 100644 --- a/usr.sbin/bind/lib/isc/include/isc/buffer.h +++ b/usr.sbin/bind/lib/isc/include/isc/buffer.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: buffer.h,v 1.39.12.2 2004/03/08 09:04:51 marka Exp $ */ +/* $ISC: buffer.h,v 1.43.18.2 2005/04/29 00:16:53 marka Exp $ */ #ifndef ISC_BUFFER_H #define ISC_BUFFER_H 1 @@ -24,10 +24,9 @@ ***** Module Info *****/ -/* - * Buffers +/*! \file buffer.h * - * A buffer is a region of memory, together with a set of related subregions. + * \brief A buffer is a region of memory, together with a set of related subregions. * Buffers are used for parsing and I/O operations. * * The 'used region' and the 'available' region are disjoint, and their @@ -51,6 +50,7 @@ * is empty. If the current offset advances beyond the chosen offset, the * active region will also be empty. * + * \verbatim * /------------entire length---------------\ * /----- used region -----\/-- available --\ * +----------------------------------------+ @@ -69,9 +69,11 @@ * a-b == consumed region. * b-d == remaining region. * b-c == optional active region. + *\endverbatim * * The following invariants are maintained by all routines: * + *\code * length > 0 * * base is a valid pointer to length bytes of memory @@ -82,21 +84,22 @@ * * 0 <= active <= used * (although active < current implies empty active region) + *\endcode * - * MP: + * \li MP: * Buffers have no synchronization. Clients must ensure exclusive * access. * - * Reliability: + * \li Reliability: * No anticipated impact. * - * Resources: + * \li Resources: * Memory: 1 pointer + 6 unsigned integers per buffer. * - * Security: + * \li Security: * No anticipated impact. * - * Standards: + * \li Standards: * None. */ @@ -108,7 +111,7 @@ #include <isc/magic.h> #include <isc/types.h> -/* +/*! * To make many functions be inline macros (via #define) define this. * If it is undefined, a function will be used. */ @@ -116,11 +119,13 @@ ISC_LANG_BEGINDECLS -/*** +/*@{*/ +/*! *** Magic numbers ***/ #define ISC_BUFFER_MAGIC 0x42756621U /* Buf!. */ #define ISC_BUFFER_VALID(b) ISC_MAGIC_VALID(b, ISC_BUFFER_MAGIC) +/*@}*/ /* * The following macros MUST be used only on valid buffers. It is the @@ -129,7 +134,8 @@ ISC_LANG_BEGINDECLS * another macro.) */ -/* +/*@{*/ +/*! * Fundamental buffer elements. (A through E in the introductory comment.) */ #define isc_buffer_base(b) ((void *)(b)->base) /*a*/ @@ -140,8 +146,10 @@ ISC_LANG_BEGINDECLS #define isc_buffer_used(b) \ ((void *)((unsigned char *)(b)->base + (b)->used)) /*d*/ #define isc_buffer_length(b) ((b)->length) /*e*/ +/*@}*/ -/* +/*@{*/ +/*! * Derived lengths. (Described in the introductory comment.) */ #define isc_buffer_usedlength(b) ((b)->used) /* d-a */ @@ -149,8 +157,9 @@ ISC_LANG_BEGINDECLS #define isc_buffer_remaininglength(b) ((b)->used - (b)->current) /* d-b */ #define isc_buffer_activelength(b) ((b)->active - (b)->current) /* c-b */ #define isc_buffer_availablelength(b) ((b)->length - (b)->used) /* e-d */ +/*@}*/ -/* +/*! * Note that the buffer structure is public. This is principally so buffer * operations can be implemented using macros. Applications are strongly * discouraged from directly manipulating the structure. @@ -159,14 +168,16 @@ ISC_LANG_BEGINDECLS struct isc_buffer { unsigned int magic; void *base; - /* The following integers are byte offsets from 'base'. */ + /*@{*/ + /*! The following integers are byte offsets from 'base'. */ unsigned int length; unsigned int used; unsigned int current; unsigned int active; - /* linkable */ + /*@}*/ + /*! linkable */ ISC_LINK(isc_buffer_t) link; - /* private internal elements */ + /*! private internal elements */ isc_mem_t *mctx; }; @@ -177,397 +188,397 @@ struct isc_buffer { isc_result_t isc_buffer_allocate(isc_mem_t *mctx, isc_buffer_t **dynbuffer, unsigned int length); -/* - * Allocate a dynamic linkable buffer which has "length" bytes in the +/*!< + * \brief Allocate a dynamic linkable buffer which has "length" bytes in the * data region. * * Requires: - * "mctx" is valid. + *\li "mctx" is valid. * - * "dynbuffer" is non-NULL, and "*dynbuffer" is NULL. + *\li "dynbuffer" is non-NULL, and "*dynbuffer" is NULL. * * Returns: - * ISC_R_SUCCESS - success - * ISC_R_NOMEMORY - no memory available + *\li ISC_R_SUCCESS - success + *\li ISC_R_NOMEMORY - no memory available * * Note: - * Changing the buffer's length field is not permitted. + *\li Changing the buffer's length field is not permitted. */ void isc_buffer_free(isc_buffer_t **dynbuffer); -/* - * Release resources allocated for a dynamic buffer. +/*!< + * \brief Release resources allocated for a dynamic buffer. * * Requires: - * "dynbuffer" is not NULL. + *\li "dynbuffer" is not NULL. * - * "*dynbuffer" is a valid dynamic buffer. + *\li "*dynbuffer" is a valid dynamic buffer. * * Ensures: - * "*dynbuffer" will be NULL on return, and all memory associated with + *\li "*dynbuffer" will be NULL on return, and all memory associated with * the dynamic buffer is returned to the memory context used in * isc_buffer_allocate(). */ void isc__buffer_init(isc_buffer_t *b, const void *base, unsigned int length); -/* - * Make 'b' refer to the 'length'-byte region starting at base. +/*!< + * \brief Make 'b' refer to the 'length'-byte region starting at base. * * Requires: * - * 'length' > 0 + *\li 'length' > 0 * - * 'base' is a pointer to a sequence of 'length' bytes. + *\li 'base' is a pointer to a sequence of 'length' bytes. * */ void isc__buffer_invalidate(isc_buffer_t *b); -/* - * Make 'b' an invalid buffer. +/*!< + * \brief Make 'b' an invalid buffer. * * Requires: - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * * Ensures: - * If assertion checking is enabled, future attempts to use 'b' without + *\li If assertion checking is enabled, future attempts to use 'b' without * calling isc_buffer_init() on it will cause an assertion failure. */ void isc__buffer_region(isc_buffer_t *b, isc_region_t *r); -/* - * Make 'r' refer to the region of 'b'. +/*!< + * \brief Make 'r' refer to the region of 'b'. * * Requires: * - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * 'r' points to a region structure. + *\li 'r' points to a region structure. */ void isc__buffer_usedregion(isc_buffer_t *b, isc_region_t *r); -/* - * Make 'r' refer to the used region of 'b'. +/*!< + * \brief Make 'r' refer to the used region of 'b'. * * Requires: * - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * 'r' points to a region structure. + *\li 'r' points to a region structure. */ void isc__buffer_availableregion(isc_buffer_t *b, isc_region_t *r); -/* - * Make 'r' refer to the available region of 'b'. +/*!< + * \brief Make 'r' refer to the available region of 'b'. * * Requires: * - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * 'r' points to a region structure. + *\li 'r' points to a region structure. */ void isc__buffer_add(isc_buffer_t *b, unsigned int n); -/* - * Increase the 'used' region of 'b' by 'n' bytes. +/*!< + * \brief Increase the 'used' region of 'b' by 'n' bytes. * * Requires: * - * 'b' is a valid buffer + *\li 'b' is a valid buffer * - * used + n <= length + *\li used + n <= length * */ void isc__buffer_subtract(isc_buffer_t *b, unsigned int n); -/* - * Decrease the 'used' region of 'b' by 'n' bytes. +/*!< + * \brief Decrease the 'used' region of 'b' by 'n' bytes. * * Requires: * - * 'b' is a valid buffer + *\li 'b' is a valid buffer * - * used >= n + *\li used >= n * */ void isc__buffer_clear(isc_buffer_t *b); -/* - * Make the used region empty. +/*!< + * \brief Make the used region empty. * * Requires: * - * 'b' is a valid buffer + *\li 'b' is a valid buffer * * Ensures: * - * used = 0 + *\li used = 0 * */ void isc__buffer_consumedregion(isc_buffer_t *b, isc_region_t *r); -/* - * Make 'r' refer to the consumed region of 'b'. +/*!< + * \brief Make 'r' refer to the consumed region of 'b'. * * Requires: * - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * 'r' points to a region structure. + *\li 'r' points to a region structure. */ void isc__buffer_remainingregion(isc_buffer_t *b, isc_region_t *r); -/* - * Make 'r' refer to the remaining region of 'b'. +/*!< + * \brief Make 'r' refer to the remaining region of 'b'. * * Requires: * - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * 'r' points to a region structure. + *\li 'r' points to a region structure. */ void isc__buffer_activeregion(isc_buffer_t *b, isc_region_t *r); -/* - * Make 'r' refer to the active region of 'b'. +/*!< + * \brief Make 'r' refer to the active region of 'b'. * * Requires: * - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * 'r' points to a region structure. + *\li 'r' points to a region structure. */ void isc__buffer_setactive(isc_buffer_t *b, unsigned int n); -/* - * Sets the end of the active region 'n' bytes after current. +/*!< + * \brief Sets the end of the active region 'n' bytes after current. * * Requires: * - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * current + n <= used + *\li current + n <= used */ void isc__buffer_first(isc_buffer_t *b); -/* - * Make the consumed region empty. +/*!< + * \brief Make the consumed region empty. * * Requires: * - * 'b' is a valid buffer + *\li 'b' is a valid buffer * * Ensures: * - * current == 0 + *\li current == 0 * */ void isc__buffer_forward(isc_buffer_t *b, unsigned int n); -/* - * Increase the 'consumed' region of 'b' by 'n' bytes. +/*!< + * \brief Increase the 'consumed' region of 'b' by 'n' bytes. * * Requires: * - * 'b' is a valid buffer + *\li 'b' is a valid buffer * - * current + n <= used + *\li current + n <= used * */ void isc__buffer_back(isc_buffer_t *b, unsigned int n); -/* - * Decrease the 'consumed' region of 'b' by 'n' bytes. +/*!< + * \brief Decrease the 'consumed' region of 'b' by 'n' bytes. * * Requires: * - * 'b' is a valid buffer + *\li 'b' is a valid buffer * - * n <= current + *\li n <= current * */ void isc_buffer_compact(isc_buffer_t *b); -/* - * Compact the used region by moving the remaining region so it occurs +/*!< + * \brief Compact the used region by moving the remaining region so it occurs * at the start of the buffer. The used region is shrunk by the size of * the consumed region, and the consumed region is then made empty. * * Requires: * - * 'b' is a valid buffer + *\li 'b' is a valid buffer * * Ensures: * - * current == 0 + *\li current == 0 * - * The size of the used region is now equal to the size of the remaining + *\li The size of the used region is now equal to the size of the remaining * region (as it was before the call). The contents of the used region * are those of the remaining region (as it was before the call). */ isc_uint8_t isc_buffer_getuint8(isc_buffer_t *b); -/* - * Read an unsigned 8-bit integer from 'b' and return it. +/*!< + * \brief Read an unsigned 8-bit integer from 'b' and return it. * * Requires: * - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * The length of the available region of 'b' is at least 1. + *\li The length of the available region of 'b' is at least 1. * * Ensures: * - * The current pointer in 'b' is advanced by 1. + *\li The current pointer in 'b' is advanced by 1. * * Returns: * - * A 8-bit unsigned integer. + *\li A 8-bit unsigned integer. */ void isc__buffer_putuint8(isc_buffer_t *b, isc_uint8_t val); -/* - * Store an unsigned 8-bit integer from 'val' into 'b'. +/*!< + * \brief Store an unsigned 8-bit integer from 'val' into 'b'. * * Requires: - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * The length of the unused region of 'b' is at least 1. + *\li The length of the unused region of 'b' is at least 1. * * Ensures: - * The used pointer in 'b' is advanced by 1. + *\li The used pointer in 'b' is advanced by 1. */ isc_uint16_t isc_buffer_getuint16(isc_buffer_t *b); -/* - * Read an unsigned 16-bit integer in network byte order from 'b', convert +/*!< + * \brief Read an unsigned 16-bit integer in network byte order from 'b', convert * it to host byte order, and return it. * * Requires: * - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * The length of the available region of 'b' is at least 2. + *\li The length of the available region of 'b' is at least 2. * * Ensures: * - * The current pointer in 'b' is advanced by 2. + *\li The current pointer in 'b' is advanced by 2. * * Returns: * - * A 16-bit unsigned integer. + *\li A 16-bit unsigned integer. */ void isc__buffer_putuint16(isc_buffer_t *b, isc_uint16_t val); -/* - * Store an unsigned 16-bit integer in host byte order from 'val' +/*!< + * \brief Store an unsigned 16-bit integer in host byte order from 'val' * into 'b' in network byte order. * * Requires: - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * The length of the unused region of 'b' is at least 2. + *\li The length of the unused region of 'b' is at least 2. * * Ensures: - * The used pointer in 'b' is advanced by 2. + *\li The used pointer in 'b' is advanced by 2. */ isc_uint32_t isc_buffer_getuint32(isc_buffer_t *b); -/* - * Read an unsigned 32-bit integer in network byte order from 'b', convert +/*!< + * \brief Read an unsigned 32-bit integer in network byte order from 'b', convert * it to host byte order, and return it. * * Requires: * - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * The length of the available region of 'b' is at least 4. + *\li The length of the available region of 'b' is at least 4. * * Ensures: * - * The current pointer in 'b' is advanced by 4. + *\li The current pointer in 'b' is advanced by 4. * * Returns: * - * A 32-bit unsigned integer. + *\li A 32-bit unsigned integer. */ void isc__buffer_putuint32(isc_buffer_t *b, isc_uint32_t val); -/* - * Store an unsigned 32-bit integer in host byte order from 'val' +/*!< + * \brief Store an unsigned 32-bit integer in host byte order from 'val' * into 'b' in network byte order. * * Requires: - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * The length of the unused region of 'b' is at least 4. + *\li The length of the unused region of 'b' is at least 4. * * Ensures: - * The used pointer in 'b' is advanced by 4. + *\li The used pointer in 'b' is advanced by 4. */ void isc__buffer_putmem(isc_buffer_t *b, const unsigned char *base, unsigned int length); -/* - * Copy 'length' bytes of memory at 'base' into 'b'. +/*!< + * \brief Copy 'length' bytes of memory at 'base' into 'b'. * * Requires: - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * 'base' points to 'length' bytes of valid memory. + *\li 'base' points to 'length' bytes of valid memory. * */ void isc__buffer_putstr(isc_buffer_t *b, const char *source); -/* - * Copy 'source' into 'b', not including terminating NUL. +/*!< + * \brief Copy 'source' into 'b', not including terminating NUL. * * Requires: - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * 'source' to be a valid NULL terminated string. + *\li 'source' to be a valid NULL terminated string. * - * strlen(source) <= isc_buffer_available(b) + *\li strlen(source) <= isc_buffer_available(b) */ isc_result_t isc_buffer_copyregion(isc_buffer_t *b, const isc_region_t *r); -/* - * Copy the contents of 'r' into 'b'. +/*!< + * \brief Copy the contents of 'r' into 'b'. * * Requires: - * 'b' is a valid buffer. + *\li 'b' is a valid buffer. * - * 'r' is a valid region. + *\li 'r' is a valid region. * * Returns: * - * ISC_R_SUCCESS - * ISC_R_NOSPACE The available region of 'b' is not + *\li ISC_R_SUCCESS + *\li ISC_R_NOSPACE The available region of 'b' is not * big enough. */ @@ -580,7 +591,7 @@ ISC_LANG_ENDDECLS * ones beginning with "isc__" */ -/* +/*! \note * XXXDCL Something more could be done with initializing buffers that * point to const data. For example, a new function, isc_buffer_initconst, * could be used, and a new boolean flag in the buffer structure could diff --git a/usr.sbin/bind/lib/isc/include/isc/bufferlist.h b/usr.sbin/bind/lib/isc/include/isc/bufferlist.h index f04729c54a7..dfe1117c77f 100644 --- a/usr.sbin/bind/lib/isc/include/isc/bufferlist.h +++ b/usr.sbin/bind/lib/isc/include/isc/bufferlist.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: bufferlist.h,v 1.10.206.1 2004/03/06 08:14:39 marka Exp $ */ +/* $ISC: bufferlist.h,v 1.11.18.2 2005/04/29 00:16:53 marka Exp $ */ #ifndef ISC_BUFFERLIST_H #define ISC_BUFFERLIST_H 1 @@ -24,19 +24,19 @@ ***** Module Info *****/ -/* - * Buffer Lists +/*! \file bufferlist.h + * * - * Buffer lists have no synchronization. Clients must ensure exclusive + *\brief Buffer lists have no synchronization. Clients must ensure exclusive * access. * - * Reliability: + * \li Reliability: * No anticipated impact. - * Security: + * \li Security: * No anticipated impact. * - * Standards: + * \li Standards: * None. */ @@ -55,30 +55,30 @@ ISC_LANG_BEGINDECLS unsigned int isc_bufferlist_usedcount(isc_bufferlist_t *bl); -/* - * Return the length of the sum of all used regions of all buffers in +/*!< + * \brief Return the length of the sum of all used regions of all buffers in * the buffer list 'bl' * * Requires: * - * 'bl' is not NULL. + *\li 'bl' is not NULL. * * Returns: - * sum of all used regions' lengths. + *\li sum of all used regions' lengths. */ unsigned int isc_bufferlist_availablecount(isc_bufferlist_t *bl); -/* - * Return the length of the sum of all available regions of all buffers in +/*!< + * \brief Return the length of the sum of all available regions of all buffers in * the buffer list 'bl' * * Requires: * - * 'bl' is not NULL. + *\li 'bl' is not NULL. * * Returns: - * sum of all available regions' lengths. + *\li sum of all available regions' lengths. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/isc/include/isc/commandline.h b/usr.sbin/bind/lib/isc/include/isc/commandline.h index 990236cb081..2a43fe318cb 100644 --- a/usr.sbin/bind/lib/isc/include/isc/commandline.h +++ b/usr.sbin/bind/lib/isc/include/isc/commandline.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,30 +15,33 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: commandline.h,v 1.9.206.1 2004/03/06 08:14:39 marka Exp $ */ +/* $ISC: commandline.h,v 1.10.18.2 2005/04/29 00:16:53 marka Exp $ */ #ifndef ISC_COMMANDLINE_H #define ISC_COMMANDLINE_H 1 +/*! \file */ + #include <isc/boolean.h> #include <isc/lang.h> #include <isc/platform.h> -/* Index into parent argv vector. */ +/*% Index into parent argv vector. */ LIBISC_EXTERNAL_DATA extern int isc_commandline_index; -/* Character checked for validity. */ +/*% Character checked for validity. */ LIBISC_EXTERNAL_DATA extern int isc_commandline_option; -/* Argument associated with option. */ +/*% Argument associated with option. */ LIBISC_EXTERNAL_DATA extern char *isc_commandline_argument; -/* For printing error messages. */ +/*% For printing error messages. */ LIBISC_EXTERNAL_DATA extern char *isc_commandline_progname; -/* Print error message. */ +/*% Print error message. */ LIBISC_EXTERNAL_DATA extern isc_boolean_t isc_commandline_errprint; -/* Reset getopt. */ +/*% Reset getopt. */ LIBISC_EXTERNAL_DATA extern isc_boolean_t isc_commandline_reset; ISC_LANG_BEGINDECLS +/*% parse command line */ int isc_commandline_parse(int argc, char * const *argv, const char *options); diff --git a/usr.sbin/bind/lib/isc/include/isc/entropy.h b/usr.sbin/bind/lib/isc/include/isc/entropy.h index ebfb0859f24..2df3d50fd48 100644 --- a/usr.sbin/bind/lib/isc/include/isc/entropy.h +++ b/usr.sbin/bind/lib/isc/include/isc/entropy.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: entropy.h,v 1.23.2.1.10.1 2004/03/06 08:14:40 marka Exp $ */ +/* $ISC: entropy.h,v 1.25.18.2 2005/04/29 00:16:54 marka Exp $ */ #ifndef ISC_ENTROPY_H #define ISC_ENTROPY_H 1 @@ -24,33 +24,30 @@ ***** Module Info *****/ -/* - * Entropy - * - * The entropy API +/*! \file entropy.h + * \brief The entropy API * - * MP: + * \li MP: * The entropy object is locked internally. All callbacks into * application-provided functions (for setup, gathering, and * shutdown of sources) are guaranteed to be called with the * entropy API lock held. This means these functions are * not permitted to call back into the entropy API. * - * Reliability: + * \li Reliability: * No anticipated impact. * - * Resources: + * \li Resources: * A buffer, used as an entropy pool. * - * Security: + * \li Security: * While this code is believed to implement good entropy gathering * and distribution, it has not been reviewed by a cryptographic * expert. - * * Since the added entropy is only as good as the sources used, * this module could hand out bad data and never know it. * - * Standards: + * \li Standards: * None. */ @@ -63,31 +60,37 @@ #include <isc/lang.h> #include <isc/types.h> -/* - * Entropy callback function. - */ +/*@{*/ +/*% Entropy callback function. */ typedef isc_result_t (*isc_entropystart_t)(isc_entropysource_t *source, void *arg, isc_boolean_t blocking); typedef isc_result_t (*isc_entropyget_t)(isc_entropysource_t *source, void *arg, isc_boolean_t blocking); typedef void (*isc_entropystop_t)(isc_entropysource_t *source, void *arg); +/*@}*/ /*** *** Flags. ***/ -/* - * _GOODONLY +/*! + * \brief * Extract only "good" data; return failure if there is not enough * data available and there are no sources which we can poll to get * data, or those sources are empty. * - * _PARTIAL + * + */ +#define ISC_ENTROPY_GOODONLY 0x00000001U +/*! + * \brief * Extract as much good data as possible, but if there isn't enough * at hand, return what is available. This flag only makes sense * when used with _GOODONLY. - * - * _BLOCKING + */ +#define ISC_ENTROPY_PARTIAL 0x00000002U +/*! + * \brief * Block the task until data is available. This is contrary to the * ISC task system, where tasks should never block. However, if * this is a special purpose application where blocking a task is @@ -95,12 +98,10 @@ typedef void (*isc_entropystop_t)(isc_entropysource_t *source, void *arg); * This flag only makes sense when used with _GOODONLY, and will * block regardless of the setting for _PARTIAL. */ -#define ISC_ENTROPY_GOODONLY 0x00000001U -#define ISC_ENTROPY_PARTIAL 0x00000002U #define ISC_ENTROPY_BLOCKING 0x00000004U -/* - * _ESTIMATE +/*! + * \brief * Estimate the amount of entropy contained in the sample pool. * If this is not set, the source will be gathered and perodically * mixed into the entropy pool, but no increment in contained entropy @@ -110,17 +111,22 @@ typedef void (*isc_entropystop_t)(isc_entropysource_t *source, void *arg); /* * For use with isc_entropy_usebestsource(). - * - * _KEYBOARDYES + */ +/*! + * \brief * Use the keyboard as the only entropy source. - * _KEYBOARDNO + */ +#define ISC_ENTROPY_KEYBOARDYES 1 +/*! + * \brief * Never use the keyboard as an entropy source. - * _KEYBOARDMAYBE + */ +#define ISC_ENTROPY_KEYBOARDNO 2 +/*! + * \brief * Use the keyboard as an entropy source only if opening the * random device fails. */ -#define ISC_ENTROPY_KEYBOARDYES 1 -#define ISC_ENTROPY_KEYBOARDNO 2 #define ISC_ENTROPY_KEYBOARDMAYBE 3 ISC_LANG_BEGINDECLS @@ -131,26 +137,26 @@ ISC_LANG_BEGINDECLS isc_result_t isc_entropy_create(isc_mem_t *mctx, isc_entropy_t **entp); -/* - * Create a new entropy object. +/*!< + * \brief Create a new entropy object. */ void isc_entropy_attach(isc_entropy_t *ent, isc_entropy_t **entp); -/* +/*!< * Attaches to an entropy object. */ void isc_entropy_detach(isc_entropy_t **entp); -/* - * Detaches from an entropy object. +/*!< + * \brief Detaches from an entropy object. */ isc_result_t isc_entropy_createfilesource(isc_entropy_t *ent, const char *fname); -/* - * Create a new entropy source from a file. +/*!< + * \brief Create a new entropy source from a file. * * The file is assumed to contain good randomness, and will be mixed directly * into the pool with every byte adding 8 bits of entropy. @@ -168,15 +174,15 @@ isc_entropy_createfilesource(isc_entropy_t *ent, const char *fname); void isc_entropy_destroysource(isc_entropysource_t **sourcep); -/* - * Removes an entropy source from the entropy system. +/*!< + * \brief Removes an entropy source from the entropy system. */ isc_result_t isc_entropy_createsamplesource(isc_entropy_t *ent, isc_entropysource_t **sourcep); -/* - * Create an entropy source that consists of samples. Each sample is added +/*!< + * \brief Create an entropy source that consists of samples. Each sample is added * to the source via isc_entropy_addsamples(), below. */ @@ -187,8 +193,10 @@ isc_entropy_createcallbacksource(isc_entropy_t *ent, isc_entropystop_t stop, void *arg, isc_entropysource_t **sourcep); -/* - * Create an entropy source that is polled via a callback. This would +/*!< + * \brief Create an entropy source that is polled via a callback. + * + * This would * be used when keyboard input is used, or a GUI input method. It can * also be used to hook in any external entropy source. * @@ -199,19 +207,22 @@ isc_entropy_createcallbacksource(isc_entropy_t *ent, void isc_entropy_stopcallbacksources(isc_entropy_t *ent); -/* - * Call the stop functions for callback sources that have had their +/*!< + * \brief Call the stop functions for callback sources that have had their * start functions called. */ +/*@{*/ isc_result_t isc_entropy_addcallbacksample(isc_entropysource_t *source, isc_uint32_t sample, isc_uint32_t extra); isc_result_t isc_entropy_addsample(isc_entropysource_t *source, isc_uint32_t sample, isc_uint32_t extra); -/* - * Add a sample to the sample source. The sample MUST be a timestamp +/*!< + * \brief Add a sample to the sample source. + * + * The sample MUST be a timestamp * that increases over time, with the exception of wrap-around for * extremely high resolution timers which will quickly wrap-around * a 32-bit integer. @@ -222,20 +233,28 @@ isc_entropy_addsample(isc_entropysource_t *source, isc_uint32_t sample, * When in an entropy API callback function, _addcallbacksource() must be * used. At all other times, _addsample() must be used. */ +/*@}*/ isc_result_t isc_entropy_getdata(isc_entropy_t *ent, void *data, unsigned int length, unsigned int *returned, unsigned int flags); -/* - * Extract data from the entropy pool. This may load the pool from various +/*!< + * \brief Extract data from the entropy pool. This may load the pool from various * sources. + * + * Do this by stiring the pool and returning a part of hash as randomness. + * Note that no secrets are given away here since parts of the hash are + * xored together before returned. + * + * Honor the request from the caller to only return good data, any data, + * etc. */ void isc_entropy_putdata(isc_entropy_t *ent, void *data, unsigned int length, isc_uint32_t entropy); -/* - * Add "length" bytes in "data" to the entropy pool, incrementing the pool's +/*!< + * \brief Add "length" bytes in "data" to the entropy pool, incrementing the pool's * entropy count by "entropy." * * These bytes will prime the pseudorandom portion even no entropy is actually @@ -244,42 +263,42 @@ isc_entropy_putdata(isc_entropy_t *ent, void *data, unsigned int length, void isc_entropy_stats(isc_entropy_t *ent, FILE *out); -/* - * Dump some (trivial) stats to the stdio stream "out". +/*!< + * \brief Dump some (trivial) stats to the stdio stream "out". */ isc_result_t isc_entropy_usebestsource(isc_entropy_t *ectx, isc_entropysource_t **source, const char *randomfile, int use_keyboard); -/* - * Use whatever source of entropy is best. +/*!< + * \brief Use whatever source of entropy is best. * * Notes: - * If "randomfile" is not NULL, open it with + *\li If "randomfile" is not NULL, open it with * isc_entropy_createfilesource(). * - * If "randomfile" is NULL and the system's random device was detected + *\li If "randomfile" is NULL and the system's random device was detected * when the program was configured and built, open that device with * isc_entropy_createfilesource(). * - * If "use_keyboard" is ISC_ENTROPY_KEYBOARDYES, then always open + *\li If "use_keyboard" is #ISC_ENTROPY_KEYBOARDYES, then always open * the keyboard as an entropy source (possibly in addition to * "randomfile" or the random device). * - * If "use_keyboard" is ISC_ENTROPY_KEYBOARDMAYBE, open the keyboard only + *\li If "use_keyboard" is #ISC_ENTROPY_KEYBOARDMAYBE, open the keyboard only * if opening the random file/device fails. A message will be * printed describing the need for keyboard input. * - * If "use_keyboard" is ISC_ENTROPY_KEYBOARDNO, the keyboard will + *\li If "use_keyboard" is #ISC_ENTROPY_KEYBOARDNO, the keyboard will * never be opened. * * Returns: - * ISC_R_SUCCESS if at least one source of entropy could be started. + *\li #ISC_R_SUCCESS if at least one source of entropy could be started. * - * ISC_R_NOENTROPY if use_keyboard is ISC_ENTROPY_KEYBOARDNO and + *\li #ISC_R_NOENTROPY if use_keyboard is #ISC_ENTROPY_KEYBOARDNO and * there is no random device pathname compiled into the program. * - * A return code from isc_entropy_createfilesource() or + *\li A return code from isc_entropy_createfilesource() or * isc_entropy_createcallbacksource(). */ diff --git a/usr.sbin/bind/lib/isc/include/isc/error.h b/usr.sbin/bind/lib/isc/include/isc/error.h index 878f59a36cd..e2ca9eb25e7 100644 --- a/usr.sbin/bind/lib/isc/include/isc/error.h +++ b/usr.sbin/bind/lib/isc/include/isc/error.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: error.h,v 1.13.206.1 2004/03/06 08:14:40 marka Exp $ */ +/* $ISC: error.h,v 1.14.18.2 2005/04/29 00:16:54 marka Exp $ */ #ifndef ISC_ERROR_H #define ISC_ERROR_H 1 +/*! \file */ + #include <stdarg.h> #include <isc/formatcheck.h> @@ -29,20 +31,25 @@ ISC_LANG_BEGINDECLS typedef void (*isc_errorcallback_t)(const char *, int, const char *, va_list); +/*% set unexpected error */ void isc_error_setunexpected(isc_errorcallback_t); +/*% set fatal error */ void isc_error_setfatal(isc_errorcallback_t); +/*% unexpected error */ void isc_error_unexpected(const char *, int, const char *, ...) ISC_FORMAT_PRINTF(3, 4); +/*% fatal error */ void isc_error_fatal(const char *, int, const char *, ...) ISC_FORMAT_PRINTF(3, 4); +/*% runtimecheck error */ void isc_error_runtimecheck(const char *, int, const char *); diff --git a/usr.sbin/bind/lib/isc/include/isc/event.h b/usr.sbin/bind/lib/isc/include/isc/event.h index e9d545874c7..8ef31caff1f 100644 --- a/usr.sbin/bind/lib/isc/include/isc/event.h +++ b/usr.sbin/bind/lib/isc/include/isc/event.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: event.h,v 1.24.2.2.8.2 2004/04/15 02:10:41 marka Exp $ */ +/* $ISC: event.h,v 1.27.18.3 2005/04/29 00:16:54 marka Exp $ */ #ifndef ISC_EVENT_H #define ISC_EVENT_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/types.h> @@ -41,14 +43,14 @@ typedef void (*isc_eventdestructor_t)(isc_event_t *); void * ev_destroy_arg; \ ISC_LINK(ltype) ev_link -/* +/*% * Attributes matching a mask of 0x000000ff are reserved for the task library's * definition. Attributes of 0xffffff00 may be used by the application * or non-ISC libraries. */ #define ISC_EVENTATTR_NOPURGE 0x00000001 -/* +/*% * The ISC_EVENTATTR_CANCELED attribute is intended to indicate * that an event is delivered as a result of a canceled operation * rather than successful completion, by mutual agreement @@ -71,7 +73,7 @@ do { \ ISC_LINK_INIT((event), ev_link); \ } while (0) -/* +/*% * This structure is public because "subclassing" it may be useful when * defining new event types. */ @@ -89,22 +91,26 @@ ISC_LANG_BEGINDECLS isc_event_t * isc_event_allocate(isc_mem_t *mctx, void *sender, isc_eventtype_t type, isc_taskaction_t action, const void *arg, size_t size); -/* +/*%< + * Allocate an event structure. + * * Allocate and initialize in a structure with initial elements * defined by: * + * \code * struct { * ISC_EVENT_COMMON(struct isc_event); * ... * }; + * \endcode * * Requires: - * 'size' >= sizeof(struct isc_event) - * 'action' to be non NULL + *\li 'size' >= sizeof(struct isc_event) + *\li 'action' to be non NULL * * Returns: - * a pointer to a initialized structure of the requested size. - * NULL if unable to allocate memory. + *\li a pointer to a initialized structure of the requested size. + *\li NULL if unable to allocate memory. */ void diff --git a/usr.sbin/bind/lib/isc/include/isc/eventclass.h b/usr.sbin/bind/lib/isc/include/isc/eventclass.h index 4070f3e6d77..5dfcc72b5e2 100644 --- a/usr.sbin/bind/lib/isc/include/isc/eventclass.h +++ b/usr.sbin/bind/lib/isc/include/isc/eventclass.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,25 +15,28 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: eventclass.h,v 1.13.206.1 2004/03/06 08:14:40 marka Exp $ */ +/* $ISC: eventclass.h,v 1.14.18.2 2005/04/29 00:16:54 marka Exp $ */ #ifndef ISC_EVENTCLASS_H #define ISC_EVENTCLASS_H 1 -/***** +/*! \file isc/eventclass.h ***** Registry of Predefined Event Type Classes *****/ -/* +/*% * An event class is an unsigned 16 bit number. Each class may contain up * to 65536 events. An event type is formed by adding the event number * within the class to the class number. + * */ #define ISC_EVENTCLASS(eclass) ((eclass) << 16) -/* +/*@{*/ +/*! * Classes < 1024 are reserved for ISC use. + * Event classes >= 1024 and <= 65535 are reserved for application use. */ #define ISC_EVENTCLASS_TASK ISC_EVENTCLASS(0) @@ -45,9 +48,6 @@ #define ISC_EVENTCLASS_OMAPI ISC_EVENTCLASS(6) #define ISC_EVENTCLASS_RATELIMITER ISC_EVENTCLASS(7) #define ISC_EVENTCLASS_ISCCC ISC_EVENTCLASS(8) - -/* - * Event classes >= 1024 and <= 65535 are reserved for application use. - */ +/*@}*/ #endif /* ISC_EVENTCLASS_H */ diff --git a/usr.sbin/bind/lib/isc/include/isc/file.h b/usr.sbin/bind/lib/isc/include/isc/file.h index 2787f7716b4..11ebd71a611 100644 --- a/usr.sbin/bind/lib/isc/include/isc/file.h +++ b/usr.sbin/bind/lib/isc/include/isc/file.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: file.h,v 1.24.12.3 2004/03/08 09:04:51 marka Exp $ */ +/* $ISC: file.h,v 1.27.18.2 2005/04/29 00:16:54 marka Exp $ */ #ifndef ISC_FILE_H #define ISC_FILE_H 1 +/*! \file */ + #include <stdio.h> #include <isc/lang.h> @@ -32,81 +34,81 @@ isc_file_settime(const char *file, isc_time_t *time); isc_result_t isc_file_getmodtime(const char *file, isc_time_t *time); -/* - * Get the time of last modication of a file. +/*!< + * \brief Get the time of last modication of a file. * * Notes: - * The time that is set is relative to the (OS-specific) epoch, as are + *\li The time that is set is relative to the (OS-specific) epoch, as are * all isc_time_t structures. * * Requires: - * file != NULL. - * time != NULL. + *\li file != NULL. + *\li time != NULL. * * Ensures: - * If the file could not be accessed, 'time' is unchanged. + *\li If the file could not be accessed, 'time' is unchanged. * * Returns: - * ISC_R_SUCCESS + *\li #ISC_R_SUCCESS * Success. - * ISC_R_NOTFOUND + *\li #ISC_R_NOTFOUND * No such file exists. - * ISC_R_INVALIDFILE + *\li #ISC_R_INVALIDFILE * The path specified was not usable by the operating system. - * ISC_R_NOPERM + *\li #ISC_R_NOPERM * The file's metainformation could not be retrieved because * permission was denied to some part of the file's path. - * ISC_R_EIO + *\li #ISC_R_EIO * Hardware error interacting with the filesystem. - * ISC_R_UNEXPECTED + *\li #ISC_R_UNEXPECTED * Something totally unexpected happened. * */ isc_result_t isc_file_mktemplate(const char *path, char *buf, size_t buflen); -/* - * Generate a template string suitable for use with isc_file_openunique. +/*!< + * \brief Generate a template string suitable for use with isc_file_openunique(). * * Notes: - * This function is intended to make creating temporary files + *\li This function is intended to make creating temporary files * portable between different operating systems. * - * The path is prepended to an implementation-defined string and + *\li The path is prepended to an implementation-defined string and * placed into buf. The string has no path characters in it, * and its maximum length is 14 characters plus a NUL. Thus * buflen should be at least strlen(path) + 15 characters or * an error will be returned. * * Requires: - * buf != NULL. + *\li buf != NULL. * * Ensures: - * If result == ISC_R_SUCCESS: + *\li If result == #ISC_R_SUCCESS: * buf contains a string suitable for use as the template argument - * to isc_file_openunique. + * to isc_file_openunique(). * - * If result != ISC_R_SUCCESS: + *\li If result != #ISC_R_SUCCESS: * buf is unchanged. * * Returns: - * ISC_R_SUCCESS Success. - * ISC_R_NOSPACE buflen indicates buf is too small for the catenation + *\li #ISC_R_SUCCESS Success. + *\li #ISC_R_NOSPACE buflen indicates buf is too small for the catenation * of the path with the internal template string. */ isc_result_t isc_file_openunique(char *templet, FILE **fp); -/* - * Create and open a file with a unique name based on 'templet'. +/*!< + * \brief Create and open a file with a unique name based on 'templet'. * * Notes: - * 'template' is a reserved work in C++. If you want to complain + *\li 'template' is a reserved work in C++. If you want to complain * about the spelling of 'templet', first look it up in the * Merriam-Webster English dictionary. (http://www.m-w.com/) * - * This function works by using the template to generate file names. + *\li This function works by using the template to generate file names. * The template must be a writable string, as it is modified in place. * Trailing X characters in the file name (full file name on Unix, * basename on Win32 -- eg, tmp-XXXXXX vs XXXXXX.tmp, respectively) @@ -114,95 +116,97 @@ isc_file_openunique(char *templet, FILE **fp); * is found. If the template does not include pathname information, * the files in the working directory of the program are searched. * - * isc_file_mktemplate is a good, portable way to get a template. + *\li isc_file_mktemplate is a good, portable way to get a template. * * Requires: - * 'fp' is non-NULL and '*fp' is NULL. + *\li 'fp' is non-NULL and '*fp' is NULL. * - * 'template' is non-NULL, and of a form suitable for use by + *\li 'template' is non-NULL, and of a form suitable for use by * the system as described above. * * Ensures: - * If result is ISC_R_SUCCESS: + *\li If result is #ISC_R_SUCCESS: * *fp points to an stream opening in stdio's "w+" mode. * - * If result is not ISC_R_SUCCESS: + *\li If result is not #ISC_R_SUCCESS: * *fp is NULL. * * No file is open. Even if one was created (but unable * to be reopened as a stdio FILE pointer) then it has been * removed. * - * This function does *not* ensure that the template string has not been + *\li This function does *not* ensure that the template string has not been * modified, even if the operation was unsuccessful. * * Returns: - * ISC_R_SUCCESS + *\li #ISC_R_SUCCESS * Success. - * ISC_R_EXISTS + *\li #ISC_R_EXISTS * No file with a unique name could be created based on the * template. - * ISC_R_INVALIDFILE + *\li #ISC_R_INVALIDFILE * The path specified was not usable by the operating system. - * ISC_R_NOPERM + *\li #ISC_R_NOPERM * The file could not be created because permission was denied * to some part of the file's path. - * ISC_R_EIO + *\li #ISC_R_IOERROR * Hardware error interacting with the filesystem. - * ISC_R_UNEXPECTED + *\li #ISC_R_UNEXPECTED * Something totally unexpected happened. */ isc_result_t isc_file_remove(const char *filename); -/* - * Remove the file named by 'filename'. +/*!< + * \brief Remove the file named by 'filename'. */ isc_result_t isc_file_rename(const char *oldname, const char *newname); -/* - * Rename the file 'oldname' to 'newname'. +/*!< + * \brief Rename the file 'oldname' to 'newname'. */ isc_boolean_t isc_file_exists(const char *pathname); -/* - * Return ISC_TRUE iff the calling process can tell that the given file exists. +/*!< + * \brief Return #ISC_TRUE if the calling process can tell that the given file exists. * Will not return true if the calling process has insufficient privileges * to search the entire path. */ isc_boolean_t isc_file_isabsolute(const char *filename); -/* - * Return ISC_TRUE iff the given file name is absolute. +/*!< + * \brief Return #ISC_TRUE if the given file name is absolute. */ isc_boolean_t isc_file_iscurrentdir(const char *filename); -/* - * Return ISC_TRUE iff the given file name is the current directory ("."). +/*!< + * \brief Return #ISC_TRUE if the given file name is the current directory ("."). */ isc_boolean_t isc_file_ischdiridempotent(const char *filename); -/* - * Return ISC_TRUE if calling chdir(filename) multiple times will give +/*%< + * Return #ISC_TRUE if calling chdir(filename) multiple times will give * the same result as calling it once. */ const char * isc_file_basename(const char *filename); -/* +/*%< * Return the final component of the path in the file name. */ isc_result_t isc_file_progname(const char *filename, char *buf, size_t buflen); -/* - * Given an operating system specific file name "filename" +/*!< + * \brief Given an operating system specific file name "filename" * referring to a program, return the canonical program name. + * + * * Any directory prefix or executable file name extension (if * used on the OS in case) is stripped. On systems where program * names are case insensitive, the name is canonicalized to all @@ -210,14 +214,14 @@ isc_file_progname(const char *filename, char *buf, size_t buflen); * chars, and null terminated. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOSPACE The name did not fit in 'buf'. + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOSPACE The name did not fit in 'buf'. */ isc_result_t isc_file_template(const char *path, const char *templet, char *buf, size_t buflen); -/* +/*%< * Create an OS specific template using 'path' to define the directory * 'templet' to describe the filename and store the result in 'buf' * such that path can be renamed to buf atomically. @@ -225,13 +229,13 @@ isc_file_template(const char *path, const char *templet, char *buf, isc_result_t isc_file_renameunique(const char *file, char *templet); -/* +/*%< * Rename 'file' using 'templet' as a template for the new file name. */ isc_result_t isc_file_absolutepath(const char *filename, char *path, size_t pathlen); -/* +/*%< * Given a file name, return the fully qualified path to the file. */ @@ -243,7 +247,7 @@ isc_file_absolutepath(const char *filename, char *path, size_t pathlen); isc_result_t isc_file_truncate(const char *filename, isc_offset_t size); -/* +/*%< * Truncate/extend the file specified to 'size' bytes. */ diff --git a/usr.sbin/bind/lib/isc/include/isc/formatcheck.h b/usr.sbin/bind/lib/isc/include/isc/formatcheck.h index 81cbe1fa540..a4a9712aff8 100644 --- a/usr.sbin/bind/lib/isc/include/isc/formatcheck.h +++ b/usr.sbin/bind/lib/isc/include/isc/formatcheck.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,15 +15,21 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: formatcheck.h,v 1.6.206.1 2004/03/06 08:14:41 marka Exp $ */ +/* $ISC: formatcheck.h,v 1.7.18.2 2005/04/29 00:16:54 marka Exp $ */ #ifndef ISC_FORMATCHECK_H #define ISC_FORMATCHECK_H 1 -/* - * fmt is the location of the format string parameter. - * args is the location of the first argument (or 0 for no argument checking). - * Note: the first parameter is 1, not 0. +/*! \file */ + +/*% + * ISC_FORMAT_PRINTF(). + * + * \li fmt is the location of the format string parameter. + * \li args is the location of the first argument (or 0 for no argument checking). + * + * Note: + * \li The first parameter is 1, not 0. */ #ifdef __GNUC__ #define ISC_FORMAT_PRINTF(fmt, args) __attribute__((__format__(__printf__, fmt, args))) diff --git a/usr.sbin/bind/lib/isc/include/isc/fsaccess.h b/usr.sbin/bind/lib/isc/include/isc/fsaccess.h index 50e04ab6c13..ae8e701f67d 100644 --- a/usr.sbin/bind/lib/isc/include/isc/fsaccess.h +++ b/usr.sbin/bind/lib/isc/include/isc/fsaccess.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,13 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: fsaccess.h,v 1.7.206.1 2004/03/06 08:14:41 marka Exp $ */ +/* $ISC: fsaccess.h,v 1.8.18.2 2005/04/29 00:16:55 marka Exp $ */ #ifndef ISC_FSACCESS_H #define ISC_FSACCESS_H 1 -/* - * The ISC filesystem access module encapsulates the setting of file +/*! \file + * \brief The ISC filesystem access module encapsulates the setting of file * and directory access permissions into one API that is meant to be * portable to multiple operating systems. * @@ -41,30 +41,30 @@ * * Some of the more notable dumbing down of NT for this API includes: * - * o Each of FILE_READ_DATA and FILE_READ_EA are set with ISC_FSACCESS_READ. + *\li Each of FILE_READ_DATA and FILE_READ_EA are set with #ISC_FSACCESS_READ. * - * o All of FILE_WRITE_DATA, FILE_WRITE_EA and FILE_APPEND_DATA are - * set with ISC_FSACCESS_WRITE. FILE_WRITE_ATTRIBUTES is not set + * \li All of FILE_WRITE_DATA, FILE_WRITE_EA and FILE_APPEND_DATA are + * set with #ISC_FSACCESS_WRITE. FILE_WRITE_ATTRIBUTES is not set * so as to be consistent with Unix, where only the owner of the file * or the superuser can change the attributes/mode of a file. * - * o Both of FILE_ADD_FILE and FILE_ADD_SUBDIRECTORY are set with - * ISC_FSACCESS_CREATECHILD. This is similar to setting the WRITE + * \li Both of FILE_ADD_FILE and FILE_ADD_SUBDIRECTORY are set with + * #ISC_FSACCESS_CREATECHILD. This is similar to setting the WRITE * permission on a Unix directory. * - * o SYNCHRONIZE is always set for files and directories, unless someone + * \li SYNCHRONIZE is always set for files and directories, unless someone * can give me a reason why this is a bad idea. * - * o READ_CONTROL and FILE_READ_ATTRIBUTES are always set; this is + * \li READ_CONTROL and FILE_READ_ATTRIBUTES are always set; this is * consistent with Unix, where any file or directory can be stat()'d * unless the directory path disallows complete access somewhere along * the way. * - * o WRITE_DAC is only set for the owner. This too is consistent with + * \li WRITE_DAC is only set for the owner. This too is consistent with * Unix, and is tighter security than allowing anyone else to be * able to set permissions. * - * o DELETE is only set for the owner. On Unix the ability to delete + * \li DELETE is only set for the owner. On Unix the ability to delete * a file is controlled by the directory permissions, but it isn't * currently clear to me what happens on NT if the directory has * FILE_DELETE_CHILD set but a file within it does not have DELETE @@ -72,19 +72,19 @@ * gives maximum flexibility to the owner without exposing the * file to deletion by others. * - * o WRITE_OWNER is never set. This too is consistent with Unix, + * \li WRITE_OWNER is never set. This too is consistent with Unix, * and is also tighter security than allowing anyone to change the * ownership of the file apart from the superu..ahem, Administrator. * - * o Inheritance is set to NO_INHERITANCE. + * \li Inheritance is set to NO_INHERITANCE. * * Unix's dumbing down includes: * - * o The sticky bit cannot be set. + * \li The sticky bit cannot be set. * - * o setuid and setgid cannot be set. + * \li setuid and setgid cannot be set. * - * o Only regular files and directories can be set. + * \li Only regular files and directories can be set. * * The rest of this comment discusses a few of the incompatibilities * between the two systems that need more thought if this API is to @@ -103,24 +103,24 @@ * set on a directory. You'd need to coordinate something with file creation * so that every file created had DELETE set for the owner but noone else. * - * On Unix systems, setting ISC_FSACCESS_LISTDIRECTORY sets READ. - * ... setting either of ISC_FSACCESS_(CREATE|DELETE)CHILD sets WRITE. - * ... setting ISC_FSACCESS_ACCESSCHILD sets EXECUTE. + * On Unix systems, setting #ISC_FSACCESS_LISTDIRECTORY sets READ. + * ... setting either of #ISC_FSACCESS_(CREATE|DELETE)CHILD sets WRITE. + * ... setting #ISC_FSACCESS_ACCESSCHILD sets EXECUTE. * - * On NT systems, setting ISC_FSACCESS_LISTDIRECTORY sets FILE_LIST_DIRECTORY. + * On NT systems, setting #ISC_FSACCESS_LISTDIRECTORY sets FILE_LIST_DIRECTORY. * ... setting ISC_FSACCESS_(CREATE|DELETE)CHILD sets * FILE_(CREATE|DELETE)_CHILD independently. - * ... setting ISC_FSACCESS_ACCESSCHILD sets FILE_TRAVERSE. + * ... setting #ISC_FSACCESS_ACCESSCHILD sets FILE_TRAVERSE. * * Unresolved: XXXDCL - * What NT access right controls the ability to rename a file? - * How does DELETE work? If a directory has FILE_DELETE_CHILD but a + * \li What NT access right controls the ability to rename a file? + * \li How does DELETE work? If a directory has FILE_DELETE_CHILD but a * file or directory within it does not have DELETE, is that file * or directory deletable? - * To implement isc_fsaccess_get(), mapping an existing Unix permission + * \li To implement isc_fsaccess_get(), mapping an existing Unix permission * mode_t back to an isc_fsaccess_t is pretty trivial; however, mapping * an NT DACL could be impossible to do in a responsible way. - * Similarly, trying to implement the functionality of being able to + * \li Similarly, trying to implement the functionality of being able to * say "add group writability to whatever permissions already exist" * could be tricky on NT because of the order-of-entry issue combined * with possibly having one or more matching ACEs already explicitly @@ -135,23 +135,23 @@ /* * Trustees. */ -#define ISC_FSACCESS_OWNER 0x1 /* User account. */ -#define ISC_FSACCESS_GROUP 0x2 /* Primary group owner. */ -#define ISC_FSACCESS_OTHER 0x4 /* Not the owner or the group owner. */ -#define ISC_FSACCESS_WORLD 0x7 /* User, Group, Other. */ +#define ISC_FSACCESS_OWNER 0x1 /*%< User account. */ +#define ISC_FSACCESS_GROUP 0x2 /*%< Primary group owner. */ +#define ISC_FSACCESS_OTHER 0x4 /*%< Not the owner or the group owner. */ +#define ISC_FSACCESS_WORLD 0x7 /*%< User, Group, Other. */ /* * Types of permission. */ -#define ISC_FSACCESS_READ 0x00000001 /* File only. */ -#define ISC_FSACCESS_WRITE 0x00000002 /* File only. */ -#define ISC_FSACCESS_EXECUTE 0x00000004 /* File only. */ -#define ISC_FSACCESS_CREATECHILD 0x00000008 /* Dir only. */ -#define ISC_FSACCESS_DELETECHILD 0x00000010 /* Dir only. */ -#define ISC_FSACCESS_LISTDIRECTORY 0x00000020 /* Dir only. */ -#define ISC_FSACCESS_ACCESSCHILD 0x00000040 /* Dir only. */ +#define ISC_FSACCESS_READ 0x00000001 /*%< File only. */ +#define ISC_FSACCESS_WRITE 0x00000002 /*%< File only. */ +#define ISC_FSACCESS_EXECUTE 0x00000004 /*%< File only. */ +#define ISC_FSACCESS_CREATECHILD 0x00000008 /*%< Dir only. */ +#define ISC_FSACCESS_DELETECHILD 0x00000010 /*%< Dir only. */ +#define ISC_FSACCESS_LISTDIRECTORY 0x00000020 /*%< Dir only. */ +#define ISC_FSACCESS_ACCESSCHILD 0x00000040 /*%< Dir only. */ -/* +/*% * Adding any permission bits beyond 0x200 would mean typedef'ing * isc_fsaccess_t as isc_uint64_t, and redefining this value to * reflect the new range of permission types, Probably to 21 for diff --git a/usr.sbin/bind/lib/isc/include/isc/heap.h b/usr.sbin/bind/lib/isc/include/isc/heap.h index ba766db891f..6227c6bd75f 100644 --- a/usr.sbin/bind/lib/isc/include/isc/heap.h +++ b/usr.sbin/bind/lib/isc/include/isc/heap.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: heap.h,v 1.16.206.2 2006/04/17 18:27:20 explorer Exp $ */ +/* $ISC: heap.h,v 1.17.18.3 2006/04/17 18:27:33 explorer Exp $ */ #ifndef ISC_HEAP_H #define ISC_HEAP_H 1 diff --git a/usr.sbin/bind/lib/isc/include/isc/hex.h b/usr.sbin/bind/lib/isc/include/isc/hex.h index c503389c28b..b01dccf0a7f 100644 --- a/usr.sbin/bind/lib/isc/include/isc/hex.h +++ b/usr.sbin/bind/lib/isc/include/isc/hex.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: hex.h,v 1.4.206.1 2004/03/06 08:14:41 marka Exp $ */ +/* $ISC: hex.h,v 1.5.18.2 2005/04/29 00:16:55 marka Exp $ */ #ifndef ISC_HEX_H #define ISC_HEX_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/types.h> @@ -32,40 +34,40 @@ ISC_LANG_BEGINDECLS isc_result_t isc_hex_totext(isc_region_t *source, int wordlength, const char *wordbreak, isc_buffer_t *target); -/* - * Convert data into hex encoded text. +/*!< + * \brief Convert data into hex encoded text. * * Notes: - * The hex encoded text in 'target' will be divided into + *\li The hex encoded text in 'target' will be divided into * words of at most 'wordlength' characters, separated by * the 'wordbreak' string. No parentheses will surround * the text. * * Requires: - * 'source' is a region containing binary data - * 'target' is a text buffer containing available space - * 'wordbreak' points to a null-terminated string of + *\li 'source' is a region containing binary data + *\li 'target' is a text buffer containing available space + *\li 'wordbreak' points to a null-terminated string of * zero or more whitespace characters * * Ensures: - * target will contain the hex encoded version of the data + *\li target will contain the hex encoded version of the data * in source. The 'used' pointer in target will be advanced as * necessary. */ isc_result_t isc_hex_decodestring(char *cstr, isc_buffer_t *target); -/* - * Decode a null-terminated hex string. +/*!< + * \brief Decode a null-terminated hex string. * * Requires: - * 'cstr' is non-null. - * 'target' is a valid buffer. + *\li 'cstr' is non-null. + *\li 'target' is a valid buffer. * * Returns: - * ISC_R_SUCCESS -- the entire decoded representation of 'cstring' + *\li #ISC_R_SUCCESS -- the entire decoded representation of 'cstring' * fit in 'target'. - * ISC_R_BADHEX -- 'cstr' is not a valid hex encoding. + *\li #ISC_R_BADHEX -- 'cstr' is not a valid hex encoding. * * Other error returns are any possible error code from: * isc_lex_create(), @@ -75,16 +77,16 @@ isc_hex_decodestring(char *cstr, isc_buffer_t *target); isc_result_t isc_hex_tobuffer(isc_lex_t *lexer, isc_buffer_t *target, int length); -/* - * Convert hex encoded text from a lexer context into data. +/*!< + * \brief Convert hex encoded text from a lexer context into data. * * Requires: - * 'lex' is a valid lexer context - * 'target' is a buffer containing binary data - * 'length' is an integer + *\li 'lex' is a valid lexer context + *\li 'target' is a buffer containing binary data + *\li 'length' is an integer * * Ensures: - * target will contain the data represented by the hex encoded + *\li target will contain the data represented by the hex encoded * string parsed by the lexer. No more than length bytes will be read, * if length is positive. The 'used' pointer in target will be * advanced as necessary. diff --git a/usr.sbin/bind/lib/isc/include/isc/hmacmd5.h b/usr.sbin/bind/lib/isc/include/isc/hmacmd5.h index 7cc4e84de46..f8250036516 100644 --- a/usr.sbin/bind/lib/isc/include/isc/hmacmd5.h +++ b/usr.sbin/bind/lib/isc/include/isc/hmacmd5.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: hmacmd5.h,v 1.4.206.1 2004/03/06 08:14:42 marka Exp $ */ +/* $ISC: hmacmd5.h,v 1.5.18.4 2006/01/27 23:57:45 marka Exp $ */ -/* - * This is the header file for the HMAC-MD5 keyed hash algorithm - * described in RFC 2104. +/*! \file + * \brief This is the header file for the HMAC-MD5 keyed hash algorithm + * described in RFC2104. */ #ifndef ISC_HMACMD5_H @@ -55,6 +55,9 @@ isc_hmacmd5_sign(isc_hmacmd5_t *ctx, unsigned char *digest); isc_boolean_t isc_hmacmd5_verify(isc_hmacmd5_t *ctx, unsigned char *digest); +isc_boolean_t +isc_hmacmd5_verify2(isc_hmacmd5_t *ctx, unsigned char *digest, size_t len); + ISC_LANG_ENDDECLS #endif /* ISC_HMACMD5_H */ diff --git a/usr.sbin/bind/lib/isc/include/isc/hmacsha.h b/usr.sbin/bind/lib/isc/include/isc/hmacsha.h new file mode 100644 index 00000000000..219f5951a34 --- /dev/null +++ b/usr.sbin/bind/lib/isc/include/isc/hmacsha.h @@ -0,0 +1,156 @@ +/* + * Copyright (C) 2005, 2006 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: hmacsha.h,v 1.2.2.3 2006/08/16 03:18:14 marka Exp $ */ + +/* + * This is the header file for the HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, + * HMAC-SHA334 and HMAC-SHA512 hash algorithm described in RFC 2104. + */ + +#ifndef ISC_HMACSHA_H +#define ISC_HMACSHA_H 1 + +#include <isc/lang.h> +#include <isc/sha1.h> +#include <isc/sha2.h> +#include <isc/types.h> + +#define ISC_HMACSHA1_KEYLENGTH ISC_SHA1_BLOCK_LENGTH +#define ISC_HMACSHA224_KEYLENGTH ISC_SHA224_BLOCK_LENGTH +#define ISC_HMACSHA256_KEYLENGTH ISC_SHA256_BLOCK_LENGTH +#define ISC_HMACSHA384_KEYLENGTH ISC_SHA384_BLOCK_LENGTH +#define ISC_HMACSHA512_KEYLENGTH ISC_SHA512_BLOCK_LENGTH + +typedef struct { + isc_sha1_t sha1ctx; + unsigned char key[ISC_HMACSHA1_KEYLENGTH]; +} isc_hmacsha1_t; + +typedef struct { + isc_sha224_t sha224ctx; + unsigned char key[ISC_HMACSHA224_KEYLENGTH]; +} isc_hmacsha224_t; + +typedef struct { + isc_sha256_t sha256ctx; + unsigned char key[ISC_HMACSHA256_KEYLENGTH]; +} isc_hmacsha256_t; + +typedef struct { + isc_sha384_t sha384ctx; + unsigned char key[ISC_HMACSHA384_KEYLENGTH]; +} isc_hmacsha384_t; + +typedef struct { + isc_sha512_t sha512ctx; + unsigned char key[ISC_HMACSHA512_KEYLENGTH]; +} isc_hmacsha512_t; + +ISC_LANG_BEGINDECLS + +void +isc_hmacsha1_init(isc_hmacsha1_t *ctx, const unsigned char *key, + unsigned int len); + +void +isc_hmacsha1_invalidate(isc_hmacsha1_t *ctx); + +void +isc_hmacsha1_update(isc_hmacsha1_t *ctx, const unsigned char *buf, + unsigned int len); + +void +isc_hmacsha1_sign(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len); + +isc_boolean_t +isc_hmacsha1_verify(isc_hmacsha1_t *ctx, unsigned char *digest, size_t len); + + +void +isc_hmacsha224_init(isc_hmacsha224_t *ctx, const unsigned char *key, + unsigned int len); + +void +isc_hmacsha224_invalidate(isc_hmacsha224_t *ctx); + +void +isc_hmacsha224_update(isc_hmacsha224_t *ctx, const unsigned char *buf, + unsigned int len); + +void +isc_hmacsha224_sign(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len); + +isc_boolean_t +isc_hmacsha224_verify(isc_hmacsha224_t *ctx, unsigned char *digest, size_t len); + + +void +isc_hmacsha256_init(isc_hmacsha256_t *ctx, const unsigned char *key, + unsigned int len); + +void +isc_hmacsha256_invalidate(isc_hmacsha256_t *ctx); + +void +isc_hmacsha256_update(isc_hmacsha256_t *ctx, const unsigned char *buf, + unsigned int len); + +void +isc_hmacsha256_sign(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len); + +isc_boolean_t +isc_hmacsha256_verify(isc_hmacsha256_t *ctx, unsigned char *digest, size_t len); + + +void +isc_hmacsha384_init(isc_hmacsha384_t *ctx, const unsigned char *key, + unsigned int len); + +void +isc_hmacsha384_invalidate(isc_hmacsha384_t *ctx); + +void +isc_hmacsha384_update(isc_hmacsha384_t *ctx, const unsigned char *buf, + unsigned int len); + +void +isc_hmacsha384_sign(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len); + +isc_boolean_t +isc_hmacsha384_verify(isc_hmacsha384_t *ctx, unsigned char *digest, size_t len); + + +void +isc_hmacsha512_init(isc_hmacsha512_t *ctx, const unsigned char *key, + unsigned int len); + +void +isc_hmacsha512_invalidate(isc_hmacsha512_t *ctx); + +void +isc_hmacsha512_update(isc_hmacsha512_t *ctx, const unsigned char *buf, + unsigned int len); + +void +isc_hmacsha512_sign(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len); + +isc_boolean_t +isc_hmacsha512_verify(isc_hmacsha512_t *ctx, unsigned char *digest, size_t len); + +ISC_LANG_ENDDECLS + +#endif /* ISC_HMACSHA_H */ diff --git a/usr.sbin/bind/lib/isc/include/isc/interfaceiter.h b/usr.sbin/bind/lib/isc/include/isc/interfaceiter.h index c622e7ff6a4..b329bc3cd56 100644 --- a/usr.sbin/bind/lib/isc/include/isc/interfaceiter.h +++ b/usr.sbin/bind/lib/isc/include/isc/interfaceiter.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: interfaceiter.h,v 1.10.206.1 2004/03/06 08:14:42 marka Exp $ */ +/* $ISC: interfaceiter.h,v 1.11.18.2 2005/04/29 00:16:55 marka Exp $ */ #ifndef ISC_INTERFACEITER_H #define ISC_INTERFACEITER_H 1 @@ -24,10 +24,8 @@ ***** Module Info *****/ -/* - * Interface iterator - * - * Iterate over the list of network interfaces. +/*! \file + * \brief Iterates over the list of network interfaces. * * Interfaces whose address family is not supported are ignored and never * returned by the iterator. Interfaces whose netmask, interface flags, @@ -46,25 +44,26 @@ #include <isc/netaddr.h> #include <isc/types.h> -/* - * Public structure describing a network interface. +/*! + * \brief Public structure describing a network interface. */ struct isc_interface { - char name[32]; /* Interface name, null-terminated. */ - unsigned int af; /* Address family. */ - isc_netaddr_t address; /* Local address. */ - isc_netaddr_t netmask; /* Network mask. */ - isc_netaddr_t dstaddress; /* Destination address - (point-to-point only). */ - isc_uint32_t flags; /* Flags; see below. */ + char name[32]; /*%< Interface name, null-terminated. */ + unsigned int af; /*%< Address family. */ + isc_netaddr_t address; /*%< Local address. */ + isc_netaddr_t netmask; /*%< Network mask. */ + isc_netaddr_t dstaddress; /*%< Destination address (point-to-point only). */ + isc_uint32_t flags; /*%< Flags; see INTERFACE flags. */ }; -/* Interface flags. */ +/*@{*/ +/*! Interface flags. */ #define INTERFACE_F_UP 0x00000001U #define INTERFACE_F_POINTTOPOINT 0x00000002U #define INTERFACE_F_LOOPBACK 0x00000004U +/*@}*/ /*** *** Functions @@ -74,59 +73,59 @@ ISC_LANG_BEGINDECLS isc_result_t isc_interfaceiter_create(isc_mem_t *mctx, isc_interfaceiter_t **iterp); -/* - * Create an iterator for traversing the operating system's list +/*!< + * \brief Create an iterator for traversing the operating system's list * of network interfaces. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * Various network-related errors + *\li #ISC_R_SUCCESS + * \li #ISC_R_NOMEMORY + *\li Various network-related errors */ isc_result_t isc_interfaceiter_first(isc_interfaceiter_t *iter); -/* - * Position the iterator on the first interface. +/*!< + * \brief Position the iterator on the first interface. * * Returns: - * ISC_R_SUCCESS Success. - * ISC_R_NOMORE There are no interfaces. + *\li #ISC_R_SUCCESS Success. + *\li #ISC_R_NOMORE There are no interfaces. */ isc_result_t isc_interfaceiter_current(isc_interfaceiter_t *iter, isc_interface_t *ifdata); -/* - * Get information about the interface the iterator is currently +/*!< + * \brief Get information about the interface the iterator is currently * positioned at and store it at *ifdata. * * Requires: - * The iterator has been successfully positioned using + *\li The iterator has been successfully positioned using * isc_interface_iter_first() / isc_interface_iter_next(). * * Returns: - * ISC_R_SUCCESS Success. + *\li #ISC_R_SUCCESS Success. */ isc_result_t isc_interfaceiter_next(isc_interfaceiter_t *iter); -/* - * Position the iterator on the next interface. +/*!< + * \brief Position the iterator on the next interface. * * Requires: - * The iterator has been successfully positioned using + * \li The iterator has been successfully positioned using * isc_interface_iter_first() / isc_interface_iter_next(). * * Returns: - * ISC_R_SUCCESS Success. - * ISC_R_NOMORE There are no more interfaces. + *\li #ISC_R_SUCCESS Success. + *\li #ISC_R_NOMORE There are no more interfaces. */ void isc_interfaceiter_destroy(isc_interfaceiter_t **iterp); -/* - * Destroy the iterator. +/*!< + * \brief Destroy the iterator. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/isc/include/isc/ipv6.h b/usr.sbin/bind/lib/isc/include/isc/ipv6.h index c8fa8d3917c..ac1a24f67cd 100644 --- a/usr.sbin/bind/lib/isc/include/isc/ipv6.h +++ b/usr.sbin/bind/lib/isc/include/isc/ipv6.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,12 +15,12 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ipv6.h,v 1.17.12.4 2004/03/09 05:21:09 marka Exp $ */ +/* $ISC: ipv6.h,v 1.20.18.2 2005/04/29 00:16:56 marka Exp $ */ #ifndef ISC_IPV6_H #define ISC_IPV6_H 1 -/* +/*! * Also define LWRES_IPV6_H to keep it from being included if liblwres is * being used, or redefinition errors will occur. */ @@ -30,23 +30,23 @@ ***** Module Info *****/ -/* - * IPv6 definitions for systems which do not support IPv6. +/*! \file isc/ipv6.h + * \brief IPv6 definitions for systems which do not support IPv6. * - * MP: + * \li MP: * No impact. * - * Reliability: + * \li Reliability: * No anticipated impact. * - * Resources: + * \li Resources: * N/A. * - * Security: + * \li Security: * No anticipated impact. * - * Standards: - * RFC 2553. + * \li Standards: + * RFC2553. */ /*** @@ -95,7 +95,7 @@ struct sockaddr_in6 { #define SIN6_LEN 1 #endif -/* +/*% * Unspecified */ #define IN6_IS_ADDR_UNSPECIFIED(a) \ @@ -104,7 +104,7 @@ struct sockaddr_in6 { ((a)->s6_addr32[2] == 0) && \ ((a)->s6_addr32[3] == 0)) -/* +/*% * Loopback */ #define IN6_IS_ADDR_LOOPBACK(a) \ @@ -113,7 +113,7 @@ struct sockaddr_in6 { ((a)->s6_addr32[2] == 0) && \ ((a)->s6_addr32[3] == htonl(1))) -/* +/*% * IPv4 compatible */ #define IN6_IS_ADDR_V4COMPAT(a) \ @@ -123,7 +123,7 @@ struct sockaddr_in6 { ((a)->s6_addr32[3] != 0) && \ ((a)->s6_addr32[3] != htonl(1))) -/* +/*% * Mapped */ #define IN6_IS_ADDR_V4MAPPED(a) \ @@ -131,13 +131,13 @@ struct sockaddr_in6 { ((a)->s6_addr32[1] == 0) && \ ((a)->s6_addr32[2] == htonl(0x0000ffff))) -/* +/*% * Multicast */ #define IN6_IS_ADDR_MULTICAST(a) \ ((a)->s6_addr8[0] == 0xffU) -/* +/*% * Unicast link / site local. */ #define IN6_IS_ADDR_LINKLOCAL(a) \ diff --git a/usr.sbin/bind/lib/isc/include/isc/lang.h b/usr.sbin/bind/lib/isc/include/isc/lang.h index 8ea9e417495..fa23f970788 100644 --- a/usr.sbin/bind/lib/isc/include/isc/lang.h +++ b/usr.sbin/bind/lib/isc/include/isc/lang.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lang.h,v 1.6.206.1 2004/03/06 08:14:42 marka Exp $ */ +/* $ISC: lang.h,v 1.7.18.2 2005/04/29 00:16:56 marka Exp $ */ #ifndef ISC_LANG_H #define ISC_LANG_H 1 +/*! \file */ + #ifdef __cplusplus #define ISC_LANG_BEGINDECLS extern "C" { #define ISC_LANG_ENDDECLS } diff --git a/usr.sbin/bind/lib/isc/include/isc/lex.h b/usr.sbin/bind/lib/isc/include/isc/lex.h index daba6d89f01..bfdc101b964 100644 --- a/usr.sbin/bind/lib/isc/include/isc/lex.h +++ b/usr.sbin/bind/lib/isc/include/isc/lex.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lex.h,v 1.26.2.2.8.3 2004/03/08 09:04:51 marka Exp $ */ +/* $ISC: lex.h,v 1.30.18.3 2005/06/04 00:39:05 marka Exp $ */ #ifndef ISC_LEX_H #define ISC_LEX_H 1 @@ -24,28 +24,26 @@ ***** Module Info *****/ -/* - * Lex - * - * The "lex" module provides a lightweight tokenizer. It can operate +/*! \file isc/lex.h + * \brief The "lex" module provides a lightweight tokenizer. It can operate * on files or buffers, and can handle "include". It is designed for * parsing of DNS master files and the BIND configuration file, but * should be general enough to tokenize other things, e.g. HTTP. * - * MP: + * \li MP: * No synchronization is provided. Clients must ensure exclusive * access. * - * Reliability: + * \li Reliability: * No anticipated impact. * - * Resources: - * <TBS> + * \li Resources: + * TBS * - * Security: + * \li Security: * No anticipated impact. * - * Standards: + * \li Standards: * None. */ @@ -65,31 +63,36 @@ ISC_LANG_BEGINDECLS *** Options ***/ -/* +/*@{*/ +/*! * Various options for isc_lex_gettoken(). */ -#define ISC_LEXOPT_EOL 0x01 /* Want end-of-line token. */ -#define ISC_LEXOPT_EOF 0x02 /* Want end-of-file token. */ -#define ISC_LEXOPT_INITIALWS 0x04 /* Want initial whitespace. */ -#define ISC_LEXOPT_NUMBER 0x08 /* Recognize numbers. */ -#define ISC_LEXOPT_QSTRING 0x10 /* Recognize qstrings. */ +#define ISC_LEXOPT_EOL 0x01 /*%< Want end-of-line token. */ +#define ISC_LEXOPT_EOF 0x02 /*%< Want end-of-file token. */ +#define ISC_LEXOPT_INITIALWS 0x04 /*%< Want initial whitespace. */ +#define ISC_LEXOPT_NUMBER 0x08 /*%< Recognize numbers. */ +#define ISC_LEXOPT_QSTRING 0x10 /*%< Recognize qstrings. */ +/*@}*/ -/* +/*@{*/ +/*! * The ISC_LEXOPT_DNSMULTILINE option handles the processing of '(' and ')' in * the DNS master file format. If this option is set, then the * ISC_LEXOPT_INITIALWS and ISC_LEXOPT_EOL options will be ignored when * the paren count is > 0. To use this option, '(' and ')' must be special * characters. */ -#define ISC_LEXOPT_DNSMULTILINE 0x20 /* Handle '(' and ')'. */ -#define ISC_LEXOPT_NOMORE 0x40 /* Want "no more" token. */ - -#define ISC_LEXOPT_CNUMBER 0x80 /* Regognise octal and hex */ -#define ISC_LEXOPT_ESCAPE 0x100 /* Recognize escapes. */ -#define ISC_LEXOPT_QSTRINGMULTILINE 0x200 /* Allow multiline "" strings */ - -/* +#define ISC_LEXOPT_DNSMULTILINE 0x20 /*%< Handle '(' and ')'. */ +#define ISC_LEXOPT_NOMORE 0x40 /*%< Want "no more" token. */ + +#define ISC_LEXOPT_CNUMBER 0x80 /*%< Regognize octal and hex. */ +#define ISC_LEXOPT_ESCAPE 0x100 /*%< Recognize escapes. */ +#define ISC_LEXOPT_QSTRINGMULTILINE 0x200 /*%< Allow multiline "" strings */ +#define ISC_LEXOPT_OCTAL 0x400 /*%< Expect a octal number. */ +/*@}*/ +/*@{*/ +/*! * Various commenting styles, which may be changed at any time with * isc_lex_setcomments(). */ @@ -98,12 +101,13 @@ ISC_LANG_BEGINDECLS #define ISC_LEXCOMMENT_CPLUSPLUS 0x02 #define ISC_LEXCOMMENT_SHELL 0x04 #define ISC_LEXCOMMENT_DNSMASTERFILE 0x08 +/*@}*/ /*** *** Types ***/ -/* Lex */ +/*! Lex */ typedef char isc_lexspecials_t[256]; @@ -140,268 +144,285 @@ typedef struct isc_token { isc_result_t isc_lex_create(isc_mem_t *mctx, size_t max_token, isc_lex_t **lexp); -/* +/*%< * Create a lexer. * * 'max_token' is a hint of the number of bytes in the largest token. * * Requires: - * '*lexp' is a valid lexer. + *\li '*lexp' is a valid lexer. * - * max_token > 0. + *\li max_token > 0. * * Ensures: - * On success, *lexp is attached to the newly created lexer. + *\li On success, *lexp is attached to the newly created lexer. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY */ void isc_lex_destroy(isc_lex_t **lexp); -/* +/*%< * Destroy the lexer. * * Requires: - * '*lexp' is a valid lexer. + *\li '*lexp' is a valid lexer. * * Ensures: - * *lexp == NULL + *\li *lexp == NULL */ unsigned int isc_lex_getcomments(isc_lex_t *lex); -/* +/*%< * Return the current lexer commenting styles. * * Requires: - * 'lex' is a valid lexer. + *\li 'lex' is a valid lexer. * * Returns: - * The commenting sytles which are currently allowed. + *\li The commenting sytles which are currently allowed. */ void isc_lex_setcomments(isc_lex_t *lex, unsigned int comments); -/* +/*%< * Set allowed lexer commenting styles. * * Requires: - * 'lex' is a valid lexer. + *\li 'lex' is a valid lexer. * - * 'comments' has meaningful values. + *\li 'comments' has meaningful values. */ void isc_lex_getspecials(isc_lex_t *lex, isc_lexspecials_t specials); -/* +/*%< * Put the current list of specials into 'specials'. * * Requires: - * 'lex' is a valid lexer. + *\li 'lex' is a valid lexer. */ void isc_lex_setspecials(isc_lex_t *lex, isc_lexspecials_t specials); -/* +/*!< * The characters in 'specials' are returned as tokens. Along with * whitespace, they delimit strings and numbers. * * Note: - * Comment processing takes precedence over special character + *\li Comment processing takes precedence over special character * recognition. * * Requires: - * 'lex' is a valid lexer. + *\li 'lex' is a valid lexer. */ isc_result_t isc_lex_openfile(isc_lex_t *lex, const char *filename); -/* +/*%< * Open 'filename' and make it the current input source for 'lex'. * * Requires: - * 'lex' is a valid lexer. + *\li 'lex' is a valid lexer. * - * filename is a valid C string. + *\li filename is a valid C string. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY Out of memory - * ISC_R_NOTFOUND File not found - * ISC_R_NOPERM No permission to open file - * ISC_R_FAILURE Couldn't open file, not sure why - * ISC_R_UNEXPECTED + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY Out of memory + *\li #ISC_R_NOTFOUND File not found + *\li #ISC_R_NOPERM No permission to open file + *\li #ISC_R_FAILURE Couldn't open file, not sure why + *\li #ISC_R_UNEXPECTED */ isc_result_t isc_lex_openstream(isc_lex_t *lex, FILE *stream); -/* +/*%< * Make 'stream' the current input source for 'lex'. * * Requires: - * 'lex' is a valid lexer. + *\li 'lex' is a valid lexer. * - * 'stream' is a valid C stream. + *\li 'stream' is a valid C stream. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY Out of memory + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY Out of memory */ isc_result_t isc_lex_openbuffer(isc_lex_t *lex, isc_buffer_t *buffer); -/* +/*%< * Make 'buffer' the current input source for 'lex'. * * Requires: - * 'lex' is a valid lexer. + *\li 'lex' is a valid lexer. * - * 'buffer' is a valid buffer. + *\li 'buffer' is a valid buffer. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY Out of memory + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY Out of memory */ isc_result_t isc_lex_close(isc_lex_t *lex); -/* +/*%< * Close the most recently opened object (i.e. file or buffer). * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMORE No more input sources + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMORE No more input sources */ isc_result_t isc_lex_gettoken(isc_lex_t *lex, unsigned int options, isc_token_t *tokenp); -/* +/*%< * Get the next token. * * Requires: - * 'lex' is a valid lexer. + *\li 'lex' is a valid lexer. * - * 'lex' has an input source. + *\li 'lex' has an input source. * - * 'options' contains valid options. + *\li 'options' contains valid options. * - * '*tokenp' is a valid pointer. + *\li '*tokenp' is a valid pointer. * * Returns: - * ISC_R_SUCCESS - * ISC_R_UNEXPECTEDEND - * ISC_R_NOMEMORY + *\li #ISC_R_SUCCESS + *\li #ISC_R_UNEXPECTEDEND + *\li #ISC_R_NOMEMORY * * These two results are returned only if their corresponding lexer * options are not set. * - * ISC_R_EOF End of input source - * ISC_R_NOMORE No more input sources + *\li #ISC_R_EOF End of input source + *\li #ISC_R_NOMORE No more input sources */ isc_result_t isc_lex_getmastertoken(isc_lex_t *lex, isc_token_t *token, isc_tokentype_t expect, isc_boolean_t eol); -/* +/*%< * Get the next token from a DNS master file type stream. This is a * convenience function that sets appropriate options and handles quoted * strings and end of line correctly for master files. It also ungets * unexpected tokens. * * Requires: - * 'lex' is a valid lexer. + *\li 'lex' is a valid lexer. * - * 'token' is a valid pointer + *\li 'token' is a valid pointer * * Returns: * - * any return code from isc_lex_gettoken. + * \li any return code from isc_lex_gettoken(). + */ + +isc_result_t +isc_lex_getoctaltoken(isc_lex_t *lex, isc_token_t *token, isc_boolean_t eol); +/*%< + * Get the next token from a DNS master file type stream. This is a + * convenience function that sets appropriate options and handles end + * of line correctly for master files. It also ungets unexpected tokens. + * + * Requires: + *\li 'lex' is a valid lexer. + * + *\li 'token' is a valid pointer + * + * Returns: + * + * \li any return code from isc_lex_gettoken(). */ void isc_lex_ungettoken(isc_lex_t *lex, isc_token_t *tokenp); -/* +/*%< * Unget the current token. * * Requires: - * 'lex' is a valid lexer. + *\li 'lex' is a valid lexer. * - * 'lex' has an input source. + *\li 'lex' has an input source. * - * 'tokenp' points to a valid token. + *\li 'tokenp' points to a valid token. * - * There is no ungotten token already. + *\li There is no ungotten token already. */ void isc_lex_getlasttokentext(isc_lex_t *lex, isc_token_t *tokenp, isc_region_t *r); -/* +/*%< * Returns a region containing the text of the last token returned. * * Requires: - * 'lex' is a valid lexer. + *\li 'lex' is a valid lexer. * - * 'lex' has an input source. + *\li 'lex' has an input source. * - * 'tokenp' points to a valid token. + *\li 'tokenp' points to a valid token. * - * A token has been gotten and not ungotten. + *\li A token has been gotten and not ungotten. */ char * isc_lex_getsourcename(isc_lex_t *lex); -/* +/*%< * Return the input source name. * * Requires: - * 'lex' is a valid lexer. + *\li 'lex' is a valid lexer. * * Returns: - * source name or NULL if no current source. - * result valid while current input source exists. + * \li source name or NULL if no current source. + *\li result valid while current input source exists. */ unsigned long isc_lex_getsourceline(isc_lex_t *lex); -/* +/*%< * Return the input source line number. * * Requires: - * 'lex' is a valid lexer. + *\li 'lex' is a valid lexer. * * Returns: - * Current line number or 0 if no current source. + *\li Current line number or 0 if no current source. */ isc_result_t isc_lex_setsourcename(isc_lex_t *lex, const char *name); -/* +/*%< * Assigns a new name to the input source. * * Requires: * - * 'lex' is a valid lexer. + * \li 'lex' is a valid lexer. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * ISC_R_NOTFOUND - there are no sources. + * \li #ISC_R_SUCCESS + * \li #ISC_R_NOMEMORY + * \li #ISC_R_NOTFOUND - there are no sources. */ isc_boolean_t isc_lex_isfile(isc_lex_t *lex); -/* +/*%< * Return whether the current input source is a file. * * Requires: - * 'lex' is a valid lexer. + *\li 'lex' is a valid lexer. * * Returns: - * ISC_TRUE if the current input is a file, - * ISC_FALSE otherwise. + * \li #ISC_TRUE if the current input is a file, + *\li #ISC_FALSE otherwise. */ diff --git a/usr.sbin/bind/lib/isc/include/isc/lfsr.h b/usr.sbin/bind/lib/isc/include/isc/lfsr.h index 39eb28eb10d..09bec06542a 100644 --- a/usr.sbin/bind/lib/isc/include/isc/lfsr.h +++ b/usr.sbin/bind/lib/isc/include/isc/lfsr.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,17 +15,19 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lfsr.h,v 1.10.206.1 2004/03/06 08:14:43 marka Exp $ */ +/* $ISC: lfsr.h,v 1.11.18.2 2005/04/29 00:16:56 marka Exp $ */ #ifndef ISC_LFSR_H #define ISC_LFSR_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/types.h> typedef struct isc_lfsr isc_lfsr_t; -/* +/*% * This function is called when reseeding is needed. It is allowed to * modify any state in the LFSR in any way it sees fit OTHER THAN "bits". * @@ -36,96 +38,91 @@ typedef struct isc_lfsr isc_lfsr_t; */ typedef void (*isc_lfsrreseed_t)(isc_lfsr_t *, void *); -/* +/*% * The members of this structure can be used by the application, but care * needs to be taken to not change state once the lfsr is in operation. */ struct isc_lfsr { - isc_uint32_t state; /* previous state */ - unsigned int bits; /* length */ - isc_uint32_t tap; /* bit taps */ - unsigned int count; /* reseed count (in BITS!) */ - isc_lfsrreseed_t reseed; /* reseed function */ - void *arg; /* reseed function argument */ + isc_uint32_t state; /*%< previous state */ + unsigned int bits; /*%< length */ + isc_uint32_t tap; /*%< bit taps */ + unsigned int count; /*%< reseed count (in BITS!) */ + isc_lfsrreseed_t reseed; /*%< reseed function */ + void *arg; /*%< reseed function argument */ }; ISC_LANG_BEGINDECLS -/* - * In all these functions it is important that the caller only use as many - * bits as the LFSR has state. Also, it isn't guaranteed that an LFSR of - * bit length 32 will have 2^32 unique states before repeating. - */ void isc_lfsr_init(isc_lfsr_t *lfsr, isc_uint32_t state, unsigned int bits, isc_uint32_t tap, unsigned int count, isc_lfsrreseed_t reseed, void *arg); -/* +/*%< * Initialize an LFSR. * * Note: * - * Putting untrusted values into this function will cause the LFSR to + *\li Putting untrusted values into this function will cause the LFSR to * generate (perhaps) non-maximal length sequences. * * Requires: * - * lfsr != NULL + *\li lfsr != NULL * - * 8 <= bits <= 32 + *\li 8 <= bits <= 32 * - * tap != 0 + *\li tap != 0 */ void isc_lfsr_generate(isc_lfsr_t *lfsr, void *data, unsigned int count); -/* +/*%< * Returns "count" bytes of data from the LFSR. * * Requires: * - * lfsr be valid. + *\li lfsr be valid. * - * data != NULL. + *\li data != NULL. * - * count > 0. + *\li count > 0. */ void isc_lfsr_skip(isc_lfsr_t *lfsr, unsigned int skip); -/* +/*%< * Skip "skip" states. * * Requires: * - * lfsr be valid. + *\li lfsr be valid. */ isc_uint32_t isc_lfsr_generate32(isc_lfsr_t *lfsr1, isc_lfsr_t *lfsr2); -/* +/*%< * Given two LFSRs, use the current state from each to skip entries in the * other. The next states are then xor'd together and returned. * * WARNING: * - * This function is used only for very, very low security data, such + *\li This function is used only for very, very low security data, such * as DNS message IDs where it is desired to have an unpredictable * stream of bytes that are harder to predict than a simple flooding * attack. * * Notes: * - * Since the current state from each of the LFSRs is used to skip + *\li Since the current state from each of the LFSRs is used to skip * state in the other, it is important that no state be leaked * from either LFSR. * * Requires: * - * lfsr1 and lfsr2 be valid. + *\li lfsr1 and lfsr2 be valid. * - * 1 <= skipbits <= 31 + *\li 1 <= skipbits <= 31 */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/isc/include/isc/lib.h b/usr.sbin/bind/lib/isc/include/isc/lib.h index e523a19b199..7893ab2ae58 100644 --- a/usr.sbin/bind/lib/isc/include/isc/lib.h +++ b/usr.sbin/bind/lib/isc/include/isc/lib.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lib.h,v 1.6.12.3 2004/03/08 09:04:51 marka Exp $ */ +/* $ISC: lib.h,v 1.8.18.2 2005/04/29 00:16:58 marka Exp $ */ #ifndef ISC_LIB_H #define ISC_LIB_H 1 +/*! \file */ + #include <isc/types.h> #include <isc/lang.h> @@ -29,8 +31,8 @@ LIBISC_EXTERNAL_DATA extern isc_msgcat_t *isc_msgcat; void isc_lib_initmsgcat(void); -/* - * Initialize the ISC library's message catalog, isc_msgcat, if it +/*!< + * \brief Initialize the ISC library's message catalog, isc_msgcat, if it * has not already been initialized. */ diff --git a/usr.sbin/bind/lib/isc/include/isc/list.h b/usr.sbin/bind/lib/isc/include/isc/list.h index fa0eb8a0cfc..520bd4343ab 100644 --- a/usr.sbin/bind/lib/isc/include/isc/list.h +++ b/usr.sbin/bind/lib/isc/include/isc/list.