diff options
| author | Stuart Henderson <sthen@cvs.openbsd.org> | 2012-03-26 18:08:27 +0000 |
|---|---|---|
| committer | Stuart Henderson <sthen@cvs.openbsd.org> | 2012-03-26 18:08:27 +0000 |
| commit | f9e2a41150d5e4f09815c05c2e52d62e2a4bbef3 (patch) | |
| tree | a0d39770766607348032dca8b54453f5ba35dfb2 /usr.sbin | |
| parent | f2996768813b0d00e0fda13090eff2a7ac307fb6 (diff) | |
Import ldns 1.6.12, needed for Unbound, to work on in-tree.
These are the direct sources from NLnet Labs upstream, minus these:
contrib doc/images examples packaging/fedora
ok deraadt@ jakob@
Diffstat (limited to 'usr.sbin')
77 files changed, 3276 insertions, 6535 deletions
diff --git a/usr.sbin/unbound/ldns/Changelog b/usr.sbin/unbound/ldns/Changelog index 48ea9bbda3a..a1581361821 100644 --- a/usr.sbin/unbound/ldns/Changelog +++ b/usr.sbin/unbound/ldns/Changelog @@ -1,134 +1,3 @@ -1.6.17 2014-01-10 - * Fix ldns_dnssec_zone_new_frm_fp_l to allow the last parsed line of a - zone to be an NSEC3 (or its RRSIG) covering an empty non terminal. - * Add --disable-dane option to configure and check availability of the - for dane needed X509_check_ca function in openssl. - * bugfix #490: Get rid of type-punned pointer warnings. - Thanks Adam Tkac. - * Make sure executables are linked against libcrypto with the - LIBSSL_LDFLAGS. Thanks Leo Baltus. - * Miscellaneous prototype fixes. Thanks Dag-Erling Smørgrav. - * README now shows preferred way to configure for examples and drill. - * Bind to source address for resolvers. drill binds to source with -I. - Thanks Bryan Duff. - * -T option for ldns-dane that has specific exit status for PKIX - validated connections without (secure) TLSA records. - * Fix b{32,64}_{ntop,pton} detection and handling. - * New RR type TKEY, but without operational practice. - * New RR types HIP, NINFO, RKEY, CDS, EUI48, EUI64, URI, CAA and TA. - * New output format flag (and accompanying functions) to print certain - RR's as unknown type - * -u and -U parameter for ldns-read-zone to mark/unmark a RR type - for printing as unknown type - * bugfix #504: GPOS RR has three rdata fields. Thanks Jelte Jansen. - * bugfix #497: Properly test for EOF when reading key files with drill. - * New functions: ldns_pkt_ixfr_request_new and - ldns_pkt_ixfr_request_new_frm_str. - * Use SNI with ldns-dane - * bugfix #507: ldnsx Fix use of non-existent variables and not - properly referring to instance variable. Patch from shussain. - * bugfix #508: ldnsx Adding NSEC3PARAM to known/allowable RR type - dictionary. Patch from shussain. - * bugfix #517: ldns_resolver_new_frm_fp error when invoked using a NULL - file pointer. - * Fix memory leak in contrib/python: ldns_pkt.new_query. - * Fix buffer overflow in fget_token and bget_token. - * ldns-verify-zone NSEC3 checking from quadratic to linear performance. - Thanks NIC MX (nicmexico.mx) - * ldns-dane setup new ssl session for each new connect to prevent hangs - * bugfix #521: drill trace continue on empty non-terminals with NSEC3 - * bugfix #525: Fix documentation of ldns_resolver_set_retry - * Remove unused LDNS_RDF_TYPE_TSIG and associated functions. - * Fix ldns_nsec_covers_name for zones with an apex only. Thanks Miek. - * Configure option to build perl bindings: --with-p5-dns-ldns - (DNS::LDNS is a contribution from Erik Ostlyngen) - * bugfix #527: Move -lssl before -lcrypto when linking - * Optimize TSIG digest function name comparison (Thanks Marc Buijsman) - * Compare names case insensitive with ldns_pkt_rr_list_by_name and - ldns_pkt_rr_list_by_name_and_type (thanks Johannes Naab) - * A separate --enable for each draft RR type: --enable-rrtype-ninfo, - --enable-rrtype-rkey, --enable-rrtype-cds, --enable-rrtype-uri and - --enable-rrtype-ta - * bugfix #530: Don't sign and verify duplicate RRs (Thanks Jelte Jansen) - * bugfix #505: Manpage and usage output fixes (Thanks Tomas Hozza) - * Adjust ldns_sha1() so that the input data is not modified (Thanks - Marc Buijsman) - * Messages to stderr are now off by default and can be reenabled with - the --enable-stderr-msgs configure option. - -1.6.16 2012-11-13 - * Fix Makefile to build pyldns with BSD make - * Fix typo in exporting b32_* symbols to make pyldns load again - * Allow leaving the RR owner name empty in ldns-testns datafiles. - * Fix fail to create NSEC3 bitmap for empty non-terminal (bug - introduced in 1.6.14). - -1.6.15 2012-10-25 - * Remove LDNS_STATUS_EXISTS_ERR from ldns/error.h to make ldns - binary compatible with earlier releases again. - -1.6.14 2012-10-23 - * DANE support (RFC6698), including ldns-dane example tool. - * Configurable default CA certificate repository for ldns-dane with - --with-ca-file=CAFILE and --with-ca-path=CAPATH - * Configurable default trust anchor with --with-trust-anchor=FILE - for drill, ldns-verify-zone and ldns-dane - * bugfix #474: Define socklen_t when undefined (like in Win32) - * bugfix #473: Dead code removal and resource leak fix in drill - * bugfix #471: Let ldns_resolver_push_dnssec_anchor accept DS RR's too. - * Various bugfixes from code reviews from CZ.NIC and Paul Wouters - * ldns-notify TSIG option argument checking - * Let ldns_resolver_nameservers_randomize keep nameservers and rtt's - in sync. - * Let ldns_pkt_push_rr now return false on (memory) errors. - * Make buffer_export comply to documentation and fix buffer2str - * Various improvements and fixes of pyldns from Katel Slany - now documented in their own Changelog. - * bugfix: Make ldns_resolver_pop_nameserver clear the array when - there was only one. - * bugfix #459: Remove ldns_symbols and export symbols based on regex - * bugfix #458: Track all newly created signatures when signing. - * bugfix #454: Only set -g and -O2 CFLAGS when no CFLAGS was given. - * bugfix #457: Memory leak fix for ldns_key_new_frm_algorithm. - * pyldns memory handling fixes and the python3/ldns-signzone.py - examples script contribution from Karel Slany. - * bugfix #450: Base # bytes for P, G and Y (T) on the guaranteed - to be bigger (or equal) P in ldns_key_dsa2bin. - * bugfix #449: Deep free cloned rdf's in ldns_tsig_mac_new. - * bugfix #448: Copy nameserver value (in stead of reference) of the - answering nameserver to the answer packet in ldns_send_buffer, so - the original value may be deep freed with the ldns_resolver struct. - * New -0 option for ldns-read-zone to replace inception, expiration - and signature rdata fields with (null). Thanks Paul Wouters. - * New -p option for ldns-read-zone to prepend-pad SOA serial to take - up ten characters. - * Return error if printing RR fails due to unknown/null RDATA. - -1.6.13 2012-05-21 - * New -S option for ldns-verify-zone to chase signatures online. - * New -k option for ldns-verify-zone to validate using a trusted key. - * New inception and expiration margin options (-i and -e) to - ldns-verify-zone. - * New ldns_dnssec_zone_new_frm_fp and ldns_dnssec_zone_new_frm_fp_l - functions. - * New ldns_duration* functions (copied from OpenDNSSEC source) - * fix ldns-verify-zone to allow NSEC3 signatures to come before - the NSEC3 RR in all cases. Thanks Wolfgang Nagele. - * Zero the correct flag (opt-out) when creating NSEC3PARAMS. - Thanks Peter van Dijk. - * Canonicalize RRSIG's Signer's name too when validating, because - bind and unbound do that too. Thanks Peter van Dijk. - * bugfix #433: Allocate rdf using ldns_rdf_new in ldns_dname_label - * bugfix #432: Use LDNS_MALLOC & LDNS_FREE i.s.o. malloc & free - * bugfix #431: Added error message for LDNS_STATUS_INVALID_B32_EXT - * bugfix #427: Explicitely link ssl with the programs that use it. - * Fix reading \DDD: Error on values that are outside range (>255). - * bugfix #429: fix doxyparse.pl fails on NetBSD because specified - path to perl. - * New ECDSA support (RFC 6605), use --disable-ecdsa for older openssl. - * fix verifying denial of existence for DS's in NSEC3 Opt-Out zones. - Thanks John Barnitz - 1.6.12 2012-01-11 * bugfix #413: Fix manpage source for srcdir != builddir * Canonicalize the signers name rdata field in RRSIGs when signing diff --git a/usr.sbin/unbound/ldns/README b/usr.sbin/unbound/ldns/README index 6319c6f5255..70eb3dc0f89 100644 --- a/usr.sbin/unbound/ldns/README +++ b/usr.sbin/unbound/ldns/README @@ -22,8 +22,6 @@ compile on other systems like Solaris and Mac OS X. REQUIREMENTS - OpenSSL (Optional, but needed for features like DNSSEC) - - OpenSSL >= 0.9.7f for DANE support - - OpenSSL >= 1.0.0 for ECDSA and GOST support - libpcap (Optional, but needed for examples/ldns-dpa) - (GNU) libtool (in OSX, that's glibtool, not libtool) - GNU make @@ -31,17 +29,39 @@ REQUIREMENTS INSTALLATION 1. Unpack the tarball 2. cd ldns-<VERSION> -3. ./configure --with-examples --with-drill - (optionally compile python bindings too with: --with-pyldns) -4. make -5. make install +3. ./configure +4. gmake (it needs gnu make to compile, on systems where GNU make is the + default you can just use 'make') +5. sudo gmake install +6. Optional. (cd examples; ./configure; gmake), make example programs included. +7. Optional. (cd drill; ./configure; gmake; gmake install), to build drill. +You can configure and compile it in a separate build directory. -* Building from repository +* Examples +There are some examples and dns related tools in the examples/ directory. +These can be built with: +1. cd examples/ +2. ./configure [--with-ldns=<path to ldns installation or build>] +3. gmake + +* Drill +Drill can be built with: +1. cd drill/ +2. ./configure [--with-ldns=<path to ldns installation or build>] +3. gmake + +Note that you need to set LD_LIBRARY_PATH if you want to run the binaries +and you have not installed the library to a system directory. You can use +the make target all-static for the examples to run them if you don't want to +install the library. + + +* Building from subversion repository If you are building from the repository you will need to have (gnu) autotools like libtool and autoreconf installed. A list of all the commands -needed to build everything can be found in README.git. Note that the actual +needed to build everything can be found in README.svn. Note that the actual commands may be a little bit different on your machine. Most notable, you'll need to run libtoolize (or glibtoolize), if you skip this step, you'll get an error about missing config.sub. * Developers @@ -64,10 +84,6 @@ We have received patches from the following people, thanks! o Paul Wouters o Simon Vallet o Ondřej Surý - o Karel Slany - o Havard Eidnes - o Leo Baltus - o Dag-Erling Smørgrav INFORMATION FOR SPECIFIC OPERATING SYSTEMS diff --git a/usr.sbin/unbound/ldns/aclocal.m4 b/usr.sbin/unbound/ldns/aclocal.m4 index 55f3c925f96..6fe5ffd2a6a 100644 --- a/usr.sbin/unbound/ldns/aclocal.m4 +++ b/usr.sbin/unbound/ldns/aclocal.m4 @@ -1,8 +1,7 @@ -# generated automatically by aclocal 1.11.3 -*- Autoconf -*- +# generated automatically by aclocal 1.11.1 -*- Autoconf -*- # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, -# 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation, -# Inc. +# 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc. # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -15,8 +14,8 @@ # libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- # # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, -# 2006, 2007, 2008, 2009, 2010, 2011 Free Software -# Foundation, Inc. +# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, +# Inc. # Written by Gordon Matzigkeit, 1996 # # This file is free software; the Free Software Foundation gives @@ -25,8 +24,8 @@ m4_define([_LT_COPYING], [dnl # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, -# 2006, 2007, 2008, 2009, 2010, 2011 Free Software -# Foundation, Inc. +# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, +# Inc. # Written by Gordon Matzigkeit, 1996 # # This file is part of GNU Libtool. @@ -160,8 +159,6 @@ AC_REQUIRE([AC_CANONICAL_BUILD])dnl AC_REQUIRE([_LT_PREPARE_SED_QUOTE_VARS])dnl AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])dnl -_LT_DECL([], [PATH_SEPARATOR], [1], [The PATH separator for the build system])dnl -dnl _LT_DECL([], [host_alias], [0], [The host system])dnl _LT_DECL([], [host], [0])dnl _LT_DECL([], [host_os], [0])dnl @@ -647,7 +644,7 @@ m4_ifset([AC_PACKAGE_NAME], [AC_PACKAGE_NAME ])config.lt[]dnl m4_ifset([AC_PACKAGE_VERSION], [ AC_PACKAGE_VERSION]) configured by $[0], generated by m4_PACKAGE_STRING. -Copyright (C) 2011 Free Software Foundation, Inc. +Copyright (C) 2010 Free Software Foundation, Inc. This config.lt script is free software; the Free Software Foundation gives unlimited permision to copy, distribute and modify it." @@ -811,7 +808,6 @@ AC_DEFUN([LT_LANG], m4_case([$1], [C], [_LT_LANG(C)], [C++], [_LT_LANG(CXX)], - [Go], [_LT_LANG(GO)], [Java], [_LT_LANG(GCJ)], [Fortran 77], [_LT_LANG(F77)], [Fortran], [_LT_LANG(FC)], @@ -833,29 +829,6 @@ m4_defun([_LT_LANG], ])# _LT_LANG -m4_ifndef([AC_PROG_GO], [ -# NOTE: This macro has been submitted for inclusion into # -# GNU Autoconf as AC_PROG_GO. When it is available in # -# a released version of Autoconf we should remove this # -# macro and use it instead. # -m4_defun([AC_PROG_GO], -[AC_LANG_PUSH(Go)dnl -AC_ARG_VAR([GOC], [Go compiler command])dnl -AC_ARG_VAR([GOFLAGS], [Go compiler flags])dnl -_AC_ARG_VAR_LDFLAGS()dnl -AC_CHECK_TOOL(GOC, gccgo) -if test -z "$GOC"; then - if test -n "$ac_tool_prefix"; then - AC_CHECK_PROG(GOC, [${ac_tool_prefix}gccgo], [${ac_tool_prefix}gccgo]) - fi -fi -if test -z "$GOC"; then - AC_CHECK_PROG(GOC, gccgo, gccgo, false) -fi -])#m4_defun -])#m4_ifndef - - # _LT_LANG_DEFAULT_CONFIG # ----------------------- m4_defun([_LT_LANG_DEFAULT_CONFIG], @@ -886,10 +859,6 @@ AC_PROVIDE_IFELSE([AC_PROG_GCJ], m4_ifdef([LT_PROG_GCJ], [m4_define([LT_PROG_GCJ], defn([LT_PROG_GCJ])[LT_LANG(GCJ)])])])])]) -AC_PROVIDE_IFELSE([AC_PROG_GO], - [LT_LANG(GO)], - [m4_define([AC_PROG_GO], defn([AC_PROG_GO])[LT_LANG(GO)])]) - AC_PROVIDE_IFELSE([LT_PROG_RC], [LT_LANG(RC)], [m4_define([LT_PROG_RC], defn([LT_PROG_RC])[LT_LANG(RC)])]) @@ -992,13 +961,7 @@ m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[ $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ -dynamiclib -Wl,-single_module conftest.c 2>conftest.err _lt_result=$? - # If there is a non-empty error log, and "single_module" - # appears in it, assume the flag caused a linker warning - if test -s conftest.err && $GREP single_module conftest.err; then - cat conftest.err >&AS_MESSAGE_LOG_FD - # Otherwise, if the output was created with a 0 exit code from - # the compiler, it worked. - elif test -f libconftest.dylib && test $_lt_result -eq 0; then + if test -f libconftest.dylib && test ! -s conftest.err && test $_lt_result = 0; then lt_cv_apple_cc_single_mod=yes else cat conftest.err >&AS_MESSAGE_LOG_FD @@ -1006,7 +969,6 @@ m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[ rm -rf libconftest.dylib* rm -f conftest.* fi]) - AC_CACHE_CHECK([for -exported_symbols_list linker flag], [lt_cv_ld_exported_symbols_list], [lt_cv_ld_exported_symbols_list=no @@ -1018,7 +980,6 @@ m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[ [lt_cv_ld_exported_symbols_list=no]) LDFLAGS="$save_LDFLAGS" ]) - AC_CACHE_CHECK([for -force_load linker flag],[lt_cv_ld_force_load], [lt_cv_ld_force_load=no cat > conftest.c << _LT_EOF @@ -1036,9 +997,7 @@ _LT_EOF echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&AS_MESSAGE_LOG_FD $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err _lt_result=$? - if test -s conftest.err && $GREP force_load conftest.err; then - cat conftest.err >&AS_MESSAGE_LOG_FD - elif test -f conftest && test $_lt_result -eq 0 && $GREP forced_load conftest >/dev/null 2>&1 ; then + if test -f conftest && test ! -s conftest.err && test $_lt_result = 0 && $GREP forced_load conftest 2>&1 >/dev/null; then lt_cv_ld_force_load=yes else cat conftest.err >&AS_MESSAGE_LOG_FD @@ -1083,8 +1042,8 @@ _LT_EOF ]) -# _LT_DARWIN_LINKER_FEATURES([TAG]) -# --------------------------------- +# _LT_DARWIN_LINKER_FEATURES +# -------------------------- # Checks for linker and compiler features on darwin m4_defun([_LT_DARWIN_LINKER_FEATURES], [ @@ -1095,8 +1054,6 @@ m4_defun([_LT_DARWIN_LINKER_FEATURES], _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported if test "$lt_cv_ld_force_load" = "yes"; then _LT_TAGVAR(whole_archive_flag_spec, $1)='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`' - m4_case([$1], [F77], [_LT_TAGVAR(compiler_needs_object, $1)=yes], - [FC], [_LT_TAGVAR(compiler_needs_object, $1)=yes]) else _LT_TAGVAR(whole_archive_flag_spec, $1)='' fi @@ -1380,27 +1337,14 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) CFLAGS="$SAVE_CFLAGS" fi ;; -*-*solaris*) +sparc*-*solaris*) # Find out which ABI we are using. echo 'int i;' > conftest.$ac_ext if AC_TRY_EVAL(ac_compile); then case `/usr/bin/file conftest.o` in *64-bit*) case $lt_cv_prog_gnu_ld in - yes*) - case $host in - i?86-*-solaris*) - LD="${LD-ld} -m elf_x86_64" - ;; - sparc*-*-solaris*) - LD="${LD-ld} -m elf64_sparc" - ;; - esac - # GNU ld 2.21 introduced _sol2 emulations. Use them if available. - if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then - LD="${LD-ld}_sol2" - fi - ;; + yes*) LD="${LD-ld} -m elf64_sparc" ;; *) if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then LD="${LD-ld} -64" @@ -1477,13 +1421,13 @@ old_postuninstall_cmds= if test -n "$RANLIB"; then case $host_os in openbsd*) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib" + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib" ;; *) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib" + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib" ;; esac - old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib" + old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" fi case $host_os in @@ -1663,11 +1607,6 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl lt_cv_sys_max_cmd_len=196608 ;; - os2*) - # The test takes a long time on OS/2. - lt_cv_sys_max_cmd_len=8192 - ;; - osf*) # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not @@ -1707,7 +1646,7 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl # If test is not a shell built-in, we'll probably end up computing a # maximum length that is only half of the actual maximum length, but # we can't tell. - while { test "X"`env echo "$teststring$teststring" 2>/dev/null` \ + while { test "X"`func_fallback_echo "$teststring$teststring" 2>/dev/null` \ = "X$teststring$teststring"; } >/dev/null 2>&1 && test $i != 17 # 1/2 MB should be enough do @@ -2253,7 +2192,7 @@ need_version=unknown case $host_os in aix3*) - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' shlibpath_var=LIBPATH @@ -2262,7 +2201,7 @@ aix3*) ;; aix[[4-9]]*) - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux need_lib_prefix=no need_version=no hardcode_into_libs=yes @@ -2327,7 +2266,7 @@ beos*) ;; bsdi[[45]]*) - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' @@ -2466,7 +2405,7 @@ m4_if([$1], [],[ ;; dgux*) - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' @@ -2474,6 +2413,10 @@ dgux*) shlibpath_var=LD_LIBRARY_PATH ;; +freebsd1*) + dynamic_linker=no + ;; + freebsd* | dragonfly*) # DragonFly does not have aout. When/if they implement a new # versioning mechanism, adjust this. @@ -2481,7 +2424,7 @@ freebsd* | dragonfly*) objformat=`/usr/bin/objformat` else case $host_os in - freebsd[[23]].*) objformat=aout ;; + freebsd[[123]]*) objformat=aout ;; *) objformat=elf ;; esac fi @@ -2499,7 +2442,7 @@ freebsd* | dragonfly*) esac shlibpath_var=LD_LIBRARY_PATH case $host_os in - freebsd2.*) + freebsd2*) shlibpath_overrides_runpath=yes ;; freebsd3.[[01]]* | freebsdelf3.[[01]]*) @@ -2519,7 +2462,7 @@ freebsd* | dragonfly*) ;; gnu*) - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' @@ -2530,7 +2473,7 @@ gnu*) ;; haiku*) - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux need_lib_prefix=no need_version=no dynamic_linker="$host_os runtime_loader" @@ -2591,7 +2534,7 @@ hpux9* | hpux10* | hpux11*) ;; interix[[3-9]]*) - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' @@ -2607,7 +2550,7 @@ irix5* | irix6* | nonstopux*) nonstopux*) version_type=nonstopux ;; *) if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux else version_type=irix fi ;; @@ -2644,9 +2587,9 @@ linux*oldld* | linux*aout* | linux*coff*) dynamic_linker=no ;; -# This must be glibc/ELF. +# This must be Linux ELF. linux* | k*bsd*-gnu | kopensolaris*-gnu) - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -2721,7 +2664,7 @@ netbsd*) ;; newsos6) - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=yes @@ -2790,7 +2733,7 @@ rdos*) ;; solaris*) - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -2815,7 +2758,7 @@ sunos4*) ;; sysv4 | sysv4.3*) - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH @@ -2839,7 +2782,7 @@ sysv4 | sysv4.3*) sysv4*MP*) if test -d /usr/nec ;then - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' soname_spec='$libname${shared_ext}.$major' shlibpath_var=LD_LIBRARY_PATH @@ -2870,7 +2813,7 @@ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) tpf*) # TPF is a cross-target only. Preferred cross-host = GNU/Linux. - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -2880,7 +2823,7 @@ tpf*) ;; uts4*) - version_type=linux # correct to gnu/linux during the next big refactor + version_type=linux library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH @@ -3302,7 +3245,7 @@ irix5* | irix6* | nonstopux*) lt_cv_deplibs_check_method=pass_all ;; -# This must be glibc/ELF. +# This must be Linux ELF. linux* | k*bsd*-gnu | kopensolaris*-gnu) lt_cv_deplibs_check_method=pass_all ;; @@ -3722,7 +3665,6 @@ for ac_symprfx in "" "_"; do # which start with @ or ?. lt_cv_sys_global_symbol_pipe="$AWK ['"\ " {last_section=section; section=\$ 3};"\ -" /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\ " /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\ " \$ 0!~/External *\|/{next};"\ " / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\ @@ -4307,9 +4249,7 @@ m4_if([$1], [CXX], [ case $cc_basename in nvcc*) # Cuda Compiler Driver 2.2 _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Xlinker ' - if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then - _LT_TAGVAR(lt_prog_compiler_pic, $1)="-Xcompiler $_LT_TAGVAR(lt_prog_compiler_pic, $1)" - fi + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-Xcompiler -fPIC' ;; esac else @@ -4401,33 +4341,18 @@ m4_if([$1], [CXX], [ ;; *) case `$CC -V 2>&1 | sed 5q` in - *Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [[1-7]].* | *Sun*Fortran*\ 8.[[0-3]]*) + *Sun\ F* | *Sun*Fortran*) # Sun Fortran 8.3 passes all unrecognized flags to the linker _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' _LT_TAGVAR(lt_prog_compiler_wl, $1)='' ;; - *Sun\ F* | *Sun*Fortran*) - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' - ;; *Sun\ C*) # Sun C 5.9 _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' ;; - *Intel*\ [[CF]]*Compiler*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' - ;; - *Portland\ Group*) - _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' - _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' - ;; esac ;; esac @@ -4587,9 +4512,7 @@ m4_if([$1], [CXX], [ ;; cygwin* | mingw* | cegcc*) case $cc_basename in - cl*) - _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' - ;; + cl*) ;; *) _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols' _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'] @@ -4617,6 +4540,7 @@ m4_if([$1], [CXX], [ _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= + _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported @@ -4870,7 +4794,8 @@ _LT_EOF xlf* | bgf* | bgxlf* | mpixlf*) # IBM XL Fortran 10.1 on PPC cannot create shared libs itself _LT_TAGVAR(whole_archive_flag_spec, $1)='--whole-archive$convenience --no-whole-archive' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= + _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='-rpath $libdir' _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' if test "x$supports_anon_versioning" = xyes; then _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ @@ -5166,7 +5091,6 @@ _LT_EOF # The linker will not automatically build a static lib if we build a DLL. # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes - _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1,DATA/'\'' | $SED -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols' # Don't use ranlib _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib' @@ -5213,6 +5137,10 @@ _LT_EOF _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; + freebsd1*) + _LT_TAGVAR(ld_shlibs, $1)=no + ;; + # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor # support. Future versions do this automatically, but an explicit c++rt0.o # does not break anything, and helps significantly (at the cost of a little @@ -5225,7 +5153,7 @@ _LT_EOF ;; # Unfortunately, older versions of FreeBSD 2 do not have this feature. - freebsd2.*) + freebsd2*) _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_minus_L, $1)=yes @@ -5264,6 +5192,7 @@ _LT_EOF fi if test "$with_gnu_ld" = no; then _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' + _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_direct_absolute, $1)=yes @@ -5705,6 +5634,9 @@ _LT_TAGDECL([], [no_undefined_flag], [1], _LT_TAGDECL([], [hardcode_libdir_flag_spec], [1], [Flag to hardcode $libdir into a binary during linking. This must work even if $libdir does not exist]) +_LT_TAGDECL([], [hardcode_libdir_flag_spec_ld], [1], + [[If ld is used when linking, flag to hardcode $libdir into a binary + during linking. This must work even if $libdir does not exist]]) _LT_TAGDECL([], [hardcode_libdir_separator], [1], [Whether we need a single "-rpath" flag with a separated argument]) _LT_TAGDECL([], [hardcode_direct], [0], @@ -5858,6 +5790,7 @@ _LT_TAGVAR(export_dynamic_flag_spec, $1)= _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= +_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported @@ -6227,7 +6160,7 @@ if test "$_lt_caught_CXX_error" != yes; then esac ;; - freebsd2.*) + freebsd[[12]]*) # C++ shared libraries reported to be fairly broken before # switch to ELF _LT_TAGVAR(ld_shlibs, $1)=no @@ -6988,18 +6921,12 @@ public class foo { } }; _LT_EOF -], [$1], [GO], [cat > conftest.$ac_ext <<_LT_EOF -package foo -func foo() { -} -_LT_EOF ]) _lt_libdeps_save_CFLAGS=$CFLAGS case "$CC $CFLAGS " in #( *\ -flto*\ *) CFLAGS="$CFLAGS -fno-lto" ;; *\ -fwhopr*\ *) CFLAGS="$CFLAGS -fno-whopr" ;; -*\ -fuse-linker-plugin*\ *) CFLAGS="$CFLAGS -fno-use-linker-plugin" ;; esac dnl Parse the compiler output and extract the necessary @@ -7196,6 +7123,7 @@ _LT_TAGVAR(export_dynamic_flag_spec, $1)= _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= +_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_automatic, $1)=no @@ -7328,6 +7256,7 @@ _LT_TAGVAR(export_dynamic_flag_spec, $1)= _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= +_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_automatic, $1)=no @@ -7510,73 +7439,6 @@ CFLAGS=$lt_save_CFLAGS ])# _LT_LANG_GCJ_CONFIG -# _LT_LANG_GO_CONFIG([TAG]) -# -------------------------- -# Ensure that the configuration variables for the GNU Go compiler -# are suitably defined. These variables are subsequently used by _LT_CONFIG -# to write the compiler configuration to `libtool'. -m4_defun([_LT_LANG_GO_CONFIG], -[AC_REQUIRE([LT_PROG_GO])dnl -AC_LANG_SAVE - -# Source file extension for Go test sources. -ac_ext=go - -# Object file extension for compiled Go test sources. -objext=o -_LT_TAGVAR(objext, $1)=$objext - -# Code to be used in simple compile tests -lt_simple_compile_test_code="package main; func main() { }" - -# Code to be used in simple link tests -lt_simple_link_test_code='package main; func main() { }' - -# ltmain only uses $CC for tagged configurations so make sure $CC is set. -_LT_TAG_COMPILER - -# save warnings/boilerplate of simple test code -_LT_COMPILER_BOILERPLATE -_LT_LINKER_BOILERPLATE - -# Allow CC to be a program name with arguments. -lt_save_CC=$CC -lt_save_CFLAGS=$CFLAGS -lt_save_GCC=$GCC -GCC=yes -CC=${GOC-"gccgo"} -CFLAGS=$GOFLAGS -compiler=$CC -_LT_TAGVAR(compiler, $1)=$CC -_LT_TAGVAR(LD, $1)="$LD" -_LT_CC_BASENAME([$compiler]) - -# Go did not exist at the time GCC didn't implicitly link libc in. -_LT_TAGVAR(archive_cmds_need_lc, $1)=no - -_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds -_LT_TAGVAR(reload_flag, $1)=$reload_flag -_LT_TAGVAR(reload_cmds, $1)=$reload_cmds - -if test -n "$compiler"; then - _LT_COMPILER_NO_RTTI($1) - _LT_COMPILER_PIC($1) - _LT_COMPILER_C_O($1) - _LT_COMPILER_FILE_LOCKS($1) - _LT_LINKER_SHLIBS($1) - _LT_LINKER_HARDCODE_LIBPATH($1) - - _LT_CONFIG($1) -fi - -AC_LANG_RESTORE - -GCC=$lt_save_GCC -CC=$lt_save_CC -CFLAGS=$lt_save_CFLAGS -])# _LT_LANG_GO_CONFIG - - # _LT_LANG_RC_CONFIG([TAG]) # ------------------------- # Ensure that the configuration variables for the Windows resource compiler @@ -7646,13 +7508,6 @@ dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([LT_AC_PROG_GCJ], []) -# LT_PROG_GO -# ---------- -AC_DEFUN([LT_PROG_GO], -[AC_CHECK_TOOL(GOC, gccgo,) -]) - - # LT_PROG_RC # ---------- AC_DEFUN([LT_PROG_RC], @@ -8317,24 +8172,9 @@ dnl AC_DEFUN([AM_DISABLE_FAST_INSTALL], []) # MODE is either `yes' or `no'. If omitted, it defaults to `both'. m4_define([_LT_WITH_PIC], [AC_ARG_WITH([pic], - [AS_HELP_STRING([--with-pic@<:@=PKGS@:>@], + [AS_HELP_STRING([--with-pic], [try to use only PIC/non-PIC objects @<:@default=use both@:>@])], - [lt_p=${PACKAGE-default} - case $withval in - yes|no) pic_mode=$withval ;; - *) - pic_mode=default - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for lt_pkg in $withval; do - IFS="$lt_save_ifs" - if test "X$lt_pkg" = "X$lt_p"; then - pic_mode=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac], + [pic_mode="$withval"], [pic_mode=default]) test -z "$pic_mode" && pic_mode=m4_default([$1], [default]) @@ -8506,15 +8346,15 @@ m4_define([lt_dict_filter], # @configure_input@ -# serial 3337 ltversion.m4 +# serial 3293 ltversion.m4 # This file is part of GNU Libtool -m4_define([LT_PACKAGE_VERSION], [2.4.2]) -m4_define([LT_PACKAGE_REVISION], [1.3337]) +m4_define([LT_PACKAGE_VERSION], [2.4]) +m4_define([LT_PACKAGE_REVISION], [1.3293]) AC_DEFUN([LTVERSION_VERSION], -[macro_version='2.4.2' -macro_revision='1.3337' +[macro_version='2.4' +macro_revision='1.3293' _LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?]) _LT_DECL(, macro_revision, 0) ]) diff --git a/usr.sbin/unbound/ldns/acx_nlnetlabs.m4 b/usr.sbin/unbound/ldns/acx_nlnetlabs.m4 index a4047332ff2..279b20fc29d 100644 --- a/usr.sbin/unbound/ldns/acx_nlnetlabs.m4 +++ b/usr.sbin/unbound/ldns/acx_nlnetlabs.m4 @@ -2,14 +2,7 @@ # Copyright 2009, Wouter Wijngaards, NLnet Labs. # BSD licensed. # -# Version 26 -# 2013-09-19 FLTO help text improved. -# 2013-07-18 Enable ACX_CHECK_COMPILER_FLAG to test for -Wstrict-prototypes -# 2013-06-25 FLTO has --disable-flto option. -# 2013-05-03 Update W32_SLEEP for newer mingw that links but not defines it. -# 2013-03-22 Fix ACX_RSRC_VERSION for long version numbers. -# 2012-02-09 Fix AHX_MEMCMP_BROKEN with undef in compat/memcmp.h. -# 2012-01-20 Fix COMPILER_FLAGS_UNBOUND for gcc 4.6.2 assigned-not-used-warns. +# Version 19 # 2011-12-05 Fix getaddrinfowithincludes on windows with fedora16 mingw32-gcc. # Fix ACX_MALLOC for redefined malloc error. # Fix GETADDRINFO_WITH_INCLUDES to add -lws2_32 @@ -22,7 +15,7 @@ # 2010-07-02 Add check for ss_family (for minix). # 2010-04-26 Fix to use CPPFLAGS for CHECK_COMPILER_FLAGS. # 2010-03-01 Fix RPATH using CONFIG_COMMANDS to run at the very end. -# 2010-02-18 WITH_SSL outputs the LIBSSL_LDFLAGS, LIBS, CPPFLAGS separate, -ldl +# 2010-02-18 WITH_SSL outputs the LIBSSL_LDFLAGS, LIBS, CPPFLAGS seperate, -ldl # 2010-02-01 added ACX_CHECK_MEMCMP_SIGNED, AHX_MEMCMP_BROKEN # 2010-01-20 added AHX_COONFIG_STRLCAT # 2009-07-14 U_CHAR detection improved for windows crosscompile. @@ -106,7 +99,7 @@ dnl Calculate comma separated windows-resource numbers from package version. dnl Picks the first three(,0) or four numbers out of the name. dnl $1: variable for the result AC_DEFUN([ACX_RSRC_VERSION], -[$1=[`echo $PACKAGE_VERSION | sed -e 's/^[^0-9]*\([0-9][0-9]*\)[^0-9][^0-9]*\([0-9][0-9]*\)[^0-9][^0-9]*\([0-9][0-9]*\)[^0-9][^0-9]*\([0-9][0-9]*\).*$/\1,\2,\3,\4/' -e 's/^[^0-9]*\([0-9][0-9]*\)[^0-9][^0-9]*\([0-9][0-9]*\)[^0-9][^0-9]*\([0-9][0-9]*\)[^0-9]*$/\1,\2,\3,0/' `] +[$1=[`echo $PACKAGE_VERSION | sed -e 's/^[^0-9]*\([0-9]\)[^0-9]*\([0-9]\)[^0-9]*\([0-9]\)[^0-9]*\([0-9]\).*$/\1,\2,\3,\4/' -e 's/^[^0-9]*\([0-9]\)[^0-9]*\([0-9]\)[^0-9]*\([0-9]\)[^0-9]*$/\1,\2,\3,0/' `] ]) dnl Routine to help check for compiler flags. @@ -121,7 +114,7 @@ AC_MSG_CHECKING(whether $CC supports -$1) cache=`echo $1 | sed 'y%.=/+-%___p_%'` AC_CACHE_VAL(cv_prog_cc_flag_$cache, [ -echo 'void f(void){}' >conftest.c +echo 'void f(){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -$1 -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -266,8 +259,6 @@ int test() { a = getopt(2, opts, "a"); a = isascii(32); str = gai_strerror(0); - if(str && t && tv.tv_usec && msg.msg_control) - a = 0; return a; } ], [CFLAGS="$CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 -D_XOPEN_SOURCE_EXTENDED=1 -D_ALL_SOURCE"]) @@ -303,8 +294,6 @@ int test() { a = getopt(2, opts, "a"); a = isascii(32); str = gai_strerror(0); - if(str && t && tv.tv_usec && msg.msg_control) - a = 0; return a; } ], [CFLAGS="$CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 -D_ALL_SOURCE"]) @@ -371,8 +360,6 @@ int test() { const char* str = NULL; t = ctime_r(&time, buf); str = gai_strerror(0); - if(t && str) - a = 0; return a; } ], [CFLAGS="$CFLAGS -D_POSIX_C_SOURCE=200112"]) @@ -399,8 +386,6 @@ int test() { srandom(32); a = getopt(2, opts, "a"); a = isascii(32); - if(tv.tv_usec) - a = 0; return a; } ], [CFLAGS="$CFLAGS -D__EXTENSIONS__"]) @@ -410,22 +395,19 @@ int test() { dnl Check if CC supports -flto. dnl in a way that supports clang and suncc (that flag does something else, dnl but fails to link). It sets it in CFLAGS if it works. -AC_DEFUN([ACX_CHECK_FLTO], [ - AC_ARG_ENABLE([flto], AS_HELP_STRING([--disable-flto], [Disable link-time optimization (gcc specific option)])) - AS_IF([test "x$enable_flto" != "xno"], [ - AC_MSG_CHECKING([if $CC supports -flto]) - BAKCFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -flto" - AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], [ - if $CC $CFLAGS -o conftest conftest.c 2>&1 | grep "warning: no debug symbols in executable" >/dev/null; then - CFLAGS="$BAKCFLAGS" - AC_MSG_RESULT(no) - else - AC_MSG_RESULT(yes) - fi - rm -f conftest conftest.c conftest.o - ], [CFLAGS="$BAKCFLAGS" ; AC_MSG_RESULT(no)]) - ]) +AC_DEFUN([ACX_CHECK_FLTO], +[AC_MSG_CHECKING([if $CC supports -flto]) +BAKCFLAGS="$CFLAGS" +CFLAGS="$CFLAGS -flto" +AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], [ + if $CC $CFLAGS -o conftest conftest.c 2>&1 | grep "warning: no debug symbols in executable" >/dev/null; then + CFLAGS="$BAKCFLAGS" + AC_MSG_RESULT(no) + else + AC_MSG_RESULT(yes) + fi + rm -f conftest conftest.c conftest.o +], [CFLAGS="$BAKCFLAGS" ; AC_MSG_RESULT(no)]) ]) dnl Check the printf-format attribute (if any) @@ -1216,7 +1198,7 @@ struct tm *gmtime_r(const time_t *timep, struct tm *result); dnl provide w32 compat definition for sleep AC_DEFUN([AHX_CONFIG_W32_SLEEP], [ -#if !defined(HAVE_SLEEP) || defined(HAVE_WINDOWS_H) +#ifndef HAVE_SLEEP #define sleep(x) Sleep((x)*1000) /* on win32 */ #endif /* HAVE_SLEEP */ ]) @@ -1335,7 +1317,9 @@ int main(void) dnl define memcmp to its replacement, pass unique id for program as arg AC_DEFUN([AHX_MEMCMP_BROKEN], [ #ifdef MEMCMP_IS_BROKEN -#include "compat/memcmp.h" +# ifdef memcmp +# undef memcmp +# endif #define memcmp memcmp_$1 int memcmp(const void *x, const void *y, size_t n); #endif diff --git a/usr.sbin/unbound/ldns/ax_python_devel.m4 b/usr.sbin/unbound/ldns/ax_python_devel.m4 index 87e7c8c253b..c71735e6bb3 100644 --- a/usr.sbin/unbound/ldns/ax_python_devel.m4 +++ b/usr.sbin/unbound/ldns/ax_python_devel.m4 @@ -34,12 +34,11 @@ # LICENSE # # Copyright (c) 2009 Sebastian Huber <sebastian-huber@web.de> -# Copyright (c) 2009 Alan W. Irwin +# Copyright (c) 2009 Alan W. Irwin <irwin@beluga.phys.uvic.ca> # Copyright (c) 2009 Rafael Laboissiere <rafael@laboissiere.net> -# Copyright (c) 2009 Andrew Collier +# Copyright (c) 2009 Andrew Collier <colliera@ukzn.ac.za> # Copyright (c) 2009 Matteo Settenvini <matteo@member.fsf.org> # Copyright (c) 2009 Horst Knorr <hk_classes@knoda.org> -# Copyright (c) 2013 Daniel Mullner <muellner@math.stanford.edu> # # This program is free software: you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the @@ -67,7 +66,7 @@ # modified version of the Autoconf Macro, you may extend this special # exception to the GPL to apply to your modified version as well. -#serial 16 +#serial 8 AU_ALIAS([AC_PYTHON_DEVEL], [AX_PYTHON_DEVEL]) AC_DEFUN([AX_PYTHON_DEVEL],[ @@ -154,14 +153,8 @@ $ac_distutils_result]) if test -z "$PYTHON_CPPFLAGS"; then python_path=`$PYTHON -c "import distutils.sysconfig; \ print (distutils.sysconfig.get_python_inc ());"` - plat_python_path=`$PYTHON -c "import distutils.sysconfig; \ - print (distutils.sysconfig.get_python_inc (plat_specific=1));"` if test -n "${python_path}"; then - if test "${plat_python_path}" != "${python_path}"; then - python_path="-I$python_path -I$plat_python_path" - else - python_path="-I$python_path" - fi + python_path="-I$python_path" fi PYTHON_CPPFLAGS=$python_path fi @@ -180,9 +173,11 @@ $ac_distutils_result]) # join all versioning strings, on some systems # major/minor numbers could be in different list elements from distutils.sysconfig import * -e = get_config_var('VERSION') -if e is not None: - print(e) +ret = '' +for e in get_config_vars ('VERSION'): + if (e != None): + ret += e +print (ret) EOD` if test -z "$ac_python_version"; then @@ -203,27 +198,33 @@ EOD` # There should be only one import distutils.sysconfig -e = distutils.sysconfig.get_config_var('LIBDIR') -if e is not None: - print (e) +for e in distutils.sysconfig.get_config_vars ('LIBDIR'): + if e != None: + print (e) + break EOD` + # Before checking for libpythonX.Y, we need to know + # the extension the OS we're on uses for libraries + # (we take the first one, if there's more than one fix me!): + ac_python_soext=`$PYTHON -c \ + "import distutils.sysconfig; \ + print (distutils.sysconfig.get_config_vars('SO')[[0]])"` + # Now, for the library: - ac_python_library=`cat<<EOD | $PYTHON - + ac_python_soname=`$PYTHON -c \ + "import distutils.sysconfig; \ + print (distutils.sysconfig.get_config_vars('LDLIBRARY')[[0]])"` -import distutils.sysconfig -c = distutils.sysconfig.get_config_vars() -if 'LDVERSION' in c: - print ('python'+c[['LDVERSION']]) -else: - print ('python'+c[['VERSION']]) -EOD` + # Strip away extension from the end to canonicalize its name: + ac_python_library=`echo "$ac_python_soname" | sed "s/${ac_python_soext}$//"` # This small piece shamelessly adapted from PostgreSQL python macro; # credits goes to momjian, I think. I'd like to put the right name # in the credits, if someone can point me in the right direction... ? # - if test -n "$ac_python_libdir" -a -n "$ac_python_library" + if test -n "$ac_python_libdir" -a -n "$ac_python_library" \ + -a x"$ac_python_library" != x"$ac_python_soname" then # use the official shared library ac_python_library=`echo "$ac_python_library" | sed "s/^lib//"` @@ -265,7 +266,7 @@ EOD` if test -z "$PYTHON_EXTRA_LIBS"; then PYTHON_EXTRA_LIBS=`$PYTHON -c "import distutils.sysconfig; \ conf = distutils.sysconfig.get_config_var; \ - print (conf('LIBS'))"` + print (conf('LOCALMODLIBS') + ' ' + conf('LIBS'))"` fi AC_MSG_RESULT([$PYTHON_EXTRA_LIBS]) AC_SUBST(PYTHON_EXTRA_LIBS) diff --git a/usr.sbin/unbound/ldns/buffer.c b/usr.sbin/unbound/ldns/buffer.c index fc6c17e7a9f..5a6b0ba74c8 100644 --- a/usr.sbin/unbound/ldns/buffer.c +++ b/usr.sbin/unbound/ldns/buffer.c @@ -140,8 +140,7 @@ ldns_buffer_free(ldns_buffer *buffer) return; } - if (!buffer->_fixed) - LDNS_FREE(buffer->_data); + LDNS_FREE(buffer->_data); LDNS_FREE(buffer); } diff --git a/usr.sbin/unbound/ldns/compat/b64_ntop.c b/usr.sbin/unbound/ldns/compat/b64_ntop.c index 6895acafd37..d0b52b514bd 100644 --- a/usr.sbin/unbound/ldns/compat/b64_ntop.c +++ b/usr.sbin/unbound/ldns/compat/b64_ntop.c @@ -40,10 +40,27 @@ * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. */ #include <ldns/config.h> + +#include <sys/types.h> +#include <sys/param.h> +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif + +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif + #include <ctype.h> +#include <stdio.h> #include <stdlib.h> #include <string.h> +#define Assert(Cond) if (!