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: list.h,v 1.18.2.2.8.3 2006/06/06 00:11:40 marka Exp $ */ +/* $ISC: list.h,v 1.20.18.2 2006/06/06 00:11:41 marka Exp $ */ #ifndef ISC_LIST_H #define ISC_LIST_H 1 diff --git a/usr.sbin/bind/lib/isc/include/isc/magic.h b/usr.sbin/bind/lib/isc/include/isc/magic.h index 57a745a5074..2207628cfad 100644 --- a/usr.sbin/bind/lib/isc/include/isc/magic.h +++ b/usr.sbin/bind/lib/isc/include/isc/magic.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,20 +15,21 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: magic.h,v 1.11.206.1 2004/03/06 08:14:43 marka Exp $ */ +/* $ISC: magic.h,v 1.12.18.2 2005/04/29 00:16:59 marka Exp $ */ #ifndef ISC_MAGIC_H #define ISC_MAGIC_H 1 +/*! \file */ + typedef struct { unsigned int magic; } isc__magic_t; -/* +/*% * To use this macro the magic number MUST be the first thing in the * structure, and MUST be of type "unsigned int". - * * The intent of this is to allow magic numbers to be checked even though * the object is otherwise opaque. */ diff --git a/usr.sbin/bind/lib/isc/include/isc/md5.h b/usr.sbin/bind/lib/isc/include/isc/md5.h index 6214a4e48fe..b78ba804cb8 100644 --- a/usr.sbin/bind/lib/isc/include/isc/md5.h +++ b/usr.sbin/bind/lib/isc/include/isc/md5.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: md5.h,v 1.8.206.1 2004/03/06 08:14:43 marka Exp $ */ +/* $ISC: md5.h,v 1.9.18.4 2006/02/01 00:10:34 marka Exp $ */ -/* - * This is the header file for the MD5 message-digest algorithm. +/*! \file + * \brief This is the header file for the MD5 message-digest algorithm. + * * The algorithm is due to Ron Rivest. This code was * written by Colin Plumb in 1993, no copyright is claimed. * This code is in the public domain; do with it what you wish. @@ -45,7 +46,7 @@ #include <isc/lang.h> #include <isc/types.h> -#define ISC_MD5_DIGESTLENGTH 16 +#define ISC_MD5_DIGESTLENGTH 16U typedef struct { isc_uint32_t buf[4]; diff --git a/usr.sbin/bind/lib/isc/include/isc/mem.h b/usr.sbin/bind/lib/isc/include/isc/mem.h index c9c825214a2..850b4f71484 100644 --- a/usr.sbin/bind/lib/isc/include/isc/mem.h +++ b/usr.sbin/bind/lib/isc/include/isc/mem.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1997-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: mem.h,v 1.54.12.4 2004/10/11 05:55:51 marka Exp $ */ +/* $ISC: mem.h,v 1.59.18.9 2006/01/04 23:50:23 marka Exp $ */ #ifndef ISC_MEM_H #define ISC_MEM_H 1 +/*! \file */ + #include <stdio.h> #include <isc/lang.h> @@ -36,7 +38,7 @@ typedef void (*isc_mem_water_t)(void *, int); typedef void * (*isc_memalloc_t)(void *, size_t); typedef void (*isc_memfree_t)(void *, void *); -/* +/*% * Define ISC_MEM_DEBUG=1 to make all functions that free memory * set the pointer being freed to NULL after being freed. * This is the default; set ISC_MEM_DEBUG=0 to disable it. @@ -45,7 +47,7 @@ typedef void (*isc_memfree_t)(void *, void *); #define ISC_MEM_DEBUG 1 #endif -/* +/*% * Define ISC_MEM_TRACKLINES=1 to turn on detailed tracing of memory * allocation and freeing by file and line number. */ @@ -53,7 +55,7 @@ typedef void (*isc_memfree_t)(void *, void *); #define ISC_MEM_TRACKLINES 1 #endif -/* +/*% * Define ISC_MEM_CHECKOVERRUN=1 to turn on checks for using memory outside * the requested space. This will increase the size of each allocation. */ @@ -61,7 +63,7 @@ typedef void (*isc_memfree_t)(void *, void *); #define ISC_MEM_CHECKOVERRUN 1 #endif -/* +/*% * Define ISC_MEM_FILL=1 to fill each block of memory returned to the system * with the byte string '0xbe'. This helps track down uninitialized pointers * and the like. On freeing memory, the space is filled with '0xde' for @@ -71,7 +73,7 @@ typedef void (*isc_memfree_t)(void *, void *); #define ISC_MEM_FILL 1 #endif -/* +/*% * Define ISC_MEMPOOL_NAMES=1 to make memory pools store a symbolic * name so that the leaking pool can be more readily identified in * case of a memory leak. @@ -81,27 +83,40 @@ typedef void (*isc_memfree_t)(void *, void *); #endif LIBISC_EXTERNAL_DATA extern unsigned int isc_mem_debugging; +/*@{*/ #define ISC_MEM_DEBUGTRACE 0x00000001U #define ISC_MEM_DEBUGRECORD 0x00000002U #define ISC_MEM_DEBUGUSAGE 0x00000004U -/* +#define ISC_MEM_DEBUGSIZE 0x00000008U +#define ISC_MEM_DEBUGCTX 0x00000010U +#define ISC_MEM_DEBUGALL 0x0000001FU +/*!< * The variable isc_mem_debugging holds a set of flags for * turning certain memory debugging options on or off at * runtime. Its is intialized to the value ISC_MEM_DEGBUGGING, * which is 0 by default but may be overridden at compile time. * The following flags can be specified: * - * ISC_MEM_DEBUGTRACE + * \li #ISC_MEM_DEBUGTRACE * Log each allocation and free to isc_lctx. * - * ISC_MEM_DEBUGRECORD + * \li #ISC_MEM_DEBUGRECORD * Remember each allocation, and match them up on free. * Crash if a free doesn't match an allocation. * - * ISC_MEM_DEBUGUSAGE + * \li #ISC_MEM_DEBUGUSAGE * If a hi_water mark is set, print the maximium inuse memory * every time it is raised once it exceeds the hi_water mark. + * + * \li #ISC_MEM_DEBUGSIZE + * Check the size argument being passed to isc_mem_put() matches + * that passed to isc_mem_get(). + * + * \li #ISC_MEM_DEBUGCTX + * Check the mctx argument being passed to isc_mem_put() matches + * that passed to isc_mem_get(). */ +/*@}*/ #if ISC_MEM_TRACKLINES #define _ISC_MEM_FILELINE , __FILE__, __LINE__ @@ -111,17 +126,43 @@ LIBISC_EXTERNAL_DATA extern unsigned int isc_mem_debugging; #define _ISC_MEM_FLARG #endif +/*! + * Define ISC_MEM_USE_INTERNAL_MALLOC=1 to use the internal malloc() + * implementation in preference to the system one. The internal malloc() + * is very space-efficient, and quite fast on uniprocessor systems. It + * performs poorly on multiprocessor machines. + * JT: we can overcome the performance issue on multiprocessor machines + * by carefully separating memory contexts. + */ + +#ifndef ISC_MEM_USE_INTERNAL_MALLOC +#define ISC_MEM_USE_INTERNAL_MALLOC 1 +#endif + +/* + * Flags for isc_mem_create2()calls. + */ +#define ISC_MEMFLAG_NOLOCK 0x00000001 /* no lock is necessary */ +#define ISC_MEMFLAG_INTERNAL 0x00000002 /* use internal malloc */ +#if ISC_MEM_USE_INTERNAL_MALLOC +#define ISC_MEMFLAG_DEFAULT ISC_MEMFLAG_INTERNAL +#else +#define ISC_MEMFLAG_DEFAULT 0 +#endif + + #define isc_mem_get(c, s) isc__mem_get((c), (s) _ISC_MEM_FILELINE) #define isc_mem_allocate(c, s) isc__mem_allocate((c), (s) _ISC_MEM_FILELINE) #define isc_mem_strdup(c, p) isc__mem_strdup((c), (p) _ISC_MEM_FILELINE) #define isc_mempool_get(c) isc__mempool_get((c) _ISC_MEM_FILELINE) -/* +/*% * isc_mem_putanddetach() is a convienence function for use where you * have a structure with an attached memory context. * * Given: * + * \code * struct { * ... * isc_mem_t *mctx; @@ -131,14 +172,17 @@ LIBISC_EXTERNAL_DATA extern unsigned int isc_mem_debugging; * isc_mem_t *mctx; * * isc_mem_putanddetach(&ptr->mctx, ptr, sizeof(*ptr)); + * \endcode * * is the equivalent of: * + * \code * mctx = NULL; * isc_mem_attach(ptr->mctx, &mctx); * isc_mem_detach(&ptr->mctx); * isc_mem_put(mctx, ptr, sizeof(*ptr)); * isc_mem_detach(&mctx); + * \endcode */ #if ISC_MEM_DEBUG @@ -170,25 +214,35 @@ LIBISC_EXTERNAL_DATA extern unsigned int isc_mem_debugging; #define isc_mempool_put(c, p) isc__mempool_put((c), (p) _ISC_MEM_FILELINE) #endif +/*@{*/ isc_result_t isc_mem_create(size_t max_size, size_t target_size, isc_mem_t **mctxp); +isc_result_t +isc_mem_create2(size_t max_size, size_t target_size, + isc_mem_t **mctxp, unsigned int flags); + isc_result_t isc_mem_createx(size_t max_size, size_t target_size, isc_memalloc_t memalloc, isc_memfree_t memfree, void *arg, isc_mem_t **mctxp); -/* - * Create a memory context. + +isc_result_t +isc_mem_createx2(size_t max_size, size_t target_size, + isc_memalloc_t memalloc, isc_memfree_t memfree, + void *arg, isc_mem_t **mctxp, unsigned int flags); + +/*!< + * \brief Create a memory context. * * 'max_size' and 'target_size' are tuning parameters. When - * ISC_MEM_USE_INTERNAL_MALLOC is true, allocations smaller than - * 'max_size' will be satisfied by getting blocks of size - * 'target_size' from the system allocator and breaking them up into - * pieces; larger allocations will use the system allocator directly. - * If 'max_size' and/or 'target_size' are zero, default values will be - * used. When ISC_MEM_USE_INTERNAL_MALLOC is false, 'target_size' is - * ignored. + * ISC_MEMFLAG_INTERNAL is set, allocations smaller than 'max_size' + * will be satisfied by getting blocks of size 'target_size' from the + * system allocator and breaking them up into pieces; larger allocations + * will use the system allocator directly. If 'max_size' and/or + * 'target_size' are zero, default values will be * used. When + * ISC_MEMFLAG_INTERNAL is not set, 'target_size' is ignored. * * 'max_size' is also used to size the statistics arrays and the array * used to record active memory when ISC_MEM_DEBUGRECORD is set. Settin @@ -200,15 +254,23 @@ isc_mem_createx(size_t max_size, size_t target_size, * using isc_mem_create() will use the standard library malloc() * and free(). * + * If ISC_MEMFLAG_NOLOCK is set in 'flags', the corresponding memory context + * will be accessed without locking. The user who creates the context must + * ensure there be no race. Since this can be a source of bug, it is generally + * inadvisable to use this flag unless the user is very sure about the race + * condition and the access to the object is highly performance sensitive. + * * Requires: * mctxp != NULL && *mctxp == NULL */ +/*@}*/ +/*@{*/ void isc_mem_attach(isc_mem_t *, isc_mem_t **); void isc_mem_detach(isc_mem_t **); -/* - * Attach to / detach from a memory context. +/*!< + * \brief Attach to / detach from a memory context. * * This is intended for applications that use multiple memory contexts * in such a way that it is not obvious when the last allocations from @@ -219,10 +281,11 @@ isc_mem_detach(isc_mem_t **); * and destroy it at the end of main(), thereby guaranteeing that it * is not destroyed while there are outstanding allocations. */ +/*@}*/ void isc_mem_destroy(isc_mem_t **); -/* +/*%< * Destroy a memory context. */ @@ -230,38 +293,40 @@ isc_result_t isc_mem_ondestroy(isc_mem_t *ctx, isc_task_t *task, isc_event_t **event); -/* +/*%< * Request to be notified with an event when a memory context has * been successfully destroyed. */ void isc_mem_stats(isc_mem_t *mctx, FILE *out); -/* +/*%< * Print memory usage statistics for 'mctx' on the stream 'out'. */ void isc_mem_setdestroycheck(isc_mem_t *mctx, isc_boolean_t on); -/* - * Iff 'on' is ISC_TRUE, 'mctx' will check for memory leaks when +/*%< + * If 'on' is ISC_TRUE, 'mctx' will check for memory leaks when * destroyed and abort the program if any are present. */ +/*@{*/ void isc_mem_setquota(isc_mem_t *, size_t); size_t isc_mem_getquota(isc_mem_t *); -/* +/*%< * Set/get the memory quota of 'mctx'. This is a hard limit * on the amount of memory that may be allocated from mctx; * if it is exceeded, allocations will fail. */ +/*@}*/ size_t isc_mem_inuse(isc_mem_t *mctx); -/* +/*%< * Get an estimate of the number of memory in use in 'mctx', in bytes. * This includes quantization overhead, but does not include memory * allocated from the system but not yet used. @@ -270,11 +335,13 @@ isc_mem_inuse(isc_mem_t *mctx); void isc_mem_setwater(isc_mem_t *mctx, isc_mem_water_t water, void *water_arg, size_t hiwater, size_t lowater); -/* - * Set high and low water marks for this memory context. When the memory - * usage of 'mctx' exceeds 'hiwater', '(water)(water_arg, ISC_MEM_HIWATER)' +/*%< + * Set high and low water marks for this memory context. + * + * When the memory + * usage of 'mctx' exceeds 'hiwater', '(water)(water_arg, #ISC_MEM_HIWATER)' * will be called. When the usage drops below 'lowater', 'water' will - * again be called, this time with ISC_MEM_LOWATER. + * again be called, this time with #ISC_MEM_LOWATER. * * If 'water' is NULL then 'water_arg', 'hi_water' and 'lo_water' are * ignored and the state is reset. @@ -285,53 +352,77 @@ isc_mem_setwater(isc_mem_t *mctx, isc_mem_water_t water, void *water_arg, * hi_water >= lo_water */ +void +isc_mem_printactive(isc_mem_t *mctx, FILE *file); +/*%< + * Print to 'file' all active memory in 'mctx'. + * + * Requires ISC_MEM_DEBUGRECORD to have been set. + */ + +void +isc_mem_printallactive(FILE *file); +/*%< + * Print to 'file' all active memory in all contexts. + * + * Requires ISC_MEM_DEBUGRECORD to have been set. + */ + +void +isc_mem_checkdestroyed(FILE *file); +/*%< + * Check that all memory contexts have been destroyed. + * Prints out those that have not been. + * Fatally fails if there are still active contexts. + */ + /* * Memory pools */ isc_result_t isc_mempool_create(isc_mem_t *mctx, size_t size, isc_mempool_t **mpctxp); -/* +/*%< * Create a memory pool. * * Requires: - * mctx is a valid memory context. - * size > 0 - * mpctxp != NULL and *mpctxp == NULL + *\li mctx is a valid memory context. + *\li size > 0 + *\li mpctxp != NULL and *mpctxp == NULL * * Defaults: - * maxalloc = UINT_MAX - * freemax = 1 - * fillcount = 1 + *\li maxalloc = UINT_MAX + *\li freemax = 1 + *\li fillcount = 1 * * Returns: - * ISC_R_NOMEMORY -- not enough memory to create pool - * ISC_R_SUCCESS -- all is well. + *\li #ISC_R_NOMEMORY -- not enough memory to create pool + *\li #ISC_R_SUCCESS -- all is well. */ void isc_mempool_destroy(isc_mempool_t **mpctxp); -/* +/*%< * Destroy a memory pool. * * Requires: - * mpctxp != NULL && *mpctxp is a valid pool. - * The pool has no un"put" allocations outstanding + *\li mpctxp != NULL && *mpctxp is a valid pool. + *\li The pool has no un"put" allocations outstanding */ void isc_mempool_setname(isc_mempool_t *mpctx, const char *name); -/* +/*%< * Associate a name with a memory pool. At most 15 characters may be used. * * Requires: - * mpctx is a valid pool. - * name != NULL; + *\li mpctx is a valid pool. + *\li name != NULL; */ void isc_mempool_associatelock(isc_mempool_t *mpctx, isc_mutex_t *lock); -/* +/*%< * Associate a lock with this memory pool. * * This lock is used when getting or putting items using this memory pool, @@ -346,13 +437,13 @@ isc_mempool_associatelock(isc_mempool_t *mpctx, isc_mutex_t *lock); * * Requires: * - * mpctpx is a valid pool. + *\li mpctpx is a valid pool. * - * lock != NULL. + *\li lock != NULL. * - * No previous lock is assigned to this pool. + *\li No previous lock is assigned to this pool. * - * The lock is initialized before calling this function via the normal + *\li The lock is initialized before calling this function via the normal * means of doing that. */ @@ -372,57 +463,57 @@ isc_mempool_associatelock(isc_mempool_t *mpctx, isc_mutex_t *lock); unsigned int isc_mempool_getfreemax(isc_mempool_t *mpctx); -/* +/*%< * Returns the maximum allowed size of the free list. */ void isc_mempool_setfreemax(isc_mempool_t *mpctx, unsigned int limit); -/* +/*%< * Sets the maximum allowed size of the free list. */ unsigned int isc_mempool_getfreecount(isc_mempool_t *mpctx); -/* +/*%< * Returns current size of the free list. */ unsigned int isc_mempool_getmaxalloc(isc_mempool_t *mpctx); -/* +/*!< * Returns the maximum allowed number of allocations. */ void isc_mempool_setmaxalloc(isc_mempool_t *mpctx, unsigned int limit); -/* +/*%< * Sets the maximum allowed number of allocations. * * Additional requirements: - * limit > 0 + *\li limit > 0 */ unsigned int isc_mempool_getallocated(isc_mempool_t *mpctx); -/* +/*%< * Returns the number of items allocated from this pool. */ unsigned int isc_mempool_getfillcount(isc_mempool_t *mpctx); -/* +/*%< * Returns the number of items allocated as a block from the parent memory * context when the free list is empty. */ void isc_mempool_setfillcount(isc_mempool_t *mpctx, unsigned int limit); -/* +/*%< * Sets the fillcount. * * Additional requirements: - * limit > 0 + *\li limit > 0 */ diff --git a/usr.sbin/bind/lib/isc/include/isc/msgcat.h b/usr.sbin/bind/lib/isc/include/isc/msgcat.h index 0fc10a961ff..d45e1c3ede9 100644 --- a/usr.sbin/bind/lib/isc/include/isc/msgcat.h +++ b/usr.sbin/bind/lib/isc/include/isc/msgcat.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: msgcat.h,v 1.8.206.1 2004/03/06 08:14:44 marka Exp $ */ +/* $ISC: msgcat.h,v 1.9.18.2 2005/04/29 00:16:59 marka Exp $ */ #ifndef ISC_MSGCAT_H #define ISC_MSGCAT_H 1 @@ -24,34 +24,33 @@ ***** Module Info *****/ -/* - * ISC Message Catalog - * - * Message catalogs aid internationalization of applications by allowing +/*! \file isc/msgcat.h + * \brief The ISC Message Catalog + * aids internationalization of applications by allowing * messages to be retrieved from locale-specific files instead of * hardwiring them into the application. This allows translations of * messages appropriate to the locale to be supplied without recompiling * the application. * * Notes: - * It's very important that message catalogs work, even if only the + *\li It's very important that message catalogs work, even if only the * default_text can be used. * * MP: - * The caller must ensure appropriate synchronization of + *\li The caller must ensure appropriate synchronization of * isc_msgcat_open() and isc_msgcat_close(). isc_msgcat_get() * ensures appropriate synchronization. * * Reliability: - * No anticipated impact. + *\li No anticipated impact. * * Resources: - * <TBS> + *\li TBS * - * Security: + * \li Security: * No anticipated impact. * - * Standards: + * \li Standards: * None. */ @@ -70,61 +69,61 @@ ISC_LANG_BEGINDECLS void isc_msgcat_open(const char *name, isc_msgcat_t **msgcatp); -/* +/*%< * Open a message catalog. * * Notes: * - * If memory cannot be allocated or other failures occur, *msgcatp + *\li If memory cannot be allocated or other failures occur, *msgcatp * will be set to NULL. If a NULL msgcat is given to isc_msgcat_get(), * the default_text will be returned, ensuring that some message text * will be available, no matter what's going wrong. * * Requires: * - * 'name' is a valid string. + *\li 'name' is a valid string. * - * msgcatp != NULL && *msgcatp == NULL + *\li msgcatp != NULL && *msgcatp == NULL */ void isc_msgcat_close(isc_msgcat_t **msgcatp); -/* +/*%< * Close a message catalog. * * Notes: * - * Any string pointers returned by prior calls to isc_msgcat_get() are + *\li Any string pointers returned by prior calls to isc_msgcat_get() are * invalid after isc_msgcat_close() has been called and must not be * used. * * Requires: * - * *msgcatp is a valid message catalog or is NULL. + *\li *msgcatp is a valid message catalog or is NULL. * * Ensures: * - * All resources associated with the message catalog are released. + *\li All resources associated with the message catalog are released. * - * *msgcatp == NULL + *\li *msgcatp == NULL */ const char * isc_msgcat_get(isc_msgcat_t *msgcat, int set, int message, const char *default_text); -/* +/*%< * Get message 'message' from message set 'set' in 'msgcat'. If it * is not available, use 'default_text'. * * Requires: * - * 'msgcat' is a valid message catalog or is NULL. + *\li 'msgcat' is a valid message catalog or is NULL. * - * set > 0 + *\li set > 0 * - * message > 0 + *\li message > 0 * - * 'default_text' is a valid string. + *\li 'default_text' is a valid string. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/isc/include/isc/msgs.h b/usr.sbin/bind/lib/isc/include/isc/msgs.h index d0e60bd1711..2b14a1d1ad7 100644 --- a/usr.sbin/bind/lib/isc/include/isc/msgs.h +++ b/usr.sbin/bind/lib/isc/include/isc/msgs.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,16 +15,20 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: msgs.h,v 1.5.2.2.8.3 2004/03/06 08:14:44 marka Exp $ */ +/* $ISC: msgs.h,v 1.9.18.2 2005/04/29 00:16:59 marka Exp $ */ #ifndef ISC_MSGS_H #define ISC_MSGS_H 1 +/*! \file */ + #include <isc/lib.h> /* Provide isc_msgcat global variable. */ #include <isc/msgcat.h> /* Provide isc_msgcat_*() functions. */ -/* - * Message sets, named per source file, excepting "GENERAL". +/*@{*/ +/*! + * \brief Message sets, named per source file, excepting "GENERAL". + * * IMPORTANT: The original list is alphabetical, but any new sets must * be added to the end. */ @@ -49,135 +53,139 @@ #define ISC_MSGSET_TIMER 19 #define ISC_MSGSET_UTIL 20 #define ISC_MSGSET_IFITERGETIFADDRS 21 +/*@}*/ -/* - * Message numbers. They are only required to be unique per message set, +/*@{*/ +/*! + * Message numbers + * are only required to be unique per message set, * but are unique throughout the entire catalog to not be as confusing when * debugging. * * The initial numbering was done by multiply by 100 the set number the * message appears in then adding the incremental message number. */ -#define ISC_MSG_FAILED 101 /* "failed" */ -#define ISC_MSG_SUCCEEDED 102 /* Compatible with "failed" */ -#define ISC_MSG_SUCCESS 103 /* More usual way to say "success" */ -#define ISC_MSG_STARTING 104 /* As in "daemon: starting" */ -#define ISC_MSG_STOPING 105 /* As in "daemon: stopping" */ -#define ISC_MSG_ENTERING 106 /* As in "some_subr: entering" */ -#define ISC_MSG_EXITING 107 /* As in "some_subr: exiting" */ -#define ISC_MSG_CALLING 108 /* As in "calling some_subr()" */ -#define ISC_MSG_RETURNED 109 /* As in "some_subr: returned <foo>" */ -#define ISC_MSG_FATALERROR 110 /* "fatal error" */ -#define ISC_MSG_SHUTTINGDOWN 111 /* "shutting down" */ -#define ISC_MSG_RUNNING 112 /* "running" */ -#define ISC_MSG_WAIT 113 /* "wait" */ -#define ISC_MSG_WAITUNTIL 114 /* "waituntil" */ - -#define ISC_MSG_SIGNALSETUP 201 /* "handle_signal() %d setup: %s" */ - -#define ISC_MSG_ILLEGALOPT 301 /* "illegal option" */ -#define ISC_MSG_OPTNEEDARG 302 /* "option requires an argument" */ - -#define ISC_MSG_ENTROPYSTATS 401 /* "Entropy pool %p: refcnt %u ..." */ - -#define ISC_MSG_MAKESCANSOCKET 501 /* "making interface scan socket: %s" */ -#define ISC_MSG_GETIFCONFIG 502 /* "get interface configuration: %s" */ -#define ISC_MSG_BUFFERMAX 503 /* "... maximum buffer size exceeded" */ -#define ISC_MSG_GETDESTADDR 504 /* "%s: getting destination address: %s" */ -#define ISC_MSG_GETNETMASK 505 /* "%s: getting netmask: %s" */ - -#define ISC_MSG_GETIFLISTSIZE 601 /* "getting interface list size: ..." */ -#define ISC_MSG_GETIFLIST 602 /* "getting interface list: ..." */ -#define ISC_MSG_UNEXPECTEDTYPE 603 /* "... unexpected ... message type" */ - -#define ISC_MSG_UNEXPECTEDSTATE 701 /* "Unexpected state %d" */ - -#define ISC_MSG_BADTIME 801 /* "Bad 00 99:99:99.999 " */ -#define ISC_MSG_LEVEL 802 /* "level %d: " */ - -#define ISC_MSG_ADDTRACE 901 /* "add %p size %u " */ -#define ISC_MSG_DELTRACE 902 /* "del %p size %u " */ -#define ISC_MSG_POOLSTATS 903 /* "[Pool statistics]\n" */ -#define ISC_MSG_POOLNAME 904 /* "name" */ -#define ISC_MSG_POOLSIZE 905 /* "size" */ -#define ISC_MSG_POOLMAXALLOC 906 /* "maxalloc" */ -#define ISC_MSG_POOLALLOCATED 907 /* "allocated" */ -#define ISC_MSG_POOLFREECOUNT 908 /* "freecount" */ -#define ISC_MSG_POOLFREEMAX 909 /* "freemax" */ -#define ISC_MSG_POOLFILLCOUNT 910 /* "fillcount" */ -#define ISC_MSG_POOLGETS 911 /* "gets" */ -#define ISC_MSG_DUMPALLOC 912 /* "DUMP OF ALL OUTSTANDING MEMORY ..." */ -#define ISC_MSG_NONE 913 /* "\tNone.\n" */ -#define ISC_MSG_PTRFILELINE 914 /* "\tptr %p file %s line %u\n" */ - -#define ISC_MSG_UNKNOWNADDR 1001 /* "<unknown address, family %u>" */ - -#define ISC_MSG_NOLONGDBL 1104 /* "long doubles are not supported" */ - -#define ISC_MSG_PRINTLOCK 1201 /* "rwlock %p thread %lu ..." */ -#define ISC_MSG_READ 1202 /* "read" */ -#define ISC_MSG_WRITE 1203 /* "write" */ -#define ISC_MSG_READING 1204 /* "reading" */ -#define ISC_MSG_WRITING 1205 /* "writing" */ -#define ISC_MSG_PRELOCK 1206 /* "prelock" */ -#define ISC_MSG_POSTLOCK 1207 /* "postlock" */ -#define ISC_MSG_PREUNLOCK 1208 /* "preunlock" */ -#define ISC_MSG_POSTUNLOCK 1209 /* "postunlock" */ - -#define ISC_MSG_UNKNOWNFAMILY 1301 /* "unknown address family: %d" */ - -#define ISC_MSG_WRITEFAILED 1401 /* "write() failed during watcher ..." */ -#define ISC_MSG_READFAILED 1402 /* "read() failed during watcher ... " */ -#define ISC_MSG_PROCESSCMSG 1403 /* "processing cmsg %p" */ -#define ISC_MSG_IFRECEIVED 1404 /* "interface received on ifindex %u" */ -#define ISC_MSG_SENDTODATA 1405 /* "sendto pktinfo data, ifindex %u" */ -#define ISC_MSG_DOIORECV 1406 /* "doio_recv: recvmsg(%d) %d bytes ..." */ -#define ISC_MSG_PKTRECV 1407 /* "packet received correctly" */ -#define ISC_MSG_DESTROYING 1408 /* "destroying" */ -#define ISC_MSG_CREATED 1409 /* "created" */ -#define ISC_MSG_ACCEPTLOCK 1410 /* "internal_accept called, locked ..." */ -#define ISC_MSG_ACCEPTEDCXN 1411 /* "accepted connection, new socket %p" */ -#define ISC_MSG_INTERNALRECV 1412 /* "internal_recv: task %p got event %p" */ -#define ISC_MSG_INTERNALSEND 1413 /* "internal_send: task %p got event %p" */ -#define ISC_MSG_WATCHERMSG 1414 /* "watcher got message %d" */ -#define ISC_MSG_SOCKETSREMAIN 1415 /* "sockets exist" */ -#define ISC_MSG_PKTINFOPROVIDED 1416 /* "pktinfo structure provided, ..." */ -#define ISC_MSG_BOUND 1417 /* "bound" */ -#define ISC_MSG_ACCEPTRETURNED 1418 /* accept() returned %d/%s */ -#define ISC_MSG_TOOMANYFDS 1419 /* %s: too many open file descriptors */ -#define ISC_MSG_ZEROPORT 1420 /* dropping source port zero packet */ -#define ISC_MSG_FILTER 1420 /* setsockopt(SO_ACCEPTFILTER): %s */ - -#define ISC_MSG_AWAKE 1502 /* "awake" */ -#define ISC_MSG_WORKING 1503 /* "working" */ -#define ISC_MSG_EXECUTE 1504 /* "execute action" */ -#define ISC_MSG_EMPTY 1505 /* "empty" */ -#define ISC_MSG_DONE 1506 /* "done" */ -#define ISC_MSG_QUANTUM 1507 /* "quantum" */ - -#define ISC_MSG_SCHEDULE 1601 /* "schedule" */ -#define ISC_MSG_SIGNALSCHED 1602 /* "signal (schedule)" */ -#define ISC_MSG_SIGNALDESCHED 1603 /* "signal (deschedule)" */ -#define ISC_MSG_SIGNALDESTROY 1604 /* "signal (destroy)" */ -#define ISC_MSG_IDLERESCHED 1605 /* "idle reschedule" */ -#define ISC_MSG_EVENTNOTALLOC 1606 /* "couldn't allocate event" */ -#define ISC_MSG_SCHEDFAIL 1607 /* "couldn't schedule timer: %u" */ -#define ISC_MSG_POSTING 1608 /* "posting" */ -#define ISC_MSG_WAKEUP 1609 /* "wakeup" */ - -#define ISC_MSG_LOCK 1701 /* "LOCK" */ -#define ISC_MSG_LOCKING 1702 /* "LOCKING" */ -#define ISC_MSG_LOCKED 1703 /* "LOCKED" */ -#define ISC_MSG_UNLOCKED 1704 /* "UNLOCKED" */ -#define ISC_MSG_RWLOCK 1705 /* "RWLOCK" */ -#define ISC_MSG_RWLOCKED 1706 /* "RWLOCKED" */ -#define ISC_MSG_RWUNLOCK 1707 /* "RWUNLOCK" */ -#define ISC_MSG_BROADCAST 1708 /* "BROADCAST" */ -#define ISC_MSG_SIGNAL 1709 /* "SIGNAL" */ -#define ISC_MSG_UTILWAIT 1710 /* "WAIT" */ -#define ISC_MSG_WAITED 1711 /* "WAITED" */ - -#define ISC_MSG_GETIFADDRS 1801 /* "getting interface addresses: ..." */ - +#define ISC_MSG_FAILED 101 /*%< "failed" */ +#define ISC_MSG_SUCCEEDED 102 /*%< Compatible with "failed" */ +#define ISC_MSG_SUCCESS 103 /*%< More usual way to say "success" */ +#define ISC_MSG_STARTING 104 /*%< As in "daemon: starting" */ +#define ISC_MSG_STOPING 105 /*%< As in "daemon: stopping" */ +#define ISC_MSG_ENTERING 106 /*%< As in "some_subr: entering" */ +#define ISC_MSG_EXITING 107 /*%< As in "some_subr: exiting" */ +#define ISC_MSG_CALLING 108 /*%< As in "calling some_subr()" */ +#define ISC_MSG_RETURNED 109 /*%< As in "some_subr: returned <foo>" */ +#define ISC_MSG_FATALERROR 110 /*%< "fatal error" */ +#define ISC_MSG_SHUTTINGDOWN 111 /*%< "shutting down" */ +#define ISC_MSG_RUNNING 112 /*%< "running" */ +#define ISC_MSG_WAIT 113 /*%< "wait" */ +#define ISC_MSG_WAITUNTIL 114 /*%< "waituntil" */ + +#define ISC_MSG_SIGNALSETUP 201 /*%< "handle_signal() %d setup: %s" */ + +#define ISC_MSG_ILLEGALOPT 301 /*%< "illegal option" */ +#define ISC_MSG_OPTNEEDARG 302 /*%< "option requires an argument" */ + +#define ISC_MSG_ENTROPYSTATS 401 /*%< "Entropy pool %p: refcnt %u ..." */ + +#define ISC_MSG_MAKESCANSOCKET 501 /*%< "making interface scan socket: %s" */ +#define ISC_MSG_GETIFCONFIG 502 /*%< "get interface configuration: %s" */ +#define ISC_MSG_BUFFERMAX 503 /*%< "... maximum buffer size exceeded" */ +#define ISC_MSG_GETDESTADDR 504 /*%< "%s: getting destination address: %s" */ +#define ISC_MSG_GETNETMASK 505 /*%< "%s: getting netmask: %s" */ + +#define ISC_MSG_GETIFLISTSIZE 601 /*%< "getting interface list size: ..." */ +#define ISC_MSG_GETIFLIST 602 /*%< "getting interface list: ..." */ +#define ISC_MSG_UNEXPECTEDTYPE 603 /*%< "... unexpected ... message type" */ + +#define ISC_MSG_UNEXPECTEDSTATE 701 /*%< "Unexpected state %d" */ + +#define ISC_MSG_BADTIME 801 /*%< "Bad 00 99:99:99.999 " */ +#define ISC_MSG_LEVEL 802 /*%< "level %d: " */ + +#define ISC_MSG_ADDTRACE 901 /*%< "add %p size %u " */ +#define ISC_MSG_DELTRACE 902 /*%< "del %p size %u " */ +#define ISC_MSG_POOLSTATS 903 /*%< "[Pool statistics]\n" */ +#define ISC_MSG_POOLNAME 904 /*%< "name" */ +#define ISC_MSG_POOLSIZE 905 /*%< "size" */ +#define ISC_MSG_POOLMAXALLOC 906 /*%< "maxalloc" */ +#define ISC_MSG_POOLALLOCATED 907 /*%< "allocated" */ +#define ISC_MSG_POOLFREECOUNT 908 /*%< "freecount" */ +#define ISC_MSG_POOLFREEMAX 909 /*%< "freemax" */ +#define ISC_MSG_POOLFILLCOUNT 910 /*%< "fillcount" */ +#define ISC_MSG_POOLGETS 911 /*%< "gets" */ +#define ISC_MSG_DUMPALLOC 912 /*%< "DUMP OF ALL OUTSTANDING MEMORY ..." */ +#define ISC_MSG_NONE 913 /*%< "\tNone.\n" */ +#define ISC_MSG_PTRFILELINE 914 /*%< "\tptr %p file %s line %u\n" */ + +#define ISC_MSG_UNKNOWNADDR 1001 /*%< "<unknown address, family %u>" */ + +#define ISC_MSG_NOLONGDBL 1104 /*%< "long doubles are not supported" */ + +#define ISC_MSG_PRINTLOCK 1201 /*%< "rwlock %p thread %lu ..." */ +#define ISC_MSG_READ 1202 /*%< "read" */ +#define ISC_MSG_WRITE 1203 /*%< "write" */ +#define ISC_MSG_READING 1204 /*%< "reading" */ +#define ISC_MSG_WRITING 1205 /*%< "writing" */ +#define ISC_MSG_PRELOCK 1206 /*%< "prelock" */ +#define ISC_MSG_POSTLOCK 1207 /*%< "postlock" */ +#define ISC_MSG_PREUNLOCK 1208 /*%< "preunlock" */ +#define ISC_MSG_POSTUNLOCK 1209 /*%< "postunlock" */ + +#define ISC_MSG_UNKNOWNFAMILY 1301 /*%< "unknown address family: %d" */ + +#define ISC_MSG_WRITEFAILED 1401 /*%< "write() failed during watcher ..." */ +#define ISC_MSG_READFAILED 1402 /*%< "read() failed during watcher ... " */ +#define ISC_MSG_PROCESSCMSG 1403 /*%< "processing cmsg %p" */ +#define ISC_MSG_IFRECEIVED 1404 /*%< "interface received on ifindex %u" */ +#define ISC_MSG_SENDTODATA 1405 /*%< "sendto pktinfo data, ifindex %u" */ +#define ISC_MSG_DOIORECV 1406 /*%< "doio_recv: recvmsg(%d) %d bytes ..." */ +#define ISC_MSG_PKTRECV 1407 /*%< "packet received correctly" */ +#define ISC_MSG_DESTROYING 1408 /*%< "destroying" */ +#define ISC_MSG_CREATED 1409 /*%< "created" */ +#define ISC_MSG_ACCEPTLOCK 1410 /*%< "internal_accept called, locked ..." */ +#define ISC_MSG_ACCEPTEDCXN 1411 /*%< "accepted connection, new socket %p" */ +#define ISC_MSG_INTERNALRECV 1412 /*%< "internal_recv: task %p got event %p" */ +#define ISC_MSG_INTERNALSEND 1413 /*%< "internal_send: task %p got event %p" */ +#define ISC_MSG_WATCHERMSG 1414 /*%< "watcher got message %d" */ +#define ISC_MSG_SOCKETSREMAIN 1415 /*%< "sockets exist" */ +#define ISC_MSG_PKTINFOPROVIDED 1416 /*%< "pktinfo structure provided, ..." */ +#define ISC_MSG_BOUND 1417 /*%< "bound" */ +#define ISC_MSG_ACCEPTRETURNED 1418 /*%< accept() returned %d/%s */ +#define ISC_MSG_TOOMANYFDS 1419 /*%< %s: too many open file descriptors */ +#define ISC_MSG_ZEROPORT 1420 /*%< dropping source port zero packet */ +#define ISC_MSG_FILTER 1420 /*%< setsockopt(SO_ACCEPTFILTER): %s */ + +#define ISC_MSG_AWAKE 1502 /*%< "awake" */ +#define ISC_MSG_WORKING 1503 /*%< "working" */ +#define ISC_MSG_EXECUTE 1504 /*%< "execute action" */ +#define ISC_MSG_EMPTY 1505 /*%< "empty" */ +#define ISC_MSG_DONE 1506 /*%< "done" */ +#define ISC_MSG_QUANTUM 1507 /*%< "quantum" */ + +#define ISC_MSG_SCHEDULE 1601 /*%< "schedule" */ +#define ISC_MSG_SIGNALSCHED 1602 /*%< "signal (schedule)" */ +#define ISC_MSG_SIGNALDESCHED 1603 /*%< "signal (deschedule)" */ +#define ISC_MSG_SIGNALDESTROY 1604 /*%< "signal (destroy)" */ +#define ISC_MSG_IDLERESCHED 1605 /*%< "idle reschedule" */ +#define ISC_MSG_EVENTNOTALLOC 1606 /*%< "couldn't allocate event" */ +#define ISC_MSG_SCHEDFAIL 1607 /*%< "couldn't schedule timer: %u" */ +#define ISC_MSG_POSTING 1608 /*%< "posting" */ +#define ISC_MSG_WAKEUP 1609 /*%< "wakeup" */ + +#define ISC_MSG_LOCK 1701 /*%< "LOCK" */ +#define ISC_MSG_LOCKING 1702 /*%< "LOCKING" */ +#define ISC_MSG_LOCKED 1703 /*%< "LOCKED" */ +#define ISC_MSG_UNLOCKED 1704 /*%< "UNLOCKED" */ +#define ISC_MSG_RWLOCK 1705 /*%< "RWLOCK" */ +#define ISC_MSG_RWLOCKED 1706 /*%< "RWLOCKED" */ +#define ISC_MSG_RWUNLOCK 1707 /*%< "RWUNLOCK" */ +#define ISC_MSG_BROADCAST 1708 /*%< "BROADCAST" */ +#define ISC_MSG_SIGNAL 1709 /*%< "SIGNAL" */ +#define ISC_MSG_UTILWAIT 1710 /*%< "WAIT" */ +#define ISC_MSG_WAITED 1711 /*%< "WAITED" */ + +#define ISC_MSG_GETIFADDRS 1801 /*%< "getting interface addresses: ..." */ + +/*@}*/ #endif /* ISC_MSGS_H */ diff --git a/usr.sbin/bind/lib/isc/include/isc/mutexblock.h b/usr.sbin/bind/lib/isc/include/isc/mutexblock.h index f38e1cc4c43..873d0813ef1 100644 --- a/usr.sbin/bind/lib/isc/include/isc/mutexblock.h +++ b/usr.sbin/bind/lib/isc/include/isc/mutexblock.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: mutexblock.h,v 1.10.206.1 2004/03/06 08:14:44 marka Exp $ */ +/* $ISC: mutexblock.h,v 1.11.18.2 2005/04/29 00:17:00 marka Exp $ */ #ifndef ISC_MUTEXBLOCK_H #define ISC_MUTEXBLOCK_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/mutex.h> #include <isc/types.h> @@ -28,39 +30,39 @@ ISC_LANG_BEGINDECLS isc_result_t isc_mutexblock_init(isc_mutex_t *block, unsigned int count); -/* +/*%< * Initialize a block of locks. If an error occurs all initialized locks * will be destroyed, if possible. * * Requires: * - * block != NULL + *\li block != NULL * - * count > 0 + *\li count > 0 * * Returns: * - * Any code isc_mutex_init() can return is a valid return for this + *\li Any code isc_mutex_init() can return is a valid return for this * function. */ isc_result_t isc_mutexblock_destroy(isc_mutex_t *block, unsigned int count); -/* +/*%< * Destroy a block of locks. * * Requires: * - * block != NULL + *\li block != NULL * - * count > 0 + *\li count > 0 * - * Each lock in the block be initialized via isc_mutex_init() or + *\li Each lock in the block be initialized via isc_mutex_init() or * the whole block was initialized via isc_mutex_initblock(). * * Returns: * - * Any code isc_mutex_init() can return is a valid return for this + *\li Any code isc_mutex_init() can return is a valid return for this * function. */ diff --git a/usr.sbin/bind/lib/isc/include/isc/netaddr.h b/usr.sbin/bind/lib/isc/include/isc/netaddr.h index fb948e5d5fa..0ccba675329 100644 --- a/usr.sbin/bind/lib/isc/include/isc/netaddr.h +++ b/usr.sbin/bind/lib/isc/include/isc/netaddr.h @@ -15,15 +15,22 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: netaddr.h,v 1.18.12.9 2005/07/29 00:13:10 marka Exp $ */ +/* $ISC: netaddr.h,v 1.25.18.5 2005/07/28 04:58:47 marka Exp $ */ #ifndef ISC_NETADDR_H #define ISC_NETADDR_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/net.h> #include <isc/types.h> +#ifdef ISC_PLATFORM_HAVESYSUNH +#include <sys/types.h> +#include <sys/un.h> +#endif + ISC_LANG_BEGINDECLS struct isc_netaddr { @@ -31,6 +38,9 @@ struct isc_netaddr { union { struct in_addr in; struct in6_addr in6; +#ifdef ISC_PLATFORM_HAVESYSUNH + char un[sizeof(((struct sockaddr_un *)0)->sun_path)]; +#endif } type; isc_uint32_t zone; }; @@ -41,40 +51,40 @@ isc_netaddr_equal(const isc_netaddr_t *a, const isc_netaddr_t *b); isc_boolean_t isc_netaddr_eqprefix(const isc_netaddr_t *a, const isc_netaddr_t *b, unsigned int prefixlen); -/* +/*%< * Compare the 'prefixlen' most significant bits of the network - * addresses 'a' and 'b'. Return ISC_TRUE if they are equal, - * ISC_FALSE if not. + * addresses 'a' and 'b'. Return #ISC_TRUE if they are equal, + * #ISC_FALSE if not. */ isc_result_t isc_netaddr_masktoprefixlen(const isc_netaddr_t *s, unsigned int *lenp); -/* +/*%< * Convert a netmask in 's' into a prefix length in '*lenp'. * The mask should consist of zero or more '1' bits in the most * most significant part of the address, followed by '0' bits. - * If this is not the case, ISC_R_MASKNONCONTIG is returned. + * If this is not the case, #ISC_R_MASKNONCONTIG is returned. * * Returns: - * ISC_R_SUCCESS - * ISC_R_MASKNONCONTIG + *\li #ISC_R_SUCCESS + *\li #ISC_R_MASKNONCONTIG */ isc_result_t isc_netaddr_totext(const isc_netaddr_t *netaddr, isc_buffer_t *target); -/* +/*%< * Append a text representation of 'sockaddr' to the buffer 'target'. * The text is NOT null terminated. Handles IPv4 and IPv6 addresses. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOSPACE The text or the null termination did not fit. - * ISC_R_FAILURE Unspecified failure + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOSPACE The text or the null termination did not fit. + *\li #ISC_R_FAILURE Unspecified failure */ void isc_netaddr_format(const isc_netaddr_t *na, char *array, unsigned int size); -/* +/*%< * Format a human-readable representation of the network address '*na' * into the character array 'array', which is of size 'size'. * The resulting string is guaranteed to be null-terminated. @@ -82,7 +92,7 @@ isc_netaddr_format(const isc_netaddr_t *na, char *array, unsigned int size); #define ISC_NETADDR_FORMATSIZE \ sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:XXX.XXX.XXX.XXX%SSSSSSSSSS") -/* +/*%< * Minimum size of array to pass to isc_netaddr_format(). */ @@ -95,6 +105,9 @@ isc_netaddr_fromin(isc_netaddr_t *netaddr, const struct in_addr *ina); void isc_netaddr_fromin6(isc_netaddr_t *netaddr, const struct in6_addr *ina6); +isc_result_t +isc_netaddr_frompath(isc_netaddr_t *netaddr, const char *path); + void isc_netaddr_setzone(isc_netaddr_t *netaddr, isc_uint32_t zone); @@ -103,46 +116,59 @@ isc_netaddr_getzone(const isc_netaddr_t *netaddr); void isc_netaddr_any(isc_netaddr_t *netaddr); -/* +/*%< * Return the IPv4 wildcard address. */ void isc_netaddr_any6(isc_netaddr_t *netaddr); -/* +/*%< * Return the IPv6 wildcard address. */ isc_boolean_t isc_netaddr_ismulticast(isc_netaddr_t *na); -/* +/*%< * Returns ISC_TRUE if the address is a multicast address. */ isc_boolean_t isc_netaddr_isexperimental(isc_netaddr_t *na); -/* +/*%< * Returns ISC_TRUE if the address is a experimental (CLASS E) address. */ isc_boolean_t isc_netaddr_islinklocal(isc_netaddr_t *na); -/* - * Returns ISC_TRUE if the address is a link local address. +/*%< + * Returns #ISC_TRUE if the address is a link local address. */ isc_boolean_t isc_netaddr_issitelocal(isc_netaddr_t *na); -/* - * Returns ISC_TRUE if the address is a site local address. +/*%< + * Returns #ISC_TRUE if the address is a site local address. */ void isc_netaddr_fromv4mapped(isc_netaddr_t *t, const isc_netaddr_t *s); -/* +/*%< * Convert an IPv6 v4mapped address into an IPv4 address. */ +isc_result_t +isc_netaddr_prefixok(const isc_netaddr_t *na, unsigned int prefixlen); +/* + * Test whether the netaddr 'na' and 'prefixlen' are consistant. + * e.g. prefixlen within range. + * na does not have bits set which are not covered by the prefixlen. + * + * Returns: + * ISC_R_SUCCESS + * ISC_R_RANGE prefixlen out of range + * ISC_R_NOTIMPLENTED unsupported family + * ISC_R_FAILURE extra bits. + */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/isc/include/isc/netscope.h b/usr.sbin/bind/lib/isc/include/isc/netscope.h index 313c7d72ac6..b613eecc9e3 100644 --- a/usr.sbin/bind/lib/isc/include/isc/netscope.h +++ b/usr.sbin/bind/lib/isc/include/isc/netscope.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,22 +15,25 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: netscope.h,v 1.4.142.5 2004/03/08 09:04:52 marka Exp $ */ +/* $ISC: netscope.h,v 1.5.18.2 2005/04/29 00:17:00 marka Exp $ */ #ifndef ISC_NETSCOPE_H #define ISC_NETSCOPE_H 1 +/*! \file */ + ISC_LANG_BEGINDECLS -/* +/*% * Convert a string of an IPv6 scope zone to zone index. If the conversion * succeeds, 'zoneid' will store the index value. + * * XXXJT: when a standard interface for this purpose is defined, * we should use it. * * Returns: - * ISC_R_SUCCESS: conversion succeeds - * ISC_R_FAILURE: conversion fails + * \li ISC_R_SUCCESS: conversion succeeds + * \li ISC_R_FAILURE: conversion fails */ isc_result_t isc_netscope_pton(int af, char *scopename, void *addr, isc_uint32_t *zoneid); diff --git a/usr.sbin/bind/lib/isc/include/isc/ondestroy.h b/usr.sbin/bind/lib/isc/include/isc/ondestroy.h index 1d6b1e816e7..d4f3a3e0413 100644 --- a/usr.sbin/bind/lib/isc/include/isc/ondestroy.h +++ b/usr.sbin/bind/lib/isc/include/isc/ondestroy.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ondestroy.h,v 1.7.206.1 2004/03/06 08:14:45 marka Exp $ */ +/* $ISC: ondestroy.h,v 1.8.18.2 2005/04/29 00:17:00 marka Exp $ */ #ifndef ISC_ONDESTROY_H #define ISC_ONDESTROY_H 1 @@ -25,33 +25,39 @@ ISC_LANG_BEGINDECLS -/* +/*! \file * ondestroy handling. * * Any class ``X'' of objects that wants to send out notifications * on its destruction should declare a field of type isc_ondestroy_t * (call it 'ondest'). * + * \code * typedef struct { * ... * isc_ondestroy_t ondest; * ... * } X; + * \endcode * * When an object ``A'' of type X is created * it must initialize the field ondest with a call to * + * \code * isc_ondestroy_init(&A->ondest). + * \endcode * * X should also provide a registration function for third-party * objects to call to register their interest in being told about * the destruction of a particular instance of X. * + * \code * isc_result_t * X_ondestroy(X *instance, isc_task_t *task, * isc_event_t **eventp) { * return(isc_ondestroy_register(&instance->ondest, task,eventp)); * } + * \endcode * * Note: locking of the ondestory structure embedded inside of X, is * X's responsibility. @@ -59,15 +65,17 @@ ISC_LANG_BEGINDECLS * When an instance of X is destroyed, a call to isc_ondestroy_notify() * sends the notifications: * + * \code * X *instance; * isc_ondestroy_t ondest = instance->ondest; * * ... completely cleanup 'instance' here... * * isc_ondestroy_notify(&ondest, instance); + * \endcode * * - * see dns/zone.c for an ifdef'd-out example. + * see lib/dns/zone.c for an ifdef'd-out example. */ struct isc_ondestroy { @@ -77,7 +85,7 @@ struct isc_ondestroy { void isc_ondestroy_init(isc_ondestroy_t *ondest); -/* +/*%< * Initialize the on ondest structure. *must* be called before first call * to isc_ondestroy_register(). */ @@ -86,7 +94,7 @@ isc_result_t isc_ondestroy_register(isc_ondestroy_t *ondest, isc_task_t *task, isc_event_t **eventp); -/* +/*%< * Stores task and *eventp away inside *ondest. Ownership of **event is * taken from the caller (and *eventp is set to NULL). The task is attached * to. @@ -94,7 +102,7 @@ isc_ondestroy_register(isc_ondestroy_t *ondest, isc_task_t *task, void isc_ondestroy_notify(isc_ondestroy_t *ondest, void *sender); -/* +/*%< * Dispatches the event(s) to the task(s) that were given in * isc_ondestroy_register call(s) (done via calls to * isc_task_sendanddetach()). Before dispatch, the sender value of each diff --git a/usr.sbin/bind/lib/isc/include/isc/os.h b/usr.sbin/bind/lib/isc/include/isc/os.h index 0f994e4cba6..64514c4c854 100644 --- a/usr.sbin/bind/lib/isc/include/isc/os.h +++ b/usr.sbin/bind/lib/isc/include/isc/os.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,18 +15,20 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: os.h,v 1.5.206.1 2004/03/06 08:14:45 marka Exp $ */ +/* $ISC: os.h,v 1.6.18.2 2005/04/29 00:17:00 marka Exp $ */ #ifndef ISC_OS_H #define ISC_OS_H 1 +/*! \file */ + #include <isc/lang.h> ISC_LANG_BEGINDECLS unsigned int isc_os_ncpus(void); -/* +/*%< * Return the number of CPUs available on the system, or 1 if this cannot * be determined. */ diff --git a/usr.sbin/bind/lib/isc/include/isc/parseint.h b/usr.sbin/bind/lib/isc/include/isc/parseint.h index 3db42ab38e5..3115d8d2fe5 100644 --- a/usr.sbin/bind/lib/isc/include/isc/parseint.h +++ b/usr.sbin/bind/lib/isc/include/isc/parseint.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001, 2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: parseint.h,v 1.2.202.4 2004/03/08 09:04:52 marka Exp $ */ +/* $ISC: parseint.h,v 1.3.18.2 2005/04/29 00:17:00 marka Exp $ */ #ifndef ISC_PARSEINT_H #define ISC_PARSEINT_H 1 @@ -23,8 +23,8 @@ #include <isc/lang.h> #include <isc/types.h> -/* - * Parse integers, in a saner way than atoi() or strtoul() do. +/*! \file + * \brief Parse integers, in a saner way than atoi() or strtoul() do. */ /*** @@ -41,21 +41,22 @@ isc_parse_uint16(isc_uint16_t *uip, const char *string, int base); isc_result_t isc_parse_uint8(isc_uint8_t *uip, const char *string, int base); -/* +/*%< * Parse the null-terminated string 'string' containing a base 'base' - * integer, storing the result in '*uip'. The base is interpreted + * integer, storing the result in '*uip'. + * The base is interpreted * as in strtoul(). Unlike strtoul(), leading whitespace, minus or * plus signs are not accepted, and all errors (including overflow) * are reported uniformly through the return value. * * Requires: - * 'string' points to a null-terminated string - * 0 <= 'base' <= 36 + *\li 'string' points to a null-terminated string + *\li 0 <= 'base' <= 36 * * Returns: - * ISC_R_SUCCESS - * ISC_R_BADNUMBER The string is not numeric (in the given base) - * ISC_R_RANGE The number is not representable as the requested type. + *\li #ISC_R_SUCCESS + *\li #ISC_R_BADNUMBER The string is not numeric (in the given base) + *\li #ISC_R_RANGE The number is not representable as the requested type. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/isc/include/isc/print.h b/usr.sbin/bind/lib/isc/include/isc/print.h index efa0241d21a..adc3d781602 100644 --- a/usr.sbin/bind/lib/isc/include/isc/print.h +++ b/usr.sbin/bind/lib/isc/include/isc/print.h @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: print.h,v 1.17.188.4 2005/06/09 23:54:30 marka Exp $ */ +/* $ISC: print.h,v 1.19.18.3 2005/06/08 02:07:56 marka Exp $ */ #ifndef ISC_PRINT_H #define ISC_PRINT_H 1 +/*! \file */ + /*** *** Imports ***/ @@ -28,7 +30,7 @@ #include <isc/lang.h> #include <isc/platform.h> -/* +/*! * This block allows lib/isc/print.c to be cleanly compiled even if * the platform does not need it. The standard Makefile will still * not compile print.c or archive print.o, so this is just to make test diff --git a/usr.sbin/bind/lib/isc/include/isc/quota.h b/usr.sbin/bind/lib/isc/include/isc/quota.h index a7fddbb6e9a..4f08a8335ef 100644 --- a/usr.sbin/bind/lib/isc/include/isc/quota.h +++ b/usr.sbin/bind/lib/isc/include/isc/quota.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: quota.h,v 1.8.12.6 2005/08/11 15:00:08 marka Exp $ */ +/* $ISC: quota.h,v 1.10.18.4 2005/08/11 15:01:54 marka Exp $ */ #ifndef ISC_QUOTA_H #define ISC_QUOTA_H 1 @@ -24,10 +24,9 @@ ***** Module Info *****/ -/* - * Quota +/*! \file isc/quota.h * - * The isc_quota_t object is a simple helper object for implementing + * \brief The isc_quota_t object is a simple helper object for implementing * quotas on things like the number of simultaneous connections to * a server. It keeps track of the amount of quota in use, and * encapsulates the locking necessary to allow multiple tasks to @@ -48,9 +47,9 @@ ISC_LANG_BEGINDECLS +/*% isc_quota structure */ struct isc_quota { - isc_mutex_t lock; - /* Locked by lock. */ + isc_mutex_t lock; /*%< Locked by lock. */ int max; int used; int soft; @@ -58,7 +57,7 @@ struct isc_quota { isc_result_t isc_quota_init(isc_quota_t *quota, int max); -/* +/*%< * Initialize a quota object. * * Returns: @@ -68,49 +67,49 @@ isc_quota_init(isc_quota_t *quota, int max); void isc_quota_destroy(isc_quota_t *quota); -/* +/*%< * Destroy a quota object. */ void isc_quota_soft(isc_quota_t *quota, int soft); -/* - * Turn on/off soft quotas. +/*%< + * Set a soft quota. */ void isc_quota_max(isc_quota_t *quota, int max); -/* +/*%< * Re-set a maximum quota. */ isc_result_t isc_quota_reserve(isc_quota_t *quota); -/* +/*%< * Attempt to reserve one unit of 'quota'. * * Returns: - * ISC_R_SUCCESS Success - * ISC_R_SOFTQUOTA Success soft quota reached - * ISC_R_QUOTA Quota is full + * \li #ISC_R_SUCCESS Success + * \li #ISC_R_SOFTQUOTA Success soft quota reached + * \li #ISC_R_QUOTA Quota is full */ void isc_quota_release(isc_quota_t *quota); -/* +/*%< * Release one unit of quota. */ isc_result_t isc_quota_attach(isc_quota_t *quota, isc_quota_t **p); -/* +/*%< * Like isc_quota_reserve, and also attaches '*p' to the * quota if successful (ISC_R_SUCCESS or ISC_R_SOFTQUOTA). */ void isc_quota_detach(isc_quota_t **p); -/* +/*%< * Like isc_quota_release, and also detaches '*p' from the * quota. */ diff --git a/usr.sbin/bind/lib/isc/include/isc/ratelimiter.h b/usr.sbin/bind/lib/isc/include/isc/ratelimiter.h index 141527d77c3..b7e91a1dc5e 100644 --- a/usr.sbin/bind/lib/isc/include/isc/ratelimiter.h +++ b/usr.sbin/bind/lib/isc/include/isc/ratelimiter.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ratelimiter.h,v 1.13.14.3 2004/03/08 09:04:53 marka Exp $ */ +/* $ISC: ratelimiter.h,v 1.15.18.2 2005/04/29 00:17:01 marka Exp $ */ #ifndef ISC_RATELIMITER_H #define ISC_RATELIMITER_H 1 @@ -24,8 +24,8 @@ ***** Module Info *****/ -/* - * A rate limiter is a mechanism for dispatching events at a limited +/*! \file + * \brief A rate limiter is a mechanism for dispatching events at a limited * rate. This is intended to be used when sending zone maintenance * SOA queries, NOTIFY messages, etc. */ @@ -46,13 +46,13 @@ ISC_LANG_BEGINDECLS isc_result_t isc_ratelimiter_create(isc_mem_t *mctx, isc_timermgr_t *timermgr, isc_task_t *task, isc_ratelimiter_t **ratelimiterp); -/* +/*%< * Create a rate limiter. The execution interval is initially undefined. */ isc_result_t isc_ratelimiter_setinterval(isc_ratelimiter_t *rl, isc_interval_t *interval); -/* +/*!< * Set the mininum interval between event executions. * The interval value is copied, so the caller need not preserve it. * @@ -62,7 +62,7 @@ isc_ratelimiter_setinterval(isc_ratelimiter_t *rl, isc_interval_t *interval); void isc_ratelimiter_setpertic(isc_ratelimiter_t *rl, isc_uint32_t perint); -/* +/*%< * Set the number of events processed per interval timer tick. * If 'perint' is zero it is treated as 1. */ @@ -70,8 +70,10 @@ isc_ratelimiter_setpertic(isc_ratelimiter_t *rl, isc_uint32_t perint); isc_result_t isc_ratelimiter_enqueue(isc_ratelimiter_t *rl, isc_task_t *task, isc_event_t **eventp); -/* - * Queue an event for rate-limited execution. This is similar +/*%< + * Queue an event for rate-limited execution. + * + * This is similar * to doing an isc_task_send() to the 'task', except that the * execution may be delayed to achieve the desired rate of * execution. @@ -80,50 +82,50 @@ isc_ratelimiter_enqueue(isc_ratelimiter_t *rl, isc_task_t *task, * must ensure that the task exists until the event is delivered. * * Requires: - * An interval has been set by calling + *\li An interval has been set by calling * isc_ratelimiter_setinterval(). * - * 'task' to be non NULL. - * '(*eventp)->ev_sender' to be NULL. + *\li 'task' to be non NULL. + *\li '(*eventp)->ev_sender' to be NULL. */ void isc_ratelimiter_shutdown(isc_ratelimiter_t *ratelimiter); -/* +/*%< * Shut down a rate limiter. * * Ensures: - * All events that have not yet been + *\li All events that have not yet been * dispatched to the task are dispatched immediately with - * the ISC_EVENTATTR_CANCELED bit set in ev_attributes. + * the #ISC_EVENTATTR_CANCELED bit set in ev_attributes. * - * Further attempts to enqueue events will fail with - * ISC_R_SHUTTINGDOWN. + *\li Further attempts to enqueue events will fail with + * #ISC_R_SHUTTINGDOWN. * - * The reatelimiter is no longer attached to its task. + *\li The reatelimiter is no longer attached to its task. */ void isc_ratelimiter_attach(isc_ratelimiter_t *source, isc_ratelimiter_t **target); -/* +/*%< * Attach to a rate limiter. */ void isc_ratelimiter_detach(isc_ratelimiter_t **ratelimiterp); -/* +/*%< * Detach from a rate limiter. */ isc_result_t isc_ratelimiter_stall(isc_ratelimiter_t *rl); -/* +/*%< * Stall event processing. */ isc_result_t isc_ratelimiter_release(isc_ratelimiter_t *rl); -/* +/*%< * Release a stalled rate limiter. */ diff --git a/usr.sbin/bind/lib/isc/include/isc/region.h b/usr.sbin/bind/lib/isc/include/isc/region.h index fc5e2547627..552955a5a65 100644 --- a/usr.sbin/bind/lib/isc/include/isc/region.h +++ b/usr.sbin/bind/lib/isc/include/isc/region.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: region.h,v 1.16.12.3 2004/03/08 09:04:53 marka Exp $ */ +/* $ISC: region.h,v 1.19.18.2 2005/04/29 00:17:01 marka Exp $ */ #ifndef ISC_REGION_H #define ISC_REGION_H 1 +/*! \file */ + #include <isc/types.h> struct isc_region { @@ -45,7 +47,8 @@ struct isc_consttextregion { unsigned int length; }; -/* +/*@{*/ +/*! * The region structure is not opaque, and is usually directly manipulated. * Some macros are defined below for convenience. */ @@ -76,20 +79,21 @@ struct isc_consttextregion { _r->base += _l; \ _r->length -= _l; \ } while (0) +/*@}*/ int isc_region_compare(isc_region_t *r1, isc_region_t *r2); -/* +/*%< * Compares the contents of two regions * * Requires: - * 'r1' is a valid region - * 'r2' is a valid region + *\li 'r1' is a valid region + *\li 'r2' is a valid region * * Returns: - * < 0 if r1 is lexicographically less than r2 - * = 0 if r1 is lexicographically identical to r2 - * > 0 if r1 is lexicographically greater than r2 + *\li < 0 if r1 is lexicographically less than r2 + *\li = 0 if r1 is lexicographically identical to r2 + *\li > 0 if r1 is lexicographically greater than r2 */ #endif /* ISC_REGION_H */ diff --git a/usr.sbin/bind/lib/isc/include/isc/result.h b/usr.sbin/bind/lib/isc/include/isc/result.h index 84624c0575d..a9167b1d21b 100644 --- a/usr.sbin/bind/lib/isc/include/isc/result.h +++ b/usr.sbin/bind/lib/isc/include/isc/result.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: result.h,v 1.57.2.2.8.5 2004/05/15 03:46:13 jinmei Exp $ */ +/* $ISC: result.h,v 1.62.18.4 2005/06/22 22:05:49 marka Exp $ */ #ifndef ISC_RESULT_H #define ISC_RESULT_H 1 @@ -23,77 +23,75 @@ #include <isc/lang.h> #include <isc/types.h> -#define ISC_R_SUCCESS 0 /* success */ -#define ISC_R_NOMEMORY 1 /* out of memory */ -#define ISC_R_TIMEDOUT 2 /* timed out */ -#define ISC_R_NOTHREADS 3 /* no available threads */ -#define ISC_R_ADDRNOTAVAIL 4 /* address not available */ -#define ISC_R_ADDRINUSE 5 /* address in use */ -#define ISC_R_NOPERM 6 /* permission denied */ -#define ISC_R_NOCONN 7 /* no pending connections */ -#define ISC_R_NETUNREACH 8 /* network unreachable */ -#define ISC_R_HOSTUNREACH 9 /* host unreachable */ -#define ISC_R_NETDOWN 10 /* network down */ -#define ISC_R_HOSTDOWN 11 /* host down */ -#define ISC_R_CONNREFUSED 12 /* connection refused */ -#define ISC_R_NORESOURCES 13 /* not enough free resources */ -#define ISC_R_EOF 14 /* end of file */ -#define ISC_R_BOUND 15 /* socket already bound */ -#define ISC_R_RELOAD 16 /* reload */ -#define ISC_R_LOCKBUSY 17 /* lock busy */ -#define ISC_R_EXISTS 18 /* already exists */ -#define ISC_R_NOSPACE 19 /* ran out of space */ -#define ISC_R_CANCELED 20 /* operation canceled */ -#define ISC_R_NOTBOUND 21 /* socket is not bound */ -#define ISC_R_SHUTTINGDOWN 22 /* shutting down */ -#define ISC_R_NOTFOUND 23 /* not found */ -#define ISC_R_UNEXPECTEDEND 24 /* unexpected end of input */ -#define ISC_R_FAILURE 25 /* generic failure */ -#define ISC_R_IOERROR 26 /* I/O error */ -#define ISC_R_NOTIMPLEMENTED 27 /* not implemented */ -#define ISC_R_UNBALANCED 28 /* unbalanced parentheses */ -#define ISC_R_NOMORE 29 /* no more */ -#define ISC_R_INVALIDFILE 30 /* invalid file */ -#define ISC_R_BADBASE64 31 /* bad base64 encoding */ -#define ISC_R_UNEXPECTEDTOKEN 32 /* unexpected token */ -#define ISC_R_QUOTA 33 /* quota reached */ -#define ISC_R_UNEXPECTED 34 /* unexpected error */ -#define ISC_R_ALREADYRUNNING 35 /* already running */ -#define ISC_R_IGNORE 36 /* ignore */ -#define ISC_R_MASKNONCONTIG 37 /* addr mask not contiguous */ -#define ISC_R_FILENOTFOUND 38 /* file not found */ -#define ISC_R_FILEEXISTS 39 /* file already exists */ -#define ISC_R_NOTCONNECTED 40 /* socket is not connected */ -#define ISC_R_RANGE 41 /* out of range */ -#define ISC_R_NOENTROPY 42 /* out of entropy */ -#define ISC_R_MULTICAST 43 /* invalid use of multicast */ -#define ISC_R_NOTFILE 44 /* not a file */ -#define ISC_R_NOTDIRECTORY 45 /* not a directory */ -#define ISC_R_QUEUEFULL 46 /* queue is full */ -#define ISC_R_FAMILYMISMATCH 47 /* address family mismatch */ -#define ISC_R_FAMILYNOSUPPORT 48 /* AF not supported */ -#define ISC_R_BADHEX 49 /* bad hex encoding */ -#define ISC_R_TOOMANYOPENFILES 50 /* too many open files */ -#define ISC_R_NOTBLOCKING 51 /* not blocking */ -#define ISC_R_UNBALANCEDQUOTES 52 /* unbalanced quotes */ -#define ISC_R_INPROGRESS 53 /* operation in progress */ -#define ISC_R_CONNECTIONRESET 54 /* connection reset */ -#define ISC_R_SOFTQUOTA 55 /* soft quota reached */ -#define ISC_R_BADNUMBER 56 /* not a valid number */ -#define ISC_R_DISABLED 57 /* disabled */ -#define ISC_R_MAXSIZE 58 /* max size */ -#define ISC_R_BADADDRESSFORM 59 /* invalid address format */ +#define ISC_R_SUCCESS 0 /*%< success */ +#define ISC_R_NOMEMORY 1 /*%< out of memory */ +#define ISC_R_TIMEDOUT 2 /*%< timed out */ +#define ISC_R_NOTHREADS 3 /*%< no available threads */ +#define ISC_R_ADDRNOTAVAIL 4 /*%< address not available */ +#define ISC_R_ADDRINUSE 5 /*%< address in use */ +#define ISC_R_NOPERM 6 /*%< permission denied */ +#define ISC_R_NOCONN 7 /*%< no pending connections */ +#define ISC_R_NETUNREACH 8 /*%< network unreachable */ +#define ISC_R_HOSTUNREACH 9 /*%< host unreachable */ +#define ISC_R_NETDOWN 10 /*%< network down */ +#define ISC_R_HOSTDOWN 11 /*%< host down */ +#define ISC_R_CONNREFUSED 12 /*%< connection refused */ +#define ISC_R_NORESOURCES 13 /*%< not enough free resources */ +#define ISC_R_EOF 14 /*%< end of file */ +#define ISC_R_BOUND 15 /*%< socket already bound */ +#define ISC_R_RELOAD 16 /*%< reload */ +#define ISC_R_LOCKBUSY 17 /*%< lock busy */ +#define ISC_R_EXISTS 18 /*%< already exists */ +#define ISC_R_NOSPACE 19 /*%< ran out of space */ +#define ISC_R_CANCELED 20 /*%< operation canceled */ +#define ISC_R_NOTBOUND 21 /*%< socket is not bound */ +#define ISC_R_SHUTTINGDOWN 22 /*%< shutting down */ +#define ISC_R_NOTFOUND 23 /*%< not found */ +#define ISC_R_UNEXPECTEDEND 24 /*%< unexpected end of input */ +#define ISC_R_FAILURE 25 /*%< generic failure */ +#define ISC_R_IOERROR 26 /*%< I/O error */ +#define ISC_R_NOTIMPLEMENTED 27 /*%< not implemented */ +#define ISC_R_UNBALANCED 28 /*%< unbalanced parentheses */ +#define ISC_R_NOMORE 29 /*%< no more */ +#define ISC_R_INVALIDFILE 30 /*%< invalid file */ +#define ISC_R_BADBASE64 31 /*%< bad base64 encoding */ +#define ISC_R_UNEXPECTEDTOKEN 32 /*%< unexpected token */ +#define ISC_R_QUOTA 33 /*%< quota reached */ +#define ISC_R_UNEXPECTED 34 /*%< unexpected error */ +#define ISC_R_ALREADYRUNNING 35 /*%< already running */ +#define ISC_R_IGNORE 36 /*%< ignore */ +#define ISC_R_MASKNONCONTIG 37 /*%< addr mask not contiguous */ +#define ISC_R_FILENOTFOUND 38 /*%< file not found */ +#define ISC_R_FILEEXISTS 39 /*%< file already exists */ +#define ISC_R_NOTCONNECTED 40 /*%< socket is not connected */ +#define ISC_R_RANGE 41 /*%< out of range */ +#define ISC_R_NOENTROPY 42 /*%< out of entropy */ +#define ISC_R_MULTICAST 43 /*%< invalid use of multicast */ +#define ISC_R_NOTFILE 44 /*%< not a file */ +#define ISC_R_NOTDIRECTORY 45 /*%< not a directory */ +#define ISC_R_QUEUEFULL 46 /*%< queue is full */ +#define ISC_R_FAMILYMISMATCH 47 /*%< address family mismatch */ +#define ISC_R_FAMILYNOSUPPORT 48 /*%< AF not supported */ +#define ISC_R_BADHEX 49 /*%< bad hex encoding */ +#define ISC_R_TOOMANYOPENFILES 50 /*%< too many open files */ +#define ISC_R_NOTBLOCKING 51 /*%< not blocking */ +#define ISC_R_UNBALANCEDQUOTES 52 /*%< unbalanced quotes */ +#define ISC_R_INPROGRESS 53 /*%< operation in progress */ +#define ISC_R_CONNECTIONRESET 54 /*%< connection reset */ +#define ISC_R_SOFTQUOTA 55 /*%< soft quota reached */ +#define ISC_R_BADNUMBER 56 /*%< not a valid number */ +#define ISC_R_DISABLED 57 /*%< disabled */ +#define ISC_R_MAXSIZE 58 /*%< max size */ +#define ISC_R_BADADDRESSFORM 59 /*%< invalid address format */ -/* - * Not a result code: the number of results. - */ +/*% Not a result code: the number of results. */ #define ISC_R_NRESULTS 60 ISC_LANG_BEGINDECLS const char * isc_result_totext(isc_result_t); -/* +/*%< * Convert an isc_result_t into a string message describing the result. */ diff --git a/usr.sbin/bind/lib/isc/include/isc/resultclass.h b/usr.sbin/bind/lib/isc/include/isc/resultclass.h index 0f05fb1c199..41e8a751a7f 100644 --- a/usr.sbin/bind/lib/isc/include/isc/resultclass.h +++ b/usr.sbin/bind/lib/isc/include/isc/resultclass.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,19 +15,21 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: resultclass.h,v 1.11.206.1 2004/03/06 08:14:47 marka Exp $ */ +/* $ISC: resultclass.h,v 1.12.18.2 2005/04/29 00:17:02 marka Exp $ */ #ifndef ISC_RESULTCLASS_H #define ISC_RESULTCLASS_H 1 -/***** - ***** Registry of Predefined Result Type Classes - *****/ -/* +/*! \file + * \brief Registry of Predefined Result Type Classes + * * A result class number is an unsigned 16 bit number. Each class may * contain up to 65536 results. A result code is formed by adding the * result number within the class to the class number multiplied by 65536. + * + * Classes < 1024 are reserved for ISC use. + * Result classes >= 1024 and <= 65535 are reserved for application use. */ #define ISC_RESULTCLASS_FROMNUM(num) ((num) << 16) @@ -36,9 +38,6 @@ #define ISC_RESULTCLASS_INCLASS(rclass, result) \ ((rclass) == ((result) & 0xFFFF0000)) -/* - * Classes < 1024 are reserved for ISC use. - */ #define ISC_RESULTCLASS_ISC ISC_RESULTCLASS_FROMNUM(0) #define ISC_RESULTCLASS_DNS ISC_RESULTCLASS_FROMNUM(1) @@ -47,8 +46,5 @@ #define ISC_RESULTCLASS_OMAPI ISC_RESULTCLASS_FROMNUM(4) #define ISC_RESULTCLASS_ISCCC ISC_RESULTCLASS_FROMNUM(5) -/* - * Result classes >= 1024 and <= 65535 are reserved for application use. - */ #endif /* ISC_RESULTCLASS_H */ diff --git a/usr.sbin/bind/lib/isc/include/isc/serial.h b/usr.sbin/bind/lib/isc/include/isc/serial.h index 16dc32503b4..7ec342c1c8d 100644 --- a/usr.sbin/bind/lib/isc/include/isc/serial.h +++ b/usr.sbin/bind/lib/isc/include/isc/serial.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: serial.h,v 1.9.206.1 2004/03/06 08:14:48 marka Exp $ */ +/* $ISC: serial.h,v 1.10.18.2 2005/04/29 00:17:02 marka Exp $ */ #ifndef ISC_SERIAL_H #define ISC_SERIAL_H 1 @@ -23,9 +23,8 @@ #include <isc/lang.h> #include <isc/types.h> -/* - * Implement 32 bit serial space arithmetic comparision functions. - * +/*! \file + * \brief Implement 32 bit serial space arithmetic comparision functions. * Note: Undefined results are returned as ISC_FALSE. */ @@ -37,37 +36,37 @@ ISC_LANG_BEGINDECLS isc_boolean_t isc_serial_lt(isc_uint32_t a, isc_uint32_t b); -/* +/*%< * Return true if 'a' < 'b' otherwise false. */ isc_boolean_t isc_serial_gt(isc_uint32_t a, isc_uint32_t b); -/* +/*%< * Return true if 'a' > 'b' otherwise false. */ isc_boolean_t isc_serial_le(isc_uint32_t a, isc_uint32_t b); -/* +/*%< * Return true if 'a' <= 'b' otherwise false. */ isc_boolean_t isc_serial_ge(isc_uint32_t a, isc_uint32_t b); -/* +/*%< * Return true if 'a' >= 'b' otherwise false. */ isc_boolean_t isc_serial_eq(isc_uint32_t a, isc_uint32_t b); -/* +/*%< * Return true if 'a' == 'b' otherwise false. */ isc_boolean_t isc_serial_ne(isc_uint32_t a, isc_uint32_t b); -/* +/*%< * Return true if 'a' != 'b' otherwise false. */ diff --git a/usr.sbin/bind/lib/isc/include/isc/sha1.h b/usr.sbin/bind/lib/isc/include/isc/sha1.h index 1f39f1ccfd1..fb97ccdbbc1 100644 --- a/usr.sbin/bind/lib/isc/include/isc/sha1.h +++ b/usr.sbin/bind/lib/isc/include/isc/sha1.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -18,25 +18,26 @@ #ifndef ISC_SHA1_H #define ISC_SHA1_H 1 -/* $ISC: sha1.h,v 1.8.206.1 2004/03/06 08:14:48 marka Exp $ */ +/* $ISC: sha1.h,v 1.9.18.5 2006/08/16 03:18:14 marka Exp $ */ /* $NetBSD: sha1.h,v 1.2 1998/05/29 22:55:44 thorpej Exp $ */ -/* - * SHA-1 in C - * By Steve Reid <steve@edmweb.com> - * 100% Public Domain +/*! \file + * \brief SHA-1 in C + * \author By Steve Reid <steve@edmweb.com> + * \note 100% Public Domain */ #include <isc/lang.h> #include <isc/types.h> -#define ISC_SHA1_DIGESTLENGTH 20 +#define ISC_SHA1_DIGESTLENGTH 20U +#define ISC_SHA1_BLOCK_LENGTH 64U typedef struct { isc_uint32_t state[5]; isc_uint32_t count[2]; - unsigned char buffer[64]; + unsigned char buffer[ISC_SHA1_BLOCK_LENGTH]; } isc_sha1_t; ISC_LANG_BEGINDECLS diff --git a/usr.sbin/bind/lib/isc/include/isc/sha2.h b/usr.sbin/bind/lib/isc/include/isc/sha2.h new file mode 100644 index 00000000000..16ec9a2138a --- /dev/null +++ b/usr.sbin/bind/lib/isc/include/isc/sha2.h @@ -0,0 +1,132 @@ +/* + * Copyright (C) 2005, 2006 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: sha2.h,v 1.2.2.6 2006/08/16 03:18:14 marka Exp $ */ + +/* $FreeBSD: src/sys/crypto/sha2/sha2.h,v 1.1.2.1 2001/07/03 11:01:36 ume Exp $ */ +/* $KAME: sha2.h,v 1.3 2001/03/12 08:27:48 itojun Exp $ */ + +/* + * sha2.h + * + * Version 1.0.0beta1 + * + * Written by Aaron D. Gifford <me@aarongifford.com> + * + * Copyright 2000 Aaron D. Gifford. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the names of contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTOR(S) ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) OR CONTRIBUTOR(S) BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ + +#ifndef ISC_SHA2_H +#define ISC_SHA2_H + +#include <isc/lang.h> +#include <isc/types.h> + +/*** SHA-224/256/384/512 Various Length Definitions ***********************/ + +#define ISC_SHA224_BLOCK_LENGTH 64U +#define ISC_SHA224_DIGESTLENGTH 28U +#define ISC_SHA224_DIGESTSTRINGLENGTH (ISC_SHA224_DIGESTLENGTH * 2 + 1) +#define ISC_SHA256_BLOCK_LENGTH 64U +#define ISC_SHA256_DIGESTLENGTH 32U +#define ISC_SHA256_DIGESTSTRINGLENGTH (ISC_SHA256_DIGESTLENGTH * 2 + 1) +#define ISC_SHA384_BLOCK_LENGTH 128 +#define ISC_SHA384_DIGESTLENGTH 48U +#define ISC_SHA384_DIGESTSTRINGLENGTH (ISC_SHA384_DIGESTLENGTH * 2 + 1) +#define ISC_SHA512_BLOCK_LENGTH 128U +#define ISC_SHA512_DIGESTLENGTH 64U +#define ISC_SHA512_DIGESTSTRINGLENGTH (ISC_SHA512_DIGESTLENGTH * 2 + 1) + + +ISC_LANG_BEGINDECLS + +/*** SHA-256/384/512 Context Structures *******************************/ + +/* + * Keep buffer immediately after bitcount to preserve alignment. + */ +typedef struct { + isc_uint32_t state[8]; + isc_uint64_t bitcount; + isc_uint8_t buffer[ISC_SHA256_BLOCK_LENGTH]; +} isc_sha256_t; + +/* + * Keep buffer immediately after bitcount to preserve alignment. + */ +typedef struct { + isc_uint64_t state[8]; + isc_uint64_t bitcount[2]; + isc_uint8_t buffer[ISC_SHA512_BLOCK_LENGTH]; +} isc_sha512_t; + +typedef isc_sha256_t isc_sha224_t; +typedef isc_sha512_t isc_sha384_t; + +/*** SHA-224/256/384/512 Function Prototypes ******************************/ + +void isc_sha224_init (isc_sha224_t *); +void isc_sha224_update (isc_sha224_t *, const isc_uint8_t *, size_t); +void isc_sha224_final (isc_uint8_t[ISC_SHA224_DIGESTLENGTH], isc_sha224_t *); +char *isc_sha224_end (isc_sha224_t *, char[ISC_SHA224_DIGESTSTRINGLENGTH]); +char *isc_sha224_data (const isc_uint8_t *, size_t, char[ISC_SHA224_DIGESTSTRINGLENGTH]); + +void isc_sha256_init (isc_sha256_t *); +void isc_sha256_update (isc_sha256_t *, const isc_uint8_t *, size_t); +void isc_sha256_final (isc_uint8_t[ISC_SHA256_DIGESTLENGTH], isc_sha256_t *); +char *isc_sha256_end (isc_sha256_t *, char[ISC_SHA256_DIGESTSTRINGLENGTH]); +char *isc_sha256_data (const isc_uint8_t *, size_t, char[ISC_SHA256_DIGESTSTRINGLENGTH]); + +void isc_sha384_init (isc_sha384_t *); +void isc_sha384_update (isc_sha384_t *, const isc_uint8_t *, size_t); +void isc_sha384_final (isc_uint8_t[ISC_SHA384_DIGESTLENGTH], isc_sha384_t *); +char *isc_sha384_end (isc_sha384_t *, char[ISC_SHA384_DIGESTSTRINGLENGTH]); +char *isc_sha384_data (const isc_uint8_t *, size_t, char[ISC_SHA384_DIGESTSTRINGLENGTH]); + +void isc_sha512_init (isc_sha512_t *); +void isc_sha512_update (isc_sha512_t *, const isc_uint8_t *, size_t); +void isc_sha512_final (isc_uint8_t[ISC_SHA512_DIGESTLENGTH], isc_sha512_t *); +char *isc_sha512_end (isc_sha512_t *, char[ISC_SHA512_DIGESTSTRINGLENGTH]); +char *isc_sha512_data (const isc_uint8_t *, size_t, char[ISC_SHA512_DIGESTSTRINGLENGTH]); + +ISC_LANG_ENDDECLS + +#endif /* ISC_SHA2_H */ diff --git a/usr.sbin/bind/lib/isc/include/isc/sockaddr.h b/usr.sbin/bind/lib/isc/include/isc/sockaddr.h index 0cae29c6135..b43743deb3f 100644 --- a/usr.sbin/bind/lib/isc/include/isc/sockaddr.h +++ b/usr.sbin/bind/lib/isc/include/isc/sockaddr.h @@ -15,20 +15,28 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: sockaddr.h,v 1.35.12.10 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: sockaddr.h,v 1.42.18.8 2006/03/02 00:37:22 marka Exp $ */ #ifndef ISC_SOCKADDR_H #define ISC_SOCKADDR_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/net.h> #include <isc/types.h> +#ifdef ISC_PLATFORM_HAVESYSUNH +#include <sys/un.h> +#endif struct isc_sockaddr { union { struct sockaddr sa; struct sockaddr_in sin; struct sockaddr_in6 sin6; +#ifdef ISC_PLATFORM_HAVESYSUNH + struct sockaddr_un sunix; +#endif } type; unsigned int length; /* XXXRTH beginning? */ ISC_LINK(struct isc_sockaddr) link; @@ -36,17 +44,36 @@ struct isc_sockaddr { typedef ISC_LIST(struct isc_sockaddr) isc_sockaddrlist_t; +#define ISC_SOCKADDR_CMPADDR 0x0001 /*%< compare the address + * sin_addr/sin6_addr */ +#define ISC_SOCKADDR_CMPPORT 0x0002 /*%< compare the port + * sin_port/sin6_port */ +#define ISC_SOCKADDR_CMPSCOPE 0x0004 /*%< compare the scope + * sin6_scope */ +#define ISC_SOCKADDR_CMPSCOPEZERO 0x0008 /*%< when comparing scopes + * zero scopes always match */ + ISC_LANG_BEGINDECLS isc_boolean_t +isc_sockaddr_compare(const isc_sockaddr_t *a, const isc_sockaddr_t *b, + unsigned int flags); +/*%< + * Compare the elements of the two address ('a' and 'b') as specified + * by 'flags' and report if they are equal or not. + * + * 'flags' is set from ISC_SOCKADDR_CMP*. + */ + +isc_boolean_t isc_sockaddr_equal(const isc_sockaddr_t *a, const isc_sockaddr_t *b); -/* +/*%< * Return ISC_TRUE iff the socket addresses 'a' and 'b' are equal. */ isc_boolean_t isc_sockaddr_eqaddr(const isc_sockaddr_t *a, const isc_sockaddr_t *b); -/* +/*%< * Return ISC_TRUE iff the address parts of the socket addresses * 'a' and 'b' are equal, ignoring the ports. */ @@ -54,14 +81,14 @@ isc_sockaddr_eqaddr(const isc_sockaddr_t *a, const isc_sockaddr_t *b); isc_boolean_t isc_sockaddr_eqaddrprefix(const isc_sockaddr_t *a, const isc_sockaddr_t *b, unsigned int prefixlen); -/* +/*%< * Return ISC_TRUE iff the most significant 'prefixlen' bits of the * socket addresses 'a' and 'b' are equal, ignoring the ports. */ unsigned int isc_sockaddr_hash(const isc_sockaddr_t *sockaddr, isc_boolean_t address_only); -/* +/*%< * Return a hash value for the socket address 'sockaddr'. If 'address_only' * is ISC_TRUE, the hash value will not depend on the port. * @@ -71,97 +98,97 @@ isc_sockaddr_hash(const isc_sockaddr_t *sockaddr, isc_boolean_t address_only); void isc_sockaddr_any(isc_sockaddr_t *sockaddr); -/* +/*%< * Return the IPv4 wildcard address. */ void isc_sockaddr_any6(isc_sockaddr_t *sockaddr); -/* +/*%< * Return the IPv6 wildcard address. */ void isc_sockaddr_anyofpf(isc_sockaddr_t *sockaddr, int family); -/* +/*%< * Set '*sockaddr' to the wildcard address of protocol family * 'family'. * * Requires: - * 'family' is AF_INET or AF_INET6. + * \li 'family' is AF_INET or AF_INET6. */ void isc_sockaddr_fromin(isc_sockaddr_t *sockaddr, const struct in_addr *ina, in_port_t port); -/* +/*%< * Construct an isc_sockaddr_t from an IPv4 address and port. */ void isc_sockaddr_fromin6(isc_sockaddr_t *sockaddr, const struct in6_addr *ina6, in_port_t port); -/* +/*%< * Construct an isc_sockaddr_t from an IPv6 address and port. */ void isc_sockaddr_v6fromin(isc_sockaddr_t *sockaddr, const struct in_addr *ina, in_port_t port); -/* +/*%< * Construct an IPv6 isc_sockaddr_t representing a mapped IPv4 address. */ void isc_sockaddr_fromnetaddr(isc_sockaddr_t *sockaddr, const isc_netaddr_t *na, in_port_t port); -/* +/*%< * Construct an isc_sockaddr_t from an isc_netaddr_t and port. */ int isc_sockaddr_pf(const isc_sockaddr_t *sockaddr); -/* +/*%< * Get the protocol family of 'sockaddr'. * * Requires: * - * 'sockaddr' is a valid sockaddr with an address family of AF_INET + *\li 'sockaddr' is a valid sockaddr with an address family of AF_INET * or AF_INET6. * * Returns: * - * The protocol family of 'sockaddr', e.g. PF_INET or PF_INET6. + *\li The protocol family of 'sockaddr', e.g. PF_INET or PF_INET6. */ void isc_sockaddr_setport(isc_sockaddr_t *sockaddr, in_port_t port); -/* +/*%< * Set the port of 'sockaddr' to 'port'. */ in_port_t isc_sockaddr_getport(const isc_sockaddr_t *sockaddr); -/* +/*%< * Get the port stored in 'sockaddr'. */ isc_result_t isc_sockaddr_totext(const isc_sockaddr_t *sockaddr, isc_buffer_t *target); -/* +/*%< * Append a text representation of 'sockaddr' to the buffer 'target'. * The text will include both the IP address (v4 or v6) and the port. * The text is null terminated, but the terminating null is not * part of the buffer's used region. * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOSPACE The text or the null termination did not fit. + * \li ISC_R_SUCCESS + * \li ISC_R_NOSPACE The text or the null termination did not fit. */ void isc_sockaddr_format(const isc_sockaddr_t *sa, char *array, unsigned int size); -/* +/*%< * Format a human-readable representation of the socket address '*sa' * into the character array 'array', which is of size 'size'. * The resulting string is guaranteed to be null-terminated. @@ -169,8 +196,8 @@ isc_sockaddr_format(const isc_sockaddr_t *sa, char *array, unsigned int size); isc_boolean_t isc_sockaddr_ismulticast(const isc_sockaddr_t *sa); -/* - * Returns ISC_TRUE if the address is a multicast address. +/*%< + * Returns #ISC_TRUE if the address is a multicast address. */ isc_boolean_t @@ -181,19 +208,30 @@ isc_sockaddr_isexperimental(const isc_sockaddr_t *sa); isc_boolean_t isc_sockaddr_islinklocal(const isc_sockaddr_t *sa); -/* +/*%< * Returns ISC_TRUE if the address is a link local addresss. */ isc_boolean_t isc_sockaddr_issitelocal(const isc_sockaddr_t *sa); -/* +/*%< * Returns ISC_TRUE if the address is a sitelocal address. */ -#define ISC_SOCKADDR_FORMATSIZE \ - sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:XXX.XXX.XXX.XXX#YYYYY%SSSSSSSSSS") +isc_result_t +isc_sockaddr_frompath(isc_sockaddr_t *sockaddr, const char *path); /* + * Create a UNIX domain sockaddr that refers to path. + * + * Returns: + * \li ISC_R_NOSPACE + * \li ISC_R_NOTIMPLEMENTED + * \li ISC_R_SUCCESS + */ + +#define ISC_SOCKADDR_FORMATSIZE \ + sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:XXX.XXX.XXX.XXX%SSSSSSSSSS#YYYYY") +/*%< * Minimum size of array to pass to isc_sockaddr_format(). */ diff --git a/usr.sbin/bind/lib/isc/include/isc/stdio.h b/usr.sbin/bind/lib/isc/include/isc/stdio.h index 1ffc535ebd0..a44a883f9c6 100644 --- a/usr.sbin/bind/lib/isc/include/isc/stdio.h +++ b/usr.sbin/bind/lib/isc/include/isc/stdio.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,22 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: stdio.h,v 1.6.206.1 2004/03/06 08:14:48 marka Exp $ */ +/* $ISC: stdio.h,v 1.7.18.2 2005/04/29 00:17:03 marka Exp $ */ #ifndef ISC_STDIO_H #define ISC_STDIO_H 1 +/*! \file */ + +/*% + * These functions are wrappers around the corresponding stdio functions. + * + * They return a detailed error code in the form of an an isc_result_t. ANSI C + * does not guarantee that stdio functions set errno, hence these functions + * must use platform dependent methods (e.g., the POSIX errno) to construct the + * error code. + */ + #include <stdio.h> #include <isc/lang.h> @@ -27,36 +38,35 @@ ISC_LANG_BEGINDECLS +/*% Open */ isc_result_t isc_stdio_open(const char *filename, const char *mode, FILE **fp); +/*% Close */ isc_result_t isc_stdio_close(FILE *f); +/*% Seek */ isc_result_t isc_stdio_seek(FILE *f, long offset, int whence); +/*% Read */ isc_result_t isc_stdio_read(void *ptr, size_t size, size_t nmemb, FILE *f, size_t *nret); +/*% Write */ isc_result_t isc_stdio_write(const void *ptr, size_t size, size_t nmemb, FILE *f, size_t *nret); +/*% Flush */ isc_result_t isc_stdio_flush(FILE *f); -/* - * These functions are wrappers around the corresponding stdio functions, - * returning a detailed error code in the form of an an isc_result_t. ANSI C - * does not guarantee that stdio functions set errno, hence these functions - * must use platform dependent methods (e.g., the POSIX errno) to construct the - * error code. - */ isc_result_t isc_stdio_sync(FILE *f); -/* +/*%< * Invoke fsync() on the file descriptor underlying an stdio stream, or an * equivalent system-dependent operation. Note that this function has no * direct counterpart in the stdio library. diff --git a/usr.sbin/bind/lib/isc/include/isc/stdlib.h b/usr.sbin/bind/lib/isc/include/isc/stdlib.h index 400297c889f..9f006ff7c0c 100644 --- a/usr.sbin/bind/lib/isc/include/isc/stdlib.h +++ b/usr.sbin/bind/lib/isc/include/isc/stdlib.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: stdlib.h,v 1.1.32.2 2004/03/06 08:14:48 marka Exp $ */ +/* $ISC: stdlib.h,v 1.2.18.2 2005/04/29 00:17:03 marka Exp $ */ #ifndef ISC_STDLIB_H #define ISC_STDLIB_H 1 +/*! \file */ + #include <stdlib.h> #include <isc/lang.h> diff --git a/usr.sbin/bind/lib/isc/include/isc/symtab.h b/usr.sbin/bind/lib/isc/include/isc/symtab.h index ba43f7c4e54..d085ecf21da 100644 --- a/usr.sbin/bind/lib/isc/include/isc/symtab.h +++ b/usr.sbin/bind/lib/isc/include/isc/symtab.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1996-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: symtab.h,v 1.16.206.3 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: symtab.h,v 1.17.18.4 2006/03/02 00:37:22 marka Exp $ */ #ifndef ISC_SYMTAB_H #define ISC_SYMTAB_H 1 @@ -24,10 +24,8 @@ ***** Module Info *****/ -/* - * Symbol Table - * - * Provides a simple memory-based symbol table. +/*! \file + * \brief Provides a simple memory-based symbol table. * * Keys are C strings, and key comparisons are case-insenstive. A type may * be specified when looking up, defining, or undefining. A type value of @@ -38,11 +36,11 @@ * tuple when a tuple with the given key and type already exists in the table. * What to do in this case is specified by the client. Possible policies are: * - * isc_symexists_reject Disallow the define, returning ISC_R_EXISTS - * isc_symexists_replace Replace the old value with the new. The + *\li #isc_symexists_reject Disallow the define, returning #ISC_R_EXISTS + *\li #isc_symexists_replace Replace the old value with the new. The * undefine action (if provided) will be called * with the old <key, type, value> tuple. - * isc_symexists_add Add the new tuple, leaving the old tuple in + *\li #isc_symexists_add Add the new tuple, leaving the old tuple in * the table. Subsequent lookups will retrieve * the most-recently-defined tuple. * @@ -59,19 +57,19 @@ * undefined. It can be used to free memory associated with keys and/or * values. * - * MP: + * \li MP: * The callers of this module must ensure any required synchronization. * - * Reliability: + * \li Reliability: * No anticipated impact. * - * Resources: - * <TBS> + * \li Resources: + * TBS * - * Security: + * \li Security: * No anticipated impact. * - * Standards: + * \li Standards: * None. */ @@ -82,10 +80,10 @@ #include <isc/lang.h> #include <isc/types.h> -/*** +/* *** Symbol Tables. ***/ - +/*% Symbol table value. */ typedef union isc_symvalue { void * as_pointer; const void * as_cpointer; @@ -95,31 +93,36 @@ typedef union isc_symvalue { typedef void (*isc_symtabaction_t)(char *key, unsigned int type, isc_symvalue_t value, void *userarg); - +/*% Symbol table exists. */ typedef enum { - isc_symexists_reject = 0, - isc_symexists_replace = 1, - isc_symexists_add = 2 + isc_symexists_reject = 0, /*%< Disallow the define */ + isc_symexists_replace = 1, /*%< Replace the old value with the new */ + isc_symexists_add = 2 /*%< Add the new tuple */ } isc_symexists_t; ISC_LANG_BEGINDECLS +/*% Create a symbol table. */ isc_result_t isc_symtab_create(isc_mem_t *mctx, unsigned int size, isc_symtabaction_t undefine_action, void *undefine_arg, isc_boolean_t case_sensitive, isc_symtab_t **symtabp); +/*% Destroy a symbol table. */ void isc_symtab_destroy(isc_symtab_t **symtabp); +/*% Lookup a symbol table. */ isc_result_t isc_symtab_lookup(isc_symtab_t *symtab, const char *key, unsigned int type, isc_symvalue_t *value); +/*% Define a symbol table. */ isc_result_t isc_symtab_define(isc_symtab_t *symtab, const char *key, unsigned int type, isc_symvalue_t value, isc_symexists_t exists_policy); +/*% Undefine a symbol table. */ isc_result_t isc_symtab_undefine(isc_symtab_t *symtab, const char *key, unsigned int type); diff --git a/usr.sbin/bind/lib/isc/include/isc/task.h b/usr.sbin/bind/lib/isc/include/isc/task.h index 66636495ff6..c227d8fc653 100644 --- a/usr.sbin/bind/lib/isc/include/isc/task.h +++ b/usr.sbin/bind/lib/isc/include/isc/task.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: task.h,v 1.49.206.3 2004/03/09 05:21:09 marka Exp $ */ +/* $ISC: task.h,v 1.51.18.2 2005/04/29 00:17:03 marka Exp $ */ #ifndef ISC_TASK_H #define ISC_TASK_H 1 @@ -24,33 +24,55 @@ ***** Module Info *****/ -/* - * Task System - * - * The task system provides a lightweight execution context, which is - * basically an event queue. When a task's event queue is non-empty, the +/*! \file + * \brief The task system provides a lightweight execution context, which is + * basically an event queue. + + * When a task's event queue is non-empty, the * task is runnable. A small work crew of threads, typically one per CPU, * execute runnable tasks by dispatching the events on the tasks' event * queues. Context switching between tasks is fast. * - * MP: + * \li MP: * The module ensures appropriate synchronization of data structures it * creates and manipulates. - * * The caller must ensure that isc_taskmgr_destroy() is called only * once for a given manager. * - * Reliability: + * \li Reliability: * No anticipated impact. * - * Resources: - * <TBS> + * \li Resources: + * TBS * - * Security: + * \li Security: * No anticipated impact. * - * Standards: + * \li Standards: * None. + * + * \section purge Purging and Unsending + * + * Events which have been queued for a task but not delivered may be removed + * from the task's event queue by purging or unsending. + * + * With both types, the caller specifies a matching pattern that selects + * events based upon their sender, type, and tag. + * + * Purging calls isc_event_free() on the matching events. + * + * Unsending returns a list of events that matched the pattern. + * The caller is then responsible for them. + * + * Consumers of events should purge, not unsend. + * + * Producers of events often want to remove events when the caller indicates + * it is no longer interested in the object, e.g. by cancelling a timer. + * Sometimes this can be done by purging, but for some event types, the + * calls to isc_event_free() cause deadlock because the event free routine + * wants to acquire a lock the caller is already holding. Unsending instead + * of purging solves this problem. As a general rule, producers should only + * unsend events which they have sent. */ @@ -76,355 +98,335 @@ ISC_LANG_BEGINDECLS isc_result_t isc_task_create(isc_taskmgr_t *manager, unsigned int quantum, isc_task_t **taskp); -/* +/*%< * Create a task. * * Notes: * - * If 'quantum' is non-zero, then only that many events can be dispatched + *\li If 'quantum' is non-zero, then only that many events can be dispatched * before the task must yield to other tasks waiting to execute. If * quantum is zero, then the default quantum of the task manager will * be used. * - * The 'quantum' option may be removed from isc_task_create() in the + *\li The 'quantum' option may be removed from isc_task_create() in the * future. If this happens, isc_task_getquantum() and * isc_task_setquantum() will be provided. * * Requires: * - * 'manager' is a valid task manager. + *\li 'manager' is a valid task manager. * - * taskp != NULL && *taskp == NULL + *\li taskp != NULL && *taskp == NULL * * Ensures: * - * On success, '*taskp' is bound to the new task. + *\li On success, '*taskp' is bound to the new task. * * Returns: * - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * ISC_R_UNEXPECTED - * ISC_R_SHUTTINGDOWN + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li #ISC_R_UNEXPECTED + *\li #ISC_R_SHUTTINGDOWN */ void isc_task_attach(isc_task_t *source, isc_task_t **targetp); -/* +/*%< * Attach *targetp to source. * * Requires: * - * 'source' is a valid task. + *\li 'source' is a valid task. * - * 'targetp' points to a NULL isc_task_t *. + *\li 'targetp' points to a NULL isc_task_t *. * * Ensures: * - * *targetp is attached to source. + *\li *targetp is attached to source. */ void isc_task_detach(isc_task_t **taskp); -/* +/*%< * Detach *taskp from its task. * * Requires: * - * '*taskp' is a valid task. + *\li '*taskp' is a valid task. * * Ensures: * - * *taskp is NULL. + *\li *taskp is NULL. * - * If '*taskp' is the last reference to the task, the task is idle (has + *\li If '*taskp' is the last reference to the task, the task is idle (has * an empty event queue), and has not been shutdown, the task will be * shutdown. * - * If '*taskp' is the last reference to the task and + *\li If '*taskp' is the last reference to the task and * the task has been shutdown, - * - * All resources used by the task will be freed. + * all resources used by the task will be freed. */ void isc_task_send(isc_task_t *task, isc_event_t **eventp); -/* +/*%< * Send '*event' to 'task'. * * Requires: * - * 'task' is a valid task. - * eventp != NULL && *eventp != NULL. + *\li 'task' is a valid task. + *\li eventp != NULL && *eventp != NULL. * * Ensures: * - * *eventp == NULL. + *\li *eventp == NULL. */ void isc_task_sendanddetach(isc_task_t **taskp, isc_event_t **eventp); -/* +/*%< * Send '*event' to '*taskp' and then detach '*taskp' from its * task. * * Requires: * - * '*taskp' is a valid task. - * eventp != NULL && *eventp != NULL. + *\li '*taskp' is a valid task. + *\li eventp != NULL && *eventp != NULL. * * Ensures: * - * *eventp == NULL. + *\li *eventp == NULL. * - * *taskp == NULL. + *\li *taskp == NULL. * - * If '*taskp' is the last reference to the task, the task is + *\li If '*taskp' is the last reference to the task, the task is * idle (has an empty event queue), and has not been shutdown, * the task will be shutdown. * - * If '*taskp' is the last reference to the task and + *\li If '*taskp' is the last reference to the task and * the task has been shutdown, - * - * All resources used by the task will be freed. + * all resources used by the task will be freed. */ -/* - * Purging and Unsending - * - * Events which have been queued for a task but not delivered may be removed - * from the task's event queue by purging or unsending. - * - * With both types, the caller specifies a matching pattern that selects - * events based upon their sender, type, and tag. - * - * Purging calls isc_event_free() on the matching events. - * - * Unsending returns a list of events that matched the pattern. - * The caller is then responsible for them. - * - * Consumers of events should purge, not unsend. - * - * Producers of events often want to remove events when the caller indicates - * it is no longer interested in the object, e.g. by cancelling a timer. - * Sometimes this can be done by purging, but for some event types, the - * calls to isc_event_free() cause deadlock because the event free routine - * wants to acquire a lock the caller is already holding. Unsending instead - * of purging solves this problem. As a general rule, producers should only - * unsend events which they have sent. - */ unsigned int isc_task_purgerange(isc_task_t *task, void *sender, isc_eventtype_t first, isc_eventtype_t last, void *tag); -/* +/*%< * Purge events from a task's event queue. * * Requires: * - * 'task' is a valid task. + *\li 'task' is a valid task. * - * last >= first + *\li last >= first * * Ensures: * - * Events in the event queue of 'task' whose sender is 'sender', whose + *\li Events in the event queue of 'task' whose sender is 'sender', whose * type is >= first and <= last, and whose tag is 'tag' will be purged, * unless they are marked as unpurgable. * - * A sender of NULL will match any sender. A NULL tag matches any + *\li A sender of NULL will match any sender. A NULL tag matches any * tag. * * Returns: * - * The number of events purged. + *\li The number of events purged. */ unsigned int isc_task_purge(isc_task_t *task, void *sender, isc_eventtype_t type, void *tag); -/* +/*%< * Purge events from a task's event queue. * * Notes: * - * This function is equivalent to + *\li This function is equivalent to * + *\code * isc_task_purgerange(task, sender, type, type, tag); + *\endcode * * Requires: * - * 'task' is a valid task. + *\li 'task' is a valid task. * * Ensures: * - * Events in the event queue of 'task' whose sender is 'sender', whose + *\li Events in the event queue of 'task' whose sender is 'sender', whose * type is 'type', and whose tag is 'tag' will be purged, unless they * are marked as unpurgable. * - * A sender of NULL will match any sender. A NULL tag matches any + *\li A sender of NULL will match any sender. A NULL tag matches any * tag. * * Returns: * - * The number of events purged. + *\li The number of events purged. */ isc_boolean_t isc_task_purgeevent(isc_task_t *task, isc_event_t *event); -/* +/*%< * Purge 'event' from a task's event queue. * * XXXRTH: WARNING: This method may be removed before beta. * * Notes: * - * If 'event' is on the task's event queue, it will be purged, + *\li If 'event' is on the task's event queue, it will be purged, * unless it is marked as unpurgeable. 'event' does not have to be * on the task's event queue; in fact, it can even be an invalid * pointer. Purging only occurs if the event is actually on the task's * event queue. * - * Purging never changes the state of the task. + * \li Purging never changes the state of the task. * * Requires: * - * 'task' is a valid task. + *\li 'task' is a valid task. * * Ensures: * - * 'event' is not in the event queue for 'task'. + *\li 'event' is not in the event queue for 'task'. * * Returns: * - * ISC_TRUE The event was purged. - * ISC_FALSE The event was not in the event queue, + *\li #ISC_TRUE The event was purged. + *\li #ISC_FALSE The event was not in the event queue, * or was marked unpurgeable. */ unsigned int isc_task_unsendrange(isc_task_t *task, void *sender, isc_eventtype_t first, isc_eventtype_t last, void *tag, isc_eventlist_t *events); -/* +/*%< * Remove events from a task's event queue. * * Requires: * - * 'task' is a valid task. + *\li 'task' is a valid task. * - * last >= first. + *\li last >= first. * - * *events is a valid list. + *\li *events is a valid list. * * Ensures: * - * Events in the event queue of 'task' whose sender is 'sender', whose + *\li Events in the event queue of 'task' whose sender is 'sender', whose * type is >= first and <= last, and whose tag is 'tag' will be dequeued * and appended to *events. * - * A sender of NULL will match any sender. A NULL tag matches any + *\li A sender of NULL will match any sender. A NULL tag matches any * tag. * * Returns: * - * The number of events unsent. + *\li The number of events unsent. */ unsigned int isc_task_unsend(isc_task_t *task, void *sender, isc_eventtype_t type, void *tag, isc_eventlist_t *events); -/* +/*%< * Remove events from a task's event queue. * * Notes: * - * This function is equivalent to + *\li This function is equivalent to * + *\code * isc_task_unsendrange(task, sender, type, type, tag, events); + *\endcode * * Requires: * - * 'task' is a valid task. + *\li 'task' is a valid task. * - * *events is a valid list. + *\li *events is a valid list. * * Ensures: * - * Events in the event queue of 'task' whose sender is 'sender', whose + *\li Events in the event queue of 'task' whose sender is 'sender', whose * type is 'type', and whose tag is 'tag' will be dequeued and appended * to *events. * * Returns: * - * The number of events unsent. + *\li The number of events unsent. */ isc_result_t isc_task_onshutdown(isc_task_t *task, isc_taskaction_t action, const void *arg); -/* +/*%< * Send a shutdown event with action 'action' and argument 'arg' when * 'task' is shutdown. * * Notes: * - * Shutdown events are posted in LIFO order. + *\li Shutdown events are posted in LIFO order. * * Requires: * - * 'task' is a valid task. + *\li 'task' is a valid task. * - * 'action' is a valid task action. + *\li 'action' is a valid task action. * * Ensures: * - * When the task is shutdown, shutdown events requested with + *\li When the task is shutdown, shutdown events requested with * isc_task_onshutdown() will be appended to the task's event queue. * * Returns: * - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * ISC_R_TASKSHUTTINGDOWN Task is shutting down. + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li #ISC_R_TASKSHUTTINGDOWN Task is shutting down. */ void isc_task_shutdown(isc_task_t *task); -/* +/*%< * Shutdown 'task'. * * Notes: * - * Shutting down a task causes any shutdown events requested with + *\li Shutting down a task causes any shutdown events requested with * isc_task_onshutdown() to be posted (in LIFO order). The task * moves into a "shutting down" mode which prevents further calls * to isc_task_onshutdown(). * - * Trying to shutdown a task that has already been shutdown has no + *\li Trying to shutdown a task that has already been shutdown has no * effect. * * Requires: * - * 'task' is a valid task. + *\li 'task' is a valid task. * * Ensures: * - * Any shutdown events requested with isc_task_onshutdown() have been + *\li Any shutdown events requested with isc_task_onshutdown() have been * posted (in LIFO order). */ void isc_task_destroy(isc_task_t **taskp); -/* +/*%< * Destroy '*taskp'. * * Notes: * - * This call is equivalent to: + *\li This call is equivalent to: * + *\code * isc_task_shutdown(*taskp); * isc_task_detach(taskp); + *\endcode * * Requires: * @@ -432,45 +434,44 @@ isc_task_destroy(isc_task_t **taskp); * * Ensures: * - * Any shutdown events requested with isc_task_onshutdown() have been + *\li Any shutdown events requested with isc_task_onshutdown() have been * posted (in LIFO order). * - * *taskp == NULL + *\li *taskp == NULL * - * If '*taskp' is the last reference to the task, - * - * All resources used by the task will be freed. + *\li If '*taskp' is the last reference to the task, + * all resources used by the task will be freed. */ void isc_task_setname(isc_task_t *task, const char *name, void *tag); -/* +/*%< * Name 'task'. * * Notes: * - * Only the first 15 characters of 'name' will be copied. + *\li Only the first 15 characters of 'name' will be copied. * - * Naming a task is currently only useful for debugging purposes. + *\li Naming a task is currently only useful for debugging purposes. * * Requires: * - * 'task' is a valid task. + *\li 'task' is a valid task. */ const char * isc_task_getname(isc_task_t *task); -/* +/*%< * Get the name of 'task', as previously set using isc_task_setname(). * * Notes: - * This function is for debugging purposes only. + *\li This function is for debugging purposes only. * * Requires: - * 'task' is a valid task. + *\li 'task' is a valid task. * * Returns: - * A non-NULL pointer to a null-terminated string. + *\li A non-NULL pointer to a null-terminated string. * If the task has not been named, the string is * empty. * @@ -478,19 +479,19 @@ isc_task_getname(isc_task_t *task); void * isc_task_gettag(isc_task_t *task); -/* +/*%< * Get the tag value for 'task', as previously set using isc_task_settag(). * * Notes: - * This function is for debugging purposes only. + *\li This function is for debugging purposes only. * * Requires: - * 'task' is a valid task. + *\li 'task' is a valid task. */ isc_result_t isc_task_beginexclusive(isc_task_t *task); -/* +/*%< * Request exclusive access for 'task', which must be the calling * task. Waits for any other concurrently executing tasks to finish their * current event, and prevents any new events from executing in any of the @@ -500,37 +501,37 @@ isc_task_beginexclusive(isc_task_t *task); * isc_task_endexclusive() before returning from the current event handler. * * Requires: - * 'task' is the calling task. + *\li 'task' is the calling task. * * Returns: - * ISC_R_SUCCESS The current task now has exclusive access. - * ISC_R_LOCKBUSY Another task has already requested exclusive + *\li #ISC_R_SUCCESS The current task now has exclusive access. + *\li #ISC_R_LOCKBUSY Another task has already requested exclusive * access. */ void isc_task_endexclusive(isc_task_t *task); -/* +/*%< * Relinquish the exclusive access obtained by isc_task_beginexclusive(), * allowing other tasks to execute. * * Requires: - * 'task' is the calling task, and has obtained + *\li 'task' is the calling task, and has obtained * exclusive access by calling isc_task_spl(). */ void isc_task_getcurrenttime(isc_task_t *task, isc_stdtime_t *t); -/* +/*%< * Provide the most recent timestamp on the task. The timestamp is considered * as the "current time" in the second-order granularity. * * Requires: - * 'task' is a valid task. - * 't' is a valid non NULL pointer. + *\li 'task' is a valid task. + *\li 't' is a valid non NULL pointer. * * Ensures: - * '*t' has the "current time". + *\li '*t' has the "current time". */ /***** @@ -540,73 +541,73 @@ isc_task_getcurrenttime(isc_task_t *task, isc_stdtime_t *t); isc_result_t isc_taskmgr_create(isc_mem_t *mctx, unsigned int workers, unsigned int default_quantum, isc_taskmgr_t **managerp); -/* +/*%< * Create a new task manager. * * Notes: * - * 'workers' in the number of worker threads to create. In general, + *\li 'workers' in the number of worker threads to create. In general, * the value should be close to the number of processors in the system. * The 'workers' value is advisory only. An attempt will be made to * create 'workers' threads, but if at least one thread creation * succeeds, isc_taskmgr_create() may return ISC_R_SUCCESS. * - * If 'default_quantum' is non-zero, then it will be used as the default + *\li If 'default_quantum' is non-zero, then it will be used as the default * quantum value when tasks are created. If zero, then an implementation * defined default quantum will be used. * * Requires: * - * 'mctx' is a valid memory context. + *\li 'mctx' is a valid memory context. * - * workers > 0 + *\li workers > 0 * - * managerp != NULL && *managerp == NULL + *\li managerp != NULL && *managerp == NULL * * Ensures: * - * On success, '*managerp' will be attached to the newly created task + *\li On success, '*managerp' will be attached to the newly created task * manager. * * Returns: * - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * ISC_R_NOTHREADS No threads could be created. - * ISC_R_UNEXPECTED An unexpected error occurred. + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li #ISC_R_NOTHREADS No threads could be created. + *\li #ISC_R_UNEXPECTED An unexpected error occurred. */ void isc_taskmgr_destroy(isc_taskmgr_t **managerp); -/* +/*%< * Destroy '*managerp'. * * Notes: * - * Calling isc_taskmgr_destroy() will shutdown all tasks managed by + *\li Calling isc_taskmgr_destroy() will shutdown all tasks managed by * *managerp that haven't already been shutdown. The call will block * until all tasks have entered the done state. * - * isc_taskmgr_destroy() must not be called by a task event action, + *\li isc_taskmgr_destroy() must not be called by a task event action, * because it would block forever waiting for the event action to * complete. An event action that wants to cause task manager shutdown * should request some non-event action thread of execution to do the * shutdown, e.g. by signalling a condition variable or using * isc_app_shutdown(). * - * Task manager references are not reference counted, so the caller + *\li Task manager references are not reference counted, so the caller * must ensure that no attempt will be made to use the manager after * isc_taskmgr_destroy() returns. * * Requires: * - * '*managerp' is a valid task manager. + *\li '*managerp' is a valid task manager. * - * isc_taskmgr_destroy() has not be called previously on '*managerp'. + *\li isc_taskmgr_destroy() has not be called previously on '*managerp'. * * Ensures: * - * All resources used by the task manager, and any tasks it managed, + *\li All resources used by the task manager, and any tasks it managed, * have been freed. */ diff --git a/usr.sbin/bind/lib/isc/include/isc/taskpool.h b/usr.sbin/bind/lib/isc/include/isc/taskpool.h index 9e59bfcfec8..419b080b0da 100644 --- a/usr.sbin/bind/lib/isc/include/isc/taskpool.h +++ b/usr.sbin/bind/lib/isc/include/isc/taskpool.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: taskpool.h,v 1.8.206.1 2004/03/06 08:14:49 marka Exp $ */ +/* $ISC: taskpool.h,v 1.9.18.2 2005/04/29 00:17:04 marka Exp $ */ #ifndef ISC_TASKPOOL_H #define ISC_TASKPOOL_H 1 @@ -24,10 +24,8 @@ ***** Module Info *****/ -/* - * Task Pool - * - * A task pool is a mechanism for sharing a small number of tasks +/*! \file + * \brief A task pool is a mechanism for sharing a small number of tasks * among a large number of objects such that each object is * assigned a unique task, but each task may be shared by several * objects. @@ -62,44 +60,44 @@ isc_result_t isc_taskpool_create(isc_taskmgr_t *tmgr, isc_mem_t *mctx, unsigned int ntasks, unsigned int quantum, isc_taskpool_t **poolp); -/* +/*%< * Create a task pool of "ntasks" tasks, each with quantum * "quantum". * * Requires: * - * 'tmgr' is a valid task manager. + *\li 'tmgr' is a valid task manager. * - * 'mctx' is a valid memory context. + *\li 'mctx' is a valid memory context. * - * poolp != NULL && *poolp == NULL + *\li poolp != NULL && *poolp == NULL * * Ensures: * - * On success, '*taskp' points to the new task pool. + *\li On success, '*taskp' points to the new task pool. * * Returns: * - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * ISC_R_UNEXPECTED + *\li #ISC_R_SUCCESS + *\li #ISC_R_NOMEMORY + *\li #ISC_R_UNEXPECTED */ void isc_taskpool_gettask(isc_taskpool_t *pool, unsigned int hash, isc_task_t **targetp); -/* +/*%< * Attach to the task corresponding to the hash value "hash". */ void isc_taskpool_destroy(isc_taskpool_t **poolp); -/* +/*%< * Destroy a task pool. The tasks in the pool are detached but not * shut down. * * Requires: - * '*poolp' is a valid task pool. + * \li '*poolp' is a valid task pool. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/isc/include/isc/util.h b/usr.sbin/bind/lib/isc/include/isc/util.h index d310f679bb4..b1ad6e2bda4 100644 --- a/usr.sbin/bind/lib/isc/include/isc/util.h +++ b/usr.sbin/bind/lib/isc/include/isc/util.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,17 +15,18 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: util.h,v 1.21.12.5 2004/03/08 09:04:53 marka Exp $ */ +/* $ISC: util.h,v 1.24.18.2 2005/04/29 00:17:04 marka Exp $ */ #ifndef ISC_UTIL_H #define ISC_UTIL_H 1 -/* +/*! \file util.h * NOTE: * * This file is not to be included from any <isc/???.h> (or other) library * files. * + * \brief * Including this file puts several macros in your name space that are * not protected (as all the other ISC functions/macros do) by prepending * ISC_ or isc_ to the name. @@ -35,21 +36,22 @@ *** General Macros. ***/ -/* +/*% * Use this to hide unused function arguments. - * + * \code * int * foo(char *bar) * { * UNUSED(bar); * } + * \endcode */ #define UNUSED(x) (void)(x) #define ISC_MAX(a, b) ((a) > (b) ? (a) : (b)) #define ISC_MIN(a, b) ((a) < (b) ? (a) : (b)) -/* +/*% * Use this to remove the const qualifier of a variable to assign it to * a non-const variable or pass it as a non-const function argument ... * but only when you are sure it won't then be changed! @@ -64,16 +66,15 @@ var = _u.v; \ } while (0) -/* +/*% * Use this in translation units that would otherwise be empty, to * suppress compiler warnings. */ #define EMPTY_TRANSLATION_UNIT static void isc__empty(void) { isc__empty(); } -/* +/*% * We use macros instead of calling the routines directly because * the capital letters make the locking stand out. - * * We RUNTIME_CHECK for success since in general there's no way * for us to continue if they fail. */ @@ -203,9 +204,13 @@ */ #include <isc/assertions.h> /* Contractual promise. */ +/*% Require Assertion */ #define REQUIRE(e) ISC_REQUIRE(e) +/*% Ensure Assertion */ #define ENSURE(e) ISC_ENSURE(e) +/*% Insist Assertion */ #define INSIST(e) ISC_INSIST(e) +/*% Invariant Assertion */ #define INVARIANT(e) ISC_INVARIANT(e) /* @@ -213,11 +218,14 @@ */ #include <isc/error.h> /* Contractual promise. */ +/*% Unexpected Error */ #define UNEXPECTED_ERROR isc_error_unexpected +/*% Fatal Error */ #define FATAL_ERROR isc_error_fatal +/*% Runtime Check */ #define RUNTIME_CHECK(cond) ISC_ERROR_RUNTIMECHECK(cond) -/* +/*% * Time */ #define TIME_NOW(tp) RUNTIME_CHECK(isc_time_now((tp)) == ISC_R_SUCCESS) diff --git a/usr.sbin/bind/lib/isc/include/isc/version.h b/usr.sbin/bind/lib/isc/include/isc/version.h index e40c78986d3..97e22e2ea1a 100644 --- a/usr.sbin/bind/lib/isc/include/isc/version.h +++ b/usr.sbin/bind/lib/isc/include/isc/version.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: version.h,v 1.2.220.3 2004/03/08 09:04:54 marka Exp $ */ +/* $ISC: version.h,v 1.3.18.2 2005/04/29 00:17:04 marka Exp $ */ + +/*! \file */ #include <isc/platform.h> diff --git a/usr.sbin/bind/lib/isc/lib.c b/usr.sbin/bind/lib/isc/lib.c index 83dca1546b8..3e32447cd5a 100644 --- a/usr.sbin/bind/lib/isc/lib.c +++ b/usr.sbin/bind/lib/isc/lib.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lib.c,v 1.8.12.3 2004/03/08 09:04:49 marka Exp $ */ +/* $ISC: lib.c,v 1.10.18.2 2005/04/29 00:16:47 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -53,7 +55,7 @@ void isc_lib_initmsgcat(void) { isc_result_t result; - /* + /*! * Initialize the ISC library's message catalog, isc_msgcat, if it * has not already been initialized. */ diff --git a/usr.sbin/bind/lib/isc/md5.c b/usr.sbin/bind/lib/isc/md5.c index a23c7e15948..cc8cfb7283e 100644 --- a/usr.sbin/bind/lib/isc/md5.c +++ b/usr.sbin/bind/lib/isc/md5.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,9 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: md5.c,v 1.9.206.1 2004/03/06 08:14:32 marka Exp $ */ +/* $ISC: md5.c,v 1.10.18.2 2005/04/29 00:16:47 marka Exp $ */ -/* +/*! \file * This code implements the MD5 message-digest algorithm. * The algorithm is due to Ron Rivest. This code was * written by Colin Plumb in 1993, no copyright is claimed. @@ -54,7 +54,7 @@ byteSwap(isc_uint32_t *buf, unsigned words) } while (--words); } -/* +/*! * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious * initialization constants. */ @@ -74,19 +74,21 @@ isc_md5_invalidate(isc_md5_t *ctx) { memset(ctx, 0, sizeof(isc_md5_t)); } -/* The four core functions - F1 is optimized somewhat */ +/*@{*/ +/*! The four core functions - F1 is optimized somewhat */ /* #define F1(x, y, z) (x & y | ~x & z) */ #define F1(x, y, z) (z ^ (x & (y ^ z))) #define F2(x, y, z) F1(z, x, y) #define F3(x, y, z) (x ^ y ^ z) #define F4(x, y, z) (y ^ (x | ~z)) +/*@}*/ -/* This is the central step in the MD5 algorithm. */ +/*! This is the central step in the MD5 algorithm. */ #define MD5STEP(f,w,x,y,z,in,s) \ (w += f(x,y,z) + in, w = (w<<s | w>>(32-s)) + x) -/* +/*! * The core of the MD5 algorithm, this alters an existing MD5 hash to * reflect the addition of 16 longwords of new data. MD5Update blocks * the data and converts bytes into longwords for this routine. @@ -174,7 +176,7 @@ transform(isc_uint32_t buf[4], isc_uint32_t const in[16]) { buf[3] += d; } -/* +/*! * Update context to reflect the concatenation of another buffer full * of bytes. */ @@ -213,7 +215,7 @@ isc_md5_update(isc_md5_t *ctx, const unsigned char *buf, unsigned int len) { memcpy(ctx->in, buf, len); } -/* +/*! * Final wrapup - pad to 64-byte boundary with the bit pattern * 1 0* (64-bit count of bits processed, MSB-first) */ diff --git a/usr.sbin/bind/lib/isc/mips/Makefile.in b/usr.sbin/bind/lib/isc/mips/Makefile.in new file mode 100644 index 00000000000..19a13a8cc02 --- /dev/null +++ b/usr.sbin/bind/lib/isc/mips/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = include +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/mips/include/Makefile.in b/usr.sbin/bind/lib/isc/mips/include/Makefile.in new file mode 100644 index 00000000000..26103230cdc --- /dev/null +++ b/usr.sbin/bind/lib/isc/mips/include/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = isc +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/mips/include/isc/Makefile.in b/usr.sbin/bind/lib/isc/mips/include/isc/Makefile.in new file mode 100644 index 00000000000..b571c74337e --- /dev/null +++ b/usr.sbin/bind/lib/isc/mips/include/isc/Makefile.in @@ -0,0 +1,36 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +@BIND9_VERSION@ + +HEADERS = atomic.h + +SUBDIRS = +TARGETS = + +@BIND9_MAKE_RULES@ + +installdirs: + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${includedir}/isc + +install:: installdirs + for i in ${HEADERS}; do \ + ${INSTALL_DATA} $(srcdir)/$$i ${DESTDIR}${includedir}/isc ; \ + done diff --git a/usr.sbin/bind/lib/isc/mips/include/isc/atomic.h b/usr.sbin/bind/lib/isc/mips/include/isc/atomic.h new file mode 100644 index 00000000000..de1befab7ac --- /dev/null +++ b/usr.sbin/bind/lib/isc/mips/include/isc/atomic.h @@ -0,0 +1,98 @@ +/* + * Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: atomic.h,v 1.1.2.1 2005/07/09 07:14:00 jinmei Exp $ */ + +#ifndef ISC_ATOMIC_H +#define ISC_ATOMIC_H 1 + +#include <isc/platform.h> +#include <isc/types.h> + +#ifdef ISC_PLATFORM_USEGCCASM +/* + * This routine atomically increments the value stored in 'p' by 'val', and + * returns the previous value. + */ +static inline isc_int32_t +isc_atomic_xadd(isc_int32_t *p, int val) { + isc_int32_t orig; + + /* add is a cheat, since MIPS has no mov instruction */ + __asm__ volatile ( + "1:" + "ll $3, %1\n" + "add %0, $0, $3\n" + "add $3, $3, %2\n" + "sc $3, %1\n" + "beq $3, 0, 1b" + : "=&r"(orig) + : "m"(*p), "r"(val) + : "memory", "$3" + ); + + return (orig); +} + +/* + * This routine atomically stores the value 'val' in 'p'. + */ +static inline void +isc_atomic_store(isc_int32_t *p, isc_int32_t val) { + __asm__ volatile ( + "1:" + "ll $3, %0\n" + "add $3, $0, %1\n" + "sc $3, %0\n" + "beq $3, 0, 1b" + : + : "m"(*p), "r"(val) + : "memory", "$3" + ); +} + +/* + * This routine atomically replaces the value in 'p' with 'val', if the + * original value is equal to 'cmpval'. The original value is returned in any + * case. + */ +static inline isc_int32_t +isc_atomic_cmpxchg(isc_int32_t *p, int cmpval, int val) { + isc_int32_t orig; + + __asm__ volatile( + "1:" + "ll $3, %1\n" + "add %0, $0, $3\n" + "bne $3, %2, 2f\n" + "add $3, $0, %3\n" + "sc $3, %1\n" + "beq $3, 0, 1b\n" + "2:" + : "=&r"(orig) + : "m"(*p), "r"(cmpval), "r"(val) + : "memory", "$3" + ); + + return (orig); +} + +#else /* !ISC_PLATFORM_USEGCCASM */ + +#error "unsupported compiler. disable atomic ops by --disable-atomic" + +#endif +#endif /* ISC_ATOMIC_H */ diff --git a/usr.sbin/bind/lib/isc/mutexblock.c b/usr.sbin/bind/lib/isc/mutexblock.c index f4084a9d526..7f69f0a6838 100644 --- a/usr.sbin/bind/lib/isc/mutexblock.c +++ b/usr.sbin/bind/lib/isc/mutexblock.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: mutexblock.c,v 1.14.12.3 2004/03/08 09:04:49 marka Exp $ */ +/* $ISC: mutexblock.c,v 1.16.18.2 2005/04/29 00:16:47 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/netscope.c b/usr.sbin/bind/lib/isc/netscope.c index bdb75c87a93..c5ed7ccd3d3 100644 --- a/usr.sbin/bind/lib/isc/netscope.c +++ b/usr.sbin/bind/lib/isc/netscope.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,9 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/*! \file */ + #if defined(LIBC_SCCS) && !defined(lint) static char rcsid[] = - "$ISC: netscope.c,v 1.5.142.9 2006/08/25 05:25:50 marka Exp $"; + "$ISC: netscope.c,v 1.7.18.4 2006/08/25 05:25:51 marka Exp $"; #endif /* LIBC_SCCS and not lint */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/nls/Makefile.in b/usr.sbin/bind/lib/isc/nls/Makefile.in index d4c5373c092..dad24c43431 100644 --- a/usr.sbin/bind/lib/isc/nls/Makefile.in +++ b/usr.sbin/bind/lib/isc/nls/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.11.206.1 2004/03/06 08:14:50 marka Exp $ +# $ISC: Makefile.in,v 1.12 2004/03/05 05:11:05 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/isc/nls/msgcat.c b/usr.sbin/bind/lib/isc/nls/msgcat.c index 2dc62c09d53..faa5c93f1ef 100644 --- a/usr.sbin/bind/lib/isc/nls/msgcat.c +++ b/usr.sbin/bind/lib/isc/nls/msgcat.c @@ -15,10 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: msgcat.c,v 1.10.12.6 2005/06/09 23:54:31 marka Exp $ */ +/* $ISC: msgcat.c,v 1.13.18.3 2005/06/08 02:07:57 marka Exp $ */ -/* - * Principal Author: Bob Halley +/*! \file msgcat.c + * + * \author Principal Author: Bob Halley */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/noatomic/Makefile.in b/usr.sbin/bind/lib/isc/noatomic/Makefile.in new file mode 100644 index 00000000000..19a13a8cc02 --- /dev/null +++ b/usr.sbin/bind/lib/isc/noatomic/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = include +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/noatomic/include/Makefile.in b/usr.sbin/bind/lib/isc/noatomic/include/Makefile.in new file mode 100644 index 00000000000..26103230cdc --- /dev/null +++ b/usr.sbin/bind/lib/isc/noatomic/include/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = isc +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/noatomic/include/isc/Makefile.in b/usr.sbin/bind/lib/isc/noatomic/include/isc/Makefile.in new file mode 100644 index 00000000000..b571c74337e --- /dev/null +++ b/usr.sbin/bind/lib/isc/noatomic/include/isc/Makefile.in @@ -0,0 +1,36 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +@BIND9_VERSION@ + +HEADERS = atomic.h + +SUBDIRS = +TARGETS = + +@BIND9_MAKE_RULES@ + +installdirs: + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${includedir}/isc + +install:: installdirs + for i in ${HEADERS}; do \ + ${INSTALL_DATA} $(srcdir)/$$i ${DESTDIR}${includedir}/isc ; \ + done diff --git a/usr.sbin/bind/lib/isc/noatomic/include/isc/atomic.h b/usr.sbin/bind/lib/isc/noatomic/include/isc/atomic.h new file mode 100644 index 00000000000..aeb36131692 --- /dev/null +++ b/usr.sbin/bind/lib/isc/noatomic/include/isc/atomic.h @@ -0,0 +1,24 @@ +/* + * Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: atomic.h,v 1.2.2.1 2005/06/04 06:23:44 jinmei Exp $ */ + +#ifndef ISC_ATOMIC_H +#define ISC_ATOMIC_H 1 + +/* This file is inherently empty. */ + +#endif /* ISC_ATOMIC_H */ diff --git a/usr.sbin/bind/lib/isc/nothreads/Makefile.in b/usr.sbin/bind/lib/isc/nothreads/Makefile.in index e19c1b34603..df69e6f3ba6 100644 --- a/usr.sbin/bind/lib/isc/nothreads/Makefile.in +++ b/usr.sbin/bind/lib/isc/nothreads/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.4.206.1 2004/03/06 08:14:51 marka Exp $ +# $ISC: Makefile.in,v 1.5 2004/03/05 05:11:08 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/isc/nothreads/condition.c b/usr.sbin/bind/lib/isc/nothreads/condition.c index 21a19dd404a..54ea6f5f00f 100644 --- a/usr.sbin/bind/lib/isc/nothreads/condition.c +++ b/usr.sbin/bind/lib/isc/nothreads/condition.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: condition.c,v 1.4.12.5 2006/08/25 05:25:50 marka Exp $ */ +/* $ISC: condition.c,v 1.6.18.2 2006/08/25 05:25:51 marka Exp $ */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/nothreads/include/Makefile.in b/usr.sbin/bind/lib/isc/nothreads/include/Makefile.in index 96a37f5cc82..42afaa81155 100644 --- a/usr.sbin/bind/lib/isc/nothreads/include/Makefile.in +++ b/usr.sbin/bind/lib/isc/nothreads/include/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.2.206.1 2004/03/06 08:14:52 marka Exp $ +# $ISC: Makefile.in,v 1.3 2004/03/05 05:11:11 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/isc/nothreads/include/isc/Makefile.in b/usr.sbin/bind/lib/isc/nothreads/include/isc/Makefile.in index 5524a48ef1d..a314abd49c9 100644 --- a/usr.sbin/bind/lib/isc/nothreads/include/isc/Makefile.in +++ b/usr.sbin/bind/lib/isc/nothreads/include/isc/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.4.206.1 2004/03/06 08:14:52 marka Exp $ +# $ISC: Makefile.in,v 1.5 2004/03/05 05:11:13 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/isc/nothreads/include/isc/condition.h b/usr.sbin/bind/lib/isc/nothreads/include/isc/condition.h index 7608cfc3144..ab7fc9b854e 100644 --- a/usr.sbin/bind/lib/isc/nothreads/include/isc/condition.h +++ b/usr.sbin/bind/lib/isc/nothreads/include/isc/condition.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: condition.h,v 1.3.206.1 2004/03/06 08:14:52 marka Exp $ */ +/* $ISC: condition.h,v 1.4 2004/03/05 05:11:13 marka Exp $ */ /* * This provides a limited subset of the isc_condition_t diff --git a/usr.sbin/bind/lib/isc/nothreads/include/isc/mutex.h b/usr.sbin/bind/lib/isc/nothreads/include/isc/mutex.h index 0763c504f57..e5314096d3f 100644 --- a/usr.sbin/bind/lib/isc/nothreads/include/isc/mutex.h +++ b/usr.sbin/bind/lib/isc/nothreads/include/isc/mutex.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: mutex.h,v 1.3.206.1 2004/03/06 08:14:53 marka Exp $ */ +/* $ISC: mutex.h,v 1.4 2004/03/05 05:11:13 marka Exp $ */ #ifndef ISC_MUTEX_H #define ISC_MUTEX_H 1 diff --git a/usr.sbin/bind/lib/isc/nothreads/include/isc/once.h b/usr.sbin/bind/lib/isc/nothreads/include/isc/once.h index 534e2e59d0e..5bc72d0c797 100644 --- a/usr.sbin/bind/lib/isc/nothreads/include/isc/once.h +++ b/usr.sbin/bind/lib/isc/nothreads/include/isc/once.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: once.h,v 1.3.206.1 2004/03/06 08:14:53 marka Exp $ */ +/* $ISC: once.h,v 1.4 2004/03/05 05:11:13 marka Exp $ */ #ifndef ISC_ONCE_H #define ISC_ONCE_H 1 diff --git a/usr.sbin/bind/lib/isc/nothreads/include/isc/thread.h b/usr.sbin/bind/lib/isc/nothreads/include/isc/thread.h index aa3ed57b183..2e53c98f1b9 100644 --- a/usr.sbin/bind/lib/isc/nothreads/include/isc/thread.h +++ b/usr.sbin/bind/lib/isc/nothreads/include/isc/thread.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: thread.h,v 1.3.206.1 2004/03/06 08:14:53 marka Exp $ */ +/* $ISC: thread.h,v 1.4 2004/03/05 05:11:13 marka Exp $ */ #ifndef ISC_THREAD_H #define ISC_THREAD_H 1 diff --git a/usr.sbin/bind/lib/isc/nothreads/mutex.c b/usr.sbin/bind/lib/isc/nothreads/mutex.c index 3aab9fbb3cc..2977ea45b9e 100644 --- a/usr.sbin/bind/lib/isc/nothreads/mutex.c +++ b/usr.sbin/bind/lib/isc/nothreads/mutex.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: mutex.c,v 1.4.12.5 2006/08/25 05:25:50 marka Exp $ */ +/* $ISC: mutex.c,v 1.6.18.2 2006/08/25 05:25:51 marka Exp $ */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/nothreads/thread.c b/usr.sbin/bind/lib/isc/nothreads/thread.c index 75b18ee3e58..0d76adea89a 100644 --- a/usr.sbin/bind/lib/isc/nothreads/thread.c +++ b/usr.sbin/bind/lib/isc/nothreads/thread.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: thread.c,v 1.2.206.1 2004/03/06 08:14:52 marka Exp $ */ +/* $ISC: thread.c,v 1.3 2004/03/05 05:11:09 marka Exp $ */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/ondestroy.c b/usr.sbin/bind/lib/isc/ondestroy.c index bc8d883e303..58db6a3c2cb 100644 --- a/usr.sbin/bind/lib/isc/ondestroy.c +++ b/usr.sbin/bind/lib/isc/ondestroy.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ondestroy.c,v 1.11.206.1 2004/03/06 08:14:33 marka Exp $ */ +/* $ISC: ondestroy.c,v 1.12.18.2 2005/04/29 00:16:48 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/parseint.c b/usr.sbin/bind/lib/isc/parseint.c index 58d64a2c946..8cc269f8482 100644 --- a/usr.sbin/bind/lib/isc/parseint.c +++ b/usr.sbin/bind/lib/isc/parseint.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: parseint.c,v 1.3.26.5 2004/03/08 09:04:49 marka Exp $ */ +/* $ISC: parseint.c,v 1.4.18.2 2005/04/29 00:16:48 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/powerpc/Makefile.in b/usr.sbin/bind/lib/isc/powerpc/Makefile.in new file mode 100644 index 00000000000..19a13a8cc02 --- /dev/null +++ b/usr.sbin/bind/lib/isc/powerpc/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = include +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/powerpc/include/Makefile.in b/usr.sbin/bind/lib/isc/powerpc/include/Makefile.in new file mode 100644 index 00000000000..26103230cdc --- /dev/null +++ b/usr.sbin/bind/lib/isc/powerpc/include/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = isc +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/powerpc/include/isc/Makefile.in b/usr.sbin/bind/lib/isc/powerpc/include/isc/Makefile.in new file mode 100644 index 00000000000..b571c74337e --- /dev/null +++ b/usr.sbin/bind/lib/isc/powerpc/include/isc/Makefile.in @@ -0,0 +1,36 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +@BIND9_VERSION@ + +HEADERS = atomic.h + +SUBDIRS = +TARGETS = + +@BIND9_MAKE_RULES@ + +installdirs: + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${includedir}/isc + +install:: installdirs + for i in ${HEADERS}; do \ + ${INSTALL_DATA} $(srcdir)/$$i ${DESTDIR}${includedir}/isc ; \ + done diff --git a/usr.sbin/bind/lib/isc/powerpc/include/isc/atomic.h b/usr.sbin/bind/lib/isc/powerpc/include/isc/atomic.h new file mode 100644 index 00000000000..d65fa61cc8f --- /dev/null +++ b/usr.sbin/bind/lib/isc/powerpc/include/isc/atomic.h @@ -0,0 +1,160 @@ +/* + * Copyright (C) 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: atomic.h,v 1.1.6.6 2007/08/28 07:20:06 tbox Exp $ */ + +#ifndef ISC_ATOMIC_H +#define ISC_ATOMIC_H 1 + +#include <isc/platform.h> +#include <isc/types.h> + +/*!\file + * static inline isc_int32_t + * isc_atomic_xadd(isc_int32_t *p, isc_int32_t val); + * + * This routine atomically increments the value stored in 'p' by 'val', and + * returns the previous value. + * + * static inline void + * isc_atomic_store(void *p, isc_int32_t val); + * + * This routine atomically stores the value 'val' in 'p'. + * + * static inline isc_int32_t + * isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val); + * + * This routine atomically replaces the value in 'p' with 'val', if the + * original value is equal to 'cmpval'. The original value is returned in any + * case. + */ + +#if defined(_AIX) + +#include <sys/atomic_op.h> + +#define isc_atomic_xadd(p, v) fetch_and_add(p, v) +#define isc_atomic_store(p, v) _clear_lock(p, v) + +#ifdef __GNUC__ +static inline int +#else +static int +#endif +isc_atomic_cmpxchg(atomic_p p, int old, int new) { + int orig = old; + +#ifdef __GNUC__ + asm("ics"); +#else + __isync(); +#endif + if (compare_and_swap(p, &orig, new)) + return (old); + return (orig); +} + +#elif defined(ISC_PLATFORM_USEGCCASM) || defined(ISC_PLATFORM_USEMACASM) +static inline isc_int32_t +isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) { + isc_int32_t orig; + + __asm__ volatile ( +#ifdef ISC_PLATFORM_USEMACASM + "1:" + "lwarx r6, 0, %1\n" + "mr %0, r6\n" + "add r6, r6, %2\n" + "stwcx. r6, 0, %1\n" + "bne- 1b" +#else + "1:" + "lwarx 6, 0, %1\n" + "mr %0, 6\n" + "add 6, 6, %2\n" + "stwcx. 6, 0, %1\n" + "bne- 1b" +#endif + : "=&r"(orig) + : "r"(p), "r"(val) + : "r6", "memory" + ); + + return (orig); +} + +static inline void +isc_atomic_store(void *p, isc_int32_t val) { + __asm__ volatile ( +#ifdef ISC_PLATFORM_USEMACASM + "1:" + "lwarx r6, 0, %0\n" + "lwz r6, %1\n" + "stwcx. r6, 0, %0\n" + "bne- 1b" +#else + "1:" + "lwarx 6, 0, %0\n" + "lwz 6, %1\n" + "stwcx. 6, 0, %0\n" + "bne- 1b" +#endif + : + : "r"(p), "m"(val) + : "r6", "memory" + ); +} + +static inline isc_int32_t +isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val) { + isc_int32_t orig; + + __asm__ volatile ( +#ifdef ISC_PLATFORM_USEMACASM + "1:" + "lwarx r6, 0, %1\n" + "mr %0,r6\n" + "cmpw r6, %2\n" + "bne 2f\n" + "mr r6, %3\n" + "stwcx. r6, 0, %1\n" + "bne- 1b\n" + "2:" +#else + "1:" + "lwarx 6, 0, %1\n" + "mr %0,6\n" + "cmpw 6, %2\n" + "bne 2f\n" + "mr 6, %3\n" + "stwcx. 6, 0, %1\n" + "bne- 1b\n" + "2:" +#endif + : "=&r" (orig) + : "r"(p), "r"(cmpval), "r"(val) + : "r6", "memory" + ); + + return (orig); +} + +#else + +#error "unsupported compiler. disable atomic ops by --disable-atomic" + +#endif +#endif /* ISC_ATOMIC_H */ diff --git a/usr.sbin/bind/lib/isc/pthreads/Makefile.in b/usr.sbin/bind/lib/isc/pthreads/Makefile.in index 8c2988429e2..d0d05d235e5 100644 --- a/usr.sbin/bind/lib/isc/pthreads/Makefile.in +++ b/usr.sbin/bind/lib/isc/pthreads/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.16.206.1 2004/03/06 08:14:53 marka Exp $ +# $ISC: Makefile.in,v 1.17 2004/03/05 05:11:16 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/isc/pthreads/condition.c b/usr.sbin/bind/lib/isc/pthreads/condition.c index f2c8984171d..ece306fcbc9 100644 --- a/usr.sbin/bind/lib/isc/pthreads/condition.c +++ b/usr.sbin/bind/lib/isc/pthreads/condition.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: condition.c,v 1.30.2.1.10.1 2004/03/06 08:14:53 marka Exp $ */ +/* $ISC: condition.c,v 1.32.18.2 2005/04/29 00:17:05 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -44,7 +46,7 @@ isc_condition_waituntil(isc_condition_t *c, isc_mutex_t *m, isc_time_t *t) { if (result != ISC_R_SUCCESS) return (result); - /* + /*! * POSIX defines a timespec's tv_nsec as long. isc_time_nanoseconds * ensures its return value is < 1 billion, which will fit in a long. */ diff --git a/usr.sbin/bind/lib/isc/pthreads/include/Makefile.in b/usr.sbin/bind/lib/isc/pthreads/include/Makefile.in index b6fb3d11850..b69cb323f50 100644 --- a/usr.sbin/bind/lib/isc/pthreads/include/Makefile.in +++ b/usr.sbin/bind/lib/isc/pthreads/include/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.11.206.1 2004/03/06 08:14:54 marka Exp $ +# $ISC: Makefile.in,v 1.12 2004/03/05 05:11:19 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/isc/pthreads/include/isc/Makefile.in b/usr.sbin/bind/lib/isc/pthreads/include/isc/Makefile.in index c89662bed1b..e130b5772a8 100644 --- a/usr.sbin/bind/lib/isc/pthreads/include/isc/Makefile.in +++ b/usr.sbin/bind/lib/isc/pthreads/include/isc/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.13.206.1 2004/03/06 08:14:56 marka Exp $ +# $ISC: Makefile.in,v 1.14 2004/03/05 05:11:40 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/isc/pthreads/include/isc/condition.h b/usr.sbin/bind/lib/isc/pthreads/include/isc/condition.h index 543ded66ea7..ed6744d612b 100644 --- a/usr.sbin/bind/lib/isc/pthreads/include/isc/condition.h +++ b/usr.sbin/bind/lib/isc/pthreads/include/isc/condition.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: condition.h,v 1.21.206.1 2004/03/06 08:14:56 marka Exp $ */ +/* $ISC: condition.h,v 1.22.18.2 2005/04/29 00:17:05 marka Exp $ */ #ifndef ISC_CONDITION_H #define ISC_CONDITION_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/mutex.h> #include <isc/result.h> diff --git a/usr.sbin/bind/lib/isc/pthreads/include/isc/mutex.h b/usr.sbin/bind/lib/isc/pthreads/include/isc/mutex.h index e56e1a486d0..69f0e7e2b8c 100644 --- a/usr.sbin/bind/lib/isc/pthreads/include/isc/mutex.h +++ b/usr.sbin/bind/lib/isc/pthreads/include/isc/mutex.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,17 +15,22 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: mutex.h,v 1.23.26.3 2004/03/08 09:04:55 marka Exp $ */ +/* $ISC: mutex.h,v 1.25.18.3 2005/07/12 01:22:33 marka Exp $ */ #ifndef ISC_MUTEX_H #define ISC_MUTEX_H 1 +/*! \file */ + #include <pthread.h> #include <stdio.h> +#include <isc/lang.h> #include <isc/result.h> /* for ISC_R_ codes */ -/* +ISC_LANG_BEGINDECLS + +/*! * Supply mutex attributes that enable deadlock detection * (helpful when debugging). This is system dependent and * currently only supported on NetBSD. @@ -39,7 +44,7 @@ extern pthread_mutexattr_t isc__mutex_attrs; /* XXX We could do fancier error handling... */ -/* +/*! * Define ISC_MUTEX_PROFILE to turn on profiling of mutexes by line. When * enabled, isc_mutex_stats() can be used to print a table showing the * number of times each type of mutex was locked and the amount of time @@ -53,8 +58,8 @@ extern pthread_mutexattr_t isc__mutex_attrs; typedef struct isc_mutexstats isc_mutexstats_t; typedef struct { - pthread_mutex_t mutex; /* The actual mutex. */ - isc_mutexstats_t * stats; /* Mutex statistics. */ + pthread_mutex_t mutex; /*%< The actual mutex. */ + isc_mutexstats_t * stats; /*%< Mutex statistics. */ } isc_mutex_t; #else typedef pthread_mutex_t isc_mutex_t; @@ -70,8 +75,8 @@ typedef pthread_mutex_t isc_mutex_t; isc_mutex_init_errcheck((mp)) #else #define isc_mutex_init(mp) \ - ((pthread_mutex_init((mp), ISC__MUTEX_ATTRS) == 0) ? \ - ISC_R_SUCCESS : ISC_R_UNEXPECTED) + isc__mutex_init((mp), __FILE__, __LINE__) +isc_result_t isc__mutex_init(isc_mutex_t *mp, const char *file, unsigned int line); #endif #endif @@ -136,4 +141,5 @@ isc_mutex_init_errcheck(isc_mutex_t *mp); #endif /* ISC_MUTEX_PROFILE */ +ISC_LANG_ENDDECLS #endif /* ISC_MUTEX_H */ diff --git a/usr.sbin/bind/lib/isc/pthreads/include/isc/once.h b/usr.sbin/bind/lib/isc/pthreads/include/isc/once.h index d1efd90ee50..d0fccd5584c 100644 --- a/usr.sbin/bind/lib/isc/pthreads/include/isc/once.h +++ b/usr.sbin/bind/lib/isc/pthreads/include/isc/once.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: once.h,v 1.8.206.1 2004/03/06 08:14:57 marka Exp $ */ +/* $ISC: once.h,v 1.9.18.2 2005/04/29 00:17:06 marka Exp $ */ #ifndef ISC_ONCE_H #define ISC_ONCE_H 1 +/*! \file */ + #include <pthread.h> #include <isc/platform.h> @@ -28,12 +30,12 @@ typedef pthread_once_t isc_once_t; #ifdef ISC_PLATFORM_BRACEPTHREADONCEINIT -/* +/*! * This accomodates systems that define PTHRAD_ONCE_INIT improperly. */ #define ISC_ONCE_INIT { PTHREAD_ONCE_INIT } #else -/* +/*! * This is the usual case. */ #define ISC_ONCE_INIT PTHREAD_ONCE_INIT diff --git a/usr.sbin/bind/lib/isc/pthreads/include/isc/thread.h b/usr.sbin/bind/lib/isc/pthreads/include/isc/thread.h index 5bdfc8084d3..4e2ea153d12 100644 --- a/usr.sbin/bind/lib/isc/pthreads/include/isc/thread.h +++ b/usr.sbin/bind/lib/isc/pthreads/include/isc/thread.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: thread.h,v 1.19.206.1 2004/03/06 08:14:57 marka Exp $ */ +/* $ISC: thread.h,v 1.20.18.4 2005/09/18 07:58:08 marka Exp $ */ #ifndef ISC_THREAD_H #define ISC_THREAD_H 1 +/*! \file */ + #include <pthread.h> #include <isc/lang.h> @@ -31,6 +33,7 @@ typedef pthread_t isc_thread_t; typedef void * isc_threadresult_t; typedef void * isc_threadarg_t; typedef isc_threadresult_t (*isc_threadfunc_t)(isc_threadarg_t); +typedef pthread_key_t isc_thread_key_t; isc_result_t isc_thread_create(isc_threadfunc_t, isc_threadarg_t, isc_thread_t *); @@ -47,6 +50,11 @@ isc_thread_setconcurrency(unsigned int level); #define isc_thread_self \ (unsigned long)pthread_self +#define isc_thread_key_create pthread_key_create +#define isc_thread_key_getspecific pthread_getspecific +#define isc_thread_key_setspecific pthread_setspecific +#define isc_thread_key_delete pthread_key_delete + ISC_LANG_ENDDECLS #endif /* ISC_THREAD_H */ diff --git a/usr.sbin/bind/lib/isc/pthreads/mutex.c b/usr.sbin/bind/lib/isc/pthreads/mutex.c index 70e132d3af3..58a603e57d7 100644 --- a/usr.sbin/bind/lib/isc/pthreads/mutex.c +++ b/usr.sbin/bind/lib/isc/pthreads/mutex.c @@ -15,20 +15,25 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: mutex.c,v 1.6.26.5 2005/03/17 03:58:32 marka Exp $ */ +/* $ISC: mutex.c,v 1.8.18.4 2005/07/12 01:22:32 marka Exp $ */ + +/*! \file */ #include <config.h> #include <stdio.h> #include <time.h> #include <sys/time.h> +#include <errno.h> #include <isc/mutex.h> #include <isc/util.h> +#include <isc/strerror.h> #if ISC_MUTEX_PROFILE -/* Operations on timevals; adapted from FreeBSD's sys/time.h */ +/*@{*/ +/*% Operations on timevals; adapted from FreeBSD's sys/time.h */ #define timevalclear(tvp) ((tvp)->tv_sec = (tvp)->tv_usec = 0) #define timevaladd(vvp, uvp) \ do { \ @@ -49,6 +54,8 @@ } \ } while (0) +/*@}*/ + #define ISC_MUTEX_MAX_LOCKERS 32 typedef struct { @@ -60,8 +67,8 @@ typedef struct { } isc_mutexlocker_t; struct isc_mutexstats { - const char * file; /* File mutex was created in. */ - int line; /* Line mutex was created on. */ + const char * file; /*%< File mutex was created in. */ + int line; /*%< Line mutex was created on. */ unsigned count; struct timeval lock_t; struct timeval locked_total; @@ -78,10 +85,13 @@ static pthread_mutex_t statslock = PTHREAD_MUTEX_INITIALIZER; isc_result_t isc_mutex_init_profile(isc_mutex_t *mp, const char *file, int line) { - int i; + int i, err; - if (pthread_mutex_init(&mp->mutex, NULL) != 0) - return ISC_R_UNEXPECTED; + err = pthread_mutex_init(&mp->mutex, NULL); + if (err == ENOMEM) + return (ISC_R_NOMEMORY); + if (err != 0) + return (ISC_R_UNEXPECTED); RUNTIME_CHECK(pthread_mutex_lock(&statslock) == 0); @@ -116,7 +126,7 @@ isc_mutex_init_profile(isc_mutex_t *mp, const char *file, int line) { timevalclear(&mp->stats->lockers[i].wait_total); } - return ISC_R_SUCCESS; + return (ISC_R_SUCCESS); } isc_result_t @@ -159,7 +169,7 @@ isc_mutex_lock_profile(isc_mutex_t *mp, const char *file, int line) { mp->stats->cur_locker = locker; - return ISC_R_SUCCESS; + return (ISC_R_SUCCESS); } isc_result_t @@ -219,17 +229,18 @@ isc_result_t isc_mutex_init_errcheck(isc_mutex_t *mp) { pthread_mutexattr_t attr; + int err; if (pthread_mutexattr_init(&attr) != 0) - return ISC_R_UNEXPECTED; + return (ISC_R_UNEXPECTED); if (pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_ERRORCHECK) != 0) - return ISC_R_UNEXPECTED; + return (ISC_R_UNEXPECTED); - if (pthread_mutex_init(mp, &attr) != 0) - return ISC_R_UNEXPECTED; - - return ISC_R_SUCCESS; + err = pthread_mutex_init(mp, &attr) != 0) + if (err == ENOMEM) + return (ISC_R_NOMEMORY); + return ((err == 0) ? ISC_R_SUCCESS : ISC_R_UNEXPECTED); } #endif @@ -239,3 +250,21 @@ pthread_mutexattr_t isc__mutex_attrs = { 0 /* m_flags, which appears to be unused. */ }; #endif + +isc_result_t +isc__mutex_init(isc_mutex_t *mp, const char *file, unsigned int line) { + char strbuf[ISC_STRERRORSIZE]; + isc_result_t result = ISC_R_SUCCESS; + int err; + + err = pthread_mutex_init(mp, ISC__MUTEX_ATTRS); + if (err == ENOMEM) + return (ISC_R_NOMEMORY); + if (err != 0) { + isc__strerror(errno, strbuf, sizeof(strbuf)); + UNEXPECTED_ERROR(file, line, "isc_mutex_init() failed: %s", + strbuf); + result = ISC_R_UNEXPECTED; + } + return (result); +} diff --git a/usr.sbin/bind/lib/isc/quota.c b/usr.sbin/bind/lib/isc/quota.c index 51fb6080045..ba082234327 100644 --- a/usr.sbin/bind/lib/isc/quota.c +++ b/usr.sbin/bind/lib/isc/quota.c @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: quota.c,v 1.11.12.5 2005/07/29 00:13:09 marka Exp $ */ +/* $ISC: quota.c,v 1.13.18.3 2005/07/27 02:44:21 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/ratelimiter.c b/usr.sbin/bind/lib/isc/ratelimiter.c index 3b7de219563..83310e635ea 100644 --- a/usr.sbin/bind/lib/isc/ratelimiter.c +++ b/usr.sbin/bind/lib/isc/ratelimiter.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ratelimiter.c,v 1.18.14.4 2004/03/08 09:04:50 marka Exp $ */ +/* $ISC: ratelimiter.c,v 1.21.18.2 2005/04/29 00:16:49 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/refcount.c b/usr.sbin/bind/lib/isc/refcount.c new file mode 100644 index 00000000000..c1b57cc308f --- /dev/null +++ b/usr.sbin/bind/lib/isc/refcount.c @@ -0,0 +1,37 @@ +/* + * Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: refcount.c,v 1.2.2.2 2005/07/25 00:51:46 marka Exp $ */ + +#include <config.h> + +#include <stddef.h> + +#include <isc/mutex.h> +#include <isc/refcount.h> +#include <isc/result.h> + +isc_result_t +isc_refcount_init(isc_refcount_t *ref, unsigned int n) { + REQUIRE(ref != NULL); + + ref->refs = n; +#if defined(ISC_PLATFORM_USETHREADS) && !defined(ISC_PLATFORM_HAVEXADD) + return (isc_mutex_init(&ref->lock)); +#else + return (ISC_R_SUCCESS); +#endif +} diff --git a/usr.sbin/bind/lib/isc/region.c b/usr.sbin/bind/lib/isc/region.c index a744c079bd6..88ec1955529 100644 --- a/usr.sbin/bind/lib/isc/region.c +++ b/usr.sbin/bind/lib/isc/region.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: region.c,v 1.2.202.3 2004/03/08 09:04:50 marka Exp $ */ +/* $ISC: region.c,v 1.3.18.2 2005/04/29 00:16:49 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/result.c b/usr.sbin/bind/lib/isc/result.c index da8ec55adc8..834327bb691 100644 --- a/usr.sbin/bind/lib/isc/result.c +++ b/usr.sbin/bind/lib/isc/result.c @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: result.c,v 1.56.2.2.8.9 2005/06/09 23:54:30 marka Exp $ */ +/* $ISC: result.c,v 1.62.18.6 2005/06/22 22:05:48 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -39,66 +41,66 @@ typedef struct resulttable { } resulttable; static const char *text[ISC_R_NRESULTS] = { - "success", /* 0 */ - "out of memory", /* 1 */ - "timed out", /* 2 */ - "no available threads", /* 3 */ - "address not available", /* 4 */ - "address in use", /* 5 */ - "permission denied", /* 6 */ - "no pending connections", /* 7 */ - "network unreachable", /* 8 */ - "host unreachable", /* 9 */ - "network down", /* 10 */ - "host down", /* 11 */ - "connection refused", /* 12 */ - "not enough free resources", /* 13 */ - "end of file", /* 14 */ - "socket already bound", /* 15 */ - "reload", /* 16 */ - "lock busy", /* 17 */ - "already exists", /* 18 */ - "ran out of space", /* 19 */ - "operation canceled", /* 20 */ - "socket is not bound", /* 21 */ - "shutting down", /* 22 */ - "not found", /* 23 */ - "unexpected end of input", /* 24 */ - "failure", /* 25 */ - "I/O error", /* 26 */ - "not implemented", /* 27 */ - "unbalanced parentheses", /* 28 */ - "no more", /* 29 */ - "invalid file", /* 30 */ - "bad base64 encoding", /* 31 */ - "unexpected token", /* 32 */ - "quota reached", /* 33 */ - "unexpected error", /* 34 */ - "already running", /* 35 */ - "ignore", /* 36 */ - "address mask not contiguous", /* 37 */ - "file not found", /* 38 */ - "file already exists", /* 39 */ - "socket is not connected", /* 40 */ - "out of range", /* 41 */ - "out of entropy", /* 42 */ - "invalid use of multicast address", /* 43 */ - "not a file", /* 44 */ - "not a directory", /* 45 */ - "queue is full", /* 46 */ - "address family mismatch", /* 47 */ - "address family not supported", /* 48 */ - "bad hex encoding", /* 49 */ - "too many open files", /* 50 */ - "not blocking", /* 51 */ - "unbalanced quotes", /* 52 */ - "operation in progress", /* 53 */ - "connection reset", /* 54 */ - "soft quota reached", /* 55 */ - "not a valid number", /* 56 */ - "disabled", /* 57 */ - "max size", /* 58 */ - "invalid address format" /* 59 */ + "success", /*%< 0 */ + "out of memory", /*%< 1 */ + "timed out", /*%< 2 */ + "no available threads", /*%< 3 */ + "address not available", /*%< 4 */ + "address in use", /*%< 5 */ + "permission denied", /*%< 6 */ + "no pending connections", /*%< 7 */ + "network unreachable", /*%< 8 */ + "host unreachable", /*%< 9 */ + "network down", /*%< 10 */ + "host down", /*%< 11 */ + "connection refused", /*%< 12 */ + "not enough free resources", /*%< 13 */ + "end of file", /*%< 14 */ + "socket already bound", /*%< 15 */ + "reload", /*%< 16 */ + "lock busy", /*%< 17 */ + "already exists", /*%< 18 */ + "ran out of space", /*%< 19 */ + "operation canceled", /*%< 20 */ + "socket is not bound", /*%< 21 */ + "shutting down", /*%< 22 */ + "not found", /*%< 23 */ + "unexpected end of input", /*%< 24 */ + "failure", /*%< 25 */ + "I/O error", /*%< 26 */ + "not implemented", /*%< 27 */ + "unbalanced parentheses", /*%< 28 */ + "no more", /*%< 29 */ + "invalid file", /*%< 30 */ + "bad base64 encoding", /*%< 31 */ + "unexpected token", /*%< 32 */ + "quota reached", /*%< 33 */ + "unexpected error", /*%< 34 */ + "already running", /*%< 35 */ + "ignore", /*%< 36 */ + "address mask not contiguous", /*%< 37 */ + "file not found", /*%< 38 */ + "file already exists", /*%< 39 */ + "socket is not connected", /*%< 40 */ + "out of range", /*%< 41 */ + "out of entropy", /*%< 42 */ + "invalid use of multicast address", /*%< 43 */ + "not a file", /*%< 44 */ + "not a directory", /*%< 45 */ + "queue is full", /*%< 46 */ + "address family mismatch", /*%< 47 */ + "address family not supported", /*%< 48 */ + "bad hex encoding", /*%< 49 */ + "too many open files", /*%< 50 */ + "not blocking", /*%< 51 */ + "unbalanced quotes", /*%< 52 */ + "operation in progress", /*%< 53 */ + "connection reset", /*%< 54 */ + "soft quota reached", /*%< 55 */ + "not a valid number", /*%< 56 */ + "disabled", /*%< 57 */ + "max size", /*%< 58 */ + "invalid address format" /*%< 59 */ }; #define ISC_RESULT_RESULTSET 2 diff --git a/usr.sbin/bind/lib/isc/serial.c b/usr.sbin/bind/lib/isc/serial.c index ec431a03139..abb64d4f2b5 100644 --- a/usr.sbin/bind/lib/isc/serial.c +++ b/usr.sbin/bind/lib/isc/serial.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,10 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: serial.c,v 1.7.206.1 2004/03/06 08:14:35 marka Exp $ */ +/* $ISC: serial.c,v 1.8.18.2 2005/04/29 00:16:49 marka Exp $ */ + +/*! \file */ + #include <config.h> #include <isc/serial.h> diff --git a/usr.sbin/bind/lib/isc/sha2.c b/usr.sbin/bind/lib/isc/sha2.c new file mode 100644 index 00000000000..3759f630db3 --- /dev/null +++ b/usr.sbin/bind/lib/isc/sha2.c @@ -0,0 +1,1234 @@ +/* + * Copyright (C) 2005, 2006 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: sha2.c,v 1.2.2.12 2006/08/16 03:18:14 marka Exp $ */ + +/* $FreeBSD: src/sys/crypto/sha2/sha2.c,v 1.2.2.2 2002/03/05 08:36:47 ume Exp $ */ +/* $KAME: sha2.c,v 1.8 2001/11/08 01:07:52 itojun Exp $ */ + +/* + * sha2.c + * + * Version 1.0.0beta1 + * + * Written by Aaron D. Gifford <me@aarongifford.com> + * + * Copyright 2000 Aaron D. Gifford. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the names of contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTOR(S) ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) OR CONTRIBUTOR(S) BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ + + +#include <config.h> + +#include <isc/assertions.h> +#include <isc/sha2.h> +#include <isc/string.h> +#include <isc/util.h> + +/* + * UNROLLED TRANSFORM LOOP NOTE: + * You can define SHA2_UNROLL_TRANSFORM to use the unrolled transform + * loop version for the hash transform rounds (defined using macros + * later in this file). Either define on the command line, for example: + * + * cc -DISC_SHA2_UNROLL_TRANSFORM -o sha2 sha2.c sha2prog.c + * + * or define below: + * + * #define ISC_SHA2_UNROLL_TRANSFORM + * + */ + +/*** SHA-256/384/512 Machine Architecture Definitions *****************/ +/* + * BYTE_ORDER NOTE: + * + * Please make sure that your system defines BYTE_ORDER. If your + * architecture is little-endian, make sure it also defines + * LITTLE_ENDIAN and that the two (BYTE_ORDER and LITTLE_ENDIAN) are + * equivilent. + * + * If your system does not define the above, then you can do so by + * hand like this: + * + * #define LITTLE_ENDIAN 1234 + * #define BIG_ENDIAN 4321 + * + * And for little-endian machines, add: + * + * #define BYTE_ORDER LITTLE_ENDIAN + * + * Or for big-endian machines: + * + * #define BYTE_ORDER BIG_ENDIAN + * + * The FreeBSD machine this was written on defines BYTE_ORDER + * appropriately by including <sys/types.h> (which in turn includes + * <machine/endian.h> where the appropriate definitions are actually + * made). + */ +#if !defined(BYTE_ORDER) || (BYTE_ORDER != LITTLE_ENDIAN && BYTE_ORDER != BIG_ENDIAN) +#ifndef BYTE_ORDER +#ifndef BIG_ENDIAN +#define BIG_ENDIAN 4321 +#endif +#ifndef LITTLE_ENDIAN +#define LITTLE_ENDIAN 1234 +#endif +#ifdef WORDS_BIGENDIAN +#define BYTE_ORDER BIG_ENDIAN +#else +#define BYTE_ORDER LITTLE_ENDIAN +#endif +#else +#error Define BYTE_ORDER to be equal to either LITTLE_ENDIAN or BIG_ENDIAN +#endif +#endif + +/*** SHA-256/384/512 Various Length Definitions ***********************/ +/* NOTE: Most of these are in sha2.h */ +#define ISC_SHA256_SHORT_BLOCK_LENGTH (ISC_SHA256_BLOCK_LENGTH - 8) +#define ISC_SHA384_SHORT_BLOCK_LENGTH (ISC_SHA384_BLOCK_LENGTH - 16) +#define ISC_SHA512_SHORT_BLOCK_LENGTH (ISC_SHA512_BLOCK_LENGTH - 16) + + +/*** ENDIAN REVERSAL MACROS *******************************************/ +#if BYTE_ORDER == LITTLE_ENDIAN +#define REVERSE32(w,x) { \ + isc_uint32_t tmp = (w); \ + tmp = (tmp >> 16) | (tmp << 16); \ + (x) = ((tmp & 0xff00ff00UL) >> 8) | ((tmp & 0x00ff00ffUL) << 8); \ +} +#ifdef WIN32 +#define REVERSE64(w,x) { \ + isc_uint64_t tmp = (w); \ + tmp = (tmp >> 32) | (tmp << 32); \ + tmp = ((tmp & 0xff00ff00ff00ff00UL) >> 8) | \ + ((tmp & 0x00ff00ff00ff00ffUL) << 8); \ + (x) = ((tmp & 0xffff0000ffff0000UL) >> 16) | \ + ((tmp & 0x0000ffff0000ffffUL) << 16); \ +} +#else +#define REVERSE64(w,x) { \ + isc_uint64_t tmp = (w); \ + tmp = (tmp >> 32) | (tmp << 32); \ + tmp = ((tmp & 0xff00ff00ff00ff00ULL) >> 8) | \ + ((tmp & 0x00ff00ff00ff00ffULL) << 8); \ + (x) = ((tmp & 0xffff0000ffff0000ULL) >> 16) | \ + ((tmp & 0x0000ffff0000ffffULL) << 16); \ +} +#endif +#endif /* BYTE_ORDER == LITTLE_ENDIAN */ + +/* + * Macro for incrementally adding the unsigned 64-bit integer n to the + * unsigned 128-bit integer (represented using a two-element array of + * 64-bit words): + */ +#define ADDINC128(w,n) { \ + (w)[0] += (isc_uint64_t)(n); \ + if ((w)[0] < (n)) { \ + (w)[1]++; \ + } \ +} + +/*** THE SIX LOGICAL FUNCTIONS ****************************************/ +/* + * Bit shifting and rotation (used by the six SHA-XYZ logical functions: + * + * NOTE: The naming of R and S appears backwards here (R is a SHIFT and + * S is a ROTATION) because the SHA-256/384/512 description document + * (see http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf) uses this + * same "backwards" definition. + */ +/* Shift-right (used in SHA-256, SHA-384, and SHA-512): */ +#define R(b,x) ((x) >> (b)) +/* 32-bit Rotate-right (used in SHA-256): */ +#define S32(b,x) (((x) >> (b)) | ((x) << (32 - (b)))) +/* 64-bit Rotate-right (used in SHA-384 and SHA-512): */ +#define S64(b,x) (((x) >> (b)) | ((x) << (64 - (b)))) + +/* Two of six logical functions used in SHA-256, SHA-384, and SHA-512: */ +#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) +#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) + +/* Four of six logical functions used in SHA-256: */ +#define Sigma0_256(x) (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x))) +#define Sigma1_256(x) (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x))) +#define sigma0_256(x) (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x))) +#define sigma1_256(x) (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x))) + +/* Four of six logical functions used in SHA-384 and SHA-512: */ +#define Sigma0_512(x) (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x))) +#define Sigma1_512(x) (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x))) +#define sigma0_512(x) (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x))) +#define sigma1_512(x) (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x))) + +/*** INTERNAL FUNCTION PROTOTYPES *************************************/ +/* NOTE: These should not be accessed directly from outside this + * library -- they are intended for private internal visibility/use + * only. + */ +void isc_sha512_last(isc_sha512_t *); +void isc_sha256_transform(isc_sha256_t *, const isc_uint32_t*); +void isc_sha512_transform(isc_sha512_t *, const isc_uint64_t*); + + +/*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/ +/* Hash constant words K for SHA-224 and SHA-256: */ +static const isc_uint32_t K256[64] = { + 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, + 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, + 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL, + 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL, + 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL, + 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, + 0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, + 0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL, + 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL, + 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL, + 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, + 0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, + 0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL, + 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL, + 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, + 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL +}; + +/* Initial hash value H for SHA-224: */ +static const isc_uint32_t sha224_initial_hash_value[8] = { + 0xc1059ed8UL, + 0x367cd507UL, + 0x3070dd17UL, + 0xf70e5939UL, + 0xffc00b31UL, + 0x68581511UL, + 0x64f98fa7UL, + 0xbefa4fa4UL +}; + +/* Initial hash value H for SHA-256: */ +static const isc_uint32_t sha256_initial_hash_value[8] = { + 0x6a09e667UL, + 0xbb67ae85UL, + 0x3c6ef372UL, + 0xa54ff53aUL, + 0x510e527fUL, + 0x9b05688cUL, + 0x1f83d9abUL, + 0x5be0cd19UL +}; + +#ifdef WIN32 +/* Hash constant words K for SHA-384 and SHA-512: */ +static const isc_uint64_t K512[80] = { + 0x428a2f98d728ae22UL, 0x7137449123ef65cdUL, + 0xb5c0fbcfec4d3b2fUL, 0xe9b5dba58189dbbcUL, + 0x3956c25bf348b538UL, 0x59f111f1b605d019UL, + 0x923f82a4af194f9bUL, 0xab1c5ed5da6d8118UL, + 0xd807aa98a3030242UL, 0x12835b0145706fbeUL, + 0x243185be4ee4b28cUL, 0x550c7dc3d5ffb4e2UL, + 0x72be5d74f27b896fUL, 0x80deb1fe3b1696b1UL, + 0x9bdc06a725c71235UL, 0xc19bf174cf692694UL, + 0xe49b69c19ef14ad2UL, 0xefbe4786384f25e3UL, + 0x0fc19dc68b8cd5b5UL, 0x240ca1cc77ac9c65UL, + 0x2de92c6f592b0275UL, 0x4a7484aa6ea6e483UL, + 0x5cb0a9dcbd41fbd4UL, 0x76f988da831153b5UL, + 0x983e5152ee66dfabUL, 0xa831c66d2db43210UL, + 0xb00327c898fb213fUL, 0xbf597fc7beef0ee4UL, + 0xc6e00bf33da88fc2UL, 0xd5a79147930aa725UL, + 0x06ca6351e003826fUL, 0x142929670a0e6e70UL, + 0x27b70a8546d22ffcUL, 0x2e1b21385c26c926UL, + 0x4d2c6dfc5ac42aedUL, 0x53380d139d95b3dfUL, + 0x650a73548baf63deUL, 0x766a0abb3c77b2a8UL, + 0x81c2c92e47edaee6UL, 0x92722c851482353bUL, + 0xa2bfe8a14cf10364UL, 0xa81a664bbc423001UL, + 0xc24b8b70d0f89791UL, 0xc76c51a30654be30UL, + 0xd192e819d6ef5218UL, 0xd69906245565a910UL, + 0xf40e35855771202aUL, 0x106aa07032bbd1b8UL, + 0x19a4c116b8d2d0c8UL, 0x1e376c085141ab53UL, + 0x2748774cdf8eeb99UL, 0x34b0bcb5e19b48a8UL, + 0x391c0cb3c5c95a63UL, 0x4ed8aa4ae3418acbUL, + 0x5b9cca4f7763e373UL, 0x682e6ff3d6b2b8a3UL, + 0x748f82ee5defb2fcUL, 0x78a5636f43172f60UL, + 0x84c87814a1f0ab72UL, 0x8cc702081a6439ecUL, + 0x90befffa23631e28UL, 0xa4506cebde82bde9UL, + 0xbef9a3f7b2c67915UL, 0xc67178f2e372532bUL, + 0xca273eceea26619cUL, 0xd186b8c721c0c207UL, + 0xeada7dd6cde0eb1eUL, 0xf57d4f7fee6ed178UL, + 0x06f067aa72176fbaUL, 0x0a637dc5a2c898a6UL, + 0x113f9804bef90daeUL, 0x1b710b35131c471bUL, + 0x28db77f523047d84UL, 0x32caab7b40c72493UL, + 0x3c9ebe0a15c9bebcUL, 0x431d67c49c100d4cUL, + 0x4cc5d4becb3e42b6UL, 0x597f299cfc657e2aUL, + 0x5fcb6fab3ad6faecUL, 0x6c44198c4a475817UL +}; + +/* Initial hash value H for SHA-384: */ +static const isc_uint64_t sha384_initial_hash_value[8] = { + 0xcbbb9d5dc1059ed8UL, + 0x629a292a367cd507UL, + 0x9159015a3070dd17UL, + 0x152fecd8f70e5939UL, + 0x67332667ffc00b31UL, + 0x8eb44a8768581511UL, + 0xdb0c2e0d64f98fa7UL, + 0x47b5481dbefa4fa4UL +}; + +/* Initial hash value H for SHA-512: */ +static const isc_uint64_t sha512_initial_hash_value[8] = { + 0x6a09e667f3bcc908U, + 0xbb67ae8584caa73bUL, + 0x3c6ef372fe94f82bUL, + 0xa54ff53a5f1d36f1UL, + 0x510e527fade682d1UL, + 0x9b05688c2b3e6c1fUL, + 0x1f83d9abfb41bd6bUL, + 0x5be0cd19137e2179UL +}; +#else +/* Hash constant words K for SHA-384 and SHA-512: */ +static const isc_uint64_t K512[80] = { + 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, + 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, + 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, + 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, + 0xd807aa98a3030242ULL, 0x12835b0145706fbeULL, + 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, + 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, + 0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL, + 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, + 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, + 0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL, + 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, + 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, + 0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL, + 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, + 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, + 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL, + 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, + 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, + 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL, + 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, + 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, + 0xd192e819d6ef5218ULL, 0xd69906245565a910ULL, + 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, + 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, + 0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL, + 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, + 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, + 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL, + 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, + 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, + 0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL, + 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, + 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, + 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL, + 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, + 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, + 0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL, + 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, + 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL +}; + +/* Initial hash value H for SHA-384: */ +static const isc_uint64_t sha384_initial_hash_value[8] = { + 0xcbbb9d5dc1059ed8ULL, + 0x629a292a367cd507ULL, + 0x9159015a3070dd17ULL, + 0x152fecd8f70e5939ULL, + 0x67332667ffc00b31ULL, + 0x8eb44a8768581511ULL, + 0xdb0c2e0d64f98fa7ULL, + 0x47b5481dbefa4fa4ULL +}; + +/* Initial hash value H for SHA-512: */ +static const isc_uint64_t sha512_initial_hash_value[8] = { + 0x6a09e667f3bcc908ULL, + 0xbb67ae8584caa73bULL, + 0x3c6ef372fe94f82bULL, + 0xa54ff53a5f1d36f1ULL, + 0x510e527fade682d1ULL, + 0x9b05688c2b3e6c1fULL, + 0x1f83d9abfb41bd6bULL, + 0x5be0cd19137e2179ULL +}; +#endif + +/* + * Constant used by SHA256/384/512_End() functions for converting the + * digest to a readable hexadecimal character string: + */ +static const char *sha2_hex_digits = "0123456789abcdef"; + + + +/*** SHA-224: *********************************************************/ +void +isc_sha224_init(isc_sha224_t *context) { + if (context == (isc_sha256_t *)0) { + return; + } + memcpy(context->state, sha224_initial_hash_value, + ISC_SHA256_DIGESTLENGTH); + memset(context->buffer, 0, ISC_SHA256_BLOCK_LENGTH); + context->bitcount = 0; +} + +void +isc_sha224_update(isc_sha224_t *context, const isc_uint8_t* data, size_t len) { + isc_sha256_update((isc_sha256_t *)context, data, len); +} + +void +isc_sha224_final(isc_uint8_t digest[], isc_sha224_t *context) { + isc_uint8_t sha256_digest[ISC_SHA256_DIGESTLENGTH]; + isc_sha256_final(sha256_digest, (isc_sha256_t *)context); + memcpy(digest, sha256_digest, ISC_SHA224_DIGESTLENGTH); + memset(sha256_digest, 0, ISC_SHA256_DIGESTLENGTH); +} + +char * +isc_sha224_end(isc_sha224_t *context, char buffer[]) { + isc_uint8_t digest[ISC_SHA224_DIGESTLENGTH], *d = digest; + unsigned int i; + + /* Sanity check: */ + REQUIRE(context != (isc_sha224_t *)0); + + if (buffer != (char*)0) { + isc_sha224_final(digest, context); + + for (i = 0; i < ISC_SHA224_DIGESTLENGTH; i++) { + *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4]; + *buffer++ = sha2_hex_digits[*d & 0x0f]; + d++; + } + *buffer = (char)0; + } else { + memset(context, 0, sizeof(context)); + } + memset(digest, 0, ISC_SHA224_DIGESTLENGTH); + return buffer; +} + +char* +isc_sha224_data(const isc_uint8_t *data, size_t len, + char digest[ISC_SHA224_DIGESTSTRINGLENGTH]) +{ + isc_sha224_t context; + + isc_sha224_init(&context); + isc_sha224_update(&context, data, len); + return (isc_sha224_end(&context, digest)); +} + +/*** SHA-256: *********************************************************/ +void +isc_sha256_init(isc_sha256_t *context) { + if (context == (isc_sha256_t *)0) { + return; + } + memcpy(context->state, sha256_initial_hash_value, + ISC_SHA256_DIGESTLENGTH); + memset(context->buffer, 0, ISC_SHA256_BLOCK_LENGTH); + context->bitcount = 0; +} + +#ifdef ISC_SHA2_UNROLL_TRANSFORM + +/* Unrolled SHA-256 round macros: */ + +#if BYTE_ORDER == LITTLE_ENDIAN + +#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \ + REVERSE32(*data++, W256[j]); \ + T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \ + K256[j] + W256[j]; \ + (d) += T1; \ + (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ + j++ + + +#else /* BYTE_ORDER == LITTLE_ENDIAN */ + +#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \ + T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \ + K256[j] + (W256[j] = *data++); \ + (d) += T1; \ + (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ + j++ + +#endif /* BYTE_ORDER == LITTLE_ENDIAN */ + +#define ROUND256(a,b,c,d,e,f,g,h) \ + s0 = W256[(j+1)&0x0f]; \ + s0 = sigma0_256(s0); \ + s1 = W256[(j+14)&0x0f]; \ + s1 = sigma1_256(s1); \ + T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + K256[j] + \ + (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); \ + (d) += T1; \ + (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \ + j++ + +void isc_sha256_transform(isc_sha256_t *context, const isc_uint32_t* data) { + isc_uint32_t a, b, c, d, e, f, g, h, s0, s1; + isc_uint32_t T1, *W256; + int j; + + W256 = (isc_uint32_t*)context->buffer; + + /* Initialize registers with the prev. intermediate value */ + a = context->state[0]; + b = context->state[1]; + c = context->state[2]; + d = context->state[3]; + e = context->state[4]; + f = context->state[5]; + g = context->state[6]; + h = context->state[7]; + + j = 0; + do { + /* Rounds 0 to 15 (unrolled): */ + ROUND256_0_TO_15(a,b,c,d,e,f,g,h); + ROUND256_0_TO_15(h,a,b,c,d,e,f,g); + ROUND256_0_TO_15(g,h,a,b,c,d,e,f); + ROUND256_0_TO_15(f,g,h,a,b,c,d,e); + ROUND256_0_TO_15(e,f,g,h,a,b,c,d); + ROUND256_0_TO_15(d,e,f,g,h,a,b,c); + ROUND256_0_TO_15(c,d,e,f,g,h,a,b); + ROUND256_0_TO_15(b,c,d,e,f,g,h,a); + } while (j < 16); + + /* Now for the remaining rounds to 64: */ + do { + ROUND256(a,b,c,d,e,f,g,h); + ROUND256(h,a,b,c,d,e,f,g); + ROUND256(g,h,a,b,c,d,e,f); + ROUND256(f,g,h,a,b,c,d,e); + ROUND256(e,f,g,h,a,b,c,d); + ROUND256(d,e,f,g,h,a,b,c); + ROUND256(c,d,e,f,g,h,a,b); + ROUND256(b,c,d,e,f,g,h,a); + } while (j < 64); + + /* Compute the current intermediate hash value */ + context->state[0] += a; + context->state[1] += b; + context->state[2] += c; + context->state[3] += d; + context->state[4] += e; + context->state[5] += f; + context->state[6] += g; + context->state[7] += h; + + /* Clean up */ + a = b = c = d = e = f = g = h = T1 = 0; +} + +#else /* ISC_SHA2_UNROLL_TRANSFORM */ + +void +isc_sha256_transform(isc_sha256_t *context, const isc_uint32_t* data) { + isc_uint32_t a, b, c, d, e, f, g, h, s0, s1; + isc_uint32_t T1, T2, *W256; + int j; + + W256 = (isc_uint32_t*)context->buffer; + + /* Initialize registers with the prev. intermediate value */ + a = context->state[0]; + b = context->state[1]; + c = context->state[2]; + d = context->state[3]; + e = context->state[4]; + f = context->state[5]; + g = context->state[6]; + h = context->state[7]; + + j = 0; + do { +#if BYTE_ORDER == LITTLE_ENDIAN + /* Copy data while converting to host byte order */ + REVERSE32(*data++,W256[j]); + /* Apply the SHA-256 compression function to update a..h */ + T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + W256[j]; +#else /* BYTE_ORDER == LITTLE_ENDIAN */ + /* Apply the SHA-256 compression function to update a..h with copy */ + T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + (W256[j] = *data++); +#endif /* BYTE_ORDER == LITTLE_ENDIAN */ + T2 = Sigma0_256(a) + Maj(a, b, c); + h = g; + g = f; + f = e; + e = d + T1; + d = c; + c = b; + b = a; + a = T1 + T2; + + j++; + } while (j < 16); + + do { + /* Part of the message block expansion: */ + s0 = W256[(j+1)&0x0f]; + s0 = sigma0_256(s0); + s1 = W256[(j+14)&0x0f]; + s1 = sigma1_256(s1); + + /* Apply the SHA-256 compression function to update a..h */ + T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + + (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); + T2 = Sigma0_256(a) + Maj(a, b, c); + h = g; + g = f; + f = e; + e = d + T1; + d = c; + c = b; + b = a; + a = T1 + T2; + + j++; + } while (j < 64); + + /* Compute the current intermediate hash value */ + context->state[0] += a; + context->state[1] += b; + context->state[2] += c; + context->state[3] += d; + context->state[4] += e; + context->state[5] += f; + context->state[6] += g; + context->state[7] += h; + + /* Clean up */ + a = b = c = d = e = f = g = h = T1 = T2 = 0; +} + +#endif /* ISC_SHA2_UNROLL_TRANSFORM */ + +void +isc_sha256_update(isc_sha256_t *context, const isc_uint8_t *data, size_t len) { + unsigned int freespace, usedspace; + + if (len == 0U) { + /* Calling with no data is valid - we do nothing */ + return; + } + + /* Sanity check: */ + REQUIRE(context != (isc_sha256_t *)0 && data != (isc_uint8_t*)0); + + usedspace = (unsigned int)((context->bitcount >> 3) % + ISC_SHA256_BLOCK_LENGTH); + if (usedspace > 0) { + /* Calculate how much free space is available in the buffer */ + freespace = ISC_SHA256_BLOCK_LENGTH - usedspace; + + if (len >= freespace) { + /* Fill the buffer completely and process it */ + memcpy(&context->buffer[usedspace], data, freespace); + context->bitcount += freespace << 3; + len -= freespace; + data += freespace; + isc_sha256_transform(context, + (isc_uint32_t*)context->buffer); + } else { + /* The buffer is not yet full */ + memcpy(&context->buffer[usedspace], data, len); + context->bitcount += len << 3; + /* Clean up: */ + usedspace = freespace = 0; + return; + } + } + while (len >= ISC_SHA256_BLOCK_LENGTH) { + /* Process as many complete blocks as we can */ + memcpy(context->buffer, data, ISC_SHA256_BLOCK_LENGTH); + isc_sha256_transform(context, (isc_uint32_t*)context->buffer); + context->bitcount += ISC_SHA256_BLOCK_LENGTH << 3; + len -= ISC_SHA256_BLOCK_LENGTH; + data += ISC_SHA256_BLOCK_LENGTH; + } + if (len > 0U) { + /* There's left-overs, so save 'em */ + memcpy(context->buffer, data, len); + context->bitcount += len << 3; + } + /* Clean up: */ + usedspace = freespace = 0; +} + +void +isc_sha256_final(isc_uint8_t digest[], isc_sha256_t *context) { + isc_uint32_t *d = (isc_uint32_t*)digest; + unsigned int usedspace; + + /* Sanity check: */ + REQUIRE(context != (isc_sha256_t *)0); + + /* If no digest buffer is passed, we don't bother doing this: */ + if (digest != (isc_uint8_t*)0) { + usedspace = (unsigned int)((context->bitcount >> 3) % + ISC_SHA256_BLOCK_LENGTH); +#if BYTE_ORDER == LITTLE_ENDIAN + /* Convert FROM host byte order */ + REVERSE64(context->bitcount,context->bitcount); +#endif + if (usedspace > 0) { + /* Begin padding with a 1 bit: */ + context->buffer[usedspace++] = 0x80; + + if (usedspace <= ISC_SHA256_SHORT_BLOCK_LENGTH) { + /* Set-up for the last transform: */ + memset(&context->buffer[usedspace], 0, + ISC_SHA256_SHORT_BLOCK_LENGTH - usedspace); + } else { + if (usedspace < ISC_SHA256_BLOCK_LENGTH) { + memset(&context->buffer[usedspace], 0, + ISC_SHA256_BLOCK_LENGTH - + usedspace); + } + /* Do second-to-last transform: */ + isc_sha256_transform(context, + (isc_uint32_t*)context->buffer); + + /* And set-up for the last transform: */ + memset(context->buffer, 0, + ISC_SHA256_SHORT_BLOCK_LENGTH); + } + } else { + /* Set-up for the last transform: */ + memset(context->buffer, 0, ISC_SHA256_SHORT_BLOCK_LENGTH); + + /* Begin padding with a 1 bit: */ + *context->buffer = 0x80; + } + /* Set the bit count: */ + *(isc_uint64_t*)&context->buffer[ISC_SHA256_SHORT_BLOCK_LENGTH] = context->bitcount; + + /* Final transform: */ + isc_sha256_transform(context, (isc_uint32_t*)context->buffer); + +#if BYTE_ORDER == LITTLE_ENDIAN + { + /* Convert TO host byte order */ + int j; + for (j = 0; j < 8; j++) { + REVERSE32(context->state[j],context->state[j]); + *d++ = context->state[j]; + } + } +#else + memcpy(d, context->state, ISC_SHA256_DIGESTLENGTH); +#endif + } + + /* Clean up state data: */ + memset(context, 0, sizeof(context)); + usedspace = 0; +} + +char * +isc_sha256_end(isc_sha256_t *context, char buffer[]) { + isc_uint8_t digest[ISC_SHA256_DIGESTLENGTH], *d = digest; + unsigned int i; + + /* Sanity check: */ + REQUIRE(context != (isc_sha256_t *)0); + + if (buffer != (char*)0) { + isc_sha256_final(digest, context); + + for (i = 0; i < ISC_SHA256_DIGESTLENGTH; i++) { + *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4]; + *buffer++ = sha2_hex_digits[*d & 0x0f]; + d++; + } + *buffer = (char)0; + } else { + memset(context, 0, sizeof(context)); + } + memset(digest, 0, ISC_SHA256_DIGESTLENGTH); + return buffer; +} + +char * +isc_sha256_data(const isc_uint8_t* data, size_t len, + char digest[ISC_SHA256_DIGESTSTRINGLENGTH]) +{ + isc_sha256_t context; + + isc_sha256_init(&context); + isc_sha256_update(&context, data, len); + return (isc_sha256_end(&context, digest)); +} + + +/*** SHA-512: *********************************************************/ +void +isc_sha512_init(isc_sha512_t *context) { + if (context == (isc_sha512_t *)0) { + return; + } + memcpy(context->state, sha512_initial_hash_value, + ISC_SHA512_DIGESTLENGTH); + memset(context->buffer, 0, ISC_SHA512_BLOCK_LENGTH); + context->bitcount[0] = context->bitcount[1] = 0; +} + +#ifdef ISC_SHA2_UNROLL_TRANSFORM + +/* Unrolled SHA-512 round macros: */ +#if BYTE_ORDER == LITTLE_ENDIAN + +#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \ + REVERSE64(*data++, W512[j]); \ + T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \ + K512[j] + W512[j]; \ + (d) += T1, \ + (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)), \ + j++ + + +#else /* BYTE_ORDER == LITTLE_ENDIAN */ + +#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \ + T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \ + K512[j] + (W512[j] = *data++); \ + (d) += T1; \ + (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \ + j++ + +#endif /* BYTE_ORDER == LITTLE_ENDIAN */ + +#define ROUND512(a,b,c,d,e,f,g,h) \ + s0 = W512[(j+1)&0x0f]; \ + s0 = sigma0_512(s0); \ + s1 = W512[(j+14)&0x0f]; \ + s1 = sigma1_512(s1); \ + T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + K512[j] + \ + (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); \ + (d) += T1; \ + (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \ + j++ + +void isc_sha512_transform(isc_sha512_t *context, const isc_uint64_t* data) { + isc_uint64_t a, b, c, d, e, f, g, h, s0, s1; + isc_uint64_t T1, *W512 = (isc_uint64_t*)context->buffer; + int j; + + /* Initialize registers with the prev. intermediate value */ + a = context->state[0]; + b = context->state[1]; + c = context->state[2]; + d = context->state[3]; + e = context->state[4]; + f = context->state[5]; + g = context->state[6]; + h = context->state[7]; + + j = 0; + do { + ROUND512_0_TO_15(a,b,c,d,e,f,g,h); + ROUND512_0_TO_15(h,a,b,c,d,e,f,g); + ROUND512_0_TO_15(g,h,a,b,c,d,e,f); + ROUND512_0_TO_15(f,g,h,a,b,c,d,e); + ROUND512_0_TO_15(e,f,g,h,a,b,c,d); + ROUND512_0_TO_15(d,e,f,g,h,a,b,c); + ROUND512_0_TO_15(c,d,e,f,g,h,a,b); + ROUND512_0_TO_15(b,c,d,e,f,g,h,a); + } while (j < 16); + + /* Now for the remaining rounds up to 79: */ + do { + ROUND512(a,b,c,d,e,f,g,h); + ROUND512(h,a,b,c,d,e,f,g); + ROUND512(g,h,a,b,c,d,e,f); + ROUND512(f,g,h,a,b,c,d,e); + ROUND512(e,f,g,h,a,b,c,d); + ROUND512(d,e,f,g,h,a,b,c); + ROUND512(c,d,e,f,g,h,a,b); + ROUND512(b,c,d,e,f,g,h,a); + } while (j < 80); + + /* Compute the current intermediate hash value */ + context->state[0] += a; + context->state[1] += b; + context->state[2] += c; + context->state[3] += d; + context->state[4] += e; + context->state[5] += f; + context->state[6] += g; + context->state[7] += h; + + /* Clean up */ + a = b = c = d = e = f = g = h = T1 = 0; +} + +#else /* ISC_SHA2_UNROLL_TRANSFORM */ + +void +isc_sha512_transform(isc_sha512_t *context, const isc_uint64_t* data) { + isc_uint64_t a, b, c, d, e, f, g, h, s0, s1; + isc_uint64_t T1, T2, *W512 = (isc_uint64_t*)context->buffer; + int j; + + /* Initialize registers with the prev. intermediate value */ + a = context->state[0]; + b = context->state[1]; + c = context->state[2]; + d = context->state[3]; + e = context->state[4]; + f = context->state[5]; + g = context->state[6]; + h = context->state[7]; + + j = 0; + do { +#if BYTE_ORDER == LITTLE_ENDIAN + /* Convert TO host byte order */ + REVERSE64(*data++, W512[j]); + /* Apply the SHA-512 compression function to update a..h */ + T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j]; +#else /* BYTE_ORDER == LITTLE_ENDIAN */ + /* Apply the SHA-512 compression function to update a..h with copy */ + T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + (W512[j] = *data++); +#endif /* BYTE_ORDER == LITTLE_ENDIAN */ + T2 = Sigma0_512(a) + Maj(a, b, c); + h = g; + g = f; + f = e; + e = d + T1; + d = c; + c = b; + b = a; + a = T1 + T2; + + j++; + } while (j < 16); + + do { + /* Part of the message block expansion: */ + s0 = W512[(j+1)&0x0f]; + s0 = sigma0_512(s0); + s1 = W512[(j+14)&0x0f]; + s1 = sigma1_512(s1); + + /* Apply the SHA-512 compression function to update a..h */ + T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + + (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); + T2 = Sigma0_512(a) + Maj(a, b, c); + h = g; + g = f; + f = e; + e = d + T1; + d = c; + c = b; + b = a; + a = T1 + T2; + + j++; + } while (j < 80); + + /* Compute the current intermediate hash value */ + context->state[0] += a; + context->state[1] += b; + context->state[2] += c; + context->state[3] += d; + context->state[4] += e; + context->state[5] += f; + context->state[6] += g; + context->state[7] += h; + + /* Clean up */ + a = b = c = d = e = f = g = h = T1 = T2 = 0; +} + +#endif /* ISC_SHA2_UNROLL_TRANSFORM */ + +void isc_sha512_update(isc_sha512_t *context, const isc_uint8_t *data, size_t len) { + unsigned int freespace, usedspace; + + if (len == 0U) { + /* Calling with no data is valid - we do nothing */ + return; + } + + /* Sanity check: */ + REQUIRE(context != (isc_sha512_t *)0 && data != (isc_uint8_t*)0); + + usedspace = (unsigned int)((context->bitcount[0] >> 3) % + ISC_SHA512_BLOCK_LENGTH); + if (usedspace > 0) { + /* Calculate how much free space is available in the buffer */ + freespace = ISC_SHA512_BLOCK_LENGTH - usedspace; + + if (len >= freespace) { + /* Fill the buffer completely and process it */ + memcpy(&context->buffer[usedspace], data, freespace); + ADDINC128(context->bitcount, freespace << 3); + len -= freespace; + data += freespace; + isc_sha512_transform(context, + (isc_uint64_t*)context->buffer); + } else { + /* The buffer is not yet full */ + memcpy(&context->buffer[usedspace], data, len); + ADDINC128(context->bitcount, len << 3); + /* Clean up: */ + usedspace = freespace = 0; + return; + } + } + while (len >= ISC_SHA512_BLOCK_LENGTH) { + /* Process as many complete blocks as we can */ + memcpy(context->buffer, data, ISC_SHA512_BLOCK_LENGTH); + isc_sha512_transform(context, (isc_uint64_t*)context->buffer); + ADDINC128(context->bitcount, ISC_SHA512_BLOCK_LENGTH << 3); + len -= ISC_SHA512_BLOCK_LENGTH; + data += ISC_SHA512_BLOCK_LENGTH; + } + if (len > 0U) { + /* There's left-overs, so save 'em */ + memcpy(context->buffer, data, len); + ADDINC128(context->bitcount, len << 3); + } + /* Clean up: */ + usedspace = freespace = 0; +} + +void isc_sha512_last(isc_sha512_t *context) { + unsigned int usedspace; + + usedspace = (unsigned int)((context->bitcount[0] >> 3) % + ISC_SHA512_BLOCK_LENGTH); +#if BYTE_ORDER == LITTLE_ENDIAN + /* Convert FROM host byte order */ + REVERSE64(context->bitcount[0],context->bitcount[0]); + REVERSE64(context->bitcount[1],context->bitcount[1]); +#endif + if (usedspace > 0) { + /* Begin padding with a 1 bit: */ + context->buffer[usedspace++] = 0x80; + + if (usedspace <= ISC_SHA512_SHORT_BLOCK_LENGTH) { + /* Set-up for the last transform: */ + memset(&context->buffer[usedspace], 0, + ISC_SHA512_SHORT_BLOCK_LENGTH - usedspace); + } else { + if (usedspace < ISC_SHA512_BLOCK_LENGTH) { + memset(&context->buffer[usedspace], 0, + ISC_SHA512_BLOCK_LENGTH - usedspace); + } + /* Do second-to-last transform: */ + isc_sha512_transform(context, + (isc_uint64_t*)context->buffer); + + /* And set-up for the last transform: */ + memset(context->buffer, 0, ISC_SHA512_BLOCK_LENGTH - 2); + } + } else { + /* Prepare for final transform: */ + memset(context->buffer, 0, ISC_SHA512_SHORT_BLOCK_LENGTH); + + /* Begin padding with a 1 bit: */ + *context->buffer = 0x80; + } + /* Store the length of input data (in bits): */ + *(isc_uint64_t*)&context->buffer[ISC_SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1]; + *(isc_uint64_t*)&context->buffer[ISC_SHA512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0]; + + /* Final transform: */ + isc_sha512_transform(context, (isc_uint64_t*)context->buffer); +} + +void isc_sha512_final(isc_uint8_t digest[], isc_sha512_t *context) { + isc_uint64_t *d = (isc_uint64_t*)digest; + + /* Sanity check: */ + REQUIRE(context != (isc_sha512_t *)0); + + /* If no digest buffer is passed, we don't bother doing this: */ + if (digest != (isc_uint8_t*)0) { + isc_sha512_last(context); + + /* Save the hash data for output: */ +#if BYTE_ORDER == LITTLE_ENDIAN + { + /* Convert TO host byte order */ + int j; + for (j = 0; j < 8; j++) { + REVERSE64(context->state[j],context->state[j]); + *d++ = context->state[j]; + } + } +#else + memcpy(d, context->state, ISC_SHA512_DIGESTLENGTH); +#endif + } + + /* Zero out state data */ + memset(context, 0, sizeof(context)); +} + +char * +isc_sha512_end(isc_sha512_t *context, char buffer[]) { + isc_uint8_t digest[ISC_SHA512_DIGESTLENGTH], *d = digest; + unsigned int i; + + /* Sanity check: */ + REQUIRE(context != (isc_sha512_t *)0); + + if (buffer != (char*)0) { + isc_sha512_final(digest, context); + + for (i = 0; i < ISC_SHA512_DIGESTLENGTH; i++) { + *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4]; + *buffer++ = sha2_hex_digits[*d & 0x0f]; + d++; + } + *buffer = (char)0; + } else { + memset(context, 0, sizeof(context)); + } + memset(digest, 0, ISC_SHA512_DIGESTLENGTH); + return buffer; +} + +char * +isc_sha512_data(const isc_uint8_t *data, size_t len, + char digest[ISC_SHA512_DIGESTSTRINGLENGTH]) +{ + isc_sha512_t context; + + isc_sha512_init(&context); + isc_sha512_update(&context, data, len); + return (isc_sha512_end(&context, digest)); +} + + +/*** SHA-384: *********************************************************/ +void +isc_sha384_init(isc_sha384_t *context) { + if (context == (isc_sha384_t *)0) { + return; + } + memcpy(context->state, sha384_initial_hash_value, + ISC_SHA512_DIGESTLENGTH); + memset(context->buffer, 0, ISC_SHA384_BLOCK_LENGTH); + context->bitcount[0] = context->bitcount[1] = 0; +} + +void +isc_sha384_update(isc_sha384_t *context, const isc_uint8_t* data, size_t len) { + isc_sha512_update((isc_sha512_t *)context, data, len); +} + +void +isc_sha384_final(isc_uint8_t digest[], isc_sha384_t *context) { + isc_uint64_t *d = (isc_uint64_t*)digest; + + /* Sanity check: */ + REQUIRE(context != (isc_sha384_t *)0); + + /* If no digest buffer is passed, we don't bother doing this: */ + if (digest != (isc_uint8_t*)0) { + isc_sha512_last((isc_sha512_t *)context); + + /* Save the hash data for output: */ +#if BYTE_ORDER == LITTLE_ENDIAN + { + /* Convert TO host byte order */ + int j; + for (j = 0; j < 6; j++) { + REVERSE64(context->state[j],context->state[j]); + *d++ = context->state[j]; + } + } +#else + memcpy(d, context->state, ISC_SHA384_DIGESTLENGTH); +#endif + } + + /* Zero out state data */ + memset(context, 0, sizeof(context)); +} + +char * +isc_sha384_end(isc_sha384_t *context, char buffer[]) { + isc_uint8_t digest[ISC_SHA384_DIGESTLENGTH], *d = digest; + unsigned int i; + + /* Sanity check: */ + REQUIRE(context != (isc_sha384_t *)0); + + if (buffer != (char*)0) { + isc_sha384_final(digest, context); + + for (i = 0; i < ISC_SHA384_DIGESTLENGTH; i++) { + *buffer++ = sha2_hex_digits[(*d & 0xf0) >> 4]; + *buffer++ = sha2_hex_digits[*d & 0x0f]; + d++; + } + *buffer = (char)0; + } else { + memset(context, 0, sizeof(context)); + } + memset(digest, 0, ISC_SHA384_DIGESTLENGTH); + return buffer; +} + +char* +isc_sha384_data(const isc_uint8_t *data, size_t len, + char digest[ISC_SHA384_DIGESTSTRINGLENGTH]) +{ + isc_sha384_t context; + + isc_sha384_init(&context); + isc_sha384_update(&context, data, len); + return (isc_sha384_end(&context, digest)); +} diff --git a/usr.sbin/bind/lib/isc/sparc64/Makefile.in b/usr.sbin/bind/lib/isc/sparc64/Makefile.in new file mode 100644 index 00000000000..19a13a8cc02 --- /dev/null +++ b/usr.sbin/bind/lib/isc/sparc64/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = include +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/sparc64/include/Makefile.in b/usr.sbin/bind/lib/isc/sparc64/include/Makefile.in new file mode 100644 index 00000000000..26103230cdc --- /dev/null +++ b/usr.sbin/bind/lib/isc/sparc64/include/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = isc +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/sparc64/include/isc/Makefile.in b/usr.sbin/bind/lib/isc/sparc64/include/isc/Makefile.in new file mode 100644 index 00000000000..b571c74337e --- /dev/null +++ b/usr.sbin/bind/lib/isc/sparc64/include/isc/Makefile.in @@ -0,0 +1,36 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +@BIND9_VERSION@ + +HEADERS = atomic.h + +SUBDIRS = +TARGETS = + +@BIND9_MAKE_RULES@ + +installdirs: + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${includedir}/isc + +install:: installdirs + for i in ${HEADERS}; do \ + ${INSTALL_DATA} $(srcdir)/$$i ${DESTDIR}${includedir}/isc ; \ + done diff --git a/usr.sbin/bind/lib/isc/sparc64/include/isc/atomic.h b/usr.sbin/bind/lib/isc/sparc64/include/isc/atomic.h new file mode 100644 index 00000000000..612c6b5fbb7 --- /dev/null +++ b/usr.sbin/bind/lib/isc/sparc64/include/isc/atomic.h @@ -0,0 +1,127 @@ +/* + * Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: atomic.h,v 1.2.2.2 2005/06/16 22:01:02 jinmei Exp $ */ + +/* + * This code was written based on FreeBSD's kernel source whose copyright + * follows: + */ + +/*- + * Copyright (c) 1998 Doug Rabson. + * Copyright (c) 2001 Jake Burkholder. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * from: FreeBSD: src/sys/i386/include/atomic.h,v 1.20 2001/02/11 + * $FreeBSD: src/sys/sparc64/include/atomic.h,v 1.8 2004/05/22 00:52:16 marius Exp $ + */ + +#ifndef ISC_ATOMIC_H +#define ISC_ATOMIC_H 1 + +#include <isc/platform.h> +#include <isc/types.h> + +#define ASI_P 0x80 /* Primary Address Space Identifier */ + +#ifdef ISC_PLATFORM_USEGCCASM + +/* + * This routine atomically increments the value stored in 'p' by 'val', and + * returns the previous value. + */ +static inline isc_int32_t +isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) { + isc_int32_t prev, swapped; + + for (prev = *(volatile isc_int32_t *)p; ; prev = swapped) { + swapped = prev + val; + __asm__ volatile( + "casa [%1] %2, %3, %0" + : "+r"(swapped) + : "r"(p), "n"(ASI_P), "r"(prev)); + if (swapped == prev) + break; + } + + return (prev); +} + +/* + * This routine atomically stores the value 'val' in 'p'. + */ +static inline void +isc_atomic_store(isc_int32_t *p, isc_int32_t val) { + isc_int32_t prev, swapped; + + for (prev = *(volatile isc_int32_t *)p; ; prev = swapped) { + swapped = val; + __asm__ volatile( + "casa [%1] %2, %3, %0" + : "+r"(swapped) + : "r"(p), "n"(ASI_P), "r"(prev) + : "memory"); + if (swapped == prev) + break; + } +} + +/* + * This routine atomically replaces the value in 'p' with 'val', if the + * original value is equal to 'cmpval'. The original value is returned in any + * case. + */ +static inline isc_int32_t +isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val) { + isc_int32_t temp = val; + + __asm__ volatile( + "casa [%1] %2, %3, %0" + : "+r"(temp) + : "r"(p), "n"(ASI_P), "r"(cmpval)); + + return (temp); +} + +#else /* ISC_PLATFORM_USEGCCASM */ + +#error "unsupported compiler. disable atomic ops by --disable-atomic" + +#endif /* ISC_PLATFORM_USEGCCASM */ + +#endif /* ISC_ATOMIC_H */ diff --git a/usr.sbin/bind/lib/isc/strtoul.c b/usr.sbin/bind/lib/isc/strtoul.c index 64d665900bf..77aabc378c9 100644 --- a/usr.sbin/bind/lib/isc/strtoul.c +++ b/usr.sbin/bind/lib/isc/strtoul.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -48,11 +48,12 @@ * SUCH DAMAGE. */ +/*! \file */ #if defined(LIBC_SCCS) && !defined(lint) static char sccsid[] = "@(#)strtoul.c 8.1 (Berkeley) 6/4/93"; #endif /* LIBC_SCCS and not lint */ -/* $ISC: strtoul.c,v 1.2.14.3 2004/03/06 08:14:36 marka Exp $ */ +/* $ISC: strtoul.c,v 1.3.18.2 2005/04/29 00:16:50 marka Exp $ */ #include <config.h> @@ -63,7 +64,7 @@ static char sccsid[] = "@(#)strtoul.c 8.1 (Berkeley) 6/4/93"; #include <isc/stdlib.h> #include <isc/util.h> -/* +/*! * Convert a string to an unsigned long integer. * * Ignores `locale' stuff. Assumes that the upper and lower case diff --git a/usr.sbin/bind/lib/isc/symtab.c b/usr.sbin/bind/lib/isc/symtab.c index b4e73feae42..579eca1fd0b 100644 --- a/usr.sbin/bind/lib/isc/symtab.c +++ b/usr.sbin/bind/lib/isc/symtab.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1996-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: symtab.c,v 1.24.12.3 2004/03/08 09:04:50 marka Exp $ */ +/* $ISC: symtab.c,v 1.26.18.2 2005/04/29 00:16:50 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/task_p.h b/usr.sbin/bind/lib/isc/task_p.h index 6c774b15b2d..2e299d5ea0a 100644 --- a/usr.sbin/bind/lib/isc/task_p.h +++ b/usr.sbin/bind/lib/isc/task_p.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: task_p.h,v 1.6.206.1 2004/03/06 08:14:36 marka Exp $ */ +/* $ISC: task_p.h,v 1.7.18.2 2005/04/29 00:16:50 marka Exp $ */ #ifndef ISC_TASK_P_H #define ISC_TASK_P_H +/*! \file */ + isc_boolean_t isc__taskmgr_ready(void); diff --git a/usr.sbin/bind/lib/isc/taskpool.c b/usr.sbin/bind/lib/isc/taskpool.c index 7b06e70de9f..e0ddf341cd3 100644 --- a/usr.sbin/bind/lib/isc/taskpool.c +++ b/usr.sbin/bind/lib/isc/taskpool.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: taskpool.c,v 1.10.12.5 2006/01/04 23:50:21 marka Exp $ */ +/* $ISC: taskpool.c,v 1.12.18.3 2005/11/30 03:44:39 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/timer_p.h b/usr.sbin/bind/lib/isc/timer_p.h index cf27775a3db..07a1cdb3cfa 100644 --- a/usr.sbin/bind/lib/isc/timer_p.h +++ b/usr.sbin/bind/lib/isc/timer_p.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: timer_p.h,v 1.4.12.3 2004/03/08 09:04:50 marka Exp $ */ +/* $ISC: timer_p.h,v 1.6.18.2 2005/04/29 00:16:51 marka Exp $ */ #ifndef ISC_TIMER_P_H #define ISC_TIMER_P_H +/*! \file */ + isc_result_t isc__timermgr_nextevent(isc_time_t *when); diff --git a/usr.sbin/bind/lib/isc/unix/errno2result.c b/usr.sbin/bind/lib/isc/unix/errno2result.c index 0da5f9b1494..e3c6ebb4b8c 100644 --- a/usr.sbin/bind/lib/isc/unix/errno2result.c +++ b/usr.sbin/bind/lib/isc/unix/errno2result.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: errno2result.c,v 1.8.2.4.8.1 2004/03/06 08:14:59 marka Exp $ */ +/* $ISC: errno2result.c,v 1.13.18.2 2005/04/29 00:17:07 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -25,7 +27,7 @@ #include "errno2result.h" -/* +/*% * Convert a POSIX errno value into an isc_result_t. The * list of supported errno values is not complete; new users * of this function should add any expected errors that are diff --git a/usr.sbin/bind/lib/isc/unix/errno2result.h b/usr.sbin/bind/lib/isc/unix/errno2result.h index b8d8b729f66..0601d5e45c1 100644 --- a/usr.sbin/bind/lib/isc/unix/errno2result.h +++ b/usr.sbin/bind/lib/isc/unix/errno2result.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: errno2result.h,v 1.7.206.1 2004/03/06 08:14:59 marka Exp $ */ +/* $ISC: errno2result.h,v 1.8.18.2 2005/04/29 00:17:07 marka Exp $ */ #ifndef UNIX_ERRNO2RESULT_H #define UNIX_ERRNO2RESULT_H 1 +/*! \file */ + /* XXXDCL this should be moved to lib/isc/include/isc/errno2result.h. */ #include <errno.h> /* Provides errno. */ diff --git a/usr.sbin/bind/lib/isc/unix/ifiter_getifaddrs.c b/usr.sbin/bind/lib/isc/unix/ifiter_getifaddrs.c index ca4dfe95277..3976154d9c7 100644 --- a/usr.sbin/bind/lib/isc/unix/ifiter_getifaddrs.c +++ b/usr.sbin/bind/lib/isc/unix/ifiter_getifaddrs.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,28 +15,33 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ifiter_getifaddrs.c,v 1.2.68.3 2004/03/06 08:14:59 marka Exp $ */ +/* $ISC: ifiter_getifaddrs.c,v 1.4.18.5 2007/08/28 07:20:06 tbox Exp $ */ -/* +/*! \file + * \brief * Obtain the list of network interfaces using the getifaddrs(3) library. */ #include <ifaddrs.h> +/*% Iterator Magic */ #define IFITER_MAGIC ISC_MAGIC('I', 'F', 'I', 'G') +/*% Valid Iterator */ #define VALID_IFITER(t) ISC_MAGIC_VALID(t, IFITER_MAGIC) +/*% Iterator structure */ struct isc_interfaceiter { - unsigned int magic; /* Magic number. */ + unsigned int magic; /*%< Magic number. */ isc_mem_t *mctx; - void *buf; /* (unused) */ - unsigned int bufsize; /* (always 0) */ - struct ifaddrs *ifaddrs; /* List of ifaddrs */ - struct ifaddrs *pos; /* Ptr to current ifaddr */ - isc_interface_t current; /* Current interface data. */ - isc_result_t result; /* Last result code. */ + void *buf; /*%< (unused) */ + unsigned int bufsize; /*%< (always 0) */ + struct ifaddrs *ifaddrs; /*%< List of ifaddrs */ + struct ifaddrs *pos; /*%< Ptr to current ifaddr */ + isc_interface_t current; /*%< Current interface data. */ + isc_result_t result; /*%< Last result code. */ }; + isc_result_t isc_interfaceiter_create(isc_mem_t *mctx, isc_interfaceiter_t **iterp) { isc_interfaceiter_t *iter; @@ -106,7 +111,9 @@ internal_current(isc_interfaceiter_t *iter) { INSIST(ifa != NULL); INSIST(ifa->ifa_name != NULL); - INSIST(ifa->ifa_addr != NULL); + + if (ifa->ifa_addr == NULL) + return (ISC_R_IGNORE); family = ifa->ifa_addr->sa_family; if (family != AF_INET && family != AF_INET6) diff --git a/usr.sbin/bind/lib/isc/unix/ifiter_sysctl.c b/usr.sbin/bind/lib/isc/unix/ifiter_sysctl.c index f79ee05fd1e..15e954ff13c 100644 --- a/usr.sbin/bind/lib/isc/unix/ifiter_sysctl.c +++ b/usr.sbin/bind/lib/isc/unix/ifiter_sysctl.c @@ -15,9 +15,10 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ifiter_sysctl.c,v 1.14.12.9 2005/03/17 03:58:33 marka Exp $ */ +/* $ISC: ifiter_sysctl.c,v 1.20.18.3 2005/04/27 05:02:35 sra Exp $ */ -/* +/*! \file + * \brief * Obtain the list of network interfaces using sysctl. * See TCP/IP Illustrated Volume 2, sections 19.8, 19.14, * and 19.16. diff --git a/usr.sbin/bind/lib/isc/unix/include/Makefile.in b/usr.sbin/bind/lib/isc/unix/include/Makefile.in index 9cd2e13c779..0ac4ef7a492 100644 --- a/usr.sbin/bind/lib/isc/unix/include/Makefile.in +++ b/usr.sbin/bind/lib/isc/unix/include/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.11.206.1 2004/03/06 08:15:03 marka Exp $ +# $ISC: Makefile.in,v 1.12 2004/03/05 05:11:50 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/isc/unix/include/isc/Makefile.in b/usr.sbin/bind/lib/isc/unix/include/isc/Makefile.in index ebd951966e1..d755f0006a2 100644 --- a/usr.sbin/bind/lib/isc/unix/include/isc/Makefile.in +++ b/usr.sbin/bind/lib/isc/unix/include/isc/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.27.206.1 2004/03/06 08:15:03 marka Exp $ +# $ISC: Makefile.in,v 1.28 2004/03/05 05:11:52 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/isc/unix/include/isc/dir.h b/usr.sbin/bind/lib/isc/unix/include/isc/dir.h index 6c10ac9066e..58028abce80 100644 --- a/usr.sbin/bind/lib/isc/unix/include/isc/dir.h +++ b/usr.sbin/bind/lib/isc/unix/include/isc/dir.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,13 +15,15 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dir.h,v 1.15.12.3 2004/03/08 09:04:57 marka Exp $ */ +/* $ISC: dir.h,v 1.17.18.2 2005/04/29 00:17:09 marka Exp $ */ /* Principal Authors: DCL */ #ifndef ISC_DIR_H #define ISC_DIR_H 1 +/*! \file */ + #include <sys/types.h> /* Required on some systems. */ #include <dirent.h> @@ -31,8 +33,9 @@ #define ISC_DIR_NAMEMAX 256 #define ISC_DIR_PATHMAX 1024 +/*% Directory Entry */ typedef struct isc_direntry { - /* + /*! * Ideally, this should be NAME_MAX, but AIX does not define it by * default and dynamically allocating the space based on pathconf() * complicates things undesirably, as does adding special conditionals @@ -42,9 +45,10 @@ typedef struct isc_direntry { unsigned int length; } isc_direntry_t; +/*% Directory */ typedef struct isc_dir { unsigned int magic; - /* + /*! * As with isc_direntry_t->name, making this "right" for all systems * is slightly problematic because AIX does not define PATH_MAX. */ @@ -78,7 +82,7 @@ isc_dir_chroot(const char *dirname); isc_result_t isc_dir_createunique(char *templet); -/* +/*!< * Use a templet (such as from isc_file_mktemplate()) to create a uniquely * named, empty directory. The templet string is modified in place. * If result == ISC_R_SUCCESS, it is the name of the directory that was diff --git a/usr.sbin/bind/lib/isc/unix/include/isc/int.h b/usr.sbin/bind/lib/isc/unix/include/isc/int.h index 263742eb7ae..53dc28a66f7 100644 --- a/usr.sbin/bind/lib/isc/unix/include/isc/int.h +++ b/usr.sbin/bind/lib/isc/unix/include/isc/int.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: int.h,v 1.11.206.1 2004/03/06 08:15:04 marka Exp $ */ +/* $ISC: int.h,v 1.12.18.2 2005/04/29 00:17:09 marka Exp $ */ #ifndef ISC_INT_H #define ISC_INT_H 1 +/*! \file */ + typedef char isc_int8_t; typedef unsigned char isc_uint8_t; typedef short isc_int16_t; @@ -37,7 +39,7 @@ typedef unsigned long long isc_uint64_t; #define ISC_INT16_MAX 32767 #define ISC_UINT16_MAX 65535 -/* +/*% * Note that "int" is 32 bits on all currently supported Unix-like operating * systems, but "long" can be either 32 bits or 64 bits, thus the 32 bit * constants are not qualified with "L". diff --git a/usr.sbin/bind/lib/isc/unix/include/isc/keyboard.h b/usr.sbin/bind/lib/isc/unix/include/isc/keyboard.h index 497e93887cd..3d0e04c789f 100644 --- a/usr.sbin/bind/lib/isc/unix/include/isc/keyboard.h +++ b/usr.sbin/bind/lib/isc/unix/include/isc/keyboard.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: keyboard.h,v 1.6.206.1 2004/03/06 08:15:04 marka Exp $ */ +/* $ISC: keyboard.h,v 1.7.18.2 2005/04/29 00:17:09 marka Exp $ */ #ifndef ISC_KEYBOARD_H #define ISC_KEYBOARD_H 1 +/*! \file */ + #include <termios.h> #include <isc/lang.h> diff --git a/usr.sbin/bind/lib/isc/unix/include/isc/net.h b/usr.sbin/bind/lib/isc/unix/include/isc/net.h index 8453c9ad952..51b0a3d2e6d 100644 --- a/usr.sbin/bind/lib/isc/unix/include/isc/net.h +++ b/usr.sbin/bind/lib/isc/unix/include/isc/net.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: net.h,v 1.31.2.2.10.8 2004/04/29 01:31:23 marka Exp $ */ +/* $ISC: net.h,v 1.39.18.4 2005/04/27 05:02:37 sra Exp $ */ #ifndef ISC_NET_H #define ISC_NET_H 1 @@ -24,19 +24,20 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * Basic Networking Types * * This module is responsible for defining the following basic networking * types: * - * struct in_addr - * struct in6_addr - * struct in6_pktinfo - * struct sockaddr - * struct sockaddr_in - * struct sockaddr_in6 - * in_port_t + *\li struct in_addr + *\li struct in6_addr + *\li struct in6_pktinfo + *\li struct sockaddr + *\li struct sockaddr_in + *\li struct sockaddr_in6 + *\li in_port_t * * It ensures that the AF_ and PF_ macros are defined. * @@ -44,27 +45,27 @@ * * It declares inet_aton(), inet_ntop(), and inet_pton(). * - * It ensures that INADDR_LOOPBACK, INADDR_ANY, IN6ADDR_ANY_INIT, + * It ensures that #INADDR_LOOPBACK, #INADDR_ANY, #IN6ADDR_ANY_INIT, * in6addr_any, and in6addr_loopback are available. * * It ensures that IN_MULTICAST() is available to check for multicast * addresses. * * MP: - * No impact. + *\li No impact. * * Reliability: - * No anticipated impact. + *\li No anticipated impact. * * Resources: - * N/A. + *\li N/A. * * Security: - * No anticipated impact. + *\li No anticipated impact. * * Standards: - * BSD Socket API - * RFC 2553 + *\li BSD Socket API + *\li RFC2553 */ /*** @@ -94,19 +95,19 @@ #include <isc/types.h> #ifdef ISC_PLATFORM_HAVEINADDR6 -#define in6_addr in_addr6 /* Required for pre RFC2133 implementations. */ +#define in6_addr in_addr6 /*%< Required for pre RFC2133 implementations. */ #endif #ifdef ISC_PLATFORM_HAVEIPV6 -/* +#ifndef IN6ADDR_ANY_INIT +#ifdef s6_addr +/*% * Required for some pre RFC2133 implementations. * IN6ADDR_ANY_INIT and IN6ADDR_LOOPBACK_INIT were added in * draft-ietf-ipngwg-bsd-api-04.txt or draft-ietf-ipngwg-bsd-api-05.txt. * If 's6_addr' is defined then assume that there is a union and three * levels otherwise assume two levels required. */ -#ifndef IN6ADDR_ANY_INIT -#ifdef s6_addr #define IN6ADDR_ANY_INIT { { { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 } } } #else #define IN6ADDR_ANY_INIT { { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 } } @@ -115,6 +116,7 @@ #ifndef IN6ADDR_LOOPBACK_INIT #ifdef s6_addr +/*% IPv6 address loopback init */ #define IN6ADDR_LOOPBACK_INIT { { { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1 } } } #else #define IN6ADDR_LOOPBACK_INIT { { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1 } } @@ -122,12 +124,14 @@ #endif #ifndef IN6_IS_ADDR_V4MAPPED +/*% Is IPv6 address V4 mapped? */ #define IN6_IS_ADDR_V4MAPPED(x) \ (memcmp((x)->s6_addr, in6addr_any.s6_addr, 10) == 0 && \ (x)->s6_addr[10] == 0xff && (x)->s6_addr[11] == 0xff) #endif #ifndef IN6_IS_ADDR_V4COMPAT +/*% Is IPv6 address V4 compatible? */ #define IN6_IS_ADDR_V4COMPAT(x) \ (memcmp((x)->s6_addr, in6addr_any.s6_addr, 12) == 0 && \ ((x)->s6_addr[12] != 0 || (x)->s6_addr[13] != 0 || \ @@ -136,50 +140,58 @@ #endif #ifndef IN6_IS_ADDR_MULTICAST +/*% Is IPv6 address multicast? */ #define IN6_IS_ADDR_MULTICAST(a) ((a)->s6_addr[0] == 0xff) #endif #ifndef IN6_IS_ADDR_LINKLOCAL +/*% Is IPv6 address linklocal? */ #define IN6_IS_ADDR_LINKLOCAL(a) \ (((a)->s6_addr[0] == 0xfe) && (((a)->s6_addr[1] & 0xc0) == 0x80)) #endif #ifndef IN6_IS_ADDR_SITELOCAL +/*% is IPv6 address sitelocal? */ #define IN6_IS_ADDR_SITELOCAL(a) \ (((a)->s6_addr[0] == 0xfe) && (((a)->s6_addr[1] & 0xc0) == 0xc0)) #endif #ifndef IN6_IS_ADDR_LOOPBACK +/*% is IPv6 address loopback? */ #define IN6_IS_ADDR_LOOPBACK(x) \ (memcmp((x)->s6_addr, in6addr_loopback.s6_addr, 16) == 0) #endif #endif #ifndef AF_INET6 +/*% IPv6 */ #define AF_INET6 99 #endif #ifndef PF_INET6 +/*% IPv6 */ #define PF_INET6 AF_INET6 #endif #ifndef INADDR_LOOPBACK +/*% inaddr loopback */ #define INADDR_LOOPBACK 0x7f000001UL #endif #ifndef ISC_PLATFORM_HAVEIN6PKTINFO +/*% IPv6 packet info */ struct in6_pktinfo { - struct in6_addr ipi6_addr; /* src/dst IPv6 address */ - unsigned int ipi6_ifindex; /* send/recv interface index */ + struct in6_addr ipi6_addr; /*%< src/dst IPv6 address */ + unsigned int ipi6_ifindex; /*%< send/recv interface index */ }; #endif -/* - * Cope with a missing in6addr_any and in6addr_loopback. - */ #if defined(ISC_PLATFORM_HAVEIPV6) && defined(ISC_PLATFORM_NEEDIN6ADDRANY) extern const struct in6_addr isc_net_in6addrany; +/*% + * Cope with a missing in6addr_any and in6addr_loopback. + */ #define in6addr_any isc_net_in6addrany #endif @@ -188,11 +200,12 @@ extern const struct in6_addr isc_net_in6addrloop; #define in6addr_loopback isc_net_in6addrloop #endif -/* - * Fix UnixWare 7.1.1's broken IN6_IS_ADDR_* definitions. - */ #ifdef ISC_PLATFORM_FIXIN6ISADDR #undef IN6_IS_ADDR_GEOGRAPHIC +/*! + * \brief + * Fix UnixWare 7.1.1's broken IN6_IS_ADDR_* definitions. + */ #define IN6_IS_ADDR_GEOGRAPHIC(a) (((a)->S6_un.S6_l[0] & 0xE0) == 0x80) #undef IN6_IS_ADDR_IPX #define IN6_IS_ADDR_IPX(a) (((a)->S6_un.S6_l[0] & 0xFE) == 0x04) @@ -208,24 +221,26 @@ extern const struct in6_addr isc_net_in6addrloop; #define IN6_IS_ADDR_SITELOCAL(a) (((a)->S6_un.S6_l[0] & 0xC0FF) == 0xC0FE) #endif /* ISC_PLATFORM_FIXIN6ISADDR */ -/* +#ifdef ISC_PLATFORM_NEEDPORTT +/*% * Ensure type in_port_t is defined. */ -#ifdef ISC_PLATFORM_NEEDPORTT typedef isc_uint16_t in_port_t; #endif -/* +#ifndef MSG_TRUNC +/*% * If this system does not have MSG_TRUNC (as returned from recvmsg()) * ISC_PLATFORM_RECVOVERFLOW will be defined. This will enable the MSG_TRUNC * faking code in socket.c. */ -#ifndef MSG_TRUNC #define ISC_PLATFORM_RECVOVERFLOW #endif +/*% IP address. */ #define ISC__IPADDR(x) ((isc_uint32_t)htonl((isc_uint32_t)(x))) +/*% Is IP address multicast? */ #define ISC_IPADDR_ISMULTICAST(i) \ (((isc_uint32_t)(i) & ISC__IPADDR(0xf0000000)) \ == ISC__IPADDR(0xe0000000)) @@ -242,40 +257,40 @@ ISC_LANG_BEGINDECLS isc_result_t isc_net_probeipv4(void); -/* +/*%< * Check if the system's kernel supports IPv4. * * Returns: * - * ISC_R_SUCCESS IPv4 is supported. - * ISC_R_NOTFOUND IPv4 is not supported. - * ISC_R_DISABLED IPv4 is disabled. - * ISC_R_UNEXPECTED + *\li #ISC_R_SUCCESS IPv4 is supported. + *\li #ISC_R_NOTFOUND IPv4 is not supported. + *\li #ISC_R_DISABLED IPv4 is disabled. + *\li #ISC_R_UNEXPECTED */ isc_result_t isc_net_probeipv6(void); -/* +/*%< * Check if the system's kernel supports IPv6. * * Returns: * - * ISC_R_SUCCESS IPv6 is supported. - * ISC_R_NOTFOUND IPv6 is not supported. - * ISC_R_DISABLED IPv6 is disabled. - * ISC_R_UNEXPECTED + *\li #ISC_R_SUCCESS IPv6 is supported. + *\li #ISC_R_NOTFOUND IPv6 is not supported. + *\li #ISC_R_DISABLED IPv6 is disabled. + *\li #ISC_R_UNEXPECTED */ isc_result_t isc_net_probe_ipv6only(void); -/* +/*%< * Check if the system's kernel supports the IPV6_V6ONLY socket option. * * Returns: * - * ISC_R_SUCCESS the option is supported for both TCP and UDP. - * ISC_R_NOTFOUND IPv6 itself or the option is not supported. - * ISC_R_UNEXPECTED + *\li #ISC_R_SUCCESS the option is supported for both TCP and UDP. + *\li #ISC_R_NOTFOUND IPv6 itself or the option is not supported. + *\li #ISC_R_UNEXPECTED */ isc_result_t @@ -286,9 +301,9 @@ isc_net_probe_ipv6pktinfo(void); * * Returns: * - * ISC_R_SUCCESS the option is supported. - * ISC_R_NOTFOUND IPv6 itself or the option is not supported. - * ISC_R_UNEXPECTED + * \li #ISC_R_SUCCESS the option is supported. + * \li #ISC_R_NOTFOUND IPv6 itself or the option is not supported. + * \li #ISC_R_UNEXPECTED */ void @@ -303,6 +318,12 @@ isc_net_enableipv4(void); void isc_net_enableipv6(void); +isc_result_t +isc_net_probeunix(void); +/* + * Returns whether UNIX domain sockets are supported. + */ + #ifdef ISC_PLATFORM_NEEDNTOP const char * isc_net_ntop(int af, const void *src, char *dst, size_t size); diff --git a/usr.sbin/bind/lib/isc/unix/include/isc/netdb.h b/usr.sbin/bind/lib/isc/unix/include/isc/netdb.h index 904d8bac46e..30aaafebde3 100644 --- a/usr.sbin/bind/lib/isc/unix/include/isc/netdb.h +++ b/usr.sbin/bind/lib/isc/unix/include/isc/netdb.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: netdb.h,v 1.6.206.1 2004/03/06 08:15:04 marka Exp $ */ +/* $ISC: netdb.h,v 1.7.18.2 2005/04/29 00:17:10 marka Exp $ */ #ifndef ISC_NETDB_H #define ISC_NETDB_H 1 @@ -24,25 +24,26 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * Portable netdb.h support. * * This module is responsible for defining the get<x>by<y> APIs. * * MP: - * No impact. + *\li No impact. * * Reliability: - * No anticipated impact. + *\li No anticipated impact. * * Resources: - * N/A. + *\li N/A. * * Security: - * No anticipated impact. + *\li No anticipated impact. * * Standards: - * BSD API + *\li BSD API */ /*** diff --git a/usr.sbin/bind/lib/isc/unix/include/isc/offset.h b/usr.sbin/bind/lib/isc/unix/include/isc/offset.h index e3748050640..39e9aedb8b1 100644 --- a/usr.sbin/bind/lib/isc/unix/include/isc/offset.h +++ b/usr.sbin/bind/lib/isc/unix/include/isc/offset.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,12 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: offset.h,v 1.10.206.1 2004/03/06 08:15:04 marka Exp $ */ +/* $ISC: offset.h,v 1.11.18.2 2005/04/29 00:17:10 marka Exp $ */ #ifndef ISC_OFFSET_H #define ISC_OFFSET_H 1 -/* +/*! \file + * \brief * File offsets are operating-system dependent. */ #include <limits.h> /* Required for CHAR_BIT. */ @@ -28,7 +29,7 @@ typedef off_t isc_offset_t; -/* +/*% * POSIX says "Additionally, blkcnt_t and off_t are extended signed integral * types", so the maximum value is all 1s except for the high bit. * This definition is more complex than it really needs to be because it was diff --git a/usr.sbin/bind/lib/isc/unix/include/isc/stdtime.h b/usr.sbin/bind/lib/isc/unix/include/isc/stdtime.h index e4eabc3c374..2f8de9160b0 100644 --- a/usr.sbin/bind/lib/isc/unix/include/isc/stdtime.h +++ b/usr.sbin/bind/lib/isc/unix/include/isc/stdtime.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,31 +15,44 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: stdtime.h,v 1.8.206.1 2004/03/06 08:15:05 marka Exp $ */ +/* $ISC: stdtime.h,v 1.9.18.3 2005/06/04 06:23:45 jinmei Exp $ */ #ifndef ISC_STDTIME_H #define ISC_STDTIME_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/int.h> -/* +/*% * It's public information that 'isc_stdtime_t' is an unsigned integral type. * Applications that want maximum portability should not assume anything * about its size. */ typedef isc_uint32_t isc_stdtime_t; +/* + * isc_stdtime32_t is a 32-bit version of isc_stdtime_t. A variable of this + * type should only be used as an opaque integer (e.g.,) to compare two + * time values. + */ +typedef isc_uint32_t isc_stdtime32_t; ISC_LANG_BEGINDECLS - +/* */ void isc_stdtime_get(isc_stdtime_t *t); -/* +/*%< * Set 't' to the number of seconds since 00:00:00 UTC, January 1, 1970. * * Requires: * - * 't' is a valid pointer. + *\li 't' is a valid pointer. + */ + +#define isc_stdtime_convert32(t, t32p) (*(t32p) = t) +/* + * Convert the standard time to its 32-bit version. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/isc/unix/include/isc/strerror.h b/usr.sbin/bind/lib/isc/unix/include/isc/strerror.h index bdd2e379d52..371da2fea5e 100644 --- a/usr.sbin/bind/lib/isc/unix/include/isc/strerror.h +++ b/usr.sbin/bind/lib/isc/unix/include/isc/strerror.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,20 +15,23 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: strerror.h,v 1.2.12.3 2004/03/08 09:04:57 marka Exp $ */ +/* $ISC: strerror.h,v 1.4.18.2 2005/04/29 00:17:10 marka Exp $ */ #ifndef ISC_STRERROR_H #define ISC_STRERROR_H +/*! \file */ + #include <sys/types.h> #include <isc/lang.h> ISC_LANG_BEGINDECLS +/*% String Error Size */ #define ISC_STRERRORSIZE 128 -/* +/*% * Provide a thread safe wrapper to strerrror(). * * Requires: diff --git a/usr.sbin/bind/lib/isc/unix/include/isc/syslog.h b/usr.sbin/bind/lib/isc/unix/include/isc/syslog.h index ef8635b37d3..075229a9546 100644 --- a/usr.sbin/bind/lib/isc/unix/include/isc/syslog.h +++ b/usr.sbin/bind/lib/isc/unix/include/isc/syslog.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: syslog.h,v 1.2.206.1 2004/03/06 08:15:05 marka Exp $ */ +/* $ISC: syslog.h,v 1.3.18.2 2005/04/29 00:17:10 marka Exp $ */ #ifndef ISC_SYSLOG_H #define ISC_SYSLOG_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/types.h> @@ -27,17 +29,17 @@ ISC_LANG_BEGINDECLS isc_result_t isc_syslog_facilityfromstring(const char *str, int *facilityp); -/* +/*%< * Convert 'str' to the appropriate syslog facility constant. * * Requires: * - * 'str' is not NULL - * 'facilityp' is not NULL + *\li 'str' is not NULL + *\li 'facilityp' is not NULL * * Returns: - * ISC_R_SUCCESS - * ISC_R_NOTFOUND + * \li #ISC_R_SUCCESS + * \li #ISC_R_NOTFOUND */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/isc/unix/include/isc/time.h b/usr.sbin/bind/lib/isc/unix/include/isc/time.h index 290f81a7a78..6b4a652f69b 100644 --- a/usr.sbin/bind/lib/isc/unix/include/isc/time.h +++ b/usr.sbin/bind/lib/isc/unix/include/isc/time.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: time.h,v 1.25.2.1.10.4 2004/03/08 09:04:58 marka Exp $ */ +/* $ISC: time.h,v 1.30.18.2 2005/04/29 00:17:10 marka Exp $ */ #ifndef ISC_TIME_H #define ISC_TIME_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/types.h> @@ -27,7 +29,8 @@ *** Intervals ***/ -/* +/*! + * \brief * The contents of this structure are private, and MUST NOT be accessed * directly by callers. * @@ -45,32 +48,32 @@ ISC_LANG_BEGINDECLS void isc_interval_set(isc_interval_t *i, unsigned int seconds, unsigned int nanoseconds); -/* +/*%< * Set 'i' to a value representing an interval of 'seconds' seconds and * 'nanoseconds' nanoseconds, suitable for use in isc_time_add() and * isc_time_subtract(). * * Requires: * - * 't' is a valid pointer. - * nanoseconds < 1000000000. + *\li 't' is a valid pointer. + *\li nanoseconds < 1000000000. */ isc_boolean_t isc_interval_iszero(const isc_interval_t *i); -/* +/*%< * Returns ISC_TRUE iff. 'i' is the zero interval. * * Requires: * - * 'i' is a valid pointer. + *\li 'i' is a valid pointer. */ /*** *** Absolute Times ***/ -/* +/*% * The contents of this structure are private, and MUST NOT be accessed * directly by callers. * @@ -86,116 +89,118 @@ extern isc_time_t *isc_time_epoch; void isc_time_set(isc_time_t *t, unsigned int seconds, unsigned int nanoseconds); -/* +/*%< * Set 't' to a particular number of seconds + nanoseconds since the epoch. * * Notes: - * This call is equivalent to: - * + *\li This call is equivalent to: + *\code * isc_time_settoepoch(t); * isc_interval_set(i, seconds, nanoseconds); * isc_time_add(t, i, t); - * + *\endcode * Requires: - * 't' is a valid pointer. - * nanoseconds < 1000000000. + *\li 't' is a valid pointer. + *\li nanoseconds < 1000000000. */ void isc_time_settoepoch(isc_time_t *t); -/* +/*%< * Set 't' to the time of the epoch. * * Notes: - * The date of the epoch is platform-dependent. + * \li The date of the epoch is platform-dependent. * * Requires: * - * 't' is a valid pointer. + *\li 't' is a valid pointer. */ isc_boolean_t isc_time_isepoch(const isc_time_t *t); -/* +/*%< * Returns ISC_TRUE iff. 't' is the epoch ("time zero"). * * Requires: * - * 't' is a valid pointer. + *\li 't' is a valid pointer. */ isc_result_t isc_time_now(isc_time_t *t); -/* +/*%< * Set 't' to the current absolute time. * * Requires: * - * 't' is a valid pointer. + *\li 't' is a valid pointer. * * Returns: * - * Success - * Unexpected error + *\li Success + *\li Unexpected error * Getting the time from the system failed. - * Out of range + *\li Out of range * The time from the system is too large to be represented * in the current definition of isc_time_t. */ isc_result_t isc_time_nowplusinterval(isc_time_t *t, const isc_interval_t *i); -/* +/*%< * Set *t to the current absolute time + i. * * Note: - * This call is equivalent to: + *\li This call is equivalent to: * + *\code * isc_time_now(t); * isc_time_add(t, i, t); + *\endcode * * Requires: * - * 't' and 'i' are valid pointers. + *\li 't' and 'i' are valid pointers. * * Returns: * - * Success - * Unexpected error + *\li Success + *\li Unexpected error * Getting the time from the system failed. - * Out of range + *\li Out of range * The interval added to the time from the system is too large to * be represented in the current definition of isc_time_t. */ int isc_time_compare(const isc_time_t *t1, const isc_time_t *t2); -/* +/*%< * Compare the times referenced by 't1' and 't2' * * Requires: * - * 't1' and 't2' are valid pointers. + *\li 't1' and 't2' are valid pointers. * * Returns: * - * -1 t1 < t2 (comparing times, not pointers) - * 0 t1 = t2 - * 1 t1 > t2 + *\li -1 t1 < t2 (comparing times, not pointers) + *\li 0 t1 = t2 + *\li 1 t1 > t2 */ isc_result_t isc_time_add(const isc_time_t *t, const isc_interval_t *i, isc_time_t *result); -/* +/*%< * Add 'i' to 't', storing the result in 'result'. * * Requires: * - * 't', 'i', and 'result' are valid pointers. + *\li 't', 'i', and 'result' are valid pointers. * * Returns: - * Success - * Out of range + * \li Success + *\li Out of range * The interval added to the time is too large to * be represented in the current definition of isc_time_t. */ @@ -203,50 +208,50 @@ isc_time_add(const isc_time_t *t, const isc_interval_t *i, isc_time_t *result); isc_result_t isc_time_subtract(const isc_time_t *t, const isc_interval_t *i, isc_time_t *result); -/* +/*%< * Subtract 'i' from 't', storing the result in 'result'. * * Requires: * - * 't', 'i', and 'result' are valid pointers. + *\li 't', 'i', and 'result' are valid pointers. * * Returns: - * Success - * Out of range + *\li Success + *\li Out of range * The interval is larger than the time since the epoch. */ isc_uint64_t isc_time_microdiff(const isc_time_t *t1, const isc_time_t *t2); -/* +/*%< * Find the difference in microseconds between time t1 and time t2. * t2 is the subtrahend of t1; ie, difference = t1 - t2. * * Requires: * - * 't1' and 't2' are valid pointers. + *\li 't1' and 't2' are valid pointers. * * Returns: - * The difference of t1 - t2, or 0 if t1 <= t2. + *\li The difference of t1 - t2, or 0 if t1 <= t2. */ isc_uint32_t isc_time_seconds(const isc_time_t *t); -/* +/*%< * Return the number of seconds since the epoch stored in a time structure. * * Requires: * - * 't' is a valid pointer. + *\li 't' is a valid pointer. */ isc_result_t isc_time_secondsastimet(const isc_time_t *t, time_t *secondsp); -/* +/*%< * Ensure the number of seconds in an isc_time_t is representable by a time_t. * * Notes: - * The number of seconds stored in an isc_time_t might be larger + *\li The number of seconds stored in an isc_time_t might be larger * than the number of seconds a time_t is able to handle. Since * time_t is mostly opaque according to the ANSI/ISO standard * (essentially, all you can be sure of is that it is an arithmetic type, @@ -256,41 +261,41 @@ isc_time_secondsastimet(const isc_time_t *t, time_t *secondsp); * time_t from an isc_time_t. * * Requires: - * 't' is a valid pointer. + *\li 't' is a valid pointer. * * Returns: - * Success - * Out of range + *\li Success + *\li Out of range */ isc_uint32_t isc_time_nanoseconds(const isc_time_t *t); -/* +/*%< * Return the number of nanoseconds stored in a time structure. * * Notes: - * This is the number of nanoseconds in excess of the the number + *\li This is the number of nanoseconds in excess of the the number * of seconds since the epoch; it will always be less than one * full second. * * Requires: - * 't' is a valid pointer. + *\li 't' is a valid pointer. * * Ensures: - * The returned value is less than 1*10^9. + *\li The returned value is less than 1*10^9. */ void isc_time_formattimestamp(const isc_time_t *t, char *buf, unsigned int len); -/* +/*%< * Format the time 't' into the buffer 'buf' of length 'len', * using a format like "30-Aug-2000 04:06:47.997" and the local time zone. * If the text does not fit in the buffer, the result is indeterminate, * but is always guaranteed to be null terminated. * * Requires: - * 'len' > 0 - * 'buf' points to an array of at least len chars + *\li 'len' > 0 + * \li 'buf' points to an array of at least len chars * */ diff --git a/usr.sbin/bind/lib/isc/unix/interfaceiter.c b/usr.sbin/bind/lib/isc/unix/interfaceiter.c index 0854fbf1f9a..02a4b32babc 100644 --- a/usr.sbin/bind/lib/isc/unix/interfaceiter.c +++ b/usr.sbin/bind/lib/isc/unix/interfaceiter.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: interfaceiter.c,v 1.22.2.1.10.14 2004/08/28 06:25:22 marka Exp $ */ +/* $ISC: interfaceiter.c,v 1.35.18.5 2005/04/29 00:17:08 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -51,9 +53,9 @@ /* Common utility functions */ -/* +/*% * Extract the network address part from a "struct sockaddr". - * + * \brief * The address family is given explicitly * instead of using src->sa_family, because the latter does not work * for copying a network mask obtained by SIOCGIFNETMASK (it does diff --git a/usr.sbin/bind/lib/isc/unix/ipv6.c b/usr.sbin/bind/lib/isc/unix/ipv6.c index 54e8112a6e5..d81c7bab7a2 100644 --- a/usr.sbin/bind/lib/isc/unix/ipv6.c +++ b/usr.sbin/bind/lib/isc/unix/ipv6.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ipv6.c,v 1.7.206.3 2006/08/25 05:25:50 marka Exp $ */ +/* $ISC: ipv6.c,v 1.8.18.4 2006/08/25 05:25:51 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/unix/keyboard.c b/usr.sbin/bind/lib/isc/unix/keyboard.c index 04df7ca6111..0552d0d080e 100644 --- a/usr.sbin/bind/lib/isc/unix/keyboard.c +++ b/usr.sbin/bind/lib/isc/unix/keyboard.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: keyboard.c,v 1.9.12.3 2004/03/08 09:04:56 marka Exp $ */ +/* $ISC: keyboard.c,v 1.11 2004/03/05 05:11:46 marka Exp $ */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/unix/net.c b/usr.sbin/bind/lib/isc/unix/net.c index 07cba74fb65..f974ab5752b 100644 --- a/usr.sbin/bind/lib/isc/unix/net.c +++ b/usr.sbin/bind/lib/isc/unix/net.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: net.c,v 1.22.2.2.10.9 2005/03/17 03:58:33 marka Exp $ */ +/* $ISC: net.c,v 1.29.18.6 2007/09/13 23:46:26 tbox Exp $ */ #include <config.h> @@ -30,19 +30,29 @@ #include <isc/string.h> #include <isc/util.h> -#if defined(ISC_PLATFORM_HAVEIPV6) && defined(ISC_PLATFORM_NEEDIN6ADDRANY) +#if defined(ISC_PLATFORM_HAVEIPV6) +# if defined(ISC_PLATFORM_NEEDIN6ADDRANY) const struct in6_addr isc_net_in6addrany = IN6ADDR_ANY_INIT; -#endif +# endif -#if defined(ISC_PLATFORM_HAVEIPV6) && defined(ISC_PLATFORM_NEEDIN6ADDRLOOPBACK) +# if defined(ISC_PLATFORM_NEEDIN6ADDRLOOPBACK) const struct in6_addr isc_net_in6addrloop = IN6ADDR_LOOPBACK_INIT; -#endif +# endif -static isc_once_t once = ISC_ONCE_INIT; +# if defined(WANT_IPV6) static isc_once_t once_ipv6only = ISC_ONCE_INIT; +# endif + +# if defined(ISC_PLATFORM_HAVEIN6PKTINFO) static isc_once_t once_ipv6pktinfo = ISC_ONCE_INIT; +# endif +#endif /* ISC_PLATFORM_HAVEIPV6 */ + +static isc_once_t once = ISC_ONCE_INIT; + static isc_result_t ipv4_result = ISC_R_NOTFOUND; static isc_result_t ipv6_result = ISC_R_NOTFOUND; +static isc_result_t unix_result = ISC_R_NOTFOUND; static isc_result_t ipv6only_result = ISC_R_NOTFOUND; static isc_result_t ipv6pktinfo_result = ISC_R_NOTFOUND; @@ -137,6 +147,9 @@ initialize_action(void) { #endif #endif #endif +#ifdef ISC_PLATFORM_HAVESYSUNH + unix_result = try_proto(PF_UNIX); +#endif } static void @@ -156,6 +169,12 @@ isc_net_probeipv6(void) { return (ipv6_result); } +isc_result_t +isc_net_probeunix(void) { + initialize(); + return (unix_result); +} + #ifdef ISC_PLATFORM_HAVEIPV6 #ifdef WANT_IPV6 static void @@ -235,7 +254,7 @@ initialize_ipv6only(void) { RUNTIME_CHECK(isc_once_do(&once_ipv6only, try_ipv6only) == ISC_R_SUCCESS); } -#endif /* IPV6_V6ONLY */ +#endif /* WANT_IPV6 */ #ifdef ISC_PLATFORM_HAVEIN6PKTINFO static void @@ -291,7 +310,7 @@ initialize_ipv6pktinfo(void) { try_ipv6pktinfo) == ISC_R_SUCCESS); } #endif /* ISC_PLATFORM_HAVEIN6PKTINFO */ -#endif /* WANT_IPV6 */ +#endif /* ISC_PLATFORM_HAVEIPV6 */ isc_result_t isc_net_probe_ipv6only(void) { diff --git a/usr.sbin/bind/lib/isc/unix/os.c b/usr.sbin/bind/lib/isc/unix/os.c index ed3f76fe206..76bd2a44647 100644 --- a/usr.sbin/bind/lib/isc/unix/os.c +++ b/usr.sbin/bind/lib/isc/unix/os.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: os.c,v 1.11.12.6 2005/10/14 02:13:07 marka Exp $ */ +/* $ISC: os.c,v 1.13.18.3 2005/10/14 02:13:08 marka Exp $ */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/unix/stdio.c b/usr.sbin/bind/lib/isc/unix/stdio.c index b019af031df..2009588e792 100644 --- a/usr.sbin/bind/lib/isc/unix/stdio.c +++ b/usr.sbin/bind/lib/isc/unix/stdio.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: stdio.c,v 1.5.206.1 2004/03/06 08:15:02 marka Exp $ */ +/* $ISC: stdio.c,v 1.6 2004/03/05 05:11:47 marka Exp $ */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/unix/stdtime.c b/usr.sbin/bind/lib/isc/unix/stdtime.c index 34ea9483931..9a4cf18bac5 100644 --- a/usr.sbin/bind/lib/isc/unix/stdtime.c +++ b/usr.sbin/bind/lib/isc/unix/stdtime.c @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: stdtime.c,v 1.11.2.1.10.5 2005/06/09 23:54:31 marka Exp $ */ +/* $ISC: stdtime.c,v 1.14.18.3 2005/06/08 02:07:57 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isc/unix/strerror.c b/usr.sbin/bind/lib/isc/unix/strerror.c index c87bdc1fa70..c802a573a97 100644 --- a/usr.sbin/bind/lib/isc/unix/strerror.c +++ b/usr.sbin/bind/lib/isc/unix/strerror.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: strerror.c,v 1.1.2.1.10.3 2004/03/08 09:04:57 marka Exp $ */ +/* $ISC: strerror.c,v 1.4.18.2 2005/04/29 00:17:08 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -29,7 +31,7 @@ #include <isc/util.h> #ifdef HAVE_STRERROR -/* +/*% * We need to do this this way for profiled locks. */ static isc_mutex_t isc_strerror_lock; diff --git a/usr.sbin/bind/lib/isc/unix/syslog.c b/usr.sbin/bind/lib/isc/unix/syslog.c index 135fd2de20f..1f66997fbe9 100644 --- a/usr.sbin/bind/lib/isc/unix/syslog.c +++ b/usr.sbin/bind/lib/isc/unix/syslog.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,15 +15,17 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: syslog.c,v 1.1.12.3 2004/03/08 09:04:57 marka Exp $ */ +/* $ISC: syslog.c,v 1.3.18.4 2007/09/13 23:46:26 tbox Exp $ */ + +/*! \file */ #include <config.h> #include <stdlib.h> -#include <string.h> #include <syslog.h> #include <isc/result.h> +#include <isc/string.h> #include <isc/syslog.h> #include <isc/util.h> diff --git a/usr.sbin/bind/lib/isc/version.c b/usr.sbin/bind/lib/isc/version.c index ac45f927eb9..62824cf6d2b 100644 --- a/usr.sbin/bind/lib/isc/version.c +++ b/usr.sbin/bind/lib/isc/version.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: version.c,v 1.9.12.3 2004/03/08 09:04:51 marka Exp $ */ +/* $ISC: version.c,v 1.11.18.2 2005/04/29 00:16:51 marka Exp $ */ + +/*! \file */ #include <isc/version.h> diff --git a/usr.sbin/bind/lib/isc/x86_32/Makefile.in b/usr.sbin/bind/lib/isc/x86_32/Makefile.in new file mode 100644 index 00000000000..19a13a8cc02 --- /dev/null +++ b/usr.sbin/bind/lib/isc/x86_32/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:38 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = include +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/x86_32/include/Makefile.in b/usr.sbin/bind/lib/isc/x86_32/include/Makefile.in new file mode 100644 index 00000000000..b538aef5976 --- /dev/null +++ b/usr.sbin/bind/lib/isc/x86_32/include/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:39 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = isc +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/x86_32/include/isc/Makefile.in b/usr.sbin/bind/lib/isc/x86_32/include/isc/Makefile.in new file mode 100644 index 00000000000..1544c5a2cca --- /dev/null +++ b/usr.sbin/bind/lib/isc/x86_32/include/isc/Makefile.in @@ -0,0 +1,36 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:39 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +@BIND9_VERSION@ + +HEADERS = atomic.h + +SUBDIRS = +TARGETS = + +@BIND9_MAKE_RULES@ + +installdirs: + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${includedir}/isc + +install:: installdirs + for i in ${HEADERS}; do \ + ${INSTALL_DATA} $(srcdir)/$$i ${DESTDIR}${includedir}/isc ; \ + done diff --git a/usr.sbin/bind/lib/isc/x86_32/include/isc/atomic.h b/usr.sbin/bind/lib/isc/x86_32/include/isc/atomic.h new file mode 100644 index 00000000000..49baeca1caa --- /dev/null +++ b/usr.sbin/bind/lib/isc/x86_32/include/isc/atomic.h @@ -0,0 +1,158 @@ +/* + * Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: atomic.h,v 1.2.2.3 2005/07/27 04:23:33 marka Exp $ */ + +#ifndef ISC_ATOMIC_H +#define ISC_ATOMIC_H 1 + +#include <isc/platform.h> +#include <isc/types.h> + +#ifdef ISC_PLATFORM_USEGCCASM +/* + * This routine atomically increments the value stored in 'p' by 'val', and + * returns the previous value. + */ +static inline isc_int32_t +isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) { + isc_int32_t prev = val; + + __asm__ volatile( +#ifdef ISC_PLATFORM_USETHREADS + "lock;" +#endif + "xadd %0, %1" + :"=q"(prev) + :"m"(*p), "0"(prev) + :"memory", "cc"); + + return (prev); +} + +/* + * This routine atomically stores the value 'val' in 'p'. + */ +static inline void +isc_atomic_store(isc_int32_t *p, isc_int32_t val) { + __asm__ volatile( +#ifdef ISC_PLATFORM_USETHREADS + /* + * xchg should automatically lock memory, but we add it + * explicitly just in case (it at least doesn't harm) + */ + "lock;" +#endif + + "xchgl %1, %0" + : + : "r"(val), "m"(*p) + : "memory"); +} + +/* + * This routine atomically replaces the value in 'p' with 'val', if the + * original value is equal to 'cmpval'. The original value is returned in any + * case. + */ +static inline isc_int32_t +isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val) { + __asm__ volatile( +#ifdef ISC_PLATFORM_USETHREADS + "lock;" +#endif + "cmpxchgl %1, %2" + : "=a"(cmpval) + : "r"(val), "m"(*p), "a"(cmpval) + : "memory"); + + return (cmpval); +} + +#elif defined(ISC_PLATFORM_USESTDASM) +/* + * The followings are "generic" assembly code which implements the same + * functionality in case the gcc extension cannot be used. It should be + * better to avoid inlining below, since we directly refer to specific + * positions of the stack frame, which would not actually point to the + * intended address in the embedded mnemonic. + */ +#include <isc/util.h> /* for 'UNUSED' macro */ + +static isc_int32_t +isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) { + UNUSED(p); + UNUSED(val); + + __asm ( + "movl 8(%ebp), %ecx\n" + "movl 12(%ebp), %edx\n" +#ifdef ISC_PLATFORM_USETHREADS + "lock;" +#endif + "xadd %edx, (%ecx)\n" + + /* + * set the return value directly in the register so that we + * can avoid guessing the correct position in the stack for a + * local variable. + */ + "movl %edx, %eax" + ); +} + +static void +isc_atomic_store(isc_int32_t *p, isc_int32_t val) { + UNUSED(p); + UNUSED(val); + + __asm ( + "movl 8(%ebp), %ecx\n" + "movl 12(%ebp), %edx\n" +#ifdef ISC_PLATFORM_USETHREADS + "lock;" +#endif + "xchgl (%ecx), %edx\n" + ); +} + +static isc_int32_t +isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val) { + UNUSED(p); + UNUSED(cmpval); + UNUSED(val); + + __asm ( + "movl 8(%ebp), %ecx\n" + "movl 12(%ebp), %eax\n" /* must be %eax for cmpxchgl */ + "movl 16(%ebp), %edx\n" +#ifdef ISC_PLATFORM_USETHREADS + "lock;" +#endif + + /* + * If (%ecx) == %eax then (%ecx) := %edx. + % %eax is set to old (%ecx), which will be the return value. + */ + "cmpxchgl %edx, (%ecx)" + ); +} +#else /* !ISC_PLATFORM_USEGCCASM && !ISC_PLATFORM_USESTDASM */ + +#error "unsupported compiler. disable atomic ops by --disable-atomic" + +#endif +#endif /* ISC_ATOMIC_H */ diff --git a/usr.sbin/bind/lib/isc/x86_64/Makefile.in b/usr.sbin/bind/lib/isc/x86_64/Makefile.in new file mode 100644 index 00000000000..f7a3c2e3be1 --- /dev/null +++ b/usr.sbin/bind/lib/isc/x86_64/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:39 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = include +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/x86_64/include/Makefile.in b/usr.sbin/bind/lib/isc/x86_64/include/Makefile.in new file mode 100644 index 00000000000..b538aef5976 --- /dev/null +++ b/usr.sbin/bind/lib/isc/x86_64/include/Makefile.in @@ -0,0 +1,24 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:39 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +SUBDIRS = isc +TARGETS = + +@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/isc/x86_64/include/isc/Makefile.in b/usr.sbin/bind/lib/isc/x86_64/include/isc/Makefile.in new file mode 100644 index 00000000000..1544c5a2cca --- /dev/null +++ b/usr.sbin/bind/lib/isc/x86_64/include/isc/Makefile.in @@ -0,0 +1,36 @@ +# Copyright (C) 2007 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $ISC: Makefile.in,v 1.2.2.1 2007/09/14 04:26:39 marka Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +@BIND9_VERSION@ + +HEADERS = atomic.h + +SUBDIRS = +TARGETS = + +@BIND9_MAKE_RULES@ + +installdirs: + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${includedir}/isc + +install:: installdirs + for i in ${HEADERS}; do \ + ${INSTALL_DATA} $(srcdir)/$$i ${DESTDIR}${includedir}/isc ; \ + done diff --git a/usr.sbin/bind/lib/isc/x86_64/include/isc/atomic.h b/usr.sbin/bind/lib/isc/x86_64/include/isc/atomic.h new file mode 100644 index 00000000000..31086bff7e8 --- /dev/null +++ b/usr.sbin/bind/lib/isc/x86_64/include/isc/atomic.h @@ -0,0 +1,103 @@ +/* + * Copyright (C) 2005 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: atomic.h,v 1.2.20.1 2005/09/02 13:27:12 marka Exp $ */ + +#ifndef ISC_ATOMIC_H +#define ISC_ATOMIC_H 1 + +#include <isc/platform.h> +#include <isc/types.h> + +#ifdef ISC_PLATFORM_USEGCCASM + +/* We share the gcc-version with x86_32 */ +#error "impossible case. check build configuration" + +#elif defined(ISC_PLATFORM_USESTDASM) +/* + * The followings are "generic" assembly code which implements the same + * functionality in case the gcc extension cannot be used. It should be + * better to avoid inlining below, since we directly refer to specific + * registers for arguments, which would not actually correspond to the + * intended address or value in the embedded mnemonic. + */ +#include <isc/util.h> /* for 'UNUSED' macro */ + +static isc_int32_t +isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) { + UNUSED(p); + UNUSED(val); + + __asm ( + "movq %rdi, %rdx\n" + "movl %esi, %eax\n" +#ifdef ISC_PLATFORM_USETHREADS + "lock;" +#endif + "xadd %eax, (%rdx)\n" + + /* + * set the return value directly in the register so that we + * can avoid guessing the correct position in the stack for a + * local variable. + */ + ); +} + +static void +isc_atomic_store(isc_int32_t *p, isc_int32_t val) { + UNUSED(p); + UNUSED(val); + + __asm ( + "movq %rdi, %rax\n" + "movl %esi, %edx\n" +#ifdef ISC_PLATFORM_USETHREADS + "lock;" +#endif + "xchgl (%rax), %edx\n" + ); +} + +static isc_int32_t +isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val) { + UNUSED(p); + UNUSED(cmpval); + UNUSED(val); + + __asm ( + "movl %edx, %ecx\n" + "movl %esi, %eax\n" + "movq %rdi, %rdx\n" + +#ifdef ISC_PLATFORM_USETHREADS + "lock;" +#endif + /* + * If (%rdi) == %eax then (%rdi) := %edx. + % %eax is set to old (%ecx), which will be the return value. + */ + "cmpxchgl %ecx, (%rdx)" + ); +} + +#else /* !ISC_PLATFORM_USEGCCASM && !ISC_PLATFORM_USESTDASM */ + +#error "unsupported compiler. disable atomic ops by --disable-atomic" + +#endif +#endif /* ISC_ATOMIC_H */ diff --git a/usr.sbin/bind/lib/isccc/alist.c b/usr.sbin/bind/lib/isccc/alist.c index a28df25e230..4961d6daa6c 100644 --- a/usr.sbin/bind/lib/isccc/alist.c +++ b/usr.sbin/bind/lib/isccc/alist.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,7 +16,9 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: alist.c,v 1.2.206.1 2004/03/06 08:15:18 marka Exp $ */ +/* $ISC: alist.c,v 1.3.18.2 2005/04/29 00:17:11 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isccc/base64.c b/usr.sbin/bind/lib/isccc/base64.c index 2c8d43773a3..f3def6a11fb 100644 --- a/usr.sbin/bind/lib/isccc/base64.c +++ b/usr.sbin/bind/lib/isccc/base64.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,7 +16,9 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: base64.c,v 1.2.206.1 2004/03/06 08:15:19 marka Exp $ */ +/* $ISC: base64.c,v 1.3.18.2 2005/04/29 00:17:11 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isccc/ccmsg.c b/usr.sbin/bind/lib/isccc/ccmsg.c index 12d244ff41e..14442860031 100644 --- a/usr.sbin/bind/lib/isccc/ccmsg.c +++ b/usr.sbin/bind/lib/isccc/ccmsg.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,7 +16,9 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ccmsg.c,v 1.4.206.1 2004/03/06 08:15:19 marka Exp $ */ +/* $ISC: ccmsg.c,v 1.5.18.2 2005/04/29 00:17:11 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isccc/include/Makefile.in b/usr.sbin/bind/lib/isccc/include/Makefile.in index eab75dae72c..4bbac10a722 100644 --- a/usr.sbin/bind/lib/isccc/include/Makefile.in +++ b/usr.sbin/bind/lib/isccc/include/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.2.206.1 2004/03/06 08:15:20 marka Exp $ +# $ISC: Makefile.in,v 1.3 2004/03/05 05:12:12 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/isccc/include/isccc/Makefile.in b/usr.sbin/bind/lib/isccc/include/isccc/Makefile.in index 25aee1f3b83..38b0596696a 100644 --- a/usr.sbin/bind/lib/isccc/include/isccc/Makefile.in +++ b/usr.sbin/bind/lib/isccc/include/isccc/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.3.12.3 2004/03/08 09:05:05 marka Exp $ +# $ISC: Makefile.in,v 1.5 2004/03/05 05:12:15 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/isccc/include/isccc/alist.h b/usr.sbin/bind/lib/isccc/include/isccc/alist.h index 6f5800df9f4..4117a6d4c79 100644 --- a/usr.sbin/bind/lib/isccc/include/isccc/alist.h +++ b/usr.sbin/bind/lib/isccc/include/isccc/alist.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,11 +16,13 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: alist.h,v 1.2.206.1 2004/03/06 08:15:21 marka Exp $ */ +/* $ISC: alist.h,v 1.3.18.2 2005/04/29 00:17:12 marka Exp $ */ #ifndef ISCCC_ALIST_H #define ISCCC_ALIST_H 1 +/*! \file */ + #include <stdio.h> #include <isc/lang.h> diff --git a/usr.sbin/bind/lib/isccc/include/isccc/base64.h b/usr.sbin/bind/lib/isccc/include/isccc/base64.h index e3eb20018c2..7ff8ceffd7d 100644 --- a/usr.sbin/bind/lib/isccc/include/isccc/base64.h +++ b/usr.sbin/bind/lib/isccc/include/isccc/base64.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,11 +16,13 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: base64.h,v 1.2.206.1 2004/03/06 08:15:21 marka Exp $ */ +/* $ISC: base64.h,v 1.3.18.2 2005/04/29 00:17:13 marka Exp $ */ #ifndef ISCCC_BASE64_H #define ISCCC_BASE64_H 1 +/*! \file */ + #include <isc/lang.h> #include <isccc/types.h> @@ -33,36 +35,36 @@ ISC_LANG_BEGINDECLS isc_result_t isccc_base64_encode(isccc_region_t *source, int wordlength, const char *wordbreak, isccc_region_t *target); -/* +/*%< * Convert data into base64 encoded text. * * Notes: - * The base64 encoded text in 'target' will be divided into + *\li The base64 encoded text in 'target' will be divided into * words of at most 'wordlength' characters, separated by * the 'wordbreak' string. No parentheses will surround * the text. * * Requires: - * 'source' is a region containing binary data. - * 'target' is a text region containing available space. - * 'wordbreak' points to a null-terminated string of + *\li 'source' is a region containing binary data. + *\li 'target' is a text region containing available space. + *\li 'wordbreak' points to a null-terminated string of * zero or more whitespace characters. */ isc_result_t isccc_base64_decode(const char *cstr, isccc_region_t *target); -/* +/*%< * Decode a null-terminated base64 string. * * Requires: - * 'cstr' is non-null. - * 'target' is a valid region. + *\li 'cstr' is non-null. + *\li 'target' is a valid region. * * Returns: - * ISC_R_SUCCESS -- the entire decoded representation of 'cstring' + *\li #ISC_R_SUCCESS -- the entire decoded representation of 'cstring' * fit in 'target'. - * ISC_R_BADBASE64 -- 'cstr' is not a valid base64 encoding. - * ISC_R_NOSPACE -- 'target' is not big enough. + *\li #ISC_R_BADBASE64 -- 'cstr' is not a valid base64 encoding. + *\li #ISC_R_NOSPACE -- 'target' is not big enough. */ ISC_LANG_ENDDECLS diff --git a/usr.sbin/bind/lib/isccc/include/isccc/cc.h b/usr.sbin/bind/lib/isccc/include/isccc/cc.h index 99fb0ac6ab9..aa350426594 100644 --- a/usr.sbin/bind/lib/isccc/include/isccc/cc.h +++ b/usr.sbin/bind/lib/isccc/include/isccc/cc.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,69 +16,90 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: cc.h,v 1.3.206.1 2004/03/06 08:15:21 marka Exp $ */ +/* $ISC: cc.h,v 1.4.18.2 2005/04/29 00:17:13 marka Exp $ */ #ifndef ISCCC_CC_H #define ISCCC_CC_H 1 +/*! \file */ + #include <isc/lang.h> #include <isccc/types.h> ISC_LANG_BEGINDECLS +/*% Maximum Datagram Package */ #define ISCCC_CC_MAXDGRAMPACKET 4096 +/*% Message Type String */ #define ISCCC_CCMSGTYPE_STRING 0x00 +/*% Message Type Binary Data */ #define ISCCC_CCMSGTYPE_BINARYDATA 0x01 +/*% Message Type Table */ #define ISCCC_CCMSGTYPE_TABLE 0x02 +/*% Message Type List */ #define ISCCC_CCMSGTYPE_LIST 0x03 +/*% Send to Wire */ isc_result_t isccc_cc_towire(isccc_sexpr_t *alist, isccc_region_t *target, isccc_region_t *secret); +/*% Get From Wire */ isc_result_t isccc_cc_fromwire(isccc_region_t *source, isccc_sexpr_t **alistp, isccc_region_t *secret); +/*% Create Message */ isc_result_t isccc_cc_createmessage(isc_uint32_t version, const char *from, const char *to, isc_uint32_t serial, isccc_time_t now, isccc_time_t expires, isccc_sexpr_t **alistp); +/*% Create Acknowledgment */ isc_result_t isccc_cc_createack(isccc_sexpr_t *message, isc_boolean_t ok, isccc_sexpr_t **ackp); +/*% Is Ack? */ isc_boolean_t isccc_cc_isack(isccc_sexpr_t *message); +/*% Is Reply? */ isc_boolean_t isccc_cc_isreply(isccc_sexpr_t *message); +/*% Create Response */ isc_result_t isccc_cc_createresponse(isccc_sexpr_t *message, isccc_time_t now, isccc_time_t expires, isccc_sexpr_t **alistp); +/*% Define String */ isccc_sexpr_t * isccc_cc_definestring(isccc_sexpr_t *alist, const char *key, const char *str); +/*% Define uint 32 */ isccc_sexpr_t * isccc_cc_defineuint32(isccc_sexpr_t *alist, const char *key, isc_uint32_t i); +/*% Lookup String */ isc_result_t isccc_cc_lookupstring(isccc_sexpr_t *alist, const char *key, char **strp); +/*% Lookup uint 32 */ isc_result_t isccc_cc_lookupuint32(isccc_sexpr_t *alist, const char *key, isc_uint32_t *uintp); +/*% Create Symbol Table */ isc_result_t isccc_cc_createsymtab(isccc_symtab_t **symtabp); +/*% Clean up Symbol Table */ void isccc_cc_cleansymtab(isccc_symtab_t *symtab, isccc_time_t now); +/*% Check for Duplicates */ isc_result_t isccc_cc_checkdup(isccc_symtab_t *symtab, isccc_sexpr_t *message, isccc_time_t now); diff --git a/usr.sbin/bind/lib/isccc/include/isccc/ccmsg.h b/usr.sbin/bind/lib/isccc/include/isccc/ccmsg.h index 0e1be28755c..18b575d4a87 100644 --- a/usr.sbin/bind/lib/isccc/include/isccc/ccmsg.h +++ b/usr.sbin/bind/lib/isccc/include/isccc/ccmsg.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,15 +16,18 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ccmsg.h,v 1.3.206.1 2004/03/06 08:15:21 marka Exp $ */ +/* $ISC: ccmsg.h,v 1.4.18.2 2005/04/29 00:17:13 marka Exp $ */ #ifndef ISCCC_CCMSG_H #define ISCCC_CCMSG_H 1 +/*! \file */ + #include <isc/buffer.h> #include <isc/lang.h> #include <isc/socket.h> +/*% ISCCC Message Structure */ typedef struct isccc_ccmsg { /* private (don't touch!) */ unsigned int magic; @@ -46,56 +49,56 @@ ISC_LANG_BEGINDECLS void isccc_ccmsg_init(isc_mem_t *mctx, isc_socket_t *sock, isccc_ccmsg_t *ccmsg); -/* +/*% * Associate a cc message state with a given memory context and * TCP socket. * * Requires: * - * "mctx" and "sock" be non-NULL and valid types. + *\li "mctx" and "sock" be non-NULL and valid types. * - * "sock" be a read/write TCP socket. + *\li "sock" be a read/write TCP socket. * - * "ccmsg" be non-NULL and an uninitialized or invalidated structure. + *\li "ccmsg" be non-NULL and an uninitialized or invalidated structure. * * Ensures: * - * "ccmsg" is a valid structure. + *\li "ccmsg" is a valid structure. */ void isccc_ccmsg_setmaxsize(isccc_ccmsg_t *ccmsg, unsigned int maxsize); -/* +/*% * Set the maximum packet size to "maxsize" * * Requires: * - * "ccmsg" be valid. + *\li "ccmsg" be valid. * - * 512 <= "maxsize" <= 4294967296 + *\li 512 <= "maxsize" <= 4294967296 */ isc_result_t isccc_ccmsg_readmessage(isccc_ccmsg_t *ccmsg, isc_task_t *task, isc_taskaction_t action, void *arg); -/* +/*% * Schedule an event to be delivered when a command channel message is * readable, or when an error occurs on the socket. * * Requires: * - * "ccmsg" be valid. + *\li "ccmsg" be valid. * - * "task", "taskaction", and "arg" be valid. + *\li "task", "taskaction", and "arg" be valid. * * Returns: * - * ISC_R_SUCCESS -- no error - * Anything that the isc_socket_recv() call can return. XXXMLG + *\li #ISC_R_SUCCESS -- no error + *\li Anything that the isc_socket_recv() call can return. XXXMLG * * Notes: * - * The event delivered is a fully generic event. It will contain no + *\li The event delivered is a fully generic event. It will contain no * actual data. The sender will be a pointer to the isccc_ccmsg_t. * The result code inside that structure should be checked to see * what the final result was. @@ -103,27 +106,27 @@ isccc_ccmsg_readmessage(isccc_ccmsg_t *ccmsg, void isccc_ccmsg_cancelread(isccc_ccmsg_t *ccmsg); -/* +/*% * Cancel a readmessage() call. The event will still be posted with a * CANCELED result code. * * Requires: * - * "ccmsg" be valid. + *\li "ccmsg" be valid. */ void isccc_ccmsg_invalidate(isccc_ccmsg_t *ccmsg); -/* +/*% * Clean up all allocated state, and invalidate the structure. * * Requires: * - * "ccmsg" be valid. + *\li "ccmsg" be valid. * * Ensures: * - * "ccmsg" is invalidated and disassociated with all memory contexts, + *\li "ccmsg" is invalidated and disassociated with all memory contexts, * sockets, etc. */ diff --git a/usr.sbin/bind/lib/isccc/include/isccc/events.h b/usr.sbin/bind/lib/isccc/include/isccc/events.h index 5df5df0e56e..f796c3dc498 100644 --- a/usr.sbin/bind/lib/isccc/include/isccc/events.h +++ b/usr.sbin/bind/lib/isccc/include/isccc/events.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,14 +16,16 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: events.h,v 1.2.206.1 2004/03/06 08:15:22 marka Exp $ */ +/* $ISC: events.h,v 1.3.18.2 2005/04/29 00:17:13 marka Exp $ */ #ifndef ISCCC_EVENTS_H #define ISCCC_EVENTS_H 1 +/*! \file */ + #include <isc/eventclass.h> -/* +/*% * Registry of ISCCC event numbers. */ diff --git a/usr.sbin/bind/lib/isccc/include/isccc/lib.h b/usr.sbin/bind/lib/isccc/include/isccc/lib.h index 82b5deb516e..c376ae2ea39 100644 --- a/usr.sbin/bind/lib/isccc/include/isccc/lib.h +++ b/usr.sbin/bind/lib/isccc/include/isccc/lib.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,11 +16,13 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lib.h,v 1.2.12.3 2004/03/08 09:05:05 marka Exp $ */ +/* $ISC: lib.h,v 1.4.18.2 2005/04/29 00:17:13 marka Exp $ */ #ifndef ISCCC_LIB_H #define ISCCC_LIB_H 1 +/*! \file */ + #include <isc/types.h> #include <isc/lang.h> @@ -30,7 +32,7 @@ LIBISCCC_EXTERNAL_DATA extern isc_msgcat_t *isccc_msgcat; void isccc_lib_initmsgcat(void); -/* +/*% * Initialize the ISCCC library's message catalog, isccc_msgcat, if it * has not already been initialized. */ diff --git a/usr.sbin/bind/lib/isccc/include/isccc/sexpr.h b/usr.sbin/bind/lib/isccc/include/isccc/sexpr.h index 1fc74bf1bc6..b17788d405f 100644 --- a/usr.sbin/bind/lib/isccc/include/isccc/sexpr.h +++ b/usr.sbin/bind/lib/isccc/include/isccc/sexpr.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,11 +16,13 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: sexpr.h,v 1.3.206.1 2004/03/06 08:15:22 marka Exp $ */ +/* $ISC: sexpr.h,v 1.4.18.2 2005/04/29 00:17:14 marka Exp $ */ #ifndef ISCCC_SEXPR_H #define ISCCC_SEXPR_H 1 +/*! \file */ + #include <stdio.h> #include <isc/lang.h> @@ -28,11 +30,13 @@ ISC_LANG_BEGINDECLS +/*% dotted pair structure */ struct isccc_dottedpair { isccc_sexpr_t *car; isccc_sexpr_t *cdr; }; +/*% iscc_sexpr structure */ struct isccc_sexpr { unsigned int type; union { @@ -42,7 +46,7 @@ struct isccc_sexpr { } value; }; -#define ISCCC_SEXPRTYPE_NONE 0x00 /* Illegal. */ +#define ISCCC_SEXPRTYPE_NONE 0x00 /*%< Illegal. */ #define ISCCC_SEXPRTYPE_T 0x01 #define ISCCC_SEXPRTYPE_STRING 0x02 #define ISCCC_SEXPRTYPE_DOTTEDPAIR 0x03 diff --git a/usr.sbin/bind/lib/isccc/include/isccc/symtab.h b/usr.sbin/bind/lib/isccc/include/isccc/symtab.h index f94c867cebe..3defb498fea 100644 --- a/usr.sbin/bind/lib/isccc/include/isccc/symtab.h +++ b/usr.sbin/bind/lib/isccc/include/isccc/symtab.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,7 +16,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: symtab.h,v 1.2.206.1 2004/03/06 08:15:22 marka Exp $ */ +/* $ISC: symtab.h,v 1.3.18.2 2005/04/29 00:17:14 marka Exp $ */ #ifndef ISCCC_SYMTAB_H #define ISCCC_SYMTAB_H 1 @@ -25,9 +25,8 @@ ***** Module Info *****/ -/* - * Symbol Table - * +/*! \file + * \brief * Provides a simple memory-based symbol table. * * Keys are C strings. A type may be specified when looking up, @@ -39,11 +38,11 @@ * exists in the table. What to do in this case is specified by the * client. Possible policies are: * - * isccc_symexists_reject Disallow the define, returning ISC_R_EXISTS - * isccc_symexists_replace Replace the old value with the new. The + *\li isccc_symexists_reject Disallow the define, returning #ISC_R_EXISTS + *\li isccc_symexists_replace Replace the old value with the new. The * undefine action (if provided) will be called * with the old <key, type, value> tuple. - * isccc_symexists_add Add the new tuple, leaving the old tuple in + *\li isccc_symexists_add Add the new tuple, leaving the old tuple in * the table. Subsequent lookups will retrieve * the most-recently-defined tuple. * diff --git a/usr.sbin/bind/lib/isccc/include/isccc/symtype.h b/usr.sbin/bind/lib/isccc/include/isccc/symtype.h index c9a766e7267..4cd2c6c7ff9 100644 --- a/usr.sbin/bind/lib/isccc/include/isccc/symtype.h +++ b/usr.sbin/bind/lib/isccc/include/isccc/symtype.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,11 +16,13 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: symtype.h,v 1.2.206.1 2004/03/06 08:15:22 marka Exp $ */ +/* $ISC: symtype.h,v 1.3.18.2 2005/04/29 00:17:14 marka Exp $ */ #ifndef ISCCC_SYMTYPE_H #define ISCCC_SYMTYPE_H 1 +/*! \file */ + #define ISCCC_SYMTYPE_ZONESTATS 0x0001 #define ISCCC_SYMTYPE_CCDUP 0x0002 #define ISCCC_SYMTYPE_TELLSERVICE 0x0003 diff --git a/usr.sbin/bind/lib/isccc/include/isccc/types.h b/usr.sbin/bind/lib/isccc/include/isccc/types.h index 8d0992f3cb6..a7fcc16c5cc 100644 --- a/usr.sbin/bind/lib/isccc/include/isccc/types.h +++ b/usr.sbin/bind/lib/isccc/include/isccc/types.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,20 +16,28 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: types.h,v 1.2.206.1 2004/03/06 08:15:23 marka Exp $ */ +/* $ISC: types.h,v 1.3.18.2 2005/04/29 00:17:14 marka Exp $ */ #ifndef ISCCC_TYPES_H #define ISCCC_TYPES_H 1 +/*! \file */ + #include <isc/boolean.h> #include <isc/int.h> #include <isc/result.h> +/*% isccc_time_t typedef */ typedef isc_uint32_t isccc_time_t; + +/*% isccc_sexpr_t typedef */ typedef struct isccc_sexpr isccc_sexpr_t; +/*% isccc_dottedpair_t typedef */ typedef struct isccc_dottedpair isccc_dottedpair_t; +/*% isccc_symtab_t typedef */ typedef struct isccc_symtab isccc_symtab_t; +/*% iscc region structure */ typedef struct isccc_region { unsigned char * rstart; unsigned char * rend; diff --git a/usr.sbin/bind/lib/isccc/include/isccc/util.h b/usr.sbin/bind/lib/isccc/include/isccc/util.h index fd09af9341b..096745d9144 100644 --- a/usr.sbin/bind/lib/isccc/include/isccc/util.h +++ b/usr.sbin/bind/lib/isccc/include/isccc/util.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,17 +16,18 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: util.h,v 1.3.206.1 2004/03/06 08:15:23 marka Exp $ */ +/* $ISC: util.h,v 1.4.18.2 2005/04/29 00:17:14 marka Exp $ */ #ifndef ISCCC_UTIL_H #define ISCCC_UTIL_H 1 #include <isc/util.h> -/* +/*! \file + * \brief * Macros for dealing with unaligned numbers. * - * Note: no side effects are allowed when invoking these macros! + * \note no side effects are allowed when invoking these macros! */ #define GET8(v, w) \ @@ -193,7 +194,7 @@ (r).rend = (r).rstart + strlen(s); \ } while (0) -/* +/*% * Use this to remove the const qualifier of a variable to assign it to * a non-const variable or pass it as a non-const function argument ... * but only when you are sure it won't then be changed! diff --git a/usr.sbin/bind/lib/isccc/include/isccc/version.h b/usr.sbin/bind/lib/isccc/include/isccc/version.h index ab3c7e4401a..7efb09cc312 100644 --- a/usr.sbin/bind/lib/isccc/include/isccc/version.h +++ b/usr.sbin/bind/lib/isccc/include/isccc/version.