(Cond)) abort() + static const char Base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; static const char Pad64 = '='; @@ -137,10 +154,10 @@ ldns_b64_ntop(uint8_t const *src, size_t srclength, char *target, size_t targsiz output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4); output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6); output[3] = input[2] & 0x3f; - assert(output[0] < 64); - assert(output[1] < 64); - assert(output[2] < 64); - assert(output[3] < 64); + Assert(output[0] < 64); + Assert(output[1] < 64); + Assert(output[2] < 64); + Assert(output[3] < 64); if (datalength + 4 > targsize) { return (-1); @@ -161,9 +178,9 @@ ldns_b64_ntop(uint8_t const *src, size_t srclength, char *target, size_t targsiz output[0] = input[0] >> 2; output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4); output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6); - assert(output[0] < 64); - assert(output[1] < 64); - assert(output[2] < 64); + Assert(output[0] < 64); + Assert(output[1] < 64); + Assert(output[2] < 64); if (datalength + 4 > targsize) { return (-2); diff --git a/usr.sbin/unbound/ldns/compat/b64_pton.c b/usr.sbin/unbound/ldns/compat/b64_pton.c index abe32819e92..aa637d22754 100644 --- a/usr.sbin/unbound/ldns/compat/b64_pton.c +++ b/usr.sbin/unbound/ldns/compat/b64_pton.c @@ -40,10 +40,27 @@ * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES. */ #include <ldns/config.h> + +#include <sys/types.h> +#include <sys/param.h> +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif + +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif + #include <ctype.h> +#include <stdio.h> #include <stdlib.h> #include <string.h> +#define Assert(Cond) if (!(Cond)) abort() + static const char Base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; static const char Pad64 = '='; diff --git a/usr.sbin/unbound/ldns/compat/snprintf.c b/usr.sbin/unbound/ldns/compat/snprintf.c index d869ba5e7d0..b7445111cb3 100644 --- a/usr.sbin/unbound/ldns/compat/snprintf.c +++ b/usr.sbin/unbound/ldns/compat/snprintf.c @@ -1,1036 +1,770 @@ -/* snprintf - compatibility implementation of snprintf, vsnprintf - * - * Copyright (c) 2013, NLnet Labs. All rights reserved. - * - * This software is open source. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - * Neither the name of the NLNET LABS nor the names of its contributors may - * be used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED - * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - #include <ldns/config.h> -#include <stdio.h> -#include <ctype.h> -#include <string.h> -#include <stdarg.h> -#include <stdlib.h> -#include <errno.h> -#ifdef HAVE_STDINT_H -#include <stdint.h> -#endif - -/* for test */ -/* #define SNPRINTF_TEST 1 */ -#ifdef SNPRINTF_TEST -#define snprintf my_snprintf -#define vsnprintf my_vsnprintf -#endif /* SNPRINTF_TEST */ - -int snprintf(char* str, size_t size, const char* format, ...); -int vsnprintf(char* str, size_t size, const char* format, va_list arg); - -/** - * Very portable snprintf implementation, limited in functionality, - * esp. for %[capital] %[nonportable] and so on. Reduced float functionality, - * mostly in formatting and range (e+-16), for %f and %g. - * - * %s, %d, %u, %i, %x, %c, %n and %% are fully supported. - * This includes width, precision, flags 0- +, and *(arg for wid,prec). - * %f, %g, %m, %p have reduced support, support for wid,prec,flags,*, but - * less floating point range, no %e formatting for %g. - */ -int snprintf(char* str, size_t size, const char* format, ...) -{ - int r; - va_list args; - va_start(args, format); - r = vsnprintf(str, size, format, args); - va_end(args); - return r; -} - -/** add padding to string */ -static void -print_pad(char** at, size_t* left, int* ret, char p, int num) -{ - while(num--) { - if(*left > 1) { - *(*at)++ = p; - (*left)--; - } - (*ret)++; - } -} - -/** get negative symbol, 0 if none */ -static char -get_negsign(int negative, int plus, int space) -{ - if(negative) - return '-'; - if(plus) - return '+'; - if(space) - return ' '; - return 0; -} - -#define PRINT_DEC_BUFSZ 32 /* 20 is enough for 64 bit decimals */ -/** print decimal into buffer, returns length */ -static int -print_dec(char* buf, int max, unsigned int value) -{ - int i = 0; - if(value == 0) { - if(max > 0) { - buf[0] = '0'; - i = 1; - } - } else while(value && i < max) { - buf[i++] = '0' + value % 10; - value /= 10; - } - return i; -} - -/** print long decimal into buffer, returns length */ -static int -print_dec_l(char* buf, int max, unsigned long value) -{ - int i = 0; - if(value == 0) { - if(max > 0) { - buf[0] = '0'; - i = 1; - } - } else while(value && i < max) { - buf[i++] = '0' + value % 10; - value /= 10; - } - return i; -} - -/** print long decimal into buffer, returns length */ -static int -print_dec_ll(char* buf, int max, unsigned long long value) -{ - int i = 0; - if(value == 0) { - if(max > 0) { - buf[0] = '0'; - i = 1; - } - } else while(value && i < max) { - buf[i++] = '0' + value % 10; - value /= 10; - } - return i; -} - -/** print hex into buffer, returns length */ -static int -print_hex(char* buf, int max, unsigned int value) -{ - const char* h = "0123456789abcdef"; - int i = 0; - if(value == 0) { - if(max > 0) { - buf[0] = '0'; - i = 1; - } - } else while(value && i < max) { - buf[i++] = h[value & 0x0f]; - value >>= 4; - } - return i; -} - -/** print long hex into buffer, returns length */ -static int -print_hex_l(char* buf, int max, unsigned long value) -{ - const char* h = "0123456789abcdef"; - int i = 0; - if(value == 0) { - if(max > 0) { - buf[0] = '0'; - i = 1; - } - } else while(value && i < max) { - buf[i++] = h[value & 0x0f]; - value >>= 4; - } - return i; -} - -/** print long long hex into buffer, returns length */ -static int -print_hex_ll(char* buf, int max, unsigned long long value) -{ - const char* h = "0123456789abcdef"; - int i = 0; - if(value == 0) { - if(max > 0) { - buf[0] = '0'; - i = 1; - } - } else while(value && i < max) { - buf[i++] = h[value & 0x0f]; - value >>= 4; - } - return i; -} - -/** copy string into result, reversed */ -static void -spool_str_rev(char** at, size_t* left, int* ret, const char* buf, int len) -{ - int i = len; - while(i) { - if(*left > 1) { - *(*at)++ = buf[--i]; - (*left)--; - } else --i; - (*ret)++; - } -} - -/** copy string into result */ -static void -spool_str(char** at, size_t* left, int* ret, const char* buf, int len) -{ - int i; - for(i=0; i<len; i++) { - if(*left > 1) { - *(*at)++ = buf[i]; - (*left)--; - } - (*ret)++; - } -} - -/** print number formatted */ -static void -print_num(char** at, size_t* left, int* ret, int minw, int precision, - int prgiven, int zeropad, int minus, int plus, int space, - int zero, int negative, char* buf, int len) -{ - int w = len; /* excludes minus sign */ - char s = get_negsign(negative, plus, space); - if(minus) { - /* left adjust the number into the field, space padding */ - /* calc numw = [sign][zeroes][number] */ - int numw = w; - if(precision == 0 && zero) numw = 0; - if(numw < precision) numw = precision; - if(s) numw++; - - /* sign */ - if(s) print_pad(at, left, ret, s, 1); - - /* number */ - if(precision == 0 && zero) { - /* "" for the number */ - } else { - if(w < precision) - print_pad(at, left, ret, '0', precision - w); - spool_str_rev(at, left, ret, buf, len); - } - /* spaces */ - if(numw < minw) - print_pad(at, left, ret, ' ', minw - numw); - } else { - /* pad on the left of the number */ - /* calculate numw has width of [sign][zeroes][number] */ - int numw = w; - if(precision == 0 && zero) numw = 0; - if(numw < precision) numw = precision; - if(!prgiven && zeropad && numw < minw) numw = minw; - else if(s) numw++; - - /* pad with spaces */ - if(numw < minw) - print_pad(at, left, ret, ' ', minw - numw); - /* print sign (and one less zeropad if so) */ - if(s) { - print_pad(at, left, ret, s, 1); - numw--; - } - /* pad with zeroes */ - if(w < numw) - print_pad(at, left, ret, '0', numw - w); - if(precision == 0 && zero) - return; - /* print the characters for the value */ - spool_str_rev(at, left, ret, buf, len); - } -} - -/** print %d and %i */ -static void -print_num_d(char** at, size_t* left, int* ret, int value, - int minw, int precision, int prgiven, int zeropad, int minus, - int plus, int space) -{ - char buf[PRINT_DEC_BUFSZ]; - int negative = (value < 0); - int zero = (value == 0); - int len = print_dec(buf, (int)sizeof(buf), - (unsigned int)(negative?-value:value)); - print_num(at, left, ret, minw, precision, prgiven, zeropad, minus, - plus, space, zero, negative, buf, len); -} - -/** print %ld and %li */ -static void -print_num_ld(char** at, size_t* left, int* ret, long value, - int minw, int precision, int prgiven, int zeropad, int minus, - int plus, int space) -{ - char buf[PRINT_DEC_BUFSZ]; - int negative = (value < 0); - int zero = (value == 0); - int len = print_dec_l(buf, (int)sizeof(buf), - (unsigned long)(negative?-value:value)); - print_num(at, left, ret, minw, precision, prgiven, zeropad, minus, - plus, space, zero, negative, buf, len); -} -/** print %lld and %lli */ -static void -print_num_lld(char** at, size_t* left, int* ret, long long value, - int minw, int precision, int prgiven, int zeropad, int minus, - int plus, int space) -{ - char buf[PRINT_DEC_BUFSZ]; - int negative = (value < 0); - int zero = (value == 0); - int len = print_dec_ll(buf, (int)sizeof(buf), - (unsigned long long)(negative?-value:value)); - print_num(at, left, ret, minw, precision, prgiven, zeropad, minus, - plus, space, zero, negative, buf, len); -} +#ifndef HAVE_SNPRINTF -/** print %u */ -static void -print_num_u(char** at, size_t* left, int* ret, unsigned int value, - int minw, int precision, int prgiven, int zeropad, int minus, - int plus, int space) -{ - char buf[PRINT_DEC_BUFSZ]; - int negative = 0; - int zero = (value == 0); - int len = print_dec(buf, (int)sizeof(buf), value); - print_num(at, left, ret, minw, precision, prgiven, zeropad, minus, - plus, space, zero, negative, buf, len); -} +#include <ctype.h> +#include <sys/types.h> -/** print %lu */ -static void -print_num_lu(char** at, size_t* left, int* ret, unsigned long value, - int minw, int precision, int prgiven, int zeropad, int minus, - int plus, int space) -{ - char buf[PRINT_DEC_BUFSZ]; - int negative = 0; - int zero = (value == 0); - int len = print_dec_l(buf, (int)sizeof(buf), value); - print_num(at, left, ret, minw, precision, prgiven, zeropad, minus, - plus, space, zero, negative, buf, len); -} +/* Define this as a fall through, HAVE_STDARG_H is probably already set */ -/** print %llu */ -static void -print_num_llu(char** at, size_t* left, int* ret, unsigned long long value, - int minw, int precision, int prgiven, int zeropad, int minus, - int plus, int space) -{ - char buf[PRINT_DEC_BUFSZ]; - int negative = 0; - int zero = (value == 0); - int len = print_dec_ll(buf, (int)sizeof(buf), value); - print_num(at, left, ret, minw, precision, prgiven, zeropad, minus, - plus, space, zero, negative, buf, len); -} +#define HAVE_VARARGS_H -/** print %x */ -static void -print_num_x(char** at, size_t* left, int* ret, unsigned int value, - int minw, int precision, int prgiven, int zeropad, int minus, - int plus, int space) -{ - char buf[PRINT_DEC_BUFSZ]; - int negative = 0; - int zero = (value == 0); - int len = print_hex(buf, (int)sizeof(buf), value); - print_num(at, left, ret, minw, precision, prgiven, zeropad, minus, - plus, space, zero, negative, buf, len); -} +/************************************************************** + * Original: + * Patrick Powell Tue Apr 11 09:48:21 PDT 1995 + * A bombproof version of doprnt (dopr) included. + * Sigh. This sort of thing is always nasty do deal with. Note that + * the version here does not include floating point... + * + * snprintf() is used instead of sprintf() as it does limit checks + * for string length. This covers a nasty loophole. + * + * The other functions are there to prevent NULL pointers from + * causing nast effects. + * + * More Recently: + * Brandon Long (blong@fiction.net) 9/15/96 for mutt 0.43 + * This was ugly. It is still ugly. I opted out of floating point + * numbers, but the formatter understands just about everything + * from the normal C string format, at least as far as I can tell from + * the Solaris 2.5 printf(3S) man page. + * + * Brandon Long (blong@fiction.net) 10/22/97 for mutt 0.87.1 + * Ok, added some minimal floating point support, which means this + * probably requires libm on most operating systems. Don't yet + * support the exponent (e,E) and sigfig (g,G). Also, fmtint() + * was pretty badly broken, it just wasn't being exercised in ways + * which showed it, so that's been fixed. Also, formated the code + * to mutt conventions, and removed dead code left over from the + * original. Also, there is now a builtin-test, just compile with: + * gcc -DTEST_SNPRINTF -o snprintf snprintf.c -lm + * and run snprintf for results. + * + **************************************************************/ -/** print %lx */ -static void -print_num_lx(char** at, size_t* left, int* ret, unsigned long value, - int minw, int precision, int prgiven, int zeropad, int minus, - int plus, int space) -{ - char buf[PRINT_DEC_BUFSZ]; - int negative = 0; - int zero = (value == 0); - int len = print_hex_l(buf, (int)sizeof(buf), value); - print_num(at, left, ret, minw, precision, prgiven, zeropad, minus, - plus, space, zero, negative, buf, len); -} -/** print %llx */ -static void -print_num_llx(char** at, size_t* left, int* ret, unsigned long long value, - int minw, int precision, int prgiven, int zeropad, int minus, - int plus, int space) -{ - char buf[PRINT_DEC_BUFSZ]; - int negative = 0; - int zero = (value == 0); - int len = print_hex_ll(buf, (int)sizeof(buf), value); - print_num(at, left, ret, minw, precision, prgiven, zeropad, minus, - plus, space, zero, negative, buf, len); -} +/* varargs declarations: */ -/** print %llp */ -static void -print_num_llp(char** at, size_t* left, int* ret, void* value, - int minw, int precision, int prgiven, int zeropad, int minus, - int plus, int space) -{ - char buf[PRINT_DEC_BUFSZ]; - int negative = 0; - int zero = (value == 0); -#if defined(UINTPTR_MAX) && defined(UINT32_MAX) && (UINTPTR_MAX == UINT32_MAX) - /* avoid warning about upcast on 32bit systems */ - unsigned long long llvalue = (unsigned long)value; +#if defined(HAVE_STDARG_H) +# include <stdarg.h> +# define HAVE_STDARGS /* let's hope that works everywhere (mj) */ +# define VA_LOCAL_DECL va_list ap +# define VA_START(f) va_start(ap, f) +# define VA_SHIFT(v,t) ; /* no-op for ANSI */ +# define VA_END va_end(ap) #else - unsigned long long llvalue = (unsigned long long)value; +# if defined(HAVE_VARARGS_H) +# include <varargs.h> +# undef HAVE_STDARGS +# define VA_LOCAL_DECL va_list ap +# define VA_START(f) va_start(ap) /* f is ignored! */ +# define VA_SHIFT(v,t) v = va_arg(ap,t) +# define VA_END va_end(ap) +# else +/*XX ** NO VARARGS ** XX*/ +# endif #endif - int len = print_hex_ll(buf, (int)sizeof(buf), llvalue); - if(zero) { - buf[0]=')'; - buf[1]='l'; - buf[2]='i'; - buf[3]='n'; - buf[4]='('; - len = 5; - } else { - /* put '0x' in front of the (reversed) buffer result */ - if(len < PRINT_DEC_BUFSZ) - buf[len++] = 'x'; - if(len < PRINT_DEC_BUFSZ) - buf[len++] = '0'; - } - print_num(at, left, ret, minw, precision, prgiven, zeropad, minus, - plus, space, zero, negative, buf, len); -} -#define PRINT_FLOAT_BUFSZ 64 /* xx.yy with 20.20 about the max */ -/** spool remainder after the decimal point to buffer, in reverse */ -static int -print_remainder(char* buf, int max, double r, int prec) -{ - unsigned long long cap = 1; - unsigned long long value; - int len, i; - if(prec > 19) prec = 19; /* max we can do */ - if(max < prec) return 0; - for(i=0; i<prec; i++) { - cap *= 10; - } - r *= (double)cap; - value = (unsigned long long)r; - /* see if we need to round up */ - if(((unsigned long long)((r - (double)value)*10.0)) >= 5) { - value++; - /* that might carry to numbers before the comma, if so, - * just ignore that rounding. failure because 64bitprintout */ - if(value >= cap) - value = cap-1; - } - len = print_dec_ll(buf, max, value); - while(len < prec) { /* pad with zeroes, e.g. if 0.0012 */ - buf[len++] = '0'; - } - if(len < max) - buf[len++] = '.'; - return len; -} +int snprintf (char *str, size_t count, const char *fmt, ...); +int vsnprintf (char *str, size_t count, const char *fmt, va_list arg); -/** spool floating point to buffer */ -static int -print_float(char* buf, int max, double value, int prec) -{ - /* as xxx.xxx if prec==0, no '.', with prec decimals after . */ - /* no conversion for NAN and INF, because we do not want to require - linking with -lm. */ - /* Thus, the conversions use 64bit integers to convert the numbers, - * which makes 19 digits before and after the decimal point the max */ - unsigned long long whole = (unsigned long long)value; - double remain = value - (double)whole; - int len = 0; - if(prec != 0) - len = print_remainder(buf, max, remain, prec); - len += print_dec_ll(buf+len, max-len, whole); - return len; -} +static void dopr (char *buffer, size_t maxlen, const char *format, + va_list args); +static void fmtstr (char *buffer, size_t *currlen, size_t maxlen, + char *value, int flags, int min, int max); +static void fmtint (char *buffer, size_t *currlen, size_t maxlen, + long value, int base, int min, int max, int flags); +static void fmtfp (char *buffer, size_t *currlen, size_t maxlen, + long double fvalue, int min, int max, int flags); +static void dopr_outch (char *buffer, size_t *currlen, size_t maxlen, char c ); -/** print %f */ -static void -print_num_f(char** at, size_t* left, int* ret, double value, - int minw, int precision, int prgiven, int zeropad, int minus, - int plus, int space) +int vsnprintf (char *str, size_t count, const char *fmt, va_list args) { - char buf[PRINT_FLOAT_BUFSZ]; - int negative = (value < 0); - int zero = 0; - int len; - if(!prgiven) precision = 6; - len = print_float(buf, (int)sizeof(buf), negative?-value:value, - precision); - print_num(at, left, ret, minw, 1, 0, zeropad, minus, - plus, space, zero, negative, buf, len); + str[0] = 0; + dopr(str, count, fmt, args); + return(strlen(str)); } -/* rudimentary %g support */ -static int -print_float_g(char* buf, int max, double value, int prec) +/* VARARGS3 */ +#ifdef HAVE_STDARGS +int snprintf (char *str,size_t count,const char *fmt,...) +#else +int snprintf (va_alist) va_dcl +#endif { - unsigned long long whole = (unsigned long long)value; - double remain = value - (double)whole; - int before = 0; - int len = 0; - - /* number of digits before the decimal point */ - while(whole > 0) { - before++; - whole /= 10; - } - whole = (unsigned long long)value; - - if(prec > before && remain != 0.0) { - /* see if the last decimals are zero, if so, skip them */ - len = print_remainder(buf, max, remain, prec-before); - while(len > 0 && buf[0]=='0') { - memmove(buf, buf+1, --len); - } - } - len += print_dec_ll(buf+len, max-len, whole); - return len; -} +#ifndef HAVE_STDARGS + char *str; + size_t count; + char *fmt; +#endif + VA_LOCAL_DECL; + + VA_START (fmt); + VA_SHIFT (str, char *); + VA_SHIFT (count, size_t ); + VA_SHIFT (fmt, char *); + (void) vsnprintf(str, count, fmt, ap); + VA_END; + return(strlen(str)); +} + +/* + * dopr(): poor man's version of doprintf + */ +/* format read states */ +#define DP_S_DEFAULT 0 +#define DP_S_FLAGS 1 +#define DP_S_MIN 2 +#define DP_S_DOT 3 +#define DP_S_MAX 4 +#define DP_S_MOD 5 +#define DP_S_CONV 6 +#define DP_S_DONE 7 + +/* format flags - Bits */ +#define DP_F_MINUS 1 +#define DP_F_PLUS 2 +#define DP_F_SPACE 4 +#define DP_F_NUM 8 +#define DP_F_ZERO 16 +#define DP_F_UP 32 + +/* Conversion Flags */ +#define DP_C_SHORT 1 +#define DP_C_LONG 2 +#define DP_C_LDOUBLE 3 + +#define char_to_int(p) (p - '0') +#define MAX(p,q) ((p >= q) ? p : q) + +static void dopr (char *buffer, size_t maxlen, const char *format, va_list args) +{ + char ch; + long value; + long double fvalue; + char *strvalue; + int min; + int max; + int state; + int flags; + int cflags; + size_t currlen; + + state = DP_S_DEFAULT; + currlen = flags = cflags = min = 0; + max = -1; + ch = *format++; + + while (state != DP_S_DONE) + { + if ((ch == '\0') || (currlen >= maxlen)) + state = DP_S_DONE; + + switch(state) + { + case DP_S_DEFAULT: + if (ch == '%') + state = DP_S_FLAGS; + else + dopr_outch (buffer, &currlen, maxlen, ch); + ch = *format++; + break; + case DP_S_FLAGS: + switch (ch) + { + case '-': + flags |= DP_F_MINUS; + ch = *format++; + break; + case '+': + flags |= DP_F_PLUS; + ch = *format++; + break; + case ' ': + flags |= DP_F_SPACE; + ch = *format++; + break; + case '#': + flags |= DP_F_NUM; + ch = *format++; + break; + case '0': + flags |= DP_F_ZERO; + ch = *format++; + break; + default: + state = DP_S_MIN; + break; + } + break; + case DP_S_MIN: + if (isdigit((int) ch)) + { + min = 10*min + char_to_int (ch); + ch = *format++; + } + else if (ch == '*') + { + min = va_arg (args, int); + ch = *format++; + state = DP_S_DOT; + } + else + state = DP_S_DOT; + break; + case DP_S_DOT: + if (ch == '.') + { + state = DP_S_MAX; + ch = *format++; + } + else + state = DP_S_MOD; + break; + case DP_S_MAX: + if (isdigit((int) ch)) + { + if (max < 0) + max = 0; + max = 10*max + char_to_int (ch); + ch = *format++; + } + else if (ch == '*') + { + max = va_arg (args, int); + ch = *format++; + state = DP_S_MOD; + } + else + state = DP_S_MOD; + break; + case DP_S_MOD: + /* Currently, we don't support Long Long, bummer */ + switch (ch) + { + case 'h': + cflags = DP_C_SHORT; + ch = *format++; + break; + case 'l': + cflags = DP_C_LONG; + ch = *format++; + break; + case 'L': + cflags = DP_C_LDOUBLE; + ch = *format++; + break; + default: + break; + } + state = DP_S_CONV; + break; + case DP_S_CONV: + switch (ch) + { + case 'd': + case 'i': + if (cflags == DP_C_SHORT) + value = va_arg (args, int); + else if (cflags == DP_C_LONG) + value = va_arg (args, long int); + else + value = va_arg (args, int); + fmtint (buffer, &currlen, maxlen, value, 10, min, max, flags); + break; + case 'o': + flags &= ~DP_F_PLUS; + if (cflags == DP_C_SHORT) + value = va_arg (args, unsigned int); + else if (cflags == DP_C_LONG) + value = va_arg (args, unsigned long int); + else + value = va_arg (args, unsigned int); + fmtint (buffer, &currlen, maxlen, value, 8, min, max, flags); + break; + case 'u': + flags &= ~DP_F_PLUS; + if (cflags == DP_C_SHORT) + value = va_arg (args, unsigned int); + else if (cflags == DP_C_LONG) + value = va_arg (args, unsigned long int); + else + value = va_arg (args, unsigned int); + fmtint (buffer, &currlen, maxlen, value, 10, min, max, flags); + break; + case 'X': + flags |= DP_F_UP; + case 'x': + flags &= ~DP_F_PLUS; + if (cflags == DP_C_SHORT) + value = va_arg (args, unsigned int); + else if (cflags == DP_C_LONG) + value = va_arg (args, unsigned long int); + else + value = va_arg (args, unsigned int); + fmtint (buffer, &currlen, maxlen, value, 16, min, max, flags); + break; + case 'f': + if (cflags == DP_C_LDOUBLE) + fvalue = va_arg (args, long double); + else + fvalue = va_arg (args, double); + /* um, floating point? */ + fmtfp (buffer, &currlen, maxlen, fvalue, min, max, flags); + break; + case 'E': + flags |= DP_F_UP; + case 'e': + if (cflags == DP_C_LDOUBLE) + fvalue = va_arg (args, long double); + else + fvalue = va_arg (args, double); + break; + case 'G': + flags |= DP_F_UP; + case 'g': + if (cflags == DP_C_LDOUBLE) + fvalue = va_arg (args, long double); + else + fvalue = va_arg (args, double); + break; + case 'c': + dopr_outch (buffer, &currlen, maxlen, va_arg (args, int)); + break; + case 's': + strvalue = va_arg (args, char *); + if (max < 0) + max = maxlen; /* ie, no max */ + fmtstr (buffer, &currlen, maxlen, strvalue, flags, min, max); + break; + case 'p': + strvalue = va_arg (args, void *); + fmtint (buffer, &currlen, maxlen, (long) strvalue, 16, min, max, flags); + break; + case 'n': + if (cflags == DP_C_SHORT) + { + short int *num; + num = va_arg (args, short int *); + *num = currlen; + } + else if (cflags == DP_C_LONG) + { + long int *num; + num = va_arg (args, long int *); + *num = currlen; + } + else + { + int *num; + num = va_arg (args, int *); + *num = currlen; + } + break; + case '%': + dopr_outch (buffer, &currlen, maxlen, ch); + break; + case 'w': + /* not supported yet, treat as next char */ + ch = *format++; + break; + default: + /* Unknown, skip */ + break; + } + ch = *format++; + state = DP_S_DEFAULT; + flags = cflags = min = 0; + max = -1; + break; + case DP_S_DONE: + break; + default: + /* hmm? */ + break; /* some picky compilers need this */ + } + } + if (currlen < maxlen - 1) + buffer[currlen] = '\0'; + else + buffer[maxlen - 1] = '\0'; +} + +static void fmtstr (char *buffer, size_t *currlen, size_t maxlen, + char *value, int flags, int min, int max) +{ + int padlen, strln; /* amount to pad */ + int cnt = 0; + + if (value == 0) + { + value = (char *) "<NULL>"; + } + + for (strln = 0; value[strln]; ++strln); /* strlen */ + padlen = min - strln; + if (padlen < 0) + padlen = 0; + if (flags & DP_F_MINUS) + padlen = -padlen; /* Left Justify */ + + while ((padlen > 0) && (cnt < max)) + { + dopr_outch (buffer, currlen, maxlen, ' '); + --padlen; + ++cnt; + } + while (*value && (cnt < max)) + { + dopr_outch (buffer, currlen, maxlen, *value++); + ++cnt; + } + while ((padlen < 0) && (cnt < max)) + { + dopr_outch (buffer, currlen, maxlen, ' '); + ++padlen; + ++cnt; + } +} + +/* Have to handle DP_F_NUM (ie 0x and 0 alternates) */ + +static void fmtint (char *buffer, size_t *currlen, size_t maxlen, + long value, int base, int min, int max, int flags) +{ + int signvalue = 0; + unsigned long uvalue; + char convert[20]; + int place = 0; + int spadlen = 0; /* amount to space pad */ + int zpadlen = 0; /* amount to zero pad */ + int caps = 0; + + if (max < 0) + max = 0; + + uvalue = value; + if( value < 0 ) { + signvalue = '-'; + uvalue = -value; + } + else + if (flags & DP_F_PLUS) /* Do a sign (+/i) */ + signvalue = '+'; + else + if (flags & DP_F_SPACE) + signvalue = ' '; + + if (flags & DP_F_UP) caps = 1; /* Should characters be upper case? */ + + do { + convert[place++] = + (caps? "0123456789ABCDEF":"0123456789abcdef") + [uvalue % (unsigned)base ]; + uvalue = (uvalue / (unsigned)base ); + } while(uvalue && (place < 20)); + if (place == 20) place--; + convert[place] = 0; + + zpadlen = max - place; + spadlen = min - MAX (max, place) - (signvalue ? 1 : 0); + if (zpadlen < 0) zpadlen = 0; + if (spadlen < 0) spadlen = 0; + if (flags & DP_F_ZERO) + { + zpadlen = MAX(zpadlen, spadlen); + spadlen = 0; + } + if (flags & DP_F_MINUS) + spadlen = -spadlen; /* Left Justifty */ + +#ifdef DEBUG_SNPRINTF + dprint (1, (debugfile, "zpad: %d, spad: %d, min: %d, max: %d, place: %d\n", + zpadlen, spadlen, min, max, place)); +#endif -/** print %g */ -static void -print_num_g(char** at, size_t* left, int* ret, double value, - int minw, int precision, int prgiven, int zeropad, int minus, - int plus, int space) -{ - char buf[PRINT_FLOAT_BUFSZ]; - int negative = (value < 0); - int zero = 0; - int len; - if(!prgiven) precision = 6; - if(precision == 0) precision = 1; - len = print_float_g(buf, (int)sizeof(buf), negative?-value:value, - precision); - print_num(at, left, ret, minw, 1, 0, zeropad, minus, - plus, space, zero, negative, buf, len); -} + /* Spaces */ + while (spadlen > 0) + { + dopr_outch (buffer, currlen, maxlen, ' '); + --spadlen; + } + + /* Sign */ + if (signvalue) + dopr_outch (buffer, currlen, maxlen, signvalue); + + /* Zeros */ + if (zpadlen > 0) + { + while (zpadlen > 0) + { + dopr_outch (buffer, currlen, maxlen, '0'); + --zpadlen; + } + } + + /* Digits */ + while (place > 0) + dopr_outch (buffer, currlen, maxlen, convert[--place]); + + /* Left Justified spaces */ + while (spadlen < 0) { + dopr_outch (buffer, currlen, maxlen, ' '); + ++spadlen; + } +} + +static long double abs_val (long double value) +{ + long double result = value; + + if (value < 0) + result = -value; + + return result; +} + +static double pow10 (double exp) +{ + long double result = 1; + + while (exp) + { + result *= 10; + exp--; + } + + return result; +} + +static double round (double value) +{ + long intpart; + + intpart = value; + value = value - intpart; + if (value >= 0.5) + intpart++; + + return intpart; +} + +static void fmtfp (char *buffer, size_t *currlen, size_t maxlen, + long double fvalue, int min, int max, int flags) +{ + int signvalue = 0; + long double ufvalue; + char iconvert[20]; + char fconvert[20]; + int iplace = 0; + int fplace = 0; + int padlen = 0; /* amount to pad */ + int zpadlen = 0; + int caps = 0; + long intpart; + long fracpart; + + /* + * AIX manpage says the default is 0, but Solaris says the default + * is 6, and sprintf on AIX defaults to 6 + */ + if (max < 0) + max = 6; + + ufvalue = abs_val (fvalue); + + if (fvalue < 0) + signvalue = '-'; + else + if (flags & DP_F_PLUS) /* Do a sign (+/i) */ + signvalue = '+'; + else + if (flags & DP_F_SPACE) + signvalue = ' '; + +#if 0 + if (flags & DP_F_UP) caps = 1; /* Should characters be upper case? */ +#endif + intpart = ufvalue; -/** strnlen (compat implementation) */ -static int -my_strnlen(const char* s, int max) -{ - int i; - for(i=0; i<max; i++) - if(s[i]==0) - return i; - return max; -} + /* + * Sorry, we only support 9 digits past the decimal because of our + * conversion method + */ + if (max > 9) + max = 9; -/** print %s */ -static void -print_str(char** at, size_t* left, int* ret, char* s, - int minw, int precision, int prgiven, int minus) -{ - int w; - /* with prec: no more than x characters from this string, stop at 0 */ - if(prgiven) - w = my_strnlen(s, precision); - else w = (int)strlen(s); /* up to the nul */ - if(w < minw && !minus) - print_pad(at, left, ret, ' ', minw - w); - spool_str(at, left, ret, s, w); - if(w < minw && minus) - print_pad(at, left, ret, ' ', minw - w); -} - -/** print %c */ -static void -print_char(char** at, size_t* left, int* ret, int c, - int minw, int minus) -{ - if(1 < minw && !minus) - print_pad(at, left, ret, ' ', minw - 1); - print_pad(at, left, ret, c, 1); - if(1 < minw && minus) - print_pad(at, left, ret, ' ', minw - 1); -} + /* We "cheat" by converting the fractional part to integer by + * multiplying by a factor of 10 + */ + fracpart = round ((pow10 (max)) * (ufvalue - intpart)); + if (fracpart >= pow10 (max)) + { + intpart++; + fracpart -= pow10 (max); + } -/** - * Print to string. - * str: string buffer for result. result will be null terminated. - * size: size of the buffer. null is put inside buffer. - * format: printf format string. - * arg: '...' arguments to print. - * returns number of characters. a null is printed after this. - * return number of bytes that would have been written - * if the buffer had been large enough. - * - * supported format specifiers: - * %s, %u, %d, %x, %i, %f, %g, %c, %p, %n. - * length: l, ll (for d, u, x). - * precision: 6.6d (for d, u, x) - * %f, %g precisions, 0.3f - * %20s, '.*s' - * and %%. - */ -int vsnprintf(char* str, size_t size, const char* format, va_list arg) -{ - char* at = str; - size_t left = size; - int ret = 0; - const char* fmt = format; - int conv, minw, precision, prgiven, zeropad, minus, plus, space, length; - while(*fmt) { - /* copy string before % */ - while(*fmt && *fmt!='%') { - if(left > 1) { - *at++ = *fmt++; - left--; - } else fmt++; - ret++; - } - - /* see if we are at end */ - if(!*fmt) break; - - /* fetch next argument % designation from format string */ - fmt++; /* skip the '%' */ - - /********************************/ - /* get the argument designation */ - /********************************/ - /* we must do this vararg stuff inside this function for - * portability. Hence, get_designation, and print_designation - * are not their own functions. */ - - /* printout designation: - * conversion specifier: x, d, u, s, c, n, m, p - * flags: # not supported - * 0 zeropad (on the left) - * - left adjust (right by default) - * ' ' printspace for positive number (in - position). - * + alwayssign - * fieldwidth: [1-9][0-9]* minimum field width. - * if this is * then type int next argument specifies the minwidth. - * if this is negative, the - flag is set (with positive width). - * precision: period[digits]*, %.2x. - * if this is * then type int next argument specifies the precision. - * just '.' or negative value means precision=0. - * this is mindigits to print for d, i, u, x - * this is aftercomma digits for f - * this is max number significant digits for g - * maxnumber characters to be printed for s - * length: 0-none (int), 1-l (long), 2-ll (long long) - * notsupported: hh (char), h (short), L (long double), q, j, z, t - * Does not support %m$ and *m$ argument designation as array indices. - * Does not support %#x - * - */ - minw = 0; - precision = 1; - prgiven = 0; - zeropad = 0; - minus = 0; - plus = 0; - space = 0; - length = 0; - - /* get flags in any order */ - for(;;) { - if(*fmt == '0') - zeropad = 1; - else if(*fmt == '-') - minus = 1; - else if(*fmt == '+') - plus = 1; - else if(*fmt == ' ') - space = 1; - else break; - fmt++; - } - - /* field width */ - if(*fmt == '*') { - fmt++; /* skip char */ - minw = va_arg(arg, int); - if(minw < 0) { - minus = 1; - minw = -minw; - } - } else while(*fmt >= '0' && *fmt <= '9') { - minw = minw*10 + (*fmt++)-'0'; - } - - /* precision */ - if(*fmt == '.') { - fmt++; /* skip period */ - prgiven = 1; - precision = 0; - if(*fmt == '*') { - fmt++; /* skip char */ - precision = va_arg(arg, int); - if(precision < 0) - precision = 0; - } else while(*fmt >= '0' && *fmt <= '9') { - precision = precision*10 + (*fmt++)-'0'; - } - } - - /* length */ - if(*fmt == 'l') { - fmt++; /* skip char */ - length = 1; - if(*fmt == 'l') { - fmt++; /* skip char */ - length = 2; - } - } - - /* get the conversion */ - if(!