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: version.h,v 1.2.222.3 2004/03/08 09:05:05 marka Exp $ */ +/* $ISC: version.h,v 1.3.18.2 2005/04/29 00:17:15 marka Exp $ */ + +/*! \file */ #include <isc/platform.h> diff --git a/usr.sbin/bind/lib/isccc/lib.c b/usr.sbin/bind/lib/isccc/lib.c index 9c1bc849678..5aa986024b3 100644 --- a/usr.sbin/bind/lib/isccc/lib.c +++ b/usr.sbin/bind/lib/isccc/lib.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,7 +16,9 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lib.c,v 1.2.12.3 2004/03/08 09:05:04 marka Exp $ */ +/* $ISC: lib.c,v 1.4.18.2 2005/04/29 00:17:12 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isccc/sexpr.c b/usr.sbin/bind/lib/isccc/sexpr.c index a299e671438..052859e02dd 100644 --- a/usr.sbin/bind/lib/isccc/sexpr.c +++ b/usr.sbin/bind/lib/isccc/sexpr.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * @@ -16,7 +16,9 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: sexpr.c,v 1.2.12.3 2004/03/08 09:05:04 marka Exp $ */ +/* $ISC: sexpr.c,v 1.4.18.2 2005/04/29 00:17:12 marka Exp $ */ + +/*! \file */ #include <config.h> diff --git a/usr.sbin/bind/lib/isccc/symtab.c b/usr.sbin/bind/lib/isccc/symtab.c index 1d8ba40e57f..b78bc574df9 100644 --- a/usr.sbin/bind/lib/isccc/symtab.c +++ b/usr.sbin/bind/lib/isccc/symtab.c @@ -1,9 +1,9 @@ /* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2001 Internet Software Consortium. * Portions Copyright (C) 2001 Nominum, Inc. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -16,16 +16,18 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: symtab.c,v 1.3.12.3 2004/03/08 09:05:04 marka Exp $ */ +/* $ISC: symtab.c,v 1.5.18.4 2007/09/13 23:46:26 tbox Exp $ */ + +/*! \file */ #include <config.h> #include <ctype.h> #include <stdlib.h> -#include <string.h> #include <isc/assertions.h> #include <isc/magic.h> +#include <isc/string.h> #include <isccc/result.h> #include <isccc/symtab.h> diff --git a/usr.sbin/bind/lib/isccc/version.c b/usr.sbin/bind/lib/isccc/version.c index f2a7f6ba923..8c612c9ebb1 100644 --- a/usr.sbin/bind/lib/isccc/version.c +++ b/usr.sbin/bind/lib/isccc/version.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: version.c,v 1.1.12.3 2004/03/08 09:05:04 marka Exp $ */ +/* $ISC: version.c,v 1.3.18.2 2005/04/29 00:17:12 marka Exp $ */ + +/*! \file */ #include <isccc/version.h> diff --git a/usr.sbin/bind/lib/isccfg/aclconf.c b/usr.sbin/bind/lib/isccfg/aclconf.c new file mode 100644 index 00000000000..8a087bf628f --- /dev/null +++ b/usr.sbin/bind/lib/isccfg/aclconf.c @@ -0,0 +1,256 @@ +/* + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: aclconf.c,v 1.2.2.6 2006/03/02 00:37:22 marka Exp $ */ + +#include <config.h> + +#include <isc/mem.h> +#include <isc/string.h> /* Required for HP/UX (and others?) */ +#include <isc/util.h> + +#include <isccfg/namedconf.h> +#include <isccfg/aclconf.h> + +#include <dns/acl.h> +#include <dns/fixedname.h> +#include <dns/log.h> + +#define LOOP_MAGIC ISC_MAGIC('L','O','O','P') + +void +cfg_aclconfctx_init(cfg_aclconfctx_t *ctx) { + ISC_LIST_INIT(ctx->named_acl_cache); +} + +void +cfg_aclconfctx_destroy(cfg_aclconfctx_t *ctx) { + dns_acl_t *dacl, *next; + for (dacl = ISC_LIST_HEAD(ctx->named_acl_cache); + dacl != NULL; + dacl = next) + { + next = ISC_LIST_NEXT(dacl, nextincache); + dns_acl_detach(&dacl); + } +} + +/* + * Find the definition of the named acl whose name is "name". + */ +static isc_result_t +get_acl_def(const cfg_obj_t *cctx, const char *name, const cfg_obj_t **ret) { + isc_result_t result; + const cfg_obj_t *acls = NULL; + const cfg_listelt_t *elt; + + result = cfg_map_get(cctx, "acl", &acls); + if (result != ISC_R_SUCCESS) + return (result); + for (elt = cfg_list_first(acls); + elt != NULL; + elt = cfg_list_next(elt)) { + const cfg_obj_t *acl = cfg_listelt_value(elt); + const char *aclname = cfg_obj_asstring(cfg_tuple_get(acl, "name")); + if (strcasecmp(aclname, name) == 0) { + *ret = cfg_tuple_get(acl, "value"); + return (ISC_R_SUCCESS); + } + } + return (ISC_R_NOTFOUND); +} + +static isc_result_t +convert_named_acl(const cfg_obj_t *nameobj, const cfg_obj_t *cctx, + isc_log_t *lctx, cfg_aclconfctx_t *ctx, + isc_mem_t *mctx, dns_acl_t **target) +{ + isc_result_t result; + const cfg_obj_t *cacl = NULL; + dns_acl_t *dacl; + dns_acl_t loop; + const char *aclname = cfg_obj_asstring(nameobj); + + /* Look for an already-converted version. */ + for (dacl = ISC_LIST_HEAD(ctx->named_acl_cache); + dacl != NULL; + dacl = ISC_LIST_NEXT(dacl, nextincache)) + { + if (strcasecmp(aclname, dacl->name) == 0) { + if (ISC_MAGIC_VALID(dacl, LOOP_MAGIC)) { + cfg_obj_log(nameobj, lctx, ISC_LOG_ERROR, + "acl loop detected: %s", aclname); + return (ISC_R_FAILURE); + } + dns_acl_attach(dacl, target); + return (ISC_R_SUCCESS); + } + } + /* Not yet converted. Convert now. */ + result = get_acl_def(cctx, aclname, &cacl); + if (result != ISC_R_SUCCESS) { + cfg_obj_log(nameobj, lctx, ISC_LOG_WARNING, + "undefined ACL '%s'", aclname); + return (result); + } + /* + * Add a loop detection element. + */ + memset(&loop, 0, sizeof(loop)); + ISC_LINK_INIT(&loop, nextincache); + DE_CONST(aclname, loop.name); + loop.magic = LOOP_MAGIC; + ISC_LIST_APPEND(ctx->named_acl_cache, &loop, nextincache); + result = cfg_acl_fromconfig(cacl, cctx, lctx, ctx, mctx, &dacl); + ISC_LIST_UNLINK(ctx->named_acl_cache, &loop, nextincache); + loop.magic = 0; + loop.name = NULL; + if (result != ISC_R_SUCCESS) + return (result); + dacl->name = isc_mem_strdup(dacl->mctx, aclname); + if (dacl->name == NULL) + return (ISC_R_NOMEMORY); + ISC_LIST_APPEND(ctx->named_acl_cache, dacl, nextincache); + dns_acl_attach(dacl, target); + return (ISC_R_SUCCESS); +} + +static isc_result_t +convert_keyname(const cfg_obj_t *keyobj, isc_log_t *lctx, isc_mem_t *mctx, + dns_name_t *dnsname) +{ + isc_result_t result; + isc_buffer_t buf; + dns_fixedname_t fixname; + unsigned int keylen; + const char *txtname = cfg_obj_asstring(keyobj); + + keylen = strlen(txtname); + isc_buffer_init(&buf, txtname, keylen); + isc_buffer_add(&buf, keylen); + dns_fixedname_init(&fixname); + result = dns_name_fromtext(dns_fixedname_name(&fixname), &buf, + dns_rootname, ISC_FALSE, NULL); + if (result != ISC_R_SUCCESS) { + cfg_obj_log(keyobj, lctx, ISC_LOG_WARNING, + "key name '%s' is not a valid domain name", + txtname); + return (result); + } + return (dns_name_dup(dns_fixedname_name(&fixname), mctx, dnsname)); +} + +isc_result_t +cfg_acl_fromconfig(const cfg_obj_t *caml, + const cfg_obj_t *cctx, + isc_log_t *lctx, + cfg_aclconfctx_t *ctx, + isc_mem_t *mctx, + dns_acl_t **target) +{ + isc_result_t result; + unsigned int count; + dns_acl_t *dacl = NULL; + dns_aclelement_t *de; + const cfg_listelt_t *elt; + + REQUIRE(target != NULL && *target == NULL); + + count = 0; + for (elt = cfg_list_first(caml); + elt != NULL; + elt = cfg_list_next(elt)) + count++; + + result = dns_acl_create(mctx, count, &dacl); + if (result != ISC_R_SUCCESS) + return (result); + + de = dacl->elements; + for (elt = cfg_list_first(caml); + elt != NULL; + elt = cfg_list_next(elt)) + { + const cfg_obj_t *ce = cfg_listelt_value(elt); + if (cfg_obj_istuple(ce)) { + /* This must be a negated element. */ + ce = cfg_tuple_get(ce, "value"); + de->negative = ISC_TRUE; + } else { + de->negative = ISC_FALSE; + } + + if (cfg_obj_isnetprefix(ce)) { + /* Network prefix */ + de->type = dns_aclelementtype_ipprefix; + + cfg_obj_asnetprefix(ce, + &de->u.ip_prefix.address, + &de->u.ip_prefix.prefixlen); + } else if (cfg_obj_istype(ce, &cfg_type_keyref)) { + /* Key name */ + de->type = dns_aclelementtype_keyname; + dns_name_init(&de->u.keyname, NULL); + result = convert_keyname(ce, lctx, mctx, + &de->u.keyname); + if (result != ISC_R_SUCCESS) + goto cleanup; + } else if (cfg_obj_islist(ce)) { + /* Nested ACL */ + de->type = dns_aclelementtype_nestedacl; + result = cfg_acl_fromconfig(ce, cctx, lctx, ctx, + mctx, &de->u.nestedacl); + if (result != ISC_R_SUCCESS) + goto cleanup; + } else if (cfg_obj_isstring(ce)) { + /* ACL name */ + const char *name = cfg_obj_asstring(ce); + if (strcasecmp(name, "localhost") == 0) { + de->type = dns_aclelementtype_localhost; + } else if (strcasecmp(name, "localnets") == 0) { + de->type = dns_aclelementtype_localnets; + } else if (strcasecmp(name, "any") == 0) { + de->type = dns_aclelementtype_any; + } else if (strcasecmp(name, "none") == 0) { + de->type = dns_aclelementtype_any; + de->negative = ISC_TF(! de->negative); + } else { + de->type = dns_aclelementtype_nestedacl; + result = convert_named_acl(ce, cctx, lctx, + ctx, mctx, + &de->u.nestedacl); + if (result != ISC_R_SUCCESS) + goto cleanup; + } + } else { + cfg_obj_log(ce, lctx, ISC_LOG_WARNING, + "address match list contains " + "unsupported element type"); + result = ISC_R_FAILURE; + goto cleanup; + } + de++; + dacl->length++; + } + + *target = dacl; + return (ISC_R_SUCCESS); + + cleanup: + dns_acl_detach(&dacl); + return (result); +} diff --git a/usr.sbin/bind/lib/isccfg/include/Makefile.in b/usr.sbin/bind/lib/isccfg/include/Makefile.in index 0364d2e064e..1ced83a60be 100644 --- a/usr.sbin/bind/lib/isccfg/include/Makefile.in +++ b/usr.sbin/bind/lib/isccfg/include/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.4.206.1 2004/03/06 08:15:27 marka Exp $ +# $ISC: Makefile.in,v 1.5 2004/03/05 05:12:24 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/isccfg/include/isccfg/Makefile.in b/usr.sbin/bind/lib/isccfg/include/isccfg/Makefile.in index 955a7275d02..e149913678b 100644 --- a/usr.sbin/bind/lib/isccfg/include/isccfg/Makefile.in +++ b/usr.sbin/bind/lib/isccfg/include/isccfg/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2001, 2002 Internet Software Consortium. # # Permission to use, copy, modify, and distribute this software for any @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.4.12.3 2004/03/08 09:05:07 marka Exp $ +# $ISC: Makefile.in,v 1.8.18.2 2005/01/12 01:54:57 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ @@ -26,7 +26,7 @@ top_srcdir = @top_srcdir@ # machine generated. The latter are handled specially in the # install target below. # -HEADERS = cfg.h grammar.h log.h namedconf.h version.h +HEADERS = aclconf.h cfg.h grammar.h log.h namedconf.h version.h SUBDIRS = TARGETS = diff --git a/usr.sbin/bind/lib/isccfg/include/isccfg/aclconf.h b/usr.sbin/bind/lib/isccfg/include/isccfg/aclconf.h new file mode 100644 index 00000000000..d47ff8100bf --- /dev/null +++ b/usr.sbin/bind/lib/isccfg/include/isccfg/aclconf.h @@ -0,0 +1,73 @@ +/* + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 1999-2001 Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $ISC: aclconf.h,v 1.2.2.5 2006/03/02 00:37:22 marka Exp $ */ + +#ifndef ISCCFG_ACLCONF_H +#define ISCCFG_ACLCONF_H 1 + +#include <isc/lang.h> + +#include <isccfg/cfg.h> + +#include <dns/types.h> + +typedef struct cfg_aclconfctx { + ISC_LIST(dns_acl_t) named_acl_cache; +} cfg_aclconfctx_t; + +/*** + *** Functions + ***/ + +ISC_LANG_BEGINDECLS + +void +cfg_aclconfctx_init(cfg_aclconfctx_t *ctx); +/* + * Initialize an ACL configuration context. + */ + +void +cfg_aclconfctx_destroy(cfg_aclconfctx_t *ctx); +/* + * Destroy an ACL configuration context. + */ + +isc_result_t +cfg_acl_fromconfig(const cfg_obj_t *caml, + const cfg_obj_t *cctx, + isc_log_t *lctx, + cfg_aclconfctx_t *ctx, + isc_mem_t *mctx, + dns_acl_t **target); +/* + * Construct a new dns_acl_t from configuration data in 'caml' and + * 'cctx'. Memory is allocated through 'mctx'. + * + * Any named ACLs referred to within 'caml' will be be converted + * into nested dns_acl_t objects. Multiple references to the same + * named ACLs will be converted into shared references to a single + * nested dns_acl_t object when the referring objects were created + * passing the same ACL configuration context 'ctx'. + * + * On success, attach '*target' to the new dns_acl_t object. + */ + +ISC_LANG_ENDDECLS + +#endif /* ISCCFG_ACLCONF_H */ diff --git a/usr.sbin/bind/lib/isccfg/include/isccfg/cfg.h b/usr.sbin/bind/lib/isccfg/include/isccfg/cfg.h index e308f41f0e9..9017c0fa008 100644 --- a/usr.sbin/bind/lib/isccfg/include/isccfg/cfg.h +++ b/usr.sbin/bind/lib/isccfg/include/isccfg/cfg.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: cfg.h,v 1.30.12.6 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: cfg.h,v 1.34.18.5 2006/03/02 00:37:22 marka Exp $ */ #ifndef ISCCFG_CFG_H #define ISCCFG_CFG_H 1 @@ -24,7 +24,8 @@ ***** Module Info *****/ -/* +/*! \file + * \brief * This is the new, table-driven, YACC-free configuration file parser. */ @@ -42,19 +43,19 @@ *** Types ***/ -typedef struct cfg_parser cfg_parser_t; -/* +/*% * A configuration parser. */ +typedef struct cfg_parser cfg_parser_t; -/* +/*% * A configuration type definition object. There is a single * static cfg_type_t object for each data type supported by * the configuration parser. */ typedef struct cfg_type cfg_type_t; -/* +/*% * A configuration object. This is the basic building block of the * configuration parse tree. It contains a value (which may be * of one of several types) and information identifying the file @@ -63,12 +64,12 @@ typedef struct cfg_type cfg_type_t; */ typedef struct cfg_obj cfg_obj_t; -/* +/*% * A configuration object list element. */ typedef struct cfg_listelt cfg_listelt_t; -/* +/*% * A callback function to be called when parsing an option * that needs to be interpreted at parsing time, like * "directory". @@ -84,7 +85,7 @@ ISC_LANG_BEGINDECLS isc_result_t cfg_parser_create(isc_mem_t *mctx, isc_log_t *lctx, cfg_parser_t **ret); -/* +/*%< * Create a configuration file parser. Any warning and error * messages will be logged to 'lctx'. * @@ -97,7 +98,7 @@ void cfg_parser_setcallback(cfg_parser_t *pctx, cfg_parsecallback_t callback, void *arg); -/* +/*%< * Make the parser call 'callback' whenever it encounters * a configuration clause with the callback attribute, * passing it the clause name, the clause value, @@ -113,7 +114,7 @@ cfg_parse_file(cfg_parser_t *pctx, const char *filename, isc_result_t cfg_parse_buffer(cfg_parser_t *pctx, isc_buffer_t *buffer, const cfg_type_t *type, cfg_obj_t **ret); -/* +/*%< * Read a configuration containing data of type 'type' * and make '*ret' point to its parse tree. * @@ -124,246 +125,246 @@ cfg_parse_buffer(cfg_parser_t *pctx, isc_buffer_t *buffer, * Returns an error if the file does not parse correctly. * * Requires: - * "filename" is valid. - * "mem" is valid. - * "type" is valid. - * "cfg" is non-NULL and "*cfg" is NULL. + *\li "filename" is valid. + *\li "mem" is valid. + *\li "type" is valid. + *\li "cfg" is non-NULL and "*cfg" is NULL. * * Returns: - * ISC_R_SUCCESS - success - * ISC_R_NOMEMORY - no memory available - * ISC_R_INVALIDFILE - file doesn't exist or is unreadable - * others - file contains errors + * \li #ISC_R_SUCCESS - success + *\li #ISC_R_NOMEMORY - no memory available + *\li #ISC_R_INVALIDFILE - file doesn't exist or is unreadable + *\li others - file contains errors */ void cfg_parser_destroy(cfg_parser_t **pctxp); -/* +/*%< * Destroy a configuration parser. */ isc_boolean_t cfg_obj_isvoid(const cfg_obj_t *obj); -/* +/*%< * Return true iff 'obj' is of void type (e.g., an optional * value not specified). */ isc_boolean_t cfg_obj_ismap(const cfg_obj_t *obj); -/* +/*%< * Return true iff 'obj' is of a map type. */ isc_result_t cfg_map_get(const cfg_obj_t *mapobj, const char* name, const cfg_obj_t **obj); -/* +/*%< * Extract an element from a configuration object, which * must be of a map type. * * Requires: - * 'mapobj' points to a valid configuration object of a map type. - * 'name' points to a null-terminated string. - * 'obj' is non-NULL and '*obj' is NULL. + * \li 'mapobj' points to a valid configuration object of a map type. + * \li 'name' points to a null-terminated string. + * \li 'obj' is non-NULL and '*obj' is NULL. * * Returns: - * ISC_R_SUCCESS - success - * ISC_R_NOTFOUND - name not found in map + * \li #ISC_R_SUCCESS - success + * \li #ISC_R_NOTFOUND - name not found in map */ const cfg_obj_t * cfg_map_getname(const cfg_obj_t *mapobj); -/* +/*%< * Get the name of a named map object, like a server "key" clause. * * Requires: - * 'mapobj' points to a valid configuration object of a map type. + * \li 'mapobj' points to a valid configuration object of a map type. * * Returns: - * A pointer to a configuration object naming the map object, + * \li A pointer to a configuration object naming the map object, * or NULL if the map object does not have a name. */ isc_boolean_t cfg_obj_istuple(const cfg_obj_t *obj); -/* +/*%< * Return true iff 'obj' is of a map type. */ const cfg_obj_t * cfg_tuple_get(const cfg_obj_t *tupleobj, const char *name); -/* +/*%< * Extract an element from a configuration object, which * must be of a tuple type. * * Requires: - * 'tupleobj' points to a valid configuration object of a tuple type. - * 'name' points to a null-terminated string naming one of the - * fields of said tuple type. + * \li 'tupleobj' points to a valid configuration object of a tuple type. + * \li 'name' points to a null-terminated string naming one of the + *\li fields of said tuple type. */ isc_boolean_t cfg_obj_isuint32(const cfg_obj_t *obj); -/* +/*%< * Return true iff 'obj' is of integer type. */ isc_uint32_t cfg_obj_asuint32(const cfg_obj_t *obj); -/* +/*%< * Returns the value of a configuration object of 32-bit integer type. * * Requires: - * 'obj' points to a valid configuration object of 32-bit integer type. + * \li 'obj' points to a valid configuration object of 32-bit integer type. * * Returns: - * A 32-bit unsigned integer. + * \li A 32-bit unsigned integer. */ isc_boolean_t cfg_obj_isuint64(const cfg_obj_t *obj); -/* +/*%< * Return true iff 'obj' is of integer type. */ isc_uint64_t cfg_obj_asuint64(const cfg_obj_t *obj); -/* +/*%< * Returns the value of a configuration object of 64-bit integer type. * * Requires: - * 'obj' points to a valid configuration object of 64-bit integer type. + * \li 'obj' points to a valid configuration object of 64-bit integer type. * * Returns: - * A 64-bit unsigned integer. + * \li A 64-bit unsigned integer. */ isc_boolean_t cfg_obj_isstring(const cfg_obj_t *obj); -/* +/*%< * Return true iff 'obj' is of string type. */ const char * cfg_obj_asstring(const cfg_obj_t *obj); -/* +/*%< * Returns the value of a configuration object of a string type * as a null-terminated string. * * Requires: - * 'obj' points to a valid configuration object of a string type. + * \li 'obj' points to a valid configuration object of a string type. * * Returns: - * A pointer to a null terminated string. + * \li A pointer to a null terminated string. */ isc_boolean_t cfg_obj_isboolean(const cfg_obj_t *obj); -/* +/*%< * Return true iff 'obj' is of a boolean type. */ isc_boolean_t cfg_obj_asboolean(const cfg_obj_t *obj); -/* +/*%< * Returns the value of a configuration object of a boolean type. * * Requires: - * 'obj' points to a valid configuration object of a boolean type. + * \li 'obj' points to a valid configuration object of a boolean type. * * Returns: - * A boolean value. + * \li A boolean value. */ isc_boolean_t cfg_obj_issockaddr(const cfg_obj_t *obj); -/* +/*%< * Return true iff 'obj' is a socket address. */ const isc_sockaddr_t * cfg_obj_assockaddr(const cfg_obj_t *obj); -/* +/*%< * Returns the value of a configuration object representing a socket address. * * Requires: - * 'obj' points to a valid configuration object of a socket address type. + * \li 'obj' points to a valid configuration object of a socket address type. * * Returns: - * A pointer to a sockaddr. The sockaddr must be copied by the caller + * \li A pointer to a sockaddr. The sockaddr must be copied by the caller * if necessary. */ isc_boolean_t cfg_obj_isnetprefix(const cfg_obj_t *obj); -/* +/*%< * Return true iff 'obj' is a network prefix. */ void cfg_obj_asnetprefix(const cfg_obj_t *obj, isc_netaddr_t *netaddr, unsigned int *prefixlen); -/* +/*%< * Gets the value of a configuration object representing a network * prefix. The network address is returned through 'netaddr' and the * prefix length in bits through 'prefixlen'. * * Requires: - * 'obj' points to a valid configuration object of network prefix type. - * 'netaddr' and 'prefixlen' are non-NULL. + * \li 'obj' points to a valid configuration object of network prefix type. + *\li 'netaddr' and 'prefixlen' are non-NULL. */ isc_boolean_t cfg_obj_islist(const cfg_obj_t *obj); -/* +/*%< * Return true iff 'obj' is of list type. */ const cfg_listelt_t * cfg_list_first(const cfg_obj_t *obj); -/* +/*%< * Returns the first list element in a configuration object of a list type. * * Requires: - * 'obj' points to a valid configuration object of a list type or NULL. + * \li 'obj' points to a valid configuration object of a list type or NULL. * * Returns: - * A pointer to a cfg_listelt_t representing the first list element, + * \li A pointer to a cfg_listelt_t representing the first list element, * or NULL if the list is empty or nonexistent. */ const cfg_listelt_t * cfg_list_next(const cfg_listelt_t *elt); -/* +/*%< * Returns the next element of a list of configuration objects. * * Requires: - * 'elt' points to cfg_listelt_t obtained from cfg_list_first() or + * \li 'elt' points to cfg_listelt_t obtained from cfg_list_first() or * a previous call to cfg_list_next(). * * Returns: - * A pointer to a cfg_listelt_t representing the next element, + * \li A pointer to a cfg_listelt_t representing the next element, * or NULL if there are no more elements. */ const cfg_obj_t * cfg_listelt_value(const cfg_listelt_t *elt); -/* +/*%< * Returns the configuration object associated with cfg_listelt_t. * * Requires: - * 'elt' points to cfg_listelt_t obtained from cfg_list_first() or + * \li 'elt' points to cfg_listelt_t obtained from cfg_list_first() or * cfg_list_next(). * * Returns: - * A non-NULL pointer to a configuration object. + * \li A non-NULL pointer to a configuration object. */ void cfg_print(const cfg_obj_t *obj, void (*f)(void *closure, const char *text, int textlen), void *closure); -/* +/*%< * Print the configuration object 'obj' by repeatedly calling the * function 'f', passing 'closure' and a region of text starting * at 'text' and comprising 'textlen' characters. @@ -373,18 +374,18 @@ void cfg_print_grammar(const cfg_type_t *type, void (*f)(void *closure, const char *text, int textlen), void *closure); -/* +/*%< * Print a summary of the grammar of the configuration type 'type'. */ isc_boolean_t cfg_obj_istype(const cfg_obj_t *obj, const cfg_type_t *type); -/* +/*%< * Return true iff 'obj' is of type 'type'. */ void cfg_obj_destroy(cfg_parser_t *pctx, cfg_obj_t **obj); -/* +/*%< * Destroy a configuration object. */ @@ -392,7 +393,7 @@ void cfg_obj_log(const cfg_obj_t *obj, isc_log_t *lctx, int level, const char *fmt, ...) ISC_FORMAT_PRINTF(4, 5); -/* +/*%< * Log a message concerning configuration object 'obj' to the logging * channel of 'pctx', at log level 'level'. The message will be prefixed * with the file name(s) and line number where 'obj' was defined. @@ -400,13 +401,13 @@ cfg_obj_log(const cfg_obj_t *obj, isc_log_t *lctx, int level, const char * cfg_obj_file(const cfg_obj_t *obj); -/* +/*%< * Return the file that defined this object. */ unsigned int cfg_obj_line(const cfg_obj_t *obj); -/* +/*%< * Return the line in file where this object was defined. */ diff --git a/usr.sbin/bind/lib/isccfg/include/isccfg/grammar.h b/usr.sbin/bind/lib/isccfg/include/isccfg/grammar.h index 356ada9f6f6..a2f9a0305cf 100644 --- a/usr.sbin/bind/lib/isccfg/include/isccfg/grammar.h +++ b/usr.sbin/bind/lib/isccfg/include/isccfg/grammar.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: grammar.h,v 1.3.50.6 2006/03/02 00:37:20 marka Exp $ */ +/* $ISC: grammar.h,v 1.4.18.8 2006/02/28 03:10:49 marka Exp $ */ #ifndef ISCCFG_GRAMMAR_H #define ISCCFG_GRAMMAR_H 1 +/*! \file */ + #include <isc/lex.h> #include <isc/netaddr.h> #include <isc/sockaddr.h> @@ -33,17 +35,17 @@ * and the grammars; not visible to users of the parser. */ -/* Clause may occur multiple times (e.g., "zone") */ +/*% Clause may occur multiple times (e.g., "zone") */ #define CFG_CLAUSEFLAG_MULTI 0x00000001 -/* Clause is obsolete */ +/*% Clause is obsolete */ #define CFG_CLAUSEFLAG_OBSOLETE 0x00000002 -/* Clause is not implemented, and may never be */ +/*% Clause is not implemented, and may never be */ #define CFG_CLAUSEFLAG_NOTIMP 0x00000004 -/* Clause is not implemented yet */ +/*% Clause is not implemented yet */ #define CFG_CLAUSEFLAG_NYI 0x00000008 -/* Default value has changed since earlier release */ +/*% Default value has changed since earlier release */ #define CFG_CLAUSEFLAG_NEWDEFAULT 0x00000010 -/* +/*% * Clause needs to be interpreted during parsing * by calling a callback function, like the * "directory" option. @@ -71,7 +73,7 @@ typedef void (*cfg_freefunc_t)(cfg_parser_t *, cfg_obj_t *); * Structure definitions */ -/* +/*% * A configuration printer object. This is an abstract * interface to a destination to which text can be printed * by calling the function 'f'. @@ -82,42 +84,39 @@ struct cfg_printer { int indent; }; -/* A clause definition. */ - +/*% A clause definition. */ struct cfg_clausedef { const char *name; cfg_type_t *type; unsigned int flags; }; -/* A tuple field definition. */ - +/*% A tuple field definition. */ struct cfg_tuplefielddef { const char *name; cfg_type_t *type; unsigned int flags; }; -/* A configuration object type definition. */ +/*% A configuration object type definition. */ struct cfg_type { - const char *name; /* For debugging purposes only */ + const char *name; /*%< For debugging purposes only */ cfg_parsefunc_t parse; cfg_printfunc_t print; - cfg_docfunc_t doc; /* Print grammar description */ - cfg_rep_t * rep; /* Data representation */ - const void * of; /* Additional data for meta-types */ + cfg_docfunc_t doc; /*%< Print grammar description */ + cfg_rep_t * rep; /*%< Data representation */ + const void * of; /*%< Additional data for meta-types */ }; -/* A keyword-type definition, for things like "port <integer>". */ - +/*% A keyword-type definition, for things like "port <integer>". */ typedef struct { const char *name; const cfg_type_t *type; } keyword_type_t; struct cfg_map { - cfg_obj_t *id; /* Used for 'named maps' like keys, zones, &c */ - const cfg_clausedef_t * const *clausesets; /* The clauses that + cfg_obj_t *id; /*%< Used for 'named maps' like keys, zones, &c */ + const cfg_clausedef_t * const *clausesets; /*%< The clauses that can occur in this map; used for printing */ isc_symtab_t *symtab; @@ -130,15 +129,15 @@ struct cfg_netprefix { unsigned int prefixlen; }; -/* +/*% * A configuration data representation. */ struct cfg_rep { - const char * name; /* For debugging only */ - cfg_freefunc_t free; /* How to free this kind of data. */ + const char * name; /*%< For debugging only */ + cfg_freefunc_t free; /*%< How to free this kind of data. */ }; -/* +/*% * A configuration object. This is the main building block * of the configuration parse tree. */ @@ -148,7 +147,7 @@ struct cfg_obj { union { isc_uint32_t uint32; isc_uint64_t uint64; - isc_textregion_t string; /* null terminated, too */ + isc_textregion_t string; /*%< null terminated, too */ isc_boolean_t boolean; cfg_map_t map; cfg_list_t list; @@ -161,14 +160,13 @@ struct cfg_obj { }; -/* A list element. */ - +/*% A list element. */ struct cfg_listelt { cfg_obj_t *obj; ISC_LINK(cfg_listelt_t) link; }; -/* The parser object. */ +/*% The parser object. */ struct cfg_parser { isc_mem_t * mctx; isc_log_t * lctx; @@ -177,13 +175,13 @@ struct cfg_parser { unsigned int warnings; isc_token_t token; - /* We are at the end of all input. */ + /*% We are at the end of all input. */ isc_boolean_t seen_eof; - /* The current token has been pushed back. */ + /*% The current token has been pushed back. */ isc_boolean_t ungotten; - /* + /*% * The stack of currently active files, represented * as a configuration list of configuration strings. * The head is the top-level file, subsequent elements @@ -192,7 +190,7 @@ struct cfg_parser { */ cfg_obj_t * open_files; - /* + /*% * Names of files that we have parsed and closed * and were previously on the open_file list. * We keep these objects around after closing @@ -203,7 +201,7 @@ struct cfg_parser { */ cfg_obj_t * closed_files; - /* + /*% * Current line number. We maintain our own * copy of this so that it is available even * when a file has just been closed. @@ -215,15 +213,19 @@ struct cfg_parser { }; -/* +/*@{*/ +/*% * Flags defining whether to accept certain types of network addresses. */ #define CFG_ADDR_V4OK 0x00000001 #define CFG_ADDR_V4PREFIXOK 0x00000002 #define CFG_ADDR_V6OK 0x00000004 #define CFG_ADDR_WILDOK 0x00000008 +#define CFG_ADDR_MASK (CFG_ADDR_V6OK|CFG_ADDR_V4OK) +/*@}*/ -/* +/*@{*/ +/*% * Predefined data representation types. */ LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_uint32; @@ -236,8 +238,10 @@ LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_tuple; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_sockaddr; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_netprefix; LIBISCCFG_EXTERNAL_DATA extern cfg_rep_t cfg_rep_void; +/*@}*/ -/* +/*@{*/ +/*% * Predefined configuration object types. */ LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_boolean; @@ -248,10 +252,15 @@ LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_astring; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_ustring; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_sockaddr; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr4; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr4wild; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr6; +LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netaddr6wild; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_netprefix; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_void; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_token; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_unsupported; +/*@}*/ isc_result_t cfg_gettoken(cfg_parser_t *pctx, int options); @@ -314,7 +323,7 @@ cfg_parse_netprefix(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) isc_result_t cfg_parse_special(cfg_parser_t *pctx, int special); -/* Parse a required special character 'special'. */ +/*%< Parse a required special character 'special'. */ isc_result_t cfg_create_tuple(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **objp); @@ -358,11 +367,11 @@ cfg_doc_enum(cfg_printer_t *pctx, const cfg_type_t *type); void cfg_print_chars(cfg_printer_t *pctx, const char *text, int len); -/* Print 'len' characters at 'text' */ +/*%< Print 'len' characters at 'text' */ void cfg_print_cstr(cfg_printer_t *pctx, const char *s); -/* Print the null-terminated string 's' */ +/*%< Print the null-terminated string 's' */ isc_result_t cfg_parse_map(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); @@ -373,6 +382,10 @@ cfg_parse_named_map(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) isc_result_t cfg_parse_addressed_map(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret); +isc_result_t +cfg_parse_netprefix_map(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t ** +ret); + void cfg_print_map(cfg_printer_t *pctx, const cfg_obj_t *obj); @@ -405,28 +418,28 @@ cfg_print_obj(cfg_printer_t *pctx, const cfg_obj_t *obj); void cfg_doc_obj(cfg_printer_t *pctx, const cfg_type_t *type); -/* +/*%< * Print a description of the grammar of an arbitrary configuration * type 'type' */ void cfg_doc_terminal(cfg_printer_t *pctx, const cfg_type_t *type); -/* +/*%< * Document the type 'type' as a terminal by printing its - * name in angle brackets, e.g., <uint32>. + * name in angle brackets, e.g., <uint32>. */ void cfg_parser_error(cfg_parser_t *pctx, unsigned int flags, const char *fmt, ...) ISC_FORMAT_PRINTF(3, 4); -/* +/*! * Pass one of these flags to cfg_parser_error() to include the * token text in log message. */ -#define CFG_LOG_NEAR 0x00000001 /* Say "near <token>" */ -#define CFG_LOG_BEFORE 0x00000002 /* Say "before <token>" */ -#define CFG_LOG_NOPREP 0x00000004 /* Say just "<token>" */ +#define CFG_LOG_NEAR 0x00000001 /*%< Say "near <token>" */ +#define CFG_LOG_BEFORE 0x00000002 /*%< Say "before <token>" */ +#define CFG_LOG_NOPREP 0x00000004 /*%< Say just "<token>" */ void cfg_parser_warning(cfg_parser_t *pctx, unsigned int flags, @@ -434,6 +447,6 @@ cfg_parser_warning(cfg_parser_t *pctx, unsigned int flags, isc_boolean_t cfg_is_enum(const char *s, const char *const *enums); -/* Return true iff the string 's' is one of the strings in 'enums' */ +/*%< Return true iff the string 's' is one of the strings in 'enums' */ #endif /* ISCCFG_GRAMMAR_H */ diff --git a/usr.sbin/bind/lib/isccfg/include/isccfg/log.h b/usr.sbin/bind/lib/isccfg/include/isccfg/log.h index d085cd5ba71..c9a8a6b2953 100644 --- a/usr.sbin/bind/lib/isccfg/include/isccfg/log.h +++ b/usr.sbin/bind/lib/isccfg/include/isccfg/log.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: log.h,v 1.3.2.1.10.3 2004/03/08 09:05:07 marka Exp $ */ +/* $ISC: log.h,v 1.6.18.2 2005/04/29 00:17:16 marka Exp $ */ #ifndef ISCCFG_LOG_H #define ISCCFG_LOG_H 1 +/*! \file */ + #include <isc/lang.h> #include <isc/log.h> @@ -34,17 +36,17 @@ ISC_LANG_BEGINDECLS void cfg_log_init(isc_log_t *lctx); -/* +/*%< * Make the libisccfg categories and modules available for use with the * ISC logging library. * * Requires: - * lctx is a valid logging context. + *\li lctx is a valid logging context. * - * cfg_log_init() is called only once. + *\li cfg_log_init() is called only once. * * Ensures: - * The catgories and modules defined above are available for + * \li The catgories and modules defined above are available for * use by isc_log_usechannnel() and isc_log_write(). */ diff --git a/usr.sbin/bind/lib/isccfg/include/isccfg/namedconf.h b/usr.sbin/bind/lib/isccfg/include/isccfg/namedconf.h index 6a9f5c3248b..49566dd9140 100644 --- a/usr.sbin/bind/lib/isccfg/include/isccfg/namedconf.h +++ b/usr.sbin/bind/lib/isccfg/include/isccfg/namedconf.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,12 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: namedconf.h,v 1.2.202.3 2004/03/08 09:05:07 marka Exp $ */ +/* $ISC: namedconf.h,v 1.3.18.2 2005/04/29 00:17:16 marka Exp $ */ #ifndef ISCCFG_NAMEDCONF_H #define ISCCFG_NAMEDCONF_H 1 -/* +/*! \file + * \brief * This module defines the named.conf, rndc.conf, and rndc.key grammars. */ @@ -30,15 +31,15 @@ * Configuration object types. */ LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_namedconf; -/* A complete named.conf file. */ +/*%< A complete named.conf file. */ LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_rndcconf; -/* A complete rndc.conf file. */ +/*%< A complete rndc.conf file. */ LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_rndckey; -/* A complete rndc.key file. */ +/*%< A complete rndc.key file. */ LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_keyref; -/* A key reference, used as an ACL element */ +/*%< A key reference, used as an ACL element */ #endif /* ISCCFG_CFG_H */ diff --git a/usr.sbin/bind/lib/isccfg/include/isccfg/version.h b/usr.sbin/bind/lib/isccfg/include/isccfg/version.h index 583ea0b22b1..5a7ebbd3a03 100644 --- a/usr.sbin/bind/lib/isccfg/include/isccfg/version.h +++ b/usr.sbin/bind/lib/isccfg/include/isccfg/version.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: version.h,v 1.2.222.3 2004/03/08 09:05:08 marka Exp $ */ +/* $ISC: version.h,v 1.3.18.2 2005/04/29 00:17:16 marka Exp $ */ + +/*! \file */ #include <isc/platform.h> diff --git a/usr.sbin/bind/lib/isccfg/log.c b/usr.sbin/bind/lib/isccfg/log.c index 8f36a4bbcd5..313b7f087a6 100644 --- a/usr.sbin/bind/lib/isccfg/log.c +++ b/usr.sbin/bind/lib/isccfg/log.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: log.c,v 1.2.2.1.10.3 2004/03/08 09:05:06 marka Exp $ */ +/* $ISC: log.c,v 1.5.18.2 2005/04/29 00:17:15 marka Exp $ */ + +/*! \file */ #include <config.h> @@ -23,7 +25,7 @@ #include <isccfg/log.h> -/* +/*% * When adding a new category, be sure to add the appropriate * #define to <isccfg/log.h>. */ @@ -32,7 +34,7 @@ LIBISCCFG_EXTERNAL_DATA isc_logcategory_t cfg_categories[] = { { NULL, 0 } }; -/* +/*% * When adding a new module, be sure to add the appropriate * #define to <isccfg/log.h>. */ diff --git a/usr.sbin/bind/lib/isccfg/version.c b/usr.sbin/bind/lib/isccfg/version.c index 08f0e82dcd7..42a9d156526 100644 --- a/usr.sbin/bind/lib/isccfg/version.c +++ b/usr.sbin/bind/lib/isccfg/version.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: version.c,v 1.1.12.3 2004/03/08 09:05:06 marka Exp $ */ +/* $ISC: version.c,v 1.3.18.2 2005/04/29 00:17:15 marka Exp $ */ + +/*! \file */ #include <isccfg/version.h> diff --git a/usr.sbin/bind/lib/lwres/Makefile.in b/usr.sbin/bind/lib/lwres/Makefile.in index 6a23c3280b5..9a73d0e9264 100644 --- a/usr.sbin/bind/lib/lwres/Makefile.in +++ b/usr.sbin/bind/lib/lwres/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.25.12.8 2005/06/09 23:54:32 marka Exp $ +# $ISC: Makefile.in,v 1.28.18.4 2005/06/09 23:55:10 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/lwres/api b/usr.sbin/bind/lib/lwres/api index 63704dd62ad..510e9a911ba 100644 --- a/usr.sbin/bind/lib/lwres/api +++ b/usr.sbin/bind/lib/lwres/api @@ -1,3 +1,3 @@ -LIBINTERFACE = 10 +LIBINTERFACE = 30 LIBREVISION = 5 -LIBAGE = 1 +LIBAGE = 0 diff --git a/usr.sbin/bind/lib/lwres/assert_p.h b/usr.sbin/bind/lib/lwres/assert_p.h index 8a8a6af182b..4db99c98f1d 100644 --- a/usr.sbin/bind/lib/lwres/assert_p.h +++ b/usr.sbin/bind/lib/lwres/assert_p.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: assert_p.h,v 1.9.206.1 2004/03/06 08:15:30 marka Exp $ */ +/* $ISC: assert_p.h,v 1.10.18.2 2005/04/29 00:17:16 marka Exp $ */ #ifndef LWRES_ASSERT_P_H #define LWRES_ASSERT_P_H 1 +/*! \file */ + #include <assert.h> /* Required for assert() prototype. */ #define REQUIRE(x) assert(x) diff --git a/usr.sbin/bind/lib/lwres/context_p.h b/usr.sbin/bind/lib/lwres/context_p.h index c78160aa2aa..db3d0b22dcf 100644 --- a/usr.sbin/bind/lib/lwres/context_p.h +++ b/usr.sbin/bind/lib/lwres/context_p.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,42 +15,48 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: context_p.h,v 1.12.206.1 2004/03/06 08:15:30 marka Exp $ */ +/* $ISC: context_p.h,v 1.13.18.2 2005/04/29 00:17:17 marka Exp $ */ #ifndef LWRES_CONTEXT_P_H #define LWRES_CONTEXT_P_H 1 -/* +/*! \file */ + +/*@{*/ +/** * Helper functions, assuming the context is always called "ctx" in * the scope these functions are called from. */ #define CTXMALLOC(len) ctx->malloc(ctx->arg, (len)) #define CTXFREE(addr, len) ctx->free(ctx->arg, (addr), (len)) +/*@}*/ #define LWRES_DEFAULT_TIMEOUT 120 /* 120 seconds for a reply */ -/* +/** * Not all the attributes here are actually settable by the application at * this time. */ struct lwres_context { - unsigned int timeout; /* time to wait for reply */ - lwres_uint32_t serial; /* serial number state */ + unsigned int timeout; /*%< time to wait for reply */ + lwres_uint32_t serial; /*%< serial number state */ /* * For network I/O. */ - int sock; /* socket to send on */ - lwres_addr_t address; /* address to send to */ + int sock; /*%< socket to send on */ + lwres_addr_t address; /*%< address to send to */ + /*@{*/ /* * Function pointers for allocating memory. */ lwres_malloc_t malloc; lwres_free_t free; void *arg; + /*@}*/ - /* + /*% * resolv.conf-like data */ lwres_conf_t confdata; diff --git a/usr.sbin/bind/lib/lwres/gai_strerror.c b/usr.sbin/bind/lib/lwres/gai_strerror.c index 4d578831336..cf08781a424 100644 --- a/usr.sbin/bind/lib/lwres/gai_strerror.c +++ b/usr.sbin/bind/lib/lwres/gai_strerror.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,12 +15,40 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: gai_strerror.c,v 1.14.2.1.10.3 2006/08/25 05:25:50 marka Exp $ */ +/* $ISC: gai_strerror.c,v 1.16.18.4 2006/08/25 05:25:51 marka Exp $ */ + +/*! \file gai_strerror.c + * lwres_gai_strerror() returns an error message corresponding to an + * error code returned by getaddrinfo(). The following error codes and + * their meaning are defined in \link netdb.h include/lwres/netdb.h.\endlink + * + * \li #EAI_ADDRFAMILY address family for hostname not supported + * \li #EAI_AGAIN temporary failure in name resolution + * \li #EAI_BADFLAGS invalid value for #ai_flags + * \li #EAI_FAIL non-recoverable failure in name resolution + * \li #EAI_FAMILY ai_family not supported + * \li #EAI_MEMORY memory allocation failure + * \li #EAI_NODATA no address associated with hostname + * \li #EAI_NONAME hostname or servname not provided, or not known + * \li #EAI_SERVICE servname not supported for ai_socktype + * \li #EAI_SOCKTYPE ai_socktype not supported + * \li #EAI_SYSTEM system error returned in errno + * + * The message invalid error code is returned if ecode is out of range. + * + * ai_flags, ai_family and ai_socktype are elements of the struct + * addrinfo used by lwres_getaddrinfo(). + * + * \section gai_strerror_see See Also + * + * strerror, lwres_getaddrinfo(), getaddrinfo(), RFC2133. + */ #include <config.h> #include <lwres/netdb.h> +/*% Text of error messages. */ static const char *gai_messages[] = { "no error", "address family for hostname not supported", @@ -38,6 +66,7 @@ static const char *gai_messages[] = { "bad protocol" }; +/*% Returns an error message corresponding to an error code returned by getaddrinfo() */ char * lwres_gai_strerror(int ecode) { union { diff --git a/usr.sbin/bind/lib/lwres/include/Makefile.in b/usr.sbin/bind/lib/lwres/include/Makefile.in index c37bba1e662..abfff8f041d 100644 --- a/usr.sbin/bind/lib/lwres/include/Makefile.in +++ b/usr.sbin/bind/lib/lwres/include/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.5.206.1 2004/03/06 08:15:33 marka Exp $ +# $ISC: Makefile.in,v 1.6 2004/03/05 05:12:49 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/lwres/include/lwres/Makefile.in b/usr.sbin/bind/lib/lwres/include/lwres/Makefile.in index 9f79108a25f..41973fe4169 100644 --- a/usr.sbin/bind/lib/lwres/include/lwres/Makefile.in +++ b/usr.sbin/bind/lib/lwres/include/lwres/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.19.12.3 2004/03/08 09:05:11 marka Exp $ +# $ISC: Makefile.in,v 1.21 2004/03/05 05:12:52 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/lwres/include/lwres/context.h b/usr.sbin/bind/lib/lwres/include/lwres/context.h index 2664f13dbc4..85b2244ec2b 100644 --- a/usr.sbin/bind/lib/lwres/include/lwres/context.h +++ b/usr.sbin/bind/lib/lwres/include/lwres/context.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,18 +15,20 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: context.h,v 1.14.206.1 2004/03/06 08:15:34 marka Exp $ */ +/* $ISC: context.h,v 1.15.18.2 2005/04/29 00:17:21 marka Exp $ */ #ifndef LWRES_CONTEXT_H #define LWRES_CONTEXT_H 1 +/*! \file */ + #include <stddef.h> #include <lwres/lang.h> #include <lwres/int.h> #include <lwres/result.h> -/* +/*! * Used to set various options such as timeout, authentication, etc */ typedef struct lwres_context lwres_context_t; @@ -51,7 +53,7 @@ typedef void (*lwres_free_t)(void *arg, void *mem, size_t length); * Share /etc/resolv.conf data between contexts. */ -/* +/*! * _SERVERMODE * Don't allocate and connect a socket to the server, since the * caller _is_ a server. @@ -63,7 +65,7 @@ lwres_context_create(lwres_context_t **contextp, void *arg, lwres_malloc_t malloc_function, lwres_free_t free_function, unsigned int flags); -/* +/**< * Allocate a lwres context. This is used in all lwres calls. * * Memory management can be replaced here by passing in two functions. @@ -75,28 +77,22 @@ lwres_context_create(lwres_context_t **contextp, void *arg, * * If they are NULL, the standard malloc() and free() will be used. * - * Requires: - * - * contextp != NULL && contextp == NULL. + *\pre contextp != NULL && contextp == NULL. * - * Returns: - * - * Returns 0 on success, non-zero on failure. + *\return Returns 0 on success, non-zero on failure. */ void lwres_context_destroy(lwres_context_t **contextp); -/* +/**< * Frees all memory associated with a lwres context. * - * Requires: - * - * contextp != NULL && contextp == NULL. + *\pre contextp != NULL && contextp == NULL. */ lwres_uint32_t lwres_context_nextserial(lwres_context_t *ctx); -/* +/**< * XXXMLG Document */ diff --git a/usr.sbin/bind/lib/lwres/include/lwres/int.h b/usr.sbin/bind/lib/lwres/include/lwres/int.h index fbbb153844a..b883552f429 100644 --- a/usr.sbin/bind/lib/lwres/include/lwres/int.h +++ b/usr.sbin/bind/lib/lwres/include/lwres/int.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: int.h,v 1.7.206.1 2004/03/06 08:15:34 marka Exp $ */ +/* $ISC: int.h,v 1.8.18.2 2005/04/29 00:17:21 marka Exp $ */ #ifndef LWRES_INT_H #define LWRES_INT_H 1 +/*! \file */ + typedef char lwres_int8_t; typedef unsigned char lwres_uint8_t; typedef short lwres_int16_t; diff --git a/usr.sbin/bind/lib/lwres/include/lwres/ipv6.h b/usr.sbin/bind/lib/lwres/include/lwres/ipv6.h index 178bf9e5b8d..168174ef813 100644 --- a/usr.sbin/bind/lib/lwres/include/lwres/ipv6.h +++ b/usr.sbin/bind/lib/lwres/include/lwres/ipv6.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ipv6.h,v 1.9.206.1 2004/03/06 08:15:34 marka Exp $ */ +/* $ISC: ipv6.h,v 1.10.18.2 2005/04/29 00:17:21 marka Exp $ */ #ifndef LWRES_IPV6_H #define LWRES_IPV6_H 1 @@ -24,7 +24,7 @@ ***** Module Info *****/ -/* +/*! \file ipv6.h * IPv6 definitions for systems which do not support IPv6. */ @@ -39,6 +39,7 @@ *** Types. ***/ +/*% in6_addr structure */ struct in6_addr { union { lwres_uint8_t _S6_u8[16]; @@ -46,10 +47,13 @@ struct in6_addr { lwres_uint32_t _S6_u32[4]; } _S6_un; }; +/*@{*/ +/*% IP v6 types */ #define s6_addr _S6_un._S6_u8 #define s6_addr8 _S6_un._S6_u8 #define s6_addr16 _S6_un._S6_u16 #define s6_addr32 _S6_un._S6_u32 +/*@}*/ #define IN6ADDR_ANY_INIT {{{ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 }}} #define IN6ADDR_LOOPBACK_INIT {{{ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1 }}} @@ -57,6 +61,7 @@ struct in6_addr { LIBLWRES_EXTERNAL_DATA extern const struct in6_addr in6addr_any; LIBLWRES_EXTERNAL_DATA extern const struct in6_addr in6addr_loopback; +/*% used in getaddrinfo.c and getnameinfo.c */ struct sockaddr_in6 { #ifdef LWRES_PLATFORM_HAVESALEN lwres_uint8_t sin6_len; @@ -74,13 +79,14 @@ struct sockaddr_in6 { #define SIN6_LEN 1 #endif +/*% in6_pktinfo structure */ struct in6_pktinfo { - struct in6_addr ipi6_addr; /* src/dst IPv6 address */ - unsigned int ipi6_ifindex; /* send/recv interface index */ + struct in6_addr ipi6_addr; /*%< src/dst IPv6 address */ + unsigned int ipi6_ifindex; /*%< send/recv interface index */ }; -/* - * Unspecified +/*! + * Unspecified IPv6 address */ #define IN6_IS_ADDR_UNSPECIFIED(a) \ (((a)->s6_addr32[0] == 0) && \ diff --git a/usr.sbin/bind/lib/lwres/include/lwres/lang.h b/usr.sbin/bind/lib/lwres/include/lwres/lang.h index 6f369a3064b..6981d2e856d 100644 --- a/usr.sbin/bind/lib/lwres/include/lwres/lang.h +++ b/usr.sbin/bind/lib/lwres/include/lwres/lang.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lang.h,v 1.6.206.1 2004/03/06 08:15:35 marka Exp $ */ +/* $ISC: lang.h,v 1.7.18.2 2005/04/29 00:17:21 marka Exp $ */ #ifndef LWRES_LANG_H #define LWRES_LANG_H 1 +/*! \file */ + #ifdef __cplusplus #define LWRES_LANG_BEGINDECLS extern "C" { #define LWRES_LANG_ENDDECLS } diff --git a/usr.sbin/bind/lib/lwres/include/lwres/list.h b/usr.sbin/bind/lib/lwres/include/lwres/list.h index b3acb07e4ed..cfe8d0131ef 100644 --- a/usr.sbin/bind/lib/lwres/include/lwres/list.h +++ b/usr.sbin/bind/lib/lwres/include/lwres/list.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1997-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: list.h,v 1.7.206.1 2004/03/06 08:15:35 marka Exp $ */ +/* $ISC: list.h,v 1.8.18.2 2005/04/29 00:17:22 marka Exp $ */ #ifndef LWRES_LIST_H #define LWRES_LIST_H 1 +/*! \file */ + #define LWRES_LIST(type) struct { type *head, *tail; } #define LWRES_LIST_INIT(list) \ do { (list).head = NULL; (list).tail = NULL; } while (0) diff --git a/usr.sbin/bind/lib/lwres/include/lwres/lwbuffer.h b/usr.sbin/bind/lib/lwres/include/lwres/lwbuffer.h index fba8840921d..4d1aeaf7b59 100644 --- a/usr.sbin/bind/lib/lwres/include/lwres/lwbuffer.h +++ b/usr.sbin/bind/lib/lwres/include/lwres/lwbuffer.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,17 +15,10 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwbuffer.h,v 1.15.206.1 2004/03/06 08:15:35 marka Exp $ */ +/* $ISC: lwbuffer.h,v 1.16.18.2 2005/04/29 00:17:22 marka Exp $ */ -#ifndef LWRES_LWBUFFER_H -#define LWRES_LWBUFFER_H 1 -/***** - ***** Module Info - *****/ - -/* - * Buffers +/*! \file lwbuffer.h * * A buffer is a region of memory, together with a set of related subregions. * Buffers are used for parsing and I/O operations. @@ -51,6 +44,7 @@ * region is empty. If the current offset advances beyond the chosen offset, * the active region will also be empty. * + * \verbatim * /----- used region -----\/-- available --\ * +----------------------------------------+ * | consumed | remaining | | @@ -68,9 +62,11 @@ * a-b == consumed region. * b-d == remaining region. * b-c == optional active region. + * \endverbatim * * The following invariants are maintained by all routines: * + *\verbatim * length > 0 * * base is a valid pointer to length bytes of memory @@ -81,24 +77,28 @@ * * 0 <= active <= used * (although active < current implies empty active region) + *\endverbatim * - * MP: + * \li MP: * Buffers have no synchronization. Clients must ensure exclusive * access. * - * Reliability: + * \li Reliability: * No anticipated impact. * - * Resources: + * \li Resources: * Memory: 1 pointer + 6 unsigned integers per buffer. * - * Security: + * \li Security: * No anticipated impact. * - * Standards: + * \li Standards: * None. */ +#ifndef LWRES_LWBUFFER_H +#define LWRES_LWBUFFER_H 1 + /*** *** Imports ***/ @@ -116,32 +116,35 @@ LWRES_LANG_BEGINDECLS #define LWRES_BUFFER_VALID(b) ((b) != NULL && \ (b)->magic == LWRES_BUFFER_MAGIC) -/* +/*! * The following macros MUST be used only on valid buffers. It is the * caller's responsibility to ensure this by using the LWRES_BUFFER_VALID * check above, or by calling another lwres_buffer_*() function (rather than * another macro.) */ -/* +/*! * Get the length of the used region of buffer "b" */ #define LWRES_BUFFER_USEDCOUNT(b) ((b)->used) -/* +/*! * Get the length of the available region of buffer "b" */ #define LWRES_BUFFER_AVAILABLECOUNT(b) ((b)->length - (b)->used) #define LWRES_BUFFER_REMAINING(b) ((b)->used - (b)->current) -/* +/*! * Note that the buffer structure is public. This is principally so buffer * operations can be implemented using macros. Applications are strongly * discouraged from directly manipulating the structure. */ typedef struct lwres_buffer lwres_buffer_t; +/*! + * Buffer data structure + */ struct lwres_buffer { unsigned int magic; unsigned char *base; @@ -158,7 +161,7 @@ struct lwres_buffer { void lwres_buffer_init(lwres_buffer_t *b, void *base, unsigned int length); -/* +/**< * Make 'b' refer to the 'length'-byte region starting at base. * * Requires: @@ -171,7 +174,7 @@ lwres_buffer_init(lwres_buffer_t *b, void *base, unsigned int length); void lwres_buffer_invalidate(lwres_buffer_t *b); -/* +/**< * Make 'b' an invalid buffer. * * Requires: @@ -184,7 +187,7 @@ lwres_buffer_invalidate(lwres_buffer_t *b); void lwres_buffer_add(lwres_buffer_t *b, unsigned int n); -/* +/**< * Increase the 'used' region of 'b' by 'n' bytes. * * Requires: @@ -197,7 +200,7 @@ lwres_buffer_add(lwres_buffer_t *b, unsigned int n); void lwres_buffer_subtract(lwres_buffer_t *b, unsigned int n); -/* +/**< * Decrease the 'used' region of 'b' by 'n' bytes. * * Requires: @@ -210,7 +213,7 @@ lwres_buffer_subtract(lwres_buffer_t *b, unsigned int n); void lwres_buffer_clear(lwres_buffer_t *b); -/* +/**< * Make the used region empty. * * Requires: @@ -223,9 +226,10 @@ lwres_buffer_clear(lwres_buffer_t *b); * */ + void lwres_buffer_first(lwres_buffer_t *b); -/* +/**< * Make the consumed region empty. * * Requires: @@ -240,7 +244,7 @@ lwres_buffer_first(lwres_buffer_t *b); void lwres_buffer_forward(lwres_buffer_t *b, unsigned int n); -/* +/**< * Increase the 'consumed' region of 'b' by 'n' bytes. * * Requires: @@ -253,7 +257,7 @@ lwres_buffer_forward(lwres_buffer_t *b, unsigned int n); void lwres_buffer_back(lwres_buffer_t *b, unsigned int n); -/* +/**< * Decrease the 'consumed' region of 'b' by 'n' bytes. * * Requires: @@ -266,7 +270,7 @@ lwres_buffer_back(lwres_buffer_t *b, unsigned int n); lwres_uint8_t lwres_buffer_getuint8(lwres_buffer_t *b); -/* +/**< * Read an unsigned 8-bit integer from 'b' and return it. * * Requires: @@ -286,7 +290,7 @@ lwres_buffer_getuint8(lwres_buffer_t *b); void lwres_buffer_putuint8(lwres_buffer_t *b, lwres_uint8_t val); -/* +/**< * Store an unsigned 8-bit integer from 'val' into 'b'. * * Requires: @@ -300,7 +304,7 @@ lwres_buffer_putuint8(lwres_buffer_t *b, lwres_uint8_t val); lwres_uint16_t lwres_buffer_getuint16(lwres_buffer_t *b); -/* +/**< * Read an unsigned 16-bit integer in network byte order from 'b', convert * it to host byte order, and return it. * @@ -321,7 +325,7 @@ lwres_buffer_getuint16(lwres_buffer_t *b); void lwres_buffer_putuint16(lwres_buffer_t *b, lwres_uint16_t val); -/* +/**< * Store an unsigned 16-bit integer in host byte order from 'val' * into 'b' in network byte order. * @@ -336,7 +340,7 @@ lwres_buffer_putuint16(lwres_buffer_t *b, lwres_uint16_t val); lwres_uint32_t lwres_buffer_getuint32(lwres_buffer_t *b); -/* +/**< * Read an unsigned 32-bit integer in network byte order from 'b', convert * it to host byte order, and return it. * @@ -357,7 +361,7 @@ lwres_buffer_getuint32(lwres_buffer_t *b); void lwres_buffer_putuint32(lwres_buffer_t *b, lwres_uint32_t val); -/* +/**< * Store an unsigned 32-bit integer in host byte order from 'val' * into 'b' in network byte order. * @@ -373,7 +377,7 @@ lwres_buffer_putuint32(lwres_buffer_t *b, lwres_uint32_t val); void lwres_buffer_putmem(lwres_buffer_t *b, const unsigned char *base, unsigned int length); -/* +/**< * Copy 'length' bytes of memory at 'base' into 'b'. * * Requires: @@ -386,7 +390,7 @@ lwres_buffer_putmem(lwres_buffer_t *b, const unsigned char *base, void lwres_buffer_getmem(lwres_buffer_t *b, unsigned char *base, unsigned int length); -/* +/**< * Copy 'length' bytes of memory from 'b' into 'base'. * * Requires: diff --git a/usr.sbin/bind/lib/lwres/include/lwres/lwpacket.h b/usr.sbin/bind/lib/lwres/include/lwres/lwpacket.h index 65b7cf39d99..10d403c9ee3 100644 --- a/usr.sbin/bind/lib/lwres/include/lwres/lwpacket.h +++ b/usr.sbin/bind/lib/lwres/include/lwres/lwpacket.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwpacket.h,v 1.17.206.1 2004/03/06 08:15:35 marka Exp $ */ +/* $ISC: lwpacket.h,v 1.18.18.2 2005/04/29 00:17:22 marka Exp $ */ #ifndef LWRES_LWPACKET_H #define LWRES_LWPACKET_H 1 @@ -24,89 +24,124 @@ #include <lwres/lwbuffer.h> #include <lwres/result.h> +/*% lwres_lwpacket_t */ typedef struct lwres_lwpacket lwres_lwpacket_t; +/*% lwres_lwpacket structure */ struct lwres_lwpacket { + /*! The overall packet length, including the + * entire packet header. + * This field is filled in by the + * \link lwres_gabn.c lwres_gabn_*()\endlink + * and \link lwres_gnba.c lwres_gnba_*()\endlink calls. + */ lwres_uint32_t length; + /*! Specifies the header format. Currently, + * there is only one format, #LWRES_LWPACKETVERSION_0. + * This field is filled in by the + * \link lwres_gabn.c lwres_gabn_*()\endlink + * and \link lwres_gnba.c lwres_gnba_*()\endlink calls. + */ lwres_uint16_t version; + /*! Specifies library-defined flags for this packet, such as + * whether the packet is a request or a reply. None of + * these are definable by the caller, but library-defined values + * can be set by the caller. For example, one bit in this field + * indicates if the packet is a request or a response. + * This field is filled in by + * the application wits the exception of the + * #LWRES_LWPACKETFLAG_RESPONSE bit, which is set by the library + * in the + * \link lwres_gabn.c lwres_gabn_*()\endlink + * and \link lwres_gnba.c lwres_gnba_*()\endlink calls. + */ lwres_uint16_t pktflags; + /*! Set by the requestor and is returned in all replies. + * If two packets from the same source have the same serial + * number and are from the same source, they are assumed to + * be duplicates and the latter ones may be dropped. + * (The library does not do this by default on replies, but + * does so on requests.) + */ lwres_uint32_t serial; + /*! Opcodes between 0x04000000 and 0xffffffff + * are application defined. Opcodes between + * 0x00000000 and 0x03ffffff are + * reserved for library use. + * This field is filled in by the + * \link lwres_gabn.c lwres_gabn_*()\endlink + * and \link lwres_gnba.c lwres_gnba_*()\endlink calls. + */ lwres_uint32_t opcode; + /*! Only valid for results. + * Results between 0x04000000 and 0xffffffff are application + * defined. + * Results between 0x00000000 and 0x03ffffff are reserved for + * library use. + * (This is the same reserved range defined in <isc/resultclass.h>, + * so it + * would be trivial to map ISC_R_* result codes into packet result + * codes when appropriate.) + * This field is filled in by the + * \link lwres_gabn.c lwres_gabn_*()\endlink + * and \link lwres_gnba.c lwres_gnba_*()\endlink calls. + */ lwres_uint32_t result; + /*! Set to the maximum buffer size that the receiver can + * handle on requests, and the size of the buffer needed to + * satisfy a request + * when the buffer is too large for replies. + * This field is supplied by the application. + */ lwres_uint32_t recvlength; + /*! The packet level auth type used. + * Authtypes between 0x1000 and 0xffff are application defined. + * Authtypes + * between 0x0000 and 0x0fff are reserved for library use. + * This is currently + * unused and MUST be set to zero. + */ lwres_uint16_t authtype; + /*! The length of the authentication data. + * See the specific + * authtypes for more information on what is contained + * in this field. This is currently unused, and + * MUST be set to zero. + */ lwres_uint16_t authlength; }; -#define LWRES_LWPACKET_LENGTH (4 * 5 + 2 * 4) +#define LWRES_LWPACKET_LENGTH (4 * 5 + 2 * 4) /*%< Overall length. */ -#define LWRES_LWPACKETFLAG_RESPONSE 0x0001U /* if set, pkt is a response */ +#define LWRES_LWPACKETFLAG_RESPONSE 0x0001U /*%< If set, pkt is a response. */ -#define LWRES_LWPACKETVERSION_0 0 +#define LWRES_LWPACKETVERSION_0 0 /*%< Header format. */ -/* - * "length" is the overall packet length, including the entire packet header. - * - * "version" specifies the header format. Currently, there is only one - * format, LWRES_LWPACKETVERSION_0. - * - * "flags" specifies library-defined flags for this packet. None of these - * are definable by the caller, but library-defined values can be set by - * the caller. For example, one bit in this field indicates if the packet - * is a request or a response. - * - * "serial" is set by the requestor and is returned in all replies. If two - * packets from the same source have the same serial number and are from - * the same source, they are assumed to be duplicates and the latter ones - * may be dropped. (The library does not do this by default on replies, but - * does so on requests.) - * - * "opcode" is application defined. Opcodes between 0x04000000 and 0xffffffff - * are application defined. Opcodes between 0x00000000 and 0x03ffffff are - * reserved for library use. - * - * "result" is application defined, and valid only on replies. - * Results between 0x04000000 and 0xffffffff are application defined. - * Results between 0x00000000 and 0x03ffffff are reserved for library use. - * (This is the same reserved range defined in <isc/resultclass.h>, so it - * would be trivial to map ISC_R_* result codes into packet result codes - * when appropriate.) +/*! \file lwpacket.h * - * "recvlength" is set to the maximum buffer size that the receiver can - * handle on requests, and the size of the buffer needed to satisfy a request - * when the buffer is too large for replies. - * - * "authtype" is the packet level auth type used. - * Authtypes between 0x1000 and 0xffff are application defined. Authtypes - * between 0x0000 and 0x0fff are reserved for library use. This is currently - * unused and MUST be set to zero. - * - * "authlen" is the length of the authentication data. See the specific - * authtypes for more information on what is contained in this field. This - * is currently unused, and MUST be set to zero. * * The remainder of the packet consists of two regions, one described by * "authlen" and one of "length - authlen - sizeof(lwres_lwpacket_t)". * * That is: * + * \code * pkt header * authlen bytes of auth information * data bytes - */ - -/* + * \endcode + * * Currently defined opcodes: * - * NOOP. Success is always returned, with the packet contents echoed. + *\li #LWRES_OPCODE_NOOP. Success is always returned, with the packet contents echoed. * - * GETADDRSBYNAME. Return all known addresses for a given name. + *\li #LWRES_OPCODE_GETADDRSBYNAME. Return all known addresses for a given name. * This may return NIS or /etc/hosts info as well as DNS * information. Flags will be provided to indicate ip4/ip6 * addresses are desired. * - * GETNAMEBYADDR. Return the hostname for the given address. Once + *\li #LWRES_OPCODE_GETNAMEBYADDR. Return the hostname for the given address. Once * again, it will return data from multiple sources. */ diff --git a/usr.sbin/bind/lib/lwres/include/lwres/netdb.h.in b/usr.sbin/bind/lib/lwres/include/lwres/netdb.h.in index 87749591042..cedfc6e50f3 100644 --- a/usr.sbin/bind/lib/lwres/include/lwres/netdb.h.in +++ b/usr.sbin/bind/lib/lwres/include/lwres/netdb.h.in @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: netdb.h.in,v 1.34.206.1 2004/03/06 08:15:35 marka Exp $ */ +/* $ISC: netdb.h.in,v 1.35.18.2 2005/04/29 00:17:22 marka Exp $ */ + +/*! \file */ #ifndef LWRES_NETDB_H #define LWRES_NETDB_H 1 diff --git a/usr.sbin/bind/lib/lwres/include/lwres/platform.h.in b/usr.sbin/bind/lib/lwres/include/lwres/platform.h.in index 742661f2915..8d834e2bf0c 100644 --- a/usr.sbin/bind/lib/lwres/include/lwres/platform.h.in +++ b/usr.sbin/bind/lib/lwres/include/lwres/platform.h.in @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: platform.h.in,v 1.12.2.1.10.5 2005/06/08 02:08:32 marka Exp $ */ +/* $ISC: platform.h.in,v 1.14.18.5 2005/06/08 02:07:59 marka Exp $ */ + +/*! \file */ #ifndef LWRES_PLATFORM_H #define LWRES_PLATFORM_H 1 @@ -108,4 +110,11 @@ #endif #endif +/* + * Tell Emacs to use C mode on this file. + * Local Variables: + * mode: c + * End: + */ + #endif /* LWRES_PLATFORM_H */ diff --git a/usr.sbin/bind/lib/lwres/include/lwres/result.h b/usr.sbin/bind/lib/lwres/include/lwres/result.h index e5145448a19..19a1288a715 100644 --- a/usr.sbin/bind/lib/lwres/include/lwres/result.h +++ b/usr.sbin/bind/lib/lwres/include/lwres/result.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,11 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: result.h,v 1.14.206.1 2004/03/06 08:15:36 marka Exp $ */ +/* $ISC: result.h,v 1.15.18.2 2005/04/29 00:17:23 marka Exp $ */ #ifndef LWRES_RESULT_H #define LWRES_RESULT_H 1 +/*! \file */ + typedef unsigned int lwres_result_t; #define LWRES_R_SUCCESS 0 diff --git a/usr.sbin/bind/lib/lwres/include/lwres/stdlib.h b/usr.sbin/bind/lib/lwres/include/lwres/stdlib.h index 8f35f51b821..91715f9a6ff 100644 --- a/usr.sbin/bind/lib/lwres/include/lwres/stdlib.h +++ b/usr.sbin/bind/lib/lwres/include/lwres/stdlib.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: stdlib.h,v 1.2.4.1 2005/06/08 02:08:32 marka Exp $ */ +/* $ISC: stdlib.h,v 1.2.2.1 2005/06/08 02:08:01 marka Exp $ */ #ifndef LWRES_STDLIB_H #define LWRES_STDLIB_H 1 diff --git a/usr.sbin/bind/lib/lwres/include/lwres/version.h b/usr.sbin/bind/lib/lwres/include/lwres/version.h index 7179caf287d..1cf513d7adc 100644 --- a/usr.sbin/bind/lib/lwres/include/lwres/version.h +++ b/usr.sbin/bind/lib/lwres/include/lwres/version.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: version.h,v 1.2.224.3 2004/03/08 09:05:11 marka Exp $ */ +/* $ISC: version.h,v 1.3.18.2 2005/04/29 00:17:23 marka Exp $ */ + +/*! \file */ #include <lwres/platform.h> diff --git a/usr.sbin/bind/lib/lwres/lwbuffer.c b/usr.sbin/bind/lib/lwres/lwbuffer.c index 799d16f9360..894c32a1c9b 100644 --- a/usr.sbin/bind/lib/lwres/lwbuffer.c +++ b/usr.sbin/bind/lib/lwres/lwbuffer.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,99 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwbuffer.c,v 1.10.206.1 2004/03/06 08:15:31 marka Exp $ */ +/* $ISC: lwbuffer.c,v 1.11.18.2 2005/04/29 00:17:18 marka Exp $ */ + +/*! \file */ + +/** + * These functions provide bounds checked access to a region of memory + * where data is being read or written. They are based on, and similar + * to, the isc_buffer_ functions in the ISC library. + * + * A buffer is a region of memory, together with a set of related + * subregions. The used region and the available region are disjoint, and + * their union is the buffer's region. The used region extends from the + * beginning of the buffer region to the last used byte. The available + * region extends from one byte greater than the last used byte to the + * end of the buffer's region. The size of the used region can be changed + * using various buffer commands. Initially, the used region is empty. + * + * The used region is further subdivided into two disjoint regions: the + * consumed region and the remaining region. The union of these two + * regions is the used region. The consumed region extends from the + * beginning of the used region to the byte before the current offset (if + * any). The remaining region the current pointer to the end of the used + * region. The size of the consumed region can be changed using various + * buffer commands. Initially, the consumed region is empty. + * + * The active region is an (optional) subregion of the remaining region. + * It extends from the current offset to an offset in the remaining + * region. Initially, the active region is empty. If the current offset + * advances beyond the chosen offset, the active region will also be + * empty. + * + * + * \verbatim + * /------------entire length---------------\\ + * /----- used region -----\\/-- available --\\ + * +----------------------------------------+ + * | consumed | remaining | | + * +----------------------------------------+ + * a b c d e + * + * a == base of buffer. + * b == current pointer. Can be anywhere between a and d. + * c == active pointer. Meaningful between b and d. + * d == used pointer. + * e == length of buffer. + * + * a-e == entire length of buffer. + * a-d == used region. + * a-b == consumed region. + * b-d == remaining region. + * b-c == optional active region. + * \endverbatim + * + * lwres_buffer_init() initializes the lwres_buffer_t *b and assocates it + * with the memory region of size length bytes starting at location base. + * + * lwres_buffer_invalidate() marks the buffer *b as invalid. Invalidating + * a buffer after use is not required, but makes it possible to catch its + * possible accidental use. + * + * The functions lwres_buffer_add() and lwres_buffer_subtract() + * respectively increase and decrease the used space in buffer *b by n + * bytes. lwres_buffer_add() checks for buffer overflow and + * lwres_buffer_subtract() checks for underflow. These functions do not + * allocate or deallocate memory. They just change the value of used. + * + * A buffer is re-initialised by lwres_buffer_clear(). The function sets + * used , current and active to zero. + * + * lwres_buffer_first() makes the consumed region of buffer *p empty by + * setting current to zero (the start of the buffer). + * + * lwres_buffer_forward() increases the consumed region of buffer *b by n + * bytes, checking for overflow. Similarly, lwres_buffer_back() decreases + * buffer b's consumed region by n bytes and checks for underflow. + * + * lwres_buffer_getuint8() reads an unsigned 8-bit integer from *b and + * returns it. lwres_buffer_putuint8() writes the unsigned 8-bit integer + * val to buffer *b. + * + * lwres_buffer_getuint16() and lwres_buffer_getuint32() are identical to + * lwres_buffer_putuint8() except that they respectively read an unsigned + * 16-bit or 32-bit integer in network byte order from b. Similarly, + * lwres_buffer_putuint16() and lwres_buffer_putuint32() writes the + * unsigned 16-bit or 32-bit integer val to buffer b, in network byte + * order. + * + * Arbitrary amounts of data are read or written from a lightweight + * resolver buffer with lwres_buffer_getmem() and lwres_buffer_putmem() + * respectively. lwres_buffer_putmem() copies length bytes of memory at + * base to b. Conversely, lwres_buffer_getmem() copies length bytes of + * memory from b to base. + */ #include <config.h> @@ -42,12 +134,10 @@ lwres_buffer_init(lwres_buffer_t *b, void *base, unsigned int length) b->active = 0; } +/* Make 'b' an invalid buffer. */ void lwres_buffer_invalidate(lwres_buffer_t *b) { - /* - * Make 'b' an invalid buffer. - */ REQUIRE(LWRES_BUFFER_VALID(b)); @@ -59,12 +149,10 @@ lwres_buffer_invalidate(lwres_buffer_t *b) b->active = 0; } +/* Increase the 'used' region of 'b' by 'n' bytes. */ void lwres_buffer_add(lwres_buffer_t *b, unsigned int n) { - /* - * Increase the 'used' region of 'b' by 'n' bytes. - */ REQUIRE(LWRES_BUFFER_VALID(b)); REQUIRE(b->used + n <= b->length); @@ -72,12 +160,10 @@ lwres_buffer_add(lwres_buffer_t *b, unsigned int n) b->used += n; } +/* Decrease the 'used' region of 'b' by 'n' bytes. */ void lwres_buffer_subtract(lwres_buffer_t *b, unsigned int n) { - /* - * Decrease the 'used' region of 'b' by 'n' bytes. - */ REQUIRE(LWRES_BUFFER_VALID(b)); REQUIRE(b->used >= n); @@ -89,12 +175,10 @@ lwres_buffer_subtract(lwres_buffer_t *b, unsigned int n) b->active = b->used; } +/* Make the used region empty. */ void lwres_buffer_clear(lwres_buffer_t *b) { - /* - * Make the used region empty. - */ REQUIRE(LWRES_BUFFER_VALID(b)); @@ -103,24 +187,20 @@ lwres_buffer_clear(lwres_buffer_t *b) b->active = 0; } +/* Make the consumed region empty. */ void lwres_buffer_first(lwres_buffer_t *b) { - /* - * Make the consumed region empty. - */ REQUIRE(LWRES_BUFFER_VALID(b)); b->current = 0; } +/* Increase the 'consumed' region of 'b' by 'n' bytes. */ void lwres_buffer_forward(lwres_buffer_t *b, unsigned int n) { - /* - * Increase the 'consumed' region of 'b' by 'n' bytes. - */ REQUIRE(LWRES_BUFFER_VALID(b)); REQUIRE(b->current + n <= b->used); @@ -128,12 +208,10 @@ lwres_buffer_forward(lwres_buffer_t *b, unsigned int n) b->current += n; } +/* Decrease the 'consumed' region of 'b' by 'n' bytes. */ void lwres_buffer_back(lwres_buffer_t *b, unsigned int n) { - /* - * Decrease the 'consumed' region of 'b' by 'n' bytes. - */ REQUIRE(LWRES_BUFFER_VALID(b)); REQUIRE(n <= b->current); @@ -141,15 +219,13 @@ lwres_buffer_back(lwres_buffer_t *b, unsigned int n) b->current -= n; } +/* Read an unsigned 8-bit integer from 'b' and return it. */ lwres_uint8_t lwres_buffer_getuint8(lwres_buffer_t *b) { unsigned char *cp; lwres_uint8_t result; - /* - * Read an unsigned 8-bit integer from 'b' and return it. - */ REQUIRE(LWRES_BUFFER_VALID(b)); REQUIRE(b->used - b->current >= 1); @@ -162,6 +238,7 @@ lwres_buffer_getuint8(lwres_buffer_t *b) return (result); } +/* Put an unsigned 8-bit integer */ void lwres_buffer_putuint8(lwres_buffer_t *b, lwres_uint8_t val) { @@ -176,16 +253,13 @@ lwres_buffer_putuint8(lwres_buffer_t *b, lwres_uint8_t val) cp[0] = (val & 0x00ff); } +/* Read an unsigned 16-bit integer in network byte order from 'b', convert it to host byte order, and return it. */ lwres_uint16_t lwres_buffer_getuint16(lwres_buffer_t *b) { unsigned char *cp; lwres_uint16_t result; - /* - * Read an unsigned 16-bit integer in network byte order from 'b', - * convert it to host byte order, and return it. - */ REQUIRE(LWRES_BUFFER_VALID(b)); REQUIRE(b->used - b->current >= 2); @@ -199,6 +273,7 @@ lwres_buffer_getuint16(lwres_buffer_t *b) return (result); } +/* Put an unsigned 16-bit integer. */ void lwres_buffer_putuint16(lwres_buffer_t *b, lwres_uint16_t val) { @@ -214,17 +289,13 @@ lwres_buffer_putuint16(lwres_buffer_t *b, lwres_uint16_t val) cp[1] = (val & 0x00ff); } +/* Read an unsigned 32-bit integer in network byte order from 'b', convert it to host byte order, and return it. */ lwres_uint32_t lwres_buffer_getuint32(lwres_buffer_t *b) { unsigned char *cp; lwres_uint32_t result; - /* - * Read an unsigned 32-bit integer in network byte order from 'b', - * convert it to host byte order, and return it. - */ - REQUIRE(LWRES_BUFFER_VALID(b)); REQUIRE(b->used - b->current >= 4); @@ -239,6 +310,7 @@ lwres_buffer_getuint32(lwres_buffer_t *b) return (result); } +/* Put an unsigned 32-bit integer. */ void lwres_buffer_putuint32(lwres_buffer_t *b, lwres_uint32_t val) { @@ -256,6 +328,7 @@ lwres_buffer_putuint32(lwres_buffer_t *b, lwres_uint32_t val) cp[3] = (unsigned char)(val & 0x000000ff); } +/* copies length bytes of memory at base to b */ void lwres_buffer_putmem(lwres_buffer_t *b, const unsigned char *base, unsigned int length) @@ -270,6 +343,7 @@ lwres_buffer_putmem(lwres_buffer_t *b, const unsigned char *base, b->used += length; } +/* copies length bytes of memory at b to base */ void lwres_buffer_getmem(lwres_buffer_t *b, unsigned char *base, unsigned int length) diff --git a/usr.sbin/bind/lib/lwres/lwinetpton.c b/usr.sbin/bind/lib/lwres/lwinetpton.c index 900b38a8a94..a2da4b64027 100644 --- a/usr.sbin/bind/lib/lwres/lwinetpton.c +++ b/usr.sbin/bind/lib/lwres/lwinetpton.c @@ -15,8 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ +/*! \file lwinetpton.c + */ + #if defined(LIBC_SCCS) && !defined(lint) -static char rcsid[] = "$ISC: lwinetpton.c,v 1.6.206.3 2005/03/31 23:56:15 marka Exp $"; +static char rcsid[] = "$ISC: lwinetpton.c,v 1.7.18.3 2005/04/27 05:02:48 sra Exp $"; #endif /* LIBC_SCCS and not lint */ #include <config.h> @@ -38,7 +41,8 @@ static char rcsid[] = "$ISC: lwinetpton.c,v 1.6.206.3 2005/03/31 23:56:15 marka static int inet_pton4(const char *src, unsigned char *dst); static int inet_pton6(const char *src, unsigned char *dst); -/* int +/*! + * int * lwres_net_pton(af, src, dst) * convert from presentation format (which usually means ASCII printable) * to network format (which is usually some kind of binary format). @@ -63,7 +67,7 @@ lwres_net_pton(int af, const char *src, void *dst) { /* NOTREACHED */ } -/* int +/*! int * inet_pton4(src, dst) * like inet_aton() but without all the hexadecimal and shorthand. * return: @@ -110,7 +114,7 @@ inet_pton4(const char *src, unsigned char *dst) { return (1); } -/* int +/*! int * inet_pton6(src, dst) * convert presentation level address to network order binary form. * return: diff --git a/usr.sbin/bind/lib/lwres/lwpacket.c b/usr.sbin/bind/lib/lwres/lwpacket.c index 4d52e442b27..c73537c66c3 100644 --- a/usr.sbin/bind/lib/lwres/lwpacket.c +++ b/usr.sbin/bind/lib/lwres/lwpacket.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,46 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwpacket.c,v 1.13.206.1 2004/03/06 08:15:32 marka Exp $ */ +/* $ISC: lwpacket.c,v 1.14.18.2 2005/04/29 00:17:19 marka Exp $ */ + +/*! \file */ + +/** + * These functions rely on a struct lwres_lwpacket which is defined in + * \link lwpacket.h lwres/lwpacket.h.\endlink + * + * The following opcodes are currently defined: + * + * \li #LWRES_OPCODE_NOOP + * Success is always returned and the packet contents are + * echoed. The \link lwres_noop.c lwres_noop_*()\endlink functions should be used for this + * type. + * + * \li #LWRES_OPCODE_GETADDRSBYNAME + * returns all known addresses for a given name. The + * \link lwres_gabn.c lwres_gabn_*()\endlink functions should be used for this type. + * + * \li #LWRES_OPCODE_GETNAMEBYADDR + * return the hostname for the given address. The + * \link lwres_gnba.c lwres_gnba_*() \endlink functions should be used for this type. + * + * lwres_lwpacket_renderheader() transfers the contents of lightweight + * resolver packet structure #lwres_lwpacket_t *pkt in network byte + * order to the lightweight resolver buffer, *b. + * + * lwres_lwpacket_parseheader() performs the converse operation. It + * transfers data in network byte order from buffer *b to resolver + * packet *pkt. The contents of the buffer b should correspond to a + * #lwres_lwpacket_t. + * + * \section lwpacket_return Return Values + * + * Successful calls to lwres_lwpacket_renderheader() and + * lwres_lwpacket_parseheader() return #LWRES_R_SUCCESS. If there is + * insufficient space to copy data between the buffer *b and + * lightweight resolver packet *pkt both functions return + * #LWRES_R_UNEXPECTEDEND. + */ #include <config.h> @@ -29,9 +68,12 @@ #include "assert_p.h" +/*% Length of Packet */ #define LWPACKET_LENGTH \ (sizeof(lwres_uint16_t) * 4 + sizeof(lwres_uint32_t) * 5) +/*% transfers the contents of lightweight resolver packet structure lwres_lwpacket_t *pkt in network byte order to the lightweight resolver buffer, *b. */ + lwres_result_t lwres_lwpacket_renderheader(lwres_buffer_t *b, lwres_lwpacket_t *pkt) { REQUIRE(b != NULL); @@ -53,6 +95,8 @@ lwres_lwpacket_renderheader(lwres_buffer_t *b, lwres_lwpacket_t *pkt) { return (LWRES_R_SUCCESS); } +/*% transfers data in network byte order from buffer *b to resolver packet *pkt. The contents of the buffer b should correspond to a lwres_lwpacket_t. */ + lwres_result_t lwres_lwpacket_parseheader(lwres_buffer_t *b, lwres_lwpacket_t *pkt) { lwres_uint32_t space; diff --git a/usr.sbin/bind/lib/lwres/lwres_gabn.c b/usr.sbin/bind/lib/lwres/lwres_gabn.c index 81de97e57b7..1ecf5b8fa8b 100644 --- a/usr.sbin/bind/lib/lwres/lwres_gabn.c +++ b/usr.sbin/bind/lib/lwres/lwres_gabn.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,92 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwres_gabn.c,v 1.27.12.3 2004/03/08 09:05:10 marka Exp $ */ +/* $ISC: lwres_gabn.c,v 1.29.18.2 2005/04/29 00:17:19 marka Exp $ */ + +/*! \file lwres_gabn.c + These are low-level routines for creating and parsing lightweight + resolver name-to-address lookup request and response messages. + + There are four main functions for the getaddrbyname opcode. One render + function converts a getaddrbyname request structure -- + lwres_gabnrequest_t -- to the lighweight resolver's canonical format. + It is complemented by a parse function that converts a packet in this + canonical format to a getaddrbyname request structure. Another render + function converts the getaddrbyname response structure -- + lwres_gabnresponse_t -- to the canonical format. This is complemented + by a parse function which converts a packet in canonical format to a + getaddrbyname response structure. + + These structures are defined in \link lwres.h <lwres/lwres.h>.