*fmt) conv = 0; - else conv = *fmt++; - - /***********************************/ - /* print that argument designation */ - /***********************************/ - switch(conv) { - case 'i': - case 'd': - if(length == 0) - print_num_d(&at, &left, &ret, va_arg(arg, int), - minw, precision, prgiven, zeropad, minus, plus, space); - else if(length == 1) - print_num_ld(&at, &left, &ret, va_arg(arg, long), - minw, precision, prgiven, zeropad, minus, plus, space); - else if(length == 2) - print_num_lld(&at, &left, &ret, - va_arg(arg, long long), - minw, precision, prgiven, zeropad, minus, plus, space); - break; - case 'u': - if(length == 0) - print_num_u(&at, &left, &ret, - va_arg(arg, unsigned int), - minw, precision, prgiven, zeropad, minus, plus, space); - else if(length == 1) - print_num_lu(&at, &left, &ret, - va_arg(arg, unsigned long), - minw, precision, prgiven, zeropad, minus, plus, space); - else if(length == 2) - print_num_llu(&at, &left, &ret, - va_arg(arg, unsigned long long), - minw, precision, prgiven, zeropad, minus, plus, space); - break; - case 'x': - if(length == 0) - print_num_x(&at, &left, &ret, - va_arg(arg, unsigned int), - minw, precision, prgiven, zeropad, minus, plus, space); - else if(length == 1) - print_num_lx(&at, &left, &ret, - va_arg(arg, unsigned long), - minw, precision, prgiven, zeropad, minus, plus, space); - else if(length == 2) - print_num_llx(&at, &left, &ret, - va_arg(arg, unsigned long long), - minw, precision, prgiven, zeropad, minus, plus, space); - break; - case 's': - print_str(&at, &left, &ret, va_arg(arg, char*), - minw, precision, prgiven, minus); - break; - case 'c': - print_char(&at, &left, &ret, va_arg(arg, int), - minw, minus); - break; - case 'n': - *va_arg(arg, int*) = ret; - break; - case 'm': - print_str(&at, &left, &ret, strerror(errno), - minw, precision, prgiven, minus); - break; - case 'p': - print_num_llp(&at, &left, &ret, va_arg(arg, void*), - minw, precision, prgiven, zeropad, minus, plus, space); - break; - case '%': - print_pad(&at, &left, &ret, '%', 1); - break; - case 'f': - print_num_f(&at, &left, &ret, va_arg(arg, double), - minw, precision, prgiven, zeropad, minus, plus, space); - break; - case 'g': - print_num_g(&at, &left, &ret, va_arg(arg, double), - minw, precision, prgiven, zeropad, minus, plus, space); - break; - /* unknown */ - default: - case 0: break; - } - } - - /* zero terminate */ - if(left > 0) - *at = 0; - return ret; -} +#ifdef DEBUG_SNPRINTF + dprint (1, (debugfile, "fmtfp: %f =? %d.%d\n", fvalue, intpart, fracpart)); +#endif -#ifdef SNPRINTF_TEST - -/** do tests */ -#undef snprintf -#define DOTEST(bufsz, result, retval, ...) do { \ - char buf[bufsz]; \ - printf("now test %s\n", #__VA_ARGS__); \ - int r=my_snprintf(buf, sizeof(buf), __VA_ARGS__); \ - if(r != retval || strcmp(buf, result) != 0) { \ - printf("error test(%s) was \"%s\":%d\n", \ - ""#bufsz", "#result", "#retval", "#__VA_ARGS__, \ - buf, r); \ - exit(1); \ - } \ - r=snprintf(buf, sizeof(buf), __VA_ARGS__); \ - if(r != retval || strcmp(buf, result) != 0) { \ - printf("error test(%s) differs with system, \"%s\":%d\n", \ - ""#bufsz", "#result", "#retval", "#__VA_ARGS__, \ - buf, r); \ - exit(1); \ - } \ - printf("test(\"%s\":%d) passed\n", buf, r); \ - } while(0); - -/** test program */ -int main(void) -{ - int x = 0; - - /* bufsize, expectedstring, expectedretval, snprintf arguments */ - DOTEST(1024, "hello", 5, "hello"); - DOTEST(1024, "h", 1, "h"); - /* warning from gcc for format string, but it does work - * DOTEST(1024, "", 0, ""); */ - - DOTEST(3, "he", 5, "hello"); - DOTEST(1, "", 7, "%d", 7823089); - - /* test positive numbers */ - DOTEST(1024, "0", 1, "%d", 0); - DOTEST(1024, "1", 1, "%d", 1); - DOTEST(1024, "9", 1, "%d", 9); - DOTEST(1024, "15", 2, "%d", 15); - DOTEST(1024, "ab15cd", 6, "ab%dcd", 15); - DOTEST(1024, "167", 3, "%d", 167); - DOTEST(1024, "7823089", 7, "%d", 7823089); - DOTEST(1024, " 12", 3, "%3d", 12); - DOTEST(1024, "012", 3, "%.3d", 12); - DOTEST(1024, "012", 3, "%3.3d", 12); - DOTEST(1024, "012", 3, "%03d", 12); - DOTEST(1024, " 012", 4, "%4.3d", 12); - DOTEST(1024, "", 0, "%.0d", 0); - - /* test negative numbers */ - DOTEST(1024, "-1", 2, "%d", -1); - DOTEST(1024, "-12", 3, "%3d", -12); - DOTEST(1024, " -2", 3, "%3d", -2); - DOTEST(1024, "-012", 4, "%.3d", -12); - DOTEST(1024, "-012", 4, "%3.3d", -12); - DOTEST(1024, "-012", 4, "%4.3d", -12); - DOTEST(1024, " -012", 5, "%5.3d", -12); - DOTEST(1024, "-12", 3, "%03d", -12); - DOTEST(1024, "-02", 3, "%03d", -2); - DOTEST(1024, "-15", 3, "%d", -15); - DOTEST(1024, "-7307", 5, "%d", -7307); - DOTEST(1024, "-12 ", 5, "%-5d", -12); - DOTEST(1024, "-00012", 6, "%-.5d", -12); - - /* test + and space flags */ - DOTEST(1024, "+12", 3, "%+d", 12); - DOTEST(1024, " 12", 3, "% d", 12); - - /* test %u */ - DOTEST(1024, "12", 2, "%u", 12); - DOTEST(1024, "0", 1, "%u", 0); - DOTEST(1024, "4294967295", 10, "%u", 0xffffffff); - - /* test %x */ - DOTEST(1024, "0", 1, "%x", 0); - DOTEST(1024, "c", 1, "%x", 12); - DOTEST(1024, "12ab34cd", 8, "%x", 0x12ab34cd); - - /* test %llu, %lld */ - DOTEST(1024, "18446744073709551615", 20, "%llu", - (long long)0xffffffffffffffff); - DOTEST(1024, "-9223372036854775808", 20, "%lld", - (long long)0x8000000000000000); - DOTEST(1024, "9223372036854775808", 19, "%llu", - (long long)0x8000000000000000); - - /* test %s */ - DOTEST(1024, "hello", 5, "%s", "hello"); - DOTEST(1024, " hello", 10, "%10s", "hello"); - DOTEST(1024, "hello ", 10, "%-10s", "hello"); - DOTEST(1024, "he", 2, "%.2s", "hello"); - DOTEST(1024, " he", 4, "%4.2s", "hello"); - DOTEST(1024, " h", 4, "%4.2s", "h"); - - /* test %c */ - DOTEST(1024, "a", 1, "%c", 'a'); - /* warning from gcc for format string, but it does work - DOTEST(1024, " a", 5, "%5c", 'a'); - DOTEST(1024, "a", 1, "%.0c", 'a'); */ - - /* test %n */ - DOTEST(1024, "hello", 5, "hello%n", &x); - if(x != 5) { printf("the %%n failed\n"); exit(1); } - - /* test %m */ - errno = 0; - DOTEST(1024, "Success", 7, "%m"); - - /* test %p */ - DOTEST(1024, "0x10", 4, "%p", (void*)0x10); - DOTEST(1024, "(nil)", 5, "%p", (void*)0x0); - - /* test %% */ - DOTEST(1024, "%", 1, "%%"); - - /* test %f */ - DOTEST(1024, "0.000000", 8, "%f", 0.0); - DOTEST(1024, "0.00", 4, "%.2f", 0.0); - /* differs, "-0.00" DOTEST(1024, "0.00", 4, "%.2f", -0.0); */ - DOTEST(1024, "234.00", 6, "%.2f", 234.005); - DOTEST(1024, "8973497.1246", 12, "%.4f", 8973497.12456); - DOTEST(1024, "-12.000000", 10, "%f", -12.0); - DOTEST(1024, "6", 1, "%.0f", 6.0); - - DOTEST(1024, "6", 1, "%g", 6.0); - DOTEST(1024, "6.1", 3, "%g", 6.1); - DOTEST(1024, "6.15", 4, "%g", 6.15); - - /* These format strings are from the code of NSD, Unbound, ldns */ - - DOTEST(1024, "abcdef", 6, "%s", "abcdef"); - DOTEST(1024, "005", 3, "%03u", 5); - DOTEST(1024, "12345", 5, "%03u", 12345); - DOTEST(1024, "5", 1, "%d", 5); - DOTEST(1024, "(nil)", 5, "%p", NULL); - DOTEST(1024, "12345", 5, "%ld", (long)12345); - DOTEST(1024, "12345", 5, "%lu", (long)12345); - DOTEST(1024, " 12345", 12, "%12u", (unsigned)12345); - DOTEST(1024, "12345", 5, "%u", (unsigned)12345); - DOTEST(1024, "12345", 5, "%llu", (unsigned long long)12345); - DOTEST(1024, "12345", 5, "%x", 0x12345); - DOTEST(1024, "12345", 5, "%llx", (long long)0x12345); - DOTEST(1024, "012345", 6, "%6.6d", 12345); - DOTEST(1024, "012345", 6, "%6.6u", 12345); - DOTEST(1024, "1234.54", 7, "%g", 1234.54); - DOTEST(1024, "123456789.54", 12, "%.12g", 123456789.54); - DOTEST(1024, "3456789123456.54", 16, "%.16g", 3456789123456.54); - /* %24g does not work with 24 digits, not enough accuracy, - * the first 16 digits are correct */ - DOTEST(1024, "12345", 5, "%3.3d", 12345); - DOTEST(1024, "000", 3, "%3.3d", 0); - DOTEST(1024, "001", 3, "%3.3d", 1); - DOTEST(1024, "012", 3, "%3.3d", 12); - DOTEST(1024, "-012", 4, "%3.3d", -12); - DOTEST(1024, "he", 2, "%.2s", "hello"); - DOTEST(1024, "helloworld", 10, "%s%s", "hello", "world"); - DOTEST(1024, "he", 2, "%.*s", 2, "hello"); - DOTEST(1024, " hello", 7, "%*s", 7, "hello"); - DOTEST(1024, "hello ", 7, "%*s", -7, "hello"); - DOTEST(1024, "0", 1, "%c", '0'); - DOTEST(1024, "A", 1, "%c", 'A'); - DOTEST(1024, "", 1, "%c", 0); - DOTEST(1024, "\010", 1, "%c", 8); - DOTEST(1024, "%", 1, "%%"); - DOTEST(1024, "0a", 2, "%02x", 0x0a); - DOTEST(1024, "bd", 2, "%02x", 0xbd); - DOTEST(1024, "12", 2, "%02ld", (long)12); - DOTEST(1024, "02", 2, "%02ld", (long)2); - DOTEST(1024, "02", 2, "%02u", (unsigned)2); - DOTEST(1024, "765432", 6, "%05u", (unsigned)765432); - DOTEST(1024, "10.234", 6, "%0.3f", 10.23421); - DOTEST(1024, "123456.234", 10, "%0.3f", 123456.23421); - DOTEST(1024, "123456789.234", 13, "%0.3f", 123456789.23421); - DOTEST(1024, "123456.23", 9, "%.2f", 123456.23421); - DOTEST(1024, "123456", 6, "%.0f", 123456.23421); - DOTEST(1024, "0123", 4, "%.4x", 0x0123); - DOTEST(1024, "00000123", 8, "%.8x", 0x0123); - DOTEST(1024, "ffeb0cde", 8, "%.8x", 0xffeb0cde); - DOTEST(1024, " 987654321", 10, "%10lu", (unsigned long)987654321); - DOTEST(1024, " 987654321", 12, "%12lu", (unsigned long)987654321); - DOTEST(1024, "987654321", 9, "%i", 987654321); - DOTEST(1024, "-87654321", 9, "%i", -87654321); - DOTEST(1024, "hello ", 16, "%-16s", "hello"); - DOTEST(1024, " ", 16, "%-16s", ""); - DOTEST(1024, "a ", 16, "%-16s", "a"); - DOTEST(1024, "foobarfoobar ", 16, "%-16s", "foobarfoobar"); - DOTEST(1024, "foobarfoobarfoobar", 18, "%-16s", "foobarfoobarfoobar"); - - /* combined expressions */ - DOTEST(1024, "foo 1.0 size 512 edns", 21, - "foo %s size %d %s%s", "1.0", 512, "", "edns"); - DOTEST(15, "foo 1.0 size 5", 21, - "foo %s size %d %s%s", "1.0", 512, "", "edns"); - DOTEST(1024, "packet 1203ceff id", 18, - "packet %2.2x%2.2x%2.2x%2.2x id", 0x12, 0x03, 0xce, 0xff); - DOTEST(1024, "/tmp/testbound_123abcd.tmp", 26, "/tmp/testbound_%u%s%s.tmp", 123, "ab", "cd"); - - return 0; + /* Convert integer part */ + do { + iconvert[iplace++] = + (caps? "0123456789ABCDEF":"0123456789abcdef")[intpart % 10]; + intpart = (intpart / 10); + } while(intpart && (iplace < 20)); + if (iplace == 20) iplace--; + iconvert[iplace] = 0; + + /* Convert fractional part */ + do { + fconvert[fplace++] = + (caps? "0123456789ABCDEF":"0123456789abcdef")[fracpart % 10]; + fracpart = (fracpart / 10); + } while(fracpart && (fplace < 20)); + if (fplace == 20) fplace--; + fconvert[fplace] = 0; + + /* -1 for decimal point, another -1 if we are printing a sign */ + padlen = min - iplace - max - 1 - ((signvalue) ? 1 : 0); + zpadlen = max - fplace; + if (zpadlen < 0) + zpadlen = 0; + if (padlen < 0) + padlen = 0; + if (flags & DP_F_MINUS) + padlen = -padlen; /* Left Justifty */ + + if ((flags & DP_F_ZERO) && (padlen > 0)) + { + if (signvalue) + { + dopr_outch (buffer, currlen, maxlen, signvalue); + --padlen; + signvalue = 0; + } + while (padlen > 0) + { + dopr_outch (buffer, currlen, maxlen, '0'); + --padlen; + } + } + while (padlen > 0) + { + dopr_outch (buffer, currlen, maxlen, ' '); + --padlen; + } + if (signvalue) + dopr_outch (buffer, currlen, maxlen, signvalue); + + while (iplace > 0) + dopr_outch (buffer, currlen, maxlen, iconvert[--iplace]); + + /* + * Decimal point. This should probably use locale to find the correct + * char to print out. + */ + dopr_outch (buffer, currlen, maxlen, '.'); + + while (zpadlen > 0) + { + dopr_outch (buffer, currlen, maxlen, '0'); + --zpadlen; + } + + while (fplace > 0) + dopr_outch (buffer, currlen, maxlen, fconvert[--fplace]); + + while (padlen < 0) + { + dopr_outch (buffer, currlen, maxlen, ' '); + ++padlen; + } +} + +static void dopr_outch (char *buffer, size_t *currlen, size_t maxlen, char c) +{ + if (*currlen < maxlen) + buffer[(*currlen)++] = c; +} + +#ifdef TEST_SNPRINTF +#ifndef LONG_STRING +#define LONG_STRING 1024 +#endif +int main (void) +{ + char buf1[LONG_STRING]; + char buf2[LONG_STRING]; + char *fp_fmt[] = { + "%-1.5f", + "%1.5f", + "%123.9f", + "%10.5f", + "% 10.5f", + "%+22.9f", + "%+4.9f", + "%01.3f", + "%4f", + "%3.1f", + "%3.2f", + NULL + }; + double fp_nums[] = { -1.5, 134.21, 91340.2, 341.1234, 0203.9, 0.96, 0.996, + 0.9996, 1.996, 4.136, 0}; + char *int_fmt[] = { + "%-1.5d", + "%1.5d", + "%123.9d", + "%5.5d", + "%10.5d", + "% 10.5d", + "%+22.33d", + "%01.3d", + "%4d", + NULL + }; + long int_nums[] = { -1, 134, 91340, 341, 0203, 0}; + int x, y; + int fail = 0; + int num = 0; + + printf ("Testing snprintf format codes against system sprintf...\n"); + + for (x = 0; fp_fmt[x] != NULL ; x++) + for (y = 0; fp_nums[y] != 0 ; y++) + { + snprintf (buf1, sizeof (buf1), fp_fmt[x], fp_nums[y]); + sprintf (buf2, fp_fmt[x], fp_nums[y]); + if (strcmp (buf1, buf2)) + { + printf("snprintf doesn't match Format: %s\n\tsnprintf = %s\n\tsprintf = %s\n", + fp_fmt[x], buf1, buf2); + fail++; + } + num++; + } + + for (x = 0; int_fmt[x] != NULL ; x++) + for (y = 0; int_nums[y] != 0 ; y++) + { + snprintf (buf1, sizeof (buf1), int_fmt[x], int_nums[y]); + sprintf (buf2, int_fmt[x], int_nums[y]); + if (strcmp (buf1, buf2)) + { + printf("snprintf doesn't match Format: %s\n\tsnprintf = %s\n\tsprintf = %s\n", + int_fmt[x], buf1, buf2); + fail++; + } + num++; + } + printf ("%d tests failed out of %d.\n", fail, num); } #endif /* SNPRINTF_TEST */ + +#endif /* !HAVE_SNPRINTF */ diff --git a/usr.sbin/unbound/ldns/config.guess b/usr.sbin/unbound/ldns/config.guess index d622a44e551..40eaed4821e 100755..100644 --- a/usr.sbin/unbound/ldns/config.guess +++ b/usr.sbin/unbound/ldns/config.guess @@ -2,9 +2,9 @@ # Attempt to guess a canonical system name. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, # 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, -# 2011, 2012 Free Software Foundation, Inc. +# 2011 Free Software Foundation, Inc. -timestamp='2012-02-10' +timestamp='2011-05-11' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -17,7 +17,9 @@ timestamp='2012-02-10' # General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program; if not, see <http://www.gnu.org/licenses/>. +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -55,8 +57,8 @@ GNU config.guess ($timestamp) Originally written by Per Bothner. Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 -Free Software Foundation, Inc. +2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free +Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -143,7 +145,7 @@ UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in *:NetBSD:*:*) # NetBSD (nbsd) targets should (where applicable) match one or - # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*, + # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently # switched to ELF, *-*-netbsd* would select the old # object file format. This provides both forward @@ -790,12 +792,13 @@ EOF echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} exit ;; *:FreeBSD:*:*) - UNAME_PROCESSOR=`/usr/bin/uname -p` - case ${UNAME_PROCESSOR} in + case ${UNAME_MACHINE} in + pc98) + echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; amd64) echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; *) - echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; esac exit ;; i*:CYGWIN*:*) @@ -804,9 +807,6 @@ EOF *:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit ;; - i*:MSYS*:*) - echo ${UNAME_MACHINE}-pc-msys - exit ;; i*:windows32*:*) # uname -m includes "-pc" on this system. echo ${UNAME_MACHINE}-mingw32 @@ -861,13 +861,6 @@ EOF i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix exit ;; - aarch64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - aarch64_be:Linux:*:*) - UNAME_MACHINE=aarch64_be - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; alpha:Linux:*:*) case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in EV5) UNAME_MACHINE=alphaev5 ;; @@ -902,16 +895,13 @@ EOF echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; cris:Linux:*:*) - echo ${UNAME_MACHINE}-axis-linux-gnu + echo cris-axis-linux-gnu exit ;; crisv32:Linux:*:*) - echo ${UNAME_MACHINE}-axis-linux-gnu + echo crisv32-axis-linux-gnu exit ;; frv:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - hexagon:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo frv-unknown-linux-gnu exit ;; i*86:Linux:*:*) LIBC=gnu @@ -953,7 +943,7 @@ EOF test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } ;; or32:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo or32-unknown-linux-gnu exit ;; padre:Linux:*:*) echo sparc-unknown-linux-gnu @@ -988,13 +978,13 @@ EOF echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; tile*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-tilera-linux-gnu exit ;; vax:Linux:*:*) echo ${UNAME_MACHINE}-dec-linux-gnu exit ;; x86_64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo x86_64-unknown-linux-gnu exit ;; xtensa*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu @@ -1325,9 +1315,6 @@ EOF i*86:AROS:*:*) echo ${UNAME_MACHINE}-pc-aros exit ;; - x86_64:VMkernel:*:*) - echo ${UNAME_MACHINE}-unknown-esx - exit ;; esac #echo '(No uname command or uname output not recognized.)' 1>&2 diff --git a/usr.sbin/unbound/ldns/config.sub b/usr.sbin/unbound/ldns/config.sub index c894da45500..30fdca81215 100755..100644 --- a/usr.sbin/unbound/ldns/config.sub +++ b/usr.sbin/unbound/ldns/config.sub @@ -2,9 +2,9 @@ # Configuration validation subroutine script. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, # 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, -# 2011, 2012 Free Software Foundation, Inc. +# 2011 Free Software Foundation, Inc. -timestamp='2012-02-10' +timestamp='2011-03-23' # This file is (in principle) common to ALL GNU software. # The presence of a machine in this file suggests that SOME GNU software @@ -21,7 +21,9 @@ timestamp='2012-02-10' # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program; if not, see <http://www.gnu.org/licenses/>. +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -74,8 +76,8 @@ version="\ GNU config.sub ($timestamp) Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 -Free Software Foundation, Inc. +2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free +Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -130,10 +132,6 @@ case $maybe_os in os=-$maybe_os basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` ;; - android-linux) - os=-linux-android - basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown - ;; *) basic_machine=`echo $1 | sed 's/-[^-]*$//'` if [ $basic_machine != $1 ] @@ -249,22 +247,17 @@ case $basic_machine in # Some are omitted here because they have special meanings below. 1750a | 580 \ | a29k \ - | aarch64 | aarch64_be \ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ | am33_2.0 \ | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ - | be32 | be64 \ | bfin \ | c4x | clipper \ | d10v | d30v | dlx | dsp16xx \ - | epiphany \ | fido | fr30 | frv \ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ - | hexagon \ | i370 | i860 | i960 | ia64 \ | ip2k | iq2000 \ - | le32 | le64 \ | lm32 \ | m32c | m32r | m32rle | m68000 | m68k | m88k \ | maxq | mb | microblaze | mcore | mep | metag \ @@ -298,7 +291,7 @@ case $basic_machine in | pdp10 | pdp11 | pj | pjl \ | powerpc | powerpc64 | powerpc64le | powerpcle \ | pyramid \ - | rl78 | rx \ + | rx \ | score \ | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ | sh64 | sh64le \ @@ -307,7 +300,7 @@ case $basic_machine in | spu \ | tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \ | ubicom32 \ - | v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \ + | v850 | v850e \ | we32k \ | x86 | xc16x | xstormy16 | xtensa \ | z8k | z80) @@ -322,7 +315,8 @@ case $basic_machine in c6x) basic_machine=tic6x-unknown ;; - m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | picochip) + m6811 | m68hc11 | m6812 | m68hc12 | picochip) + # Motorola 68HC11/12. basic_machine=$basic_machine-unknown os=-none ;; @@ -335,10 +329,7 @@ case $basic_machine in strongarm | thumb | xscale) basic_machine=arm-unknown ;; - xgate) - basic_machine=$basic_machine-unknown - os=-none - ;; + xscaleeb) basic_machine=armeb-unknown ;; @@ -361,13 +352,11 @@ case $basic_machine in # Recognize the basic CPU types with company name. 580-* \ | a29k-* \ - | aarch64-* | aarch64_be-* \ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ | avr-* | avr32-* \ - | be32-* | be64-* \ | bfin-* | bs2000-* \ | c[123]* | c30-* | [cjt]90-* | c4x-* \ | clipper-* | craynv-* | cydra-* \ @@ -376,10 +365,8 @@ case $basic_machine in | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ | h8300-* | h8500-* \ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ - | hexagon-* \ | i*86-* | i860-* | i960-* | ia64-* \ | ip2k-* | iq2000-* \ - | le32-* | le64-* \ | lm32-* \ | m32c-* | m32r-* | m32rle-* \ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ @@ -413,7 +400,7 @@ case $basic_machine in | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \ | pyramid-* \ - | rl78-* | romp-* | rs6000-* | rx-* \ + | romp-* | rs6000-* | rx-* \ | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ @@ -421,11 +408,10 @@ case $basic_machine in | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx?-* \ | tahoe-* \ | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ - | tile*-* \ + | tile-* | tilegx-* \ | tron-* \ | ubicom32-* \ - | v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \ - | vax-* \ + | v850-* | v850e-* | vax-* \ | we32k-* \ | x86-* | x86_64-* | xc16x-* | xps100-* \ | xstormy16-* | xtensa*-* \ @@ -725,6 +711,7 @@ case $basic_machine in i370-ibm* | ibm*) basic_machine=i370-ibm ;; +# I'm not sure what "Sysv32" means. Should this be sysv3.2? i*86v32) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv32 @@ -821,18 +808,10 @@ case $basic_machine in ms1-*) basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` ;; - msys) - basic_machine=i386-pc - os=-msys - ;; mvs) basic_machine=i370-ibm os=-mvs ;; - nacl) - basic_machine=le32-unknown - os=-nacl - ;; ncr3000) basic_machine=i486-ncr os=-sysv4 @@ -1141,8 +1120,13 @@ case $basic_machine in basic_machine=t90-cray os=-unicos ;; + # This must be matched before tile*. + tilegx*) + basic_machine=tilegx-unknown + os=-linux-gnu + ;; tile*) - basic_machine=$basic_machine-unknown + basic_machine=tile-unknown os=-linux-gnu ;; tx39) @@ -1352,7 +1336,7 @@ case $os in | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -chorusos* | -chorusrdb* | -cegcc* \ - | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ + | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ | -mingw32* | -linux-gnu* | -linux-android* \ | -linux-newlib* | -linux-uclibc* \ | -uxpv* | -beos* | -mpeix* | -udk* \ @@ -1564,6 +1548,9 @@ case $basic_machine in ;; m68000-sun) os=-sunos3 + # This also exists in the configure program, but was not the + # default. + # os=-sunos4 ;; m68*-cisco) os=-aout diff --git a/usr.sbin/unbound/ldns/dname.c b/usr.sbin/unbound/ldns/dname.c index 55aba5d65a1..0e63ef26895 100644 --- a/usr.sbin/unbound/ldns/dname.c +++ b/usr.sbin/unbound/ldns/dname.c @@ -30,24 +30,6 @@ #include <arpa/inet.h> #endif -/* Returns whether the last label in the name is a root label (a empty label). - * Note that it is not enough to just test the last character to be 0, - * because it may be part of the last label itself. - */ -static bool -ldns_dname_last_label_is_root_label(const ldns_rdf* dname) -{ - size_t src_pos; - size_t len = 0; - - for (src_pos = 0; src_pos < ldns_rdf_size(dname); src_pos += len + 1) { - len = ldns_rdf_data(dname)[src_pos]; - } - assert(src_pos == ldns_rdf_size(dname)); - - return src_pos > 0 && len == 0; -} - ldns_rdf * ldns_dname_cat_clone(const ldns_rdf *rd1, const ldns_rdf *rd2) { @@ -65,7 +47,7 @@ ldns_dname_cat_clone(const ldns_rdf *rd1, const ldns_rdf *rd2) * rd, by reducing the size with 1 */ left_size = ldns_rdf_size(rd1); - if (ldns_dname_last_label_is_root_label(rd1)) { + if (left_size > 0 &&ldns_rdf_data(rd1)[left_size - 1] == 0) { left_size--; } @@ -102,9 +84,12 @@ ldns_dname_cat(ldns_rdf *rd1, ldns_rdf *rd2) * rd, by reducing the size with 1 */ left_size = ldns_rdf_size(rd1); - if (ldns_dname_last_label_is_root_label(rd1)) { + if (left_size > 0 &&ldns_rdf_data(rd1)[left_size - 1] == 0) { left_size--; } + if(left_size == 0) { + return LDNS_STATUS_OK; + } size = left_size + ldns_rdf_size(rd2); newd = LDNS_XREALLOC(ldns_rdf_data(rd1), uint8_t, size); @@ -120,39 +105,36 @@ ldns_dname_cat(ldns_rdf *rd1, ldns_rdf *rd2) return LDNS_STATUS_OK; } -ldns_rdf* -ldns_dname_reverse(const ldns_rdf *dname) +ldns_rdf * +ldns_dname_reverse(const ldns_rdf *d) { - size_t rd_size; - uint8_t* buf; - ldns_rdf* new; - size_t src_pos; - size_t len ; - - assert(ldns_rdf_get_type(dname) == LDNS_RDF_TYPE_DNAME); - - rd_size = ldns_rdf_size(dname); - buf = LDNS_XMALLOC(uint8_t, rd_size); - if (! buf) { - return NULL; - } - new = ldns_rdf_new(LDNS_RDF_TYPE_DNAME, rd_size, buf); - if (! new) { - LDNS_FREE(buf); - return NULL; - } - - /* If dname ends in a root label, the reverse should too. - */ - if (ldns_dname_last_label_is_root_label(dname)) { - buf[rd_size - 1] = 0; - rd_size -= 1; - } - for (src_pos = 0; src_pos < rd_size; src_pos += len + 1) { - len = ldns_rdf_data(dname)[src_pos]; - memcpy(&buf[rd_size - src_pos - len - 1], - &ldns_rdf_data(dname)[src_pos], len + 1); + ldns_rdf *new; + ldns_rdf *tmp; + ldns_rdf *d_tmp; + ldns_status status; + + d_tmp = ldns_rdf_clone(d); + + new = ldns_dname_new_frm_str("."); + if(!new) + return NULL; + + while(ldns_dname_label_count(d_tmp) > 0) { + tmp = ldns_dname_label(d_tmp, 0); + status = ldns_dname_cat(tmp, new); + if(status != LDNS_STATUS_OK) { + ldns_rdf_deep_free(new); + ldns_rdf_deep_free(d_tmp); + return NULL; + } + ldns_rdf_deep_free(new); + new = tmp; + tmp = ldns_dname_left_chop(d_tmp); + ldns_rdf_deep_free(d_tmp); + d_tmp = tmp; } + ldns_rdf_deep_free(d_tmp); + return new; } @@ -540,18 +522,6 @@ ldns_dname_str_absolute(const char *dname_str) return 0; } -bool -ldns_dname_absolute(const ldns_rdf *rdf) -{ - char *str = ldns_rdf2str(rdf); - if (str) { - bool r = ldns_dname_str_absolute(str); - LDNS_FREE(str); - return r; - } - return false; -} - ldns_rdf * ldns_dname_label(const ldns_rdf *rdf, uint8_t labelpos) { @@ -560,7 +530,6 @@ ldns_dname_label(const ldns_rdf *rdf, uint8_t labelpos) uint16_t len; ldns_rdf *tmpnew; size_t s; - uint8_t *data; if (ldns_rdf_get_type(rdf) != LDNS_RDF_TYPE_DNAME) { return NULL; @@ -574,19 +543,19 @@ ldns_dname_label(const ldns_rdf *rdf, uint8_t labelpos) while ((len > 0) && src_pos < s) { if (labelcnt == labelpos) { /* found our label */ - data = LDNS_XMALLOC(uint8_t, len + 2); - if (!data) { + tmpnew = LDNS_MALLOC(ldns_rdf); + if (!tmpnew) { return NULL; } - memcpy(data, ldns_rdf_data(rdf) + src_pos, len + 1); - data[len + 2 - 1] = 0; - - tmpnew = ldns_rdf_new( LDNS_RDF_TYPE_DNAME - , len + 2, data); - if (!tmpnew) { - LDNS_FREE(data); + tmpnew->_type = LDNS_RDF_TYPE_DNAME; + tmpnew->_data = LDNS_XMALLOC(uint8_t, len + 2); + if (!tmpnew->_data) { + LDNS_FREE(tmpnew); return NULL; } + memset(tmpnew->_data, 0, len + 2); + memcpy(tmpnew->_data, ldns_rdf_data(rdf) + src_pos, len + 1); + tmpnew->_size = len + 2; return tmpnew; } src_pos++; diff --git a/usr.sbin/unbound/ldns/dnssec.c b/usr.sbin/unbound/ldns/dnssec.c index a41a9f633c4..c41943709bb 100644 --- a/usr.sbin/unbound/ldns/dnssec.c +++ b/usr.sbin/unbound/ldns/dnssec.c @@ -116,6 +116,7 @@ ldns_dnssec_nsec3_closest_encloser(ldns_rdf *qname, size_t nsec_i; ldns_rr *nsec; ldns_rdf *result = NULL; + qtype = qtype; if (!qname || !nsec3s || ldns_rr_list_rr_count(nsec3s) < 1) { return NULL; @@ -532,18 +533,17 @@ ldns_key_rr2ds(const ldns_rr *key, ldns_hash h) ldns_rr_free(ds); return NULL; #endif - case LDNS_SHA384: #ifdef USE_ECDSA + /* Make similar ``not implemented'' construct as above when + draft-hoffman-dnssec-ecdsa-04 becomes a standard + */ + case LDNS_SHA384: digest = LDNS_XMALLOC(uint8_t, SHA384_DIGEST_LENGTH); if (!digest) { ldns_rr_free(ds); return NULL; } break; -#else - /* not implemented */ - ldns_rr_free(ds); - return NULL; #endif } @@ -636,8 +636,8 @@ ldns_key_rr2ds(const ldns_rr *key, ldns_hash h) ldns_rr_push_rdf(ds, tmp); #endif break; - case LDNS_SHA384: #ifdef USE_ECDSA + case LDNS_SHA384: (void) SHA384((unsigned char *) ldns_buffer_begin(data_buf), (unsigned int) ldns_buffer_position(data_buf), (unsigned char *) digest); @@ -645,8 +645,8 @@ ldns_key_rr2ds(const ldns_rr *key, ldns_hash h) SHA384_DIGEST_LENGTH, digest); ldns_rr_push_rdf(ds, tmp); -#endif break; +#endif } LDNS_FREE(digest); @@ -654,113 +654,104 @@ ldns_key_rr2ds(const ldns_rr *key, ldns_hash h) return ds; } -/* From RFC3845: - * - * 2.1.2. The List of Type Bit Map(s) Field - * - * The RR type space is split into 256 window blocks, each representing - * the low-order 8 bits of the 16-bit RR type space. Each block that - * has at least one active RR type is encoded using a single octet - * window number (from 0 to 255), a single octet bitmap length (from 1 - * to 32) indicating the number of octets used for the window block's - * bitmap, and up to 32 octets (256 bits) of bitmap. - * - * Window blocks are present in the NSEC RR RDATA in increasing - * numerical order. - * - * "|" denotes concatenation - * - * Type Bit Map(s) Field = ( Window Block # | Bitmap Length | Bitmap ) + - * - * <cut> - * - * Blocks with no types present MUST NOT be included. Trailing zero - * octets in the bitmap MUST be omitted. The length of each block's - * bitmap is determined by the type code with the largest numerical - * value within that block, among the set of RR types present at the - * NSEC RR's owner name. Trailing zero octets not specified MUST be - * interpreted as zero octets. - */ ldns_rdf * ldns_dnssec_create_nsec_bitmap(ldns_rr_type rr_type_list[], size_t size, ldns_rr_type nsec_type) { - uint8_t window; /* most significant octet of type */ - uint8_t subtype; /* least significant octet of type */ - uint16_t windows[256] /* Max subtype per window */ -#ifndef S_SPLINT_S - = { 0 } /* Initialize ALL elements with 0 */ -#endif - ; - ldns_rr_type* d; /* used to traverse rr_type_list*/ - size_t i; /* used to traverse windows array */ + size_t i; + uint8_t *bitmap; + uint16_t bm_len = 0; + uint16_t i_type; + ldns_rdf *bitmap_rdf; - size_t sz; /* size needed for type bitmap rdf */ - uint8_t* data = NULL; /* rdf data */ - uint8_t* dptr; /* used to itraverse rdf data */ - ldns_rdf* rdf; /* bitmap rdf to return */ + uint8_t *data = NULL; + uint8_t cur_data[32]; + uint8_t cur_window = 0; + uint8_t cur_window_max = 0; + uint16_t cur_data_size = 0; if (nsec_type != LDNS_RR_TYPE_NSEC && nsec_type != LDNS_RR_TYPE_NSEC3) { return NULL; } - /* Which other windows need to be in the bitmap rdf? - */ - for (d = rr_type_list; d < rr_type_list + size; d++) { - window = *d >> 8; - subtype = *d & 0xff; - if (windows[window] < subtype) { - windows[window] = subtype; + i_type = 0; + for (i = 0; i < size; i++) { + if (i_type < rr_type_list[i]) + i_type = rr_type_list[i]; + } + if (i_type < nsec_type) { + i_type = nsec_type; + } + + bm_len = i_type / 8 + 2; + bitmap = LDNS_XMALLOC(uint8_t, bm_len); + if(!bitmap) return NULL; + for (i = 0; i < bm_len; i++) { + bitmap[i] = 0; + } + + for (i = 0; i < size; i++) { + i_type = rr_type_list[i]; + ldns_set_bit(bitmap + (int) i_type / 8, + (int) (7 - (i_type % 8)), + true); + } + + /* fold it into windows TODO: can this be done directly? */ + memset(cur_data, 0, 32); + for (i = 0; i < bm_len; i++) { + if (i / 32 > cur_window) { + /* check, copy, new */ + if (cur_window_max > 0) { + /* this window has stuff, add it */ + data = LDNS_XREALLOC(data, + uint8_t, + cur_data_size + cur_window_max + 3); + if(!data) { + LDNS_FREE(bitmap); + return NULL; + } + data[cur_data_size] = cur_window; + data[cur_data_size + 1] = cur_window_max + 1; + memcpy(data + cur_data_size + 2, + cur_data, + cur_window_max+1); + cur_data_size += cur_window_max + 3; + } + cur_window++; + cur_window_max = 0; + memset(cur_data, 0, 32); } - } - - /* How much space do we need in the rdf for those windows? - */ - sz = 0; - for (i = 0; i < 256; i++) { - if (windows[i]) { - sz += windows[i] / 8 + 3; + cur_data[i%32] = bitmap[i]; + if (bitmap[i] > 0) { + cur_window_max = i%32; } } - if (sz > 0) { - /* Format rdf data according RFC3845 Section 2.1.2 (see above) - */ - dptr = data = LDNS_CALLOC(uint8_t, sz); - if (!data) { - return NULL; - } - for (i = 0; i < 256; i++) { - if (windows[i]) { - *dptr++ = (uint8_t)i; - *dptr++ = (uint8_t)(windows[i] / 8 + 1); - - /* Now let windows[i] index the bitmap - * within data - */ - windows[i] = (uint16_t)(dptr - data); - - dptr += dptr[-1]; - } - } + if (cur_window_max > 0 || cur_data[0] != 0) { + /* this window has stuff, add it */ + data = LDNS_XREALLOC(data, + uint8_t, + cur_data_size + cur_window_max + 3); + if(!data) { + LDNS_FREE(bitmap); + return NULL; + } + data[cur_data_size] = cur_window; + data[cur_data_size + 1] = cur_window_max + 1; + memcpy(data + cur_data_size + 2, cur_data, cur_window_max+1); + cur_data_size += cur_window_max + 3; } - /* Set the bits? - */ - for (d = rr_type_list; d < rr_type_list + size; d++) { - subtype = *d & 0xff; - data[windows[*d >> 8] + subtype/8] |= (0x80 >> (subtype % 8)); - } + bitmap_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_NSEC, + cur_data_size, + data); - /* Allocate and return rdf structure for the data - */ - rdf = ldns_rdf_new(LDNS_RDF_TYPE_BITMAP, sz, data); - if (!rdf) { - LDNS_FREE(data); - return NULL; - } - return rdf; + LDNS_FREE(bitmap); + LDNS_FREE(data); + + return bitmap_rdf; } int @@ -848,6 +839,8 @@ ldns_dnssec_create_nsec3(ldns_dnssec_name *from, ldns_status status; int on_delegation_point; + flags = flags; + if (!from) { return NULL; } @@ -997,9 +990,7 @@ ldns_nsec3_hash_name(ldns_rdf *name, /* prepare the owner name according to the draft section bla */ cann = ldns_rdf_clone(name); if(!cann) { -#ifdef STDERR_MSGS fprintf(stderr, "Memory error\n"); -#endif return NULL; } ldns_dname2canonical(cann); @@ -1044,13 +1035,11 @@ ldns_nsec3_hash_name(ldns_rdf *name, hashed_owner_b32, ldns_b32_ntop_calculate_size(hashed_owner_str_len)+1); if (hashed_owner_b32_len < 1) { -#ifdef STDERR_MSGS fprintf(stderr, "Error in base32 extended hex encoding "); fprintf(stderr, "of hashed owner name (name: "); ldns_rdf_print(stderr, name); fprintf(stderr, ", return code: %u)\n", (unsigned int) hashed_owner_b32_len); -#endif LDNS_FREE(hashed_owner_b32); return NULL; } @@ -1058,9 +1047,7 @@ ldns_nsec3_hash_name(ldns_rdf *name, status = ldns_str2rdf_dname(&hashed_owner, hashed_owner_b32); if (status != LDNS_STATUS_OK) { -#ifdef STDERR_MSGS fprintf(stderr, "Error creating rdf from %s\n", hashed_owner_b32); -#endif LDNS_FREE(hashed_owner_b32); return NULL; } @@ -1169,15 +1156,12 @@ ldns_create_nsec3(ldns_rdf *cur_owner, salt_length, salt); status = ldns_dname_cat(hashed_owner, cur_zone); - if(status != LDNS_STATUS_OK) { - ldns_rdf_deep_free(hashed_owner); + if(status != LDNS_STATUS_OK) return NULL; - } + nsec = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3); - if(!nsec) { - ldns_rdf_deep_free(hashed_owner); + if(!nsec) return NULL; - } ldns_rr_set_type(nsec, LDNS_RR_TYPE_NSEC3); ldns_rr_set_owner(nsec, hashed_owner); @@ -1354,120 +1338,38 @@ ldns_nsec3_hash_name_frm_nsec3(const ldns_rr *nsec, ldns_rdf *name) } bool -ldns_nsec_bitmap_covers_type(const ldns_rdf* bitmap, ldns_rr_type type) -{ - uint8_t* dptr; - uint8_t* dend; - - /* From RFC3845 Section 2.1.2: - * - * "The RR type space is split into 256 window blocks, each re- - * presenting the low-order 8 bits of the 16-bit RR type space." - */ - uint8_t window = type >> 8; - uint8_t subtype = type & 0xff; - - if (! bitmap) { - return false; - } - assert(ldns_rdf_get_type(bitmap) == LDNS_RDF_TYPE_BITMAP); - - dptr = ldns_rdf_data(bitmap); - dend = ldns_rdf_data(bitmap) + ldns_rdf_size(bitmap); - - /* Type Bitmap = ( Window Block # | Bitmap Length | Bitmap ) + - * dptr[0] dptr[1] dptr[2:] - */ - while (dptr < dend && dptr[0] <= window) { - - if (dptr[0] == window && subtype / 8 < dptr[1] && - dptr + dptr[1] + 2 <= dend) { - - return dptr[2 + subtype / 8] & (0x80 >> (subtype % 8)); - } - dptr += dptr[1] + 2; /* next window */ - } - return false; -} - -ldns_status -ldns_nsec_bitmap_set_type(ldns_rdf* bitmap, ldns_rr_type type) +ldns_nsec_bitmap_covers_type(const ldns_rdf *nsec_bitmap, ldns_rr_type type) { - uint8_t* dptr; - uint8_t* dend; - - /* From RFC3845 Section 2.1.2: - * - * "The RR type space is split into 256 window blocks, each re- - * presenting the low-order 8 bits of the 16-bit RR type space." - */ - uint8_t window = type >> 8; - uint8_t subtype = type & 0xff; - - if (! bitmap) { + uint8_t window_block_nr; + uint8_t bitmap_length; + uint16_t cur_type; + uint16_t pos = 0; + uint16_t bit_pos; + uint8_t *data; + + if (nsec_bitmap == NULL) { return false; } - assert(ldns_rdf_get_type(bitmap) == LDNS_RDF_TYPE_BITMAP); - - dptr = ldns_rdf_data(bitmap); - dend = ldns_rdf_data(bitmap) + ldns_rdf_size(bitmap); - - /* Type Bitmap = ( Window Block # | Bitmap Length | Bitmap ) + - * dptr[0] dptr[1] dptr[2:] - */ - while (dptr < dend && dptr[0] <= window) { - - if (dptr[0] == window && subtype / 8 < dptr[1] && - dptr + dptr[1] + 2 <= dend) { - - dptr[2 + subtype / 8] |= (0x80 >> (subtype % 8)); - return LDNS_STATUS_OK; + data = ldns_rdf_data(nsec_bitmap); + while(pos < ldns_rdf_size(nsec_bitmap)) { + window_block_nr = data[pos]; + bitmap_length = data[pos + 1]; + pos += 2; + + for (bit_pos = 0; bit_pos < (bitmap_length) * 8; bit_pos++) { + if (ldns_get_bit(&data[pos], bit_pos)) { + cur_type = 256 * (uint16_t) window_block_nr + bit_pos; + if (cur_type == type) { + return true; + } + } } - dptr += dptr[1] + 2; /* next window */ - } - return LDNS_STATUS_TYPE_NOT_IN_BITMAP; -} - -ldns_status -ldns_nsec_bitmap_clear_type(ldns_rdf* bitmap, ldns_rr_type type) -{ - uint8_t* dptr; - uint8_t* dend; - - /* From RFC3845 Section 2.1.2: - * - * "The RR type space is split into 256 window blocks, each re- - * presenting the low-order 8 bits of the 16-bit RR type space." - */ - uint8_t window = type >> 8; - uint8_t subtype = type & 0xff; - if (! bitmap) { - return false; + pos += (uint16_t) bitmap_length; } - - assert(ldns_rdf_get_type(bitmap) == LDNS_RDF_TYPE_BITMAP); - - dptr = ldns_rdf_data(bitmap); - dend = ldns_rdf_data(bitmap) + ldns_rdf_size(bitmap); - - /* Type Bitmap = ( Window Block # | Bitmap Length | Bitmap ) + - * dptr[0] dptr[1] dptr[2:] - */ - while (dptr < dend && dptr[0] <= window) { - - if (dptr[0] == window && subtype / 8 < dptr[1] && - dptr + dptr[1] + 2 <= dend) { - - dptr[2 + subtype / 8] &= ~(0x80 >> (subtype % 8)); - return LDNS_STATUS_OK; - } - dptr += dptr[1] + 2; /* next window */ - } - return LDNS_STATUS_TYPE_NOT_IN_BITMAP; + return false; } - bool ldns_nsec_covers_name(const ldns_rr *nsec, const ldns_rdf *name) { @@ -1505,11 +1407,9 @@ ldns_nsec_covers_name(const ldns_rr *nsec, const ldns_rdf *name) if(ldns_dname_compare(nsec_owner, nsec_next) > 0) { result = (ldns_dname_compare(nsec_owner, name) <= 0 || ldns_dname_compare(name, nsec_next) < 0); - } else if(ldns_dname_compare(nsec_owner, nsec_next) < 0) { + } else { result = (ldns_dname_compare(nsec_owner, name) <= 0 && ldns_dname_compare(name, nsec_next) < 0); - } else { - result = true; } ldns_rdf_deep_free(nsec_next); @@ -1545,9 +1445,8 @@ ldns_pkt_verify_time(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o, sigs = s; } else { /* otherwise get them from the packet */ - sigs = ldns_pkt_rr_list_by_name_and_type(p, o, - LDNS_RR_TYPE_RRSIG, - LDNS_SECTION_ANY_NOQUESTION); + sigs = ldns_pkt_rr_list_by_name_and_type(p, o, LDNS_RR_TYPE_RRSIG, + LDNS_SECTION_ANY_NOQUESTION); if (!sigs) { /* no sigs */ return LDNS_STATUS_ERR; @@ -1560,26 +1459,24 @@ ldns_pkt_verify_time(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o, */ t_netorder = htons(t); /* rdf are in network order! */ /* a type identifier is a 16-bit number, so the size is 2 bytes */ - rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, 2, &t_netorder); - + rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, + 2, + &t_netorder); sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0); - ldns_rdf_free(rdf_t); - if (! sigs_covered) { - if (! s) { - ldns_rr_list_deep_free(sigs); - } + + rrset = ldns_pkt_rr_list_by_name_and_type(p, + o, + t, + LDNS_SECTION_ANY_NOQUESTION); + + if (!rrset) { return LDNS_STATUS_ERR; } - ldns_rr_list_deep_free(sigs_covered); - rrset = ldns_pkt_rr_list_by_name_and_type(p, o, t, - LDNS_SECTION_ANY_NOQUESTION); - if (!rrset) { - if (! s) { - ldns_rr_list_deep_free(sigs); - } + if (!sigs_covered) { return LDNS_STATUS_ERR; } + return ldns_verify_time(rrset, sigs, k, check_time, good_keys); } @@ -1671,34 +1568,34 @@ ldns_rr_list_sort_nsec3(ldns_rr_list *unsorted) } int -ldns_dnssec_default_add_to_signatures( ATTR_UNUSED(ldns_rr *sig) - , ATTR_UNUSED(void *n) - ) +ldns_dnssec_default_add_to_signatures(ldns_rr *sig, void *n) { + sig = sig; + n = n; return LDNS_SIGNATURE_LEAVE_ADD_NEW; } int -ldns_dnssec_default_leave_signatures( ATTR_UNUSED(ldns_rr *sig) - , ATTR_UNUSED(void *n) - ) +ldns_dnssec_default_leave_signatures(ldns_rr *sig, void *n) { + sig = sig; + n = n; return LDNS_SIGNATURE_LEAVE_NO_ADD; } int -ldns_dnssec_default_delete_signatures( ATTR_UNUSED(ldns_rr *sig) - , ATTR_UNUSED(void *n) - ) +ldns_dnssec_default_delete_signatures(ldns_rr *sig, void *n) { + sig = sig; + n = n; return LDNS_SIGNATURE_REMOVE_NO_ADD; } int -ldns_dnssec_default_replace_signatures( ATTR_UNUSED(ldns_rr *sig) - , ATTR_UNUSED(void *n) - ) +ldns_dnssec_default_replace_signatures(ldns_rr *sig, void *n) { + sig = sig; + n = n; return LDNS_SIGNATURE_REMOVE_ADD_NEW; } diff --git a/usr.sbin/unbound/ldns/dnssec_sign.c b/usr.sbin/unbound/ldns/dnssec_sign.c index 4af882a2845..1d283bcc68b 100644 --- a/usr.sbin/unbound/ldns/dnssec_sign.c +++ b/usr.sbin/unbound/ldns/dnssec_sign.c @@ -260,8 +260,6 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys) ldns_buffer_free(sign_buf); /* ERROR */ ldns_rr_list_deep_free(rrset_clone); - ldns_rr_free(current_sig); - ldns_rr_list_deep_free(signatures); return NULL; } @@ -270,8 +268,6 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys) != LDNS_STATUS_OK) { ldns_buffer_free(sign_buf); ldns_rr_list_deep_free(rrset_clone); - ldns_rr_free(current_sig); - ldns_rr_list_deep_free(signatures); return NULL; } @@ -280,8 +276,6 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys) if (!b64rdf) { /* signing went wrong */ ldns_rr_list_deep_free(rrset_clone); - ldns_rr_free(current_sig); - ldns_rr_list_deep_free(signatures); return NULL; } @@ -487,7 +481,10 @@ ldns_sign_public_rsasha1(ldns_buffer *to_sign, RSA *key) (unsigned char*)ldns_buffer_begin(b64sig), &siglen, key); if (result != 1) { - ldns_buffer_free(b64sig); + return NULL; + } + + if (result != 1) { return NULL; } @@ -566,7 +563,7 @@ ldns_dnssec_addresses_on_glue_list( * when walking the tree with the ldns_dnssec_name_node_next_nonglue() * function. But watch out! Names that are partially occluded (like glue with * the same name as the delegation) will not be marked and should specifically - * be taken into account separately. + * be taken into account seperately. * * When glue_list is given (not NULL), in the process of marking the names, all * glue resource records will be pushed to that list, even glue at delegation names. @@ -659,7 +656,7 @@ ldns_dnssec_zone_mark_and_get_glue(ldns_dnssec_zone *zone, * when walking the tree with the ldns_dnssec_name_node_next_nonglue() * function. But watch out! Names that are partially occluded (like glue with * the same name as the delegation) will not be marked and should specifically - * be taken into account separately. + * be taken into account seperately. * * \param[in] zone the zone in which to mark the names * \return LDNS_STATUS_OK on success, an error code otherwise @@ -771,13 +768,10 @@ ldns_dnssec_zone_create_nsecs(ldns_dnssec_zone *zone, } #ifdef HAVE_SSL -static void -ldns_hashed_names_node_free(ldns_rbnode_t *node, void *arg) { - (void) arg; - LDNS_FREE(node); -} +/* in dnssec_zone.c */ +extern int ldns_dname_compare_v(const void *a, const void *b); -static ldns_status +ldns_status ldns_dnssec_zone_create_nsec3s_mkmap(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, uint8_t algorithm, @@ -816,24 +810,21 @@ ldns_dnssec_zone_create_nsec3s_mkmap(ldns_dnssec_zone *zone, nsec_ttl = LDNS_DEFAULT_TTL; } - if (zone->hashed_names) { - ldns_traverse_postorder(zone->hashed_names, - ldns_hashed_names_node_free, NULL); - LDNS_FREE(zone->hashed_names); - } - zone->hashed_names = ldns_rbtree_create(ldns_dname_compare_v); - if (zone->hashed_names && map) { - *map = zone->hashed_names; + if (map) { + if ((*map = ldns_rbtree_create(ldns_dname_compare_v)) + == NULL) { + map = NULL; + }; } + nsec3_list = ldns_rr_list_new(); first_name_node = ldns_dnssec_name_node_next_nonglue( ldns_rbtree_first(zone->names)); current_name_node = first_name_node; - while (current_name_node && current_name_node != LDNS_RBTREE_NULL && - result == LDNS_STATUS_OK) { - + while (current_name_node && + current_name_node != LDNS_RBTREE_NULL) { current_name = (ldns_dnssec_name *) current_name_node->data; nsec_rr = ldns_dnssec_create_nsec3(current_name, NULL, @@ -851,24 +842,17 @@ ldns_dnssec_zone_create_nsec3s_mkmap(ldns_dnssec_zone *zone, ldns_rr_set_ttl(nsec_rr, nsec_ttl); result = ldns_dnssec_name_add_rr(current_name, nsec_rr); ldns_rr_list_push_rr(new_rrs, nsec_rr); - if (ldns_rr_owner(nsec_rr)) { + ldns_rr_list_push_rr(nsec3_list, nsec_rr); + if (map) { hashmap_node = LDNS_MALLOC(ldns_rbnode_t); - if (hashmap_node == NULL) { - return LDNS_STATUS_MEM_ERR; - } - current_name->hashed_name = - ldns_dname_label(ldns_rr_owner(nsec_rr), 0); - - if (current_name->hashed_name == NULL) { - LDNS_FREE(hashmap_node); - return LDNS_STATUS_MEM_ERR; - } - hashmap_node->key = current_name->hashed_name; - hashmap_node->data = current_name; - - if (! ldns_rbtree_insert(zone->hashed_names - , hashmap_node)) { - LDNS_FREE(hashmap_node); + if (hashmap_node && ldns_rr_owner(nsec_rr)) { + hashmap_node->key = ldns_dname_label( + ldns_rr_owner(nsec_rr), 0); + if (hashmap_node->key) { + hashmap_node->data = current_name->name; + (void) ldns_rbtree_insert( + *map, hashmap_node); + } } } current_name_node = ldns_dnssec_name_node_next_nonglue( @@ -878,25 +862,13 @@ ldns_dnssec_zone_create_nsec3s_mkmap(ldns_dnssec_zone *zone, return result; } - /* Make sorted list of nsec3s (via zone->hashed_names) - */ - nsec3_list = ldns_rr_list_new(); - if (nsec3_list == NULL) { - return LDNS_STATUS_MEM_ERR; - } - for ( hashmap_node = ldns_rbtree_first(zone->hashed_names) - ; hashmap_node != LDNS_RBTREE_NULL - ; hashmap_node = ldns_rbtree_next(hashmap_node) - ) { - current_name = (ldns_dnssec_name *) hashmap_node->data; - nsec_rr = ((ldns_dnssec_name *) hashmap_node->data)->nsec; - if (nsec_rr) { - ldns_rr_list_push_rr(nsec3_list, nsec_rr); - } - } + ldns_rr_list_sort_nsec3(nsec3_list); result = ldns_dnssec_chain_nsec3_list(nsec3_list); - ldns_rr_list_free(nsec3_list); + if (result != LDNS_STATUS_OK) { + return result; + } + ldns_rr_list_free(nsec3_list); return result; } @@ -916,11 +888,10 @@ ldns_dnssec_zone_create_nsec3s(ldns_dnssec_zone *zone, #endif /* HAVE_SSL */ ldns_dnssec_rrs * -ldns_dnssec_remove_signatures( ldns_dnssec_rrs *signatures - , ATTR_UNUSED(ldns_key_list *key_list) - , int (*func)(ldns_rr *, void *) - , void *arg - ) +ldns_dnssec_remove_signatures(ldns_dnssec_rrs *signatures, + ldns_key_list *key_list, + int (*func)(ldns_rr *, void *), + void *arg) { ldns_dnssec_rrs *base_rrs = signatures; ldns_dnssec_rrs *cur_rr = base_rrs; @@ -930,6 +901,8 @@ ldns_dnssec_remove_signatures( ldns_dnssec_rrs *signatures uint16_t keytag; size_t i; + key_list = key_list; + if (!cur_rr) { switch(func(NULL, arg)) { case LDNS_SIGNATURE_LEAVE_ADD_NEW: @@ -940,9 +913,7 @@ ldns_dnssec_remove_signatures( ldns_dnssec_rrs *signatures ldns_key_list_set_use(key_list, false); break; default: -#ifdef STDERR_MSGS fprintf(stderr, "[XX] unknown return value from callback\n"); -#endif break; } return NULL; @@ -994,9 +965,7 @@ ldns_dnssec_remove_signatures( ldns_dnssec_rrs *signatures LDNS_FREE(cur_rr); break; default: -#ifdef STDERR_MSGS fprintf(stderr, "[XX] unknown return value from callback\n"); -#endif break; } cur_rr = next_rr; @@ -1055,13 +1024,12 @@ ldns_key_list_filter_for_non_dnskey(ldns_key_list *key_list) } ldns_status -ldns_dnssec_zone_create_rrsigs_flg( ldns_dnssec_zone *zone - , ldns_rr_list *new_rrs - , ldns_key_list *key_list - , int (*func)(ldns_rr *, void*) - , void *arg - , int flags - ) +ldns_dnssec_zone_create_rrsigs_flg(ldns_dnssec_zone *zone, + ldns_rr_list *new_rrs, + ldns_key_list *key_list, + int (*func)(ldns_rr *, void*), + void *arg, + int flags) { ldns_status result = LDNS_STATUS_OK; @@ -1079,11 +1047,12 @@ ldns_dnssec_zone_create_rrsigs_flg( ldns_dnssec_zone *zone int on_delegation_point = 0; /* handle partially occluded names */ ldns_rr_list *pubkey_list = ldns_rr_list_new(); + zone = zone; + new_rrs = new_rrs; + key_list = key_list; for (i = 0; i<ldns_key_list_key_count(key_list); i++) { - ldns_rr_list_push_rr( pubkey_list - , ldns_key2rr(ldns_key_list_key( - key_list, i)) - ); + ldns_rr_list_push_rr(pubkey_list, + ldns_key2rr(ldns_key_list_key(key_list, i))); } /* TODO: callback to see is list should be signed */ /* TODO: remove 'old' signatures from signature list */ @@ -1144,11 +1113,9 @@ ldns_dnssec_zone_create_rrsigs_flg( ldns_dnssec_zone *zone cur_rrset->signatures = ldns_dnssec_rrs_new(); cur_rrset->signatures->rr = ldns_rr_list_rr(siglist, i); - } - if (new_rrs) { ldns_rr_list_push_rr(new_rrs, - ldns_rr_list_rr(siglist, - i)); + ldns_rr_list_rr(siglist, + i)); } } ldns_rr_list_free(siglist); @@ -1180,10 +1147,8 @@ ldns_dnssec_zone_create_rrsigs_flg( ldns_dnssec_zone *zone cur_name->nsec_signatures = ldns_dnssec_rrs_new(); cur_name->nsec_signatures->rr = ldns_rr_list_rr(siglist, i); - } - if (new_rrs) { ldns_rr_list_push_rr(new_rrs, - ldns_rr_list_rr(siglist, i)); + ldns_rr_list_rr(siglist, i)); } } @@ -1314,9 +1279,8 @@ ldns_dnssec_zone_sign_nsec3_flg_mkmap(ldns_dnssec_zone *zone, salt_length, salt); /* always set bit 7 of the flags to zero, according to - * rfc5155 section 11. The bits are counted from right to left, - * so bit 7 in rfc5155 is bit 0 in ldns */ - ldns_set_bit(ldns_rdf_data(ldns_rr_rdf(nsec3param, 1)), 0, 0); + * rfc5155 section 11 */ + ldns_set_bit(ldns_rdf_data(ldns_rr_rdf(nsec3param, 1)), 7, 0); result = ldns_dnssec_zone_add_rr(zone, nsec3param); if (result != LDNS_STATUS_OK) { return result; diff --git a/usr.sbin/unbound/ldns/dnssec_verify.c b/usr.sbin/unbound/ldns/dnssec_verify.c index 1af6635b9d2..18af5d2f052 100644 --- a/usr.sbin/unbound/ldns/dnssec_verify.c +++ b/usr.sbin/unbound/ldns/dnssec_verify.c @@ -16,7 +16,7 @@ #include <openssl/md5.h> ldns_dnssec_data_chain * -ldns_dnssec_data_chain_new(void) +ldns_dnssec_data_chain_new() { ldns_dnssec_data_chain *nc = LDNS_CALLOC(ldns_dnssec_data_chain, 1); if(!nc) return NULL; @@ -216,7 +216,7 @@ ldns_dnssec_build_data_chain_other(ldns_resolver *res, } } -static ldns_dnssec_data_chain * +ldns_dnssec_data_chain * ldns_dnssec_build_data_chain_nokeyname(ldns_resolver *res, uint16_t qflags, ldns_rr *orig_rr, @@ -285,11 +285,9 @@ ldns_dnssec_build_data_chain(ldns_resolver *res, ldns_rr_class c = 0; bool other_rrset = false; - + ldns_dnssec_data_chain *new_chain = ldns_dnssec_data_chain_new(); - assert(pkt != NULL); - if (!ldns_dnssec_pkt_has_rrsigs(pkt)) { /* hmm. no dnssec data in the packet. go up to try and deny * DS? */ @@ -404,16 +402,15 @@ ldns_dnssec_build_data_chain(ldns_resolver *res, if (signatures && ldns_rr_list_rr_count(signatures) > 0) { key_name = ldns_rr_rdf(ldns_rr_list_rr(signatures, 0), 7); } + if (!key_name) { - if (signatures) { - ldns_rr_list_deep_free(signatures); - } return ldns_dnssec_build_data_chain_nokeyname(res, qflags, orig_rr, rrset, new_chain); } + if (type != LDNS_RR_TYPE_DNSKEY) { ldns_dnssec_build_data_chain_dnskey(res, qflags, @@ -422,7 +419,7 @@ ldns_dnssec_build_data_chain(ldns_resolver *res, new_chain, key_name, c - ); + ); } else { ldns_dnssec_build_data_chain_other(res, qflags, @@ -430,16 +427,18 @@ ldns_dnssec_build_data_chain(ldns_resolver *res, key_name, c, dss - ); + + ); } if (signatures) { ldns_rr_list_deep_free(signatures); } + return new_chain; } ldns_dnssec_trust_tree * -ldns_dnssec_trust_tree_new(void) +ldns_dnssec_trust_tree_new() { ldns_dnssec_trust_tree *new_tree = LDNS_XMALLOC(ldns_dnssec_trust_tree, 1); @@ -495,7 +494,7 @@ print_tabs(FILE *out, size_t nr, uint8_t *map, size_t treedepth) } } -static void +void ldns_dnssec_trust_tree_print_sm_fmt(FILE *out, const ldns_output_format *fmt, ldns_dnssec_trust_tree *tree, @@ -510,7 +509,7 @@ ldns_dnssec_trust_tree_print_sm_fmt(FILE *out, if (!sibmap) { treedepth = ldns_dnssec_trust_tree_depth(tree); - sibmap = LDNS_XMALLOC(uint8_t, treedepth); + sibmap = malloc(treedepth); if(!sibmap) return; /* mem err */ memset(sibmap, 0, treedepth); @@ -624,11 +623,23 @@ ldns_dnssec_trust_tree_print_sm_fmt(FILE *out, } if (mapset) { - LDNS_FREE(sibmap); + free(sibmap); } } void +ldns_dnssec_trust_tree_print_sm(FILE *out, + ldns_dnssec_trust_tree *tree, + size_t tabs, + bool extended, + uint8_t *sibmap, + size_t treedepth) +{ + ldns_dnssec_trust_tree_print_sm_fmt(out, ldns_output_format_default, + tree, tabs, extended, sibmap, treedepth); +} + +void ldns_dnssec_trust_tree_print_fmt(FILE *out, const ldns_output_format *fmt, ldns_dnssec_trust_tree *tree, size_t tabs, @@ -815,7 +826,10 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time( /* might contain different names! sort and split */ ldns_rr_list_sort(cur_rrset); - assert(tmp_rrset == cur_rrset); + if (tmp_rrset && tmp_rrset != cur_rrset) { + ldns_rr_list_deep_free(tmp_rrset); + tmp_rrset = NULL; + } tmp_rrset = ldns_rr_list_pop_rrset(cur_rrset); /* with nsecs, this might be the wrong one */ @@ -835,12 +849,6 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time( cur_sig_rr, cur_parent_rr, check_time); - if (tmp_rrset && tmp_rrset != cur_rrset - ) { - ldns_rr_list_deep_free( - tmp_rrset); - tmp_rrset = NULL; - } /* avoid dupes */ for (i = 0; i < new_tree->parent_count; i++) { if (cur_parent_rr == new_tree->parents[i]->rr) { @@ -862,6 +870,9 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time( } } done: + if (tmp_rrset && tmp_rrset != cur_rrset) { + ldns_rr_list_deep_free(tmp_rrset); + } ldns_rr_list_deep_free(cur_rrset); } @@ -1066,8 +1077,7 @@ ldns_dnssec_trust_tree_contains_keys(ldns_dnssec_trust_tree *tree, if (tree->parent_status[i] != LDNS_STATUS_OK) { result = tree->parent_status[i]; } else { - if (tree->rr && - ldns_rr_get_type(tree->rr) + if (ldns_rr_get_type(tree->rr) == LDNS_RR_TYPE_NSEC && parent_result == LDNS_STATUS_OK ) { @@ -1200,8 +1210,8 @@ ldns_fetch_valid_domain_keys_time(const ldns_resolver *res, *status = LDNS_STATUS_CRYPTO_NO_TRUSTED_DNSKEY; parent_domain = ldns_dname_left_chop(domain); - while (parent_domain && /* Fail if we are at the root*/ - ldns_rdf_size(parent_domain) > 0) { + while (ldns_rdf_size(parent_domain) > 0) { + /* Fail if we are at the root */ if ((parent_keys = ldns_fetch_valid_domain_keys_time(res, @@ -1237,9 +1247,7 @@ ldns_fetch_valid_domain_keys_time(const ldns_resolver *res, ldns_rdf_deep_free(prev_parent_domain); } } - if (parent_domain) { - ldns_rdf_deep_free(parent_domain); - } + ldns_rdf_deep_free(parent_domain); } } return trusted_keys; @@ -1511,11 +1519,12 @@ ldns_dnssec_verify_denial(ldns_rr *rr, rr_name = ldns_rr_owner(rr); chopped_dname = ldns_dname_left_chop(rr_name); result = ldns_dname_cat(wildcard_name, chopped_dname); - ldns_rdf_deep_free(chopped_dname); if (result != LDNS_STATUS_OK) { return result; } + ldns_rdf_deep_free(chopped_dname); + for (i = 0; i < ldns_rr_list_rr_count(nsecs); i++) { cur_nsec = ldns_rr_list_rr(nsecs, i); if (ldns_dname_compare(rr_name, ldns_rr_owner(cur_nsec)) == 0) { @@ -1567,15 +1576,15 @@ ldns_dnssec_verify_denial(ldns_rr *rr, return LDNS_STATUS_OK; } +#ifdef HAVE_SSL ldns_status -ldns_dnssec_verify_denial_nsec3_match( ldns_rr *rr - , ldns_rr_list *nsecs - , ATTR_UNUSED(ldns_rr_list *rrsigs) - , ldns_pkt_rcode packet_rcode - , ldns_rr_type packet_qtype - , bool packet_nodata - , ldns_rr **match - ) +ldns_dnssec_verify_denial_nsec3_match(ldns_rr *rr, + ldns_rr_list *nsecs, + ldns_rr_list *rrsigs, + ldns_pkt_rcode packet_rcode, + ldns_rr_type packet_qtype, + bool packet_nodata, + ldns_rr **match) { ldns_rdf *closest_encloser; ldns_rdf *wildcard; @@ -1583,12 +1592,11 @@ ldns_dnssec_verify_denial_nsec3_match( ldns_rr *rr bool wildcard_covered = false; ldns_rdf *zone_name; ldns_rdf *hashed_name; - /* self assignment to suppress uninitialized warning */ - ldns_rdf *next_closer = next_closer; - ldns_rdf *hashed_next_closer; size_t i; ldns_status result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED; + rrsigs = rrsigs; + if (match) { *match = NULL; } @@ -1602,7 +1610,7 @@ ldns_dnssec_verify_denial_nsec3_match( ldns_rr *rr ldns_rr_get_type(rr), nsecs); if(!closest_encloser) { - result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED; + result = LDNS_STATUS_NSEC3_ERR; goto done; } @@ -1626,14 +1634,16 @@ ldns_dnssec_verify_denial_nsec3_match( ldns_rr *rr ldns_rdf_deep_free(hashed_wildcard_name); } - if (! wildcard_covered) { - result = LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED; - } else { - result = LDNS_STATUS_OK; - } ldns_rdf_deep_free(closest_encloser); ldns_rdf_deep_free(wildcard); + if (!wildcard_covered) { + result = LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED; + } else if (closest_encloser && wildcard_covered) { + result = LDNS_STATUS_OK; + } else { + result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED; + } } else if (packet_nodata && packet_qtype != LDNS_RR_TYPE_DS) { /* section 8.5 */ hashed_name = ldns_nsec3_hash_name_frm_nsec3( @@ -1731,61 +1741,6 @@ ldns_dnssec_verify_denial_nsec3_match( ldns_rr *rr /* XXX see note above */ result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED; - - closest_encloser = ldns_dnssec_nsec3_closest_encloser( - ldns_rr_owner(rr), - ldns_rr_get_type(rr), - nsecs); - if(!closest_encloser) { - result = LDNS_STATUS_NSEC3_ERR; - goto done; - } - /* Now check if we have a Opt-Out NSEC3 that covers the "next closer"*/ - - if (ldns_dname_label_count(closest_encloser) + 1 - >= ldns_dname_label_count(ldns_rr_owner(rr))) { - - /* Query name *is* the "next closer". */ - hashed_next_closer = hashed_name; - } else { - - /* "next closer" has less labels than the query name. - * Create the name and hash it. - */ - next_closer = ldns_dname_clone_from( - ldns_rr_owner(rr), - ldns_dname_label_count(ldns_rr_owner(rr)) - - (ldns_dname_label_count(closest_encloser) + 1) - ); - hashed_next_closer = ldns_nsec3_hash_name_frm_nsec3( - ldns_rr_list_rr(nsecs, 0), - next_closer - ); - (void) ldns_dname_cat(hashed_next_closer, zone_name); - } - /* Find the NSEC3 that covers the "next closer" */ - for (i = 0; i < ldns_rr_list_rr_count(nsecs); i++) { - if (ldns_nsec_covers_name(ldns_rr_list_rr(nsecs, i), - hashed_next_closer) && - ldns_nsec3_optout(ldns_rr_list_rr(nsecs, i))) { - - result = LDNS_STATUS_OK; - if (match) { - *match = ldns_rr_list_rr(nsecs, i); - } - break; - } - } - if (ldns_dname_label_count(closest_encloser) + 1 - < ldns_dname_label_count(ldns_rr_owner(rr))) { - - /* "next closer" has less labels than the query name. - * Dispose of the temporary variables that held that name. - */ - ldns_rdf_deep_free(hashed_next_closer); - ldns_rdf_deep_free(next_closer); - } - ldns_rdf_deep_free(closest_encloser); } done: @@ -1807,6 +1762,9 @@ ldns_dnssec_verify_denial_nsec3(ldns_rr *rr, ); } + +#endif /* HAVE_SSL */ + #ifdef USE_GOST EVP_PKEY* ldns_gost2pkey_raw(unsigned char* key, size_t keylen) @@ -2150,11 +2108,11 @@ ldns_rrsig_check_timestamps(ldns_rr* rrsig, time_t now) /* bad sig, expiration before inception?? Tsssg */ return LDNS_STATUS_CRYPTO_EXPIRATION_BEFORE_INCEPTION; } - if (((int32_t) now) - inception < 0) { + if (now - inception < 0) { /* bad sig, inception date has not yet come to pass */ return LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED; } - if (expiration - ((int32_t) now) < 0) { + if (expiration - now < 0) { /* bad sig, expiration date has passed */ return LDNS_STATUS_CRYPTO_SIG_EXPIRED; } diff --git a/usr.sbin/unbound/ldns/dnssec_zone.c b/usr.sbin/unbound/ldns/dnssec_zone.c index 60d62eae09f..89bdf8dd0cc 100644 --- a/usr.sbin/unbound/ldns/dnssec_zone.c +++ b/usr.sbin/unbound/ldns/dnssec_zone.c @@ -7,7 +7,7 @@ #include <ldns/ldns.h> ldns_dnssec_rrs * -ldns_dnssec_rrs_new(void) +ldns_dnssec_rrs_new() { ldns_dnssec_rrs *new_rrs; new_rrs = LDNS_MALLOC(ldns_dnssec_rrs); @@ -54,8 +54,10 @@ ldns_dnssec_rrs_add_rr(ldns_dnssec_rrs *rrs, ldns_rr *rr) /* this could be done more efficiently; name and type should already be equal */ - cmp = ldns_rr_compare(rrs->rr, rr); - if (cmp < 0) { + cmp = ldns_rr_compare(rrs->rr, + rr); + /* should we error on equal? */ + if (cmp <= 0) { if (rrs->next) { return ldns_dnssec_rrs_add_rr(rrs->next, rr); } else { @@ -72,7 +74,6 @@ ldns_dnssec_rrs_add_rr(ldns_dnssec_rrs *rrs, ldns_rr *rr) rrs->rr = rr; rrs->next = new_rrs; } - /* Silently ignore equal rr's */ return LDNS_STATUS_OK; } @@ -101,7 +102,7 @@ ldns_dnssec_rrs_print(FILE *out, ldns_dnssec_rrs *rrs) ldns_dnssec_rrsets * -ldns_dnssec_rrsets_new(void) +ldns_dnssec_rrsets_new() { ldns_dnssec_rrsets *new_rrsets; new_rrsets = LDNS_MALLOC(ldns_dnssec_rrsets); @@ -163,7 +164,7 @@ ldns_dnssec_rrsets_set_type(ldns_dnssec_rrsets *rrsets, return LDNS_STATUS_ERR; } -static ldns_dnssec_rrsets * +ldns_dnssec_rrsets * ldns_dnssec_rrsets_new_frm_rr(ldns_rr *rr) { ldns_dnssec_rrsets *new_rrsets; @@ -269,7 +270,7 @@ ldns_dnssec_rrsets_add_rr(ldns_dnssec_rrsets *rrsets, ldns_rr *rr) return result; } -static void +void ldns_dnssec_rrsets_print_soa_fmt(FILE *out, const ldns_output_format *fmt, ldns_dnssec_rrsets *rrsets, bool follow, @@ -297,6 +298,16 @@ ldns_dnssec_rrsets_print_soa_fmt(FILE *out, const ldns_output_format *fmt, } } +void +ldns_dnssec_rrsets_print_soa(FILE *out, + ldns_dnssec_rrsets *rrsets, + bool follow, + bool show_soa) +{ + ldns_dnssec_rrsets_print_soa_fmt(out, ldns_output_format_default, + rrsets, follow, show_soa); +} + void ldns_dnssec_rrsets_print_fmt(FILE *out, const ldns_output_format *fmt, @@ -314,7 +325,7 @@ ldns_dnssec_rrsets_print(FILE *out, ldns_dnssec_rrsets *rrsets, bool follow) } ldns_dnssec_name * -ldns_dnssec_name_new(void) +ldns_dnssec_name_new() { ldns_dnssec_name *new_name; @@ -417,6 +428,14 @@ ldns_dnssec_name_set_name(ldns_dnssec_name *rrset, } } +ldns_rr * +ldns_dnssec_name_nsec(ldns_dnssec_name *rrset) +{ + if (rrset) { + return rrset->nsec; + } + return NULL; +} void ldns_dnssec_name_set_nsec(ldns_dnssec_name *rrset, ldns_rr *nsec) @@ -449,6 +468,8 @@ ldns_dnssec_name_add_rr(ldns_dnssec_name *name, ldns_rr *rr) { ldns_status result = LDNS_STATUS_OK; + ldns_rdf *name_name; + bool hashed_name = false; ldns_rr_type rr_type; ldns_rr_type typecovered = 0; @@ -464,6 +485,19 @@ ldns_dnssec_name_add_rr(ldns_dnssec_name *name, typecovered = ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(rr)); } +#ifdef HAVE_SSL + if (rr_type == LDNS_RR_TYPE_NSEC3 || + typecovered == LDNS_RR_TYPE_NSEC3) { + name_name = ldns_nsec3_hash_name_frm_nsec3(rr, + ldns_dnssec_name_name(name)); + hashed_name = true; + } else { + name_name = ldns_dnssec_name_name(name); + } +#else + name_name = ldns_dnssec_name_name(name); +#endif /* HAVE_SSL */ + if (rr_type == LDNS_RR_TYPE_NSEC || rr_type == LDNS_RR_TYPE_NSEC3) { /* XX check if is already set (and error?) */ @@ -485,6 +519,11 @@ ldns_dnssec_name_add_rr(ldns_dnssec_name *name, result = ldns_dnssec_rrsets_add_rr(name->rrsets, rr); } } + + if (hashed_name) { + ldns_rdf_deep_free(name_name); + } + return result; } @@ -524,7 +563,7 @@ ldns_dnssec_zone_find_rrset(ldns_dnssec_zone *zone, } } -static void +void ldns_dnssec_name_print_soa_fmt(FILE *out, const ldns_output_format *fmt, ldns_dnssec_name *name, bool show_soa) @@ -550,6 +589,12 @@ ldns_dnssec_name_print_soa_fmt(FILE *out, const ldns_output_format *fmt, } } +void +ldns_dnssec_name_print_soa(FILE *out, ldns_dnssec_name *name, bool show_soa) +{ + ldns_dnssec_name_print_soa_fmt(out, ldns_output_format_default, + name, show_soa); +} void ldns_dnssec_name_print_fmt(FILE *out, const ldns_output_format *fmt, @@ -566,183 +611,28 @@ ldns_dnssec_name_print(FILE *out, ldns_dnssec_name *name) ldns_dnssec_zone * -ldns_dnssec_zone_new(void) +ldns_dnssec_zone_new() { ldns_dnssec_zone *zone = LDNS_MALLOC(ldns_dnssec_zone); if(!zone) return NULL; zone->soa = NULL; zone->names = NULL; - zone->hashed_names = NULL; - zone->_nsec3params = NULL; return zone; } -static bool -rr_is_rrsig_covering(ldns_rr* rr, ldns_rr_type t) -{ - return ldns_rr_get_type(rr) == LDNS_RR_TYPE_RRSIG - && ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(rr)) == t; -} - -/* When the zone is first read into an list and then inserted into an - * ldns_dnssec_zone (rbtree) the nodes of the rbtree are allocated close (next) - * to each other. Because ldns-verify-zone (the only program that uses this - * function) uses the rbtree mostly for sequentual walking, this results - * in a speed increase (of 15% on linux) because we have less CPU-cache misses. - */ -#define FASTER_DNSSEC_ZONE_NEW_FRM_FP 1 /* Because of L2 cache efficiency */ - -ldns_status -ldns_dnssec_zone_new_frm_fp_l(ldns_dnssec_zone** z, FILE* fp, ldns_rdf* origin, - uint32_t ttl, ldns_rr_class ATTR_UNUSED(c), int* line_nr) -{ - ldns_rr* cur_rr; - size_t i; - - ldns_rdf *my_origin = NULL; - ldns_rdf *my_prev = NULL; - - ldns_dnssec_zone *newzone = ldns_dnssec_zone_new(); - /* when reading NSEC3s, there is a chance that we encounter nsecs - for empty nonterminals, whose nonterminals we cannot derive yet - because the needed information is to be read later. in that case - we keep a list of those nsec3's and retry to add them later */ - ldns_rr_list* todo_nsec3s = ldns_rr_list_new(); - ldns_rr_list* todo_nsec3_rrsigs = ldns_rr_list_new(); - - ldns_status status = LDNS_STATUS_MEM_ERR; - -#ifdef FASTER_DNSSEC_ZONE_NEW_FRM_FP - ldns_zone* zone = NULL; - if (ldns_zone_new_frm_fp_l(&zone, fp, origin,ttl, c, line_nr) - != LDNS_STATUS_OK) goto error; -#else - uint32_t my_ttl = ttl; -#endif - - if (!newzone || !todo_nsec3s || !todo_nsec3_rrsigs ) goto error; - - if (origin) { - if (!(my_origin = ldns_rdf_clone(origin))) goto error; - if (!(my_prev = ldns_rdf_clone(origin))) goto error; - } - -#ifdef FASTER_DNSSEC_ZONE_NEW_FRM_FP - if (ldns_dnssec_zone_add_rr(newzone, ldns_zone_soa(zone)) - != LDNS_STATUS_OK) goto error; - - for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(zone)); i++) { - cur_rr = ldns_rr_list_rr(ldns_zone_rrs(zone), i); - status = LDNS_STATUS_OK; -#else - while (!feof(fp)) { - status = ldns_rr_new_frm_fp_l(&cur_rr, fp, &my_ttl, &my_origin, - &my_prev, line_nr); - -#endif - switch (status) { - case LDNS_STATUS_OK: - - status = ldns_dnssec_zone_add_rr(newzone, cur_rr); - if (status == - LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND) { - - if (rr_is_rrsig_covering(cur_rr, - LDNS_RR_TYPE_NSEC3)){ - ldns_rr_list_push_rr(todo_nsec3_rrsigs, - cur_rr); - } else { - ldns_rr_list_push_rr(todo_nsec3s, - cur_rr); - } - status = LDNS_STATUS_OK; - - } else if (status != LDNS_STATUS_OK) - goto error; - - break; - - - case LDNS_STATUS_SYNTAX_EMPTY: /* empty line was seen */ - case LDNS_STATUS_SYNTAX_TTL: /* the ttl was set*/ - case LDNS_STATUS_SYNTAX_ORIGIN: /* the origin was set*/ - status = LDNS_STATUS_OK; - break; - - case LDNS_STATUS_SYNTAX_INCLUDE:/* $include not implemented */ - status = LDNS_STATUS_SYNTAX_INCLUDE_ERR_NOTIMPL; - break; - - default: - goto error; - } - } - - if (ldns_rr_list_rr_count(todo_nsec3s) > 0) { - (void) ldns_dnssec_zone_add_empty_nonterminals(newzone); - for (i = 0; status == LDNS_STATUS_OK && - i < ldns_rr_list_rr_count(todo_nsec3s); i++) { - cur_rr = ldns_rr_list_rr(todo_nsec3s, i); - status = ldns_dnssec_zone_add_rr(newzone, cur_rr); - } - } - if (ldns_rr_list_rr_count(todo_nsec3_rrsigs) > 0) { - for (i = 0; status == LDNS_STATUS_OK && - i < ldns_rr_list_rr_count(todo_nsec3_rrsigs); - i++){ - cur_rr = ldns_rr_list_rr(todo_nsec3_rrsigs, i); - status = ldns_dnssec_zone_add_rr(newzone, cur_rr); - } - } - - if (z) { - *z = newzone; - newzone = NULL; - } else { - ldns_dnssec_zone_free(newzone); - } - -error: -#ifdef FASTER_DNSSEC_ZONE_NEW_FRM_FP - if (zone) { - ldns_zone_free(zone); - } -#endif - ldns_rr_list_free(todo_nsec3_rrsigs); - ldns_rr_list_free(todo_nsec3s); - - if (my_origin) { - ldns_rdf_deep_free(my_origin); - } - if (my_prev) { - ldns_rdf_deep_free(my_prev); - } - if (newzone) { - ldns_dnssec_zone_free(newzone); - } - return status; -} - -ldns_status -ldns_dnssec_zone_new_frm_fp(ldns_dnssec_zone** z, FILE* fp, ldns_rdf* origin, - uint32_t ttl, ldns_rr_class ATTR_UNUSED(c)) -{ - return ldns_dnssec_zone_new_frm_fp_l(z, fp, origin, ttl, c, NULL); -} - -static void +void ldns_dnssec_name_node_free(ldns_rbnode_t *node, void *arg) { (void) arg; ldns_dnssec_name_free((ldns_dnssec_name *)node->data); - LDNS_FREE(node); + free(node); } -static void +void ldns_dnssec_name_node_deep_free(ldns_rbnode_t *node, void *arg) { (void) arg; ldns_dnssec_name_deep_free((ldns_dnssec_name *)node->data); - LDNS_FREE(node); + free(node); } void @@ -754,7 +644,7 @@ ldns_dnssec_zone_free(ldns_dnssec_zone *zone) ldns_traverse_postorder(zone->names, ldns_dnssec_name_node_free, NULL); - LDNS_FREE(zone->names); + free(zone->names); } LDNS_FREE(zone); } @@ -769,7 +659,7 @@ ldns_dnssec_zone_deep_free(ldns_dnssec_zone *zone) ldns_traverse_postorder(zone->names, ldns_dnssec_name_node_deep_free, NULL); - LDNS_FREE(zone->names); + free(zone->names); } LDNS_FREE(zone); } @@ -781,99 +671,32 @@ ldns_dname_compare_v(const void *a, const void *b) { return ldns_dname_compare((ldns_rdf *)a, (ldns_rdf *)b); } -static void -ldns_dnssec_name_make_hashed_name(ldns_dnssec_zone *zone, - ldns_dnssec_name* name, ldns_rr* nsec3rr); - -static void -ldns_hashed_names_node_free(ldns_rbnode_t *node, void *arg) { - (void) arg; - LDNS_FREE(node); -} - -static void -ldns_dnssec_zone_hashed_names_from_nsec3( - ldns_dnssec_zone* zone, ldns_rr* nsec3rr) -{ - ldns_rbnode_t* current_node; - ldns_dnssec_name* current_name; +#ifdef HAVE_SSL +ldns_rbnode_t * +ldns_dnssec_zone_find_nsec3_original(ldns_dnssec_zone *zone, + ldns_rr *rr) { + ldns_rbnode_t *current_node = ldns_rbtree_first(zone->names); + ldns_dnssec_name *current_name; + ldns_rdf *hashed_name; - assert(zone != NULL); - assert(nsec3rr != NULL); + hashed_name = ldns_dname_label(ldns_rr_owner(rr), 0); - if (zone->hashed_names) { - ldns_traverse_postorder(zone->hashed_names, - ldns_hashed_names_node_free, NULL); - LDNS_FREE(zone->hashed_names); - } - zone->_nsec3params = nsec3rr; - - /* So this is a NSEC3 zone. - * Calculate hashes for all names already in the zone - */ - zone->hashed_names = ldns_rbtree_create(ldns_dname_compare_v); - if (zone->hashed_names == NULL) { - return; - } - for ( current_node = ldns_rbtree_first(zone->names) - ; current_node != LDNS_RBTREE_NULL - ; current_node = ldns_rbtree_next(current_node) - ) { + while (current_node != LDNS_RBTREE_NULL) { current_name = (ldns_dnssec_name *) current_node->data; - ldns_dnssec_name_make_hashed_name(zone, current_name, nsec3rr); - - } -} - -static void -ldns_dnssec_name_make_hashed_name(ldns_dnssec_zone *zone, - ldns_dnssec_name* name, ldns_rr* nsec3rr) -{ - ldns_rbnode_t* new_node; - - assert(name != NULL); - if (! zone->_nsec3params) { - if (! nsec3rr) { - return; + if (!current_name->hashed_name) { + current_name->hashed_name = + ldns_nsec3_hash_name_frm_nsec3(rr, current_name->name); } - ldns_dnssec_zone_hashed_names_from_nsec3(zone, nsec3rr); - - } else if (! nsec3rr) { - nsec3rr = zone->_nsec3params; - } - name->hashed_name = ldns_nsec3_hash_name_frm_nsec3(nsec3rr, name->name); - - /* Also store in zone->hashed_names */ - if ((new_node = LDNS_MALLOC(ldns_rbnode_t))) { - - new_node->key = name->hashed_name; - new_node->data = name; - - if (ldns_rbtree_insert(zone->hashed_names, new_node) == NULL) { - - LDNS_FREE(new_node); + if (ldns_dname_compare(hashed_name, + current_name->hashed_name) + == 0) { + ldns_rdf_deep_free(hashed_name); + return current_node; } + current_node = ldns_rbtree_next(current_node); } -} - - -static ldns_rbnode_t * -ldns_dnssec_zone_find_nsec3_original(ldns_dnssec_zone *zone, ldns_rr *rr) { - ldns_rdf *hashed_name; - - hashed_name = ldns_dname_label(ldns_rr_owner(rr), 0); - if (hashed_name == NULL) { - return NULL; - } - if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_NSEC3 && ! zone->_nsec3params){ - - ldns_dnssec_zone_hashed_names_from_nsec3(zone, rr); - } - if (zone->hashed_names == NULL) { - ldns_rdf_deep_free(hashed_name); - return NULL; - } - return ldns_rbtree_search(zone->hashed_names, hashed_name); + ldns_rdf_deep_free(hashed_name); + return NULL; } ldns_status @@ -900,13 +723,15 @@ ldns_dnssec_zone_add_rr(ldns_dnssec_zone *zone, ldns_rr *rr) } if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_NSEC3 || type_covered == LDNS_RR_TYPE_NSEC3) { - cur_node = ldns_dnssec_zone_find_nsec3_original(zone, rr); + cur_node = ldns_dnssec_zone_find_nsec3_original(zone, + rr); if (!cur_node) { return LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND; } } else { cur_node = ldns_rbtree_search(zone->names, ldns_rr_owner(rr)); } + if (!cur_node) { /* add */ cur_name = ldns_dnssec_name_new_frm_rr(rr); @@ -919,16 +744,24 @@ ldns_dnssec_zone_add_rr(ldns_dnssec_zone *zone, ldns_rr *rr) cur_node->key = ldns_rr_owner(rr); cur_node->data = cur_name; (void)ldns_rbtree_insert(zone->names, cur_node); - ldns_dnssec_name_make_hashed_name(zone, cur_name, NULL); } else { cur_name = (ldns_dnssec_name *) cur_node->data; result = ldns_dnssec_name_add_rr(cur_name, rr); } + + if (result != LDNS_STATUS_OK) { + fprintf(stderr, "error adding rr: "); + ldns_rr_print(stderr, rr); + } + + /*TODO ldns_dnssec_name_print_names(stdout, zone->names, 0);*/ if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) { zone->soa = cur_name; } + return result; } +#endif /* HAVE_SSL */ void ldns_dnssec_zone_names_print_fmt(FILE *out, const ldns_output_format *fmt, @@ -1025,9 +858,7 @@ ldns_dnssec_zone_add_empty_nonterminals(ldns_dnssec_zone *zone) if (next_node == LDNS_RBTREE_NULL) { next_node = ldns_rbtree_first(zone->names); } - if (! cur_node->data || ! next_node->data) { - return LDNS_STATUS_ERR; - } + cur_name = ((ldns_dnssec_name *)cur_node->data)->name; next_name = ((ldns_dnssec_name *)next_node->data)->name; cur_label_count = ldns_dname_label_count(cur_name); @@ -1072,8 +903,6 @@ ldns_dnssec_zone_add_empty_nonterminals(ldns_dnssec_zone *zone) new_node->key = new_name->name; new_node->data = new_name; (void)ldns_rbtree_insert(zone->names, new_node); - ldns_dnssec_name_make_hashed_name( - zone, new_name, NULL); } ldns_rdf_deep_free(l1); ldns_rdf_deep_free(l2); @@ -1090,24 +919,3 @@ ldns_dnssec_zone_add_empty_nonterminals(ldns_dnssec_zone *zone) } return LDNS_STATUS_OK; } - -bool -ldns_dnssec_zone_is_nsec3_optout(ldns_dnssec_zone* zone) -{ - ldns_rr* nsec3; - ldns_rbnode_t* node; - - if (ldns_dnssec_name_find_rrset(zone->soa, LDNS_RR_TYPE_NSEC3PARAM)) { - node = ldns_rbtree_first(zone->names); - while (node != LDNS_RBTREE_NULL) { - nsec3 = ((ldns_dnssec_name*)node->data)->nsec; - if (nsec3 &&ldns_rr_get_type(nsec3) - == LDNS_RR_TYPE_NSEC3 && - ldns_nsec3_optout(nsec3)) { - return true; - } - node = ldns_rbtree_next(node); - } - } - return false; -} diff --git a/usr.sbin/unbound/ldns/doc/API.xml b/usr.sbin/unbound/ldns/doc/API.xml index 554420d11c2..07007b9a295 100644 --- a/usr.sbin/unbound/ldns/doc/API.xml +++ b/usr.sbin/unbound/ldns/doc/API.xml @@ -196,7 +196,7 @@ TODO the 'set' functions of the 'get' <t> In the DNS the atomic data type is an RRset. This is a list of RRs with the same ownername, type and class. Net::DNS doesn't -have rrsets as a separate object. +have rrsets as a seperate object. </t> <t> In lDNS we have the ldns_rr_list, which just holds a bunch of RR's. diff --git a/usr.sbin/unbound/ldns/doc/doxyparse.pl b/usr.sbin/unbound/ldns/doc/doxyparse.pl index 96a1732f9ed..218825fe1b0 100755..100644 --- a/usr.sbin/unbound/ldns/doc/doxyparse.pl +++ b/usr.sbin/unbound/ldns/doc/doxyparse.pl @@ -1,4 +1,4 @@ -#!