\endlink They are shown below. + +\code +#define LWRES_OPCODE_GETADDRSBYNAME 0x00010001U + +typedef struct lwres_addr lwres_addr_t; +typedef LWRES_LIST(lwres_addr_t) lwres_addrlist_t; + +typedef struct { + lwres_uint32_t flags; + lwres_uint32_t addrtypes; + lwres_uint16_t namelen; + char *name; +} lwres_gabnrequest_t; + +typedef struct { + lwres_uint32_t flags; + lwres_uint16_t naliases; + lwres_uint16_t naddrs; + char *realname; + char **aliases; + lwres_uint16_t realnamelen; + lwres_uint16_t *aliaslen; + lwres_addrlist_t addrs; + void *base; + size_t baselen; +} lwres_gabnresponse_t; +\endcode + + lwres_gabnrequest_render() uses resolver context ctx to convert + getaddrbyname request structure req to canonical format. The packet + header structure pkt is initialised and transferred to buffer b. The + contents of *req are then appended to the buffer in canonical format. + lwres_gabnresponse_render() performs the same task, except it converts + a getaddrbyname response structure lwres_gabnresponse_t to the + lightweight resolver's canonical format. + + lwres_gabnrequest_parse() uses context ctx to convert the contents of + packet pkt to a lwres_gabnrequest_t structure. Buffer b provides space + to be used for storing this structure. When the function succeeds, the + resulting lwres_gabnrequest_t is made available through *structp. + lwres_gabnresponse_parse() offers the same semantics as + lwres_gabnrequest_parse() except it yields a lwres_gabnresponse_t + structure. + + lwres_gabnresponse_free() and lwres_gabnrequest_free() release the + memory in resolver context ctx that was allocated to the + lwres_gabnresponse_t or lwres_gabnrequest_t structures referenced via + structp. Any memory associated with ancillary buffers and strings for + those structures is also discarded. + +\section lwres_gabn_return Return Values + + The getaddrbyname opcode functions lwres_gabnrequest_render(), + lwres_gabnresponse_render() lwres_gabnrequest_parse() and + lwres_gabnresponse_parse() all return #LWRES_R_SUCCESS on success. They + return #LWRES_R_NOMEMORY if memory allocation fails. + #LWRES_R_UNEXPECTEDEND is returned if the available space in the buffer + b is too small to accommodate the packet header or the + lwres_gabnrequest_t and lwres_gabnresponse_t structures. + lwres_gabnrequest_parse() and lwres_gabnresponse_parse() will return + #LWRES_R_UNEXPECTEDEND if the buffer is not empty after decoding the + received packet. These functions will return #LWRES_R_FAILURE if + pktflags in the packet header structure #lwres_lwpacket_t indicate that + the packet is not a response to an earlier query. + +\section lwres_gabn_see See Also + + \link lwpacket.c lwres_lwpacket \endlink + */ #include <config.h> @@ -31,6 +116,7 @@ #include "context_p.h" #include "assert_p.h" +/*% uses resolver context ctx to convert getaddrbyname request structure req to canonical format. */ lwres_result_t lwres_gabnrequest_render(lwres_context_t *ctx, lwres_gabnrequest_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b) @@ -97,7 +183,7 @@ lwres_gabnrequest_render(lwres_context_t *ctx, lwres_gabnrequest_t *req, return (LWRES_R_SUCCESS); } - +/*% converts a getaddrbyname response structure lwres_gabnresponse_t to the lightweight resolver's canonical format. */ lwres_result_t lwres_gabnresponse_render(lwres_context_t *ctx, lwres_gabnresponse_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b) @@ -194,7 +280,7 @@ lwres_gabnresponse_render(lwres_context_t *ctx, lwres_gabnresponse_t *req, return (LWRES_R_SUCCESS); } - +/*% Uses context ctx to convert the contents of packet pkt to a lwres_gabnrequest_t structure. */ lwres_result_t lwres_gabnrequest_parse(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_gabnrequest_t **structp) @@ -243,6 +329,8 @@ lwres_gabnrequest_parse(lwres_context_t *ctx, lwres_buffer_t *b, return (LWRES_R_SUCCESS); } +/*% Offers the same semantics as lwres_gabnrequest_parse() except it yields a lwres_gabnresponse_t structure. */ + lwres_result_t lwres_gabnresponse_parse(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_gabnresponse_t **structp) @@ -372,6 +460,7 @@ lwres_gabnresponse_parse(lwres_context_t *ctx, lwres_buffer_t *b, return (ret); } +/*% Release the memory in resolver context ctx that was allocated to the lwres_gabnrequest_t. */ void lwres_gabnrequest_free(lwres_context_t *ctx, lwres_gabnrequest_t **structp) { @@ -386,6 +475,7 @@ lwres_gabnrequest_free(lwres_context_t *ctx, lwres_gabnrequest_t **structp) CTXFREE(gabn, sizeof(lwres_gabnrequest_t)); } +/*% Release the memory in resolver context ctx that was allocated to the lwres_gabnresponse_t. */ void lwres_gabnresponse_free(lwres_context_t *ctx, lwres_gabnresponse_t **structp) { diff --git a/usr.sbin/bind/lib/lwres/lwres_gnba.c b/usr.sbin/bind/lib/lwres/lwres_gnba.c index 4b6709e37ab..2ecc61cee9c 100644 --- a/usr.sbin/bind/lib/lwres/lwres_gnba.c +++ b/usr.sbin/bind/lib/lwres/lwres_gnba.c @@ -1,8 +1,8 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * - * Permission to use, copy, modify, and distribute this software for any + * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * @@ -15,7 +15,88 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwres_gnba.c,v 1.20.2.2.8.4 2004/03/08 09:05:11 marka Exp $ */ +/* $ISC: lwres_gnba.c,v 1.23.18.4 2007/09/26 23:46:34 tbox Exp $ */ + +/*! \file lwres_gnba.c + These are low-level routines for creating and parsing lightweight + resolver address-to-name lookup request and response messages. + + There are four main functions for the getnamebyaddr opcode. One + render function converts a getnamebyaddr request structure -- + lwres_gnbarequest_t -- to the lightweight resolver's canonical + format. It is complemented by a parse function that converts a + packet in this canonical format to a getnamebyaddr request + structure. Another render function converts the getnamebyaddr + response structure -- lwres_gnbaresponse_t to the canonical format. + This is complemented by a parse function which converts a packet in + canonical format to a getnamebyaddr response structure. + + These structures are defined in \link lwres.h <lwres/lwres.h.>\endlink They are shown + below. + +\code +#define LWRES_OPCODE_GETNAMEBYADDR 0x00010002U + +typedef struct { + lwres_uint32_t flags; + lwres_addr_t addr; +} lwres_gnbarequest_t; + +typedef struct { + lwres_uint32_t flags; + lwres_uint16_t naliases; + char *realname; + char **aliases; + lwres_uint16_t realnamelen; + lwres_uint16_t *aliaslen; + void *base; + size_t baselen; +} lwres_gnbaresponse_t; +\endcode + + lwres_gnbarequest_render() uses resolver context ctx to convert + getnamebyaddr request structure req to canonical format. The packet + header structure pkt is initialised and transferred to buffer b. + The contents of *req are then appended to the buffer in canonical + format. lwres_gnbaresponse_render() performs the same task, except + it converts a getnamebyaddr response structure lwres_gnbaresponse_t + to the lightweight resolver's canonical format. + + lwres_gnbarequest_parse() uses context ctx to convert the contents + of packet pkt to a lwres_gnbarequest_t structure. Buffer b provides + space to be used for storing this structure. When the function + succeeds, the resulting lwres_gnbarequest_t is made available + through *structp. lwres_gnbaresponse_parse() offers the same +semantics as lwres_gnbarequest_parse() except it yields a + lwres_gnbaresponse_t structure. + + lwres_gnbaresponse_free() and lwres_gnbarequest_free() release the + memory in resolver context ctx that was allocated to the + lwres_gnbaresponse_t or lwres_gnbarequest_t structures referenced + via structp. Any memory associated with ancillary buffers and + strings for those structures is also discarded. + +\section lwres_gbna_return Return Values + + The getnamebyaddr opcode functions lwres_gnbarequest_render(), + lwres_gnbaresponse_render() lwres_gnbarequest_parse() and + lwres_gnbaresponse_parse() all return #LWRES_R_SUCCESS on success. + They return #LWRES_R_NOMEMORY if memory allocation fails. + #LWRES_R_UNEXPECTEDEND is returned if the available space in the + buffer b is too small to accommodate the packet header or the + lwres_gnbarequest_t and lwres_gnbaresponse_t structures. + lwres_gnbarequest_parse() and lwres_gnbaresponse_parse() will + return #LWRES_R_UNEXPECTEDEND if the buffer is not empty after + decoding the received packet. These functions will return + #LWRES_R_FAILURE if pktflags in the packet header structure + #lwres_lwpacket_t indicate that the packet is not a response to an + earlier query. + +\section lwres_gbna_see See Also + + \link lwpacket.c lwres_packet\endlink + + */ #include <config.h> @@ -31,6 +112,7 @@ #include "context_p.h" #include "assert_p.h" +/*% Uses resolver context ctx to convert getnamebyaddr request structure req to canonical format. */ lwres_result_t lwres_gnbarequest_render(lwres_context_t *ctx, lwres_gnbarequest_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b) @@ -44,7 +126,6 @@ lwres_gnbarequest_render(lwres_context_t *ctx, lwres_gnbarequest_t *req, REQUIRE(req != NULL); REQUIRE(req->addr.family != 0); REQUIRE(req->addr.length != 0); - REQUIRE(req->addr.address != NULL); REQUIRE(pkt != NULL); REQUIRE(b != NULL); @@ -88,6 +169,7 @@ lwres_gnbarequest_render(lwres_context_t *ctx, lwres_gnbarequest_t *req, return (LWRES_R_SUCCESS); } +/*% Converts a getnamebyaddr response structure lwres_gnbaresponse_t to the lightweight resolver's canonical format. */ lwres_result_t lwres_gnbaresponse_render(lwres_context_t *ctx, lwres_gnbaresponse_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b) @@ -159,6 +241,7 @@ lwres_gnbaresponse_render(lwres_context_t *ctx, lwres_gnbaresponse_t *req, return (LWRES_R_SUCCESS); } +/*% Uses context ctx to convert the contents of packet pkt to a lwres_gnbarequest_t structure. */ lwres_result_t lwres_gnbarequest_parse(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_gnbarequest_t **structp) @@ -202,6 +285,8 @@ lwres_gnbarequest_parse(lwres_context_t *ctx, lwres_buffer_t *b, return (ret); } +/*% Offers the same semantics as lwres_gnbarequest_parse() except it yields a lwres_gnbaresponse_t structure. */ + lwres_result_t lwres_gnbaresponse_parse(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_gnbaresponse_t **structp) @@ -292,6 +377,7 @@ lwres_gnbaresponse_parse(lwres_context_t *ctx, lwres_buffer_t *b, return (ret); } +/*% Release the memory in resolver context ctx that was allocated to the lwres_gnbarequest_t. */ void lwres_gnbarequest_free(lwres_context_t *ctx, lwres_gnbarequest_t **structp) { @@ -306,6 +392,7 @@ lwres_gnbarequest_free(lwres_context_t *ctx, lwres_gnbarequest_t **structp) CTXFREE(gnba, sizeof(lwres_gnbarequest_t)); } +/*% Release the memory in resolver context ctx that was allocated to the lwres_gnbaresponse_t. */ void lwres_gnbaresponse_free(lwres_context_t *ctx, lwres_gnbaresponse_t **structp) { diff --git a/usr.sbin/bind/lib/lwres/lwres_grbn.c b/usr.sbin/bind/lib/lwres/lwres_grbn.c index 936109009c0..34ee021b1cf 100644 --- a/usr.sbin/bind/lib/lwres/lwres_grbn.c +++ b/usr.sbin/bind/lib/lwres/lwres_grbn.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,11 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwres_grbn.c,v 1.4.12.3 2004/03/08 09:05:11 marka Exp $ */ +/* $ISC: lwres_grbn.c,v 1.6.18.2 2005/04/29 00:17:20 marka Exp $ */ + +/*! \file lwres_grbn.c + + */ #include <config.h> @@ -31,6 +35,7 @@ #include "context_p.h" #include "assert_p.h" +/*% Thread-save equivalent to \link lwres_gabn.c lwres_gabn* \endlink routines. */ lwres_result_t lwres_grbnrequest_render(lwres_context_t *ctx, lwres_grbnrequest_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b) @@ -103,6 +108,7 @@ lwres_grbnrequest_render(lwres_context_t *ctx, lwres_grbnrequest_t *req, return (LWRES_R_SUCCESS); } +/*% Thread-save equivalent to \link lwres_gabn.c lwres_gabn* \endlink routines. */ lwres_result_t lwres_grbnresponse_render(lwres_context_t *ctx, lwres_grbnresponse_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b) @@ -190,6 +196,7 @@ lwres_grbnresponse_render(lwres_context_t *ctx, lwres_grbnresponse_t *req, return (LWRES_R_SUCCESS); } +/*% Thread-save equivalent to \link lwres_gabn.c lwres_gabn* \endlink routines. */ lwres_result_t lwres_grbnrequest_parse(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_grbnrequest_t **structp) @@ -243,6 +250,7 @@ lwres_grbnrequest_parse(lwres_context_t *ctx, lwres_buffer_t *b, return (LWRES_R_SUCCESS); } +/*% Thread-save equivalent to \link lwres_gabn.c lwres_gabn* \endlink routines. */ lwres_result_t lwres_grbnresponse_parse(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_grbnresponse_t **structp) @@ -376,6 +384,7 @@ lwres_grbnresponse_parse(lwres_context_t *ctx, lwres_buffer_t *b, return (ret); } +/*% Thread-save equivalent to \link lwres_gabn.c lwres_gabn* \endlink routines. */ void lwres_grbnrequest_free(lwres_context_t *ctx, lwres_grbnrequest_t **structp) { @@ -390,6 +399,7 @@ lwres_grbnrequest_free(lwres_context_t *ctx, lwres_grbnrequest_t **structp) CTXFREE(grbn, sizeof(lwres_grbnrequest_t)); } +/*% Thread-save equivalent to \link lwres_gabn.c lwres_gabn* \endlink routines. */ void lwres_grbnresponse_free(lwres_context_t *ctx, lwres_grbnresponse_t **structp) { diff --git a/usr.sbin/bind/lib/lwres/lwres_noop.c b/usr.sbin/bind/lib/lwres/lwres_noop.c index c74af0553ee..c8f2a98393f 100644 --- a/usr.sbin/bind/lib/lwres/lwres_noop.c +++ b/usr.sbin/bind/lib/lwres/lwres_noop.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,87 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: lwres_noop.c,v 1.14.206.1 2004/03/06 08:15:33 marka Exp $ */ +/* $ISC: lwres_noop.c,v 1.15.18.2 2005/04/29 00:17:20 marka Exp $ */ + +/*! \file */ + +/** + * These are low-level routines for creating and parsing lightweight + * resolver no-op request and response messages. + * + * The no-op message is analogous to a ping packet: a packet is sent to + * the resolver daemon and is simply echoed back. The opcode is intended + * to allow a client to determine if the server is operational or not. + * + * There are four main functions for the no-op opcode. One render + * function converts a no-op request structure -- lwres_nooprequest_t -- + * to the lighweight resolver's canonical format. It is complemented by a + * parse function that converts a packet in this canonical format to a + * no-op request structure. Another render function converts the no-op + * response structure -- lwres_noopresponse_t to the canonical format. + * This is complemented by a parse function which converts a packet in + * canonical format to a no-op response structure. + * + * These structures are defined in \link lwres.h <lwres/lwres.h.> \endlink They are shown below. + * + * \code + * #define LWRES_OPCODE_NOOP 0x00000000U + * + * typedef struct { + * lwres_uint16_t datalength; + * unsigned char *data; + * } lwres_nooprequest_t; + * + * typedef struct { + * lwres_uint16_t datalength; + * unsigned char *data; + * } lwres_noopresponse_t; + * \endcode + * + * Although the structures have different types, they are identical. This + * is because the no-op opcode simply echos whatever data was sent: the + * response is therefore identical to the request. + * + * lwres_nooprequest_render() uses resolver context ctx to convert no-op + * request structure req to canonical format. The packet header structure + * pkt is initialised and transferred to buffer b. The contents of *req + * are then appended to the buffer in canonical format. + * lwres_noopresponse_render() performs the same task, except it converts + * a no-op response structure lwres_noopresponse_t to the lightweight + * resolver's canonical format. + * + * lwres_nooprequest_parse() uses context ctx to convert the contents of + * packet pkt to a lwres_nooprequest_t structure. Buffer b provides space + * to be used for storing this structure. When the function succeeds, the + * resulting lwres_nooprequest_t is made available through *structp. + * lwres_noopresponse_parse() offers the same semantics as + * lwres_nooprequest_parse() except it yields a lwres_noopresponse_t + * structure. + * + * lwres_noopresponse_free() and lwres_nooprequest_free() release the + * memory in resolver context ctx that was allocated to the + * lwres_noopresponse_t or lwres_nooprequest_t structures referenced via + * structp. + * + * \section lwres_noop_return Return Values + * + * The no-op opcode functions lwres_nooprequest_render(), + * lwres_noopresponse_render() lwres_nooprequest_parse() and + * lwres_noopresponse_parse() all return #LWRES_R_SUCCESS on success. They + * return #LWRES_R_NOMEMORY if memory allocation fails. + * #LWRES_R_UNEXPECTEDEND is returned if the available space in the buffer + * b is too small to accommodate the packet header or the + * lwres_nooprequest_t and lwres_noopresponse_t structures. + * lwres_nooprequest_parse() and lwres_noopresponse_parse() will return + * #LWRES_R_UNEXPECTEDEND if the buffer is not empty after decoding the + * received packet. These functions will return #LWRES_R_FAILURE if + * pktflags in the packet header structure #lwres_lwpacket_t indicate that + * the packet is not a response to an earlier query. + * + * \section lwres_noop_see See Also + * + * lwpacket.c + */ #include <config.h> @@ -31,6 +111,7 @@ #include "context_p.h" #include "assert_p.h" +/*% Uses resolver context ctx to convert no-op request structure req to canonical format. */ lwres_result_t lwres_nooprequest_render(lwres_context_t *ctx, lwres_nooprequest_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b) @@ -82,6 +163,8 @@ lwres_nooprequest_render(lwres_context_t *ctx, lwres_nooprequest_t *req, return (LWRES_R_SUCCESS); } +/*% Converts a no-op response structure lwres_noopresponse_t to the lightweight resolver's canonical format. */ + lwres_result_t lwres_noopresponse_render(lwres_context_t *ctx, lwres_noopresponse_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b) @@ -132,6 +215,7 @@ lwres_noopresponse_render(lwres_context_t *ctx, lwres_noopresponse_t *req, return (LWRES_R_SUCCESS); } +/*% Uses context ctx to convert the contents of packet pkt to a lwres_nooprequest_t structure. */ lwres_result_t lwres_nooprequest_parse(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_nooprequest_t **structp) @@ -179,6 +263,7 @@ lwres_nooprequest_parse(lwres_context_t *ctx, lwres_buffer_t *b, return (ret); } +/*% Offers the same semantics as lwres_nooprequest_parse() except it yields a lwres_noopresponse_t structure. */ lwres_result_t lwres_noopresponse_parse(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_noopresponse_t **structp) @@ -226,6 +311,7 @@ lwres_noopresponse_parse(lwres_context_t *ctx, lwres_buffer_t *b, return (ret); } +/*% Release the memory in resolver context ctx. */ void lwres_noopresponse_free(lwres_context_t *ctx, lwres_noopresponse_t **structp) { @@ -240,6 +326,7 @@ lwres_noopresponse_free(lwres_context_t *ctx, lwres_noopresponse_t **structp) CTXFREE(noop, sizeof(lwres_noopresponse_t)); } +/*% Release the memory in resolver context ctx. */ void lwres_nooprequest_free(lwres_context_t *ctx, lwres_nooprequest_t **structp) { diff --git a/usr.sbin/bind/lib/lwres/man/Makefile.in b/usr.sbin/bind/lib/lwres/man/Makefile.in index 960aec8ac2b..d5565d1b714 100644 --- a/usr.sbin/bind/lib/lwres/man/Makefile.in +++ b/usr.sbin/bind/lib/lwres/man/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.6.206.1 2004/03/06 08:15:36 marka Exp $ +# $ISC: Makefile.in,v 1.7 2004/03/05 05:12:55 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/lwres/man/lwres.3 b/usr.sbin/bind/lib/lwres/man/lwres.3 index bbe61fb98d4..cebc507968d 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres.3,v 1.15.206.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres.3,v 1.17.18.11 2007/01/30 00:23:44 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Jun 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -159,4 +159,7 @@ bit should be set. \fBresolver\fR(5), \fBlwresd\fR(8). .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres.docbook b/usr.sbin/bind/lib/lwres/man/lwres.docbook index 850acb34ef1..6de2602c56c 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,23 +18,28 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres.docbook,v 1.3.206.3 2005/05/12 21:36:11 sra Exp $ --> - +<!-- $ISC: lwres.docbook,v 1.4.18.6 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> -<refmeta> -<refentrytitle>lwres</refentrytitle> -<manvolnum>3</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> + + <refmeta> + <refentrytitle>lwres</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> + <refnamediv> + <refname>lwres</refname> + <refpurpose>introduction to the lightweight resolver library</refpurpose> + </refnamediv> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -44,217 +49,218 @@ </copyright> </docinfo> -<refnamediv> -<refname>lwres</refname> -<refpurpose>introduction to the lightweight resolver library</refpurpose> -</refnamediv> - -<refsynopsisdiv> -<funcsynopsis> + <refsynopsisdiv> + <funcsynopsis> <funcsynopsisinfo>#include <lwres/lwres.h></funcsynopsisinfo> </funcsynopsis> -</refsynopsisdiv> + </refsynopsisdiv> -<refsect1> -<title>DESCRIPTION</title> -<para> -The BIND 9 lightweight resolver library is a simple, name service -independent stub resolver library. It provides hostname-to-address -and address-to-hostname lookup services to applications by -transmitting lookup requests to a resolver daemon -<command>lwresd</command> -running on the local host. The resover daemon performs the -lookup using the DNS or possibly other name service protocols, -and returns the results to the application through the library. -The library and resolver daemon communicate using a simple -UDP-based protocol. -</para> -</refsect1> + <refsect1> + <title>DESCRIPTION</title> + <para> + The BIND 9 lightweight resolver library is a simple, name service + independent stub resolver library. It provides hostname-to-address + and address-to-hostname lookup services to applications by + transmitting lookup requests to a resolver daemon + <command>lwresd</command> + running on the local host. The resover daemon performs the + lookup using the DNS or possibly other name service protocols, + and returns the results to the application through the library. + The library and resolver daemon communicate using a simple + UDP-based protocol. + </para> + </refsect1> -<refsect1> -<title>OVERVIEW</title> -<para> -The lwresd library implements multiple name service APIs. -The standard -<function>gethostbyname()</function>, -<function>gethostbyaddr()</function>, -<function>gethostbyname_r()</function>, -<function>gethostbyaddr_r()</function>, -<function>getaddrinfo()</function>, -<function>getipnodebyname()</function>, -and -<function>getipnodebyaddr()</function> -functions are all supported. To allow the lwres library to coexist -with system libraries that define functions of the same name, -the library defines these functions with names prefixed by -<literal>lwres_</literal>. -To define the standard names, applications must include the -header file -<filename><lwres/netdb.h></filename> -which contains macro definitions mapping the standard function names -into -<literal>lwres_</literal> -prefixed ones. Operating system vendors who integrate the lwres -library into their base distributions should rename the functions -in the library proper so that the renaming macros are not needed. -</para> -<para> -The library also provides a native API consisting of the functions -<function>lwres_getaddrsbyname()</function> -and -<function>lwres_getnamebyaddr()</function>. -These may be called by applications that require more detailed -control over the lookup process than the standard functions -provide. -</para> -<para> -In addition to these name service independent address lookup -functions, the library implements a new, experimental API -for looking up arbitrary DNS resource records, using the -<function>lwres_getaddrsbyname()</function> -function. -</para> -<para> -Finally, there is a low-level API for converting lookup -requests and responses to and from raw lwres protocol packets. -This API can be used by clients requiring nonblocking operation, -and is also used when implementing the server side of the lwres -protocol, for example in the -<command>lwresd</command> -resolver daemon. The use of this low-level API in clients -and servers is outlined in the following sections. -</para> -</refsect1> -<refsect1> -<title>CLIENT-SIDE LOW-LEVEL API CALL FLOW</title> -<para> -When a client program wishes to make an lwres request using the -native low-level API, it typically performs the following -sequence of actions. -</para> -<para> -(1) Allocate or use an existing <type>lwres_packet_t</type>, -called <varname>pkt</varname> below. -</para> -<para> -(2) Set <structfield>pkt.recvlength</structfield> to the maximum length we will accept. -This is done so the receiver of our packets knows how large our receive -buffer is. The "default" is a constant in -<filename>lwres.h</filename>: <constant>LWRES_RECVLENGTH = 4096</constant>. -</para> -<para> -(3) Set <structfield>pkt.serial</structfield> -to a unique serial number. This value is echoed -back to the application by the remote server. -</para> -<para> -(4) Set <structfield>pkt.pktflags</structfield>. Usually this is set to 0. -</para> -<para> -(5) Set <structfield>pkt.result</structfield> to 0. -</para> -<para> -(6) Call <function>lwres_*request_render()</function>, -or marshall in the data using the primitives -such as <function>lwres_packet_render()</function> -and storing the packet data. -</para> -<para> -(7) Transmit the resulting buffer. -</para> -<para> -(8) Call <function>lwres_*response_parse()</function> -to parse any packets received. -</para> -<para> -(9) Verify that the opcode and serial match a request, and process the -packet specific information contained in the body. -</para> -</refsect1> -<refsect1> -<title>SERVER-SIDE LOW-LEVEL API CALL FLOW</title> -<para> -When implementing the server side of the lightweight resolver -protocol using the lwres library, a sequence of actions like the -following is typically involved in processing each request packet. -</para> -<para> -Note that the same <type>lwres_packet_t</type> is used -in both the <function>_parse()</function> and <function>_render()</function> calls, -with only a few modifications made -to the packet header's contents between uses. This method is recommended -as it keeps the serial, opcode, and other fields correct. -</para> -<para> -(1) When a packet is received, call <function>lwres_*request_parse()</function> to -unmarshall it. This returns a <type>lwres_packet_t</type> (also called <varname>pkt</varname>, below) -as well as a data specific type, such as <type>lwres_gabnrequest_t</type>. -</para> -<para> -(2) Process the request in the data specific type. -</para> -<para> -(3) Set the <structfield>pkt.result</structfield>, -<structfield>pkt.recvlength</structfield> as above. All other fields can -be left untouched since they were filled in by the <function>*_parse()</function> call -above. If using <function>lwres_*response_render()</function>, -<structfield>pkt.pktflags</structfield> will be set up -properly. Otherwise, the <constant>LWRES_LWPACKETFLAG_RESPONSE</constant> bit should be -set. -</para> -<para> -(4) Call the data specific rendering function, such as -<function>lwres_gabnresponse_render()</function>. -</para> -<para> -(5) Send the resulting packet to the client. -</para> -<para> -</para> -</refsect1> -<refsect1> -<title>SEE ALSO</title> -<para> -<citerefentry> -<refentrytitle>lwres_gethostent</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, + <refsect1> + <title>OVERVIEW</title> + <para> + The lwresd library implements multiple name service APIs. + The standard + <function>gethostbyname()</function>, + <function>gethostbyaddr()</function>, + <function>gethostbyname_r()</function>, + <function>gethostbyaddr_r()</function>, + <function>getaddrinfo()</function>, + <function>getipnodebyname()</function>, + and + <function>getipnodebyaddr()</function> + functions are all supported. To allow the lwres library to coexist + with system libraries that define functions of the same name, + the library defines these functions with names prefixed by + <literal>lwres_</literal>. + To define the standard names, applications must include the + header file + <filename><lwres/netdb.h></filename> + which contains macro definitions mapping the standard function names + into + <literal>lwres_</literal> + prefixed ones. Operating system vendors who integrate the lwres + library into their base distributions should rename the functions + in the library proper so that the renaming macros are not needed. + </para> + <para> + The library also provides a native API consisting of the functions + <function>lwres_getaddrsbyname()</function> + and + <function>lwres_getnamebyaddr()</function>. + These may be called by applications that require more detailed + control over the lookup process than the standard functions + provide. + </para> + <para> + In addition to these name service independent address lookup + functions, the library implements a new, experimental API + for looking up arbitrary DNS resource records, using the + <function>lwres_getaddrsbyname()</function> + function. + </para> + <para> + Finally, there is a low-level API for converting lookup + requests and responses to and from raw lwres protocol packets. + This API can be used by clients requiring nonblocking operation, + and is also used when implementing the server side of the lwres + protocol, for example in the + <command>lwresd</command> + resolver daemon. The use of this low-level API in clients + and servers is outlined in the following sections. + </para> + </refsect1> + <refsect1> + <title>CLIENT-SIDE LOW-LEVEL API CALL FLOW</title> + <para> + When a client program wishes to make an lwres request using the + native low-level API, it typically performs the following + sequence of actions. + </para> + <para> + (1) Allocate or use an existing <type>lwres_packet_t</type>, + called <varname>pkt</varname> below. + </para> + <para> + (2) Set <structfield>pkt.recvlength</structfield> to the maximum length + we will accept. + This is done so the receiver of our packets knows how large our receive + buffer is. The "default" is a constant in + <filename>lwres.h</filename>: <constant>LWRES_RECVLENGTH = 4096</constant>. + </para> + <para> + (3) Set <structfield>pkt.serial</structfield> + to a unique serial number. This value is echoed + back to the application by the remote server. + </para> + <para> + (4) Set <structfield>pkt.pktflags</structfield>. Usually this is set to + 0. + </para> + <para> + (5) Set <structfield>pkt.result</structfield> to 0. + </para> + <para> + (6) Call <function>lwres_*request_render()</function>, + or marshall in the data using the primitives + such as <function>lwres_packet_render()</function> + and storing the packet data. + </para> + <para> + (7) Transmit the resulting buffer. + </para> + <para> + (8) Call <function>lwres_*response_parse()</function> + to parse any packets received. + </para> + <para> + (9) Verify that the opcode and serial match a request, and process the + packet specific information contained in the body. + </para> + </refsect1> + <refsect1> + <title>SERVER-SIDE LOW-LEVEL API CALL FLOW</title> + <para> + When implementing the server side of the lightweight resolver + protocol using the lwres library, a sequence of actions like the + following is typically involved in processing each request packet. + </para> + <para> + Note that the same <type>lwres_packet_t</type> is used + in both the <function>_parse()</function> and <function>_render()</function> calls, + with only a few modifications made + to the packet header's contents between uses. This method is + recommended + as it keeps the serial, opcode, and other fields correct. + </para> + <para> + (1) When a packet is received, call <function>lwres_*request_parse()</function> to + unmarshall it. This returns a <type>lwres_packet_t</type> (also called <varname>pkt</varname>, below) + as well as a data specific type, such as <type>lwres_gabnrequest_t</type>. + </para> + <para> + (2) Process the request in the data specific type. + </para> + <para> + (3) Set the <structfield>pkt.result</structfield>, + <structfield>pkt.recvlength</structfield> as above. All other fields + can + be left untouched since they were filled in by the <function>*_parse()</function> call + above. If using <function>lwres_*response_render()</function>, + <structfield>pkt.pktflags</structfield> will be set up + properly. Otherwise, the <constant>LWRES_LWPACKETFLAG_RESPONSE</constant> bit should be + set. + </para> + <para> + (4) Call the data specific rendering function, such as + <function>lwres_gabnresponse_render()</function>. + </para> + <para> + (5) Send the resulting packet to the client. + </para> + <para></para> + </refsect1> + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>lwres_gethostent</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, -<citerefentry> -<refentrytitle>lwres_getipnode</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, + <citerefentry> + <refentrytitle>lwres_getipnode</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, -<citerefentry> -<refentrytitle>lwres_getnameinfo</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, + <citerefentry> + <refentrytitle>lwres_getnameinfo</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, -<citerefentry> -<refentrytitle>lwres_noop</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, + <citerefentry> + <refentrytitle>lwres_noop</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, -<citerefentry> -<refentrytitle>lwres_gabn</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, + <citerefentry> + <refentrytitle>lwres_gabn</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, -<citerefentry> -<refentrytitle>lwres_gnba</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, + <citerefentry> + <refentrytitle>lwres_gnba</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, -<citerefentry> -<refentrytitle>lwres_context</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, + <citerefentry> + <refentrytitle>lwres_context</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, -<citerefentry> -<refentrytitle>lwres_config</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, + <citerefentry> + <refentrytitle>lwres_config</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, -<citerefentry> -<refentrytitle>resolver</refentrytitle><manvolnum>5</manvolnum> -</citerefentry>, + <citerefentry> + <refentrytitle>resolver</refentrytitle><manvolnum>5</manvolnum> + </citerefentry>, -<citerefentry> -<refentrytitle>lwresd</refentrytitle><manvolnum>8</manvolnum> -</citerefentry>. + <citerefentry> + <refentrytitle>lwresd</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>. -</para> -</refsect1> -</refentry> + </para> + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/man/lwres_buffer.3 b/usr.sbin/bind/lib/lwres/man/lwres_buffer.3 index 898801ecbd6..6c72fa34343 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_buffer.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres_buffer.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres_buffer.3,v 1.12.2.1.8.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres_buffer.3,v 1.15.18.11 2007/01/30 00:23:45 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres_buffer .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Jun 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -36,37 +36,37 @@ lwres_buffer_init, lwres_buffer_invalidate, lwres_buffer_add, lwres_buffer_subtr #include <lwres/lwbuffer.h> .fi .HP 23 -.BI "void lwres_buffer_init(lwres_buffer_t\ *b, void\ *base, unsigned\ int\ length);" +.BI "void lwres_buffer_init(lwres_buffer_t\ *" "b" ", void\ *" "base" ", unsigned\ int\ " "length" ");" .HP 29 -.BI "void lwres_buffer_invalidate(lwres_buffer_t\ *b);" +.BI "void lwres_buffer_invalidate(lwres_buffer_t\ *" "b" ");" .HP 22 -.BI "void lwres_buffer_add(lwres_buffer_t\ *b, unsigned\ int\ n);" +.BI "void lwres_buffer_add(lwres_buffer_t\ *" "b" ", unsigned\ int\ " "n" ");" .HP 27 -.BI "void lwres_buffer_subtract(lwres_buffer_t\ *b, unsigned\ int\ n);" +.BI "void lwres_buffer_subtract(lwres_buffer_t\ *" "b" ", unsigned\ int\ " "n" ");" .HP 24 -.BI "void lwres_buffer_clear(lwres_buffer_t\ *b);" +.BI "void lwres_buffer_clear(lwres_buffer_t\ *" "b" ");" .HP 24 -.BI "void lwres_buffer_first(lwres_buffer_t\ *b);" +.BI "void lwres_buffer_first(lwres_buffer_t\ *" "b" ");" .HP 26 -.BI "void lwres_buffer_forward(lwres_buffer_t\ *b, unsigned\ int\ n);" +.BI "void lwres_buffer_forward(lwres_buffer_t\ *" "b" ", unsigned\ int\ " "n" ");" .HP 23 -.BI "void lwres_buffer_back(lwres_buffer_t\ *b, unsigned\ int\ n);" +.BI "void lwres_buffer_back(lwres_buffer_t\ *" "b" ", unsigned\ int\ " "n" ");" .HP 36 -.BI "lwres_uint8_t lwres_buffer_getuint8(lwres_buffer_t\ *b);" +.BI "lwres_uint8_t lwres_buffer_getuint8(lwres_buffer_t\ *" "b" ");" .HP 27 -.BI "void lwres_buffer_putuint8(lwres_buffer_t\ *b, lwres_uint8_t\ val);" +.BI "void lwres_buffer_putuint8(lwres_buffer_t\ *" "b" ", lwres_uint8_t\ " "val" ");" .HP 38 -.BI "lwres_uint16_t lwres_buffer_getuint16(lwres_buffer_t\ *b);" +.BI "lwres_uint16_t lwres_buffer_getuint16(lwres_buffer_t\ *" "b" ");" .HP 28 -.BI "void lwres_buffer_putuint16(lwres_buffer_t\ *b, lwres_uint16_t\ val);" +.BI "void lwres_buffer_putuint16(lwres_buffer_t\ *" "b" ", lwres_uint16_t\ " "val" ");" .HP 38 -.BI "lwres_uint32_t lwres_buffer_getuint32(lwres_buffer_t\ *b);" +.BI "lwres_uint32_t lwres_buffer_getuint32(lwres_buffer_t\ *" "b" ");" .HP 28 -.BI "void lwres_buffer_putuint32(lwres_buffer_t\ *b, lwres_uint32_t\ val);" +.BI "void lwres_buffer_putuint32(lwres_buffer_t\ *" "b" ", lwres_uint32_t\ " "val" ");" .HP 25 -.BI "void lwres_buffer_putmem(lwres_buffer_t\ *b, const\ unsigned\ char\ *base, unsigned\ int\ length);" +.BI "void lwres_buffer_putmem(lwres_buffer_t\ *" "b" ", const\ unsigned\ char\ *" "base" ", unsigned\ int\ " "length" ");" .HP 25 -.BI "void lwres_buffer_getmem(lwres_buffer_t\ *b, unsigned\ char\ *base, unsigned\ int\ length);" +.BI "void lwres_buffer_getmem(lwres_buffer_t\ *" "b" ", unsigned\ char\ *" "base" ", unsigned\ int\ " "length" ");" .SH "DESCRIPTION" .PP These functions provide bounds checked access to a region of memory where data is being read or written. They are based on, and similar to, the @@ -92,8 +92,7 @@ The \fIactive region\fR is an (optional) subregion of the remaining region. It extends from the current offset to an offset in the remaining region. Initially, the active region is empty. If the current offset advances beyond the chosen offset, the active region will also be empty. .PP -.sp -.RS 3n +.RS 4 .nf /\-\-\-\-\-\-\-\-\-\-\-\-entire length\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\\\\ /\-\-\-\-\- used region \-\-\-\-\-\\\\/\-\- available \-\-\\\\ @@ -101,11 +100,23 @@ is an (optional) subregion of the remaining region. It extends from the current | consumed | remaining | | +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+ a b c d e +.fi +.RE +.sp +.PP +.RS 4 +.nf a == base of buffer. b == current pointer. Can be anywhere between a and d. c == active pointer. Meaningful between b and d. d == used pointer. e == length of buffer. +.fi +.RE +.sp +.PP +.RS 4 +.nf a\-e == entire length of buffer. a\-d == used region. a\-b == consumed region. @@ -146,8 +157,7 @@ used. .PP A buffer is re\-initialised by \fBlwres_buffer_clear()\fR. The function sets -used -, +used, current and active @@ -217,4 +227,7 @@ bytes of memory from to \fIbase\fR. .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres_buffer.docbook b/usr.sbin/bind/lib/lwres/man/lwres_buffer.docbook index 4af7fec4a65..610eae3ece7 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_buffer.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres_buffer.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,23 +18,23 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres_buffer.docbook,v 1.3.206.3 2005/05/12 21:36:11 sra Exp $ --> - +<!-- $ISC: lwres_buffer.docbook,v 1.4.18.6 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> + <refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> -<refmeta> -<refentrytitle>lwres_buffer</refentrytitle> -<manvolnum>3</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refmeta> + <refentrytitle>lwres_buffer</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -44,350 +44,351 @@ </copyright> </docinfo> -<refnamediv> -<refname>lwres_buffer_init</refname> -<refname>lwres_buffer_invalidate</refname> -<refname>lwres_buffer_add</refname> -<refname>lwres_buffer_subtract</refname> -<refname>lwres_buffer_clear</refname> -<refname>lwres_buffer_first</refname> -<refname>lwres_buffer_forward</refname> -<refname>lwres_buffer_back</refname> -<refname>lwres_buffer_getuint8</refname> -<refname>lwres_buffer_putuint8</refname> -<refname>lwres_buffer_getuint16</refname> -<refname>lwres_buffer_putuint16</refname> -<refname>lwres_buffer_getuint32</refname> -<refname>lwres_buffer_putuint32</refname> -<refname>lwres_buffer_putmem</refname> -<refname>lwres_buffer_getmem</refname> -<refpurpose>lightweight resolver buffer management</refpurpose> -</refnamediv> + <refnamediv> + <refname>lwres_buffer_init</refname> + <refname>lwres_buffer_invalidate</refname> + <refname>lwres_buffer_add</refname> + <refname>lwres_buffer_subtract</refname> + <refname>lwres_buffer_clear</refname> + <refname>lwres_buffer_first</refname> + <refname>lwres_buffer_forward</refname> + <refname>lwres_buffer_back</refname> + <refname>lwres_buffer_getuint8</refname> + <refname>lwres_buffer_putuint8</refname> + <refname>lwres_buffer_getuint16</refname> + <refname>lwres_buffer_putuint16</refname> + <refname>lwres_buffer_getuint32</refname> + <refname>lwres_buffer_putuint32</refname> + <refname>lwres_buffer_putmem</refname> + <refname>lwres_buffer_getmem</refname> + <refpurpose>lightweight resolver buffer management</refpurpose> + </refnamediv> -<refsynopsisdiv> + <refsynopsisdiv> -<funcsynopsis> + <funcsynopsis> <funcsynopsisinfo> #include <lwres/lwbuffer.h> </funcsynopsisinfo> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_buffer_init</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>void *base</paramdef> -<paramdef>unsigned int length</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>void *<parameter>base</parameter></paramdef> + <paramdef>unsigned int <parameter>length</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_buffer_invalidate</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_buffer_add</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>unsigned int n</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>unsigned int <parameter>n</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_buffer_subtract</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>unsigned int n</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>unsigned int <parameter>n</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_buffer_clear</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_buffer_first</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_buffer_forward</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>unsigned int n</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>unsigned int <parameter>n</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_buffer_back</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>unsigned int n</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>unsigned int <parameter>n</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_uint8_t <function>lwres_buffer_getuint8</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_buffer_putuint8</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>lwres_uint8_t val</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>lwres_uint8_t <parameter>val</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_uint16_t <function>lwres_buffer_getuint16</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_buffer_putuint16</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>lwres_uint16_t val</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>lwres_uint16_t <parameter>val</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_uint32_t <function>lwres_buffer_getuint32</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_buffer_putuint32</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>lwres_uint32_t val</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>lwres_uint32_t <parameter>val</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_buffer_putmem</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>const unsigned char *base</paramdef> -<paramdef>unsigned int length</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>const unsigned char *<parameter>base</parameter></paramdef> + <paramdef>unsigned int <parameter>length</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_buffer_getmem</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>unsigned char *base</paramdef> -<paramdef>unsigned int length</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>unsigned char *<parameter>base</parameter></paramdef> + <paramdef>unsigned int <parameter>length</parameter></paramdef> + </funcprototype> </funcsynopsis> -</refsynopsisdiv> + </refsynopsisdiv> -<refsect1> + <refsect1> -<title>DESCRIPTION</title> -<para> -These functions provide bounds checked access to a region of memory -where data is being read or written. -They are based on, and similar to, the -<literal>isc_buffer_</literal> -functions in the ISC library. -</para> -<para> -A buffer is a region of memory, together with a set of related -subregions. -The <emphasis>used region</emphasis> and the -<emphasis>available</emphasis> region are disjoint, and -their union is the buffer's region. -The used region extends from the beginning of the buffer region to the -last used byte. -The available region extends from one byte greater than the last used -byte to the end of the buffer's region. -The size of the used region can be changed using various -buffer commands. -Initially, the used region is empty. -</para> -<para> -The used region is further subdivided into two disjoint regions: the -<emphasis>consumed region</emphasis> and the <emphasis>remaining region</emphasis>. -The union of these two regions is the used region. -The consumed region extends from the beginning of the used region to -the byte before the <emphasis>current</emphasis> offset (if any). -The <emphasis>remaining</emphasis> region the current pointer to the end of the used -region. -The size of the consumed region can be changed using various -buffer commands. -Initially, the consumed region is empty. -</para> -<para> -The <emphasis>active region</emphasis> is an (optional) subregion of the remaining -region. -It extends from the current offset to an offset in the -remaining region. -Initially, the active region is empty. -If the current offset advances beyond the chosen offset, -the active region will also be empty. -</para> -<para> -<programlisting> - + <title>DESCRIPTION</title> + <para> + These functions provide bounds checked access to a region of memory + where data is being read or written. + They are based on, and similar to, the + <literal>isc_buffer_</literal> + functions in the ISC library. + </para> + <para> + A buffer is a region of memory, together with a set of related + subregions. + The <emphasis>used region</emphasis> and the + <emphasis>available</emphasis> region are disjoint, and + their union is the buffer's region. + The used region extends from the beginning of the buffer region to the + last used byte. + The available region extends from one byte greater than the last used + byte to the end of the buffer's region. + The size of the used region can be changed using various + buffer commands. + Initially, the used region is empty. + </para> + <para> + The used region is further subdivided into two disjoint regions: the + <emphasis>consumed region</emphasis> and the <emphasis>remaining region</emphasis>. + The union of these two regions is the used region. + The consumed region extends from the beginning of the used region to + the byte before the <emphasis>current</emphasis> offset (if any). + The <emphasis>remaining</emphasis> region the current pointer to the end + of the used + region. + The size of the consumed region can be changed using various + buffer commands. + Initially, the consumed region is empty. + </para> + <para> + The <emphasis>active region</emphasis> is an (optional) subregion of the + remaining + region. + It extends from the current offset to an offset in the + remaining region. + Initially, the active region is empty. + If the current offset advances beyond the chosen offset, + the active region will also be empty. + </para> + <para><programlisting> /------------entire length---------------\\ /----- used region -----\\/-- available --\\ +----------------------------------------+ | consumed | remaining | | +----------------------------------------+ a b c d e - + </programlisting> + </para> + <para><programlisting> a == base of buffer. b == current pointer. Can be anywhere between a and d. c == active pointer. Meaningful between b and d. d == used pointer. e == length of buffer. - + </programlisting> + </para> + <para><programlisting> a-e == entire length of buffer. a-d == used region. a-b == consumed region. b-d == remaining region. b-c == optional active region. </programlisting> -</para> -<para> -<function>lwres_buffer_init()</function> -initializes the -<type>lwres_buffer_t</type> -<parameter>*b</parameter> -and assocates it with the memory region of size -<parameter>length</parameter> -bytes starting at location -<parameter>base.</parameter> -</para> -<para> -<function>lwres_buffer_invalidate()</function> -marks the buffer -<parameter>*b</parameter> -as invalid. Invalidating a buffer after use is not required, -but makes it possible to catch its possible accidental use. -</para> -<para> -The functions -<function>lwres_buffer_add()</function> -and -<function>lwres_buffer_subtract()</function> -respectively increase and decrease the used space in -buffer -<parameter>*b</parameter> -by -<parameter>n</parameter> -bytes. -<function>lwres_buffer_add()</function> -checks for buffer overflow and -<function>lwres_buffer_subtract()</function> -checks for underflow. -These functions do not allocate or deallocate memory. -They just change the value of -<structfield>used</structfield>. -</para> -<para> -A buffer is re-initialised by -<function>lwres_buffer_clear()</function>. -The function sets -<structfield>used</structfield> , -<structfield>current</structfield> -and -<structfield>active</structfield> -to zero. -</para> -<para> -<function>lwres_buffer_first</function> -makes the consumed region of buffer -<parameter>*p</parameter> -empty by setting -<structfield>current</structfield> -to zero (the start of the buffer). -</para> -<para> -<function>lwres_buffer_forward()</function> -increases the consumed region of buffer -<parameter>*b</parameter> -by -<parameter>n</parameter> -bytes, checking for overflow. -Similarly, -<function>lwres_buffer_back()</function> -decreases buffer -<parameter>b</parameter>'s -consumed region by -<parameter>n</parameter> -bytes and checks for underflow. -</para> -<para> -<function>lwres_buffer_getuint8()</function> -reads an unsigned 8-bit integer from -<parameter>*b</parameter> -and returns it. -<function>lwres_buffer_putuint8()</function> -writes the unsigned 8-bit integer -<parameter>val</parameter> -to buffer -<parameter>*b</parameter>. -</para> -<para> -<function>lwres_buffer_getuint16()</function> -and -<function>lwres_buffer_getuint32()</function> -are identical to -<function>lwres_buffer_putuint8()</function> -except that they respectively read an unsigned 16-bit or 32-bit integer -in network byte order from -<parameter>b</parameter>. -Similarly, -<function>lwres_buffer_putuint16()</function> -and -<function>lwres_buffer_putuint32()</function> -writes the unsigned 16-bit or 32-bit integer -<parameter>val</parameter> -to buffer -<parameter>b</parameter>, -in network byte order. -</para> -<para> -Arbitrary amounts of data are read or written from a lightweight -resolver buffer with -<function>lwres_buffer_getmem()</function> -and -<function>lwres_buffer_putmem()</function> -respectively. -<function>lwres_buffer_putmem()</function> -copies -<parameter>length</parameter> -bytes of memory at -<parameter>base</parameter> -to -<parameter>b</parameter>. -Conversely, -<function>lwres_buffer_getmem()</function> -copies -<parameter>length</parameter> -bytes of memory from -<parameter>b</parameter> -to -<parameter>base</parameter>. -</para> -</refsect1> -</refentry> + </para> + <para><function>lwres_buffer_init()</function> + initializes the + <type>lwres_buffer_t</type> + <parameter>*b</parameter> + and assocates it with the memory region of size + <parameter>length</parameter> + bytes starting at location + <parameter>base.</parameter> + </para> + <para><function>lwres_buffer_invalidate()</function> + marks the buffer <parameter>*b</parameter> + as invalid. Invalidating a buffer after use is not required, + but makes it possible to catch its possible accidental use. + </para> + <para> + The functions + <function>lwres_buffer_add()</function> + and + <function>lwres_buffer_subtract()</function> + respectively increase and decrease the used space in + buffer + <parameter>*b</parameter> + by + <parameter>n</parameter> + bytes. + <function>lwres_buffer_add()</function> + checks for buffer overflow and + <function>lwres_buffer_subtract()</function> + checks for underflow. + These functions do not allocate or deallocate memory. + They just change the value of + <structfield>used</structfield>. + </para> + <para> + A buffer is re-initialised by + <function>lwres_buffer_clear()</function>. + The function sets + <structfield>used</structfield>, + <structfield>current</structfield> + and + <structfield>active</structfield> + to zero. + </para> + <para><function>lwres_buffer_first</function> + makes the consumed region of buffer + <parameter>*p</parameter> + empty by setting + <structfield>current</structfield> + to zero (the start of the buffer). + </para> + <para><function>lwres_buffer_forward()</function> + increases the consumed region of buffer + <parameter>*b</parameter> + by + <parameter>n</parameter> + bytes, checking for overflow. + Similarly, + <function>lwres_buffer_back()</function> + decreases buffer + <parameter>b</parameter>'s + consumed region by + <parameter>n</parameter> + bytes and checks for underflow. + </para> + <para><function>lwres_buffer_getuint8()</function> + reads an unsigned 8-bit integer from + <parameter>*b</parameter> + and returns it. + <function>lwres_buffer_putuint8()</function> + writes the unsigned 8-bit integer + <parameter>val</parameter> + to buffer + <parameter>*b</parameter>. + </para> + <para><function>lwres_buffer_getuint16()</function> + and + <function>lwres_buffer_getuint32()</function> + are identical to + <function>lwres_buffer_putuint8()</function> + except that they respectively read an unsigned 16-bit or 32-bit integer + in network byte order from + <parameter>b</parameter>. + Similarly, + <function>lwres_buffer_putuint16()</function> + and + <function>lwres_buffer_putuint32()</function> + writes the unsigned 16-bit or 32-bit integer + <parameter>val</parameter> + to buffer + <parameter>b</parameter>, + in network byte order. + </para> + <para> + Arbitrary amounts of data are read or written from a lightweight + resolver buffer with + <function>lwres_buffer_getmem()</function> + and + <function>lwres_buffer_putmem()</function> + respectively. + <function>lwres_buffer_putmem()</function> + copies + <parameter>length</parameter> + bytes of memory at + <parameter>base</parameter> + to + <parameter>b</parameter>. + Conversely, + <function>lwres_buffer_getmem()</function> + copies + <parameter>length</parameter> + bytes of memory from + <parameter>b</parameter> + to + <parameter>base</parameter>. + </para> + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/man/lwres_config.3 b/usr.sbin/bind/lib/lwres/man/lwres_config.3 index 9a65240a8ed..bb3fd5cb866 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_config.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres_config.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres_config.3,v 1.12.2.1.8.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres_config.3,v 1.15.18.11 2007/01/30 00:23:45 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres_config .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Jun 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -36,15 +36,15 @@ lwres_conf_init, lwres_conf_clear, lwres_conf_parse, lwres_conf_print, lwres_con #include <lwres/lwres.h> .fi .HP 21 -.BI "void lwres_conf_init(lwres_context_t\ *ctx);" +.BI "void lwres_conf_init(lwres_context_t\ *" "ctx" ");" .HP 22 -.BI "void lwres_conf_clear(lwres_context_t\ *ctx);" +.BI "void lwres_conf_clear(lwres_context_t\ *" "ctx" ");" .HP 32 -.BI "lwres_result_t lwres_conf_parse(lwres_context_t\ *ctx, const\ char\ *filename);" +.BI "lwres_result_t lwres_conf_parse(lwres_context_t\ *" "ctx" ", const\ char\ *" "filename" ");" .HP 32 -.BI "lwres_result_t lwres_conf_print(lwres_context_t\ *ctx, FILE\ *fp);" +.BI "lwres_result_t lwres_conf_print(lwres_context_t\ *" "ctx" ", FILE\ *" "fp" ");" .HP 30 -.BI "lwres_conf_t * lwres_conf_get(lwres_context_t\ *ctx);" +.BI "lwres_conf_t * lwres_conf_get(lwres_context_t\ *" "ctx" ");" .SH "DESCRIPTION" .PP \fBlwres_conf_init()\fR @@ -100,4 +100,7 @@ unless an error occurred when converting the network addresses to a numeric host .PP \fI/etc/resolv.conf\fR .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres_config.docbook b/usr.sbin/bind/lib/lwres/man/lwres_config.docbook index 7508b478989..3f1076d0178 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_config.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres_config.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,24 +18,24 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres_config.docbook,v 1.2.206.3 2005/05/12 21:36:12 sra Exp $ --> - +<!-- $ISC: lwres_config.docbook,v 1.3.18.6 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> + <refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> -<refmeta> -<refentrytitle>lwres_config</refentrytitle> -<manvolnum>3</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refmeta> + <refentrytitle>lwres_config</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -45,131 +45,129 @@ </copyright> </docinfo> -<refnamediv> -<refname>lwres_conf_init</refname> -<refname>lwres_conf_clear</refname> -<refname>lwres_conf_parse</refname> -<refname>lwres_conf_print</refname> -<refname>lwres_conf_get</refname> -<refpurpose>lightweight resolver configuration</refpurpose> -</refnamediv> + <refnamediv> + <refname>lwres_conf_init</refname> + <refname>lwres_conf_clear</refname> + <refname>lwres_conf_parse</refname> + <refname>lwres_conf_print</refname> + <refname>lwres_conf_get</refname> + <refpurpose>lightweight resolver configuration</refpurpose> + </refnamediv> -<refsynopsisdiv> -<funcsynopsis> + <refsynopsisdiv> + <funcsynopsis> <funcsynopsisinfo>#include <lwres/lwres.h></funcsynopsisinfo> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_conf_init</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_conf_clear</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_conf_parse</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>const char *filename</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>const char *<parameter>filename</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_conf_print</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>FILE *fp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>FILE *<parameter>fp</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_conf_t * <function>lwres_conf_get</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + </funcprototype> </funcsynopsis> -</refsynopsisdiv> + </refsynopsisdiv> + + <refsect1> + <title>DESCRIPTION</title> + + <para><function>lwres_conf_init()</function> + creates an empty + <type>lwres_conf_t</type> + structure for lightweight resolver context + <parameter>ctx</parameter>. + </para> + + <para><function>lwres_conf_clear()</function> + frees up all the internal memory used by + that + <type>lwres_conf_t</type> + structure in resolver context + <parameter>ctx</parameter>. + </para> -<refsect1> -<title>DESCRIPTION</title> -<para> -<function>lwres_conf_init()</function> -creates an empty -<type>lwres_conf_t</type> -structure for lightweight resolver context -<parameter>ctx</parameter>. -</para> -<para> -<function>lwres_conf_clear()</function> -frees up all the internal memory used by -that -<type>lwres_conf_t</type> -structure in resolver context -<parameter>ctx</parameter>. -</para> -<para> -<function>lwres_conf_parse()</function> -opens the file -<parameter>filename</parameter> -and parses it to initialise the resolver context -<parameter>ctx</parameter>'s -<type>lwres_conf_t</type> -structure. -</para> -<para> -<function>lwres_conf_print()</function> -prints the -<type>lwres_conf_t</type> -structure for resolver context -<parameter>ctx</parameter> -to the -<type>FILE</type> -<parameter>fp</parameter>. -</para> -</refsect1> -<refsect1> + <para><function>lwres_conf_parse()</function> + opens the file + <parameter>filename</parameter> + and parses it to initialise the resolver context + <parameter>ctx</parameter>'s + <type>lwres_conf_t</type> + structure. + </para> -<title>RETURN VALUES</title> -<para> -<function>lwres_conf_parse()</function> -returns -<errorcode>LWRES_R_SUCCESS</errorcode> -if it successfully read and parsed -<parameter>filename</parameter>. -It returns -<errorcode>LWRES_R_FAILURE</errorcode> -if -<parameter>filename</parameter> -could not be opened or contained incorrect -resolver statements. -</para> -<para> -<function>lwres_conf_print()</function> -returns -<errorcode>LWRES_R_SUCCESS</errorcode> -unless an error occurred when converting the network addresses to a -numeric host address string. -If this happens, the function returns -<errorcode>LWRES_R_FAILURE</errorcode>. -</para> -</refsect1> -<refsect1> -<title>SEE ALSO</title> -<para> -<citerefentry> -<refentrytitle>stdio</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, -<citerefentry> -<refentrytitle>resolver</refentrytitle><manvolnum>5</manvolnum> -</citerefentry>. -</para> -</refsect1> -<refsect1> -<title>FILES</title> -<para> -<filename>/etc/resolv.conf</filename> -</para> -</refsect1> -</refentry> + <para><function>lwres_conf_print()</function> + prints the + <type>lwres_conf_t</type> + structure for resolver context + <parameter>ctx</parameter> + to the + <type>FILE</type> + <parameter>fp</parameter>. + </para> + </refsect1> + <refsect1> + + <title>RETURN VALUES</title> + + <para><function>lwres_conf_parse()</function> + returns <errorcode>LWRES_R_SUCCESS</errorcode> + if it successfully read and parsed + <parameter>filename</parameter>. + It returns <errorcode>LWRES_R_FAILURE</errorcode> + if <parameter>filename</parameter> + could not be opened or contained incorrect + resolver statements. + </para> + + <para><function>lwres_conf_print()</function> + returns <errorcode>LWRES_R_SUCCESS</errorcode> + unless an error occurred when converting the network addresses to a + numeric host address string. + If this happens, the function returns + <errorcode>LWRES_R_FAILURE</errorcode>. + </para> + </refsect1> + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>stdio</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>resolver</refentrytitle><manvolnum>5</manvolnum> + </citerefentry>. + </para> + </refsect1> + <refsect1> + <title>FILES</title> + <para><filename>/etc/resolv.conf</filename> + </para> + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/man/lwres_gabn.3 b/usr.sbin/bind/lib/lwres/man/lwres_gabn.3 index 9b669cf9c14..3c1d80e6134 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_gabn.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres_gabn.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres_gabn.3,v 1.13.2.1.8.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres_gabn.3,v 1.16.18.11 2007/01/30 00:23:45 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres_gabn .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Jun 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -36,17 +36,17 @@ lwres_gabnrequest_render, lwres_gabnresponse_render, lwres_gabnrequest_parse, lw #include <lwres/lwres.h> .fi .HP 40 -.BI "lwres_result_t lwres_gabnrequest_render(lwres_context_t\ *ctx, lwres_gabnrequest_t\ *req, lwres_lwpacket_t\ *pkt, lwres_buffer_t\ *b);" +.BI "lwres_result_t lwres_gabnrequest_render(lwres_context_t\ *" "ctx" ", lwres_gabnrequest_t\ *" "req" ", lwres_lwpacket_t\ *" "pkt" ", lwres_buffer_t\ *" "b" ");" .HP 41 -.BI "lwres_result_t lwres_gabnresponse_render(lwres_context_t\ *ctx, lwres_gabnresponse_t\ *req, lwres_lwpacket_t\ *pkt, lwres_buffer_t\ *b);" +.BI "lwres_result_t lwres_gabnresponse_render(lwres_context_t\ *" "ctx" ", lwres_gabnresponse_t\ *" "req" ", lwres_lwpacket_t\ *" "pkt" ", lwres_buffer_t\ *" "b" ");" .HP 39 -.BI "lwres_result_t lwres_gabnrequest_parse(lwres_context_t\ *ctx, lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt, lwres_gabnrequest_t\ **structp);" +.BI "lwres_result_t lwres_gabnrequest_parse(lwres_context_t\ *" "ctx" ", lwres_buffer_t\ *" "b" ", lwres_lwpacket_t\ *" "pkt" ", lwres_gabnrequest_t\ **" "structp" ");" .HP 40 -.BI "lwres_result_t lwres_gabnresponse_parse(lwres_context_t\ *ctx, lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt, lwres_gabnresponse_t\ **structp);" +.BI "lwres_result_t lwres_gabnresponse_parse(lwres_context_t\ *" "ctx" ", lwres_buffer_t\ *" "b" ", lwres_lwpacket_t\ *" "pkt" ", lwres_gabnresponse_t\ **" "structp" ");" .HP 29 -.BI "void lwres_gabnresponse_free(lwres_context_t\ *ctx, lwres_gabnresponse_t\ **structp);" +.BI "void lwres_gabnresponse_free(lwres_context_t\ *" "ctx" ", lwres_gabnresponse_t\ **" "structp" ");" .HP 28 -.BI "void lwres_gabnrequest_free(lwres_context_t\ *ctx, lwres_gabnrequest_t\ **structp);" +.BI "void lwres_gabnrequest_free(lwres_context_t\ *" "ctx" ", lwres_gabnrequest_t\ **" "structp" ");" .SH "DESCRIPTION" .PP These are low\-level routines for creating and parsing lightweight resolver name\-to\-address lookup request and response messages. @@ -59,18 +59,36 @@ There are four main functions for the getaddrbyname opcode. One render function .PP These structures are defined in \fI<lwres/lwres.h>\fR. They are shown below. -.sp -.RS 3n +.PP +.RS 4 .nf #define LWRES_OPCODE_GETADDRSBYNAME 0x00010001U +.fi +.RE +.sp +.PP +.RS 4 +.nf typedef struct lwres_addr lwres_addr_t; typedef LWRES_LIST(lwres_addr_t) lwres_addrlist_t; +.fi +.RE +.sp +.PP +.RS 4 +.nf typedef struct { lwres_uint32_t flags; lwres_uint32_t addrtypes; lwres_uint16_t namelen; char *name; } lwres_gabnrequest_t; +.fi +.RE +.sp +.PP +.RS 4 +.nf typedef struct { lwres_uint32_t flags; lwres_uint16_t naliases; @@ -169,6 +187,9 @@ in the packet header structure indicate that the packet is not a response to an earlier query. .SH "SEE ALSO" .PP -\fBlwres_packet\fR(3 ) +\fBlwres_packet\fR(3) .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres_gabn.docbook b/usr.sbin/bind/lib/lwres/man/lwres_gabn.docbook index 3ba6766c6c8..76f242b2cc7 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_gabn.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres_gabn.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,24 +18,24 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres_gabn.docbook,v 1.3.206.3 2005/05/12 21:36:12 sra Exp $ --> - +<!-- $ISC: lwres_gabn.docbook,v 1.4.18.6 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> + <refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> -<refmeta> -<refentrytitle>lwres_gabn</refentrytitle> -<manvolnum>3</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refmeta> + <refentrytitle>lwres_gabn</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -45,106 +45,114 @@ </copyright> </docinfo> -<refnamediv> -<refname>lwres_gabnrequest_render</refname> -<refname>lwres_gabnresponse_render</refname> -<refname>lwres_gabnrequest_parse</refname> -<refname>lwres_gabnresponse_parse</refname> -<refname>lwres_gabnresponse_free</refname> -<refname>lwres_gabnrequest_free</refname> -<refpurpose>lightweight resolver getaddrbyname message handling</refpurpose> -</refnamediv> -<refsynopsisdiv> -<funcsynopsis> + <refnamediv> + <refname>lwres_gabnrequest_render</refname> + <refname>lwres_gabnresponse_render</refname> + <refname>lwres_gabnrequest_parse</refname> + <refname>lwres_gabnresponse_parse</refname> + <refname>lwres_gabnresponse_free</refname> + <refname>lwres_gabnrequest_free</refname> + <refpurpose>lightweight resolver getaddrbyname message handling</refpurpose> + </refnamediv> + <refsynopsisdiv> + <funcsynopsis> <funcsynopsisinfo>#include <lwres/lwres.h></funcsynopsisinfo> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_gabnrequest_render</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_gabnrequest_t *req</paramdef> -<paramdef>lwres_lwpacket_t *pkt</paramdef> -<paramdef>lwres_buffer_t *b</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_gabnrequest_t *<parameter>req</parameter></paramdef> + <paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_gabnresponse_render</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_gabnresponse_t *req</paramdef> -<paramdef>lwres_lwpacket_t *pkt</paramdef> -<paramdef>lwres_buffer_t *b</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_gabnresponse_t *<parameter>req</parameter></paramdef> + <paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_gabnrequest_parse</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>lwres_lwpacket_t *pkt</paramdef> -<paramdef>lwres_gabnrequest_t **structp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> + <paramdef>lwres_gabnrequest_t **<parameter>structp</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_gabnresponse_parse</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>lwres_lwpacket_t *pkt</paramdef> -<paramdef>lwres_gabnresponse_t **structp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> + <paramdef>lwres_gabnresponse_t **<parameter>structp</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_gabnresponse_free</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_gabnresponse_t **structp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_gabnresponse_t **<parameter>structp</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_gabnrequest_free</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_gabnrequest_t **structp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_gabnrequest_t **<parameter>structp</parameter></paramdef> + </funcprototype> </funcsynopsis> -</refsynopsisdiv> -<refsect1> -<title>DESCRIPTION</title> -<para> -These are low-level routines for creating and parsing -lightweight resolver name-to-address lookup request and -response messages. -</para><para> -There are four main functions for the getaddrbyname opcode. -One render function converts a getaddrbyname request structure — -<type>lwres_gabnrequest_t</type> — -to the lighweight resolver's canonical format. -It is complemented by a parse function that converts a packet in this -canonical format to a getaddrbyname request structure. -Another render function converts the getaddrbyname response structure — -<type>lwres_gabnresponse_t</type> — -to the canonical format. -This is complemented by a parse function which converts a packet in -canonical format to a getaddrbyname response structure. -</para> -<para> -These structures are defined in -<filename><lwres/lwres.h></filename>. -They are shown below. -<programlisting> + </refsynopsisdiv> + <refsect1> + <title>DESCRIPTION</title> + <para> + These are low-level routines for creating and parsing + lightweight resolver name-to-address lookup request and + response messages. + </para> + <para> + There are four main functions for the getaddrbyname opcode. + One render function converts a getaddrbyname request structure — + <type>lwres_gabnrequest_t</type> — + to the lighweight resolver's canonical format. + It is complemented by a parse function that converts a packet in this + canonical format to a getaddrbyname request structure. + Another render function converts the getaddrbyname response structure + — <type>lwres_gabnresponse_t</type> — + to the canonical format. + This is complemented by a parse function which converts a packet in + canonical format to a getaddrbyname response structure. + </para> + <para> + These structures are defined in + <filename><lwres/lwres.h></filename>. + They are shown below. + </para> + <para><programlisting> #define LWRES_OPCODE_GETADDRSBYNAME 0x00010001U - +</programlisting> + </para> + <para><programlisting> typedef struct lwres_addr lwres_addr_t; typedef LWRES_LIST(lwres_addr_t) lwres_addrlist_t; - +</programlisting> + </para> + <para><programlisting> typedef struct { lwres_uint32_t flags; lwres_uint32_t addrtypes; lwres_uint16_t namelen; char *name; } lwres_gabnrequest_t; - +</programlisting> + </para> + <para><programlisting> typedef struct { lwres_uint32_t flags; lwres_uint16_t naliases; @@ -158,114 +166,95 @@ typedef struct { size_t baselen; } lwres_gabnresponse_t; </programlisting> -</para> -<para> -<function>lwres_gabnrequest_render()</function> -uses resolver context -<parameter>ctx</parameter> -to convert getaddrbyname request structure -<parameter>req</parameter> -to canonical format. -The packet header structure -<parameter>pkt</parameter> -is initialised and transferred to -buffer -<parameter>b</parameter>. + </para> + + <para><function>lwres_gabnrequest_render()</function> + uses resolver context <parameter>ctx</parameter> to convert + getaddrbyname request structure <parameter>req</parameter> to + canonical format. The packet header structure + <parameter>pkt</parameter> is initialised and transferred to + buffer <parameter>b</parameter>. + + The contents of <parameter>*req</parameter> are then appended to + the buffer in canonical format. + <function>lwres_gabnresponse_render()</function> performs the + same task, except it converts a getaddrbyname response structure + <type>lwres_gabnresponse_t</type> to the lightweight resolver's + canonical format. + </para> -The contents of -<parameter>*req</parameter> -are then appended to the buffer in canonical format. -<function>lwres_gabnresponse_render()</function> -performs the same task, except it converts a getaddrbyname response structure -<type>lwres_gabnresponse_t</type> -to the lightweight resolver's canonical format. -</para> -<para> -<function>lwres_gabnrequest_parse()</function> -uses context -<parameter>ctx</parameter> -to convert the contents of packet -<parameter>pkt</parameter> -to a -<type>lwres_gabnrequest_t</type> -structure. -Buffer -<parameter>b</parameter> -provides space to be used for storing this structure. -When the function succeeds, the resulting -<type>lwres_gabnrequest_t</type> -is made available through -<parameter>*structp</parameter>. + <para><function>lwres_gabnrequest_parse()</function> + uses context <parameter>ctx</parameter> to convert the contents + of packet <parameter>pkt</parameter> to a + <type>lwres_gabnrequest_t</type> structure. Buffer + <parameter>b</parameter> provides space to be used for storing + this structure. When the function succeeds, the resulting + <type>lwres_gabnrequest_t</type> is made available through + <parameter>*structp</parameter>. -<function>lwres_gabnresponse_parse()</function> -offers the same semantics as -<function>lwres_gabnrequest_parse()</function> -except it yields a -<type>lwres_gabnresponse_t</type> -structure. -</para> -<para> -<function>lwres_gabnresponse_free()</function> -and -<function>lwres_gabnrequest_free()</function> -release the memory in resolver context -<parameter>ctx</parameter> -that was allocated to the -<type>lwres_gabnresponse_t</type> -or -<type>lwres_gabnrequest_t</type> -structures referenced via -<parameter>structp</parameter>. + <function>lwres_gabnresponse_parse()</function> offers the same + semantics as <function>lwres_gabnrequest_parse()</function> + except it yields a <type>lwres_gabnresponse_t</type> structure. + </para> -Any memory associated with ancillary buffers and strings for those -structures is also discarded. -</para> -</refsect1> -<refsect1> -<title>RETURN VALUES</title> -<para> -The getaddrbyname opcode functions -<function>lwres_gabnrequest_render()</function>, -<function>lwres_gabnresponse_render()</function> -<function>lwres_gabnrequest_parse()</function> -and -<function>lwres_gabnresponse_parse()</function> -all return -<errorcode>LWRES_R_SUCCESS</errorcode> -on success. -They return -<errorcode>LWRES_R_NOMEMORY</errorcode> -if memory allocation fails. -<errorcode>LWRES_R_UNEXPECTEDEND</errorcode> -is returned if the available space in the buffer -<parameter>b</parameter> -is too small to accommodate the packet header or the -<type>lwres_gabnrequest_t</type> -and -<type>lwres_gabnresponse_t</type> -structures. -<function>lwres_gabnrequest_parse()</function> -and -<function>lwres_gabnresponse_parse()</function> -will return -<errorcode>LWRES_R_UNEXPECTEDEND</errorcode> -if the buffer is not empty after decoding the received packet. -These functions will return -<errorcode>LWRES_R_FAILURE</errorcode> -if -<structfield>pktflags</structfield> -in the packet header structure -<type>lwres_lwpacket_t</type> -indicate that the packet is not a response to an earlier query. -</para> -</refsect1> -<refsect1> -<title>SEE ALSO</title> -<para> -<citerefentry> -<refentrytitle>lwres_packet</refentrytitle><manvolnum>3 -</manvolnum> -</citerefentry> -</para> -</refsect1> -</refentry> + <para><function>lwres_gabnresponse_free()</function> + and <function>lwres_gabnrequest_free()</function> release the + memory in resolver context <parameter>ctx</parameter> that was + allocated to the <type>lwres_gabnresponse_t</type> or + <type>lwres_gabnrequest_t</type> structures referenced via + <parameter>structp</parameter>. + + Any memory associated with ancillary buffers and strings for + those structures is also discarded. + </para> + </refsect1> + <refsect1> + <title>RETURN VALUES</title> + <para> + The getaddrbyname opcode functions + <function>lwres_gabnrequest_render()</function>, + <function>lwres_gabnresponse_render()</function> + <function>lwres_gabnrequest_parse()</function> + and + <function>lwres_gabnresponse_parse()</function> + all return + <errorcode>LWRES_R_SUCCESS</errorcode> + on success. + They return + <errorcode>LWRES_R_NOMEMORY</errorcode> + if memory allocation fails. + <errorcode>LWRES_R_UNEXPECTEDEND</errorcode> + is returned if the available space in the buffer + <parameter>b</parameter> + is too small to accommodate the packet header or the + <type>lwres_gabnrequest_t</type> + and + <type>lwres_gabnresponse_t</type> + structures. + <function>lwres_gabnrequest_parse()</function> + and + <function>lwres_gabnresponse_parse()</function> + will return + <errorcode>LWRES_R_UNEXPECTEDEND</errorcode> + if the buffer is not empty after decoding the received packet. + These functions will return + <errorcode>LWRES_R_FAILURE</errorcode> + if + <structfield>pktflags</structfield> + in the packet header structure + <type>lwres_lwpacket_t</type> + indicate that the packet is not a response to an earlier query. + </para> + </refsect1> + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>lwres_packet</refentrytitle><manvolnum>3</manvolnum> + </citerefentry> + </para> + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/man/lwres_gai_strerror.3 b/usr.sbin/bind/lib/lwres/man/lwres_gai_strerror.3 index d575109d1f6..77313bf2426 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_gai_strerror.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres_gai_strerror.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres_gai_strerror.3,v 1.13.2.1.8.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres_gai_strerror.3,v 1.16.18.11 2007/01/30 00:23:45 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres_gai_strerror .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Jun 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -30,56 +30,78 @@ .\" disable justification (adjust text to left margin only) .ad l .SH "NAME" -gai_strerror \- print suitable error string +lwres_gai_strerror \- print suitable error string .SH "SYNOPSIS" .nf #include <lwres/netdb.h> .fi .HP 20 -.BI "char * gai_strerror(int\ ecode);" +.BI "char * gai_strerror(int\ " "ecode" ");" .SH "DESCRIPTION" .PP \fBlwres_gai_strerror()\fR returns an error message corresponding to an error code returned by \fBgetaddrinfo()\fR. The following error codes and their meaning are defined in \fIinclude/lwres/netdb.h\fR. -.TP 3n +.PP \fBEAI_ADDRFAMILY\fR +.RS 4 address family for hostname not supported -.TP 3n +.RE +.PP \fBEAI_AGAIN\fR +.RS 4 temporary failure in name resolution -.TP 3n +.RE +.PP \fBEAI_BADFLAGS\fR +.RS 4 invalid value for \fBai_flags\fR -.TP 3n +.RE +.PP \fBEAI_FAIL\fR +.RS 4 non\-recoverable failure in name resolution -.TP 3n +.RE +.PP \fBEAI_FAMILY\fR +.RS 4 \fBai_family\fR not supported -.TP 3n +.RE +.PP \fBEAI_MEMORY\fR +.RS 4 memory allocation failure -.TP 3n +.RE +.PP \fBEAI_NODATA\fR +.RS 4 no address associated with hostname -.TP 3n +.RE +.PP \fBEAI_NONAME\fR +.RS 4 hostname or servname not provided, or not known -.TP 3n +.RE +.PP \fBEAI_SERVICE\fR +.RS 4 servname not supported for \fBai_socktype\fR -.TP 3n +.RE +.PP \fBEAI_SOCKTYPE\fR +.RS 4 \fBai_socktype\fR not supported -.TP 3n +.RE +.PP \fBEAI_SYSTEM\fR +.RS 4 system error returned in errno +.RE The message invalid error code is returned if @@ -101,4 +123,7 @@ used by \fBgetaddrinfo\fR(3), \fBRFC2133\fR(). .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres_gai_strerror.docbook b/usr.sbin/bind/lib/lwres/man/lwres_gai_strerror.docbook index 7ca5f4ee98a..298afb6c10d 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_gai_strerror.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres_gai_strerror.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,24 +18,24 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres_gai_strerror.docbook,v 1.3.206.3 2005/05/12 21:36:13 sra Exp $ --> - +<!