/usr/bin/env perl +#!/usr/bin/perl # Doxygen is usefull for html documentation, but sucks # in making manual pages. Still tool also parses the .h @@ -87,7 +87,7 @@ if (defined $options{'m'}) { # 0 - somewhere in the file # 1 - in a doxygen par -# 2 - after doxygen, expect function +# 2 - after doxygen, except funcion # create our pwd mkdir "doc"; @@ -126,14 +126,7 @@ while($i < $max) { } if ($cur_line =~ /\*\// and $state == 1) { #print "END Comment seen!\n"; - if ($description =~ /^\\\\file/mg) { - # Doxygen text for the file, do not expect - # a function coming. - # - $state = 0; - } else { - $state = 2; - } + $state = 2; $i++; next; } @@ -191,14 +184,6 @@ while($i < $max) { $description =~ s/\\param\[out\][ \t]*([\*\w]+)[ \t]+/.br\n\\fB$1\\fR: /g; $description =~ s/\\return[ \t]*/.br\nReturns /g; - # Delete leading spaces to prevent manpages to be ascii format- - # ted and enable justification of text. - # - $description =~ s/^[ \t]*//mg; - - # Prevent hyphening of all caps and underscore words - $description =~ s/\b([A-Z_]+)\b/\\%$1/g; - $description{$key} = $description; $api{$key} = $api; $return{$key} = $return; diff --git a/usr.sbin/unbound/ldns/doc/function_manpages b/usr.sbin/unbound/ldns/doc/function_manpages index ce05899b7cf..15706fada57 100644 --- a/usr.sbin/unbound/ldns/doc/function_manpages +++ b/usr.sbin/unbound/ldns/doc/function_manpages @@ -39,11 +39,6 @@ ldns_dname_compare, ldns_dname_interval | ldns_dname_is_subdomain | ldns_dname ldns_dname | ldns_dname_left_chop, ldns_dname_label_count, ldns_dname2canonical, ldns_dname_cat, ldns_dname_cat_clone, ldns_dname_new, ldns_dname_new_frm_str, ldns_dname_new_frm_data, ldns_dname_is_subdomain, ldns_dname_str_absolute, ldns_dname_label, ldns_dname_compare, ldns_dname_interval ### /dname.h -### dane.h -ldns_dane_create_tlsa_owner, ldns_dane_cert2rdf, ldns_dane_select_certificate, ldns_dane_create_tlsa_rr | ldns_dane_verify, ldns_dane_verify_rr -ldns_dane_verify, ldns_dane_verify_rr | ldns_dane_create_tlsa_owner, ldns_dane_cert2rdf, ldns_dane_select_certificate, ldns_dane_create_tlsa_rr -### /dane.h - ### rdata.h ldns_rdf, ldns_rdf_type | ldns_rdf_set_size, ldns_rdf_set_type, ldns_rdf_set_data, ldns_rdf_size, ldns_rdf_get_type, ldns_rdf_data, ldns_rdf_compare, ldns_rdf_new, ldns_rdf_clone, ldns_rdf_new_frm_data, ldns_rdf_new_frm_str, ldns_rdf_new_frm_fp, ldns_rdf_free, ldns_rdf_deep_free, ldns_rdf_print, ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32, ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage, ldns_rdf2native_time_t, ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32, ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage, ldns_rdf2native_time_t, ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32, ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage, ldns_rdf2native_time_t ldns_rdf_set_size, ldns_rdf_set_type, ldns_rdf_set_data | ldns_rdf diff --git a/usr.sbin/unbound/ldns/drill/Makefile.in b/usr.sbin/unbound/ldns/drill/Makefile.in index ac555fa1e57..5730f0809c7 100644 --- a/usr.sbin/unbound/ldns/drill/Makefile.in +++ b/usr.sbin/unbound/ldns/drill/Makefile.in @@ -9,7 +9,6 @@ exec_prefix = @exec_prefix@ bindir = @bindir@ mandir = @mandir@ includedir = @includedir@ -datarootdir = @datarootdir@ CC = @CC@ CFLAGS = -I. @CFLAGS@ @@ -78,6 +77,7 @@ docclean: distclean: clean docclean rm -f config.h + rm -f drill.h realclean: clean docclean rm -f tags @@ -88,9 +88,9 @@ realclean: clean docclean rm -rf autom4te.cache rm -f config.h rm -f config.h.in + rm -f drill.h rm -f configure rm -f Makefile - rm -f drill.1 rm -f aclocal.m4 doc: @@ -99,7 +99,7 @@ doc: install: all $(INSTALL) -d $(DESTDIR)$(bindir) $(INSTALL) drill $(DESTDIR)$(bindir)/drill - $(INSTALL) -m 644 drill.1 $(DESTDIR)$(mandir)/man1/drill.1 + $(INSTALL) -m 644 $(srcdir)/drill.1 $(DESTDIR)$(mandir)/man1/drill.1 uninstall: @echo @@ -116,4 +116,4 @@ lint: done confclean: clean - rm -rf config.log config.status config.h Makefile drill.1 + rm -rf config.log config.status config.h Makefile diff --git a/usr.sbin/unbound/ldns/drill/chasetrace.c b/usr.sbin/unbound/ldns/drill/chasetrace.c index 370f627673e..a1dfd44681e 100644 --- a/usr.sbin/unbound/ldns/drill/chasetrace.c +++ b/usr.sbin/unbound/ldns/drill/chasetrace.c @@ -30,6 +30,7 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, ldns_rr_list *new_nss_aaaa; ldns_rr_list *final_answer; ldns_rr_list *new_nss; + ldns_rr_list *hostnames; ldns_rr_list *ns_addr; uint16_t loop_count; ldns_rdf *pop; @@ -45,15 +46,7 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, p = ldns_pkt_new(); res = ldns_resolver_new(); - if (!p) { - if (res) { - ldns_resolver_free(res); - } - error("Memory allocation failed"); - return NULL; - } - if (!res) { - ldns_pkt_free(p); + if (!p || !res) { error("Memory allocation failed"); return NULL; } @@ -74,8 +67,6 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, ldns_resolver_usevc(local_res)); ldns_resolver_set_random(res, ldns_resolver_random(local_res)); - ldns_resolver_set_source(res, - ldns_resolver_source(local_res)); ldns_resolver_set_recursive(res, false); /* setup the root nameserver in the new resolver */ @@ -83,8 +74,6 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, if (status != LDNS_STATUS_OK) { fprintf(stderr, "Error adding root servers to resolver: %s\n", ldns_get_errorstr_by_id(status)); ldns_rr_list_print(stdout, global_dns_root); - ldns_resolver_free(res); - ldns_pkt_free(p); return NULL; } @@ -130,7 +119,7 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, drill_pkt_print_footer(stdout, local_res, p); /* remove the old nameserver from the resolver */ - while(ldns_resolver_pop_nameserver(res)) { /* do it */ } + while((pop = ldns_resolver_pop_nameserver(res))) { /* do it */ } /* also check for new_nss emptyness */ @@ -206,6 +195,9 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, return NULL; } + hostnames = ldns_get_rr_list_name_by_addr(local_res, + ldns_pkt_answerfrom(p), 0, 0); + new_nss = ldns_pkt_authority(p); final_answer = ldns_pkt_answer(p); @@ -237,13 +229,14 @@ do_chase(ldns_resolver *res, ldns_rr_list *trusted_keys, ldns_pkt *pkt_o, uint16_t qflags, - ldns_rr_list * ATTR_UNUSED(prev_key_list), + ldns_rr_list *prev_key_list, int verbosity) { ldns_rr_list *rrset = NULL; ldns_status result; ldns_rr *orig_rr = NULL; + bool cname_followed = false; /* ldns_rr_list *sigs; ldns_rr *cur_sig; @@ -297,6 +290,7 @@ do_chase(ldns_resolver *res, /* answer might be a cname, chase that first, then chase cname target? (TODO) */ if (!rrset) { + cname_followed = true; rrset = ldns_pkt_rr_list_by_name_and_type(pkt, name, LDNS_RR_TYPE_CNAME, diff --git a/usr.sbin/unbound/ldns/drill/config.h.in b/usr.sbin/unbound/ldns/drill/config.h.in index 75448a07ecc..9b2a282a8e9 100644 --- a/usr.sbin/unbound/ldns/drill/config.h.in +++ b/usr.sbin/unbound/ldns/drill/config.h.in @@ -111,9 +111,6 @@ /* Define to 1 if you have the <ws2tcpip.h> header file. */ #undef HAVE_WS2TCPIP_H -/* Default trust anchor file */ -#undef LDNS_TRUST_ANCHOR_FILE - /* Define to the address where bug reports for this package should be sent. */ #undef PACKAGE_BUGREPORT diff --git a/usr.sbin/unbound/ldns/drill/configure b/usr.sbin/unbound/ldns/drill/configure index 0937a1b288a..f277a1f2858 100755..100644 --- a/usr.sbin/unbound/ldns/drill/configure +++ b/usr.sbin/unbound/ldns/drill/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for ldns 1.6.17. +# Generated by GNU Autoconf 2.68 for ldns 1.6.12. # # Report bugs to <libdns@nlnetlabs.nl>. # @@ -560,8 +560,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='ldns' PACKAGE_TARNAME='libdns' -PACKAGE_VERSION='1.6.17' -PACKAGE_STRING='ldns 1.6.17' +PACKAGE_VERSION='1.6.12' +PACKAGE_STRING='ldns 1.6.12' PACKAGE_BUGREPORT='libdns@nlnetlabs.nl' PACKAGE_URL='' @@ -604,7 +604,6 @@ ac_includes_default="\ ac_subst_vars='LTLIBOBJS LIBOBJS -LDNS_TRUST_ANCHOR_FILE LDNSDIR LIBS_STC RUNTIME_PATH @@ -665,7 +664,6 @@ enable_option_checking enable_rpath with_ssl with_ldns -with_trust_anchor ' ac_precious_vars='build_alias host_alias @@ -1218,7 +1216,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures ldns 1.6.17 to adapt to many kinds of systems. +\`configure' configures ldns 1.6.12 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1279,7 +1277,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of ldns 1.6.17:";; + short | recursive ) echo "Configuration of ldns 1.6.12:";; esac cat <<\_ACEOF @@ -1298,9 +1296,6 @@ Optional Packages: --with-ldns=PATH specify prefix of path of ldns library to use - --with-trust-anchor=KEYFILE - Default location of the trust anchor file. - [default=SYSCONFDIR/unbound/root.key] Some influential environment variables: CC C compiler command @@ -1378,7 +1373,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -ldns configure 1.6.17 +ldns configure 1.6.12 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -1801,7 +1796,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by ldns $as_me 1.6.17, which was +It was created by ldns $as_me 1.6.12, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -2154,14 +2149,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu # Copyright 2009, Wouter Wijngaards, NLnet Labs. # BSD licensed. # -# Version 26 -# 2013-09-19 FLTO help text improved. -# 2013-07-18 Enable ACX_CHECK_COMPILER_FLAG to test for -Wstrict-prototypes -# 2013-06-25 FLTO has --disable-flto option. -# 2013-05-03 Update W32_SLEEP for newer mingw that links but not defines it. -# 2013-03-22 Fix ACX_RSRC_VERSION for long version numbers. -# 2012-02-09 Fix AHX_MEMCMP_BROKEN with undef in compat/memcmp.h. -# 2012-01-20 Fix COMPILER_FLAGS_UNBOUND for gcc 4.6.2 assigned-not-used-warns. +# Version 19 # 2011-12-05 Fix getaddrinfowithincludes on windows with fedora16 mingw32-gcc. # Fix ACX_MALLOC for redefined malloc error. # Fix GETADDRINFO_WITH_INCLUDES to add -lws2_32 @@ -2174,7 +2162,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu # 2010-07-02 Add check for ss_family (for minix). # 2010-04-26 Fix to use CPPFLAGS for CHECK_COMPILER_FLAGS. # 2010-03-01 Fix RPATH using CONFIG_COMMANDS to run at the very end. -# 2010-02-18 WITH_SSL outputs the LIBSSL_LDFLAGS, LIBS, CPPFLAGS separate, -ldl +# 2010-02-18 WITH_SSL outputs the LIBSSL_LDFLAGS, LIBS, CPPFLAGS seperate, -ldl # 2010-02-01 added ACX_CHECK_MEMCMP_SIGNED, AHX_MEMCMP_BROKEN # 2010-01-20 added AHX_COONFIG_STRLCAT # 2009-07-14 U_CHAR detection improved for windows crosscompile. @@ -4245,7 +4233,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(void){}' >conftest.c +echo 'void f(){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -std=c99 -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -4276,7 +4264,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(void){}' >conftest.c +echo 'void f(){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -xc99 -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -4319,7 +4307,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(void){}' >conftest.c +echo 'void f(){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -O2 -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -4352,7 +4340,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(void){}' >conftest.c +echo 'void f(){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -Werror -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -4383,7 +4371,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(void){}' >conftest.c +echo 'void f(){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -Wall -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -5389,46 +5377,16 @@ else as_fn_error $? "Can't find ldns library" "$LINENO" 5 -fi fi - - - -# Check whether --with-trust-anchor was given. -if test "${with_trust_anchor+set}" = set; then : - withval=$with_trust_anchor; - LDNS_TRUST_ANCHOR_FILE="$withval" - -else - - if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then - if test "x$sysconfdir" = 'x${prefix}/etc' ; then - if test "x$prefix" = 'xNONE' ; then - LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key" - else - LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key" - fi - else - LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key" - fi - fi - fi -cat >>confdefs.h <<_ACEOF -#define LDNS_TRUST_ANCHOR_FILE "$LDNS_TRUST_ANCHOR_FILE" -_ACEOF - - -{ $as_echo "$as_me:${as_lineno-$LINENO}: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&5 -$as_echo "$as_me: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&6;} -ac_config_files="$ac_config_files Makefile drill.1" +ac_config_files="$ac_config_files Makefile" ac_config_headers="$ac_config_headers config.h" @@ -5950,7 +5908,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ldns $as_me 1.6.17, which was +This file was extended by ldns $as_me 1.6.12, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -6012,7 +5970,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ldns config.status 1.6.17 +ldns config.status 1.6.12 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" @@ -6134,7 +6092,6 @@ for ac_config_target in $ac_config_targets do case $ac_config_target in "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; - "drill.1") CONFIG_FILES="$CONFIG_FILES drill.1" ;; "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; diff --git a/usr.sbin/unbound/ldns/drill/configure.ac b/usr.sbin/unbound/ldns/drill/configure.ac index b7fe2aee07a..5c28053d99d 100644 --- a/usr.sbin/unbound/ldns/drill/configure.ac +++ b/usr.sbin/unbound/ldns/drill/configure.ac @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.56) -AC_INIT(ldns, 1.6.17, libdns@nlnetlabs.nl,libdns) +AC_INIT(ldns, 1.6.12, libdns@nlnetlabs.nl,libdns) AC_CONFIG_SRCDIR([drill.c]) sinclude(../acx_nlnetlabs.m4) @@ -170,33 +170,13 @@ if test -f $ldns_dev_dir/ldns/util.h && \ else AC_MSG_RESULT([no]) AC_CHECK_LIB(ldns, ldns_rr_new, , [ - AC_MSG_ERROR([Can't find ldns library])dnl ' + AC_MSG_ERROR([Can't find ldns library]) ] ) fi AC_SUBST(LDNSDIR) -AC_ARG_WITH(trust-anchor, AC_HELP_STRING([--with-trust-anchor=KEYFILE], -[Default location of the trust anchor file. [default=SYSCONFDIR/unbound/root.key]]), [ - LDNS_TRUST_ANCHOR_FILE="$withval" -],[ - if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then - if test "x$sysconfdir" = 'x${prefix}/etc' ; then - if test "x$prefix" = 'xNONE' ; then - LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key" - else - LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key" - fi - else - LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key" - fi - fi -]) -AC_DEFINE_UNQUOTED([LDNS_TRUST_ANCHOR_FILE], ["$LDNS_TRUST_ANCHOR_FILE"], [Default trust anchor file]) -AC_SUBST(LDNS_TRUST_ANCHOR_FILE) -AC_MSG_NOTICE([Default trust anchor: $LDNS_TRUST_ANCHOR_FILE]) - AH_BOTTOM([ #include <stdio.h> @@ -274,6 +254,6 @@ extern int optind, opterr; #endif ]) -AC_CONFIG_FILES([Makefile drill.1]) +AC_CONFIG_FILES([Makefile]) AC_CONFIG_HEADER([config.h]) AC_OUTPUT diff --git a/usr.sbin/unbound/ldns/drill/dnssec.c b/usr.sbin/unbound/ldns/drill/dnssec.c index b8074be03cc..030aa3bb73f 100644 --- a/usr.sbin/unbound/ldns/drill/dnssec.c +++ b/usr.sbin/unbound/ldns/drill/dnssec.c @@ -22,10 +22,12 @@ get_rr(ldns_resolver *res, ldns_rdf *zname, ldns_rr_type t, ldns_rr_class c) p = ldns_pkt_new(); found = NULL; - if (ldns_resolver_send(&p, res, zname, t, c, 0) == LDNS_STATUS_OK) { + if (ldns_resolver_send(&p, res, zname, t, c, 0) != LDNS_STATUS_OK) { + /* oops */ + return NULL; + } else { found = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_ANY_NOQUESTION); } - ldns_pkt_free(p); return found; } @@ -34,7 +36,6 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p) { ldns_rr_list *new_nss; ldns_rr_list *hostnames; - char *answerfrom_str; if (verbosity < 5) { return; @@ -45,7 +46,8 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p) new_nss = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NS, LDNS_SECTION_ANSWER); ldns_rr_list_print(fd, new_nss); - ldns_rr_list_deep_free(new_nss); + + /* new_nss can be empty.... */ fprintf(fd, ";; Received %d bytes from %s#%d(", (int) ldns_pkt_size(p), @@ -57,11 +59,7 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p) ldns_rr_rdf(ldns_rr_list_rr(hostnames, 0), 0)); ldns_rr_list_deep_free(hostnames); } else { - answerfrom_str = ldns_rdf2str(ldns_pkt_answerfrom(p)); - if (answerfrom_str) { - fprintf(fd, "%s", answerfrom_str); - LDNS_FREE(answerfrom_str); - } + fprintf(fd, "%s", ldns_rdf2str(ldns_pkt_answerfrom(p))); } fprintf(fd, ") in %u ms\n\n", (unsigned int)ldns_pkt_querytime(p)); } @@ -70,7 +68,6 @@ void drill_pkt_print_footer(FILE *fd, ldns_resolver *r, ldns_pkt *p) { ldns_rr_list *hostnames; - char *answerfrom_str; if (verbosity < 5) { return; @@ -88,11 +85,7 @@ drill_pkt_print_footer(FILE *fd, ldns_resolver *r, ldns_pkt *p) ldns_rr_rdf(ldns_rr_list_rr(hostnames, 0), 0)); ldns_rr_list_deep_free(hostnames); } else { - answerfrom_str = ldns_rdf2str(ldns_pkt_answerfrom(p)); - if (answerfrom_str) { - fprintf(fd, "%s", answerfrom_str); - LDNS_FREE(answerfrom_str); - } + fprintf(fd, "%s", ldns_rdf2str(ldns_pkt_answerfrom(p))); } fprintf(fd, ") in %u ms\n\n", (unsigned int)ldns_pkt_querytime(p)); } @@ -105,6 +98,7 @@ get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t, ldns_rr_list **rrlist, ldns_rr_list **sig) { ldns_pkt_type pt = LDNS_PACKET_UNKNOWN; + ldns_rr_list *rr = NULL; ldns_rr_list *sigs = NULL; size_t i; @@ -117,52 +111,36 @@ get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t, pt = ldns_pkt_reply_type(p); if (name) { - if (rrlist) { - *rrlist = ldns_pkt_rr_list_by_name_and_type(p, name, t, - LDNS_SECTION_ANSWER); - if (!*rrlist) { - *rrlist = ldns_pkt_rr_list_by_name_and_type( - p, name, t, - LDNS_SECTION_AUTHORITY); - } + rr = ldns_pkt_rr_list_by_name_and_type(p, name, t, LDNS_SECTION_ANSWER); + if (!rr) { + rr = ldns_pkt_rr_list_by_name_and_type(p, name, t, LDNS_SECTION_AUTHORITY); } - if (sig) { - sigs = ldns_pkt_rr_list_by_name_and_type(p, name, - LDNS_RR_TYPE_RRSIG, - LDNS_SECTION_ANSWER); - if (!sigs) { - sigs = ldns_pkt_rr_list_by_name_and_type( - p, name, LDNS_RR_TYPE_RRSIG, - LDNS_SECTION_AUTHORITY); - } + sigs = ldns_pkt_rr_list_by_name_and_type(p, name, LDNS_RR_TYPE_RRSIG, + LDNS_SECTION_ANSWER); + if (!sigs) { + sigs = ldns_pkt_rr_list_by_name_and_type(p, name, LDNS_RR_TYPE_RRSIG, + LDNS_SECTION_AUTHORITY); } } else { - /* A DS-referral - get the DS records if they are there */ - if (rrlist) { - *rrlist = ldns_pkt_rr_list_by_type( - p, t, LDNS_SECTION_AUTHORITY); - } - if (sig) { - sigs = ldns_pkt_rr_list_by_type(p, - LDNS_RR_TYPE_RRSIG, - LDNS_SECTION_AUTHORITY); - } + /* A DS-referral - get the DS records if they are there */ + rr = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_AUTHORITY); + sigs = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_RRSIG, + LDNS_SECTION_AUTHORITY); } if (sig) { *sig = ldns_rr_list_new(); for (i = 0; i < ldns_rr_list_rr_count(sigs); i++) { /* only add the sigs that cover this type */ - if (t == ldns_rdf2rr_type(ldns_rr_rrsig_typecovered( - ldns_rr_list_rr(sigs, i)))) { - - ldns_rr_list_push_rr(*sig, - ldns_rr_clone( - ldns_rr_list_rr( - sigs, i))); + if (ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(ldns_rr_list_rr(sigs, i))) == + t) { + ldns_rr_list_push_rr(*sig, ldns_rr_clone(ldns_rr_list_rr(sigs, i))); } } } ldns_rr_list_deep_free(sigs); + if (rrlist) { + *rrlist = rr; + } if (pt == LDNS_PACKET_NXDOMAIN || pt == LDNS_PACKET_NODATA) { return pt; @@ -175,7 +153,6 @@ get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t, ldns_status ldns_verify_denial(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_list **nsec_rrs, ldns_rr_list **nsec_rr_sigs) { -#ifdef HAVE_SSL uint16_t nsec_i; ldns_rr_list *nsecs; @@ -239,28 +216,12 @@ ldns_verify_denial(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_lis ldns_rr_list* sigs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANY_NOQUESTION); ldns_rr* q = ldns_rr_new(); ldns_rr* match = NULL; - - if(!sigs) { - if (q) { - ldns_rr_free(q); - } - ldns_rr_list_deep_free(nsecs); - return LDNS_STATUS_MEM_ERR; - } - if(!q) { - ldns_rr_list_deep_free(nsecs); - ldns_rr_list_deep_free(sigs); - return LDNS_STATUS_MEM_ERR; - } + if(!sigs) return LDNS_STATUS_MEM_ERR; + if(!q) return LDNS_STATUS_MEM_ERR; ldns_rr_set_question(q, 1); ldns_rr_set_ttl(q, 0); ldns_rr_set_owner(q, ldns_rdf_clone(name)); - if(!ldns_rr_owner(q)) { - ldns_rr_free(q); - ldns_rr_list_deep_free(sigs); - ldns_rr_list_deep_free(nsecs); - return LDNS_STATUS_MEM_ERR; - } + if(!ldns_rr_owner(q)) return LDNS_STATUS_MEM_ERR; ldns_rr_set_type(q, type); /* result = ldns_dnssec_verify_denial_nsec3(q, nsecs, sigs, ldns_pkt_get_rcode(pkt), type, ldns_pkt_ancount(pkt) == 0); */ @@ -273,14 +234,6 @@ ldns_verify_denial(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_lis ldns_rr_list_deep_free(sigs); } return result; -#else - (void)pkt; - (void)name; - (void)type; - (void)nsec_rrs; - (void)nsec_rr_sigs; - return LDNS_STATUS_ERR; -#endif /* HAVE_SSL */ } /* NSEC3 draft -07 */ @@ -292,15 +245,17 @@ ldns_nsec3_exact_match(ldns_rdf *qname, ldns_rr_type qtype, ldns_rr_list *nsec3s uint8_t salt_length; uint8_t *salt; - ldns_rdf *sname = NULL, *hashed_sname = NULL; + ldns_rdf *sname, *hashed_sname; size_t nsec_i; ldns_rr *nsec; ldns_rr *result = NULL; + ldns_status status; + const ldns_rr_descriptor *descriptor; - ldns_rdf *zone_name = NULL; + ldns_rdf *zone_name; if (verbosity >= 4) { printf(";; finding exact match for "); @@ -326,28 +281,16 @@ ldns_nsec3_exact_match(ldns_rdf *qname, ldns_rr_type qtype, ldns_rr_list *nsec3s salt_length = ldns_nsec3_salt_length(nsec); salt = ldns_nsec3_salt_data(nsec); iterations = ldns_nsec3_iterations(nsec); - if (salt == NULL) { - goto done; - } sname = ldns_rdf_clone(qname); - if (sname == NULL) { - goto done; - } + if (verbosity >= 4) { printf(";; owner name hashes to: "); } hashed_sname = ldns_nsec3_hash_name(sname, algorithm, iterations, salt_length, salt); - if (hashed_sname == NULL) { - goto done; - } + zone_name = ldns_dname_left_chop(ldns_rr_owner(nsec)); - if (zone_name == NULL) { - goto done; - } - if (ldns_dname_cat(hashed_sname, zone_name) != LDNS_STATUS_OK) { - goto done; - }; + status = ldns_dname_cat(hashed_sname, zone_name); if (verbosity >= 4) { ldns_rdf_print(stdout, hashed_sname); @@ -394,13 +337,15 @@ ldns_nsec3_closest_encloser(ldns_rdf *qname, ldns_rr_type qtype, ldns_rr_list *n uint8_t salt_length; uint8_t *salt; - ldns_rdf *sname = NULL, *hashed_sname = NULL, *tmp; + ldns_rdf *sname, *hashed_sname, *tmp; + ldns_rr *ce; bool flag; bool exact_match_found; bool in_range_found; - ldns_rdf *zone_name = NULL; + ldns_status status; + ldns_rdf *zone_name; size_t nsec_i; ldns_rr *nsec; @@ -421,21 +366,13 @@ ldns_nsec3_closest_encloser(ldns_rdf *qname, ldns_rr_type qtype, ldns_rr_list *n salt_length = ldns_nsec3_salt_length(nsec); salt = ldns_nsec3_salt_data(nsec); iterations = ldns_nsec3_iterations(nsec); - if (salt == NULL) { - goto done; - } sname = ldns_rdf_clone(qname); - if (sname == NULL) { - goto done; - } + ce = NULL; flag = false; zone_name = ldns_dname_left_chop(ldns_rr_owner(nsec)); - if (zone_name == NULL) { - goto done; - } /* algorithm from nsec3-07 8.3 */ while (ldns_dname_label_count(sname) > 0) { @@ -448,13 +385,8 @@ ldns_nsec3_closest_encloser(ldns_rdf *qname, ldns_rr_type qtype, ldns_rr_list *n printf(" hashes to: "); } hashed_sname = ldns_nsec3_hash_name(sname, algorithm, iterations, salt_length, salt); - if (hashed_sname == NULL) { - goto done; - } - if (ldns_dname_cat(hashed_sname, zone_name) != LDNS_STATUS_OK){ - goto done; - } + status = ldns_dname_cat(hashed_sname, zone_name); if (verbosity >= 3) { ldns_rdf_print(stdout, hashed_sname); @@ -499,12 +431,9 @@ ldns_nsec3_closest_encloser(ldns_rdf *qname, ldns_rr_type qtype, ldns_rr_list *n tmp = sname; sname = ldns_dname_left_chop(sname); ldns_rdf_deep_free(tmp); - if (sname == NULL) { - goto done; - } } -done: + done: LDNS_FREE(salt); ldns_rdf_deep_free(zone_name); ldns_rdf_deep_free(sname); @@ -518,3 +447,68 @@ done: /* todo checks from end of 6.2. here or in caller? */ return result; } + + +/* special case were there was a wildcard expansion match, the exact match must be disproven */ +ldns_status +ldns_verify_denial_wildcard(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_list **nsec_rrs, ldns_rr_list **nsec_rr_sigs) +{ + ldns_rdf *nsec3_ce = NULL; + ldns_rr *nsec3_ex = NULL; + ldns_rdf *wildcard_name = NULL; + ldns_rdf *nsec3_wc_ce = NULL; + ldns_rr *nsec3_wc_ex = NULL; + ldns_rdf *chopped_dname = NULL; + ldns_rr_list *nsecs; + ldns_status result = LDNS_STATUS_ERR; + + nsecs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_NSEC3, LDNS_SECTION_ANY_NOQUESTION); + if (nsecs) { + wildcard_name = ldns_dname_new_frm_str("*"); + chopped_dname = ldns_dname_left_chop(name); + result = ldns_dname_cat(wildcard_name, chopped_dname); + ldns_rdf_deep_free(chopped_dname); + + nsec3_ex = ldns_nsec3_exact_match(name, type, nsecs); + nsec3_ce = ldns_nsec3_closest_encloser(name, type, nsecs); + nsec3_wc_ce = ldns_nsec3_closest_encloser(wildcard_name, type, nsecs); + nsec3_wc_ex = ldns_nsec3_exact_match(wildcard_name, type, nsecs); + + if (nsec3_ex) { + if (verbosity >= 3) { + printf(";; Error, exact match for for name found, but should not exist (draft -07 section 8.8)\n"); + } + result = LDNS_STATUS_NSEC3_ERR; + } else if (!nsec3_ce) { + if (verbosity >= 3) { + printf(";; Error, closest encloser for exact match missing in wildcard response (draft -07 section 8.8)\n"); + } + result = LDNS_STATUS_NSEC3_ERR; +/* + } else if (!nsec3_wc_ex) { + printf(";; Error, no wildcard nsec3 match: "); + ldns_rdf_print(stdout, wildcard_name); + printf(" (draft -07 section 8.8)\n"); + result = LDNS_STATUS_NSEC3_ERR; +*/ +/* } else if (!nsec */ + } else { + if (verbosity >= 3) { + printf(";; wilcard expansion proven\n"); + } + result = LDNS_STATUS_OK; + } + } else { + if (verbosity >= 3) { + printf(";; Error: no NSEC or NSEC3 records in answer\n"); + } + result = LDNS_STATUS_CRYPTO_NO_RRSIG; + } + + if (nsecs && nsec_rrs && nsec_rr_sigs) { + (void) get_dnssec_rr(pkt, ldns_rr_owner(ldns_rr_list_rr(nsecs, 0)), LDNS_RR_TYPE_NSEC3, nsec_rrs, nsec_rr_sigs); + } + return result; +} + + diff --git a/usr.sbin/unbound/ldns/drill/drill.c b/usr.sbin/unbound/ldns/drill/drill.c index b967ad949c8..9077cd69bfb 100644 --- a/usr.sbin/unbound/ldns/drill/drill.c +++ b/usr.sbin/unbound/ldns/drill/drill.c @@ -33,7 +33,6 @@ usage(FILE *stream, const char *progname) fprintf(stream, "\t-T\t\ttrace from the root down to <name>\n"); fprintf(stream, "\t-S\t\tchase signature(s) from <name> to a know key [*]\n"); #endif /*HAVE_SSL*/ - fprintf(stream, "\t-I <address>\tsource address to query from\n"); fprintf(stream, "\t-V <number>\tverbosity (0-5)\n"); fprintf(stream, "\t-Q\t\tquiet mode (overrules -V)\n"); fprintf(stream, "\n"); @@ -48,25 +47,19 @@ usage(FILE *stream, const char *progname) fprintf(stream, "\t-6\t\tstay on ip6\n"); fprintf(stream, "\t-a\t\tfallback to EDNS0 and TCP if the answer is truncated\n"); fprintf(stream, "\t-b <bufsize>\tuse <bufsize> as the buffer size (defaults to 512 b)\n"); - fprintf(stream, "\t-c <file>\tuse file for rescursive nameserver configuration" - "\n\t\t\t(/etc/resolv.conf)\n"); - fprintf(stream, "\t-k <file>\tspecify a file that contains a trusted DNSSEC key [**]\n"); - fprintf(stream, "\t\t\tUsed to verify any signatures in the current answer.\n"); - fprintf(stream, "\t\t\tWhen DNSSEC enabled tracing (-TD) or signature\n" - "\t\t\tchasing (-S) and no key files are given, keys are read\n" - "\t\t\tfrom: %s\n", - LDNS_TRUST_ANCHOR_FILE); - fprintf(stream, "\t-o <mnemonic>\tset flags to:" - "\n\t\t\t[QR|qr][AA|aa][TC|tc][RD|rd][CD|cd][RA|ra][AD|ad]\n"); + fprintf(stream, "\t-c <file>\t\tuse file for rescursive nameserver configuration (/etc/resolv.conf)\n"); + fprintf(stream, "\t-k <file>\tspecify a file that contains a trusted DNSSEC key (DNSKEY|DS) [**]\n"); + fprintf(stream, "\t\t\tused to verify any signatures in the current answer\n"); + fprintf(stream, "\t-o <mnemonic>\tset flags to: [QR|qr][AA|aa][TC|tc][RD|rd][CD|cd][RA|ra][AD|ad]\n"); fprintf(stream, "\t\t\tlowercase: unset bit, uppercase: set bit\n"); fprintf(stream, "\t-p <port>\tuse <port> as remote port number\n"); fprintf(stream, "\t-s\t\tshow the DS RR for each key in a packet\n"); fprintf(stream, "\t-u\t\tsend the query with udp (the default)\n"); fprintf(stream, "\t-x\t\tdo a reverse lookup\n"); fprintf(stream, "\twhen doing a secure trace:\n"); - fprintf(stream, "\t-r <file>\tuse file as root servers hint file\n"); + fprintf(stream, "\t-r <file>\t\tuse file as root servers hint file\n"); fprintf(stream, "\t-t\t\tsend the query with tcp (connected)\n"); - fprintf(stream, "\t-d <domain>\tuse domain as the start point for the trace\n"); + fprintf(stream, "\t-d <domain>\t\tuse domain as the start point for the trace\n"); fprintf(stream, "\t-y <name:key[:algo]>\tspecify named base64 tsig key, and optional an\n\t\t\talgorithm (defaults to hmac-md5.sig-alg.reg.int)\n"); fprintf(stream, "\t-z\t\tdon't randomize the nameservers before use\n"); fprintf(stream, "\n [*] = enables/implies DNSSEC\n"); @@ -104,15 +97,13 @@ main(int argc, char *argv[]) ldns_pkt *pkt; ldns_pkt *qpkt; char *serv; - char *src = NULL; - const char *name; + char *name; char *name2; char *progname; char *query_file = NULL; char *answer_file = NULL; ldns_buffer *query_buffer = NULL; ldns_rdf *serv_rdf; - ldns_rdf *src_rdf = NULL; ldns_rr_type type; ldns_rr_class clas; #if 0 @@ -160,7 +151,7 @@ main(int argc, char *argv[]) int_type = -1; serv = NULL; type = 0; int_clas = -1; name = NULL; clas = 0; - qname = NULL; src = NULL; + qname = NULL; progname = strdup(argv[0]); #ifdef USE_WINSOCK @@ -198,7 +189,7 @@ main(int argc, char *argv[]) /* global first, query opt next, option with parm's last * and sorted */ /* "46DITSVQf:i:w:q:achuvxzy:so:p:b:k:" */ - while ((c = getopt(argc, argv, "46ab:c:d:Df:hi:I:k:o:p:q:Qr:sStTuvV:w:xy:z")) != -1) { + while ((c = getopt(argc, argv, "46ab:c:d:Df:hi:Ik:o:p:q:Qr:sStTuvV:w:xy:z")) != -1) { switch(c) { /* global options */ case '4': @@ -211,7 +202,7 @@ main(int argc, char *argv[]) qdnssec = true; break; case 'I': - src = optarg; + /* reserved for backward compatibility */ break; case 'T': if (PURPOSE == DRILL_CHASE) { @@ -281,8 +272,7 @@ main(int argc, char *argv[]) qusevc = true; break; case 'k': - status = read_key_file(optarg, - key_list, false); + status = read_key_file(optarg, key_list); if (status != LDNS_STATUS_OK) { error("Could not parse the key file %s: %s", optarg, ldns_get_errorstr_by_id(status)); } @@ -407,15 +397,6 @@ main(int argc, char *argv[]) argc -= optind; argv += optind; - if ((PURPOSE == DRILL_CHASE || (PURPOSE == DRILL_TRACE && qdnssec)) && - ldns_rr_list_rr_count(key_list) == 0) { - - (void) read_key_file(LDNS_TRUST_ANCHOR_FILE, key_list, true); - } - if (ldns_rr_list_rr_count(key_list) > 0) { - printf(";; Number of trusted keys: %d\n", - (int) ldns_rr_list_rr_count(key_list)); - } /* do a secure trace when requested */ if (PURPOSE == DRILL_TRACE && qdnssec) { #ifdef HAVE_SSL @@ -485,14 +466,6 @@ main(int argc, char *argv[]) } } - if (src) { - src_rdf = ldns_rdf_new_addr_frm_str(src); - if(!src_rdf) { - fprintf(stderr, "-I must be (or resolve) to a valid IP[v6] address.\n"); - exit(EXIT_FAILURE); - } - } - /* set the nameserver to use */ if (!serv) { /* no server given make a resolver from /etc/resolv.conf */ @@ -524,7 +497,6 @@ main(int argc, char *argv[]) ldns_resolver_set_ip6(cmdline_res, qfamily); ldns_resolver_set_fallback(cmdline_res, qfallback); ldns_resolver_set_usevc(cmdline_res, qusevc); - ldns_resolver_set_source(cmdline_res, src_rdf); cmdline_dname = ldns_dname_new_frm_str(serv); @@ -555,7 +527,6 @@ main(int argc, char *argv[]) } /* set the resolver options */ ldns_resolver_set_port(res, qport); - ldns_resolver_set_source(res, src_rdf); if (verbosity >= 5) { ldns_resolver_set_debug(res, true); } else { @@ -626,17 +597,10 @@ main(int argc, char *argv[]) ldns_resolver_set_dnssec_cd(res, true); /* set dnssec implies udp_size of 4096 */ ldns_resolver_set_edns_udp_size(res, 4096); - pkt = NULL; - status = ldns_resolver_query_status( - &pkt, res, qname, type, clas, qflags); - if (status != LDNS_STATUS_OK) { - error("error sending query: %s", - ldns_get_errorstr_by_id(status)); - } + pkt = ldns_resolver_query(res, qname, type, clas, qflags); + if (!pkt) { - if (status == LDNS_STATUS_OK) { - error("%s", "error pkt sending"); - } + error("%s", "error pkt sending"); result = EXIT_FAILURE; } else { if (verbosity >= 3) { @@ -762,17 +726,9 @@ main(int argc, char *argv[]) } /* create a packet and set the RD flag on it */ - pkt = NULL; - status = ldns_resolver_query_status( - &pkt, res, qname, type, clas, qflags); - if (status != LDNS_STATUS_OK) { - error("error sending query: %s", - ldns_get_errorstr_by_id(status)); - } + pkt = ldns_resolver_query(res, qname, type, clas, qflags); if (!pkt) { - if (status == LDNS_STATUS_OK) { - error("%s", "pkt sending"); - } + error("%s", "pkt sending"); result = EXIT_FAILURE; } else { if (verbosity != -1) { @@ -843,15 +799,7 @@ main(int argc, char *argv[]) goto exit; } else { /* create a packet and set the RD flag on it */ - pkt = NULL; - status = ldns_resolver_query_status( - &pkt, res, qname, - type, clas, qflags); - if (status != LDNS_STATUS_OK) { - error("error sending query: %s" - , ldns_get_errorstr_by_id( - status)); - } + pkt = ldns_resolver_query(res, qname, type, clas, qflags); } } @@ -962,7 +910,6 @@ main(int argc, char *argv[]) exit: ldns_rdf_deep_free(qname); - ldns_rdf_deep_free(src_rdf); ldns_resolver_deep_free(res); ldns_resolver_deep_free(cmdline_res); ldns_rr_list_deep_free(key_list); diff --git a/usr.sbin/unbound/ldns/drill/drill.h b/usr.sbin/unbound/ldns/drill/drill.h index 0746fe7bff2..70fa0b03e03 100644 --- a/usr.sbin/unbound/ldns/drill/drill.h +++ b/usr.sbin/unbound/ldns/drill/drill.h @@ -84,7 +84,13 @@ ldns_status ldns_verify_denial(ldns_pkt *pkt, ldns_rr_type type, ldns_rr_list **nsec_rrs, ldns_rr_list **nsec_rr_sigs); +ldns_status ldns_verify_denial_wildcard(ldns_pkt *pkt, + ldns_rdf *name, + ldns_rr_type type, + ldns_rr_list **nsec_rrs, + ldns_rr_list **nsec_rr_sigs); +ldns_status read_key_file(const char *filename, ldns_rr_list *key_list); ldns_pkt *read_hex_pkt(char *filename); ldns_buffer *read_hex_buffer(char *filename); void init_root(void); diff --git a/usr.sbin/unbound/ldns/drill/drill_util.c b/usr.sbin/unbound/ldns/drill/drill_util.c index 9cf90a50ff0..596be9d5418 100644 --- a/usr.sbin/unbound/ldns/drill/drill_util.c +++ b/usr.sbin/unbound/ldns/drill/drill_util.c @@ -14,12 +14,12 @@ #include <errno.h> static int -read_line(FILE *input, char *line, size_t len) +read_line(FILE *input, char *line) { int i; - int c; - - for (i = 0; i < (int)len-1; i++) { + + char c; + for (i = 0; i < LDNS_MAX_PACKETLEN; i++) { c = getc(input); if (c == EOF) { return -1; @@ -35,37 +35,32 @@ read_line(FILE *input, char *line, size_t len) /* key_list must be initialized with ldns_rr_list_new() */ ldns_status -read_key_file(const char *filename, ldns_rr_list *key_list, bool silently) +read_key_file(const char *filename, ldns_rr_list *key_list) { int line_len = 0; int line_nr = 0; int key_count = 0; - char line[LDNS_MAX_LINELEN]; + char line[LDNS_MAX_PACKETLEN]; ldns_status status; FILE *input_file; ldns_rr *rr; input_file = fopen(filename, "r"); if (!input_file) { - if (! silently) { - fprintf(stderr, "Error opening %s: %s\n", - filename, strerror(errno)); - } + fprintf(stderr, "Error opening %s: %s\n", + filename, strerror(errno)); return LDNS_STATUS_ERR; } while (line_len >= 0) { - line_len = (int) read_line(input_file, line, sizeof(line)); + line_len = read_line(input_file, line); line_nr++; if (line_len > 0 && line[0] != ';') { status = ldns_rr_new_frm_str(&rr, line, 0, NULL, NULL); if (status != LDNS_STATUS_OK) { - if (! silently) { - fprintf(stderr, - "Error parsing DNSKEY RR " - "in line %d: %s\n", line_nr, - ldns_get_errorstr_by_id(status) - ); - } + fprintf(stderr, + "Error parsing DNSKEY RR in line %d: %s\n", + line_nr, + ldns_get_errorstr_by_id(status)); } else if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_DNSKEY || ldns_rr_get_type(rr) == LDNS_RR_TYPE_DS) { ldns_rr_list_push_rr(key_list, rr); @@ -75,7 +70,7 @@ read_key_file(const char *filename, ldns_rr_list *key_list, bool silently) } } } - fclose(input_file); + printf(";; Number of trusted keys: %d\n", key_count); if (key_count > 0) { return LDNS_STATUS_OK; } else { @@ -137,7 +132,6 @@ print_ds_of_keys(ldns_pkt *p) ds = ldns_key_rr2ds(ldns_rr_list_rr(keys, i), LDNS_SHA256); local_print_ds(stdout, "; sha256: ", ds); } - ldns_rr_list_deep_free(keys); } } @@ -246,7 +240,7 @@ print_dnskey_abbr(FILE *fp, ldns_rr *key) } void -print_rr_list_abbr(FILE *fp, ldns_rr_list *rrlist, const char *usr) +print_rr_list_abbr(FILE *fp, ldns_rr_list *rrlist, char *usr) { size_t i; ldns_rr_type tp; diff --git a/usr.sbin/unbound/ldns/drill/drill_util.h b/usr.sbin/unbound/ldns/drill/drill_util.h index 42b3f32b25d..db3a57436a4 100644 --- a/usr.sbin/unbound/ldns/drill/drill_util.h +++ b/usr.sbin/unbound/ldns/drill/drill_util.h @@ -12,13 +12,6 @@ #define _DRILL_UTIL_H_ #include <ldns/ldns.h> - -/** - * Read keys from filename and append to key_list. - */ -ldns_status read_key_file(const char *filename, ldns_rr_list *key_list, - bool silently); - /** * return a address rdf, either A or AAAA * NULL if anything goes wrong @@ -46,7 +39,7 @@ void print_ds_abbr(FILE *fp, ldns_rr *ds); /** * print some rdfs of a rr in a rr_list */ -void print_rr_list_abbr(FILE *fp, ldns_rr_list *sig, const char *usr); +void print_rr_list_abbr(FILE *fp, ldns_rr_list *sig, char *usr); /** * Alloc some memory, with error checking diff --git a/usr.sbin/unbound/ldns/drill/install-sh b/usr.sbin/unbound/ldns/drill/install-sh index 6781b987bdb..6781b987bdb 100755..100644 --- a/usr.sbin/unbound/ldns/drill/install-sh +++ b/usr.sbin/unbound/ldns/drill/install-sh diff --git a/usr.sbin/unbound/ldns/drill/securetrace.c b/usr.sbin/unbound/ldns/drill/securetrace.c index 5fc493a7275..c08b040fbc2 100644 --- a/usr.sbin/unbound/ldns/drill/securetrace.c +++ b/usr.sbin/unbound/ldns/drill/securetrace.c @@ -129,8 +129,11 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, { ldns_resolver *res; ldns_pkt *p, *local_p; + ldns_rr_list *new_nss_a; + ldns_rr_list *new_nss_aaaa; ldns_rr_list *new_nss; ldns_rr_list *ns_addr; + uint16_t loop_count; ldns_rdf *pop; ldns_rdf **labels = NULL; ldns_status status, st; @@ -138,7 +141,8 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, size_t j; size_t k; size_t l; - uint8_t labels_count = 0; + uint8_t labels_count; + ldns_pkt_type pt; /* dnssec */ ldns_rr_list *key_list; @@ -156,9 +160,6 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, /* empty non-terminal check */ bool ent; - ldns_rr *nsecrr; /* The nsec that proofs the non-terminal */ - ldns_rdf *hashed_name; /* The query hashed with nsec3 params */ - ldns_rdf *label0; /* The first label of an nsec3 owner name */ /* glue handling */ ldns_rr_list *new_ns_addr; @@ -172,10 +173,14 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, descriptor = ldns_rr_descript(t); + loop_count = 0; + new_nss_a = NULL; + new_nss_aaaa = NULL; new_nss = NULL; ns_addr = NULL; key_list = NULL; ds_list = NULL; + pt = LDNS_PACKET_UNKNOWN; p = NULL; local_p = NULL; @@ -223,8 +228,6 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, ldns_resolver_usevc(local_res)); ldns_resolver_set_random(res, ldns_resolver_random(local_res)); - ldns_resolver_set_source(res, - ldns_resolver_source(local_res)); ldns_resolver_set_recursive(local_res, true); ldns_resolver_set_recursive(res, false); @@ -236,8 +239,7 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, if (status != LDNS_STATUS_OK) { printf("ERRRRR: %s\n", ldns_get_errorstr_by_id(status)); ldns_rr_list_print(stdout, global_dns_root); - result = status; - goto done; + return status; } labels_count = ldns_dname_label_count(name); if (start_name) { @@ -385,27 +387,8 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, /* there might be an empty non-terminal, in which case we need to continue */ ent = false; for (j = 0; j < ldns_rr_list_rr_count(nsec_rrs); j++) { - nsecrr = ldns_rr_list_rr(nsec_rrs, j); - /* For NSEC when the next name is a subdomain of the question */ - if (ldns_rr_get_type(nsecrr) == LDNS_RR_TYPE_NSEC && - ldns_dname_is_subdomain(ldns_rr_rdf(nsecrr, 0), labels[i])) { + if (ldns_dname_is_subdomain(ldns_rr_rdf(ldns_rr_list_rr(nsec_rrs, j), 0), labels[i])) { ent = true; - - /* For NSEC3, the hash matches the name and the type bitmap is empty*/ - } else if (ldns_rr_get_type(nsecrr) == LDNS_RR_TYPE_NSEC3) { - hashed_name = ldns_nsec3_hash_name_frm_nsec3(nsecrr, labels[i]); - label0 = ldns_dname_label(ldns_rr_owner(nsecrr), 0); - if (hashed_name && label0 && - ldns_dname_compare(hashed_name, label0) == 0 && - ldns_nsec3_bitmap(nsecrr) == NULL) { - ent = true; - } - if (label0) { - LDNS_FREE(label0); - } - if (hashed_name) { - LDNS_FREE(hashed_name); - } } } if (!ent) { @@ -417,6 +400,7 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, printf(";; There is an empty non-terminal here, continue\n"); continue; } + goto done; } if (ldns_resolver_nameserver_count(res) == 0) { @@ -435,7 +419,7 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, keys used to sign these is trusted, add the keys to the trusted list */ p = get_dnssec_pkt(res, labels[i], LDNS_RR_TYPE_DNSKEY); - (void) get_key(p, labels[i], &key_list, &key_sig_list); + pt = get_key(p, labels[i], &key_list, &key_sig_list); if (key_sig_list) { if (key_list) { current_correct_keys = ldns_rr_list_new(); @@ -506,14 +490,14 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, /* check the DS records for the next child domain */ if (i > 1) { p = get_dnssec_pkt(res, labels[i-1], LDNS_RR_TYPE_DS); - (void) get_ds(p, labels[i-1], &ds_list, &ds_sig_list); + pt = get_ds(p, labels[i-1], &ds_list, &ds_sig_list); if (!ds_list) { ldns_pkt_free(p); if (ds_sig_list) { ldns_rr_list_deep_free(ds_sig_list); } p = get_dnssec_pkt(res, name, LDNS_RR_TYPE_DNSKEY); - (void) get_ds(p, NULL, &ds_list, &ds_sig_list); + pt = get_ds(p, NULL, &ds_list, &ds_sig_list); } if (ds_sig_list) { if (ds_list) { @@ -576,7 +560,7 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, ldns_pkt_free(p); ldns_rr_list_deep_free(ds_sig_list); p = get_dnssec_pkt(res, labels[i-1], LDNS_RR_TYPE_DS); - (void) get_ds(p, labels[i-1], &ds_list, &ds_sig_list); + pt = get_ds(p, labels[i-1], &ds_list, &ds_sig_list); status = ldns_verify_denial(p, labels[i-1], LDNS_RR_TYPE_DS, &nsec_rrs, &nsec_rr_sigs); @@ -632,7 +616,7 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, } else { /* if this is the last label, just verify the data and stop */ p = get_dnssec_pkt(res, labels[i], t); - (void) get_dnssec_rr(p, labels[i], t, &dataset, &key_sig_list); + pt = get_dnssec_rr(p, labels[i], t, &dataset, &key_sig_list); if (dataset && ldns_rr_list_rr_count(dataset) > 0) { if (key_sig_list && ldns_rr_list_rr_count(key_sig_list) > 0) { @@ -737,6 +721,8 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, ldns_pkt_free(p); } + new_nss_aaaa = NULL; + new_nss_a = NULL; new_nss = NULL; ns_addr = NULL; ldns_rr_list_deep_free(key_list); diff --git a/usr.sbin/unbound/ldns/drill/work.c b/usr.sbin/unbound/ldns/drill/work.c index 370d48b01b3..3a9cb5855d7 100644 --- a/usr.sbin/unbound/ldns/drill/work.c +++ b/usr.sbin/unbound/ldns/drill/work.c @@ -122,6 +122,11 @@ packetbuffromfile(char *filename, uint8_t *wire) hexbuf[hexbufpos] = (uint8_t) c; hexbufpos++; break; + default: + warning("unknown state while reading %s", filename); + xfree(hexbuf); + return 0; + break; } c = fgetc(fp); } @@ -173,7 +178,20 @@ read_hex_buffer(char *filename) size_t wiresize; ldns_buffer *result_buffer = NULL; - + FILE *fp = NULL; + + if (strncmp(filename, "-", 2) != 0) { + fp = fopen(filename, "r"); + } else { + fp = stdin; + } + + if (fp == NULL) { + perror(""); + warning("Unable to open %s", filename); + return NULL; + } + wire = xmalloc(LDNS_MAX_PACKETLEN); wiresize = packetbuffromfile(filename, wire); @@ -181,8 +199,8 @@ read_hex_buffer(char *filename) result_buffer = LDNS_MALLOC(ldns_buffer); ldns_buffer_new_frm_data(result_buffer, wire, wiresize); ldns_buffer_set_position(result_buffer, ldns_buffer_capacity(result_buffer)); + xfree(wire); - return result_buffer; } @@ -218,7 +236,7 @@ read_hex_pkt(char *filename) void dump_hex(const ldns_pkt *pkt, const char *filename) { - uint8_t *wire = NULL; + uint8_t *wire; size_t size, i; FILE *fp; ldns_status status; @@ -234,8 +252,6 @@ dump_hex(const ldns_pkt *pkt, const char *filename) if (status != LDNS_STATUS_OK) { error("Unable to convert packet: error code %u", status); - LDNS_FREE(wire); - fclose(fp); return; } @@ -257,5 +273,4 @@ dump_hex(const ldns_pkt *pkt, const char *filename) } fprintf(fp, "\n"); fclose(fp); - LDNS_FREE(wire); } diff --git a/usr.sbin/unbound/ldns/error.c b/usr.sbin/unbound/ldns/error.c index 82ea61a1dcc..a6195022ea0 100644 --- a/usr.sbin/unbound/ldns/error.c +++ b/usr.sbin/unbound/ldns/error.c @@ -29,7 +29,6 @@ ldns_lookup_table ldns_error_str[] = { { LDNS_STATUS_INVALID_IP4, "Conversion error, ip4 addr expected" }, { LDNS_STATUS_INVALID_IP6, "Conversion error, ip6 addr expected" }, { LDNS_STATUS_INVALID_STR, "Conversion error, string expected" }, - { LDNS_STATUS_INVALID_B32_EXT, "Conversion error, b32 ext encoding expected" }, { LDNS_STATUS_INVALID_B64, "Conversion error, b64 encoding expected" }, { LDNS_STATUS_INVALID_HEX, "Conversion error, hex encoding expected" }, { LDNS_STATUS_INVALID_TIME, "Conversion error, time encoding expected" }, @@ -65,7 +64,6 @@ ldns_lookup_table ldns_error_str[] = { { LDNS_STATUS_WIRE_INCOMPLETE_AUTHORITY, "authority section incomplete" }, { LDNS_STATUS_WIRE_INCOMPLETE_ADDITIONAL, "additional section incomplete" }, { LDNS_STATUS_NO_DATA, "No data" }, - { LDNS_STATUS_EXISTS_ERR, "Element already exists" }, { LDNS_STATUS_CERT_BAD_ALGORITHM, "Bad algorithm type for CERT record" }, { LDNS_STATUS_SYNTAX_TYPE_ERR, "Syntax error, could not parse the RR's type" }, { LDNS_STATUS_SYNTAX_CLASS_ERR, "Syntax error, could not parse the RR's class" }, @@ -92,57 +90,6 @@ ldns_lookup_table ldns_error_str[] = { { LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND, "original of NSEC3 hashed name could not be found" }, { LDNS_STATUS_MISSING_RDATA_FIELDS_RRSIG, "The RRSIG has to few rdata fields" }, { LDNS_STATUS_MISSING_RDATA_FIELDS_KEY, "The DNSKEY has to few rdata fields" }, - { LDNS_STATUS_CRYPTO_SIG_EXPIRED_WITHIN_MARGIN, - "DNSSEC signature will expire too soon" }, - { LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN, - "DNSSEC signature not incepted long enough" }, - { LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE, - "Unknown TLSA Certificate Usage" }, - { LDNS_STATUS_DANE_UNKNOWN_SELECTOR, "Unknown TLSA Selector" }, - { LDNS_STATUS_DANE_UNKNOWN_MATCHING_TYPE, - "Unknown TLSA Matching Type" }, - { LDNS_STATUS_DANE_UNKNOWN_PROTOCOL, - "Unknown protocol. Only IPv4 and IPv6 are understood" }, - { LDNS_STATUS_DANE_UNKNOWN_TRANSPORT, - "Unknown transport. Should be one of {tcp, udp, sctp}" }, - { LDNS_STATUS_DANE_MISSING_EXTRA_CERTS, /* Trust anchor assertion */ - "More than one certificate should be provided" }, - { LDNS_STATUS_DANE_EXTRA_CERTS_NOT_USED, /* Trust anchor assertion */ - "Non of the extra certificates is used to sign the first" }, - { LDNS_STATUS_DANE_OFFSET_OUT_OF_RANGE, /* Trust anchor assertion */ - "The offset was out of range" }, - { LDNS_STATUS_DANE_INSECURE, /* Unused by library */ - "The queried resource records were insecure" }, - { LDNS_STATUS_DANE_BOGUS, /* Unused by library */ - "The queried resource records were bogus" }, - { LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH, - "The TLSA record(s) " - "did not match with the server certificate (chain)" }, - { LDNS_STATUS_DANE_NON_CA_CERTIFICATE, - "The certificate was not a CA certificate" }, - { LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE, - "Could not PKIX validate" }, - { LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR, - "The validation path " - "did not end in a self-signed certificate" }, - { LDNS_STATUS_INVALID_ILNP64, - "Conversion error, 4 colon separated hex numbers expected" }, - { LDNS_STATUS_INVALID_EUI48, - "Conversion error, 6 two character hex numbers " - "separated by dashes expected (i.e. xx-xx-xx-xx-xx-xx" }, - { LDNS_STATUS_INVALID_EUI64, - "Conversion error, 8 two character hex numbers " - "separated by dashes expected (i.e. xx-xx-xx-xx-xx-xx-xx-xx" }, - { LDNS_STATUS_WIRE_RDATA_ERR, "invalid rdata in wire format" }, - { LDNS_STATUS_INVALID_TAG, - "Conversion error, a non-zero sequence of US-ASCII letters " - "and numbers in lower case expected" }, - { LDNS_STATUS_TYPE_NOT_IN_BITMAP, - "The RR type bitmap rdata field did not have " - "a bit reserved for the specific RR type" }, - { LDNS_STATUS_INVALID_RDF_TYPE, - "The rdata field was not of the expected type" }, - { LDNS_STATUS_RDATA_OVERFLOW, "Rdata size overflow" }, { 0, NULL } }; diff --git a/usr.sbin/unbound/ldns/higher.c b/usr.sbin/unbound/ldns/higher.c index 8ce86a41d56..c9eb1731ae2 100644 --- a/usr.sbin/unbound/ldns/higher.c +++ b/usr.sbin/unbound/ldns/higher.c @@ -126,12 +126,10 @@ ldns_get_rr_list_name_by_addr(ldns_resolver *res, ldns_rdf *addr, ldns_rr_class /* add the RD flags, because we want an answer */ pkt = ldns_resolver_query(res, name, LDNS_RR_TYPE_PTR, c, flags | LDNS_RD); - ldns_rdf_deep_free(name); if (pkt) { /* extract the data we need */ names = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_PTR, LDNS_SECTION_ANSWER); - ldns_pkt_free(pkt); } return names; } @@ -304,21 +302,39 @@ ldns_getaddrinfo(ldns_resolver *res, ldns_rdf *node, ldns_rr_class c, bool ldns_nsec_type_check(ldns_rr *nsec, ldns_rr_type t) { - switch (ldns_rr_get_type(nsec)) { - case LDNS_RR_TYPE_NSEC : if (ldns_rr_rd_count(nsec) < 2) { - return false; - } - return ldns_nsec_bitmap_covers_type( - ldns_rr_rdf(nsec, 1), t); - - case LDNS_RR_TYPE_NSEC3 : if (ldns_rr_rd_count(nsec) < 6) { - return false; - } - return ldns_nsec_bitmap_covers_type( - ldns_rr_rdf(nsec, 5), t); - - default : return false; + /* does the nsec cover the t given? */ + /* copied from host2str.c line 465: ldns_rdf2buffer_str_nsec */ + uint8_t window_block_nr; + uint8_t bitmap_length; + uint16_t type; + uint16_t pos = 0; + uint16_t bit_pos; + ldns_rdf *nsec_type_list = ldns_rr_rdf(nsec, 1); + uint8_t *data; + + if (nsec_type_list == NULL) { + return false; + } + data = ldns_rdf_data(nsec_type_list); + + while(pos < ldns_rdf_size(nsec_type_list)) { + window_block_nr = data[pos]; + bitmap_length = data[pos + 1]; + pos += 2; + + for (bit_pos = 0; bit_pos < (bitmap_length) * 8; bit_pos++) { + if (ldns_get_bit(&data[pos], bit_pos)) { + type = 256 * (uint16_t) window_block_nr + bit_pos; + + if ((ldns_rr_type)type == t) { + /* we have a winner */ + return true; + } + } + } + pos += (uint16_t) bitmap_length; } + return false; } void @@ -341,4 +357,3 @@ ldns_print_rr_rdf(FILE *fp, ldns_rr *r, int rdfnum, ...) } va_end(va_rdf); } - diff --git a/usr.sbin/unbound/ldns/host2str.c b/usr.sbin/unbound/ldns/host2str.c index e2c936baf1a..eff1216a966 100644 --- a/usr.sbin/unbound/ldns/host2str.c +++ b/usr.sbin/unbound/ldns/host2str.c @@ -123,62 +123,12 @@ const ldns_output_format *ldns_output_format_onlykeyids = &ldns_output_format_onlykeyids_record; const ldns_output_format *ldns_output_format_default = &ldns_output_format_onlykeyids_record; - const ldns_output_format ldns_output_format_bubblebabble_record = { LDNS_COMMENT_KEY | LDNS_COMMENT_BUBBLEBABBLE | LDNS_COMMENT_FLAGS, NULL }; const ldns_output_format *ldns_output_format_bubblebabble = &ldns_output_format_bubblebabble_record; -static bool -ldns_output_format_covers_type(const ldns_output_format* fmt, ldns_rr_type t) -{ - return fmt && (fmt->flags & LDNS_FMT_RFC3597) && - ((ldns_output_format_storage*)fmt)->bitmap && - ldns_nsec_bitmap_covers_type( - ((ldns_output_format_storage*)fmt)->bitmap, t); -} - -ldns_status -ldns_output_format_set_type(ldns_output_format* fmt, ldns_rr_type t) -{ - ldns_output_format_storage* fmt_st = (ldns_output_format_storage*)fmt; - ldns_status s; - - assert(fmt != NULL); - - if (!(fmt_st->flags & LDNS_FMT_RFC3597)) { - ldns_output_format_set(fmt, LDNS_FMT_RFC3597); - } - if (! fmt_st->bitmap) { - s = ldns_rdf_bitmap_known_rr_types_space(&fmt_st->bitmap); - if (s != LDNS_STATUS_OK) { - return s; - } - } - return ldns_nsec_bitmap_set_type(fmt_st->bitmap, t); -} - -ldns_status -ldns_output_format_clear_type(ldns_output_format* fmt, ldns_rr_type t) -{ - ldns_output_format_storage* fmt_st = (ldns_output_format_storage*)fmt; - ldns_status s; - - assert(fmt != NULL); - - if (!(fmt_st->flags & LDNS_FMT_RFC3597)) { - ldns_output_format_set(fmt, LDNS_FMT_RFC3597); - } - if (! fmt_st->bitmap) { - s = ldns_rdf_bitmap_known_rr_types(&fmt_st->bitmap); - if (s != LDNS_STATUS_OK) { - return s; - } - } - return ldns_nsec_bitmap_clear_type(fmt_st->bitmap, t); -} - ldns_status ldns_pkt_opcode2buffer_str(ldns_buffer *output, ldns_pkt_opcode opcode) { @@ -245,7 +195,7 @@ ldns_pkt_opcode2str(ldns_pkt_opcode opcode) str = NULL; if (ldns_pkt_opcode2buffer_str(buf, opcode) == LDNS_STATUS_OK) { - str = ldns_buffer_export2str(buf); + str = ldns_buffer2str(buf); } ldns_buffer_free(buf); @@ -265,7 +215,7 @@ ldns_pkt_rcode2str(ldns_pkt_rcode rcode) str = NULL; if (ldns_pkt_rcode2buffer_str(buf, rcode) == LDNS_STATUS_OK) { - str = ldns_buffer_export2str(buf); + str = ldns_buffer2str(buf); } ldns_buffer_free(buf); @@ -286,7 +236,7 @@ ldns_pkt_algorithm2str(ldns_algorithm algorithm) str = NULL; if (ldns_algorithm2buffer_str(buf, algorithm) == LDNS_STATUS_OK) { - str = ldns_buffer_export2str(buf); + str = ldns_buffer2str(buf); } ldns_buffer_free(buf); @@ -307,7 +257,7 @@ ldns_pkt_cert_algorithm2str(ldns_cert_algorithm cert_algorithm) str = NULL; if (ldns_cert_algorithm2buffer_str(buf, cert_algorithm) == LDNS_STATUS_OK) { - str = ldns_buffer_export2str(buf); + str = ldns_buffer2str(buf); } ldns_buffer_free(buf); @@ -430,15 +380,18 @@ ldns_rdf2buffer_str_aaaa(ldns_buffer *output, const ldns_rdf *rdf) return ldns_buffer_status(output); } -static void -ldns_characters2buffer_str(ldns_buffer* output, - size_t amount, const uint8_t* characters) +ldns_status +ldns_rdf2buffer_str_str(ldns_buffer *output, const ldns_rdf *rdf) { - uint8_t ch; - while (amount > 0) { - ch = *characters++; - if (isprint((int)ch) || ch == '\t') { - if (ch == '\"' || ch == '\\') + const uint8_t *data = ldns_rdf_data(rdf); + uint8_t length = data[0]; + size_t i; + + ldns_buffer_printf(output, "\""); + for (i = 1; i <= length; ++i) { + char ch = (char) data[i]; + if (isprint((int)ch) || ch=='\t') { + if (ch=='\"'||ch=='\\') ldns_buffer_printf(output, "\\%c", ch); else ldns_buffer_printf(output, "%c", ch); @@ -446,22 +399,7 @@ ldns_characters2buffer_str(ldns_buffer* output, ldns_buffer_printf(output, "\\%03u", (unsigned)(uint8_t) ch); } - amount--; } -} - -ldns_status -ldns_rdf2buffer_str_str(ldns_buffer *output, const ldns_rdf *rdf) -{ - if(ldns_rdf_size(rdf) < 1) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } - if((int)ldns_rdf_size(rdf) < (int)ldns_rdf_data(rdf)[0] + 1) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } - ldns_buffer_printf(output, "\""); - ldns_characters2buffer_str(output, - ldns_rdf_data(rdf)[0], ldns_rdf_data(rdf) + 1); ldns_buffer_printf(output, "\""); return ldns_buffer_status(output); } @@ -512,27 +450,18 @@ ldns_rdf2buffer_str_hex(ldns_buffer *output, const ldns_rdf *rdf) } ldns_status -ldns_rdf2buffer_str_type_fmt(ldns_buffer *output, - const ldns_output_format* fmt, const ldns_rdf *rdf) +ldns_rdf2buffer_str_type(ldns_buffer *output, const ldns_rdf *rdf) { uint16_t data = ldns_read_uint16(ldns_rdf_data(rdf)); + const ldns_rr_descriptor *descriptor; - if (! ldns_output_format_covers_type(fmt, data) && - ldns_rr_descript(data) && - ldns_rr_descript(data)->_name) { - - ldns_buffer_printf(output, "%s",ldns_rr_descript(data)->_name); + descriptor = ldns_rr_descript(data); + if (descriptor && descriptor->_name) { + ldns_buffer_printf(output, "%s", descriptor->_name); } else { ldns_buffer_printf(output, "TYPE%u", data); } - return ldns_buffer_status(output); -} - -ldns_status -ldns_rdf2buffer_str_type(ldns_buffer *output, const ldns_rdf *rdf) -{ - return ldns_rdf2buffer_str_type_fmt(output, - ldns_output_format_default, rdf); + return ldns_buffer_status(output); } ldns_status @@ -638,7 +567,7 @@ ldns_rr_type2str(const ldns_rr_type type) str = NULL; if (ldns_rr_type2buffer_str(buf, type) == LDNS_STATUS_OK) { - str = ldns_buffer_export2str(buf); + str = ldns_buffer2str(buf); } ldns_buffer_free(buf); @@ -674,7 +603,7 @@ ldns_rr_class2str(const ldns_rr_class klass) str = NULL; if (ldns_rr_class2buffer_str(buf, klass) == LDNS_STATUS_OK) { - str = ldns_buffer_export2str(buf); + str = ldns_buffer2str(buf); } ldns_buffer_free(buf); return str; @@ -684,7 +613,7 @@ ldns_status ldns_rdf2buffer_str_loc(ldns_buffer *output, const ldns_rdf *rdf) { /* we could do checking (ie degrees < 90 etc)? */ - uint8_t version; + uint8_t version = ldns_rdf_data(rdf)[0]; uint8_t size; uint8_t horizontal_precision; uint8_t vertical_precision; @@ -699,14 +628,7 @@ ldns_rdf2buffer_str_loc(ldns_buffer *output, const ldns_rdf *rdf) uint32_t equator = (uint32_t) ldns_power(2, 31); - if(ldns_rdf_size(rdf) < 1) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } - version = ldns_rdf_data(rdf)[0]; if (version == 0) { - if(ldns_rdf_size(rdf) < 16) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } size = ldns_rdf_data(rdf)[1]; horizontal_precision = ldns_rdf_data(rdf)[2]; vertical_precision = ldns_rdf_data(rdf)[3]; @@ -746,12 +668,12 @@ ldns_rdf2buffer_str_loc(ldns_buffer *output, const ldns_rdf *rdf) h, m, s, easterness); - s = ((double) altitude) / 100; - s -= 100000; + s = ((double) altitude) / 100; + s -= 100000; if(altitude%100 != 0) ldns_buffer_printf(output, "%.2f", s); - else + else ldns_buffer_printf(output, "%.0f", s); ldns_buffer_printf(output, "m "); @@ -803,9 +725,6 @@ ldns_rdf2buffer_str_wks(ldns_buffer *output, const ldns_rdf *rdf) struct servent *service; uint16_t current_service; - if(ldns_rdf_size(rdf) < 1) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } protocol_nr = ldns_rdf_data(rdf)[0]; protocol = getprotobynumber((int) protocol_nr); if (protocol && (protocol->p_name != NULL)) { @@ -838,8 +757,7 @@ ldns_rdf2buffer_str_wks(ldns_buffer *output, const ldns_rdf *rdf) } ldns_status -ldns_rdf2buffer_str_nsec_fmt(ldns_buffer *output, - const ldns_output_format* fmt, const ldns_rdf *rdf) +ldns_rdf2buffer_str_nsec(ldns_buffer *output, const ldns_rdf *rdf) { /* Note: this code is duplicated in higher.c in * ldns_nsec_type_check() function @@ -850,40 +768,31 @@ ldns_rdf2buffer_str_nsec_fmt(ldns_buffer *output, uint16_t pos = 0; uint16_t bit_pos; uint8_t *data = ldns_rdf_data(rdf); + const ldns_rr_descriptor *descriptor; - while((size_t)(pos + 2) < ldns_rdf_size(rdf)) { + while(pos < ldns_rdf_size(rdf)) { window_block_nr = data[pos]; bitmap_length = data[pos + 1]; pos += 2; - if (ldns_rdf_size(rdf) < pos + bitmap_length) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } - for (bit_pos = 0; bit_pos < (bitmap_length) * 8; bit_pos++) { - if (! ldns_get_bit(&data[pos], bit_pos)) { - continue; - } - type = 256 * (uint16_t) window_block_nr + bit_pos; - if (! ldns_output_format_covers_type(fmt, type) && - ldns_rr_descript(type) && - ldns_rr_descript(type)->_name){ + for (bit_pos = 0; bit_pos < (bitmap_length) * 8; bit_pos++) { + if (ldns_get_bit(&data[pos], bit_pos)) { + type = 256 * (uint16_t) window_block_nr + bit_pos; + descriptor = ldns_rr_descript(type); - ldns_buffer_printf(output, "%s ", - ldns_rr_descript(type)->_name); - } else { - ldns_buffer_printf(output, "TYPE%u ", type); + if (descriptor && descriptor->_name) { + ldns_buffer_printf(output, "%s ", + descriptor->_name); + } else { + ldns_buffer_printf(output, "TYPE%u ", type); + } } } + pos += (uint16_t) bitmap_length; } - return ldns_buffer_status(output); -} -ldns_status -ldns_rdf2buffer_str_nsec(ldns_buffer *output, const ldns_rdf *rdf) -{ - return ldns_rdf2buffer_str_nsec_fmt(output, - ldns_output_format_default, rdf); + return ldns_buffer_status(output); } ldns_status @@ -894,8 +803,9 @@ ldns_rdf2buffer_str_nsec3_salt(ldns_buffer *output, const ldns_rdf *rdf) uint8_t *data = ldns_rdf_data(rdf); - if(ldns_rdf_size(rdf) < 1) { - return LDNS_STATUS_WIRE_RDATA_ERR; + if(ldns_rdf_size(rdf) == 0) { + output->_status = LDNS_STATUS_ERR; + return ldns_buffer_status(output); } salt_length = data[0]; /* from now there are variable length entries so remember pos */ @@ -915,10 +825,8 @@ ldns_status ldns_rdf2buffer_str_period(ldns_buffer *output, const ldns_rdf *rdf) { /* period is the number of seconds */ - if (ldns_rdf_size(rdf) != 4) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } - ldns_buffer_printf(output, "%u", ldns_read_uint32(ldns_rdf_data(rdf))); + uint32_t p = ldns_read_uint32(ldns_rdf_data(rdf)); + ldns_buffer_printf(output, "%u", p); return ldns_buffer_status(output); } @@ -928,20 +836,17 @@ ldns_rdf2buffer_str_tsigtime(ldns_buffer *output,const ldns_rdf *rdf) /* tsigtime is 48 bits network order unsigned integer */ uint64_t tsigtime = 0; uint8_t *data = ldns_rdf_data(rdf); - uint64_t d0, d1, d2, d3, d4, d5; - if (ldns_rdf_size(rdf) < 6) { - return LDNS_STATUS_WIRE_RDATA_ERR; + if (ldns_rdf_size(rdf) != 6) { + return LDNS_STATUS_ERR; } - d0 = data[0]; /* cast to uint64 for shift operations */ - d1 = data[1]; - d2 = data[2]; - d3 = data[3]; - d4 = data[4]; - d5 = data[5]; - tsigtime = (d0<<40) | (d1<<32) | (d2<<24) | (d3<<16) | (d4<<8) | d5; - ldns_buffer_printf(output, "%llu ", (long long)tsigtime); + tsigtime = ldns_read_uint16(data); + tsigtime *= 65536; + tsigtime += ldns_read_uint16(data+2); + tsigtime *= 65536; + + ldns_buffer_printf(output, "%llu ", tsigtime); return ldns_buffer_status(output); } @@ -959,7 +864,7 @@ ldns_rdf2buffer_str_apl(ldns_buffer *output, const ldns_rdf *rdf) while (pos < (unsigned int) ldns_rdf_size(rdf)) { if(pos + 3 >= (unsigned)ldns_rdf_size(rdf)) - return LDNS_STATUS_WIRE_RDATA_ERR; + return LDNS_STATUS_SYNTAX_RDATA_ERR; address_family = ldns_read_uint16(&data[pos]); prefix = data[pos + 2]; negation = data[pos + 3] & LDNS_APL_NEGATION; @@ -977,7 +882,7 @@ ldns_rdf2buffer_str_apl(ldns_buffer *output, const ldns_rdf *rdf) } if (i < (unsigned short) adf_length) { if(pos+i+4 >= ldns_rdf_size(rdf)) - return LDNS_STATUS_WIRE_RDATA_ERR; + return LDNS_STATUS_SYNTAX_RDATA_ERR; ldns_buffer_printf(output, "%d", data[pos + i + 4]); } else { @@ -998,7 +903,7 @@ ldns_rdf2buffer_str_apl(ldns_buffer *output, const ldns_rdf *rdf) } if (i < (unsigned short) adf_length) { if(pos+i+4 >= ldns_rdf_size(rdf)) - return LDNS_STATUS_WIRE_RDATA_ERR; + return LDNS_STATUS_SYNTAX_RDATA_ERR; ldns_buffer_printf(output, "%02x", data[pos + i + 4]); } else { @@ -1009,12 +914,11 @@ ldns_rdf2buffer_str_apl(ldns_buffer *output, const ldns_rdf *rdf) } else { /* unknown address family */ - ldns_buffer_printf(output, - "Unknown address family: %u data: ", + ldns_buffer_printf(output, "Unknown address family: %u data: ", address_family); for (i = 1; i < (unsigned short) (4 + adf_length); i++) { if(pos+i >= ldns_rdf_size(rdf)) - return LDNS_STATUS_WIRE_RDATA_ERR; + return LDNS_STATUS_SYNTAX_RDATA_ERR; ldns_buffer_printf(output, "%02x", data[i]); } } @@ -1026,27 +930,21 @@ ldns_rdf2buffer_str_apl(ldns_buffer *output, const ldns_rdf *rdf) ldns_status ldns_rdf2buffer_str_int16_data(ldns_buffer *output, const ldns_rdf *rdf) { - size_t size; - char *b64; - if (ldns_rdf_size(rdf) < 2) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } /* Subtract the size (2) of the number that specifies the length */ - size = ldns_b64_ntop_calculate_size(ldns_rdf_size(rdf) - 2); + size_t size = ldns_b64_ntop_calculate_size(ldns_rdf_size(rdf) - 2); + char *b64 = LDNS_XMALLOC(char, size); + if(!b64) + return LDNS_STATUS_MEM_ERR; + ldns_buffer_printf(output, "%u ", ldns_rdf_size(rdf) - 2); - if (ldns_rdf_size(rdf) > 2) { - b64 = LDNS_XMALLOC(char, size); - if(!b64) - return LDNS_STATUS_MEM_ERR; - - if (ldns_rdf_size(rdf) > 2 && - ldns_b64_ntop(ldns_rdf_data(rdf) + 2, - ldns_rdf_size(rdf) - 2, - b64, size)) { - ldns_buffer_printf(output, "%s", b64); - } - LDNS_FREE(b64); + + if (ldns_rdf_size(rdf) > 2 && + ldns_b64_ntop(ldns_rdf_data(rdf) + 2, + ldns_rdf_size(rdf) - 2, + b64, size)) { + ldns_buffer_printf(output, "%s", b64); } + LDNS_FREE(b64); return ldns_buffer_status(output); } @@ -1071,9 +969,6 @@ ldns_rdf2buffer_str_ipseckey(ldns_buffer *output, const ldns_rdf *rdf) size_t offset = 0; ldns_status status; - if (ldns_rdf_size(rdf) < 3) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } precedence = data[0]; gateway_type = data[1]; algorithm = data[2]; @@ -1087,12 +982,8 @@ ldns_rdf2buffer_str_ipseckey(ldns_buffer *output, const ldns_rdf *rdf) gateway_data = LDNS_XMALLOC(uint8_t, LDNS_IP4ADDRLEN); if(!gateway_data) return LDNS_STATUS_MEM_ERR; - if (ldns_rdf_size(rdf) < offset + LDNS_IP4ADDRLEN) { - return LDNS_STATUS_ERR; - } memcpy(gateway_data, &data[offset], LDNS_IP4ADDRLEN); - gateway = ldns_rdf_new(LDNS_RDF_TYPE_A, - LDNS_IP4ADDRLEN , gateway_data); + gateway = ldns_rdf_new(LDNS_RDF_TYPE_A, LDNS_IP4ADDRLEN , gateway_data); offset += LDNS_IP4ADDRLEN; if(!gateway) { LDNS_FREE(gateway_data); @@ -1103,22 +994,17 @@ ldns_rdf2buffer_str_ipseckey(ldns_buffer *output, const ldns_rdf *rdf) gateway_data = LDNS_XMALLOC(uint8_t, LDNS_IP6ADDRLEN); if(!gateway_data) return LDNS_STATUS_MEM_ERR; - if (ldns_rdf_size(rdf) < offset + LDNS_IP6ADDRLEN) { - return LDNS_STATUS_ERR; - } memcpy(gateway_data, &data[offset], LDNS_IP6ADDRLEN); offset += LDNS_IP6ADDRLEN; gateway = - ldns_rdf_new(LDNS_RDF_TYPE_AAAA, - LDNS_IP6ADDRLEN, gateway_data); + ldns_rdf_new(LDNS_RDF_TYPE_AAAA, LDNS_IP6ADDRLEN, gateway_data); if(!gateway) { LDNS_FREE(gateway_data); return LDNS_STATUS_MEM_ERR; } break; case 3: - status = ldns_wire2dname(&gateway, data, - ldns_rdf_size(rdf), &offset); + status = ldns_wire2dname(&gateway, data, ldns_rdf_size(rdf), &offset); if(status != LDNS_STATUS_OK) return status; break; @@ -1127,9 +1013,6 @@ ldns_rdf2buffer_str_ipseckey(ldns_buffer *output, const ldns_rdf *rdf) break; } - if (ldns_rdf_size(rdf) <= offset) { - return LDNS_STATUS_ERR; - } public_key_size = ldns_rdf_size(rdf) - offset; public_key_data = LDNS_XMALLOC(uint8_t, public_key_size); if(!public_key_data) { @@ -1137,8 +1020,7 @@ ldns_rdf2buffer_str_ipseckey(ldns_buffer *output, const ldns_rdf *rdf) return LDNS_STATUS_MEM_ERR; } memcpy(public_key_data, &data[offset], public_key_size); - public_key = ldns_rdf_new(LDNS_RDF_TYPE_B64, - public_key_size, public_key_data); + public_key = ldns_rdf_new(LDNS_RDF_TYPE_B64, public_key_size, public_key_data); if(!public_key) { LDNS_FREE(public_key_data); ldns_rdf_free(gateway); @@ -1146,7 +1028,7 @@ ldns_rdf2buffer_str_ipseckey(ldns_buffer *output, const ldns_rdf *rdf) } ldns_buffer_printf(output, "%u %u %u ", precedence, gateway_type, algorithm); - if (gateway) + if (gateway) (void) ldns_rdf2buffer_str(output, gateway); else ldns_buffer_printf(output, "."); @@ -1160,129 +1042,15 @@ ldns_rdf2buffer_str_ipseckey(ldns_buffer *output, const ldns_rdf *rdf) } ldns_status -ldns_rdf2buffer_str_ilnp64(ldns_buffer *output, const ldns_rdf *rdf) +ldns_rdf2buffer_str_tsig(ldns_buffer *output, const ldns_rdf *rdf) { - if (ldns_rdf_size(rdf) != 8) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } - ldns_buffer_printf(output,"%.4x:%.4x:%.4x:%.4x", - ldns_read_uint16(ldns_rdf_data(rdf)), - ldns_read_uint16(ldns_rdf_data(rdf)+2), - ldns_read_uint16(ldns_rdf_data(rdf)+4), - ldns_read_uint16(ldns_rdf_data(rdf)+6)); - return ldns_buffer_status(output); + /* TSIG RRs have no presentation format, make them #size <data> */ + return ldns_rdf2buffer_str_unknown(output, rdf); } -ldns_status -ldns_rdf2buffer_str_eui48(ldns_buffer *output, const ldns_rdf *rdf) -{ - if (ldns_rdf_size(rdf) != 6) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } - ldns_buffer_printf(output,"%.2x-%.2x-%.2x-%.2x-%.2x-%.2x", - ldns_rdf_data(rdf)[0], ldns_rdf_data(rdf)[1], - ldns_rdf_data(rdf)[2], ldns_rdf_data(rdf)[3], - ldns_rdf_data(rdf)[4], ldns_rdf_data(rdf)[5]); - return ldns_buffer_status(output); -} - -ldns_status -ldns_rdf2buffer_str_eui64(ldns_buffer *output, const ldns_rdf *rdf) -{ - if (ldns_rdf_size(rdf) != 8) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } - ldns_buffer_printf(output,"%.2x-%.2x-%.2x-%.2x-%.2x-%.2x-%.2x-%.2x", - ldns_rdf_data(rdf)[0], ldns_rdf_data(rdf)[1], - ldns_rdf_data(rdf)[2], ldns_rdf_data(rdf)[3], - ldns_rdf_data(rdf)[4], ldns_rdf_data(rdf)[5], - ldns_rdf_data(rdf)[6], ldns_rdf_data(rdf)[7]); - return ldns_buffer_status(output); -} ldns_status -ldns_rdf2buffer_str_tag(ldns_buffer *output, const ldns_rdf *rdf) -{ - size_t nchars; - const uint8_t* chars; - char ch; - if (ldns_rdf_size(rdf) < 2) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } - nchars = ldns_rdf_data(rdf)[0]; - if (nchars >= ldns_rdf_size(rdf) || /* should be rdf_size - 1 */ - nchars < 1) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } - chars = ldns_rdf_data(rdf) + 1; - while (nchars > 0) { - ch = (char)*chars++; - if (! isalnum(ch)) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } - ldns_buffer_printf(output, "%c", ch); - nchars--; - } - return ldns_buffer_status(output); -} - -ldns_status -ldns_rdf2buffer_str_long_str(ldns_buffer *output, const ldns_rdf *rdf) -{ - - ldns_buffer_printf(output, "\""); - ldns_characters2buffer_str(output, - ldns_rdf_size(rdf), ldns_rdf_data(rdf)); - ldns_buffer_printf(output, "\""); - return ldns_buffer_status(output); -} - -ldns_status -ldns_rdf2buffer_str_hip(ldns_buffer *output, const ldns_rdf *rdf) -{ - uint8_t *data = ldns_rdf_data(rdf); - size_t rdf_size = ldns_rdf_size(rdf); - uint8_t hit_size; - uint16_t pk_size; - int written; - - if (rdf_size < 6) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } - if ((hit_size = data[0]) == 0 || - (pk_size = ldns_read_uint16(data + 2)) == 0 || - rdf_size < (size_t) hit_size + pk_size + 4) { - - return LDNS_STATUS_WIRE_RDATA_ERR; - } - - ldns_buffer_printf(output, "%d ", (int) data[1]); - - for (data += 4; hit_size > 0; hit_size--, data++) { - - ldns_buffer_printf(output, "%02x", (int) *data); - } - ldns_buffer_write_u8(output, (uint8_t) ' '); - - if (ldns_buffer_reserve(output, - ldns_b64_ntop_calculate_size(pk_size))) { - - written = ldns_b64_ntop(data, pk_size, - (char *) ldns_buffer_current(output), - ldns_buffer_remaining(output)); - - if (written > 0 && - written < (int) ldns_buffer_remaining(output)) { - - output->_position += written; - } - } - return ldns_buffer_status(output); -} - -ldns_status -ldns_rdf2buffer_str_fmt(ldns_buffer *buffer, - const ldns_output_format* fmt, const ldns_rdf *rdf) +ldns_rdf2buffer_str(ldns_buffer *buffer, const ldns_rdf *rdf) { ldns_status res = LDNS_STATUS_OK; @@ -1331,13 +1099,13 @@ ldns_rdf2buffer_str_fmt(ldns_buffer *buffer, res = ldns_rdf2buffer_str_hex(buffer, rdf); break; case LDNS_RDF_TYPE_NSEC: - res = ldns_rdf2buffer_str_nsec_fmt(buffer, fmt, rdf); + res = ldns_rdf2buffer_str_nsec(buffer, rdf); break; case LDNS_RDF_TYPE_NSEC3_SALT: res = ldns_rdf2buffer_str_nsec3_salt(buffer, rdf); break; case LDNS_RDF_TYPE_TYPE: - res = ldns_rdf2buffer_str_type_fmt(buffer, fmt, rdf); + res = ldns_rdf2buffer_str_type(buffer, rdf); break; case LDNS_RDF_TYPE_CLASS: res = ldns_rdf2buffer_str_class(buffer, rdf); @@ -1354,9 +1122,6 @@ ldns_rdf2buffer_str_fmt(ldns_buffer *buffer, case LDNS_RDF_TYPE_TIME: res = ldns_rdf2buffer_str_time(buffer, rdf); break; - case LDNS_RDF_TYPE_HIP: - res = ldns_rdf2buffer_str_hip(buffer, rdf); - break; case LDNS_RDF_TYPE_LOC: res = ldns_rdf2buffer_str_loc(buffer, rdf); break; @@ -1373,43 +1138,24 @@ ldns_rdf2buffer_str_fmt(ldns_buffer *buffer, case LDNS_RDF_TYPE_IPSECKEY: res = ldns_rdf2buffer_str_ipseckey(buffer, rdf); break; + case LDNS_RDF_TYPE_TSIG: + res = ldns_rdf2buffer_str_tsig(buffer, rdf); + break; case LDNS_RDF_TYPE_INT16_DATA: res = ldns_rdf2buffer_str_int16_data(buffer, rdf); break; case LDNS_RDF_TYPE_NSEC3_NEXT_OWNER: res = ldns_rdf2buffer_str_b32_ext(buffer, rdf); break; - case LDNS_RDF_TYPE_ILNP64: - res = ldns_rdf2buffer_str_ilnp64(buffer, rdf); - break; - case LDNS_RDF_TYPE_EUI48: - res = ldns_rdf2buffer_str_eui48(buffer, rdf); - break; - case LDNS_RDF_TYPE_EUI64: - res = ldns_rdf2buffer_str_eui64(buffer, rdf); - break; - case LDNS_RDF_TYPE_TAG: - res = ldns_rdf2buffer_str_tag(buffer, rdf); - break; - case LDNS_RDF_TYPE_LONG_STR: - res = ldns_rdf2buffer_str_long_str(buffer, rdf); - break; } } else { - /** This will write mangled RRs */ ldns_buffer_printf(buffer, "(null) "); - res = LDNS_STATUS_ERR; + res = ldns_buffer_status(buffer); } return res; } -ldns_status -ldns_rdf2buffer_str(ldns_buffer *buffer, const ldns_rdf *rdf) -{ - return ldns_rdf2buffer_str_fmt(buffer,ldns_output_format_default,rdf); -} - -static ldns_rdf * +ldns_rdf * ldns_b32_ext2dname(const ldns_rdf *rdf) { size_t size; @@ -1436,45 +1182,18 @@ ldns_b32_ext2dname(const ldns_rdf *rdf) return NULL; } -static ldns_status -ldns_rr2buffer_str_rfc3597(ldns_buffer *output, const ldns_rr *rr) -{ - size_t total_rdfsize = 0; - size_t i, j; - - ldns_buffer_printf(output, "TYPE%u\t", ldns_rr_get_type(rr)); - for (i = 0; i < ldns_rr_rd_count(rr); i++) { - total_rdfsize += ldns_rdf_size(ldns_rr_rdf(rr, i)); - } - if (total_rdfsize == 0) { - ldns_buffer_printf(output, "\\# 0\n"); - return ldns_buffer_status(output); - } - ldns_buffer_printf(output, "\\# %d ", total_rdfsize); - for (i = 0; i < ldns_rr_rd_count(rr); i++) { - for (j = 0; j < ldns_rdf_size(ldns_rr_rdf(rr, i)); j++) { - ldns_buffer_printf(output, "%.2x", - ldns_rdf_data(ldns_rr_rdf(rr, i))[j]); - } - } - ldns_buffer_printf(output, "\n"); - return ldns_buffer_status(output); -} - ldns_status