-- $ISC: lwres_gai_strerror.docbook,v 1.4.18.6 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> + <refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> -<refmeta> -<refentrytitle>lwres_gai_strerror</refentrytitle> -<manvolnum>3</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refmeta> + <refentrytitle>lwres_gai_strerror</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -45,133 +45,156 @@ </copyright> </docinfo> -<refnamediv> -<refname>gai_strerror</refname> -<refpurpose>print suitable error string</refpurpose> -</refnamediv> -<refsynopsisdiv> -<funcsynopsis> + <refnamediv> + <refname>lwres_gai_strerror</refname> + <refpurpose>print suitable error string</refpurpose> + </refnamediv> + + <refsynopsisdiv> + <funcsynopsis> <funcsynopsisinfo>#include <lwres/netdb.h></funcsynopsisinfo> <funcprototype> -<funcdef> + <funcdef> char * <function>gai_strerror</function></funcdef> -<paramdef>int ecode</paramdef> -</funcprototype> + <paramdef>int <parameter>ecode</parameter></paramdef> + </funcprototype> </funcsynopsis> -</refsynopsisdiv> + </refsynopsisdiv> -<refsect1> -<title>DESCRIPTION</title> -<para> -<function>lwres_gai_strerror()</function> -returns an error message corresponding to an error code returned by -<function>getaddrinfo()</function>. -The following error codes and their meaning are defined in -<filename>include/lwres/netdb.h</filename>. -<variablelist> -<varlistentry><term><errorcode>EAI_ADDRFAMILY</errorcode></term> -<listitem> -<para> -address family for hostname not supported -</para> -</listitem></varlistentry> -<varlistentry><term><errorcode>EAI_AGAIN</errorcode></term> -<listitem> -<para> -temporary failure in name resolution -</para> -</listitem></varlistentry> -<varlistentry><term><errorcode>EAI_BADFLAGS</errorcode></term> -<listitem> -<para> -invalid value for -<constant>ai_flags</constant> -</para> -</listitem></varlistentry> -<varlistentry><term><errorcode>EAI_FAIL</errorcode></term> -<listitem> -<para> -non-recoverable failure in name resolution -</para> -</listitem></varlistentry> -<varlistentry><term><errorcode>EAI_FAMILY</errorcode></term> -<listitem> -<para> -<constant>ai_family</constant> not supported -</para> -</listitem></varlistentry> -<varlistentry><term><errorcode>EAI_MEMORY</errorcode></term> -<listitem> -<para> -memory allocation failure -</para> -</listitem></varlistentry> -<varlistentry><term><errorcode>EAI_NODATA</errorcode></term> -<listitem> -<para> -no address associated with hostname -</para> -</listitem></varlistentry> -<varlistentry><term><errorcode>EAI_NONAME</errorcode></term> -<listitem> -<para> -hostname or servname not provided, or not known -</para> -</listitem></varlistentry> -<varlistentry><term><errorcode>EAI_SERVICE</errorcode></term> -<listitem> -<para> -servname not supported for <constant>ai_socktype</constant> -</para> -</listitem></varlistentry> -<varlistentry><term><errorcode>EAI_SOCKTYPE</errorcode></term> -<listitem> -<para> -<constant>ai_socktype</constant> not supported -</para> -</listitem></varlistentry> -<varlistentry><term><errorcode>EAI_SYSTEM</errorcode></term> -<listitem> -<para> -system error returned in errno -</para> -</listitem></varlistentry> -</variablelist> -The message <errorname>invalid error code</errorname> is returned if -<parameter>ecode</parameter> -is out of range. -</para> -<para> -<constant>ai_flags</constant>, -<constant>ai_family</constant> -and -<constant>ai_socktype</constant> -are elements of the -<type>struct addrinfo</type> -used by -<function>lwres_getaddrinfo()</function>. -</para> -</refsect1> + <refsect1> + <title>DESCRIPTION</title> -<refsect1> -<title>SEE ALSO</title> -<para> -<citerefentry> -<refentrytitle>strerror</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, + <para><function>lwres_gai_strerror()</function> + returns an error message corresponding to an error code returned by + <function>getaddrinfo()</function>. + The following error codes and their meaning are defined in + <filename>include/lwres/netdb.h</filename>. + <variablelist> + <varlistentry> + <term><errorcode>EAI_ADDRFAMILY</errorcode></term> + <listitem> + <para> + address family for hostname not supported + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><errorcode>EAI_AGAIN</errorcode></term> + <listitem> + <para> + temporary failure in name resolution + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><errorcode>EAI_BADFLAGS</errorcode></term> + <listitem> + <para> + invalid value for + <constant>ai_flags</constant> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><errorcode>EAI_FAIL</errorcode></term> + <listitem> + <para> + non-recoverable failure in name resolution + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><errorcode>EAI_FAMILY</errorcode></term> + <listitem> + <para><constant>ai_family</constant> not supported + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><errorcode>EAI_MEMORY</errorcode></term> + <listitem> + <para> + memory allocation failure + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><errorcode>EAI_NODATA</errorcode></term> + <listitem> + <para> + no address associated with hostname + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><errorcode>EAI_NONAME</errorcode></term> + <listitem> + <para> + hostname or servname not provided, or not known + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><errorcode>EAI_SERVICE</errorcode></term> + <listitem> + <para> + servname not supported for <constant>ai_socktype</constant> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><errorcode>EAI_SOCKTYPE</errorcode></term> + <listitem> + <para><constant>ai_socktype</constant> not supported + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><errorcode>EAI_SYSTEM</errorcode></term> + <listitem> + <para> + system error returned in errno + </para> + </listitem> + </varlistentry> + </variablelist> + The message <errorname>invalid error code</errorname> is returned if + <parameter>ecode</parameter> + is out of range. + </para> + <para><constant>ai_flags</constant>, + <constant>ai_family</constant> + and + <constant>ai_socktype</constant> + are elements of the + <type>struct addrinfo</type> + used by + <function>lwres_getaddrinfo()</function>. + </para> + </refsect1> -<citerefentry> -<refentrytitle>lwres_getaddrinfo</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>strerror</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, -<citerefentry> -<refentrytitle>getaddrinfo</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, + <citerefentry> + <refentrytitle>lwres_getaddrinfo</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, -<citerefentry> -<refentrytitle>RFC2133</refentrytitle> -</citerefentry>. -</para> -</refsect1> -</refentry> + <citerefentry> + <refentrytitle>getaddrinfo</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + + <citerefentry> + <refentrytitle>RFC2133</refentrytitle> + </citerefentry>. + </para> + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/man/lwres_getaddrinfo.3 b/usr.sbin/bind/lib/lwres/man/lwres_getaddrinfo.3 index 80c23221f4b..98e979ec827 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_getaddrinfo.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres_getaddrinfo.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres_getaddrinfo.3,v 1.16.2.1.8.7 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres_getaddrinfo.3,v 1.20.18.11 2007/01/30 00:23:45 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres_getaddrinfo .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Jun 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -36,14 +36,14 @@ lwres_getaddrinfo, lwres_freeaddrinfo \- socket address structure to host and se #include <lwres/netdb.h> .fi .HP 22 -.BI "int lwres_getaddrinfo(const\ char\ *hostname, const\ char\ *servname, const\ struct\ addrinfo\ *hints, struct\ addrinfo\ **res);" +.BI "int lwres_getaddrinfo(const\ char\ *" "hostname" ", const\ char\ *" "servname" ", const\ struct\ addrinfo\ *" "hints" ", struct\ addrinfo\ **" "res" ");" .HP 24 -.BI "void lwres_freeaddrinfo(struct\ addrinfo\ *ai);" +.BI "void lwres_freeaddrinfo(struct\ addrinfo\ *" "ai" ");" .PP If the operating system does not provide a \fBstruct addrinfo\fR, the following structure is used: -.sp -.RS 3n +.PP +.RS 4 .nf struct addrinfo { int ai_flags; /* AI_PASSIVE, AI_CANONNAME */ @@ -82,14 +82,17 @@ is either a decimal port number or a service name as listed in is an optional pointer to a \fBstruct addrinfo\fR. This structure can be used to provide hints concerning the type of socket that the caller supports or wishes to use. The caller can supply the following structure elements in \fI*hints\fR: -.TP 3n +.PP \fBai_family\fR +.RS 4 The protocol family that should be used. When \fBai_family\fR is set to \fBPF_UNSPEC\fR, it means the caller will accept any protocol family supported by the operating system. -.TP 3n +.RE +.PP \fBai_socktype\fR +.RS 4 denotes the type of socket \(em \fBSOCK_STREAM\fR, \fBSOCK_DGRAM\fR @@ -98,13 +101,17 @@ or \(em that is wanted. When \fBai_socktype\fR is zero the caller will accept any socket type. -.TP 3n +.RE +.PP \fBai_protocol\fR +.RS 4 indicates which transport protocol is wanted: IPPROTO_UDP or IPPROTO_TCP. If \fBai_protocol\fR is zero the caller will accept any protocol. -.TP 3n +.RE +.PP \fBai_flags\fR +.RS 4 Flag bits. If the \fBAI_CANONNAME\fR bit is set, a successful call to @@ -129,11 +136,11 @@ When does not set the \fBAI_PASSIVE\fR bit, the returned socket address structure will be ready for use in a call to -\fBconnect\fR(2 ) +\fBconnect\fR(2) for a connection\-oriented protocol or \fBconnect\fR(2), \fBsendto\fR(2), or -\fBsendmsg\fR(2 ) +\fBsendmsg\fR(2) if a connectionless protocol was chosen. The IP address portion of the socket address structure will be set to the loopback address if \fIhostname\fR is a @@ -150,6 +157,7 @@ is set to it indicates that \fIhostname\fR should be treated as a numeric string defining an IPv4 or IPv6 address and no name resolution should be attempted. +.RE .PP All other elements of the \fBstruct addrinfo\fR @@ -208,7 +216,7 @@ created by a call to .PP \fBlwres_getaddrinfo()\fR returns zero on success or one of the error codes listed in -\fBgai_strerror\fR(3 ) +\fBgai_strerror\fR(3) if an error occurs. If both \fIhostname\fR and @@ -232,4 +240,7 @@ returns \fBsendmsg\fR(2), \fBsocket\fR(2). .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001, 2003 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres_getaddrinfo.docbook b/usr.sbin/bind/lib/lwres/man/lwres_getaddrinfo.docbook index 1c98c6fbc61..35713b7d311 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_getaddrinfo.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres_getaddrinfo.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001, 2003 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,24 +18,24 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres_getaddrinfo.docbook,v 1.5.206.4 2005/05/12 21:36:14 sra Exp $ --> - +<!-- $ISC: lwres_getaddrinfo.docbook,v 1.7.18.6 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> + <refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> -<refmeta> -<refentrytitle>lwres_getaddrinfo</refentrytitle> -<manvolnum>3</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refmeta> + <refentrytitle>lwres_getaddrinfo</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -46,37 +46,37 @@ </copyright> </docinfo> -<refnamediv> -<refname>lwres_getaddrinfo</refname> -<refname>lwres_freeaddrinfo</refname> -<refpurpose>socket address structure to host and service name</refpurpose> -</refnamediv> -<refsynopsisdiv> -<funcsynopsis> + <refnamediv> + <refname>lwres_getaddrinfo</refname> + <refname>lwres_freeaddrinfo</refname> + <refpurpose>socket address structure to host and service name</refpurpose> + </refnamediv> + <refsynopsisdiv> + <funcsynopsis> <funcsynopsisinfo>#include <lwres/netdb.h></funcsynopsisinfo> <funcprototype> -<funcdef> + <funcdef> int <function>lwres_getaddrinfo</function></funcdef> -<paramdef>const char *hostname</paramdef> -<paramdef>const char *servname</paramdef> -<paramdef>const struct addrinfo *hints</paramdef> -<paramdef>struct addrinfo **res</paramdef> -</funcprototype> + <paramdef>const char *<parameter>hostname</parameter></paramdef> + <paramdef>const char *<parameter>servname</parameter></paramdef> + <paramdef>const struct addrinfo *<parameter>hints</parameter></paramdef> + <paramdef>struct addrinfo **<parameter>res</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_freeaddrinfo</function></funcdef> -<paramdef>struct addrinfo *ai</paramdef> -</funcprototype> + <paramdef>struct addrinfo *<parameter>ai</parameter></paramdef> + </funcprototype> </funcsynopsis> -<para> -If the operating system does not provide a -<type>struct addrinfo</type>, -the following structure is used: - -<programlisting> + <para> + If the operating system does not provide a + <type>struct addrinfo</type>, + the following structure is used: + </para> + <para><programlisting> struct addrinfo { int ai_flags; /* AI_PASSIVE, AI_CANONNAME */ int ai_family; /* PF_xxx */ @@ -88,301 +88,300 @@ struct addrinfo { struct addrinfo *ai_next; /* next structure in linked list */ }; </programlisting> -</para> - -</refsynopsisdiv> - -<refsect1> -<title>DESCRIPTION</title> -<para> -<function>lwres_getaddrinfo()</function> -is used to get a list of IP addresses and port numbers for host -<parameter>hostname</parameter> -and service -<parameter>servname</parameter>. - -The function is the lightweight resolver's implementation of -<function>getaddrinfo()</function> -as defined in RFC2133. -<parameter>hostname</parameter> -and -<parameter>servname</parameter> -are pointers to null-terminated -strings or -<type>NULL</type>. - -<parameter>hostname</parameter> -is either a host name or a numeric host address string: a dotted decimal -IPv4 address or an IPv6 address. -<parameter>servname</parameter> -is either a decimal port number or a service name as listed in -<filename>/etc/services</filename>. -</para> - -<para> -<parameter>hints</parameter> -is an optional pointer to a -<type>struct addrinfo</type>. -This structure can be used to provide hints concerning the type of socket -that the caller supports or wishes to use. -The caller can supply the following structure elements in -<parameter>*hints</parameter>: - -<variablelist> -<varlistentry><term><constant>ai_family</constant></term> -<listitem> -<para>The protocol family that should be used. -When -<constant>ai_family</constant> -is set to -<type>PF_UNSPEC</type>, -it means the caller will accept any protocol family supported by the -operating system. -</para></listitem></varlistentry> -<varlistentry><term><constant>ai_socktype</constant></term> -<listitem> -<para> -denotes the type of socket — -<type>SOCK_STREAM</type>, -<type>SOCK_DGRAM</type> -or -<type>SOCK_RAW</type> -— that is wanted. -When -<constant>ai_socktype</constant> -is zero the caller will accept any socket type. -</para> -</listitem> -</varlistentry> -<varlistentry><term><constant>ai_protocol</constant></term> -<listitem> -<para> -indicates which transport protocol is wanted: IPPROTO_UDP or -IPPROTO_TCP. -If -<constant>ai_protocol</constant> -is zero the caller will accept any protocol. -</para> -</listitem> -</varlistentry> -<varlistentry><term><constant>ai_flags</constant></term> -<listitem> -<para> -Flag bits. -If the -<type>AI_CANONNAME</type> -bit is set, a successful call to -<function>lwres_getaddrinfo()</function> -will return a null-terminated string containing the canonical name -of the specified hostname in -<constant>ai_canonname</constant> -of the first -<type>addrinfo</type> -structure returned. -Setting the -<type>AI_PASSIVE</type> -bit indicates that the returned socket address structure is intended -for used in a call to -<citerefentry> -<refentrytitle>bind</refentrytitle><manvolnum>2</manvolnum> -</citerefentry>. - -In this case, if the hostname argument is a -<type>NULL</type> -pointer, then the IP address portion of the socket -address structure will be set to -<type>INADDR_ANY</type> -for an IPv4 address or -<type>IN6ADDR_ANY_INIT</type> -for an IPv6 address. -</para> -<para> -When -<constant>ai_flags</constant> -does not set the -<type>AI_PASSIVE</type> -bit, the returned socket address structure will be ready -for use in a call to -<citerefentry> -<refentrytitle>connect</refentrytitle><manvolnum>2 -</manvolnum> -</citerefentry> -for a connection-oriented protocol or -<citerefentry> -<refentrytitle>connect</refentrytitle><manvolnum>2</manvolnum> -</citerefentry>, - -<citerefentry> -<refentrytitle>sendto</refentrytitle><manvolnum>2</manvolnum> -</citerefentry>, - -or -<citerefentry> -<refentrytitle>sendmsg</refentrytitle><manvolnum>2 -</manvolnum> -</citerefentry> -if a connectionless protocol was chosen. -The IP address portion of the socket address structure will be -set to the loopback address if -<parameter>hostname</parameter> -is a -<type>NULL</type> -pointer and -<type>AI_PASSIVE</type> -is not set in -<constant>ai_flags</constant>. -</para> -<para> -If -<constant>ai_flags</constant> -is set to -<type>AI_NUMERICHOST</type> -it indicates that -<parameter>hostname</parameter> -should be treated as a numeric string defining an IPv4 or IPv6 address -and no name resolution should be attempted. -</para> -</listitem> -</varlistentry> -</variablelist> -</para> - -<para> -All other elements of the <type>struct addrinfo</type> passed -via <parameter>hints</parameter> must be zero. -</para> - -<para> -A <parameter>hints</parameter> of <type>NULL</type> is treated as if -the caller provided a <type>struct addrinfo</type> initialized to zero -with <constant>ai_family</constant>set to -<constant>PF_UNSPEC</constant>. -</para> - -<para> -After a successful call to -<function>lwres_getaddrinfo()</function>, -<parameter>*res</parameter> -is a pointer to a linked list of one or more -<type>addrinfo</type> -structures. -Each -<type>struct addrinfo</type> -in this list cn be processed by following -the -<constant>ai_next</constant> -pointer, until a -<type>NULL</type> -pointer is encountered. -The three members -<constant>ai_family</constant>, -<constant>ai_socktype</constant>, -and -<constant>ai_protocol</constant> -in each -returned -<type>addrinfo</type> -structure contain the corresponding arguments for a call to -<citerefentry> -<refentrytitle>socket</refentrytitle><manvolnum>2</manvolnum> -</citerefentry>. -For each -<type>addrinfo</type> -structure in the list, the -<constant>ai_addr</constant> -member points to a filled-in socket address structure of length -<constant>ai_addrlen</constant>. -</para> - -<para> -All of the information returned by -<function>lwres_getaddrinfo()</function> -is dynamically allocated: the addrinfo structures, and the socket -address structures and canonical host name strings pointed to by the -<constant>addrinfo</constant>structures. -Memory allocated for the dynamically allocated structures created by -a successful call to -<function>lwres_getaddrinfo()</function> -is released by -<function>lwres_freeaddrinfo()</function>. -<parameter>ai</parameter> -is a pointer to a -<type>struct addrinfo</type> -created by a call to -<function>lwres_getaddrinfo()</function>. -</para> - -</refsect1> - -<refsect1> -<title>RETURN VALUES</title> -<para> -<function>lwres_getaddrinfo()</function> -returns zero on success or one of the error codes listed in -<citerefentry> -<refentrytitle>gai_strerror</refentrytitle><manvolnum>3 -</manvolnum> -</citerefentry> -if an error occurs. -If both -<parameter>hostname</parameter> -and -<parameter>servname</parameter> -are -<type>NULL</type> -<function>lwres_getaddrinfo()</function> -returns -<errorcode>EAI_NONAME</errorcode>. - -</para> -</refsect1> -<refsect1> -<title>SEE ALSO</title> -<para> -<citerefentry> -<refentrytitle>lwres</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, - -<citerefentry> -<refentrytitle>lwres_getaddrinfo</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, - -<citerefentry> -<refentrytitle>lwres_freeaddrinfo</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, - -<citerefentry> -<refentrytitle>lwres_gai_strerror</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, - -<citerefentry> -<refentrytitle>RFC2133</refentrytitle> -</citerefentry>, - -<citerefentry> -<refentrytitle>getservbyname</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, - -<citerefentry> -<refentrytitle>bind</refentrytitle><manvolnum>2</manvolnum> -</citerefentry>, - -<citerefentry> -<refentrytitle>connect</refentrytitle><manvolnum>2</manvolnum> -</citerefentry>, - -<citerefentry> -<refentrytitle>sendto</refentrytitle><manvolnum>2</manvolnum> -</citerefentry>, - -<citerefentry> -<refentrytitle>sendmsg</refentrytitle><manvolnum>2</manvolnum> -</citerefentry>, - -<citerefentry> -<refentrytitle>socket</refentrytitle><manvolnum>2</manvolnum> -</citerefentry>. -</para> - -</refsect1> -</refentry> + </para> + + </refsynopsisdiv> + + <refsect1> + <title>DESCRIPTION</title> + + <para><function>lwres_getaddrinfo()</function> + is used to get a list of IP addresses and port numbers for host + <parameter>hostname</parameter> and service + <parameter>servname</parameter>. + + The function is the lightweight resolver's implementation of + <function>getaddrinfo()</function> as defined in RFC2133. + <parameter>hostname</parameter> and + <parameter>servname</parameter> are pointers to null-terminated + strings or <type>NULL</type>. + + <parameter>hostname</parameter> is either a host name or a + numeric host address string: a dotted decimal IPv4 address or an + IPv6 address. <parameter>servname</parameter> is either a + decimal port number or a service name as listed in + <filename>/etc/services</filename>. + </para> + + <para><parameter>hints</parameter> + is an optional pointer to a + <type>struct addrinfo</type>. + This structure can be used to provide hints concerning the type of + socket + that the caller supports or wishes to use. + The caller can supply the following structure elements in + <parameter>*hints</parameter>: + + <variablelist> + <varlistentry> + <term><constant>ai_family</constant></term> + <listitem> + <para> + The protocol family that should be used. + When + <constant>ai_family</constant> + is set to + <type>PF_UNSPEC</type>, + it means the caller will accept any protocol family supported by + the + operating system. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>ai_socktype</constant></term> + <listitem> + <para> + denotes the type of socket — + <type>SOCK_STREAM</type>, + <type>SOCK_DGRAM</type> + or + <type>SOCK_RAW</type> + — that is wanted. + When + <constant>ai_socktype</constant> + is zero the caller will accept any socket type. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>ai_protocol</constant></term> + <listitem> + <para> + indicates which transport protocol is wanted: IPPROTO_UDP or + IPPROTO_TCP. + If + <constant>ai_protocol</constant> + is zero the caller will accept any protocol. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>ai_flags</constant></term> + <listitem> + <para> + Flag bits. + If the + <type>AI_CANONNAME</type> + bit is set, a successful call to + <function>lwres_getaddrinfo()</function> + will return a null-terminated string containing the canonical + name + of the specified hostname in + <constant>ai_canonname</constant> + of the first + <type>addrinfo</type> + structure returned. + Setting the + <type>AI_PASSIVE</type> + bit indicates that the returned socket address structure is + intended + for used in a call to + <citerefentry> + <refentrytitle>bind</refentrytitle><manvolnum>2</manvolnum> + </citerefentry>. + + In this case, if the hostname argument is a + <type>NULL</type> + pointer, then the IP address portion of the socket + address structure will be set to + <type>INADDR_ANY</type> + for an IPv4 address or + <type>IN6ADDR_ANY_INIT</type> + for an IPv6 address. + </para> + <para> + When + <constant>ai_flags</constant> + does not set the + <type>AI_PASSIVE</type> + bit, the returned socket address structure will be ready + for use in a call to + <citerefentry> + <refentrytitle>connect</refentrytitle><manvolnum>2</manvolnum> + </citerefentry> + for a connection-oriented protocol or + <citerefentry> + <refentrytitle>connect</refentrytitle><manvolnum>2</manvolnum> + </citerefentry>, + + <citerefentry> + <refentrytitle>sendto</refentrytitle><manvolnum>2</manvolnum> + </citerefentry>, + + or + <citerefentry> + <refentrytitle>sendmsg</refentrytitle><manvolnum>2</manvolnum> + </citerefentry> + if a connectionless protocol was chosen. + The IP address portion of the socket address structure will be + set to the loopback address if + <parameter>hostname</parameter> + is a + <type>NULL</type> + pointer and + <type>AI_PASSIVE</type> + is not set in + <constant>ai_flags</constant>. + </para> + <para> + If + <constant>ai_flags</constant> + is set to + <type>AI_NUMERICHOST</type> + it indicates that + <parameter>hostname</parameter> + should be treated as a numeric string defining an IPv4 or IPv6 + address + and no name resolution should be attempted. + </para> + </listitem> + </varlistentry> + </variablelist> + </para> + + <para> + All other elements of the <type>struct addrinfo</type> passed + via <parameter>hints</parameter> must be zero. + </para> + + <para> + A <parameter>hints</parameter> of <type>NULL</type> is + treated as if + the caller provided a <type>struct addrinfo</type> initialized to zero + with <constant>ai_family</constant>set to + <constant>PF_UNSPEC</constant>. + </para> + + <para> + After a successful call to + <function>lwres_getaddrinfo()</function>, + <parameter>*res</parameter> + is a pointer to a linked list of one or more + <type>addrinfo</type> + structures. + Each + <type>struct addrinfo</type> + in this list cn be processed by following + the + <constant>ai_next</constant> + pointer, until a + <type>NULL</type> + pointer is encountered. + The three members + <constant>ai_family</constant>, + <constant>ai_socktype</constant>, + and + <constant>ai_protocol</constant> + in each + returned + <type>addrinfo</type> + structure contain the corresponding arguments for a call to + <citerefentry> + <refentrytitle>socket</refentrytitle><manvolnum>2</manvolnum> + </citerefentry>. + For each + <type>addrinfo</type> + structure in the list, the + <constant>ai_addr</constant> + member points to a filled-in socket address structure of length + <constant>ai_addrlen</constant>. + </para> + + <para> + All of the information returned by + <function>lwres_getaddrinfo()</function> + is dynamically allocated: the addrinfo structures, and the socket + address structures and canonical host name strings pointed to by the + <constant>addrinfo</constant>structures. + Memory allocated for the dynamically allocated structures created by + a successful call to + <function>lwres_getaddrinfo()</function> + is released by + <function>lwres_freeaddrinfo()</function>. + <parameter>ai</parameter> + is a pointer to a + <type>struct addrinfo</type> + created by a call to + <function>lwres_getaddrinfo()</function>. + </para> + + </refsect1> + + <refsect1> + <title>RETURN VALUES</title> + + <para><function>lwres_getaddrinfo()</function> + returns zero on success or one of the error codes listed in + <citerefentry> + <refentrytitle>gai_strerror</refentrytitle><manvolnum>3</manvolnum> + </citerefentry> + if an error occurs. If both <parameter>hostname</parameter> and + <parameter>servname</parameter> are <type>NULL</type> + <function>lwres_getaddrinfo()</function> returns + <errorcode>EAI_NONAME</errorcode>. + </para> + </refsect1> + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>lwres</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + + <citerefentry> + <refentrytitle>lwres_getaddrinfo</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + + <citerefentry> + <refentrytitle>lwres_freeaddrinfo</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + + <citerefentry> + <refentrytitle>lwres_gai_strerror</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + + <citerefentry> + <refentrytitle>RFC2133</refentrytitle> + </citerefentry>, + + <citerefentry> + <refentrytitle>getservbyname</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + + <citerefentry> + <refentrytitle>bind</refentrytitle><manvolnum>2</manvolnum> + </citerefentry>, + + <citerefentry> + <refentrytitle>connect</refentrytitle><manvolnum>2</manvolnum> + </citerefentry>, + + <citerefentry> + <refentrytitle>sendto</refentrytitle><manvolnum>2</manvolnum> + </citerefentry>, + + <citerefentry> + <refentrytitle>sendmsg</refentrytitle><manvolnum>2</manvolnum> + </citerefentry>, + + <citerefentry> + <refentrytitle>socket</refentrytitle><manvolnum>2</manvolnum> + </citerefentry>. + </para> + + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/man/lwres_gethostent.3 b/usr.sbin/bind/lib/lwres/man/lwres_gethostent.3 index c8b59ae33ad..b69265863aa 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_gethostent.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres_gethostent.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres_gethostent.3,v 1.16.2.1.8.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres_gethostent.3,v 1.19.18.10 2007/01/30 00:23:45 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres_gethostent .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Jun 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -36,37 +36,37 @@ lwres_gethostbyname, lwres_gethostbyname2, lwres_gethostbyaddr, lwres_gethostent #include <lwres/netdb.h> .fi .HP 37 -.BI "struct hostent * lwres_gethostbyname(const\ char\ *name);" +.BI "struct hostent * lwres_gethostbyname(const\ char\ *" "name" ");" .HP 38 -.BI "struct hostent * lwres_gethostbyname2(const\ char\ *name, int\ af);" +.BI "struct hostent * lwres_gethostbyname2(const\ char\ *" "name" ", int\ " "af" ");" .HP 37 -.BI "struct hostent * lwres_gethostbyaddr(const\ char\ *addr, int\ len, int\ type);" +.BI "struct hostent * lwres_gethostbyaddr(const\ char\ *" "addr" ", int\ " "len" ", int\ " "type" ");" .HP 34 .BI "struct hostent * lwres_gethostent(void);" .HP 22 -.BI "void lwres_sethostent(int\ stayopen);" +.BI "void lwres_sethostent(int\ " "stayopen" ");" .HP 22 .BI "void lwres_endhostent(void);" .HP 39 -.BI "struct hostent * lwres_gethostbyname_r(const\ char\ *name, struct\ hostent\ *resbuf, char\ *buf, int\ buflen, int\ *error);" +.BI "struct hostent * lwres_gethostbyname_r(const\ char\ *" "name" ", struct\ hostent\ *" "resbuf" ", char\ *" "buf" ", int\ " "buflen" ", int\ *" "error" ");" .HP 39 -.BI "struct hostent * lwres_gethostbyaddr_r(const\ char\ *addr, int\ len, int\ type, struct\ hostent\ *resbuf, char\ *buf, int\ buflen, int\ *error);" +.BI "struct hostent * lwres_gethostbyaddr_r(const\ char\ *" "addr" ", int\ " "len" ", int\ " "type" ", struct\ hostent\ *" "resbuf" ", char\ *" "buf" ", int\ " "buflen" ", int\ *" "error" ");" .HP 36 -.BI "struct hostent * lwres_gethostent_r(struct\ hostent\ *resbuf, char\ *buf, int\ buflen, int\ *error);" +.BI "struct hostent * lwres_gethostent_r(struct\ hostent\ *" "resbuf" ", char\ *" "buf" ", int\ " "buflen" ", int\ *" "error" ");" .HP 24 -.BI "void lwres_sethostent_r(int\ stayopen);" +.BI "void lwres_sethostent_r(int\ " "stayopen" ");" .HP 24 .BI "void lwres_endhostent_r(void);" .SH "DESCRIPTION" .PP These functions provide hostname\-to\-address and address\-to\-hostname lookups by means of the lightweight resolver. They are similar to the standard -\fBgethostent\fR(3 ) +\fBgethostent\fR(3) functions provided by most operating systems. They use a \fBstruct hostent\fR which is usually defined in \fI<namedb.h>\fR. -.sp -.RS 3n +.PP +.RS 4 .nf struct hostent { char *h_name; /* official name of host */ @@ -81,26 +81,36 @@ struct hostent { .sp .PP The members of this structure are: -.TP 3n +.PP \fBh_name\fR +.RS 4 The official (canonical) name of the host. -.TP 3n +.RE +.PP \fBh_aliases\fR +.RS 4 A NULL\-terminated array of alternate names (nicknames) for the host. -.TP 3n +.RE +.PP \fBh_addrtype\fR +.RS 4 The type of address being returned \(em \fBPF_INET\fR or \fBPF_INET6\fR. -.TP 3n +.RE +.PP \fBh_length\fR +.RS 4 The length of the address in bytes. -.TP 3n +.RE +.PP \fBh_addr_list\fR +.RS 4 A \fBNULL\fR terminated array of network addresses for the host. Host addresses are returned in network byte order. +.RE .PP For backward compatibility with very old software, \fBh_addr\fR @@ -158,8 +168,7 @@ is a thread\-safe function for forward lookups. If an error occurs, an error cod is a pointer to a \fBstruct hostent\fR which is initialised by a successful call to -\fBlwres_gethostbyname_r()\fR -. +\fBlwres_gethostbyname_r()\fR. \fIbuf\fR is a buffer of length \fIlen\fR @@ -222,20 +231,28 @@ return NULL to indicate an error. In this case the global variable \fBlwres_h_errno\fR will contain one of the following error codes defined in \fI<lwres/netdb.h>\fR: -.TP 3n +.PP \fBHOST_NOT_FOUND\fR +.RS 4 The host or address was not found. -.TP 3n +.RE +.PP \fBTRY_AGAIN\fR +.RS 4 A recoverable error occurred, e.g., a timeout. Retrying the lookup may succeed. -.TP 3n +.RE +.PP \fBNO_RECOVERY\fR +.RS 4 A non\-recoverable error occurred. -.TP 3n +.RE +.PP \fBNO_DATA\fR +.RS 4 The name exists, but has no address information associated with it (or vice versa in the case of a reverse lookup). The code NO_ADDRESS is accepted as a synonym for NO_DATA for backwards compatibility. +.RE .PP -\fBlwres_hstrerror\fR(3 ) +\fBlwres_hstrerror\fR(3) translates these error codes to suitable error messages. .PP \fBlwres_gethostent()\fR @@ -274,7 +291,7 @@ to .PP \fBgethostent\fR(3), \fBlwres_getipnode\fR(3), -\fBlwres_hstrerror\fR(3 ) +\fBlwres_hstrerror\fR(3) .SH "BUGS" .PP \fBlwres_gethostbyname()\fR, @@ -292,4 +309,7 @@ The resolver daemon does not currently support any non\-DNS name services such a or \fBNIS\fR, consequently the above functions don't, either. .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres_gethostent.docbook b/usr.sbin/bind/lib/lwres/man/lwres_gethostent.docbook index 6c5270f1c96..6901574dd36 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_gethostent.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres_gethostent.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,24 +18,24 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres_gethostent.docbook,v 1.5.206.3 2005/05/13 01:22:36 marka Exp $ --> - +<!-- $ISC: lwres_gethostent.docbook,v 1.6.18.5 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> + <refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> -<refmeta> -<refentrytitle>lwres_gethostent</refentrytitle> -<manvolnum>3</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refmeta> + <refentrytitle>lwres_gethostent</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -44,125 +44,124 @@ </copyright> </docinfo> -<refnamediv> -<refname>lwres_gethostbyname</refname> -<refname>lwres_gethostbyname2</refname> -<refname>lwres_gethostbyaddr</refname> -<refname>lwres_gethostent</refname> -<refname>lwres_sethostent</refname> -<refname>lwres_endhostent</refname> -<refname>lwres_gethostbyname_r</refname> -<refname>lwres_gethostbyaddr_r</refname> -<refname>lwres_gethostent_r</refname> -<refname>lwres_sethostent_r</refname> -<refname>lwres_endhostent_r</refname> -<refpurpose>lightweight resolver get network host entry</refpurpose> -</refnamediv> -<refsynopsisdiv> -<funcsynopsis> + <refnamediv> + <refname>lwres_gethostbyname</refname> + <refname>lwres_gethostbyname2</refname> + <refname>lwres_gethostbyaddr</refname> + <refname>lwres_gethostent</refname> + <refname>lwres_sethostent</refname> + <refname>lwres_endhostent</refname> + <refname>lwres_gethostbyname_r</refname> + <refname>lwres_gethostbyaddr_r</refname> + <refname>lwres_gethostent_r</refname> + <refname>lwres_sethostent_r</refname> + <refname>lwres_endhostent_r</refname> + <refpurpose>lightweight resolver get network host entry</refpurpose> + </refnamediv> + <refsynopsisdiv> + <funcsynopsis> <funcsynopsisinfo>#include <lwres/netdb.h></funcsynopsisinfo> <funcprototype> -<funcdef> + <funcdef> struct hostent * <function>lwres_gethostbyname</function></funcdef> -<paramdef>const char *name</paramdef> -</funcprototype> + <paramdef>const char *<parameter>name</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> struct hostent * <function>lwres_gethostbyname2</function></funcdef> -<paramdef>const char *name</paramdef> -<paramdef>int af</paramdef> -</funcprototype> + <paramdef>const char *<parameter>name</parameter></paramdef> + <paramdef>int <parameter>af</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> struct hostent * <function>lwres_gethostbyaddr</function></funcdef> -<paramdef>const char *addr</paramdef> -<paramdef>int len</paramdef> -<paramdef>int type</paramdef> -</funcprototype> + <paramdef>const char *<parameter>addr</parameter></paramdef> + <paramdef>int <parameter>len</parameter></paramdef> + <paramdef>int <parameter>type</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> struct hostent * <function>lwres_gethostent</function></funcdef> -<paramdef>void</paramdef> -</funcprototype> + <paramdef>void</paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_sethostent</function></funcdef> -<paramdef>int stayopen</paramdef> -</funcprototype> + <paramdef>int <parameter>stayopen</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_endhostent</function></funcdef> -<paramdef>void</paramdef> -</funcprototype> + <paramdef>void</paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> struct hostent * <function>lwres_gethostbyname_r</function></funcdef> -<paramdef>const char *name</paramdef> -<paramdef>struct hostent *resbuf</paramdef> -<paramdef>char *buf</paramdef> -<paramdef>int buflen</paramdef> -<paramdef>int *error</paramdef> -</funcprototype> + <paramdef>const char *<parameter>name</parameter></paramdef> + <paramdef>struct hostent *<parameter>resbuf</parameter></paramdef> + <paramdef>char *<parameter>buf</parameter></paramdef> + <paramdef>int <parameter>buflen</parameter></paramdef> + <paramdef>int *<parameter>error</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> struct hostent * <function>lwres_gethostbyaddr_r</function></funcdef> -<paramdef>const char *addr</paramdef> -<paramdef>int len</paramdef> -<paramdef>int type</paramdef> -<paramdef>struct hostent *resbuf</paramdef> -<paramdef>char *buf</paramdef> -<paramdef>int buflen</paramdef> -<paramdef>int *error</paramdef> -</funcprototype> + <paramdef>const char *<parameter>addr</parameter></paramdef> + <paramdef>int <parameter>len</parameter></paramdef> + <paramdef>int <parameter>type</parameter></paramdef> + <paramdef>struct hostent *<parameter>resbuf</parameter></paramdef> + <paramdef>char *<parameter>buf</parameter></paramdef> + <paramdef>int <parameter>buflen</parameter></paramdef> + <paramdef>int *<parameter>error</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> struct hostent * <function>lwres_gethostent_r</function></funcdef> -<paramdef>struct hostent *resbuf</paramdef> -<paramdef>char *buf</paramdef> -<paramdef>int buflen</paramdef> -<paramdef>int *error</paramdef> -</funcprototype> + <paramdef>struct hostent *<parameter>resbuf</parameter></paramdef> + <paramdef>char *<parameter>buf</parameter></paramdef> + <paramdef>int <parameter>buflen</parameter></paramdef> + <paramdef>int *<parameter>error</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_sethostent_r</function></funcdef> -<paramdef>int stayopen</paramdef> -</funcprototype> + <paramdef>int <parameter>stayopen</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_endhostent_r</function></funcdef> -<paramdef>void</paramdef> -</funcprototype> + <paramdef>void</paramdef> + </funcprototype> </funcsynopsis> -</refsynopsisdiv> - -<refsect1> -<title>DESCRIPTION</title> -<para> -These functions provide hostname-to-address and -address-to-hostname lookups by means of the lightweight resolver. -They are similar to the standard -<citerefentry> -<refentrytitle>gethostent</refentrytitle><manvolnum>3 -</manvolnum> -</citerefentry> -functions provided by most operating systems. -They use a -<type>struct hostent</type> -which is usually defined in -<filename><namedb.h></filename>. + </refsynopsisdiv> -<programlisting> + <refsect1> + <title>DESCRIPTION</title> + <para> + These functions provide hostname-to-address and + address-to-hostname lookups by means of the lightweight resolver. + They are similar to the standard + <citerefentry> + <refentrytitle>gethostent</refentrytitle><manvolnum>3</manvolnum> + </citerefentry> + functions provided by most operating systems. + They use a + <type>struct hostent</type> + which is usually defined in + <filename><namedb.h></filename>. + </para> + <para><programlisting> struct hostent { char *h_name; /* official name of host */ char **h_aliases; /* alias list */ @@ -172,250 +171,269 @@ struct hostent { }; #define h_addr h_addr_list[0] /* address, for backward compatibility */ </programlisting> -</para> -<para> -The members of this structure are: -<variablelist> -<varlistentry><term><constant>h_name</constant></term> -<listitem> -<para> -The official (canonical) name of the host. -</para> -</listitem></varlistentry> -<varlistentry><term><constant>h_aliases</constant></term> -<listitem> -<para> -A NULL-terminated array of alternate names (nicknames) for the host. -</para> -</listitem></varlistentry> -<varlistentry><term><constant>h_addrtype</constant></term> -<listitem> -<para> -The type of address being returned — -<type>PF_INET</type> -or -<type>PF_INET6</type>. -</para> -</listitem></varlistentry> -<varlistentry><term><constant>h_length</constant></term> -<listitem> -<para> -The length of the address in bytes. -</para> -</listitem></varlistentry> -<varlistentry><term><constant>h_addr_list</constant></term> -<listitem> -<para> -A <type>NULL</type> -terminated array of network addresses for the host. -Host addresses are returned in network byte order. -</para> -</listitem></varlistentry> -</variablelist> -</para> -<para> -For backward compatibility with very old software, -<constant>h_addr</constant> -is the first address in -<constant>h_addr_list.</constant> -</para> -<para> -<function>lwres_gethostent()</function>, -<function>lwres_sethostent()</function>, -<function>lwres_endhostent()</function>, -<function>lwres_gethostent_r()</function>, -<function>lwres_sethostent_r()</function> -and -<function>lwres_endhostent_r()</function> -provide iteration over the known host entries on systems that -provide such functionality through facilities like -<filename>/etc/hosts</filename> -or NIS. The lightweight resolver does not currently implement -these functions; it only provides them as stub functions that always -return failure. -</para> + </para> + <para> + The members of this structure are: + <variablelist> + <varlistentry> + <term><constant>h_name</constant></term> + <listitem> + <para> + The official (canonical) name of the host. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>h_aliases</constant></term> + <listitem> + <para> + A NULL-terminated array of alternate names (nicknames) for the + host. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>h_addrtype</constant></term> + <listitem> + <para> + The type of address being returned — + <type>PF_INET</type> + or + <type>PF_INET6</type>. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>h_length</constant></term> + <listitem> + <para> + The length of the address in bytes. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>h_addr_list</constant></term> + <listitem> + <para> + A <type>NULL</type> + terminated array of network addresses for the host. + Host addresses are returned in network byte order. + </para> + </listitem> + </varlistentry> + </variablelist> + </para> + <para> + For backward compatibility with very old software, + <constant>h_addr</constant> + is the first address in + <constant>h_addr_list.</constant> + </para> + <para><function>lwres_gethostent()</function>, + <function>lwres_sethostent()</function>, + <function>lwres_endhostent()</function>, + <function>lwres_gethostent_r()</function>, + <function>lwres_sethostent_r()</function> + and + <function>lwres_endhostent_r()</function> + provide iteration over the known host entries on systems that + provide such functionality through facilities like + <filename>/etc/hosts</filename> + or NIS. The lightweight resolver does not currently implement + these functions; it only provides them as stub functions that always + return failure. + </para> -<para> -<function>lwres_gethostbyname()</function> and -<function>lwres_gethostbyname2()</function> look up the hostname -<parameter>name</parameter>. -<function>lwres_gethostbyname()</function> always looks for an IPv4 -address while <function>lwres_gethostbyname2()</function> looks for an -address of protocol family <parameter>af</parameter>: either -<type>PF_INET</type> or <type>PF_INET6</type> — IPv4 or IPV6 -addresses respectively. Successful calls of the functions return a -<type>struct hostent</type>for the name that was looked up. -<type>NULL</type> is returned if the lookups by -<function>lwres_gethostbyname()</function> or -<function>lwres_gethostbyname2()</function> fail. -</para> + <para><function>lwres_gethostbyname()</function> + and <function>lwres_gethostbyname2()</function> look up the + hostname <parameter>name</parameter>. + <function>lwres_gethostbyname()</function> always looks for an + IPv4 address while <function>lwres_gethostbyname2()</function> + looks for an address of protocol family + <parameter>af</parameter>: either <type>PF_INET</type> or + <type>PF_INET6</type> — IPv4 or IPV6 addresses + respectively. Successful calls of the functions return a + <type>struct hostent</type>for the name that was looked up. + <type>NULL</type> is returned if the lookups by + <function>lwres_gethostbyname()</function> or + <function>lwres_gethostbyname2()</function> fail. + </para> -<para> -Reverse lookups of addresses are performed by -<function>lwres_gethostbyaddr()</function>. -<parameter>addr</parameter> is an address of length -<parameter>len</parameter> bytes and protocol family -<parameter>type</parameter> — <type>PF_INET</type> or -<type>PF_INET6</type>. -<function>lwres_gethostbyname_r()</function> is a thread-safe function -for forward lookups. If an error occurs, an error code is returned in -<parameter>*error</parameter>. -<parameter>resbuf</parameter> is a pointer to a <type>struct -hostent</type> which is initialised by a successful call to -<function>lwres_gethostbyname_r()</function> . -<parameter>buf</parameter> is a buffer of length -<parameter>len</parameter> bytes which is used to store the -<constant>h_name</constant>, <constant>h_aliases</constant>, and -<constant>h_addr_list</constant> elements of the <type>struct -hostent</type> returned in <parameter>resbuf</parameter>. -Successful calls to <function>lwres_gethostbyname_r()</function> -return <parameter>resbuf</parameter>, -which is a pointer to the <type>struct hostent</type> it created. -</para> + <para> + Reverse lookups of addresses are performed by + <function>lwres_gethostbyaddr()</function>. + <parameter>addr</parameter> is an address of length + <parameter>len</parameter> bytes and protocol family + <parameter>type</parameter> — <type>PF_INET</type> or + <type>PF_INET6</type>. + <function>lwres_gethostbyname_r()</function> is a + thread-safe function + for forward lookups. If an error occurs, an error code is returned in + <parameter>*error</parameter>. + <parameter>resbuf</parameter> is a pointer to a + <type>struct hostent</type> which is initialised by a successful call to + <function>lwres_gethostbyname_r()</function>. + <parameter>buf</parameter> is a buffer of length + <parameter>len</parameter> bytes which is used to store the + <constant>h_name</constant>, <constant>h_aliases</constant>, and + <constant>h_addr_list</constant> elements of the + <type>struct hostent</type> returned in <parameter>resbuf</parameter>. + Successful calls to <function>lwres_gethostbyname_r()</function> + return <parameter>resbuf</parameter>, + which is a pointer to the <type>struct hostent</type> it created. + </para> -<para> -<function>lwres_gethostbyaddr_r()</function> is a thread-safe function -that performs a reverse lookup of address <parameter>addr</parameter> -which is <parameter>len</parameter> bytes long and is of protocol -family <parameter>type</parameter> — <type>PF_INET</type> or -<type>PF_INET6</type>. If an error occurs, the error code is returned -in <parameter>*error</parameter>. The other function parameters are -identical to those in <function>lwres_gethostbyname_r()</function>. -<parameter>resbuf</parameter> is a pointer to a <type>struct -hostent</type> which is initialised by a successful call to -<function>lwres_gethostbyaddr_r()</function>. -<parameter>buf</parameter> is a buffer of length -<parameter>len</parameter> bytes which is used to store the -<constant>h_name</constant>, <constant>h_aliases</constant>, and -<constant>h_addr_list</constant> elements of the <type>struct -hostent</type> returned in <parameter>resbuf</parameter>. Successful -calls to <function>lwres_gethostbyaddr_r()</function> return -<parameter>resbuf</parameter>, which is a pointer to the -<function>struct hostent()</function> it created. -</para> + <para><function>lwres_gethostbyaddr_r()</function> + is a thread-safe function + that performs a reverse lookup of address <parameter>addr</parameter> + which is <parameter>len</parameter> bytes long and is of + protocol + family <parameter>type</parameter> — <type>PF_INET</type> or + <type>PF_INET6</type>. If an error occurs, the error code is returned + in <parameter>*error</parameter>. The other function + parameters are + identical to those in <function>lwres_gethostbyname_r()</function>. + <parameter>resbuf</parameter> is a pointer to a + <type>struct hostent</type> which is initialised by a successful call to + <function>lwres_gethostbyaddr_r()</function>. + <parameter>buf</parameter> is a buffer of length + <parameter>len</parameter> bytes which is used to store the + <constant>h_name</constant>, <constant>h_aliases</constant>, and + <constant>h_addr_list</constant> elements of the + <type>struct hostent</type> returned in <parameter>resbuf</parameter>. + Successful calls to <function>lwres_gethostbyaddr_r()</function> return + <parameter>resbuf</parameter>, which is a pointer to the + <function>struct hostent()</function> it created. + </para> -</refsect1> + </refsect1> -<refsect1> -<title>RETURN VALUES</title> -<para> -The functions -<function>lwres_gethostbyname()</function>, -<function>lwres_gethostbyname2()</function>, -<function>lwres_gethostbyaddr()</function>, -and -<function>lwres_gethostent()</function> -return NULL to indicate an error. In this case the global variable -<type>lwres_h_errno</type> -will contain one of the following error codes defined in -<filename><lwres/netdb.h></filename>: + <refsect1> + <title>RETURN VALUES</title> + <para> + The functions + <function>lwres_gethostbyname()</function>, + <function>lwres_gethostbyname2()</function>, + <function>lwres_gethostbyaddr()</function>, + and + <function>lwres_gethostent()</function> + return NULL to indicate an error. In this case the global variable + <type>lwres_h_errno</type> + will contain one of the following error codes defined in + <filename><lwres/netdb.h></filename>: -<variablelist> -<varlistentry><term><constant>HOST_NOT_FOUND</constant></term> -<listitem> -<para> -The host or address was not found. -</para> -</listitem></varlistentry> -<varlistentry><term><constant>TRY_AGAIN</constant></term> -<listitem> -<para> -A recoverable error occurred, e.g., a timeout. -Retrying the lookup may succeed. -</para> -</listitem></varlistentry> -<varlistentry><term><constant>NO_RECOVERY</constant></term> -<listitem> -<para> -A non-recoverable error occurred. -</para> -</listitem></varlistentry> -<varlistentry><term><constant>NO_DATA</constant></term> -<listitem> -<para> -The name exists, but has no address information -associated with it (or vice versa in the case -of a reverse lookup). The code NO_ADDRESS -is accepted as a synonym for NO_DATA for backwards -compatibility. -</para> -</listitem></varlistentry> -</variablelist> -</para> + <variablelist> + <varlistentry> + <term><constant>HOST_NOT_FOUND</constant></term> + <listitem> + <para> + The host or address was not found. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>TRY_AGAIN</constant></term> + <listitem> + <para> + A recoverable error occurred, e.g., a timeout. + Retrying the lookup may succeed. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>NO_RECOVERY</constant></term> + <listitem> + <para> + A non-recoverable error occurred. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>NO_DATA</constant></term> + <listitem> + <para> + The name exists, but has no address information + associated with it (or vice versa in the case + of a reverse lookup). The code NO_ADDRESS + is accepted as a synonym for NO_DATA for backwards + compatibility. + </para> + </listitem> + </varlistentry> + </variablelist> + </para> -<para> -<citerefentry> -<refentrytitle>lwres_hstrerror</refentrytitle><manvolnum>3 -</manvolnum> -</citerefentry> -translates these error codes to suitable error messages. -</para> + <para><citerefentry> + <refentrytitle>lwres_hstrerror</refentrytitle><manvolnum>3</manvolnum> + </citerefentry> + translates these error codes to suitable error messages. + </para> -<para> -<function>lwres_gethostent()</function> -and -<function>lwres_gethostent_r()</function> -always return -<type>NULL</type>. -</para> + <para><function>lwres_gethostent()</function> + and <function>lwres_gethostent_r()</function> + always return <type>NULL</type>. + </para> -<para> -Successful calls to <function>lwres_gethostbyname_r()</function> and -<function>lwres_gethostbyaddr_r()</function> return -<parameter>resbuf</parameter>, a pointer to the <type>struct -hostent</type> that was initialised by these functions. They return -<type>NULL</type> if the lookups fail or if <parameter>buf</parameter> -was too small to hold the list of addresses and names referenced by -the <constant>h_name</constant>, <constant>h_aliases</constant>, and -<constant>h_addr_list</constant> elements of the <type>struct -hostent</type>. If <parameter>buf</parameter> was too small, both -<function>lwres_gethostbyname_r()</function> and -<function>lwres_gethostbyaddr_r()</function> set the global variable -<type>errno</type> to <errorcode>ERANGE</errorcode>. -</para> + <para> + Successful calls to <function>lwres_gethostbyname_r()</function> and + <function>lwres_gethostbyaddr_r()</function> return + <parameter>resbuf</parameter>, a pointer to the + <type>struct hostent</type> that was initialised by these functions. They return + <type>NULL</type> if the lookups fail or if <parameter>buf</parameter> + was too small to hold the list of addresses and names referenced by + the <constant>h_name</constant>, <constant>h_aliases</constant>, and + <constant>h_addr_list</constant> elements of the + <type>struct hostent</type>. + If <parameter>buf</parameter> was too small, both + <function>lwres_gethostbyname_r()</function> and + <function>lwres_gethostbyaddr_r()</function> set the global + variable + <type>errno</type> to <errorcode>ERANGE</errorcode>. + </para> -</refsect1> -<refsect1> -<title>SEE ALSO</title> -<para> -<citerefentry> -<refentrytitle>gethostent</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, + </refsect1> + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>gethostent</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, -<citerefentry> -<refentrytitle>lwres_getipnode</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, + <citerefentry> + <refentrytitle>lwres_getipnode</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, -<citerefentry> -<refentrytitle>lwres_hstrerror</refentrytitle><manvolnum>3 -</manvolnum> -</citerefentry> -</para> -</refsect1> + <citerefentry> + <refentrytitle>lwres_hstrerror</refentrytitle><manvolnum>3</manvolnum> + </citerefentry> + </para> + </refsect1> -<refsect1> -<title>BUGS</title> -<para> -<function>lwres_gethostbyname()</function>, -<function>lwres_gethostbyname2()</function>, -<function>lwres_gethostbyaddr()</function> -and -<function>lwres_endhostent()</function> -are not thread safe; they return pointers to static data and -provide error codes through a global variable. -Thread-safe versions for name and address lookup are provided by -<function>lwres_gethostbyname_r()</function>, -and -<function>lwres_gethostbyaddr_r()</function> -respectively. -</para> -<para> -The resolver daemon does not currently support any non-DNS -name services such as -<filename>/etc/hosts</filename> -or -<type>NIS</type>, -consequently the above functions don't, either. -</para> -</refsect1> -</refentry> + <refsect1> + <title>BUGS</title> + <para><function>lwres_gethostbyname()</function>, + <function>lwres_gethostbyname2()</function>, + <function>lwres_gethostbyaddr()</function> + and + <function>lwres_endhostent()</function> + are not thread safe; they return pointers to static data and + provide error codes through a global variable. + Thread-safe versions for name and address lookup are provided by + <function>lwres_gethostbyname_r()</function>, + and + <function>lwres_gethostbyaddr_r()</function> + respectively. + </para> + <para> + The resolver daemon does not currently support any non-DNS + name services such as + <filename>/etc/hosts</filename> + or + <type>NIS</type>, + consequently the above functions don't, either. + </para> + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/man/lwres_getnameinfo.3 b/usr.sbin/bind/lib/lwres/man/lwres_getnameinfo.3 index 484e8f2f34c..3cb7f46bfc8 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_getnameinfo.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres_getnameinfo.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres_getnameinfo.3,v 1.15.2.1.8.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres_getnameinfo.3,v 1.18.18.11 2007/01/30 00:23:45 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres_getnameinfo .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Jun 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -36,7 +36,7 @@ lwres_getnameinfo \- lightweight resolver socket address structure to hostname a #include <lwres/netdb.h> .fi .HP 22 -.BI "int lwres_getnameinfo(const\ struct\ sockaddr\ *sa, size_t\ salen, char\ *host, size_t\ hostlen, char\ *serv, size_t\ servlen, int\ flags);" +.BI "int lwres_getnameinfo(const\ struct\ sockaddr\ *" "sa" ", size_t\ " "salen" ", char\ *" "host" ", size_t\ " "hostlen" ", char\ *" "serv" ", size_t\ " "servlen" ", int\ " "flags" ");" .SH "DESCRIPTION" .PP This function is equivalent to the @@ -68,21 +68,31 @@ bytes long. The maximum length of the service name is The \fIflags\fR argument sets the following bits: -.TP 3n +.PP \fBNI_NOFQDN\fR +.RS 4 A fully qualified domain name is not required for local hosts. The local part of the fully qualified domain name is returned instead. -.TP 3n +.RE +.PP \fBNI_NUMERICHOST\fR +.RS 4 Return the address in numeric form, as if calling inet_ntop(), instead of a host name. -.TP 3n +.RE +.PP \fBNI_NAMEREQD\fR +.RS 4 A name is required. If the hostname cannot be found in the DNS and this flag is set, a non\-zero error code is returned. If the hostname is not found and the flag is not set, the address is returned in numeric form. -.TP 3n +.RE +.PP \fBNI_NUMERICSERV\fR +.RS 4 The service name is returned as a digit string representing the port number. -.TP 3n +.RE +.PP \fBNI_DGRAM\fR +.RS 4 Specifies that the service being looked up is a datagram service, and causes getservbyport() to be called with a second argument of "udp" instead of its default of "tcp". This is required for the few ports (512\-514) that have different services for UDP and TCP. +.RE .SH "RETURN VALUES" .PP \fBlwres_getnameinfo()\fR @@ -101,4 +111,7 @@ RFC2133 fails to define what the nonzero return values of \fBgetnameinfo\fR(3) are. .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres_getnameinfo.docbook b/usr.sbin/bind/lib/lwres/man/lwres_getnameinfo.docbook index 3a113c991a0..3a637ad1d0d 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_getnameinfo.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres_getnameinfo.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,24 +18,24 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres_getnameinfo.docbook,v 1.3.206.3 2005/05/12 21:36:15 sra Exp $ --> - +<!-- $ISC: lwres_getnameinfo.docbook,v 1.4.18.6 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> + <refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> -<refmeta> -<refentrytitle>lwres_getnameinfo</refentrytitle> -<manvolnum>3</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refmeta> + <refentrytitle>lwres_getnameinfo</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -45,126 +45,161 @@ </copyright> </docinfo> -<refnamediv> -<refname>lwres_getnameinfo</refname> -<refpurpose>lightweight resolver socket address structure to hostname and service name</refpurpose> -</refnamediv> -<refsynopsisdiv> -<funcsynopsis> + <refnamediv> + <refname>lwres_getnameinfo</refname> + <refpurpose>lightweight resolver socket address structure to hostname and + service name + </refpurpose> + </refnamediv> + <refsynopsisdiv> + <funcsynopsis> <funcsynopsisinfo>#include <lwres/netdb.h></funcsynopsisinfo> <funcprototype> -<funcdef> + <funcdef> int <function>lwres_getnameinfo</function></funcdef> -<paramdef>const struct sockaddr *sa</paramdef> -<paramdef>size_t salen</paramdef> -<paramdef>char *host</paramdef> -<paramdef>size_t hostlen</paramdef> -<paramdef>char *serv</paramdef> -<paramdef>size_t servlen</paramdef> -<paramdef>int flags</paramdef> -</funcprototype> + <paramdef>const struct sockaddr *<parameter>sa</parameter></paramdef> + <paramdef>size_t <parameter>salen</parameter></paramdef> + <paramdef>char *<parameter>host</parameter></paramdef> + <paramdef>size_t <parameter>hostlen</parameter></paramdef> + <paramdef>char *<parameter>serv</parameter></paramdef> + <paramdef>size_t <parameter>servlen</parameter></paramdef> + <paramdef>int <parameter>flags</parameter></paramdef> + </funcprototype> </funcsynopsis> -</refsynopsisdiv> + </refsynopsisdiv> -<refsect1> -<title>DESCRIPTION</title> + <refsect1> + <title>DESCRIPTION</title> -<para> This function is equivalent to the <citerefentry> -<refentrytitle>getnameinfo</refentrytitle><manvolnum>3</manvolnum> -</citerefentry> function defined in RFC2133. -<function>lwres_getnameinfo()</function> returns the hostname for the -<type>struct sockaddr</type> <parameter>sa</parameter> which is -<parameter>salen</parameter> bytes long. The hostname is of length -<parameter>hostlen</parameter> and is returned via -<parameter>*host.</parameter> The maximum length of the hostname is -1025 bytes: <constant>NI_MAXHOST</constant>.</para> + <para> + This function is equivalent to the + <citerefentry> + <refentrytitle>getnameinfo</refentrytitle><manvolnum>3</manvolnum> + </citerefentry> function defined in RFC2133. + <function>lwres_getnameinfo()</function> returns the + hostname for the + <type>struct sockaddr</type> <parameter>sa</parameter> which + is + <parameter>salen</parameter> bytes long. The hostname is of + length + <parameter>hostlen</parameter> and is returned via + <parameter>*host.</parameter> The maximum length of the + hostname is + 1025 bytes: <constant>NI_MAXHOST</constant>. + </para> -<para> The name of the service associated with the port number in -<parameter>sa</parameter> is returned in <parameter>*serv.</parameter> -It is <parameter>servlen</parameter> bytes long. The maximum length -of the service name is <constant>NI_MAXSERV</constant> - 32 bytes. -</para> + <para> The name of the service associated with the port number in + <parameter>sa</parameter> is returned in <parameter>*serv.</parameter> + It is <parameter>servlen</parameter> bytes long. The + maximum length + of the service name is <constant>NI_MAXSERV</constant> - 32 + bytes. + </para> -<para> The <parameter>flags</parameter> argument sets the following -bits: -<variablelist> -<varlistentry><term><constant>NI_NOFQDN</constant></term> -<listitem> -<para> -A fully qualified domain name is not required for local hosts. -The local part of the fully qualified domain name is returned instead. -</para></listitem></varlistentry> -<varlistentry><term><constant>NI_NUMERICHOST</constant></term> -<listitem> -<para> -Return the address in numeric form, as if calling inet_ntop(), -instead of a host name. -</para></listitem></varlistentry> -<varlistentry><term><constant>NI_NAMEREQD</constant></term> -<listitem> -<para> -A name is required. If the hostname cannot be found in the DNS and -this flag is set, a non-zero error code is returned. -If the hostname is not found and the flag is not set, the -address is returned in numeric form. -</para></listitem></varlistentry> -<varlistentry><term><constant>NI_NUMERICSERV</constant></term> -<listitem> -<para> -The service name is returned as a digit string representing the port number. -</para></listitem></varlistentry> -<varlistentry><term><constant>NI_DGRAM</constant></term> -<listitem> -<para> -Specifies that the service being looked up is a datagram -service, and causes getservbyport() to be called with a second -argument of "udp" instead of its default of "tcp". This is required -for the few ports (512-514) that have different services for UDP and -TCP. -</para></listitem></varlistentry> -</variablelist> -</para> -</refsect1> + <para> + The <parameter>flags</parameter> argument sets the + following + bits: + <variablelist> + <varlistentry> + <term><constant>NI_NOFQDN</constant></term> + <listitem> + <para> + A fully qualified domain name is not required for local hosts. + The local part of the fully qualified domain name is returned + instead. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>NI_NUMERICHOST</constant></term> + <listitem> + <para> + Return the address in numeric form, as if calling inet_ntop(), + instead of a host name. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>NI_NAMEREQD</constant></term> + <listitem> + <para> + A name is required. If the hostname cannot be found in the DNS + and + this flag is set, a non-zero error code is returned. + If the hostname is not found and the flag is not set, the + address is returned in numeric form. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>NI_NUMERICSERV</constant></term> + <listitem> + <para> + The service name is returned as a digit string representing the + port number. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>NI_DGRAM</constant></term> + <listitem> + <para> + Specifies that the service being looked up is a datagram + service, and causes getservbyport() to be called with a second + argument of "udp" instead of its default of "tcp". This is + required + for the few ports (512-514) that have different services for UDP + and + TCP. + </para> + </listitem> + </varlistentry> + </variablelist> + </para> + </refsect1> -<refsect1> -<title>RETURN VALUES</title> -<para> -<function>lwres_getnameinfo()</function> -returns 0 on success or a non-zero error code if an error occurs. -</para> -</refsect1> -<refsect1> -<title>SEE ALSO</title> -<para> -<citerefentry> -<refentrytitle>RFC2133</refentrytitle> -</citerefentry>, -<citerefentry> -<refentrytitle>getservbyport</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, -<citerefentry> -<refentrytitle>lwres</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, -<citerefentry> -<refentrytitle>lwres_getnameinfo</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, -<citerefentry> -<refentrytitle>lwres_getnamebyaddr</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>. -<citerefentry> -<refentrytitle>lwres_net_ntop</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>. -</para> -</refsect1> -<refsect1> -<title>BUGS</title> -<para> -RFC2133 fails to define what the nonzero return values of -<citerefentry> -<refentrytitle>getnameinfo</refentrytitle><manvolnum>3</manvolnum> -</citerefentry> -are. -</para> -</refsect1> -</refentry> + <refsect1> + <title>RETURN VALUES</title> + <para><function>lwres_getnameinfo()</function> + returns 0 on success or a non-zero error code if an error occurs. + </para> + </refsect1> + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>RFC2133</refentrytitle> + </citerefentry>, + <citerefentry> + <refentrytitle>getservbyport</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>lwres</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>lwres_getnameinfo</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>lwres_getnamebyaddr</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>. + <citerefentry> + <refentrytitle>lwres_net_ntop</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>. + </para> + </refsect1> + <refsect1> + <title>BUGS</title> + <para> + RFC2133 fails to define what the nonzero return values of + <citerefentry> + <refentrytitle>getnameinfo</refentrytitle><manvolnum>3</manvolnum> + </citerefentry> + are. + </para> + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/man/lwres_getrrsetbyname.3 b/usr.sbin/bind/lib/lwres/man/lwres_getrrsetbyname.3 index 1be62de70a1..951aa5f4dc1 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_getrrsetbyname.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres_getrrsetbyname.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres_getrrsetbyname.3,v 1.11.2.1.8.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres_getrrsetbyname.3,v 1.14.18.11 2007/01/30 00:23:45 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres_getrrsetbyname .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Oct 18, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -36,18 +36,24 @@ lwres_getrrsetbyname, lwres_freerrset \- retrieve DNS records #include <lwres/netdb.h> .fi .HP 25 -.BI "int lwres_getrrsetbyname(const\ char\ *hostname, unsigned\ int\ rdclass, unsigned\ int\ rdtype, unsigned\ int\ flags, struct\ rrsetinfo\ **res);" +.BI "int lwres_getrrsetbyname(const\ char\ *" "hostname" ", unsigned\ int\ " "rdclass" ", unsigned\ int\ " "rdtype" ", unsigned\ int\ " "flags" ", struct\ rrsetinfo\ **" "res" ");" .HP 21 -.BI "void lwres_freerrset(struct\ rrsetinfo\ *rrset);" +.BI "void lwres_freerrset(struct\ rrsetinfo\ *" "rrset" ");" .PP The following structures are used: -.sp -.RS 3n +.PP +.RS 4 .nf struct rdatainfo { unsigned int rdi_length; /* length of data */ unsigned char *rdi_data; /* record data */ }; +.fi +.RE +.sp +.PP +.RS 4 +.nf struct rrsetinfo { unsigned int rri_flags; /* RRSET_VALIDATED... */ unsigned int rri_rdclass; /* class number */ @@ -120,24 +126,39 @@ created by a call to .PP \fBlwres_getrrsetbyname()\fR returns zero on success, and one of the following error codes if an error occurred: -.TP 3n +.PP \fBERRSET_NONAME\fR +.RS 4 the name does not exist -.TP 3n +.RE +.PP \fBERRSET_NODATA\fR +.RS 4 the name exists, but does not have data of the desired type -.TP 3n +.RE +.PP \fBERRSET_NOMEMORY\fR +.RS 4 memory could not be allocated -.TP 3n +.RE +.PP \fBERRSET_INVAL\fR +.RS 4 a parameter is invalid -.TP 3n +.RE +.PP \fBERRSET_FAIL\fR +.RS 4 other failure -.TP 3n +.RE +.PP +.RS 4 +.RE .SH "SEE ALSO" .PP \fBlwres\fR(3). .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres_getrrsetbyname.docbook b/usr.sbin/bind/lib/lwres/man/lwres_getrrsetbyname.docbook index cfc6d9f8eb1..949e8b302df 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_getrrsetbyname.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres_getrrsetbyname.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,24 +18,24 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres_getrrsetbyname.docbook,v 1.3.206.3 2005/05/12 21:36:15 sra Exp $ --> - +<!-- $ISC: lwres_getrrsetbyname.docbook,v 1.4.18.6 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> + <refentryinfo> + <date>Oct 18, 2000</date> + </refentryinfo> -<date>Oct 18, 2000</date> -</refentryinfo> -<refmeta> -<refentrytitle>lwres_getrrsetbyname</refentrytitle> -<manvolnum>3</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refmeta> + <refentrytitle>lwres_getrrsetbyname</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -45,40 +45,43 @@ </copyright> </docinfo> -<refnamediv> -<refname>lwres_getrrsetbyname</refname> -<refname>lwres_freerrset</refname> -<refpurpose>retrieve DNS records</refpurpose> -</refnamediv> -<refsynopsisdiv> -<funcsynopsis> + <refnamediv> + <refname>lwres_getrrsetbyname</refname> + <refname>lwres_freerrset</refname> + <refpurpose>retrieve DNS records</refpurpose> + </refnamediv> + <refsynopsisdiv> + <funcsynopsis> <funcsynopsisinfo>#include <lwres/netdb.h></funcsynopsisinfo> <funcprototype> -<funcdef> + <funcdef> int <function>lwres_getrrsetbyname</function></funcdef> -<paramdef>const char *hostname</paramdef> -<paramdef>unsigned int rdclass</paramdef> -<paramdef>unsigned int rdtype</paramdef> -<paramdef>unsigned int flags</paramdef> -<paramdef>struct rrsetinfo **res</paramdef> -</funcprototype> + <paramdef>const char *<parameter>hostname</parameter></paramdef> + <paramdef>unsigned int <parameter>rdclass</parameter></paramdef> + <paramdef>unsigned int <parameter>rdtype</parameter></paramdef> + <paramdef>unsigned int <parameter>flags</parameter></paramdef> + <paramdef>struct rrsetinfo **<parameter>res</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_freerrset</function></funcdef> -<paramdef>struct rrsetinfo *rrset</paramdef> -</funcprototype> + <paramdef>struct rrsetinfo *<parameter>rrset</parameter></paramdef> + </funcprototype> </funcsynopsis> -<para> -The following structures are used: -<programlisting> + <para> + The following structures are used: + </para> + <para><programlisting> struct rdatainfo { unsigned int rdi_length; /* length of data */ unsigned char *rdi_data; /* record data */ }; - +</programlisting> + </para> + <para><programlisting> struct rrsetinfo { unsigned int rri_flags; /* RRSET_VALIDATED... */ unsigned int rri_rdclass; /* class number */ @@ -91,134 +94,130 @@ struct rrsetinfo { struct rdatainfo *rri_sigs; /* individual signatures */ }; </programlisting> -</para> -</refsynopsisdiv> - -<refsect1> -<title>DESCRIPTION</title> -<para> -<function>lwres_getrrsetbyname()</function> -gets a set of resource records associated with a -<parameter>hostname</parameter>, - -<parameter>class</parameter>, - -and -<parameter>type</parameter>. - -<parameter>hostname</parameter> -is -a pointer a to null-terminated string. The -<parameter>flags</parameter> -field is currently unused and must be zero. -</para> -<para> -After a successful call to -<function>lwres_getrrsetbyname()</function>, - -<parameter>*res</parameter> -is a pointer to an -<type>rrsetinfo</type> -structure, containing a list of one or more -<type>rdatainfo</type> -structures containing resource records and potentially another list of -<type>rdatainfo</type> -structures containing SIG resource records -associated with those records. -The members -<constant>rri_rdclass</constant> -and -<constant>rri_rdtype</constant> -are copied from the parameters. -<constant>rri_ttl</constant> -and -<constant>rri_name</constant> -are properties of the obtained rrset. -The resource records contained in -<constant>rri_rdatas</constant> -and -<constant>rri_sigs</constant> -are in uncompressed DNS wire format. -Properties of the rdataset are represented in the -<constant>rri_flags</constant> -bitfield. If the RRSET_VALIDATED bit is set, the data has been DNSSEC -validated and the signatures verified. -</para> -<para> -All of the information returned by -<function>lwres_getrrsetbyname()</function> -is dynamically allocated: the -<constant>rrsetinfo</constant> -and -<constant>rdatainfo</constant> -structures, -and the canonical host name strings pointed to by the -<constant>rrsetinfo</constant>structure. - -Memory allocated for the dynamically allocated structures created by -a successful call to -<function>lwres_getrrsetbyname()</function> -is released by -<function>lwres_freerrset()</function>. - -<parameter>rrset</parameter> -is a pointer to a -<type>struct rrset</type> -created by a call to -<function>lwres_getrrsetbyname()</function>. - -</para> -<para> -</para> -</refsect1> -<refsect1> -<title>RETURN VALUES</title> -<para> -<function>lwres_getrrsetbyname()</function> -returns zero on success, and one of the following error -codes if an error occurred: -<variablelist> - -<varlistentry><term><constant>ERRSET_NONAME</constant></term> -<listitem><para> -the name does not exist -</para></listitem></varlistentry> - -<varlistentry><term><constant>ERRSET_NODATA</constant></term> -<listitem><para> -the name exists, but does not have data of the desired type -</para></listitem></varlistentry> - -<varlistentry><term><constant>ERRSET_NOMEMORY</constant></term> -<listitem><para> -memory could not be allocated -</para></listitem></varlistentry> - -<varlistentry><term><constant>ERRSET_INVAL</constant></term> -<listitem><para> -a parameter is invalid -</para></listitem></varlistentry> - -<varlistentry><term><constant>ERRSET_FAIL</constant></term> -<listitem><para> -other failure -</para></listitem></varlistentry> - -<varlistentry><term><constant></constant></term> -<listitem><para> -</para></listitem></varlistentry> - -</variablelist> - -</para> -</refsect1> -<refsect1> -<title>SEE ALSO</title> -<para> -<citerefentry> -<refentrytitle>lwres</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>. -</para> - -</refsect1> -</refentry> + </para> + </refsynopsisdiv> + + <refsect1> + <title>DESCRIPTION</title> + <para><function>lwres_getrrsetbyname()</function> + gets a set of resource records associated with a + <parameter>hostname</parameter>, <parameter>class</parameter>, + and <parameter>type</parameter>. + <parameter>hostname</parameter> is a pointer a to + null-terminated string. The <parameter>flags</parameter> field + is currently unused and must be zero. + </para> + <para> + After a successful call to + <function>lwres_getrrsetbyname()</function>, + <parameter>*res</parameter> is a pointer to an + <type>rrsetinfo</type> structure, containing a list of one or + more <type>rdatainfo</type> structures containing resource + records and potentially another list of <type>rdatainfo</type> + structures containing SIG resource records associated with those + records. The members <constant>rri_rdclass</constant> and + <constant>rri_rdtype</constant> are copied from the parameters. + <constant>rri_ttl</constant> and <constant>rri_name</constant> + are properties of the obtained rrset. The resource records + contained in <constant>rri_rdatas</constant> and + <constant>rri_sigs</constant> are in uncompressed DNS wire + format. Properties of the rdataset are represented in the + <constant>rri_flags</constant> bitfield. If the RRSET_VALIDATED + bit is set, the data has been DNSSEC validated and the + signatures verified. + </para> + <para> + All of the information returned by + <function>lwres_getrrsetbyname()</function> is dynamically + allocated: the <constant>rrsetinfo</constant> and + <constant>rdatainfo</constant> structures, and the canonical + host name strings pointed to by the + <constant>rrsetinfo</constant>structure. + + Memory allocated for the dynamically allocated structures + created by a successful call to + <function>lwres_getrrsetbyname()</function> is released by + <function>lwres_freerrset()</function>. + + <parameter>rrset</parameter> is a pointer to a <type>struct + rrset</type> created by a call to + <function>lwres_getrrsetbyname()</function>. + </para> + <para></para> + </refsect1> + <refsect1> + <title>RETURN VALUES</title> + <para><function>lwres_getrrsetbyname()</function> + returns zero on success, and one of the following error codes if + an error occurred: + <variablelist> + + <varlistentry> + <term><constant>ERRSET_NONAME</constant></term> + <listitem> + <para> + the name does not exist + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>ERRSET_NODATA</constant></term> + <listitem> + <para> + the name exists, but does not have data of the desired type + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>ERRSET_NOMEMORY</constant></term> + <listitem> + <para> + memory could not be allocated + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>ERRSET_INVAL</constant></term> + <listitem> + <para> + a parameter is invalid + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant>ERRSET_FAIL</constant></term> + <listitem> + <para> + other failure + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term><constant/></term> + <listitem> + <para></para> + </listitem> + </varlistentry> + + </variablelist> + + </para> + </refsect1> + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>lwres</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>. + </para> + + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/man/lwres_gnba.3 b/usr.sbin/bind/lib/lwres/man/lwres_gnba.3 index 13d1b627eda..3bbee3fd42b 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_gnba.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres_gnba.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres_gnba.3,v 1.13.2.1.8.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres_gnba.3,v 1.16.18.11 2007/01/30 00:23:45 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres_gnba .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Jun 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -38,15 +38,15 @@ lwres_gnbarequest_render, lwres_gnbaresponse_render, lwres_gnbarequest_parse, lw .HP 40 .BI "lwres_result_t lwres_gnbarequest_render(lwres_context_t\ *" "ctx" ", lwres_gnbarequest_t\ *" "req" ", lwres_lwpacket_t\ *" "pkt" ", lwres_buffer_t\ *" "b" ");" .HP 41 -.BI "lwres_result_t lwres_gnbaresponse_render(lwres_context_t\ *ctx, lwres_gnbaresponse_t\ *req, lwres_lwpacket_t\ *pkt, lwres_buffer_t\ *b);" +.BI "lwres_result_t lwres_gnbaresponse_render(lwres_context_t\ *" "ctx" ", lwres_gnbaresponse_t\ *" "req" ", lwres_lwpacket_t\ *" "pkt" ", lwres_buffer_t\ *" "b" ");" .HP 39 -.BI "lwres_result_t lwres_gnbarequest_parse(lwres_context_t\ *ctx, lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt, lwres_gnbarequest_t\ **structp);" +.BI "lwres_result_t lwres_gnbarequest_parse(lwres_context_t\ *" "ctx" ", lwres_buffer_t\ *" "b" ", lwres_lwpacket_t\ *" "pkt" ", lwres_gnbarequest_t\ **" "structp" ");" .HP 40 -.BI "lwres_result_t lwres_gnbaresponse_parse(lwres_context_t\ *ctx, lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt, lwres_gnbaresponse_t\ **structp);" +.BI "lwres_result_t lwres_gnbaresponse_parse(lwres_context_t\ *" "ctx" ", lwres_buffer_t\ *" "b" ", lwres_lwpacket_t\ *" "pkt" ", lwres_gnbaresponse_t\ **" "structp" ");" .HP 29 -.BI "void lwres_gnbaresponse_free(lwres_context_t\ *ctx, lwres_gnbaresponse_t\ **structp);" +.BI "void lwres_gnbaresponse_free(lwres_context_t\ *" "ctx" ", lwres_gnbaresponse_t\ **" "structp" ");" .HP 28 -.BI "void lwres_gnbarequest_free(lwres_context_t\ *ctx, lwres_gnbarequest_t\ **structp);" +.BI "void lwres_gnbarequest_free(lwres_context_t\ *" "ctx" ", lwres_gnbarequest_t\ **" "structp" ");" .SH "DESCRIPTION" .PP These are low\-level routines for creating and parsing lightweight resolver address\-to\-name lookup request and response messages. @@ -59,14 +59,26 @@ to the canonical format. This is complemented by a parse function which converts .PP These structures are defined in \fIlwres/lwres.h\fR. They are shown below. -.sp -.RS 3n +.PP +.RS 4 .nf #define LWRES_OPCODE_GETNAMEBYADDR 0x00010002U +.fi +.RE +.sp +.PP +.RS 4 +.nf typedef struct { lwres_uint32_t flags; lwres_addr_t addr; } lwres_gnbarequest_t; +.fi +.RE +.sp +.PP +.RS 4 +.nf typedef struct { lwres_uint32_t flags; lwres_uint16_t naliases; @@ -165,4 +177,7 @@ indicate that the packet is not a response to an earlier query. .PP \fBlwres_packet\fR(3). .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres_gnba.docbook b/usr.sbin/bind/lib/lwres/man/lwres_gnba.docbook index dada114f6af..8d772a25252 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_gnba.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres_gnba.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,24 +18,24 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres_gnba.docbook,v 1.4.206.3 2005/05/12 21:36:15 sra Exp $ --> - +<!-- $ISC: lwres_gnba.docbook,v 1.5.18.6 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> + <refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> -<refmeta> -<refentrytitle>lwres_gnba</refentrytitle> -<manvolnum>3</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refmeta> + <refentrytitle>lwres_gnba</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -45,114 +45,120 @@ </copyright> </docinfo> -<refnamediv> -<refname>lwres_gnbarequest_render</refname> -<refname>lwres_gnbaresponse_render</refname> -<refname>lwres_gnbarequest_parse</refname> -<refname>lwres_gnbaresponse_parse</refname> -<refname>lwres_gnbaresponse_free</refname> -<refname>lwres_gnbarequest_free</refname> -<refpurpose>lightweight resolver getnamebyaddress message handling</refpurpose> -</refnamediv> + <refnamediv> + <refname>lwres_gnbarequest_render</refname> + <refname>lwres_gnbaresponse_render</refname> + <refname>lwres_gnbarequest_parse</refname> + <refname>lwres_gnbaresponse_parse</refname> + <refname>lwres_gnbaresponse_free</refname> + <refname>lwres_gnbarequest_free</refname> + <refpurpose>lightweight resolver getnamebyaddress message handling</refpurpose> + </refnamediv> -<refsynopsisdiv> + <refsynopsisdiv> -<funcsynopsis> + <funcsynopsis> <funcsynopsisinfo> #include <lwres/lwres.h> </funcsynopsisinfo> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_gnbarequest_render</function> </funcdef> -<paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> -<paramdef>lwres_gnbarequest_t *<parameter>req</parameter></paramdef> -<paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> -<paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_gnbarequest_t *<parameter>req</parameter></paramdef> + <paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_gnbaresponse_render</function> </funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_gnbaresponse_t *req</paramdef> -<paramdef>lwres_lwpacket_t *pkt</paramdef> -<paramdef>lwres_buffer_t *b</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_gnbaresponse_t *<parameter>req</parameter></paramdef> + <paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_gnbarequest_parse</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>lwres_lwpacket_t *pkt</paramdef> -<paramdef>lwres_gnbarequest_t **structp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> + <paramdef>lwres_gnbarequest_t **<parameter>structp</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_gnbaresponse_parse</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>lwres_lwpacket_t *pkt</paramdef> -<paramdef>lwres_gnbaresponse_t **structp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> + <paramdef>lwres_gnbaresponse_t **<parameter>structp</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_gnbaresponse_free</function> </funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_gnbaresponse_t **structp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_gnbaresponse_t **<parameter>structp</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_gnbarequest_free</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_gnbarequest_t **structp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_gnbarequest_t **<parameter>structp</parameter></paramdef> + </funcprototype> </funcsynopsis> -</refsynopsisdiv> + </refsynopsisdiv> -<refsect1> -<title>DESCRIPTION</title> -<para> -These are low-level routines for creating and parsing -lightweight resolver address-to-name lookup request and -response messages. -</para> -<para> -There are four main functions for the getnamebyaddr opcode. -One render function converts a getnamebyaddr request structure — -<type>lwres_gnbarequest_t</type> — -to the lightweight resolver's canonical format. -It is complemented by a parse function that converts a packet in this -canonical format to a getnamebyaddr request structure. -Another render function converts the getnamebyaddr response structure — -<type>lwres_gnbaresponse_t</type> -to the canonical format. -This is complemented by a parse function which converts a packet in -canonical format to a getnamebyaddr response structure. -</para> -<para> -These structures are defined in -<filename>lwres/lwres.h</filename>. -They are shown below. -<programlisting> + <refsect1> + <title>DESCRIPTION</title> + <para> + These are low-level routines for creating and parsing + lightweight resolver address-to-name lookup request and + response messages. + </para> + <para> + There are four main functions for the getnamebyaddr opcode. + One render function converts a getnamebyaddr request structure — + <type>lwres_gnbarequest_t</type> — + to the lightweight resolver's canonical format. + It is complemented by a parse function that converts a packet in this + canonical format to a getnamebyaddr request structure. + Another render function converts the getnamebyaddr response structure + — + <type>lwres_gnbaresponse_t</type> + to the canonical format. + This is complemented by a parse function which converts a packet in + canonical format to a getnamebyaddr response structure. + </para> + <para> + These structures are defined in + <filename>lwres/lwres.h</filename>. + They are shown below. + </para> + <para><programlisting> #define LWRES_OPCODE_GETNAMEBYADDR 0x00010002U - +</programlisting> + </para> + <para><programlisting> typedef struct { lwres_uint32_t flags; lwres_addr_t addr; } lwres_gnbarequest_t; - +</programlisting> + </para> + <para><programlisting> typedef struct { lwres_uint32_t flags; lwres_uint16_t naliases; @@ -164,111 +170,92 @@ typedef struct { size_t baselen; } lwres_gnbaresponse_t; </programlisting> -</para> -<para> -<function>lwres_gnbarequest_render()</function> -uses resolver context -<varname>ctx</varname> -to convert getnamebyaddr request structure -<varname>req</varname> -to canonical format. -The packet header structure -<varname>pkt</varname> -is initialised and transferred to -buffer -<varname>b</varname>. -The contents of -<varname>*req</varname> -are then appended to the buffer in canonical format. -<function>lwres_gnbaresponse_render()</function> -performs the same task, except it converts a getnamebyaddr response structure -<type>lwres_gnbaresponse_t</type> -to the lightweight resolver's canonical format. -</para> -<para> -<function>lwres_gnbarequest_parse()</function> -uses context -<varname>ctx</varname> -to convert the contents of packet -<varname>pkt</varname> -to a -<type>lwres_gnbarequest_t</type> -structure. -Buffer -<varname>b</varname> -provides space to be used for storing this structure. -When the function succeeds, the resulting -<type>lwres_gnbarequest_t</type> -is made available through -<varname>*structp</varname>. -<function>lwres_gnbaresponse_parse()</function> -offers the same semantics as -<function>lwres_gnbarequest_parse()</function> -except it yields a -<type>lwres_gnbaresponse_t</type> -structure. -</para> -<para> -<function>lwres_gnbaresponse_free()</function> -and -<function>lwres_gnbarequest_free()</function> -release the memory in resolver context -<varname>ctx</varname> -that was allocated to the -<type>lwres_gnbaresponse_t</type> -or -<type>lwres_gnbarequest_t</type> -structures referenced via -<varname>structp</varname>. -Any memory associated with ancillary buffers and strings for those -structures is also discarded. -</para> -</refsect1> -<refsect1> -<title>RETURN VALUES</title> -<para> -The getnamebyaddr opcode functions -<function>lwres_gnbarequest_render()</function>, -<function>lwres_gnbaresponse_render()</function> -<function>lwres_gnbarequest_parse()</function> -and -<function>lwres_gnbaresponse_parse()</function> -all return -<errorcode>LWRES_R_SUCCESS</errorcode> -on success. -They return -<errorcode>LWRES_R_NOMEMORY</errorcode> -if memory allocation fails. -<errorcode>LWRES_R_UNEXPECTEDEND</errorcode> -is returned if the available space in the buffer -<varname>b</varname> -is too small to accommodate the packet header or the -<type>lwres_gnbarequest_t</type> -and -<type>lwres_gnbaresponse_t</type> -structures. -<function>lwres_gnbarequest_parse()</function> -and -<function>lwres_gnbaresponse_parse()</function> -will return -<errorcode>LWRES_R_UNEXPECTEDEND</errorcode> -if the buffer is not empty after decoding the received packet. -These functions will return -<errorcode>LWRES_R_FAILURE</errorcode> -if -<structfield>pktflags</structfield> -in the packet header structure -<type>lwres_lwpacket_t</type> -indicate that the packet is not a response to an earlier query. -</para> -</refsect1> -<refsect1> -<title>SEE ALSO</title> -<para> -<citerefentry> -<refentrytitle>lwres_packet</refentrytitle> -<manvolnum>3</manvolnum> -</citerefentry>. -</para> -</refsect1> -</refentry> + </para> + + <para><function>lwres_gnbarequest_render()</function> + uses resolver context <varname>ctx</varname> to convert + getnamebyaddr request structure <varname>req</varname> to + canonical format. The packet header structure + <varname>pkt</varname> is initialised and transferred to buffer + <varname>b</varname>. The contents of <varname>*req</varname> + are then appended to the buffer in canonical format. + <function>lwres_gnbaresponse_render()</function> performs the + same task, except it converts a getnamebyaddr response structure + <type>lwres_gnbaresponse_t</type> to the lightweight resolver's + canonical format. + </para> + + <para><function>lwres_gnbarequest_parse()</function> + uses context <varname>ctx</varname> to convert the contents of + packet <varname>pkt</varname> to a + <type>lwres_gnbarequest_t</type> structure. Buffer + <varname>b</varname> provides space to be used for storing this + structure. When the function succeeds, the resulting + <type>lwres_gnbarequest_t</type> is made available through + <varname>*structp</varname>. + <function>lwres_gnbaresponse_parse()</function> offers the same + semantics as <function>lwres_gnbarequest_parse()</function> + except it yields a <type>lwres_gnbaresponse_t</type> structure. + </para> + + <para><function>lwres_gnbaresponse_free()</function> + and <function>lwres_gnbarequest_free()</function> release the + memory in resolver context <varname>ctx</varname> that was + allocated to the <type>lwres_gnbaresponse_t</type> or + <type>lwres_gnbarequest_t</type> structures referenced via + <varname>structp</varname>. Any memory associated with + ancillary buffers and strings for those structures is also + discarded. + </para> + </refsect1> + + <refsect1> + <title>RETURN VALUES</title> + <para> + The getnamebyaddr opcode functions + <function>lwres_gnbarequest_render()</function>, + <function>lwres_gnbaresponse_render()</function> + <function>lwres_gnbarequest_parse()</function> + and + <function>lwres_gnbaresponse_parse()</function> + all return + <errorcode>LWRES_R_SUCCESS</errorcode> + on success. + They return + <errorcode>LWRES_R_NOMEMORY</errorcode> + if memory allocation fails. + <errorcode>LWRES_R_UNEXPECTEDEND</errorcode> + is returned if the available space in the buffer + <varname>b</varname> + is too small to accommodate the packet header or the + <type>lwres_gnbarequest_t</type> + and + <type>lwres_gnbaresponse_t</type> + structures. + <function>lwres_gnbarequest_parse()</function> + and + <function>lwres_gnbaresponse_parse()</function> + will return + <errorcode>LWRES_R_UNEXPECTEDEND</errorcode> + if the buffer is not empty after decoding the received packet. + These functions will return + <errorcode>LWRES_R_FAILURE</errorcode> + if + <structfield>pktflags</structfield> + in the packet header structure + <type>lwres_lwpacket_t</type> + indicate that the packet is not a response to an earlier query. + </para> + </refsect1> + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>lwres_packet</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>. + </para> + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/man/lwres_hstrerror.3 b/usr.sbin/bind/lib/lwres/man/lwres_hstrerror.3 index 242590c996e..36562da60fc 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_hstrerror.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres_hstrerror.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres_hstrerror.3,v 1.13.2.1.8.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres_hstrerror.3,v 1.16.18.11 2007/01/30 00:23:45 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres_hstrerror .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Jun 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -36,9 +36,9 @@ lwres_herror, lwres_hstrerror \- lightweight resolver error message generation #include <lwres/netdb.h> .fi .HP 18 -.BI "void lwres_herror(const\ char\ *s);" +.BI "void lwres_herror(const\ char\ *" "s" ");" .HP 29 -.BI "const char * lwres_hstrerror(int\ err);" +.BI "const char * lwres_hstrerror(int\ " "err" ");" .SH "DESCRIPTION" .PP \fBlwres_herror()\fR @@ -54,21 +54,31 @@ for the error code stored in the global variable \fBlwres_hstrerror()\fR returns an appropriate string for the error code gievn by \fIerr\fR. The values of the error codes and messages are as follows: -.TP 3n +.PP \fBNETDB_SUCCESS\fR +.RS 4 Resolver Error 0 (no error) -.TP 3n +.RE +.PP \fBHOST_NOT_FOUND\fR +.RS 4 Unknown host -.TP 3n +.RE +.PP \fBTRY_AGAIN\fR +.RS 4 Host name lookup failure -.TP 3n +.RE +.PP \fBNO_RECOVERY\fR +.RS 4 Unknown server error -.TP 3n +.RE +.PP \fBNO_DATA\fR +.RS 4 No address associated with name +.RE .SH "RETURN VALUES" .PP The string @@ -83,4 +93,7 @@ is not a valid error code. \fBherror\fR(3), \fBlwres_hstrerror\fR(3). .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres_hstrerror.docbook b/usr.sbin/bind/lib/lwres/man/lwres_hstrerror.docbook index 8c5ce0732d3..527c4a0423e 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_hstrerror.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres_hstrerror.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,24 +18,24 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres_hstrerror.docbook,v 1.4.206.3 2005/05/12 21:36:15 sra Exp $ --> - +<!-- $ISC: lwres_hstrerror.docbook,v 1.5.18.6 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> + <refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> -<refmeta> -<refentrytitle>lwres_hstrerror</refentrytitle> -<manvolnum>3</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refmeta> + <refentrytitle>lwres_hstrerror</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -45,95 +45,108 @@ </copyright> </docinfo> -<refnamediv> -<refname>lwres_herror</refname> -<refname>lwres_hstrerror</refname> -<refpurpose>lightweight resolver error message generation</refpurpose> -</refnamediv> -<refsynopsisdiv> -<funcsynopsis> + <refnamediv> + <refname>lwres_herror</refname> + <refname>lwres_hstrerror</refname> + <refpurpose>lightweight resolver error message generation</refpurpose> + </refnamediv> + <refsynopsisdiv> + <funcsynopsis> <funcsynopsisinfo>#include <lwres/netdb.h></funcsynopsisinfo> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_herror</function></funcdef> -<paramdef>const char *s</paramdef> -</funcprototype> + <paramdef>const char *<parameter>s</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> const char * <function>lwres_hstrerror</function></funcdef> -<paramdef>int err</paramdef> -</funcprototype> + <paramdef>int <parameter>err</parameter></paramdef> + </funcprototype> </funcsynopsis> -</refsynopsisdiv> + </refsynopsisdiv> -<refsect1> -<title>DESCRIPTION</title> + <refsect1> + <title>DESCRIPTION</title> -<para> -<function>lwres_herror()</function> prints the string -<parameter>s</parameter> on <type>stderr</type> followed by the string -generated by <function>lwres_hstrerror()</function> for the error code -stored in the global variable <constant>lwres_h_errno</constant>. -</para> + <para><function>lwres_herror()</function> + prints the string <parameter>s</parameter> on + <type>stderr</type> followed by the string generated by + <function>lwres_hstrerror()</function> for the error code stored + in the global variable <constant>lwres_h_errno</constant>. + </para> -<para> -<function>lwres_hstrerror()</function> returns an appropriate string -for the error code gievn by <parameter>err</parameter>. The values of -the error codes and messages are as follows: + <para><function>lwres_hstrerror()</function> + returns an appropriate string for the error code gievn by + <parameter>err</parameter>. The values of the error codes and + messages are as follows: -<variablelist> -<varlistentry><term><errorcode>NETDB_SUCCESS</errorcode></term> -<listitem> -<para> -<errorname>Resolver Error 0 (no error)</errorname> -</para></listitem></varlistentry> -<varlistentry><term><errorcode>HOST_NOT_FOUND</errorcode></term> -<listitem> -<para> -<errorname>Unknown host</errorname> -</para></listitem></varlistentry> -<varlistentry><term><errorcode>TRY_AGAIN</errorcode></term> -<listitem> -<para> -<errorname>Host name lookup failure</errorname> -</para></listitem></varlistentry> -<varlistentry><term><errorcode>NO_RECOVERY</errorcode></term> -<listitem> -<para> -<errorname>Unknown server error</errorname> -</para></listitem></varlistentry> -<varlistentry><term><errorcode>NO_DATA</errorcode></term> -<listitem> -<para> -<errorname>No address associated with name</errorname> -</para></listitem></varlistentry> -</variablelist> -</para> -</refsect1> + <variablelist> + <varlistentry> + <term><errorcode>NETDB_SUCCESS</errorcode></term> + <listitem> + <para><errorname>Resolver Error 0 (no error)</errorname> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><errorcode>HOST_NOT_FOUND</errorcode></term> + <listitem> + <para><errorname>Unknown host</errorname> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><errorcode>TRY_AGAIN</errorcode></term> + <listitem> + <para><errorname>Host name lookup failure</errorname> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><errorcode>NO_RECOVERY</errorcode></term> + <listitem> + <para><errorname>Unknown server error</errorname> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><errorcode>NO_DATA</errorcode></term> + <listitem> + <para><errorname>No address associated with name</errorname> + </para> + </listitem> + </varlistentry> + </variablelist> + </para> + </refsect1> -<refsect1> -<title>RETURN VALUES</title> -<para> -The string <errorname>Unknown resolver error</errorname> is returned by -<function>lwres_hstrerror()</function> -when the value of -<constant>lwres_h_errno</constant> -is not a valid error code. -</para> -</refsect1> -<refsect1> -<title>SEE ALSO</title> -<para> -<citerefentry> -<refentrytitle>herror</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, + <refsect1> + <title>RETURN VALUES</title> + <para> + The string <errorname>Unknown resolver error</errorname> is returned by + <function>lwres_hstrerror()</function> + when the value of + <constant>lwres_h_errno</constant> + is not a valid error code. + </para> + </refsect1> + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>herror</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, -<citerefentry> -<refentrytitle>lwres_hstrerror</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>. -</para> + <citerefentry> + <refentrytitle>lwres_hstrerror</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>. + </para> -</refsect1> -</refentry> + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/man/lwres_inetntop.3 b/usr.sbin/bind/lib/lwres/man/lwres_inetntop.3 index 4ea9df84d47..4782439c805 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_inetntop.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres_inetntop.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres_inetntop.3,v 1.12.2.1.8.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres_inetntop.3,v 1.15.18.11 2007/01/30 00:23:45 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres_inetntop .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Jun 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -36,7 +36,7 @@ lwres_net_ntop \- lightweight resolver IP address presentation #include <lwres/net.h> .fi .HP 28 -.BI "const char * lwres_net_ntop(int\ af, const\ void\ *src, char\ *dst, size_t\ size);" +.BI "const char * lwres_net_ntop(int\ " "af" ", const\ void\ *" "src" ", char\ *" "dst" ", size_t\ " "size" ");" .SH "DESCRIPTION" .PP \fBlwres_net_ntop()\fR @@ -71,4 +71,7 @@ is not supported. \fBinet_ntop\fR(3), \fBerrno\fR(3). .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres_inetntop.docbook b/usr.sbin/bind/lib/lwres/man/lwres_inetntop.docbook index 490d7c1dbb6..979120dafbc 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_inetntop.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres_inetntop.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,24 +18,24 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres_inetntop.docbook,v 1.3.206.3 2005/05/12 21:36:15 sra Exp $ --> - +<!-- $ISC: lwres_inetntop.docbook,v 1.4.18.6 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> + <refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> -<refmeta> -<refentrytitle>lwres_inetntop</refentrytitle> -<manvolnum>3</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refmeta> + <refentrytitle>lwres_inetntop</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -45,70 +45,76 @@ </copyright> </docinfo> -<refnamediv> -<refname>lwres_net_ntop</refname> -<refpurpose>lightweight resolver IP address presentation</refpurpose> -</refnamediv> -<refsynopsisdiv> -<funcsynopsis> + <refnamediv> + <refname>lwres_net_ntop</refname> + <refpurpose>lightweight resolver IP address presentation</refpurpose> + </refnamediv> + <refsynopsisdiv> + <funcsynopsis> <funcsynopsisinfo>#include <lwres/net.h></funcsynopsisinfo> <funcprototype> -<funcdef> + <funcdef> const char * <function>lwres_net_ntop</function></funcdef> -<paramdef>int af</paramdef> -<paramdef>const void *src</paramdef> -<paramdef>char *dst</paramdef> -<paramdef>size_t size</paramdef> -</funcprototype> + <paramdef>int <parameter>af</parameter></paramdef> + <paramdef>const void *<parameter>src</parameter></paramdef> + <paramdef>char *<parameter>dst</parameter></paramdef> + <paramdef>size_t <parameter>size</parameter></paramdef> + </funcprototype> </funcsynopsis> -</refsynopsisdiv> + </refsynopsisdiv> -<refsect1> -<title>DESCRIPTION</title> + <refsect1> + <title>DESCRIPTION</title> -<para> -<function>lwres_net_ntop()</function> converts an IP address of -protocol family <parameter>af</parameter> — IPv4 or IPv6 — -at location <parameter>src</parameter> from network format to its -conventional representation as a string. For IPv4 addresses, that -string would be a dotted-decimal. An IPv6 address would be -represented in colon notation as described in RFC1884. -</para> + <para><function>lwres_net_ntop()</function> + converts an IP address of protocol family + <parameter>af</parameter> — IPv4 or IPv6 — at + location <parameter>src</parameter> from network format to its + conventional representation as a string. For IPv4 addresses, + that string would be a dotted-decimal. An IPv6 address would be + represented in colon notation as described in RFC1884. + </para> -<para> -The generated string is copied to <parameter>dst</parameter> provided -<parameter>size</parameter> indicates it is long enough to store the -ASCII representation of the address. -</para> + <para> + The generated string is copied to <parameter>dst</parameter> + provided + <parameter>size</parameter> indicates it is long enough to + store the + ASCII representation of the address. + </para> -</refsect1> -<refsect1> -<title>RETURN VALUES</title> + </refsect1> + <refsect1> + <title>RETURN VALUES</title> -<para> -If successful, the function returns <parameter>dst</parameter>: -a pointer to a string containing the presentation format of the -address. <function>lwres_net_ntop()</function> returns -<type>NULL</type> and sets the global variable -<constant>errno</constant> to <errorcode>EAFNOSUPPORT</errorcode> if -the protocol family given in <parameter>af</parameter> is not -supported. -</para> + <para> + If successful, the function returns <parameter>dst</parameter>: + a pointer to a string containing the presentation format of the + address. <function>lwres_net_ntop()</function> returns + <type>NULL</type> and sets the global variable + <constant>errno</constant> to <errorcode>EAFNOSUPPORT</errorcode> if + the protocol family given in <parameter>af</parameter> is + not + supported. + </para> -</refsect1> -<refsect1> -<title>SEE ALSO</title> -<para> -<citerefentry> -<refentrytitle>RFC1884</refentrytitle> -</citerefentry>, -<citerefentry> -<refentrytitle>inet_ntop</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, -<citerefentry> -<refentrytitle>errno</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>. -</para> -</refsect1> -</refentry> + </refsect1> + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>RFC1884</refentrytitle> + </citerefentry>, + <citerefentry> + <refentrytitle>inet_ntop</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>errno</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>. + </para> + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/man/lwres_noop.3 b/usr.sbin/bind/lib/lwres/man/lwres_noop.3 index 1adac1e1885..4f46e1502c1 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_noop.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres_noop.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres_noop.3,v 1.14.2.1.8.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres_noop.3,v 1.17.18.11 2007/01/30 00:23:45 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres_noop .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Jun 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -36,17 +36,17 @@ lwres_nooprequest_render, lwres_noopresponse_render, lwres_nooprequest_parse, lw #include <lwres/lwres.h> .fi .HP 40 -.BI "lwres_result_t lwres_nooprequest_render(lwres_context_t\ *ctx, lwres_nooprequest_t\ *req, lwres_lwpacket_t\ *pkt, lwres_buffer_t\ *b);" +.BI "lwres_result_t lwres_nooprequest_render(lwres_context_t\ *" "ctx" ", lwres_nooprequest_t\ *" "req" ", lwres_lwpacket_t\ *" "pkt" ", lwres_buffer_t\ *" "b" ");" .HP 41 -.BI "lwres_result_t lwres_noopresponse_render(lwres_context_t\ *ctx, lwres_noopresponse_t\ *req, lwres_lwpacket_t\ *pkt, lwres_buffer_t\ *b);" +.BI "lwres_result_t lwres_noopresponse_render(lwres_context_t\ *" "ctx" ", lwres_noopresponse_t\ *" "req" ", lwres_lwpacket_t\ *" "pkt" ", lwres_buffer_t\ *" "b" ");" .HP 39 -.BI "lwres_result_t lwres_nooprequest_parse(lwres_context_t\ *ctx, lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt, lwres_nooprequest_t\ **structp);" +.BI "lwres_result_t lwres_nooprequest_parse(lwres_context_t\ *" "ctx" ", lwres_buffer_t\ *" "b" ", lwres_lwpacket_t\ *" "pkt" ", lwres_nooprequest_t\ **" "structp" ");" .HP 40 -.BI "lwres_result_t lwres_noopresponse_parse(lwres_context_t\ *ctx, lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt, lwres_noopresponse_t\ **structp);" +.BI "lwres_result_t lwres_noopresponse_parse(lwres_context_t\ *" "ctx" ", lwres_buffer_t\ *" "b" ", lwres_lwpacket_t\ *" "pkt" ", lwres_noopresponse_t\ **" "structp" ");" .HP 29 -.BI "void lwres_noopresponse_free(lwres_context_t\ *ctx, lwres_noopresponse_t\ **structp);" +.BI "void lwres_noopresponse_free(lwres_context_t\ *" "ctx" ", lwres_noopresponse_t\ **" "structp" ");" .HP 28 -.BI "void lwres_nooprequest_free(lwres_context_t\ *ctx, lwres_nooprequest_t\ **structp);" +.BI "void lwres_nooprequest_free(lwres_context_t\ *" "ctx" ", lwres_nooprequest_t\ **" "structp" ");" .SH "DESCRIPTION" .PP These are low\-level routines for creating and parsing lightweight resolver no\-op request and response messages. @@ -63,14 +63,26 @@ to the canonical format. This is complemented by a parse function which converts .PP These structures are defined in \fIlwres/lwres.h\fR. They are shown below. -.sp -.RS 3n +.PP +.RS 4 .nf #define LWRES_OPCODE_NOOP 0x00000000U +.fi +.RE +.sp +.PP +.RS 4 +.nf typedef struct { lwres_uint16_t datalength; unsigned char *data; } lwres_nooprequest_t; +.fi +.RE +.sp +.PP +.RS 4 +.nf typedef struct { lwres_uint16_t datalength; unsigned char *data; @@ -78,6 +90,7 @@ typedef struct { .fi .RE .sp +.PP Although the structures have different types, they are identical. This is because the no\-op opcode simply echos whatever data was sent: the response is therefore identical to the request. .PP \fBlwres_nooprequest_render()\fR @@ -162,6 +175,9 @@ in the packet header structure indicate that the packet is not a response to an earlier query. .SH "SEE ALSO" .PP -\fBlwres_packet\fR(3 ) +\fBlwres_packet\fR(3) .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres_noop.docbook b/usr.sbin/bind/lib/lwres/man/lwres_noop.docbook index 6fba62c7850..9809a017477 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_noop.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres_noop.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,24 +18,24 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres_noop.docbook,v 1.4.206.3 2005/05/12 21:36:16 sra Exp $ --> - +<!-- $ISC: lwres_noop.docbook,v 1.5.18.6 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> + <refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> -<refmeta> -<refentrytitle>lwres_noop</refentrytitle> -<manvolnum>3</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refmeta> + <refentrytitle>lwres_noop</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -45,200 +45,211 @@ </copyright> </docinfo> -<refnamediv> -<refname>lwres_nooprequest_render</refname> -<refname>lwres_noopresponse_render</refname> -<refname>lwres_nooprequest_parse</refname> -<refname>lwres_noopresponse_parse</refname> -<refname>lwres_noopresponse_free</refname> -<refname>lwres_nooprequest_free</refname> -<refpurpose>lightweight resolver no-op message handling</refpurpose> -</refnamediv> -<refsynopsisdiv> -<funcsynopsis> + <refnamediv> + <refname>lwres_nooprequest_render</refname> + <refname>lwres_noopresponse_render</refname> + <refname>lwres_nooprequest_parse</refname> + <refname>lwres_noopresponse_parse</refname> + <refname>lwres_noopresponse_free</refname> + <refname>lwres_nooprequest_free</refname> + <refpurpose>lightweight resolver no-op message handling</refpurpose> + </refnamediv> + <refsynopsisdiv> + <funcsynopsis> <funcsynopsisinfo> #include <lwres/lwres.h></funcsynopsisinfo> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_nooprequest_render</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_nooprequest_t *req</paramdef> -<paramdef>lwres_lwpacket_t *pkt</paramdef> -<paramdef>lwres_buffer_t *b</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_nooprequest_t *<parameter>req</parameter></paramdef> + <paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_noopresponse_render</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_noopresponse_t *req</paramdef> -<paramdef>lwres_lwpacket_t *pkt</paramdef> -<paramdef>lwres_buffer_t *b</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_noopresponse_t *<parameter>req</parameter></paramdef> + <paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_nooprequest_parse</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>lwres_lwpacket_t *pkt</paramdef> -<paramdef>lwres_nooprequest_t **structp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> + <paramdef>lwres_nooprequest_t **<parameter>structp</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_noopresponse_parse</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>lwres_lwpacket_t *pkt</paramdef> -<paramdef>lwres_noopresponse_t **structp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> + <paramdef>lwres_noopresponse_t **<parameter>structp</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_noopresponse_free</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_noopresponse_t **structp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_noopresponse_t **<parameter>structp</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> void <function>lwres_nooprequest_free</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_nooprequest_t **structp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_nooprequest_t **<parameter>structp</parameter></paramdef> + </funcprototype> </funcsynopsis> -</refsynopsisdiv> -<refsect1> -<title>DESCRIPTION</title> -<para> -These are low-level routines for creating and parsing -lightweight resolver no-op request and response messages. -</para> -<para> -The no-op message is analogous to a <command>ping</command> packet: -a packet is sent to the resolver daemon and is simply echoed back. -The opcode is intended to allow a client to determine if the server is -operational or not. -</para> -<para> -There are four main functions for the no-op opcode. -One render function converts a no-op request structure — -<type>lwres_nooprequest_t</type> — -to the lighweight resolver's canonical format. -It is complemented by a parse function that converts a packet in this -canonical format to a no-op request structure. -Another render function converts the no-op response structure — -<type>lwres_noopresponse_t</type> -to the canonical format. -This is complemented by a parse function which converts a packet in -canonical format to a no-op response structure. -</para> -<para> -These structures are defined in -<filename>lwres/lwres.h</filename>. + </refsynopsisdiv> + <refsect1> + <title>DESCRIPTION</title> + <para> + These are low-level routines for creating and parsing + lightweight resolver no-op request and response messages. + </para> + <para> + The no-op message is analogous to a <command>ping</command> + packet: + a packet is sent to the resolver daemon and is simply echoed back. + The opcode is intended to allow a client to determine if the server is + operational or not. + </para> + <para> + There are four main functions for the no-op opcode. + One render function converts a no-op request structure — + <type>lwres_nooprequest_t</type> — + to the lighweight resolver's canonical format. + It is complemented by a parse function that converts a packet in this + canonical format to a no-op request structure. + Another render function converts the no-op response structure — + <type>lwres_noopresponse_t</type> + to the canonical format. + This is complemented by a parse function which converts a packet in + canonical format to a no-op response structure. + </para> + <para> + These structures are defined in + <filename>lwres/lwres.h</filename>. -They are shown below. -<programlisting> + They are shown below. + </para> + <para><programlisting> #define LWRES_OPCODE_NOOP 0x00000000U - +</programlisting> + </para> + <para><programlisting> typedef struct { lwres_uint16_t datalength; unsigned char *data; } lwres_nooprequest_t; - +</programlisting> + </para> + <para><programlisting> typedef struct { lwres_uint16_t datalength; unsigned char *data; } lwres_noopresponse_t; </programlisting> -Although the structures have different types, they are identical. -This is because the no-op opcode simply echos whatever data was sent: -the response is therefore identical to the request. -</para> + </para> + <para> + Although the structures have different types, they are identical. + This is because the no-op opcode simply echos whatever data was sent: + the response is therefore identical to the request. + </para> -<para> -<function>lwres_nooprequest_render()</function> uses resolver -context <parameter>ctx</parameter> to convert no-op request structure -<parameter>req</parameter> to canonical format. The packet header -structure <parameter>pkt</parameter> is initialised and transferred to -buffer <parameter>b</parameter>. The contents of -<parameter>*req</parameter> are then appended to the buffer in -canonical format. <function>lwres_noopresponse_render()</function> -performs the same task, except it converts a no-op response structure -<type>lwres_noopresponse_t</type> to the lightweight resolver's -canonical format. -</para> + <para><function>lwres_nooprequest_render()</function> + uses resolver context <parameter>ctx</parameter> to convert + no-op request structure <parameter>req</parameter> to canonical + format. The packet header structure <parameter>pkt</parameter> + is initialised and transferred to buffer + <parameter>b</parameter>. The contents of + <parameter>*req</parameter> are then appended to the buffer in + canonical format. + <function>lwres_noopresponse_render()</function> performs the + same task, except it converts a no-op response structure + <type>lwres_noopresponse_t</type> to the lightweight resolver's + canonical format. + </para> -<para> -<function>lwres_nooprequest_parse()</function> uses context -<parameter>ctx</parameter> to convert the contents of packet -<parameter>pkt</parameter> to a <type>lwres_nooprequest_t</type> -structure. Buffer <parameter>b</parameter> provides space to be used -for storing this structure. When the function succeeds, the resulting -<type>lwres_nooprequest_t</type> is made available through -<parameter>*structp</parameter>. -<function>lwres_noopresponse_parse()</function> offers the same -semantics as <function>lwres_nooprequest_parse()</function> except it -yields a <type>lwres_noopresponse_t</type> structure. -</para> + <para><function>lwres_nooprequest_parse()</function> + uses context <parameter>ctx</parameter> to convert the contents + of packet <parameter>pkt</parameter> to a + <type>lwres_nooprequest_t</type> structure. Buffer + <parameter>b</parameter> provides space to be used for storing + this structure. When the function succeeds, the resulting + <type>lwres_nooprequest_t</type> is made available through + <parameter>*structp</parameter>. + <function>lwres_noopresponse_parse()</function> offers the same + semantics as <function>lwres_nooprequest_parse()</function> + except it yields a <type>lwres_noopresponse_t</type> structure. + </para> -<para> -<function>lwres_noopresponse_free()</function> and -<function>lwres_nooprequest_free()</function> release the memory in -resolver context <parameter>ctx</parameter> that was allocated to the -<type>lwres_noopresponse_t</type> or <type>lwres_nooprequest_t</type> -structures referenced via <parameter>structp</parameter>. -</para> + <para><function>lwres_noopresponse_free()</function> + and <function>lwres_nooprequest_free()</function> release the + memory in resolver context <parameter>ctx</parameter> that was + allocated to the <type>lwres_noopresponse_t</type> or + <type>lwres_nooprequest_t</type> structures referenced via + <parameter>structp</parameter>. + </para> -</refsect1> -<refsect1> -<title>RETURN VALUES</title> -<para> -The no-op opcode functions -<function>lwres_nooprequest_render()</function>, + </refsect1> + <refsect1> + <title>RETURN VALUES</title> + <para> + The no-op opcode functions + <function>lwres_nooprequest_render()</function>, -<function>lwres_noopresponse_render()</function> -<function>lwres_nooprequest_parse()</function> -and -<function>lwres_noopresponse_parse()</function> -all return -<errorcode>LWRES_R_SUCCESS</errorcode> -on success. -They return -<errorcode>LWRES_R_NOMEMORY</errorcode> -if memory allocation fails. -<errorcode>LWRES_R_UNEXPECTEDEND</errorcode> -is returned if the available space in the buffer -<parameter>b</parameter> -is too small to accommodate the packet header or the -<type>lwres_nooprequest_t</type> -and -<type>lwres_noopresponse_t</type> -structures. -<function>lwres_nooprequest_parse()</function> -and -<function>lwres_noopresponse_parse()</function> -will return -<errorcode>LWRES_R_UNEXPECTEDEND</errorcode> -if the buffer is not empty after decoding the received packet. -These functions will return -<errorcode>LWRES_R_FAILURE</errorcode> -if -<constant>pktflags</constant> -in the packet header structure -<type>lwres_lwpacket_t</type> -indicate that the packet is not a response to an earlier query. -</para> -</refsect1> -<refsect1> -<title>SEE ALSO</title> -<para> -<citerefentry> -<refentrytitle>lwres_packet</refentrytitle><manvolnum>3 -</manvolnum> -</citerefentry> -</para> -</refsect1> -</refentry> + <function>lwres_noopresponse_render()</function> + <function>lwres_nooprequest_parse()</function> + and + <function>lwres_noopresponse_parse()</function> + all return + <errorcode>LWRES_R_SUCCESS</errorcode> + on success. + They return + <errorcode>LWRES_R_NOMEMORY</errorcode> + if memory allocation fails. + <errorcode>LWRES_R_UNEXPECTEDEND</errorcode> + is returned if the available space in the buffer + <parameter>b</parameter> + is too small to accommodate the packet header or the + <type>lwres_nooprequest_t</type> + and + <type>lwres_noopresponse_t</type> + structures. + <function>lwres_nooprequest_parse()</function> + and + <function>lwres_noopresponse_parse()</function> + will return + <errorcode>LWRES_R_UNEXPECTEDEND</errorcode> + if the buffer is not empty after decoding the received packet. + These functions will return + <errorcode>LWRES_R_FAILURE</errorcode> + if + <constant>pktflags</constant> + in the packet header structure + <type>lwres_lwpacket_t</type> + indicate that the packet is not a response to an earlier query. + </para> + </refsect1> + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>lwres_packet</refentrytitle><manvolnum>3</manvolnum> + </citerefentry> + </para> + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/man/lwres_packet.3 b/usr.sbin/bind/lib/lwres/man/lwres_packet.3 index e796d57c552..3929f141048 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_packet.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres_packet.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres_packet.3,v 1.15.2.1.8.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres_packet.3,v 1.18.18.11 2007/01/30 00:23:45 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres_packet .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Jun 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -36,19 +36,25 @@ lwres_lwpacket_renderheader, lwres_lwpacket_parseheader \- lightweight resolver #include <lwres/lwpacket.h> .fi .HP 43 -.BI "lwres_result_t lwres_lwpacket_renderheader(lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt);" +.BI "lwres_result_t lwres_lwpacket_renderheader(lwres_buffer_t\ *" "b" ", lwres_lwpacket_t\ *" "pkt" ");" .HP 42 -.BI "lwres_result_t lwres_lwpacket_parseheader(lwres_buffer_t\ *b, lwres_lwpacket_t\ *pkt);" +.BI "lwres_result_t lwres_lwpacket_parseheader(lwres_buffer_t\ *" "b" ", lwres_lwpacket_t\ *" "pkt" ");" .SH "DESCRIPTION" .PP These functions rely on a \fBstruct lwres_lwpacket\fR which is defined in \fIlwres/lwpacket.h\fR. -.sp -.RS 3n +.PP +.RS 4 .nf typedef struct lwres_lwpacket lwres_lwpacket_t; +.fi +.RE +.sp +.PP +.RS 4 +.nf struct lwres_lwpacket { lwres_uint32_t length; lwres_uint16_t version; @@ -65,45 +71,69 @@ struct lwres_lwpacket { .sp .PP The elements of this structure are: -.TP 3n +.PP \fBlength\fR +.RS 4 the overall packet length, including the entire packet header. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls. -.TP 3n +.RE +.PP \fBversion\fR +.RS 4 the header format. There is currently only one format, \fBLWRES_LWPACKETVERSION_0\fR. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls. -.TP 3n +.RE +.PP \fBpktflags\fR +.RS 4 library\-defined flags for this packet: for instance whether the packet is a request or a reply. Flag values can be set, but not defined by the caller. This field is filled in by the application wit the exception of the LWRES_LWPACKETFLAG_RESPONSE bit, which is set by the library in the lwres_gabn_*() and lwres_gnba_*() calls. -.TP 3n +.RE +.PP \fBserial\fR +.RS 4 is set by the requestor and is returned in all replies. If two or more packets from the same source have the same serial number and are from the same source, they are assumed to be duplicates and the latter ones may be dropped. This field must be set by the application. -.TP 3n +.RE +.PP \fBopcode\fR +.RS 4 indicates the operation. Opcodes between 0x00000000 and 0x03ffffff are reserved for use by the lightweight resolver library. Opcodes between 0x04000000 and 0xffffffff are application defined. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls. -.TP 3n +.RE +.PP \fBresult\fR +.RS 4 is only valid for replies. Results between 0x04000000 and 0xffffffff are application defined. Results between 0x00000000 and 0x03ffffff are reserved for library use. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls. -.TP 3n +.RE +.PP \fBrecvlength\fR +.RS 4 is the maximum buffer size that the receiver can handle on requests and the size of the buffer needed to satisfy a request when the buffer is too large for replies. This field is supplied by the application. -.TP 3n +.RE +.PP \fBauthtype\fR +.RS 4 defines the packet level authentication that is used. Authorisation types between 0x1000 and 0xffff are application defined and types between 0x0000 and 0x0fff are reserved for library use. Currently these are not used and must be zero. -.TP 3n +.RE +.PP \fBauthlen\fR +.RS 4 gives the length of the authentication data. Since packet authentication is currently not used, this must be zero. +.RE .PP The following opcodes are currently defined: -.TP 3n +.PP \fBNOOP\fR +.RS 4 Success is always returned and the packet contents are echoed. The lwres_noop_*() functions should be used for this type. -.TP 3n +.RE +.PP \fBGETADDRSBYNAME\fR +.RS 4 returns all known addresses for a given name. The lwres_gabn_*() functions should be used for this type. -.TP 3n +.RE +.PP \fBGETNAMEBYADDR\fR +.RS 4 return the hostname for the given address. The lwres_gnba_*() functions should be used for this type. +.RE .PP \fBlwres_lwpacket_renderheader()\fR transfers the contents of lightweight resolver packet structure @@ -134,4 +164,7 @@ and lightweight resolver packet both functions return \fBLWRES_R_UNEXPECTEDEND\fR. .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres_packet.docbook b/usr.sbin/bind/lib/lwres/man/lwres_packet.docbook index 4fab82b5b03..50abc7b94be 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_packet.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres_packet.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,24 +18,24 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres_packet.docbook,v 1.6.206.3 2005/05/12 21:36:16 sra Exp $ --> - +<!-- $ISC: lwres_packet.docbook,v 1.7.18.6 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> + <refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> -<refmeta> -<refentrytitle>lwres_packet</refentrytitle> -<manvolnum>3</manvolnum> -<refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refmeta> + <refentrytitle>lwres_packet</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -45,41 +45,44 @@ </copyright> </docinfo> -<refnamediv> -<refname>lwres_lwpacket_renderheader</refname> -<refname>lwres_lwpacket_parseheader</refname> -<refpurpose>lightweight resolver packet handling functions</refpurpose> -</refnamediv> -<refsynopsisdiv> -<funcsynopsis> + <refnamediv> + <refname>lwres_lwpacket_renderheader</refname> + <refname>lwres_lwpacket_parseheader</refname> + <refpurpose>lightweight resolver packet handling functions</refpurpose> + </refnamediv> + <refsynopsisdiv> + <funcsynopsis> <funcsynopsisinfo>#include <lwres/lwpacket.h></funcsynopsisinfo> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_lwpacket_renderheader</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>lwres_lwpacket_t *pkt</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_lwpacket_parseheader</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>lwres_lwpacket_t *pkt</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>lwres_lwpacket_t *<parameter>pkt</parameter></paramdef> + </funcprototype> </funcsynopsis> -</refsynopsisdiv> -<refsect1> -<title>DESCRIPTION</title> -<para> -These functions rely on a -<type>struct lwres_lwpacket</type> -which is defined in -<filename>lwres/lwpacket.h</filename>. + </refsynopsisdiv> + <refsect1> + <title>DESCRIPTION</title> + <para> + These functions rely on a + <type>struct lwres_lwpacket</type> + which is defined in + <filename>lwres/lwpacket.h</filename>. + </para> -<programlisting> + <para><programlisting> typedef struct lwres_lwpacket lwres_lwpacket_t; - + </programlisting> + </para> + <para><programlisting> struct lwres_lwpacket { lwres_uint32_t length; lwres_uint16_t version; @@ -92,142 +95,197 @@ struct lwres_lwpacket { lwres_uint16_t authlength; }; </programlisting> -</para> + </para> -<para> -The elements of this structure are: -<variablelist> -<varlistentry><term><constant>length</constant></term> -<listitem> -<para> -the overall packet length, including the entire packet header. -This field is filled in by the lwres_gabn_*() and lwres_gnba_*() -calls. -</para></listitem></varlistentry> -<varlistentry><term><constant>version</constant></term> -<listitem> -<para> -the header format. There is currently only one format, -<type>LWRES_LWPACKETVERSION_0</type>. + <para> + The elements of this structure are: + <variablelist> + <varlistentry> + <term><constant>length</constant></term> + <listitem> + <para> + the overall packet length, including the entire packet header. + This field is filled in by the lwres_gabn_*() and lwres_gnba_*() + calls. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>version</constant></term> + <listitem> + <para> + the header format. There is currently only one format, + <type>LWRES_LWPACKETVERSION_0</type>. -This field is filled in by the lwres_gabn_*() and lwres_gnba_*() -calls. -</para></listitem></varlistentry> -<varlistentry><term><constant>pktflags</constant></term> -<listitem> -<para> -library-defined flags for this packet: for instance whether the packet -is a request or a reply. Flag values can be set, but not defined by -the caller. -This field is filled in by the application wit the exception of the -LWRES_LWPACKETFLAG_RESPONSE bit, which is set by the library in the -lwres_gabn_*() and lwres_gnba_*() calls. -</para></listitem></varlistentry> -<varlistentry><term><constant>serial</constant></term> -<listitem> -<para> -is set by the requestor and is returned in all replies. If two or more -packets from the same source have the same serial number and are from -the same source, they are assumed to be duplicates and the latter ones -may be dropped. -This field must be set by the application. -</para></listitem></varlistentry> -<varlistentry><term><constant>opcode</constant></term> -<listitem> -<para> -indicates the operation. -Opcodes between 0x00000000 and 0x03ffffff are -reserved for use by the lightweight resolver library. Opcodes between -0x04000000 and 0xffffffff are application defined. -This field is filled in by the lwres_gabn_*() and lwres_gnba_*() -calls. -</para></listitem></varlistentry> -<varlistentry><term><constant>result</constant></term> -<listitem> -<para> -is only valid for replies. -Results between 0x04000000 and 0xffffffff are application defined. -Results between 0x00000000 and 0x03ffffff are reserved for library use. -This field is filled in by the lwres_gabn_*() and lwres_gnba_*() -calls. -</para></listitem></varlistentry> -<varlistentry><term><constant>recvlength</constant></term> -<listitem> -<para> -is the maximum buffer size that the receiver can handle on requests -and the size of the buffer needed to satisfy a request when the buffer -is too large for replies. -This field is supplied by the application. -</para></listitem></varlistentry> -<varlistentry><term><constant>authtype</constant></term> -<listitem> -<para> -defines the packet level authentication that is used. -Authorisation types between 0x1000 and 0xffff are application defined -and types between 0x0000 and 0x0fff are reserved for library use. -Currently these are not used and must be zero. -</para></listitem></varlistentry> -<varlistentry><term><constant>authlen</constant></term> -<listitem> -<para> -gives the length of the authentication data. -Since packet authentication is currently not used, this must be zero. -</para></listitem></varlistentry> -</variablelist> -</para> -<para> -The following opcodes are currently defined: -<variablelist> -<varlistentry><term><constant>NOOP</constant></term> -<listitem> -<para> -Success is always returned and the packet contents are echoed. -The lwres_noop_*() functions should be used for this type. -</para></listitem></varlistentry> -<varlistentry><term><constant>GETADDRSBYNAME</constant></term> -<listitem> -<para> -returns all known addresses for a given name. -The lwres_gabn_*() functions should be used for this type. -</para></listitem></varlistentry> -<varlistentry><term><constant>GETNAMEBYADDR</constant></term> -<listitem> -<para> -return the hostname for the given address. -The lwres_gnba_*() functions should be used for this type. -</para></listitem></varlistentry> -</variablelist> -</para> + This field is filled in by the lwres_gabn_*() and lwres_gnba_*() + calls. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>pktflags</constant></term> + <listitem> + <para> + library-defined flags for this packet: for instance whether the + packet + is a request or a reply. Flag values can be set, but not defined + by + the caller. + This field is filled in by the application wit the exception of + the + LWRES_LWPACKETFLAG_RESPONSE bit, which is set by the library in + the + lwres_gabn_*() and lwres_gnba_*() calls. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>serial</constant></term> + <listitem> + <para> + is set by the requestor and is returned in all replies. If two + or more + packets from the same source have the same serial number and are + from + the same source, they are assumed to be duplicates and the + latter ones + may be dropped. + This field must be set by the application. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>opcode</constant></term> + <listitem> + <para> + indicates the operation. + Opcodes between 0x00000000 and 0x03ffffff are + reserved for use by the lightweight resolver library. Opcodes + between + 0x04000000 and 0xffffffff are application defined. + This field is filled in by the lwres_gabn_*() and lwres_gnba_*() + calls. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>result</constant></term> + <listitem> + <para> + is only valid for replies. + Results between 0x04000000 and 0xffffffff are application + defined. + Results between 0x00000000 and 0x03ffffff are reserved for + library use. + This field is filled in by the lwres_gabn_*() and lwres_gnba_*() + calls. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>recvlength</constant></term> + <listitem> + <para> + is the maximum buffer size that the receiver can handle on + requests + and the size of the buffer needed to satisfy a request when the + buffer + is too large for replies. + This field is supplied by the application. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>authtype</constant></term> + <listitem> + <para> + defines the packet level authentication that is used. + Authorisation types between 0x1000 and 0xffff are application + defined + and types between 0x0000 and 0x0fff are reserved for library + use. + Currently these are not used and must be zero. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>authlen</constant></term> + <listitem> + <para> + gives the length of the authentication data. + Since packet authentication is currently not used, this must be + zero. + </para> + </listitem> + </varlistentry> + </variablelist> + </para> + <para> + The following opcodes are currently defined: + <variablelist> + <varlistentry> + <term><constant>NOOP</constant></term> + <listitem> + <para> + Success is always returned and the packet contents are echoed. + The lwres_noop_*() functions should be used for this type. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>GETADDRSBYNAME</constant></term> + <listitem> + <para> + returns all known addresses for a given name. + The lwres_gabn_*() functions should be used for this type. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><constant>GETNAMEBYADDR</constant></term> + <listitem> + <para> + return the hostname for the given address. + The lwres_gnba_*() functions should be used for this type. + </para> + </listitem> + </varlistentry> + </variablelist> + </para> -<para> -<function>lwres_lwpacket_renderheader()</function> transfers the -contents of lightweight resolver packet structure -<type>lwres_lwpacket_t</type> <parameter>*pkt</parameter> in network -byte order to the lightweight resolver buffer, -<parameter>*b</parameter>. -</para> + <para><function>lwres_lwpacket_renderheader()</function> + transfers the contents of lightweight resolver packet structure + <type>lwres_lwpacket_t</type> <parameter>*pkt</parameter> in + network byte order to the lightweight resolver buffer, + <parameter>*b</parameter>. + </para> -<para> -<function>lwres_lwpacket_parseheader()</function> performs the -converse operation. It transfers data in network byte order from -buffer <parameter>*b</parameter> to resolver packet -<parameter>*pkt</parameter>. The contents of the buffer -<parameter>b</parameter> should correspond to a -<type>lwres_lwpacket_t</type>. -</para> + <para><function>lwres_lwpacket_parseheader()</function> + performs the converse operation. It transfers data in network + byte order from buffer <parameter>*b</parameter> to resolver + packet <parameter>*pkt</parameter>. The contents of the buffer + <parameter>b</parameter> should correspond to a + <type>lwres_lwpacket_t</type>. + </para> -</refsect1> + </refsect1> -<refsect1> -<title>RETURN VALUES</title> -<para> Successful calls to -<function>lwres_lwpacket_renderheader()</function> and -<function>lwres_lwpacket_parseheader()</function> return -<errorcode>LWRES_R_SUCCESS</errorcode>. If there is insufficient -space to copy data between the buffer <parameter>*b</parameter> and -lightweight resolver packet <parameter>*pkt</parameter> both functions -return <errorcode>LWRES_R_UNEXPECTEDEND</errorcode>. -</para> + <refsect1> + <title>RETURN VALUES</title> + <para> + Successful calls to + <function>lwres_lwpacket_renderheader()</function> and + <function>lwres_lwpacket_parseheader()</function> return + <errorcode>LWRES_R_SUCCESS</errorcode>. If there is insufficient + space to copy data between the buffer <parameter>*b</parameter> and + lightweight resolver packet <parameter>*pkt</parameter> both + functions + return <errorcode>LWRES_R_UNEXPECTEDEND</errorcode>. + </para> -</refsect1> -</refentry> + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/man/lwres_resutil.3 b/usr.sbin/bind/lib/lwres/man/lwres_resutil.3 index 9eb51d1b719..09b09d78125 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_resutil.3 +++ b/usr.sbin/bind/lib/lwres/man/lwres_resutil.3 @@ -1,4 +1,4 @@ -.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -13,13 +13,13 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $ISC: lwres_resutil.3,v 1.14.2.1.8.6 2006/06/29 13:02:31 marka Exp $ +.\" $ISC: lwres_resutil.3,v 1.17.18.11 2007/01/30 00:23:45 marka Exp $ .\" .hy 0 .ad l .\" Title: lwres_resutil .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> .\" Date: Jun 30, 2000 .\" Manual: BIND9 .\" Source: BIND9 @@ -36,13 +36,13 @@ lwres_string_parse, lwres_addr_parse, lwres_getaddrsbyname, lwres_getnamebyaddr #include <lwres/lwres.h> .fi .HP 34 -.BI "lwres_result_t lwres_string_parse(lwres_buffer_t\ *b, char\ **c, lwres_uint16_t\ *len);" +.BI "lwres_result_t lwres_string_parse(lwres_buffer_t\ *" "b" ", char\ **" "c" ", lwres_uint16_t\ *" "len" ");" .HP 32 -.BI "lwres_result_t lwres_addr_parse(lwres_buffer_t\ *b, lwres_addr_t\ *addr);" +.BI "lwres_result_t lwres_addr_parse(lwres_buffer_t\ *" "b" ", lwres_addr_t\ *" "addr" ");" .HP 36 -.BI "lwres_result_t lwres_getaddrsbyname(lwres_context_t\ *ctx, const\ char\ *name, lwres_uint32_t\ addrtypes, lwres_gabnresponse_t\ **structp);" +.BI "lwres_result_t lwres_getaddrsbyname(lwres_context_t\ *" "ctx" ", const\ char\ *" "name" ", lwres_uint32_t\ " "addrtypes" ", lwres_gabnresponse_t\ **" "structp" ");" .HP 35 -.BI "lwres_result_t lwres_getnamebyaddr(lwres_context_t\ *ctx, lwres_uint32_t\ addrtype, lwres_uint16_t\ addrlen, const\ unsigned\ char\ *addr, lwres_gnbaresponse_t\ **structp);" +.BI "lwres_result_t lwres_getnamebyaddr(lwres_context_t\ *" "ctx" ", lwres_uint32_t\ " "addrtype" ", lwres_uint16_t\ " "addrlen" ", const\ unsigned\ char\ *" "addr" ", lwres_gnbaresponse_t\ **" "structp" ");" .SH "DESCRIPTION" .PP \fBlwres_string_parse()\fR @@ -73,8 +73,8 @@ and use the \fBlwres_gnbaresponse_t\fR structure defined below: -.sp -.RS 3n +.PP +.RS 4 .nf typedef struct { lwres_uint32_t flags; @@ -90,9 +90,9 @@ typedef struct { } lwres_gabnresponse_t; .fi .RE -.sp +.PP The contents of this structure are not manipulated directly but they are controlled through the -\fBlwres_gabn\fR(3 ) +\fBlwres_gabn\fR(3) functions. .PP The lightweight resolver uses @@ -164,4 +164,7 @@ if the buffers used for sending queries and receiving replies are too small. \fBlwres_buffer\fR(3), \fBlwres_gabn\fR(3). .SH "COPYRIGHT" -Copyright \(co 2004, 2005 Internet Systems Consortium, Inc. ("ISC") +Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") +.br +Copyright \(co 2000, 2001 Internet Software Consortium. +.br diff --git a/usr.sbin/bind/lib/lwres/man/lwres_resutil.docbook b/usr.sbin/bind/lib/lwres/man/lwres_resutil.docbook index 193ed5f2f24..55a33c36fbf 100644 --- a/usr.sbin/bind/lib/lwres/man/lwres_resutil.docbook +++ b/usr.sbin/bind/lib/lwres/man/lwres_resutil.docbook @@ -1,11 +1,11 @@ -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" - "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd" +<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [<!ENTITY mdash "—">]> <!-- - - Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -18,24 +18,24 @@ - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $ISC: lwres_resutil.docbook,v 1.5.206.3 2005/05/12 21:36:16 sra Exp $ --> - +<!-- $ISC: lwres_resutil.docbook,v 1.6.18.6 2007/08/28 07:20:06 tbox Exp $ --> <refentry> -<refentryinfo> -<date>Jun 30, 2000</date> -</refentryinfo> + <refentryinfo> + <date>Jun 30, 2000</date> + </refentryinfo> -<refmeta> - <refentrytitle>lwres_resutil</refentrytitle> - <manvolnum>3</manvolnum> - <refmiscinfo>BIND9</refmiscinfo> -</refmeta> + <refmeta> + <refentrytitle>lwres_resutil</refentrytitle> + <manvolnum>3</manvolnum> + <refmiscinfo>BIND9</refmiscinfo> + </refmeta> <docinfo> <copyright> <year>2004</year> <year>2005</year> + <year>2007</year> <holder>Internet Systems Consortium, Inc. ("ISC")</holder> </copyright> <copyright> @@ -45,89 +45,88 @@ </copyright> </docinfo> -<refnamediv> -<refname>lwres_string_parse</refname> -<refname>lwres_addr_parse</refname> -<refname>lwres_getaddrsbyname</refname> -<refname>lwres_getnamebyaddr</refname> -<refpurpose>lightweight resolver utility functions</refpurpose> -</refnamediv> -<refsynopsisdiv> -<funcsynopsis> + <refnamediv> + <refname>lwres_string_parse</refname> + <refname>lwres_addr_parse</refname> + <refname>lwres_getaddrsbyname</refname> + <refname>lwres_getnamebyaddr</refname> + <refpurpose>lightweight resolver utility functions</refpurpose> + </refnamediv> + <refsynopsisdiv> + <funcsynopsis> <funcsynopsisinfo>#include <lwres/lwres.h></funcsynopsisinfo> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_string_parse</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>char **c</paramdef> -<paramdef>lwres_uint16_t *len</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>char **<parameter>c</parameter></paramdef> + <paramdef>lwres_uint16_t *<parameter>len</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_addr_parse</function></funcdef> -<paramdef>lwres_buffer_t *b</paramdef> -<paramdef>lwres_addr_t *addr</paramdef> -</funcprototype> + <paramdef>lwres_buffer_t *<parameter>b</parameter></paramdef> + <paramdef>lwres_addr_t *<parameter>addr</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_getaddrsbyname</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>const char *name</paramdef> -<paramdef>lwres_uint32_t addrtypes</paramdef> -<paramdef>lwres_gabnresponse_t **structp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>const char *<parameter>name</parameter></paramdef> + <paramdef>lwres_uint32_t <parameter>addrtypes</parameter></paramdef> + <paramdef>lwres_gabnresponse_t **<parameter>structp</parameter></paramdef> + </funcprototype> <funcprototype> -<funcdef> + <funcdef> lwres_result_t <function>lwres_getnamebyaddr</function></funcdef> -<paramdef>lwres_context_t *ctx</paramdef> -<paramdef>lwres_uint32_t addrtype</paramdef> -<paramdef>lwres_uint16_t addrlen</paramdef> -<paramdef>const unsigned char *addr</paramdef> -<paramdef>lwres_gnbaresponse_t **structp</paramdef> -</funcprototype> + <paramdef>lwres_context_t *<parameter>ctx</parameter></paramdef> + <paramdef>lwres_uint32_t <parameter>addrtype</parameter></paramdef> + <paramdef>lwres_uint16_t <parameter>addrlen</parameter></paramdef> + <paramdef>const unsigned char *<parameter>addr</parameter></paramdef> + <paramdef>lwres_gnbaresponse_t **<parameter>structp</parameter></paramdef> + </funcprototype> </funcsynopsis> -</refsynopsisdiv> - -<refsect1> -<title>DESCRIPTION</title> - -<para> -<function>lwres_string_parse()</function> retrieves a DNS-encoded -string starting the current pointer of lightweight resolver buffer -<parameter>b</parameter>: i.e. <constant>b->current</constant>. -When the function returns, the address of the first byte of the -encoded string is returned via <parameter>*c</parameter> and the -length of that string is given by <parameter>*len</parameter>. The -buffer's current pointer is advanced to point at the character -following the string length, the encoded string, and the trailing -<type>NULL</type> character. -</para> - -<para> -<function>lwres_addr_parse()</function> extracts an address from the -buffer <parameter>b</parameter>. The buffer's current pointer -<constant>b->current</constant> is presumed to point at an encoded -address: the address preceded by a 32-bit protocol family identifier -and a 16-bit length field. The encoded address is copied to -<constant>addr->address</constant> and -<constant>addr->length</constant> indicates the size in bytes of -the address that was copied. <constant>b->current</constant> is -advanced to point at the next byte of available data in the buffer -following the encoded address. -</para> - -<para> -<function>lwres_getaddrsbyname()</function> -and -<function>lwres_getnamebyaddr()</function> -use the -<type>lwres_gnbaresponse_t</type> -structure defined below: -<programlisting> + </refsynopsisdiv> + + <refsect1> + <title>DESCRIPTION</title> + + <para><function>lwres_string_parse()</function> + retrieves a DNS-encoded string starting the current pointer of + lightweight resolver buffer <parameter>b</parameter>: i.e. + <constant>b->current</constant>. When the function returns, + the address of the first byte of the encoded string is returned + via <parameter>*c</parameter> and the length of that string is + given by <parameter>*len</parameter>. The buffer's current + pointer is advanced to point at the character following the + string length, the encoded string, and the trailing + <type>NULL</type> character. + </para> + + <para><function>lwres_addr_parse()</function> + extracts an address from the buffer <parameter>b</parameter>. + The buffer's current pointer <constant>b->current</constant> + is presumed to point at an encoded address: the address preceded + by a 32-bit protocol family identifier and a 16-bit length + field. The encoded address is copied to + <constant>addr->address</constant> and + <constant>addr->length</constant> indicates the size in bytes + of the address that was copied. + <constant>b->current</constant> is advanced to point at the + next byte of available data in the buffer following the encoded + address. + </para> + + <para><function>lwres_getaddrsbyname()</function> + and <function>lwres_getnamebyaddr()</function> use the + <type>lwres_gnbaresponse_t</type> structure defined below: + </para> + +<para><programlisting> typedef struct { lwres_uint32_t flags; lwres_uint16_t naliases; @@ -140,97 +139,100 @@ typedef struct { void *base; size_t baselen; } lwres_gabnresponse_t; -</programlisting> -The contents of this structure are not manipulated directly but -they are controlled through the -<citerefentry> -<refentrytitle>lwres_gabn</refentrytitle><manvolnum>3 -</manvolnum> -</citerefentry> -functions. -</para> - -<para> -The lightweight resolver uses -<function>lwres_getaddrsbyname()</function> to perform foward lookups. -Hostname <parameter>name</parameter> is looked up using the resolver -context <parameter>ctx</parameter> for memory allocation. -<parameter>addrtypes</parameter> is a bitmask indicating which type of -addresses are to be looked up. Current values for this bitmask are -<type>LWRES_ADDRTYPE_V4</type> for IPv4 addresses and -<type>LWRES_ADDRTYPE_V6</type> for IPv6 addresses. Results of the -lookup are returned in <parameter>*structp</parameter>. -</para> - -<para> -<function>lwres_getnamebyaddr()</function> performs reverse lookups. -Resolver context <parameter>ctx</parameter> is used for memory -allocation. The address type is indicated by -<parameter>addrtype</parameter>: <type>LWRES_ADDRTYPE_V4</type> or -<type>LWRES_ADDRTYPE_V6</type>. The address to be looked up is given -by <parameter>addr</parameter> and its length is -<parameter>addrlen</parameter> bytes. The result of the function call -is made available through <parameter>*structp</parameter>. -</para> -</refsect1> - -<refsect1> -<title>RETURN VALUES</title> -<para> -Successful calls to -<function>lwres_string_parse()</function> -and -<function>lwres_addr_parse()</function> -return -<errorcode>LWRES_R_SUCCESS.</errorcode> -Both functions return -<errorcode>LWRES_R_FAILURE</errorcode> -if the buffer is corrupt or -<errorcode>LWRES_R_UNEXPECTEDEND</errorcode> -if the buffer has less space than expected for the components of the -encoded string or address. -</para> -<para> -<function>lwres_getaddrsbyname()</function> -returns -<errorcode>LWRES_R_SUCCESS</errorcode> -on success and it returns -<errorcode>LWRES_R_NOTFOUND</errorcode> -if the hostname -<parameter>name</parameter> -could not be found. -</para> -<para> -<errorcode>LWRES_R_SUCCESS</errorcode> -is returned by a successful call to -<function>lwres_getnamebyaddr()</function>. -</para> - -<para> -Both -<function>lwres_getaddrsbyname()</function> -and -<function>lwres_getnamebyaddr()</function> -return -<errorcode>LWRES_R_NOMEMORY</errorcode> -when memory allocation requests fail and -<errorcode>LWRES_R_UNEXPECTEDEND</errorcode> -if the buffers used for sending queries and receiving replies are too -small. -</para> - -</refsect1> -<refsect1> -<title>SEE ALSO</title> -<para> -<citerefentry> -<refentrytitle>lwres_buffer</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>, - -<citerefentry> -<refentrytitle>lwres_gabn</refentrytitle><manvolnum>3</manvolnum> -</citerefentry>. -</para> - -</refsect1> -</refentry> +</programlisting></para> + + <para> + The contents of this structure are not manipulated directly but + they are controlled through the + <citerefentry> + <refentrytitle>lwres_gabn</refentrytitle><manvolnum>3</manvolnum> + </citerefentry> + functions. + </para> + + <para> + The lightweight resolver uses + <function>lwres_getaddrsbyname()</function> to perform + foward lookups. + Hostname <parameter>name</parameter> is looked up using the + resolver + context <parameter>ctx</parameter> for memory allocation. + <parameter>addrtypes</parameter> is a bitmask indicating + which type of + addresses are to be looked up. Current values for this bitmask are + <type>LWRES_ADDRTYPE_V4</type> for IPv4 addresses and + <type>LWRES_ADDRTYPE_V6</type> for IPv6 addresses. Results of the + lookup are returned in <parameter>*structp</parameter>. + </para> + + <para><function>lwres_getnamebyaddr()</function> + performs reverse lookups. Resolver context + <parameter>ctx</parameter> is used for memory allocation. The + address type is indicated by <parameter>addrtype</parameter>: + <type>LWRES_ADDRTYPE_V4</type> or + <type>LWRES_ADDRTYPE_V6</type>. The address to be looked up is + given by <parameter>addr</parameter> and its length is + <parameter>addrlen</parameter> bytes. The result of the + function call is made available through + <parameter>*structp</parameter>. + </para> + </refsect1> + + <refsect1> + <title>RETURN VALUES</title> + <para> + Successful calls to + <function>lwres_string_parse()</function> + and + <function>lwres_addr_parse()</function> + return + <errorcode>LWRES_R_SUCCESS.</errorcode> + Both functions return + <errorcode>LWRES_R_FAILURE</errorcode> + if the buffer is corrupt or + <errorcode>LWRES_R_UNEXPECTEDEND</errorcode> + if the buffer has less space than expected for the components of the + encoded string or address. + </para> + + <para><function>lwres_getaddrsbyname()</function> + returns <errorcode>LWRES_R_SUCCESS</errorcode> on success and it + returns <errorcode>LWRES_R_NOTFOUND</errorcode> if the hostname + <parameter>name</parameter> could not be found. + </para> + <para><errorcode>LWRES_R_SUCCESS</errorcode> + is returned by a successful call to + <function>lwres_getnamebyaddr()</function>. + </para> + + <para> + Both + <function>lwres_getaddrsbyname()</function> + and + <function>lwres_getnamebyaddr()</function> + return + <errorcode>LWRES_R_NOMEMORY</errorcode> + when memory allocation requests fail and + <errorcode>LWRES_R_UNEXPECTEDEND</errorcode> + if the buffers used for sending queries and receiving replies are too + small. + </para> + + </refsect1> + <refsect1> + <title>SEE ALSO</title> + <para><citerefentry> + <refentrytitle>lwres_buffer</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + + <citerefentry> + <refentrytitle>lwres_gabn</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>. + </para> + + </refsect1> +</refentry><!-- + - Local variables: + - mode: sgml + - End: +--> diff --git a/usr.sbin/bind/lib/lwres/print_p.h b/usr.sbin/bind/lib/lwres/print_p.h index ae968641f33..6d8e6510c7c 100644 --- a/usr.sbin/bind/lib/lwres/print_p.h +++ b/usr.sbin/bind/lib/lwres/print_p.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: print_p.h,v 1.2.4.1 2004/08/28 06:25:25 marka Exp $ */ +/* $ISC: print_p.h,v 1.2.2.1 2004/08/28 06:21:13 marka Exp $ */ #ifndef LWRES_PRINT_P_H #define LWRES_PRINT_P_H 1 diff --git a/usr.sbin/bind/lib/lwres/strtoul.c b/usr.sbin/bind/lib/lwres/strtoul.c index 2917150a2c5..388d395f82f 100644 --- a/usr.sbin/bind/lib/lwres/strtoul.c +++ b/usr.sbin/bind/lib/lwres/strtoul.c @@ -53,7 +53,7 @@ static char sccsid[] = "@(#)strtoul.c 8.1 (Berkeley) 6/4/93"; #endif /* LIBC_SCCS and not lint */ -/* $ISC: strtoul.c,v 1.2.4.1 2005/06/08 02:08:31 marka Exp $ */ +/* $ISC: strtoul.c,v 1.2.2.1 2005/06/08 02:07:59 marka Exp $ */ #include <config.h> diff --git a/usr.sbin/bind/lib/lwres/unix/Makefile.in b/usr.sbin/bind/lib/lwres/unix/Makefile.in index d6a425b16c5..0795e7e6c07 100644 --- a/usr.sbin/bind/lib/lwres/unix/Makefile.in +++ b/usr.sbin/bind/lib/lwres/unix/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.1.206.1 2004/03/06 08:15:43 marka Exp $ +# $ISC: Makefile.in,v 1.2 2004/03/05 05:12:59 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/lwres/unix/include/Makefile.in b/usr.sbin/bind/lib/lwres/unix/include/Makefile.in index 4c3c7eaa0ab..59016ef7d09 100644 --- a/usr.sbin/bind/lib/lwres/unix/include/Makefile.in +++ b/usr.sbin/bind/lib/lwres/unix/include/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.1.206.1 2004/03/06 08:15:43 marka Exp $ +# $ISC: Makefile.in,v 1.2 2004/03/05 05:13:03 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/lwres/unix/include/lwres/Makefile.in b/usr.sbin/bind/lib/lwres/unix/include/lwres/Makefile.in index 9cdb20c8711..8cbd74002fd 100644 --- a/usr.sbin/bind/lib/lwres/unix/include/lwres/Makefile.in +++ b/usr.sbin/bind/lib/lwres/unix/include/lwres/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.1.206.1 2004/03/06 08:15:43 marka Exp $ +# $ISC: Makefile.in,v 1.2 2004/03/05 05:13:06 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/lib/lwres/unix/include/lwres/net.h b/usr.sbin/bind/lib/lwres/unix/include/lwres/net.h index d21542f9218..51ed1567565 100644 --- a/usr.sbin/bind/lib/lwres/unix/include/lwres/net.h +++ b/usr.sbin/bind/lib/lwres/unix/include/lwres/net.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: net.h,v 1.3.12.3 2004/03/08 09:05:12 marka Exp $ */ +/* $ISC: net.h,v 1.5.18.2 2005/04/29 00:17:23 marka Exp $ */ #ifndef LWRES_NET_H #define LWRES_NET_H 1 @@ -24,17 +24,15 @@ ***** Module Info *****/ -/* - * Basic Networking Types - * +/*! \file net.h * This module is responsible for defining the following basic networking * types: * - * struct in_addr - * struct in6_addr - * struct sockaddr - * struct sockaddr_in - * struct sockaddr_in6 + *\li struct in_addr + *\li struct in6_addr + *\li struct sockaddr + *\li struct sockaddr_in + *\li struct sockaddr_in6 * * It ensures that the AF_ and PF_ macros are defined. * @@ -42,7 +40,7 @@ * * It declares lwres_net_aton(), lwres_net_ntop(), and lwres_net_pton(). * - * It ensures that INADDR_LOOPBACK, INADDR_ANY and IN6ADDR_ANY_INIT + * It ensures that #INADDR_LOOPBACK, #INADDR_ANY and #IN6ADDR_ANY_INIT * are defined. */ @@ -79,7 +77,7 @@ #define in6_addr in_addr6 /* Required for pre RFC2133 implementations. */ #endif -/* +/*! * Required for some pre RFC2133 implementations. * IN6ADDR_ANY_INIT and IN6ADDR_LOOPBACK_INIT were added in * draft-ietf-ipngwg-bsd-api-04.txt or draft-ietf-ipngwg-bsd-api-05.txt. @@ -94,6 +92,9 @@ #endif #endif +/*! + * Initialize address loopback. See IN6ADDR_ANY_INIT + */ #ifndef IN6ADDR_LOOPBACK_INIT #ifdef s6_addr #define IN6ADDR_LOOPBACK_INIT { { { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1 } } } @@ -102,14 +103,18 @@ #endif #endif +/*% Used by AI_ALL */ #ifndef AF_INET6 #define AF_INET6 99 #endif + +/*% Used to return IPV6 address types. */ #ifndef PF_INET6 #define PF_INET6 AF_INET6 #endif +/*% inaddr Loopback */ #ifndef INADDR_LOOPBACK #define INADDR_LOOPBACK 0x7f000001UL #endif diff --git a/usr.sbin/bind/lib/lwres/version.c b/usr.sbin/bind/lib/lwres/version.c index 844acdc67dd..82096552f37 100644 --- a/usr.sbin/bind/lib/lwres/version.c +++ b/usr.sbin/bind/lib/lwres/version.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,9 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: version.c,v 1.6.12.3 2004/03/08 09:05:11 marka Exp $ */ +/* $ISC: version.c,v 1.8.18.2 2005/04/29 00:17:21 marka Exp $ */ + +/*! \file */ #include <lwres/version.h> diff --git a/usr.sbin/bind/make/Makefile.in b/usr.sbin/bind/make/Makefile.in index 38c97dd3c42..78dc15553fe 100644 --- a/usr.sbin/bind/make/Makefile.in +++ b/usr.sbin/bind/make/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.13.206.1 2004/03/06 13:16:21 marka Exp $ +# $ISC: Makefile.in,v 1.14 2004/03/05 05:14:06 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ diff --git a/usr.sbin/bind/make/includes.in b/usr.sbin/bind/make/includes.in index 734c90aa5ad..5e17715152b 100644 --- a/usr.sbin/bind/make/includes.in +++ b/usr.sbin/bind/make/includes.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 1999-2001 Internet Software Consortium. # # Permission to use, copy, modify, and distribute this software for any @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: includes.in,v 1.15.12.4 2004/12/09 04:07:30 marka Exp $ +# $ISC: includes.in,v 1.17.18.2 2005/06/04 06:23:47 jinmei Exp $ # Search for machine-generated header files in the build tree, # and for normal headers in the source tree (${top_srcdir}). @@ -25,7 +25,8 @@ ISC_INCLUDES = @BIND9_ISC_BUILDINCLUDE@ \ -I${top_srcdir}/lib/isc \ -I${top_srcdir}/lib/isc/include \ -I${top_srcdir}/lib/isc/unix/include \ - -I${top_srcdir}/lib/isc/@ISC_THREAD_DIR@/include + -I${top_srcdir}/lib/isc/@ISC_THREAD_DIR@/include \ + -I${top_srcdir}/lib/isc/@ISC_ARCH_DIR@/include ISCCC_INCLUDES = @BIND9_ISCCC_BUILDINCLUDE@ \ -I${top_srcdir}/lib/isccc/include |