ldns_rr2buffer_str_fmt(ldns_buffer *output, const ldns_output_format *fmt, const ldns_rr *rr) { uint16_t i, flags; ldns_status status = LDNS_STATUS_OK; - ldns_output_format_storage* fmt_st = (ldns_output_format_storage*)fmt; - if (fmt_st == NULL) { - fmt_st = (ldns_output_format_storage*) - ldns_output_format_default; + if (fmt == NULL) { + fmt = ldns_output_format_default; } if (!rr) { - if (LDNS_COMMENT_NULLS & fmt_st->flags) { + if (LDNS_COMMENT_NULLS & fmt->flags) { ldns_buffer_printf(output, "; (null)\n"); } return ldns_buffer_status(output); @@ -1498,9 +1217,6 @@ ldns_rr2buffer_str_fmt(ldns_buffer *output, } ldns_buffer_printf(output, "\t"); - if (ldns_output_format_covers_type(fmt, ldns_rr_get_type(rr))) { - return ldns_rr2buffer_str_rfc3597(output, rr); - } status = ldns_rr_type2buffer_str(output, ldns_rr_get_type(rr)); if (status != LDNS_STATUS_OK) { return status; @@ -1514,33 +1230,7 @@ ldns_rr2buffer_str_fmt(ldns_buffer *output, for (i = 0; i < ldns_rr_rd_count(rr); i++) { /* ldns_rdf2buffer_str handles NULL input fine! */ - if ((fmt_st->flags & LDNS_FMT_ZEROIZE_RRSIGS) && - (ldns_rr_get_type(rr) == LDNS_RR_TYPE_RRSIG) && - ((/* inception */ i == 4 && - ldns_rdf_get_type(ldns_rr_rdf(rr, 4)) == - LDNS_RDF_TYPE_TIME) || - (/* expiration */ i == 5 && - ldns_rdf_get_type(ldns_rr_rdf(rr, 5)) == - LDNS_RDF_TYPE_TIME) || - (/* signature */ i == 8 && - ldns_rdf_get_type(ldns_rr_rdf(rr, 8)) == - LDNS_RDF_TYPE_B64))) { - - ldns_buffer_printf(output, "(null)"); - status = ldns_buffer_status(output); - } else if ((fmt_st->flags & LDNS_FMT_PAD_SOA_SERIAL) && - (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) && - /* serial */ i == 2 && - ldns_rdf_get_type(ldns_rr_rdf(rr, 2)) == - LDNS_RDF_TYPE_INT32) { - ldns_buffer_printf(output, "%10lu", - (unsigned long) ldns_read_uint32( - ldns_rdf_data(ldns_rr_rdf(rr, 2)))); - status = ldns_buffer_status(output); - } else { - status = ldns_rdf2buffer_str_fmt(output, - fmt, ldns_rr_rdf(rr, i)); - } + status = ldns_rdf2buffer_str(output, ldns_rr_rdf(rr, i)); if(status != LDNS_STATUS_OK) return status; if (i < ldns_rr_rd_count(rr) - 1) { @@ -1552,126 +1242,137 @@ ldns_rr2buffer_str_fmt(ldns_buffer *output, * getting here */ if (ldns_rr_rd_count(rr) > 0) { switch (ldns_rr_get_type(rr)) { - case LDNS_RR_TYPE_DNSKEY: - /* if ldns_rr_rd_count(rr) > 0 - then ldns_rr_rdf(rr, 0) exists! */ - if (! (fmt_st->flags & LDNS_COMMENT_KEY)) { - break; - } - flags = ldns_rdf2native_int16(ldns_rr_rdf(rr, 0)); - ldns_buffer_printf(output, " ;{"); - if (fmt_st->flags & LDNS_COMMENT_KEY_ID) { - ldns_buffer_printf(output, "id = %u", - (unsigned int) ldns_calc_keytag(rr)); - } - if ((fmt_st->flags & LDNS_COMMENT_KEY_TYPE) && - (flags & LDNS_KEY_ZONE_KEY)){ - - if (flags & LDNS_KEY_SEP_KEY) { - ldns_buffer_printf(output, " (ksk)"); - } else { - ldns_buffer_printf(output, " (zsk)"); + case LDNS_RR_TYPE_DNSKEY: + /* if ldns_rr_rd_count(rr) > 0 + then ldns_rr_rdf(rr, 0) exists! */ + if (! (fmt->flags & LDNS_COMMENT_KEY)) { + break; } - if (fmt_st->flags & LDNS_COMMENT_KEY_SIZE){ - ldns_buffer_printf(output, ", "); + flags = ldns_rdf2native_int16( + ldns_rr_rdf(rr, 0)); + ldns_buffer_printf(output, " ;{"); + if (fmt->flags & LDNS_COMMENT_KEY_ID) { + ldns_buffer_printf(output, "id = %u", + (unsigned int) + ldns_calc_keytag(rr)); } - } else if (fmt_st->flags - & (LDNS_COMMENT_KEY_ID - |LDNS_COMMENT_KEY_SIZE)) { - ldns_buffer_printf( output, ", "); - } - if (fmt_st->flags & LDNS_COMMENT_KEY_SIZE) { - ldns_buffer_printf(output, "size = %db", - ldns_rr_dnskey_key_size(rr)); - } - ldns_buffer_printf(output, "}"); - break; - case LDNS_RR_TYPE_RRSIG: - if ((fmt_st->flags & LDNS_COMMENT_KEY) - && (fmt_st->flags& LDNS_COMMENT_RRSIGS) - && ldns_rr_rdf(rr, 6) != NULL) { - ldns_buffer_printf(output, " ;{id = %d}", - ldns_rdf2native_int16( + if ((fmt->flags & LDNS_COMMENT_KEY_TYPE) + && (flags & LDNS_KEY_ZONE_KEY)){ + if (flags & LDNS_KEY_SEP_KEY) { + ldns_buffer_printf( + output, " (ksk)"); + } + else { + ldns_buffer_printf( + output, " (zsk)"); + } + if (fmt->flags & LDNS_COMMENT_KEY_SIZE){ + ldns_buffer_printf( + output, ", "); + } + } else if (fmt->flags + & (LDNS_COMMENT_KEY_ID + |LDNS_COMMENT_KEY_SIZE)) { + ldns_buffer_printf( output, ", "); + } + if (fmt->flags & LDNS_COMMENT_KEY_SIZE) { + ldns_buffer_printf(output, "size = %db", + ldns_rr_dnskey_key_size(rr)); + } + ldns_buffer_printf(output, "}"); + break; + case LDNS_RR_TYPE_RRSIG: + if ((fmt->flags & LDNS_COMMENT_KEY) + && (fmt->flags + & LDNS_COMMENT_RRSIGS) + && ldns_rr_rdf(rr, 6) != NULL) { + ldns_buffer_printf(output + , " ;{id = %d}" + , ldns_rdf2native_int16( ldns_rr_rdf(rr, 6))); - } - break; - case LDNS_RR_TYPE_DS: - if ((fmt_st->flags & LDNS_COMMENT_BUBBLEBABBLE) && - ldns_rr_rdf(rr, 3) != NULL) { - - uint8_t *data = ldns_rdf_data( - ldns_rr_rdf(rr, 3)); - size_t len = ldns_rdf_size(ldns_rr_rdf(rr, 3)); - char *babble = ldns_bubblebabble(data, len); - if(babble) { - ldns_buffer_printf(output, - " ;{%s}", babble); } - LDNS_FREE(babble); - } - break; - case LDNS_RR_TYPE_NSEC3: - if (! (fmt_st->flags & LDNS_COMMENT_FLAGS) && - ! (fmt_st->flags & LDNS_COMMENT_NSEC3_CHAIN)) { break; - } - ldns_buffer_printf(output, " ;{"); - if ((fmt_st->flags & LDNS_COMMENT_FLAGS)) { - if (ldns_nsec3_optout(rr)) { - ldns_buffer_printf(output, - " flags: optout"); - } else { - ldns_buffer_printf(output," flags: -"); + case LDNS_RR_TYPE_DS: + if ((fmt->flags & LDNS_COMMENT_BUBBLEBABBLE) + && ldns_rr_rdf(rr, 3) != NULL) { + uint8_t *data = ldns_rdf_data( + ldns_rr_rdf(rr, 3)); + size_t len = ldns_rdf_size( + ldns_rr_rdf(rr, 3)); + char *babble = ldns_bubblebabble( + data, len); + if(babble) { + ldns_buffer_printf(output + , " ;{%s}", babble); + } + LDNS_FREE(babble); } - if (fmt_st->flags & LDNS_COMMENT_NSEC3_CHAIN && - fmt_st->hashmap != NULL) { - ldns_buffer_printf(output, ", "); + break; + case LDNS_RR_TYPE_NSEC3: + if (! (fmt->flags & LDNS_COMMENT_FLAGS) && + ! (fmt->flags & LDNS_COMMENT_NSEC3_CHAIN)) { + break; } - } - if (fmt_st->flags & LDNS_COMMENT_NSEC3_CHAIN && - fmt_st->hashmap != NULL) { - ldns_rbnode_t *node; - ldns_rdf *key = ldns_dname_label( - ldns_rr_owner(rr), 0); - if (key) { - node = ldns_rbtree_search( - fmt_st->hashmap, - (void *) key); - if (node->data) { + ldns_buffer_printf(output, " ;{"); + if ((fmt->flags & LDNS_COMMENT_FLAGS)) { + if (ldns_nsec3_optout(rr)) { + ldns_buffer_printf(output, + " flags: optout"); + } else { ldns_buffer_printf(output, - "from: "); - (void) ldns_rdf2buffer_str( - output, - ldns_dnssec_name_name( - (ldns_dnssec_name*) - node->data - )); + " flags: -"); + } + if (fmt->flags & LDNS_COMMENT_NSEC3_CHAIN + && fmt->data != NULL) { + ldns_buffer_printf(output, ", "); } - ldns_rdf_free(key); } - key = ldns_b32_ext2dname( + if (fmt->flags & LDNS_COMMENT_NSEC3_CHAIN + && fmt->data != NULL) { + ldns_rbnode_t *node; + ldns_rdf *key = ldns_dname_label( + ldns_rr_owner(rr), 0); + if (key) { + node = ldns_rbtree_search( + (ldns_rbtree_t *) + fmt->data, + (void *) key); + if (node->data) { + ldns_buffer_printf( + output, + "from: "); + (void) + ldns_rdf2buffer_str( + output, + (ldns_rdf *) + node->data); + } + ldns_rdf_free(key); + } + key = ldns_b32_ext2dname( ldns_nsec3_next_owner(rr)); - if (key) { - node = ldns_rbtree_search( - fmt_st->hashmap, - (void *) key); - if (node->data) { - ldns_buffer_printf(output, - " to: "); - (void) ldns_rdf2buffer_str( - output, - ldns_dnssec_name_name( - (ldns_dnssec_name*) - node->data - )); + if (key) { + node = ldns_rbtree_search( + (ldns_rbtree_t *) + fmt->data, + (void *) key); + if (node->data) { + ldns_buffer_printf( + output, + " to: "); + (void) + ldns_rdf2buffer_str( + output, + (ldns_rdf *) + node->data); + } + ldns_rdf_free(key); } - ldns_rdf_free(key); } - } - ldns_buffer_printf(output, "}"); - break; - default: - break; + ldns_buffer_printf(output, "}"); + break; + default: + break; } } @@ -1932,12 +1633,12 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) { ldns_status status = LDNS_STATUS_OK; unsigned char *bignum; -#ifdef HAVE_SSL -# ifndef S_SPLINT_S +#ifndef S_SPLINT_S uint16_t i; -# endif +#endif + +#ifdef HAVE_SSL /* not used when ssl is not defined */ - /*@unused@*/ ldns_rdf *b64_bignum = NULL; RSA *rsa; @@ -1995,12 +1696,10 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) break; #endif default: -#ifdef STDERR_MSGS fprintf(stderr, "Warning: unknown signature "); fprintf(stderr, "algorithm type %u\n", ldns_key_algorithm(k)); -#endif ldns_buffer_printf(output, "Algorithm: %u (Unknown)\n", ldns_key_algorithm(k)); @@ -2017,7 +1716,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { - ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -2029,7 +1727,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { - ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -2043,7 +1740,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { - ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -2060,7 +1756,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { - ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -2077,7 +1772,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { - ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -2094,7 +1788,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { - ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -2111,7 +1804,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { - ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -2128,7 +1820,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { - ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -2162,7 +1853,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { - ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -2179,7 +1869,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { - ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -2196,7 +1885,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { - ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -2213,7 +1901,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { - ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -2230,7 +1917,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { - ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -2252,13 +1938,12 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) NULL #endif ); -#else - goto error; -#endif /* GOST */ + +#endif break; +#ifdef USE_ECDSA case LDNS_SIGN_ECDSAP256SHA256: case LDNS_SIGN_ECDSAP384SHA384: -#ifdef USE_ECDSA ldns_buffer_printf(output, "Private-key-format: v1.2\n"); ldns_buffer_printf(output, "Algorithm: %d (", ldns_key_algorithm(k)); status=ldns_algorithm2buffer_str(output, (ldns_algorithm)ldns_key_algorithm(k)); @@ -2274,7 +1959,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { - ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -2284,10 +1968,8 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) EC_KEY_free(ec); } #endif /* splint */ -#else - goto error; -#endif /* ECDSA */ break; +#endif case LDNS_SIGN_HMACMD5: /* there's not much of a format defined for TSIG */ /* It's just a binary blob, Same for all algorithms */ @@ -2308,6 +1990,9 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } #endif /* HAVE_SSL */ } else { +#ifdef HAVE_SSL + LDNS_FREE(b64_bignum); +#endif LDNS_FREE(bignum); return ldns_buffer_status(output); } @@ -2324,11 +2009,12 @@ error: } /* - * Zero terminate the buffer and copy data. + * Zero terminate the buffer and fix it to the size of the string. */ char * ldns_buffer2str(ldns_buffer *buffer) { + char *tmp_str; char *str; /* check if buffer ends with \0, if not, and @@ -2343,28 +2029,14 @@ ldns_buffer2str(ldns_buffer *buffer) } } - str = strdup((const char *)ldns_buffer_begin(buffer)); + tmp_str = ldns_buffer_export(buffer); + str = LDNS_XMALLOC(char, strlen(tmp_str) + 1); if(!str) { return NULL; } - return str; -} + memcpy(str, tmp_str, strlen(tmp_str) + 1); -/* - * Zero terminate the buffer and export data. - */ -char * -ldns_buffer_export2str(ldns_buffer *buffer) -{ - /* Append '\0' as string terminator */ - if (! ldns_buffer_reserve(buffer, 1)) { - return NULL; - } - ldns_buffer_write_u8(buffer, 0); - - /* reallocate memory to the size of the string and export */ - ldns_buffer_set_capacity(buffer, ldns_buffer_position(buffer)); - return ldns_buffer_export(buffer); + return str; } char * @@ -2378,7 +2050,7 @@ ldns_rdf2str(const ldns_rdf *rdf) } if (ldns_rdf2buffer_str(tmp_buffer, rdf) == LDNS_STATUS_OK) { /* export and return string, destroy rest */ - result = ldns_buffer_export2str(tmp_buffer); + result = ldns_buffer2str(tmp_buffer); } ldns_buffer_free(tmp_buffer); return result; @@ -2396,7 +2068,7 @@ ldns_rr2str_fmt(const ldns_output_format *fmt, const ldns_rr *rr) if (ldns_rr2buffer_str_fmt(tmp_buffer, fmt, rr) == LDNS_STATUS_OK) { /* export and return string, destroy rest */ - result = ldns_buffer_export2str(tmp_buffer); + result = ldns_buffer2str(tmp_buffer); } ldns_buffer_free(tmp_buffer); return result; @@ -2420,7 +2092,7 @@ ldns_pkt2str_fmt(const ldns_output_format *fmt, const ldns_pkt *pkt) if (ldns_pkt2buffer_str_fmt(tmp_buffer, fmt, pkt) == LDNS_STATUS_OK) { /* export and return string, destroy rest */ - result = ldns_buffer_export2str(tmp_buffer); + result = ldns_buffer2str(tmp_buffer); } ldns_buffer_free(tmp_buffer); @@ -2444,7 +2116,7 @@ ldns_key2str(const ldns_key *k) } if (ldns_key2buffer_str(tmp_buffer, k) == LDNS_STATUS_OK) { /* export and return string, destroy rest */ - result = ldns_buffer_export2str(tmp_buffer); + result = ldns_buffer2str(tmp_buffer); } ldns_buffer_free(tmp_buffer); return result; @@ -2474,7 +2146,7 @@ ldns_rr_list2str_fmt(const ldns_output_format *fmt, const ldns_rr_list *list) } /* export and return string, destroy rest */ - result = ldns_buffer_export2str(tmp_buffer); + result = ldns_buffer2str(tmp_buffer); ldns_buffer_free(tmp_buffer); return result; } @@ -2492,20 +2164,20 @@ ldns_rdf_print(FILE *output, const ldns_rdf *rdf) if (str) { fprintf(output, "%s", str); } else { - fprintf(output, ";Unable to convert rdf to string\n"); + fprintf(output, "Unable to convert rdf to string\n"); } LDNS_FREE(str); } void -ldns_rr_print_fmt(FILE *output, +ldns_rr_print_fmt(FILE *output, const ldns_output_format *fmt, const ldns_rr *rr) { char *str = ldns_rr2str_fmt(fmt, rr); if (str) { fprintf(output, "%s", str); } else { - fprintf(output, ";Unable to convert rr to string\n"); + fprintf(output, "Unable to convert rr to string\n"); } LDNS_FREE(str); } @@ -2524,7 +2196,7 @@ ldns_pkt_print_fmt(FILE *output, if (str) { fprintf(output, "%s", str); } else { - fprintf(output, ";Unable to convert packet to string\n"); + fprintf(output, "Unable to convert packet to string\n"); } LDNS_FREE(str); } diff --git a/usr.sbin/unbound/ldns/host2wire.c b/usr.sbin/unbound/ldns/host2wire.c index 8fb5c3a2ba5..ca28dba9336 100644 --- a/usr.sbin/unbound/ldns/host2wire.c +++ b/usr.sbin/unbound/ldns/host2wire.c @@ -81,7 +81,6 @@ ldns_rr_list2buffer_wire(ldns_buffer *buffer,const ldns_rr_list *rr_list) return ldns_buffer_status(buffer); } - ldns_status ldns_rr2buffer_wire_canonical(ldns_buffer *buffer, const ldns_rr *rr, @@ -114,7 +113,6 @@ ldns_rr2buffer_wire_canonical(ldns_buffer *buffer, case LDNS_RR_TYPE_SRV: case LDNS_RR_TYPE_DNAME: case LDNS_RR_TYPE_A6: - case LDNS_RR_TYPE_RRSIG: pre_rfc3597 = true; break; default: @@ -137,15 +135,17 @@ ldns_rr2buffer_wire_canonical(ldns_buffer *buffer, rdl_pos = ldns_buffer_position(buffer); ldns_buffer_write_u16(buffer, 0); } + for (i = 0; i < ldns_rr_rd_count(rr); i++) { if (pre_rfc3597) { (void) ldns_rdf2buffer_wire_canonical( - buffer, ldns_rr_rdf(rr, i)); + buffer, ldns_rr_rdf(rr, i)); } else { (void) ldns_rdf2buffer_wire( - buffer, ldns_rr_rdf(rr, i)); + buffer, ldns_rr_rdf(rr, i)); } } + if (rdl_pos != 0) { ldns_buffer_write_u16_at(buffer, rdl_pos, ldns_buffer_position(buffer) @@ -176,11 +176,13 @@ ldns_rr2buffer_wire(ldns_buffer *buffer, const ldns_rr *rr, int section) /* remember pos for later */ rdl_pos = ldns_buffer_position(buffer); ldns_buffer_write_u16(buffer, 0); - } + } + for (i = 0; i < ldns_rr_rd_count(rr); i++) { (void) ldns_rdf2buffer_wire( buffer, ldns_rr_rdf(rr, i)); } + if (rdl_pos != 0) { ldns_buffer_write_u16_at(buffer, rdl_pos, ldns_buffer_position(buffer) @@ -203,8 +205,7 @@ ldns_rrsig2buffer_wire(ldns_buffer *buffer, const ldns_rr *rr) /* Convert all the rdfs, except the actual signature data * rdf number 8 - the last, hence: -1 */ for (i = 0; i < ldns_rr_rd_count(rr) - 1; i++) { - (void) ldns_rdf2buffer_wire_canonical(buffer, - ldns_rr_rdf(rr, i)); + (void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr, i)); } return ldns_buffer_status(buffer); @@ -216,8 +217,9 @@ ldns_rr_rdata2buffer_wire(ldns_buffer *buffer, const ldns_rr *rr) uint16_t i; /* convert all the rdf's */ for (i = 0; i < ldns_rr_rd_count(rr); i++) { - (void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr,i)); + (void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr, i)); } + return ldns_buffer_status(buffer); } @@ -242,8 +244,7 @@ ldns_hdr2buffer_wire(ldns_buffer *buffer, const ldns_pkt *packet) flags = ldns_pkt_ra(packet) << 7 /*| ldns_pkt_z(packet) << 6*/ | ldns_pkt_ad(packet) << 5 - | ldns_pkt_cd(packet) << 4 - | ldns_pkt_get_rcode(packet); + | ldns_pkt_cd(packet) << 4 | ldns_pkt_get_rcode(packet); ldns_buffer_write_u8(buffer, flags); ldns_buffer_write_u16(buffer, ldns_pkt_qdcount(packet)); @@ -339,6 +340,7 @@ ldns_status ldns_rdf2wire(uint8_t **dest, const ldns_rdf *rdf, size_t *result_size) { ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN); + uint8_t *result = NULL; ldns_status status; *result_size = 0; *dest = NULL; @@ -347,8 +349,21 @@ ldns_rdf2wire(uint8_t **dest, const ldns_rdf *rdf, size_t *result_size) status = ldns_rdf2buffer_wire(buffer, rdf); if (status == LDNS_STATUS_OK) { *result_size = ldns_buffer_position(buffer); - *dest = (uint8_t *) ldns_buffer_export(buffer); + result = (uint8_t *) ldns_buffer_export(buffer); + } else { + ldns_buffer_free(buffer); + return status; } + + if (result) { + *dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer)); + if(!*dest) { + ldns_buffer_free(buffer); + return LDNS_STATUS_MEM_ERR; + } + memcpy(*dest, result, ldns_buffer_position(buffer)); + } + ldns_buffer_free(buffer); return status; } @@ -357,6 +372,7 @@ ldns_status ldns_rr2wire(uint8_t **dest, const ldns_rr *rr, int section, size_t *result_size) { ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN); + uint8_t *result = NULL; ldns_status status; *result_size = 0; *dest = NULL; @@ -365,8 +381,21 @@ ldns_rr2wire(uint8_t **dest, const ldns_rr *rr, int section, size_t *result_size status = ldns_rr2buffer_wire(buffer, rr, section); if (status == LDNS_STATUS_OK) { *result_size = ldns_buffer_position(buffer); - *dest = (uint8_t *) ldns_buffer_export(buffer); + result = (uint8_t *) ldns_buffer_export(buffer); + } else { + ldns_buffer_free(buffer); + return status; + } + + if (result) { + *dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer)); + if(!*dest) { + ldns_buffer_free(buffer); + return LDNS_STATUS_MEM_ERR; + } + memcpy(*dest, result, ldns_buffer_position(buffer)); } + ldns_buffer_free(buffer); return status; } @@ -375,6 +404,7 @@ ldns_status ldns_pkt2wire(uint8_t **dest, const ldns_pkt *packet, size_t *result_size) { ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN); + uint8_t *result = NULL; ldns_status status; *result_size = 0; *dest = NULL; @@ -383,8 +413,21 @@ ldns_pkt2wire(uint8_t **dest, const ldns_pkt *packet, size_t *result_size) status = ldns_pkt2buffer_wire(buffer, packet); if (status == LDNS_STATUS_OK) { *result_size = ldns_buffer_position(buffer); - *dest = (uint8_t *) ldns_buffer_export(buffer); + result = (uint8_t *) ldns_buffer_export(buffer); + } else { + ldns_buffer_free(buffer); + return status; + } + + if (result) { + *dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer)); + if(!*dest) { + ldns_buffer_free(buffer); + return LDNS_STATUS_MEM_ERR; + } + memcpy(*dest, result, ldns_buffer_position(buffer)); } + ldns_buffer_free(buffer); return status; } diff --git a/usr.sbin/unbound/ldns/install-sh b/usr.sbin/unbound/ldns/install-sh index 377bb8687ff..3f83ce9b555 100755..100644 --- a/usr.sbin/unbound/ldns/install-sh +++ b/usr.sbin/unbound/ldns/install-sh @@ -1,7 +1,7 @@ #!/bin/sh # install - install a program, script, or datafile -scriptversion=2011-11-20.07; # UTC +scriptversion=2010-02-06.18; # UTC # This originates from X11R5 (mit/util/scripts/install.sh), which was # later released in X11R6 (xc/config/util/install.sh) with the @@ -35,7 +35,7 @@ scriptversion=2011-11-20.07; # UTC # FSF changes to this file are in the public domain. # # Calling this script install-sh is preferred over install.sh, to prevent -# 'make' implicit rules from creating a file called install from it +# `make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written @@ -156,10 +156,6 @@ while test $# -ne 0; do -s) stripcmd=$stripprog;; -t) dst_arg=$2 - # Protect names problematic for 'test' and other utilities. - case $dst_arg in - -* | [=\(\)!]) dst_arg=./$dst_arg;; - esac shift;; -T) no_target_directory=true;; @@ -190,10 +186,6 @@ if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then fi shift # arg dst_arg=$arg - # Protect names problematic for 'test' and other utilities. - case $dst_arg in - -* | [=\(\)!]) dst_arg=./$dst_arg;; - esac done fi @@ -202,7 +194,7 @@ if test $# -eq 0; then echo "$0: no input file specified." >&2 exit 1 fi - # It's OK to call 'install-sh -d' without argument. + # It's OK to call `install-sh -d' without argument. # This can happen when creating conditional directories. exit 0 fi @@ -240,9 +232,9 @@ fi for src do - # Protect names problematic for 'test' and other utilities. + # Protect names starting with `-'. case $src in - -* | [=\(\)!]) src=./$src;; + -*) src=./$src;; esac if test -n "$dir_arg"; then @@ -264,7 +256,12 @@ do echo "$0: no destination specified." >&2 exit 1 fi + dst=$dst_arg + # Protect names starting with `-'. + case $dst in + -*) dst=./$dst;; + esac # If destination is a directory, append the input filename; won't work # if double slashes aren't ignored. @@ -354,7 +351,7 @@ do if test -z "$dir_arg" || { # Check for POSIX incompatibilities with -m. # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or - # other-writable bit of parent directory when it shouldn't. + # other-writeable bit of parent directory when it shouldn't. # FreeBSD 6.1 mkdir -m -p sets mode of existing directory. ls_ld_tmpdir=`ls -ld "$tmpdir"` case $ls_ld_tmpdir in @@ -392,7 +389,7 @@ do case $dstdir in /*) prefix='/';; - [-=\(\)!]*) prefix='./';; + -*) prefix='./';; *) prefix='';; esac @@ -410,7 +407,7 @@ do for d do - test X"$d" = X && continue + test -z "$d" && continue prefix=$prefix$d if test -d "$prefix"; then diff --git a/usr.sbin/unbound/ldns/keys.c b/usr.sbin/unbound/ldns/keys.c index 46f6a3d0cb6..3772122afdd 100644 --- a/usr.sbin/unbound/ldns/keys.c +++ b/usr.sbin/unbound/ldns/keys.c @@ -44,7 +44,7 @@ ldns_lookup_table ldns_signing_algorithms[] = { }; ldns_key_list * -ldns_key_list_new(void) +ldns_key_list_new() { ldns_key_list *key_list = LDNS_MALLOC(ldns_key_list); if (!key_list) { @@ -57,7 +57,7 @@ ldns_key_list_new(void) } ldns_key * -ldns_key_new(void) +ldns_key_new() { ldns_key *newkey; @@ -368,52 +368,34 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr) #ifdef USE_SHA2 alg = LDNS_SIGN_RSASHA256; #else -# ifdef STDERR_MSGS fprintf(stderr, "Warning: SHA256 not compiled into this "); fprintf(stderr, "version of ldns\n"); -# endif #endif } if (strncmp(d, "10 RSASHA512", 3) == 0) { #ifdef USE_SHA2 alg = LDNS_SIGN_RSASHA512; #else -# ifdef STDERR_MSGS fprintf(stderr, "Warning: SHA512 not compiled into this "); fprintf(stderr, "version of ldns\n"); -# endif #endif } if (strncmp(d, "12 ECC-GOST", 3) == 0) { #ifdef USE_GOST alg = LDNS_SIGN_ECC_GOST; #else -# ifdef STDERR_MSGS fprintf(stderr, "Warning: ECC-GOST not compiled into this "); fprintf(stderr, "version of ldns, use --enable-gost\n"); -# endif #endif } - if (strncmp(d, "13 ECDSAP256SHA256", 3) == 0) { #ifdef USE_ECDSA + if (strncmp(d, "13 ECDSAP256SHA256", 3) == 0) { alg = LDNS_SIGN_ECDSAP256SHA256; -#else -# ifdef STDERR_MSGS - fprintf(stderr, "Warning: ECDSA not compiled into this "); - fprintf(stderr, "version of ldns, use --enable-ecdsa\n"); -# endif -#endif } if (strncmp(d, "14 ECDSAP384SHA384", 3) == 0) { -#ifdef USE_ECDSA alg = LDNS_SIGN_ECDSAP384SHA384; -#else -# ifdef STDERR_MSGS - fprintf(stderr, "Warning: ECDSA not compiled into this "); - fprintf(stderr, "version of ldns, use --enable-ecdsa\n"); -# endif -#endif } +#endif if (strncmp(d, "157 HMAC-MD5", 4) == 0) { alg = LDNS_SIGN_HMACMD5; } @@ -441,7 +423,8 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr) ldns_key_free(k); return LDNS_STATUS_ERR; } - ldns_key_assign_rsa_key(k, rsa); + ldns_key_set_rsa_key(k, rsa); + RSA_free(rsa); #endif /* HAVE_SSL */ break; case LDNS_SIGN_DSA: @@ -453,7 +436,8 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr) ldns_key_free(k); return LDNS_STATUS_ERR; } - ldns_key_assign_dsa_key(k, dsa); + ldns_key_set_dsa_key(k, dsa); + DSA_free(dsa); #endif /* HAVE_SSL */ break; case LDNS_SIGN_HMACMD5: @@ -513,7 +497,6 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr) *key = k; return LDNS_STATUS_OK; } - ldns_key_free(k); return LDNS_STATUS_ERR; } @@ -668,13 +651,15 @@ ldns_key_new_frm_fp_dsa(FILE *f) } DSA * -ldns_key_new_frm_fp_dsa_l(FILE *f, ATTR_UNUSED(int *line_nr)) +ldns_key_new_frm_fp_dsa_l(FILE *f, int *line_nr) { int i; char *d; DSA *dsa; uint8_t *buf; + line_nr = line_nr; + d = LDNS_XMALLOC(char, LDNS_MAX_LINELEN); buf = LDNS_XMALLOC(uint8_t, LDNS_MAX_LINELEN); dsa = DSA_new(); @@ -755,26 +740,32 @@ ldns_key_new_frm_fp_hmac(FILE *f, size_t *hmac_size) } unsigned char * -ldns_key_new_frm_fp_hmac_l( FILE *f - , ATTR_UNUSED(int *line_nr) - , size_t *hmac_size - ) +ldns_key_new_frm_fp_hmac_l(FILE *f, int *line_nr, size_t *hmac_size) { - size_t i, bufsz; - char d[LDNS_MAX_LINELEN]; - unsigned char *buf = NULL; + size_t i; + char *d; + unsigned char *buf; + + line_nr = line_nr; + + d = LDNS_XMALLOC(char, LDNS_MAX_LINELEN); + buf = LDNS_XMALLOC(unsigned char, LDNS_MAX_LINELEN); + if(!d || !buf) { + goto error; + } if (ldns_fget_keyword_data_l(f, "Key", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) { goto error; } - bufsz = ldns_b64_ntop_calculate_size(strlen(d)); - buf = LDNS_XMALLOC(unsigned char, bufsz); - i = (size_t) ldns_b64_pton((const char*)d, buf, bufsz); + i = (size_t) ldns_b64_pton((const char*)d, + buf, + ldns_b64_ntop_calculate_size(strlen(d))); *hmac_size = i; return buf; error: + LDNS_FREE(d); LDNS_FREE(buf); *hmac_size = 0; return NULL; @@ -852,7 +843,6 @@ ldns_key_new_frm_algorithm(ldns_signing_algorithm alg, uint16_t size) return NULL; } ldns_key_set_rsa_key(k, r); - RSA_free(r); #endif /* HAVE_SSL */ break; case LDNS_SIGN_DSA: @@ -868,7 +858,6 @@ ldns_key_new_frm_algorithm(ldns_signing_algorithm alg, uint16_t size) return NULL; } ldns_key_set_dsa_key(k, d); - DSA_free(d); #endif /* HAVE_SSL */ break; case LDNS_SIGN_HMACMD5: @@ -917,14 +906,11 @@ ldns_key_new_frm_algorithm(ldns_signing_algorithm alg, uint16_t size) return NULL; } #endif /* splint */ -#else - ldns_key_free(k); - return NULL; #endif /* HAVE_SSL and USE_GOST */ break; +#ifdef USE_ECDSA case LDNS_SIGN_ECDSAP256SHA256: case LDNS_SIGN_ECDSAP384SHA384: -#ifdef USE_ECDSA if(alg == LDNS_SIGN_ECDSAP256SHA256) ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); else if(alg == LDNS_SIGN_ECDSAP384SHA384) @@ -951,11 +937,8 @@ ldns_key_new_frm_algorithm(ldns_signing_algorithm alg, uint16_t size) return NULL; } #endif /* splint */ -#else - ldns_key_free(k); - return NULL; -#endif /* ECDSA */ break; +#endif } ldns_key_set_algorithm(k, alg); return k; @@ -1009,22 +992,6 @@ ldns_key_set_dsa_key(ldns_key *k, DSA *d) EVP_PKEY_set1_DSA(key, d); k->_key.key = key; } - -void -ldns_key_assign_rsa_key(ldns_key *k, RSA *r) -{ - EVP_PKEY *key = EVP_PKEY_new(); - EVP_PKEY_assign_RSA(key, r); - k->_key.key = key; -} - -void -ldns_key_assign_dsa_key(ldns_key *k, DSA *d) -{ - EVP_PKEY *key = EVP_PKEY_new(); - EVP_PKEY_assign_DSA(key, d); - k->_key.key = key; -} #endif /* splint */ #endif /* HAVE_SSL */ @@ -1322,15 +1289,13 @@ ldns_key_dsa2bin(unsigned char *data, DSA *k, uint16_t *size) } /* See RFC2536 */ - *size = (uint16_t)BN_num_bytes(k->p); + *size = (uint16_t)BN_num_bytes(k->g); T = (*size - 64) / 8; memcpy(data, &T, 1); if (T > 8) { -#ifdef STDERR_MSGS fprintf(stderr, "DSA key with T > 8 (ie. > 1024 bits)"); fprintf(stderr, " not implemented\n"); -#endif return false; } @@ -1387,10 +1352,10 @@ ldns_key2rr(const ldns_key *k) #endif int internal_data = 0; + pubkey = ldns_rr_new(); if (!k) { return NULL; } - pubkey = ldns_rr_new(); switch (ldns_key_algorithm(k)) { case LDNS_SIGN_HMACMD5: @@ -1501,14 +1466,11 @@ ldns_key2rr(const ldns_key *k) } #endif /* splint */ internal_data = 1; -#else - ldns_rr_free(pubkey); - return NULL; #endif /* HAVE_SSL and USE_GOST */ break; +#ifdef USE_ECDSA case LDNS_SIGN_ECDSAP256SHA256: case LDNS_SIGN_ECDSAP384SHA384: -#ifdef USE_ECDSA ldns_rr_push_rdf(pubkey, ldns_native2rdf_int8( LDNS_RDF_TYPE_ALG, ldns_key_algorithm(k))); bin = NULL; @@ -1535,11 +1497,8 @@ ldns_key2rr(const ldns_key *k) * to the pkey */ EC_KEY_free(ec); internal_data = 1; -#else - ldns_rr_free(pubkey); - return NULL; -#endif /* ECDSA */ break; +#endif case LDNS_SIGN_HMACMD5: case LDNS_SIGN_HMACSHA1: case LDNS_SIGN_HMACSHA256: @@ -1574,7 +1533,6 @@ ldns_key_free(ldns_key *key) void ldns_key_deep_free(ldns_key *key) { - unsigned char* hmac; if (ldns_key_pubkey_owner(key)) { ldns_rdf_deep_free(ldns_key_pubkey_owner(key)); } @@ -1584,8 +1542,7 @@ ldns_key_deep_free(ldns_key *key) } #endif /* HAVE_SSL */ if (ldns_key_hmac_key(key)) { - hmac = ldns_key_hmac_key(key); - LDNS_FREE(hmac); + free(ldns_key_hmac_key(key)); } LDNS_FREE(key); } @@ -1617,9 +1574,7 @@ ldns_read_anchor_file(const char *filename) fp = fopen(filename, "r"); if (!fp) { -#ifdef STDERR_MSGS fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno)); -#endif LDNS_FREE(line); return NULL; } @@ -1633,9 +1588,7 @@ ldns_read_anchor_file(const char *filename) fclose(fp); if (i <= 0) { -#ifdef STDERR_MSGS fprintf(stderr, "nothing read from %s", filename); -#endif LDNS_FREE(line); return NULL; } else { @@ -1644,9 +1597,7 @@ ldns_read_anchor_file(const char *filename) LDNS_FREE(line); return r; } else { -#ifdef STDERR_MSGS fprintf(stderr, "Error creating DNSKEY or DS rr from %s: %s\n", filename, ldns_get_errorstr_by_id(status)); -#endif LDNS_FREE(line); return NULL; } @@ -1666,7 +1617,7 @@ ldns_key_get_file_base_name(ldns_key *key) "+%03u+%05u", ldns_key_algorithm(key), ldns_key_keytag(key)); - file_base_name = ldns_buffer_export(buffer); + file_base_name = strdup(ldns_buffer_export(buffer)); ldns_buffer_free(buffer); return file_base_name; } diff --git a/usr.sbin/unbound/ldns/ldns/buffer.h b/usr.sbin/unbound/ldns/ldns/buffer.h index 3b64198d8d5..03df14c9915 100644 --- a/usr.sbin/unbound/ldns/ldns/buffer.h +++ b/usr.sbin/unbound/ldns/ldns/buffer.h @@ -630,9 +630,8 @@ void ldns_buffer_free(ldns_buffer *buffer); void *ldns_buffer_export(ldns_buffer *buffer); /** - * Copy contents of the from buffer to the result buffer and then flips - * the result buffer. Data will be silently truncated if the result buffer is - * too small. + * Copy contents of the other buffer to this buffer. Silently truncated + * if this buffer is too small. * \param[out] *result resulting buffer which is copied to. * \param[in] *from what to copy to result. */ diff --git a/usr.sbin/unbound/ldns/ldns/common.h.in b/usr.sbin/unbound/ldns/ldns/common.h.in index 8bf9654b4ff..98470eea577 100644 --- a/usr.sbin/unbound/ldns/ldns/common.h.in +++ b/usr.sbin/unbound/ldns/ldns/common.h.in @@ -20,13 +20,10 @@ * as detected and determined by the auto configure script. */ #define LDNS_BUILD_CONFIG_HAVE_SSL @ldns_build_config_have_ssl@ +#define LDNS_BUILD_CONFIG_USE_ECDSA @ldns_build_config_use_ecdsa@ #define LDNS_BUILD_CONFIG_HAVE_INTTYPES_H @ldns_build_config_have_inttypes_h@ #define LDNS_BUILD_CONFIG_HAVE_ATTR_FORMAT @ldns_build_config_have_attr_format@ #define LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED @ldns_build_config_have_attr_unused@ -#define LDNS_BUILD_CONFIG_HAVE_SOCKLEN_T @ldns_build_config_have_socklen_t@ -#define LDNS_BUILD_CONFIG_USE_DANE @ldns_build_config_use_dane@ -#define LDNS_BUILD_CONFIG_HAVE_B32_PTON @ldns_build_config_have_b32_pton@ -#define LDNS_BUILD_CONFIG_HAVE_B32_NTOP @ldns_build_config_have_b32_ntop@ /* * HAVE_STDBOOL_H is not available when distributed as a library, but no build @@ -69,8 +66,4 @@ typedef bool _Bool; #define ATTR_UNUSED(x) x #endif /* !LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED */ -#if !LDNS_BUILD_CONFIG_HAVE_SOCKLEN_T -typedef int socklen_t; -#endif - #endif /* LDNS_COMMON_H */ diff --git a/usr.sbin/unbound/ldns/ldns/config.h.in b/usr.sbin/unbound/ldns/ldns/config.h.in index b41af233c3b..3393e99767e 100644 --- a/usr.sbin/unbound/ldns/ldns/config.h.in +++ b/usr.sbin/unbound/ldns/ldns/config.h.in @@ -33,12 +33,6 @@ /* Define to 1 if you have the `ctime_r' function. */ #undef HAVE_CTIME_R -/* Is a CAFILE given at configure time */ -#undef HAVE_DANE_CA_FILE - -/* Is a CAPATH given at configure time */ -#undef HAVE_DANE_CA_PATH - /* Define to 1 if you have the declaration of `NID_secp384r1', and to 0 if you don't. */ #undef HAVE_DECL_NID_SECP384R1 @@ -86,6 +80,9 @@ /* Define to 1 if you have the `inet_pton' function. */ #undef HAVE_INET_PTON +/* Define to 1 if the system has the type `intptr_t'. */ +#undef HAVE_INTPTR_T + /* define if you have inttypes.h */ #undef HAVE_INTTYPES_H @@ -253,15 +250,6 @@ /* Define to 1 if the system has the type `_Bool'. */ #undef HAVE__BOOL -/* Is a CAFILE given at configure time */ -#undef LDNS_DANE_CA_FILE - -/* Is a CAPATH given at configure time */ -#undef LDNS_DANE_CA_PATH - -/* Default trust anchor file */ -#undef LDNS_TRUST_ANCHOR_FILE - /* Define to the sub-directory in which libtool stores uninstalled libraries. */ #undef LT_OBJDIR @@ -284,36 +272,15 @@ /* Define to the version of this package. */ #undef PACKAGE_VERSION -/* Define this to enable RR type CDS. */ -#undef RRTYPE_CDS - -/* Define this to enable RR type NINFO. */ -#undef RRTYPE_NINFO - -/* Define this to enable RR type RKEY. */ -#undef RRTYPE_RKEY - -/* Define this to enable RR type TA. */ -#undef RRTYPE_TA - -/* Define this to enable RR type URI. */ -#undef RRTYPE_URI - /* The size of `time_t', as computed by sizeof. */ #undef SIZEOF_TIME_T /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS -/* Define this to enable messages to stderr. */ -#undef STDERR_MSGS - /* System configuration dir */ #undef SYSCONFDIR -/* Define this to enable DANE support. */ -#undef USE_DANE - /* Define this to enable ECDSA support. */ #undef USE_ECDSA @@ -400,7 +367,8 @@ /* Define to `char' if <sys/types.h> does not define. */ #undef int8_t -/* Define to `size_t' if <sys/types.h> does not define. */ +/* Define to the type of a signed integer type wide enough to hold a pointer, + if such a type exists, and if the system does not define it. */ #undef intptr_t /* Define to rpl_malloc if the replacement function should be used. */ @@ -505,6 +473,7 @@ extern "C" { #endif +#ifndef B64_PTON int ldns_b64_ntop(uint8_t const *src, size_t srclength, char *target, size_t targsize); /** @@ -515,6 +484,8 @@ static inline size_t ldns_b64_ntop_calculate_size(size_t srcsize) { return ((((srcsize + 2) / 3) * 4) + 1); } +#endif /* !B64_PTON */ +#ifndef B64_NTOP int ldns_b64_pton(char const *src, uint8_t *target, size_t targsize); /** * calculates the size needed to store the result of ldns_b64_pton @@ -524,12 +495,7 @@ static inline size_t ldns_b64_pton_calculate_size(size_t srcsize) { return (((((srcsize + 3) / 4) * 3)) + 1); } - -/** - * Given in dnssec_zone.c, also used in dnssec_sign.c:w - - */ -int ldns_dname_compare_v(const void *a, const void *b); +#endif /* !B64_NTOP */ #ifndef HAVE_SLEEP /* use windows sleep, in millisecs, instead */ diff --git a/usr.sbin/unbound/ldns/ldns/dname.h b/usr.sbin/unbound/ldns/ldns/dname.h index 16b45429fb2..a91f075257c 100644 --- a/usr.sbin/unbound/ldns/ldns/dname.h +++ b/usr.sbin/unbound/ldns/ldns/dname.h @@ -111,7 +111,6 @@ ldns_rdf *ldns_dname_new_frm_str(const char *str); * Create a new dname rdf from a string * \param[in] s the size of the new dname * \param[in] *data pointer to the actual data - * * \return ldns_rdf* */ ldns_rdf *ldns_dname_new(uint16_t s, void *data); @@ -120,7 +119,6 @@ ldns_rdf *ldns_dname_new(uint16_t s, void *data); * Create a new dname rdf from data (the data is copied) * \param[in] size the size of the data * \param[in] *data pointer to the actual data - * * \return ldns_rdf* */ ldns_rdf *ldns_dname_new_frm_data(uint16_t size, const void *data); @@ -180,13 +178,6 @@ int ldns_dname_interval(const ldns_rdf *prev, const ldns_rdf *middle, const ldns bool ldns_dname_str_absolute(const char *dname_str); /** - * Checks whether the given dname is absolute (i.e. ends with a '.') - * \param[in] *dname a rdf representing the dname - * \return true or false - */ -bool ldns_dname_absolute(const ldns_rdf *dname); - -/** * look inside the rdf and if it is an LDNS_RDF_TYPE_DNAME * try and retrieve a specific label. The labels are numbered * starting from 0 (left most). diff --git a/usr.sbin/unbound/ldns/ldns/dnssec.h b/usr.sbin/unbound/ldns/ldns/dnssec.h index f4cdafbe9de..9e602b5bc1d 100644 --- a/usr.sbin/unbound/ldns/ldns/dnssec.h +++ b/usr.sbin/unbound/ldns/ldns/dnssec.h @@ -198,7 +198,6 @@ RSA *ldns_key_buf2rsa_raw(unsigned char* key, size_t len); * * \param[in] *key the key to convert * \param[in] h the hash to use LDNS_SHA1/LDNS_SHA256 - * * \return ldns_rr* a new rr pointer to a DS */ ldns_rr *ldns_key_rr2ds(const ldns_rr *key, ldns_hash h); @@ -364,30 +363,12 @@ ldns_rdf *ldns_nsec3_bitmap(const ldns_rr *nsec3_rr); ldns_rdf *ldns_nsec3_hash_name_frm_nsec3(const ldns_rr *nsec, ldns_rdf *name); /** - * Check if RR type t is enumerated and set in the RR type bitmap rdf. - * \param[in] bitmap the RR type bitmap rdf to look in - * \param[in] type the type to check for - * \return true when t is found and set, otherwise return false - */ -bool ldns_nsec_bitmap_covers_type(const ldns_rdf* bitmap, ldns_rr_type type); - -/** - * Checks if RR type t is enumerated in the type bitmap rdf and sets the bit. - * \param[in] bitmap the RR type bitmap rdf to look in - * \param[in] type the type to for which the bit to set - * \return LDNS_STATUS_OK on success. LDNS_STATUS_TYPE_NOT_IN_BITMAP is - * returned when the bitmap does not contain the bit to set. - */ -ldns_status ldns_nsec_bitmap_set_type(ldns_rdf* bitmap, ldns_rr_type type); - -/** - * Checks if RR type t is enumerated in the type bitmap rdf and clears the bit. - * \param[in] bitmap the RR type bitmap rdf to look in - * \param[in] type the type to for which the bit to clear - * \return LDNS_STATUS_OK on success. LDNS_STATUS_TYPE_NOT_IN_BITMAP is - * returned when the bitmap does not contain the bit to clear. + * Checks coverage of NSEC RR type bitmap + * \param[in] nsec_bitmap The NSEC bitmap rdata field to check + * \param[in] type The type to check + * \return true if the NSEC RR covers the type */ -ldns_status ldns_nsec_bitmap_clear_type(ldns_rdf* bitmap, ldns_rr_type type); +bool ldns_nsec_bitmap_covers_type(const ldns_rdf *nsec_bitmap, ldns_rr_type type); /** * Checks coverage of NSEC(3) RR name span diff --git a/usr.sbin/unbound/ldns/ldns/dnssec_sign.h b/usr.sbin/unbound/ldns/ldns/dnssec_sign.h index f51c7fb3812..e77cb6959df 100644 --- a/usr.sbin/unbound/ldns/ldns/dnssec_sign.h +++ b/usr.sbin/unbound/ldns/ldns/dnssec_sign.h @@ -87,7 +87,7 @@ ldns_rdf *ldns_sign_public_rsamd5(ldns_buffer *to_sign, RSA *key); * when walking the tree with the ldns_dnssec_name_node_next_nonglue() * function. But watch out! Names that are partially occluded (like glue with * the same name as the delegation) will not be marked and should specifically - * be taken into account separately. + * be taken into account seperately. * * When glue_list is given (not NULL), in the process of marking the names, all * glue resource records will be pushed to that list, even glue at the delegation name. @@ -105,7 +105,7 @@ ldns_dnssec_zone_mark_and_get_glue( * when walking the tree with the ldns_dnssec_name_node_next_nonglue() * function. But watch out! Names that are partially occluded (like glue with * the same name as the delegation) will not be marked and should specifically - * be taken into account separately. + * be taken into account seperately. * * \param[in] zone the zone in which to mark the names * \return LDNS_STATUS_OK on succesful completion diff --git a/usr.sbin/unbound/ldns/ldns/dnssec_verify.h b/usr.sbin/unbound/ldns/ldns/dnssec_verify.h index 0c41e8c11b6..1350f485895 100644 --- a/usr.sbin/unbound/ldns/ldns/dnssec_verify.h +++ b/usr.sbin/unbound/ldns/ldns/dnssec_verify.h @@ -32,7 +32,7 @@ struct ldns_dnssec_data_chain_struct * Creates a new dnssec_chain structure * \return ldns_dnssec_data_chain * */ -ldns_dnssec_data_chain *ldns_dnssec_data_chain_new(void); +ldns_dnssec_data_chain *ldns_dnssec_data_chain_new(); /** * Frees a dnssec_data_chain structure @@ -137,7 +137,7 @@ struct ldns_dnssec_trust_tree_struct * * \return ldns_dnssec_trust_tree * */ -ldns_dnssec_trust_tree *ldns_dnssec_trust_tree_new(void); +ldns_dnssec_trust_tree *ldns_dnssec_trust_tree_new(); /** * Frees the dnssec_trust_tree recursively @@ -209,7 +209,7 @@ ldns_status ldns_dnssec_trust_tree_add_parent(ldns_dnssec_trust_tree *tree, const ldns_status parent_status); /** - * Generates a dnssec_trust_tree for the given rr from the + * Generates a dnssec_trust_ttree for the given rr from the * given data_chain * * This does not clone the actual data; Don't free the @@ -224,7 +224,7 @@ ldns_dnssec_trust_tree *ldns_dnssec_derive_trust_tree( ldns_rr *rr); /** - * Generates a dnssec_trust_tree for the given rr from the + * Generates a dnssec_trust_ttree for the given rr from the * given data_chain * * This does not clone the actual data; Don't free the @@ -367,7 +367,6 @@ void ldns_dnssec_derive_trust_tree_no_sig_time( * * \param *tree The trust tree so search * \param *keys A ldns_rr_list of DNSKEY and DS rrs to look for - * * \return LDNS_STATUS_OK if there is a trusted path to one of * the keys, or the *first* error encountered * if there were no paths diff --git a/usr.sbin/unbound/ldns/ldns/dnssec_zone.h b/usr.sbin/unbound/ldns/ldns/dnssec_zone.h index b794f942f47..e2dd40291af 100644 --- a/usr.sbin/unbound/ldns/ldns/dnssec_zone.h +++ b/usr.sbin/unbound/ldns/ldns/dnssec_zone.h @@ -8,6 +8,7 @@ #ifndef LDNS_DNSSEC_ZONE_H #define LDNS_DNSSEC_ZONE_H +#include <ldns/ldns.h> #include <ldns/rbtree.h> #include <ldns/host2str.h> @@ -93,13 +94,6 @@ struct ldns_struct_dnssec_zone { ldns_dnssec_name *soa; /** tree of ldns_dnssec_names */ ldns_rbtree_t *names; - /** tree of ldns_dnssec_names by nsec3 hashes (when applicible) */ - ldns_rbtree_t *hashed_names; - /** points to the first added NSEC3 rr whose parameters will be - * assumed for all subsequent NSEC3 rr's and which will be used - * to calculate hashed names - */ - ldns_rr *_nsec3params; }; typedef struct ldns_struct_dnssec_zone ldns_dnssec_zone; @@ -107,7 +101,7 @@ typedef struct ldns_struct_dnssec_zone ldns_dnssec_zone; * Creates a new entry for 1 pointer to an rr and 1 pointer to the next rrs * \return the allocated data */ -ldns_dnssec_rrs *ldns_dnssec_rrs_new(void); +ldns_dnssec_rrs *ldns_dnssec_rrs_new(); /** * Frees the list of rrs, but *not* the individual ldns_rr records @@ -126,8 +120,7 @@ void ldns_dnssec_rrs_free(ldns_dnssec_rrs *rrs); void ldns_dnssec_rrs_deep_free(ldns_dnssec_rrs *rrs); /** - * Adds an RR to the list of RRs. The list will remain ordered. - * If an equal RR already exists, this RR will not be added. + * Adds an RR to the list of RRs. The list will remain ordered * * \param[in] rrs the list to add to * \param[in] rr the RR to add @@ -157,7 +150,7 @@ void ldns_dnssec_rrs_print_fmt(FILE *out, * Creates a new list (entry) of RRsets * \return the newly allocated structure */ -ldns_dnssec_rrsets *ldns_dnssec_rrsets_new(void); +ldns_dnssec_rrsets *ldns_dnssec_rrsets_new(); /** * Frees the list of rrsets and their rrs, but *not* the ldns_rr @@ -232,7 +225,7 @@ void ldns_dnssec_rrsets_print_fmt(FILE *out, * Create a new data structure for a dnssec name * \return the allocated structure */ -ldns_dnssec_name *ldns_dnssec_name_new(void); +ldns_dnssec_name *ldns_dnssec_name_new(); /** * Create a new data structure for a dnssec name for the given RR @@ -364,34 +357,7 @@ void ldns_dnssec_name_print_fmt(FILE *out, * Creates a new dnssec_zone structure * \return the allocated structure */ -ldns_dnssec_zone *ldns_dnssec_zone_new(void); - -/** - * Create a new dnssec zone from a file. - * \param[out] z the new zone - * \param[in] *fp the filepointer to use - * \param[in] *origin the zones' origin - * \param[in] c default class to use (IN) - * \param[in] ttl default ttl to use - * - * \return ldns_status mesg with an error or LDNS_STATUS_OK - */ -ldns_status ldns_dnssec_zone_new_frm_fp(ldns_dnssec_zone** z, FILE* fp, - ldns_rdf* origin, uint32_t ttl, ldns_rr_class c); - -/** - * Create a new dnssec zone from a file, keep track of the line numbering - * \param[out] z the new zone - * \param[in] *fp the filepointer to use - * \param[in] *origin the zones' origin - * \param[in] ttl default ttl to use - * \param[in] c default class to use (IN) - * \param[out] line_nr used for error msg, to get to the line number - * - * \return ldns_status mesg with an error or LDNS_STATUS_OK - */ -ldns_status ldns_dnssec_zone_new_frm_fp_l(ldns_dnssec_zone** z, FILE* fp, - ldns_rdf* origin, uint32_t ttl, ldns_rr_class c, int* line_nr); +ldns_dnssec_zone *ldns_dnssec_zone_new(); /** * Frees the given zone structure, and its rbtree of dnssec_names @@ -467,15 +433,6 @@ void ldns_dnssec_zone_print_fmt(FILE *out, */ ldns_status ldns_dnssec_zone_add_empty_nonterminals(ldns_dnssec_zone *zone); -/** - * If a NSEC3PARAM is available in the apex, walks the zone and returns true - * on the first optout nsec3. - * - * \param[in] zone the zone to check for nsec3 optout records - * return true when the zone has at least one nsec3 optout record. - */ -bool ldns_dnssec_zone_is_nsec3_optout(ldns_dnssec_zone* zone); - #ifdef __cplusplus } #endif diff --git a/usr.sbin/unbound/ldns/ldns/error.h b/usr.sbin/unbound/ldns/ldns/error.h index 41b99ad146d..99d4f0bfe85 100644 --- a/usr.sbin/unbound/ldns/ldns/error.h +++ b/usr.sbin/unbound/ldns/ldns/error.h @@ -100,33 +100,7 @@ enum ldns_enum_status { LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED, LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND, LDNS_STATUS_MISSING_RDATA_FIELDS_RRSIG, - LDNS_STATUS_MISSING_RDATA_FIELDS_KEY, - LDNS_STATUS_CRYPTO_SIG_EXPIRED_WITHIN_MARGIN, - LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN, - LDNS_STATUS_DANE_STATUS_MESSAGES, - LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE, - LDNS_STATUS_DANE_UNKNOWN_SELECTOR, - LDNS_STATUS_DANE_UNKNOWN_MATCHING_TYPE, - LDNS_STATUS_DANE_UNKNOWN_PROTOCOL, - LDNS_STATUS_DANE_UNKNOWN_TRANSPORT, - LDNS_STATUS_DANE_MISSING_EXTRA_CERTS, - LDNS_STATUS_DANE_EXTRA_CERTS_NOT_USED, - LDNS_STATUS_DANE_OFFSET_OUT_OF_RANGE, - LDNS_STATUS_DANE_INSECURE, - LDNS_STATUS_DANE_BOGUS, - LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH, - LDNS_STATUS_DANE_NON_CA_CERTIFICATE, - LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE, - LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR, - LDNS_STATUS_EXISTS_ERR, - LDNS_STATUS_INVALID_ILNP64, - LDNS_STATUS_INVALID_EUI48, - LDNS_STATUS_INVALID_EUI64, - LDNS_STATUS_WIRE_RDATA_ERR, - LDNS_STATUS_INVALID_TAG, - LDNS_STATUS_TYPE_NOT_IN_BITMAP, - LDNS_STATUS_INVALID_RDF_TYPE, - LDNS_STATUS_RDATA_OVERFLOW, + LDNS_STATUS_MISSING_RDATA_FIELDS_KEY }; typedef enum ldns_enum_status ldns_status; diff --git a/usr.sbin/unbound/ldns/ldns/host2str.h b/usr.sbin/unbound/ldns/ldns/host2str.h index e69389e90ae..f0a14a4304a 100644 --- a/usr.sbin/unbound/ldns/ldns/host2str.h +++ b/usr.sbin/unbound/ldns/ldns/host2str.h @@ -40,38 +40,30 @@ extern "C" { #define LDNS_APL_NEGATION 0x80 /** - * Represent a NULL pointer (instead of a pointer to a ldns_rr as "; (null)" + * Represent a NULL pointer (in stead of a pointer to a ldns_rr as "; (null)" * as opposed to outputting nothing at all in such a case. */ -/* Flag Name Flag Nr. Has data associated - ---------------------------------------------------------------------*/ -#define LDNS_COMMENT_NULLS (1 << 0) +#define LDNS_COMMENT_NULLS 0x0001 /** Show key id with DNSKEY RR's as comment */ -#define LDNS_COMMENT_KEY_ID (1 << 1) +#define LDNS_COMMENT_KEY_ID 0x0002 /** Show if a DNSKEY is a ZSK or KSK as comment */ -#define LDNS_COMMENT_KEY_TYPE (1 << 2) +#define LDNS_COMMENT_KEY_TYPE 0x0004 /** Show DNSKEY key size as comment */ -#define LDNS_COMMENT_KEY_SIZE (1 << 3) +#define LDNS_COMMENT_KEY_SIZE 0x0008 +/** Show key id, type and size as comment for DNSKEY RR's */ +#define LDNS_COMMENT_KEY (LDNS_COMMENT_KEY_ID \ + |LDNS_COMMENT_KEY_TYPE\ + |LDNS_COMMENT_KEY_SIZE) /** Provide bubblebabble representation for DS RR's as comment */ -#define LDNS_COMMENT_BUBBLEBABBLE (1 << 4) +#define LDNS_COMMENT_BUBBLEBABBLE 0x0010 /** Show when a NSEC3 RR has the optout flag set as comment */ -#define LDNS_COMMENT_FLAGS (1 << 5) +#define LDNS_COMMENT_FLAGS 0x0020 /** Show the unhashed owner and next owner names for NSEC3 RR's as comment */ -#define LDNS_COMMENT_NSEC3_CHAIN (1 << 6) /* yes */ +#define LDNS_COMMENT_NSEC3_CHAIN 0x0040 /** Print mark up */ -#define LDNS_COMMENT_LAYOUT (1 << 7) +#define LDNS_COMMENT_LAYOUT 0x0080 /** Also comment KEY_ID with RRSIGS **/ -#define LDNS_COMMENT_RRSIGS (1 << 8) -#define LDNS_FMT_ZEROIZE_RRSIGS (1 << 9) -#define LDNS_FMT_PAD_SOA_SERIAL (1 << 10) -#define LDNS_FMT_RFC3597 (1 << 11) /* yes */ - -#define LDNS_FMT_FLAGS_WITH_DATA 2 - -/** Show key id, type and size as comment for DNSKEY RR's */ -#define LDNS_COMMENT_KEY (LDNS_COMMENT_KEY_ID \ - |LDNS_COMMENT_KEY_TYPE\ - |LDNS_COMMENT_KEY_SIZE) +#define LDNS_COMMENT_RRSIGS 0x0100 /** * Output format specifier @@ -93,18 +85,6 @@ struct ldns_struct_output_format typedef struct ldns_struct_output_format ldns_output_format; /** - * Output format struct with additional data for flags that use them. - * This struct may not be initialized directly. Use ldns_output_format_init - * to initialize. - */ -struct ldns_struct_output_format_storage -{ int flags; - ldns_rbtree_t* hashmap; /* for LDNS_COMMENT_NSEC3_CHAIN */ - ldns_rdf* bitmap; /* for LDNS_FMT_RFC3597 */ -}; -typedef struct ldns_struct_output_format_storage ldns_output_format_storage; - -/** * Standard output format record that disables commenting in the textual * representation of Resource Records completely. */ @@ -126,55 +106,6 @@ extern const ldns_output_format *ldns_output_format_default; extern const ldns_output_format *ldns_output_format_bubblebabble; /** - * Initialize output format storage to the default value. - * \param[in] fmt A reference to an output_format_ storage struct - * \return The initialized storage struct typecasted to ldns_output_format - */ -INLINE -ldns_output_format* ldns_output_format_init(ldns_output_format_storage* fmt) { - fmt->flags = ldns_output_format_default->flags; - fmt->hashmap = NULL; - fmt->bitmap = NULL; - return (ldns_output_format*)fmt; -} - -/** - * Set an ouput format flag. - */ -INLINE void ldns_output_format_set(ldns_output_format* fmt, int flag) { - fmt->flags |= flag; -} - -/** - * Clear an ouput format flag. - */ -INLINE void ldns_output_format_clear(ldns_output_format* fmt, int flag) { - fmt->flags &= !flag; -} - -/** - * Makes sure the LDNS_FMT_RFC3597 is set in the output format. - * Marks the type to be printed in RFC3597 format. - * /param[in] fmt the output format to update - * /param[in] the type to be printed in RFC3597 format - * /return LDNS_STATUS_OK on success - */ -ldns_status -ldns_output_format_set_type(ldns_output_format* fmt, ldns_rr_type type); - -/** - * Makes sure the LDNS_FMT_RFC3597 is set in the output format. - * Marks the type to not be printed in RFC3597 format. When no other types - * have been marked before, all known types (except the given one) will be - * marked for printing in RFC3597 format. - * /param[in] fmt the output format to update - * /param[in] the type not to be printed in RFC3597 format - * /return LDNS_STATUS_OK on success - */ -ldns_status -ldns_output_format_clear_type(ldns_output_format* fmt, ldns_rr_type type); - -/** * Converts an ldns packet opcode value to its mnemonic, and adds that * to the output buffer * \param[in] *output the buffer to add the data to @@ -466,6 +397,15 @@ ldns_status ldns_rdf2buffer_str_int16_data(ldns_buffer *output, const ldns_rdf * */ ldns_status ldns_rdf2buffer_str_ipseckey(ldns_buffer *output, const ldns_rdf *rdf); +/** + * Converts an LDNS_RDF_TYPE_TSIG rdata element to string format and adds it to the output buffer + * \param[in] *rdf The rdata to convert + * \param[in] *output The buffer to add the data to + * \return LDNS_STATUS_OK on success, and error status on failure + */ +ldns_status ldns_rdf2buffer_str_tsig(ldns_buffer *output, const ldns_rdf *rdf); + + /** * Converts the data in the rdata field to presentation * format (as char *) and appends it to the given buffer @@ -576,66 +516,6 @@ ldns_status ldns_rdf2buffer_str_int32(ldns_buffer *output, const ldns_rdf *rdf); */ ldns_status ldns_rdf2buffer_str_time(ldns_buffer *output, const ldns_rdf *rdf); -/** - * Converts an LDNS_RDF_TYPE_ILNP64 rdata element to 4 hexadecimal numbers - * separated by colons and adds it to the output buffer - * \param[in] *rdf The rdata to convert - * \param[in] *output The buffer to add the data to - * \return LDNS_STATUS_OK on success, and error status on failure - */ -ldns_status ldns_rdf2buffer_str_ilnp64(ldns_buffer *output, - const ldns_rdf *rdf); - -/** - * Converts an LDNS_RDF_TYPE_EUI48 rdata element to 6 hexadecimal numbers - * separated by dashes and adds it to the output buffer - * \param[in] *rdf The rdata to convert - * \param[in] *output The buffer to add the data to - * \return LDNS_STATUS_OK on success, and error status on failure - */ -ldns_status ldns_rdf2buffer_str_eui48(ldns_buffer *output, - const ldns_rdf *rdf); - -/** - * Converts an LDNS_RDF_TYPE_EUI64 rdata element to 8 hexadecimal numbers - * separated by dashes and adds it to the output buffer - * \param[in] *rdf The rdata to convert - * \param[in] *output The buffer to add the data to - * \return LDNS_STATUS_OK on success, and error status on failure - */ -ldns_status ldns_rdf2buffer_str_eui64(ldns_buffer *output, - const ldns_rdf *rdf); - -/** - * Adds the LDNS_RDF_TYPE_TAG rdata to the output buffer, - * provided it contains only alphanumeric characters. - * \param[in] *rdf The rdata to convert - * \param[in] *output The buffer to add the data to - * \return LDNS_STATUS_OK on success, and error status on failure - */ -ldns_status ldns_rdf2buffer_str_tag(ldns_buffer *output, - const ldns_rdf *rdf); - -/** - * Adds the LDNS_RDF_TYPE_LONG_STR rdata to the output buffer, in-between - * double quotes and all non printable characters properly escaped. - * \param[in] *rdf The rdata to convert - * \param[in] *output The buffer to add the data to - * \return LDNS_STATUS_OK on success, and error status on failure - */ -ldns_status ldns_rdf2buffer_str_long_str(ldns_buffer *output, - const ldns_rdf *rdf); - -/** - * Converts an LDNS_RDF_TYPE_HIP rdata element to presentation format for - * the algorithm, HIT and Public Key and adds it the output buffer . - * \param[in] *rdf The rdata to convert - * \param[in] *output The buffer to add the data to - * \return LDNS_STATUS_OK on success, and error status on failure - */ -ldns_status ldns_rdf2buffer_str_hip(ldns_buffer *output, - const ldns_rdf *rdf); - /** * Converts the data in the rdata field to presentation format and * returns that as a char *. @@ -721,9 +601,8 @@ char *ldns_rr_list2str_fmt( const ldns_output_format *fmt, const ldns_rr_list *rr_list); /** - * Returns a copy of the data in the buffer as a null terminated - * char * string. The returned string must be freed by the caller. - * The buffer must be in write modus and may thus not have been flipped. + * Returns the data in the buffer as a null terminated char * string + * Buffer data must be char * type, and must be freed by the caller * * \param[in] buffer buffer containing char * data * \return null terminated char * data, or NULL on error @@ -731,17 +610,6 @@ char *ldns_rr_list2str_fmt( char *ldns_buffer2str(ldns_buffer *buffer); /** - * Exports and returns the data in the buffer as a null terminated - * char * string. The returned string must be freed by the caller. - * The buffer must be in write modus and may thus not have been flipped. - * The buffer is fixed after this function returns. - * - * \param[in] buffer buffer containing char * data - * \return null terminated char * data, or NULL on error - */ -char *ldns_buffer_export2str(ldns_buffer *buffer); - -/** * Prints the data in the rdata field to the given file stream * (in presentation format) * diff --git a/usr.sbin/unbound/ldns/ldns/keys.h b/usr.sbin/unbound/ldns/ldns/keys.h index d3b487386fc..ad3ff25bb8d 100644 --- a/usr.sbin/unbound/ldns/ldns/keys.h +++ b/usr.sbin/unbound/ldns/ldns/keys.h @@ -25,6 +25,7 @@ #if LDNS_BUILD_CONFIG_HAVE_SSL #include <openssl/ssl.h> #endif /* LDNS_BUILD_CONFIG_HAVE_SSL */ +#include <ldns/dnssec.h> #include <ldns/util.h> #include <errno.h> @@ -53,8 +54,12 @@ enum ldns_enum_algorithm LDNS_RSASHA256 = 8, /* RFC 5702 */ LDNS_RSASHA512 = 10, /* RFC 5702 */ LDNS_ECC_GOST = 12, /* RFC 5933 */ - LDNS_ECDSAP256SHA256 = 13, /* RFC 6605 */ - LDNS_ECDSAP384SHA384 = 14, /* RFC 6605 */ +#if LDNS_BUILD_CONFIG_USE_ECDSA + /* this ifdef has to be removed once it is no longer experimental, + * to be able to use these values outside of the ldns library itself */ + LDNS_ECDSAP256SHA256 = 13, /* draft-hoffman-dnssec-ecdsa */ + LDNS_ECDSAP384SHA384 = 14, /* EXPERIMENTAL */ +#endif LDNS_INDIRECT = 252, LDNS_PRIVATEDNS = 253, LDNS_PRIVATEOID = 254 @@ -68,8 +73,12 @@ enum ldns_enum_hash { LDNS_SHA1 = 1, /* RFC 4034 */ LDNS_SHA256 = 2, /* RFC 4509 */ - LDNS_HASH_GOST = 3, /* RFC 5933 */ - LDNS_SHA384 = 4 /* RFC 6605 */ + LDNS_HASH_GOST = 3 /* RFC 5933 */ +#if LDNS_BUILD_CONFIG_USE_ECDSA + /* this ifdef has to be removed once it is no longer experimental, + * to be able to use these values outside of the ldns library itself */ + ,LDNS_SHA384 = 4 /* draft-hoffman-dnssec-ecdsa EXPERIMENTAL */ +#endif }; typedef enum ldns_enum_hash ldns_hash; @@ -86,8 +95,12 @@ enum ldns_enum_signing_algorithm LDNS_SIGN_RSASHA512 = LDNS_RSASHA512, LDNS_SIGN_DSA_NSEC3 = LDNS_DSA_NSEC3, LDNS_SIGN_ECC_GOST = LDNS_ECC_GOST, +#if LDNS_BUILD_CONFIG_USE_ECDSA + /* this ifdef has to be removed once it is no longer experimental, + * to be able to use these values outside of the ldns library itself */ LDNS_SIGN_ECDSAP256SHA256 = LDNS_ECDSAP256SHA256, LDNS_SIGN_ECDSAP384SHA384 = LDNS_ECDSAP384SHA384, +#endif LDNS_SIGN_HMACMD5 = 157, /* not official! This type is for TSIG, not DNSSEC */ LDNS_SIGN_HMACSHA1 = 158, /* not official! This type is for TSIG, not DNSSEC */ LDNS_SIGN_HMACSHA256 = 159 /* ditto */ @@ -166,13 +179,13 @@ typedef struct ldns_struct_key_list ldns_key_list; * Creates a new empty key list * \return a new ldns_key_list structure pointer */ -ldns_key_list *ldns_key_list_new(void); +ldns_key_list *ldns_key_list_new(); /** * Creates a new empty key structure * \return a new ldns_key * structure */ -ldns_key *ldns_key_new(void); +ldns_key *ldns_key_new(); /** * Creates a new key based on the algorithm @@ -298,37 +311,18 @@ void ldns_key_set_algorithm(ldns_key *k, ldns_signing_algorithm l); void ldns_key_set_evp_key(ldns_key *k, EVP_PKEY *e); /** - * Set the key's rsa data. - * The rsa data should be freed by the user. + * Set the key's rsa data * \param[in] k the key * \param[in] r the rsa data */ void ldns_key_set_rsa_key(ldns_key *k, RSA *r); - /** * Set the key's dsa data - * The dsa data should be freed by the user. * \param[in] k the key * \param[in] d the dsa data */ void ldns_key_set_dsa_key(ldns_key *k, DSA *d); -/** - * Assign the key's rsa data - * The rsa data will be freed automatically when the key is freed. - * \param[in] k the key - * \param[in] r the rsa data - */ -void ldns_key_assign_rsa_key(ldns_key *k, RSA *r); - -/** - * Assign the key's dsa data - * The dsa data will be freed automatically when the key is freed. - * \param[in] k the key - * \param[in] d the dsa data - */ -void ldns_key_assign_dsa_key(ldns_key *k, DSA *d); - /** * Get the PKEY id for GOST, loads GOST into openssl as a side effect. * Only available if GOST is compiled into the library and openssl. diff --git a/usr.sbin/unbound/ldns/ldns/ldns.h b/usr.sbin/unbound/ldns/ldns/ldns.h index 60663ef95c7..6f577337500 100644 --- a/usr.sbin/unbound/ldns/ldns/ldns.h +++ b/usr.sbin/unbound/ldns/ldns/ldns.h @@ -26,7 +26,7 @@ faster than Perl. The first main tool to use ldns is Drill, from which part of the library was derived. From version 1.0.0 on, drill is included in the ldns release -and will not be distributed separately anymore. The library also includes some +and will not be distributed seperately anymore. The library also includes some other examples and tools to show how it can be used. These can be found in the examples/ directory in the tarball. @@ -37,9 +37,9 @@ Feature list - TSIG support, - DNSSEC support; signing and verification, - small size, - - online documentation as well as manual pages. + - online documentation as well as manual pages. -If you want to send us patches please use the code from git. +If you want to send us patches please use the code from subversion (trunk). \section using_ldns Using ldns @@ -95,12 +95,10 @@ Or you can just use the menu above to browse through the API docs. #include <ldns/util.h> #include <ldns/buffer.h> #include <ldns/common.h> -#include <ldns/dane.h> #include <ldns/dname.h> #include <ldns/dnssec.h> #include <ldns/dnssec_verify.h> #include <ldns/dnssec_sign.h> -#include <ldns/duration.h> #include <ldns/error.h> #include <ldns/higher.h> #include <ldns/host2str.h> @@ -119,7 +117,6 @@ Or you can just use the menu above to browse through the API docs. #include <ldns/parse.h> #include <ldns/zone.h> #include <ldns/dnssec_zone.h> -#include <ldns/radix.h> #include <ldns/rbtree.h> #include <ldns/sha1.h> #include <ldns/sha2.h> diff --git a/usr.sbin/unbound/ldns/ldns/net.h.in b/usr.sbin/unbound/ldns/ldns/net.h.in index e6b3618f20f..cd4cfdec9c6 100644 --- a/usr.sbin/unbound/ldns/ldns/net.h.in +++ b/usr.sbin/unbound/ldns/ldns/net.h.in @@ -50,6 +50,7 @@ ldns_status ldns_udp_send(uint8_t **result, ldns_buffer *qbin, const struct sock * \param[in] timeout *unused*, was the timeout value for the network * \return the socket used */ + int ldns_udp_bgsend(ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen, struct timeval timeout); /** diff --git a/usr.sbin/unbound/ldns/ldns/packet.h b/usr.sbin/unbound/ldns/ldns/packet.h index 9dca06f5627..687a6a25957 100644 --- a/usr.sbin/unbound/ldns/ldns/packet.h +++ b/usr.sbin/unbound/ldns/ldns/packet.h @@ -411,17 +411,6 @@ uint32_t ldns_pkt_querytime(const ldns_pkt *p); size_t ldns_pkt_size(const ldns_pkt *p); /** - * Return the number of RRs in the given section. - * Returns the sum of all RRs when LDNS_SECTION_ANY is given. - * Returns the sum of all non-question RRs when LDNS_SECTION_ANY_NOQUESTION - * is given. - * \param[in] p the packet - * \param[in] s the section - * \return the number of RRs in the given section - */ -uint16_t ldns_pkt_section_count(const ldns_pkt *p, ldns_pkt_section s); - -/** * Return the packet's tsig pseudo rr's * \param[in] p the packet * \return the tsig rr @@ -750,7 +739,7 @@ void ldns_pkt_set_edns_data(ldns_pkt *packet, ldns_rdf *data); * allocates and initializes a ldns_pkt structure. * \return pointer to the new packet */ -ldns_pkt *ldns_pkt_new(void); +ldns_pkt *ldns_pkt_new(); /** * frees the packet structure and all data that it contains. @@ -771,18 +760,6 @@ void ldns_pkt_free(ldns_pkt *packet); ldns_status ldns_pkt_query_new_frm_str(ldns_pkt **p, const char *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_class , uint16_t flags); /** - * creates an IXFR request packet for the given name, class. - * adds the SOA record to the authority section. - * \param[out] p the packet to be returned - * \param[in] rr_name the name to query for (as string) - * \param[in] rr_class the class to query for - * \param[in] flags packet flags - * \param[in] soa soa record to be added to the authority section - * \return LDNS_STATUS_OK or a ldns_status mesg with the error - */ -ldns_status ldns_pkt_ixfr_request_new_frm_str(ldns_pkt **p, const char *rr_name, ldns_rr_class rr_class, uint16_t flags, ldns_rr* soa); - -/** * creates a packet with a query in it for the given name, type and class. * \param[in] rr_name the name to query for * \param[in] rr_type the type to query for @@ -793,17 +770,6 @@ ldns_status ldns_pkt_ixfr_request_new_frm_str(ldns_pkt **p, const char *rr_name, ldns_pkt *ldns_pkt_query_new(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_class, uint16_t flags); /** - * creates an IXFR request packet for the given name, type and class. - * adds the SOA record to the authority section. - * \param[in] rr_name the name to query for - * \param[in] rr_class the class to query for - * \param[in] flags packet flags - * \param[in] soa soa record to be added to the authority section - * \return ldns_pkt* a pointer to the new pkt - */ -ldns_pkt *ldns_pkt_ixfr_request_new(ldns_rdf *rr_name, ldns_rr_class rr_class, uint16_t flags, ldns_rr* soa); - -/** * clones the given packet, creating a fully allocated copy * * \param[in] pkt the packet to clone diff --git a/usr.sbin/unbound/ldns/ldns/rdata.h b/usr.sbin/unbound/ldns/ldns/rdata.h index 1866e8fc066..90dcbf13818 100644 --- a/usr.sbin/unbound/ldns/ldns/rdata.h +++ b/usr.sbin/unbound/ldns/ldns/rdata.h @@ -28,13 +28,12 @@ extern "C" { #endif -#define LDNS_MAX_RDFLEN 65535 +#define LDNS_MAX_RDFLEN 8192 #define LDNS_RDF_SIZE_BYTE 1 #define LDNS_RDF_SIZE_WORD 2 #define LDNS_RDF_SIZE_DOUBLEWORD 4 #define LDNS_RDF_SIZE_6BYTES 6 -#define LDNS_RDF_SIZE_8BYTES 8 #define LDNS_RDF_SIZE_16BYTES 16 #define LDNS_NSEC3_VARS_OPTOUT_MASK 0x01 @@ -86,10 +85,7 @@ enum ldns_enum_rdf_type LDNS_RDF_TYPE_PERIOD, /** tsig time 48 bits */ LDNS_RDF_TYPE_TSIGTIME, - /** Represents the Public Key Algorithm, HIT and Public Key fields - for the HIP RR types. A HIP specific rdf type is used because of - the unusual layout in wireformat (see RFC 5205 Section 5) */ - LDNS_RDF_TYPE_HIP, + LDNS_RDF_TYPE_TSIG, /** variable length any type rdata where the length is specified by the first 2 bytes */ LDNS_RDF_TYPE_INT16_DATA, @@ -108,31 +104,7 @@ enum ldns_enum_rdf_type /** nsec3 hash salt */ LDNS_RDF_TYPE_NSEC3_SALT, /** nsec3 base32 string (with length byte on wire */ - LDNS_RDF_TYPE_NSEC3_NEXT_OWNER, - - /** 4 shorts represented as 4 * 16 bit hex numbers - * separated by colons. For NID and L64. - */ - LDNS_RDF_TYPE_ILNP64, - - /** 6 * 8 bit hex numbers separated by dashes. For EUI48. */ - LDNS_RDF_TYPE_EUI48, - /** 8 * 8 bit hex numbers separated by dashes. For EUI64. */ - LDNS_RDF_TYPE_EUI64, - - /** A non-zero sequence of US-ASCII letters and numbers in lower case. - * For CAA. - */ - LDNS_RDF_TYPE_TAG, - - /** A <character-string> encoding of the value field as specified - * [RFC1035], Section 5.1., encoded as remaining rdata. - * For CAA. - */ - LDNS_RDF_TYPE_LONG_STR, - - /* Aliases */ - LDNS_RDF_TYPE_BITMAP = LDNS_RDF_TYPE_NSEC + LDNS_RDF_TYPE_NSEC3_NEXT_OWNER }; typedef enum ldns_enum_rdf_type ldns_rdf_type; @@ -222,7 +194,6 @@ ldns_rdf_type ldns_rdf_get_type(const ldns_rdf *rd); /** * returns the data of the rdf. * \param[in] *rd the rdf to read from - * * \return uint8_t* pointer to the rdf's data */ uint8_t *ldns_rdf_data(const ldns_rdf *rd); @@ -332,7 +303,6 @@ ldns_rdf *ldns_native2rdf_int32(ldns_rdf_type type, uint32_t value); * The memory is copied, and an LDNS_RDF_TYPE_INT16DATA is returned * \param[in] size the size of the data * \param[in] *data pointer to the actual data - * * \return ldns_rd* the rdf with the data */ ldns_rdf *ldns_native2rdf_int16_data(size_t size, uint8_t *data); @@ -408,34 +378,6 @@ ldns_rdf *ldns_rdf_clone(const ldns_rdf *rd); */ int ldns_rdf_compare(const ldns_rdf *rd1, const ldns_rdf *rd2); -/** - * Gets the algorithm value, the HIT and Public Key data from the rdf with - * type LDNS_RDF_TYPE_HIP. - * \param[in] rdf the rdf with type LDNS_RDF_TYPE_HIP - * \param[out] alg the algorithm - * \param[out] hit_size the size of the HIT data - * \param[out] hit the hit data - * \param[out] pk_size the size of the Public Key data - * \param[out] pk the Public Key data - * \return LDNS_STATUS_OK on success, and the error otherwise - */ -ldns_status ldns_rdf_hip_get_alg_hit_pk(ldns_rdf *rdf, uint8_t* alg, - uint8_t *hit_size, uint8_t** hit, - uint16_t *pk_size, uint8_t** pk); - -/** - * Creates a new LDNS_RDF_TYPE_HIP rdf from given data. - * \param[out] rdf the newly created LDNS_RDF_TYPE_HIP rdf - * \param[in] alg the algorithm - * \param[in] hit_size the size of the HIT data - * \param[in] hit the hit data - * \param[in] pk_size the size of the Public Key data - * \param[in] pk the Public Key data - * \return LDNS_STATUS_OK on success, and the error otherwise - */ -ldns_status ldns_rdf_hip_new_frm_alg_hit_pk(ldns_rdf** rdf, uint8_t alg, - uint8_t hit_size, uint8_t *hit, uint16_t pk_size, uint8_t *pk); - #ifdef __cplusplus } #endif diff --git a/usr.sbin/unbound/ldns/ldns/resolver.h b/usr.sbin/unbound/ldns/ldns/resolver.h index 26d4f480b5f..f887aaf676e 100644 --- a/usr.sbin/unbound/ldns/ldns/resolver.h +++ b/usr.sbin/unbound/ldns/ldns/resolver.h @@ -138,9 +138,6 @@ struct ldns_struct_resolver char *_tsig_keydata; /** TSIG signing algorithm */ char *_tsig_algorithm; - - /** Source address to query from */ - ldns_rdf *_source; }; typedef struct ldns_struct_resolver ldns_resolver; @@ -155,13 +152,6 @@ typedef struct ldns_struct_resolver ldns_resolver; uint16_t ldns_resolver_port(const ldns_resolver *r); /** - * Get the source address the resolver should use - * \param[in] r the resolver - * \return the source rdf - */ -ldns_rdf *ldns_resolver_source(const ldns_resolver *r); - -/** * Is the resolver set to recurse * \param[in] r the resolver * \return true if so, otherwise false @@ -348,13 +338,6 @@ size_t ldns_resolver_searchlist_count(const ldns_resolver *r); void ldns_resolver_set_port(ldns_resolver *r, uint16_t p); /** - * Set the source rdf (address) the resolver should use - * \param[in] r the resolver - * \param[in] s the source address - */ -void ldns_resolver_set_source(ldns_resolver *r, ldns_rdf *s); - -/** * Set the resolver recursion * \param[in] r the resolver * \param[in] b true: set to recurse, false: unset @@ -481,10 +464,9 @@ void ldns_resolver_set_retrans(ldns_resolver *r, uint8_t re); void ldns_resolver_set_fallback(ldns_resolver *r, bool fallback); /** - * Set the number of times a resolver should retry a nameserver before the - * next one is tried. + * Set the resolver retry interval (in seconds) * \param[in] r the resolver - * \param[in] re the number of retries + * \param[in] re the retry interval */ void ldns_resolver_set_retry(ldns_resolver *r, uint8_t re); @@ -596,27 +578,10 @@ ldns_status ldns_resolver_push_nameserver_rr_list(ldns_resolver *r, ldns_rr_list * \param[in] t query for this type (may be 0, defaults to A) * \param[in] c query for this class (may be 0, default to IN) * \param[in] flags the query flags - * * \return ldns_pkt* a packet with the reply from the nameserver */ ldns_pkt* ldns_resolver_search(const ldns_resolver *r, const ldns_rdf *rdf, ldns_rr_type t, ldns_rr_class c, uint16_t flags); - -/** - * Send the query for using the resolver and take the search list into account - * The search algorithm is as follows: - * If the name is absolute, try it as-is, otherwise apply the search list - * \param[out] pkt a packet with the reply from the nameserver - * \param[in] *r operate using this resolver - * \param[in] *rdf query for this name - * \param[in] t query for this type (may be 0, defaults to A) - * \param[in] c query for this class (may be 0, default to IN) - * \param[in] flags the query flags - * - * \return ldns_status LDNS_STATUS_OK on success - */ -ldns_status ldns_resolver_search_status(ldns_pkt** pkt, ldns_resolver *r, const ldns_rdf *rdf, ldns_rr_type t, ldns_rr_class c, uint16_t flags); - /** * Form a query packet from a resolver and name/type/class combo * \param[out] **q a pointer to a ldns_pkt pointer (initialized by this function) @@ -625,7 +590,6 @@ ldns_status ldns_resolver_search_status(ldns_pkt** pkt, ldns_resolver *r, const * \param[in] t query for this type (may be 0, defaults to A) * \param[in] c query for this class (may be 0, default to IN) * \param[in] f the query flags - * * \return ldns_pkt* a packet with the reply from the nameserver */ ldns_status ldns_resolver_prepare_query_pkt(ldns_pkt **q, ldns_resolver *r, const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t f); @@ -638,7 +602,6 @@ ldns_status ldns_resolver_prepare_query_pkt(ldns_pkt **q, ldns_resolver *r, cons * \param[in] t query for this type (may be 0, defaults to A) * \param[in] c query for this class (may be 0, default to IN) * \param[in] flags the query flags - * * \return ldns_pkt* a packet with the reply from the nameserver */ ldns_status ldns_resolver_send(ldns_pkt **answer, ldns_resolver *r, const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t flags); @@ -653,29 +616,11 @@ ldns_status ldns_resolver_send_pkt(ldns_pkt **answer, ldns_resolver *r, ldns_pkt /** * Send a query to a nameserver - * \param[out] pkt a packet with the reply from the nameserver * \param[in] *r operate using this resolver * \param[in] *name query for this name * \param[in] *t query for this type (may be 0, defaults to A) * \param[in] *c query for this class (may be 0, default to IN) * \param[in] flags the query flags - * - * \return ldns_status LDNS_STATUS_OK on success - * if _defnames is true the default domain will be added - */ -ldns_status ldns_resolver_query_status(ldns_pkt** pkt, ldns_resolver *r, const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t flags); - - -/** - * Send a query to a nameserver - * \param[in] *r operate using this resolver - * (despite the const in the declaration, - * the struct is altered as a side-effect) - * \param[in] *name query for this name - * \param[in] *t query for this type (may be 0, defaults to A) - * \param[in] *c query for this class (may be 0, default to IN) - * \param[in] flags the query flags - * * \return ldns_pkt* a packet with the reply from the nameserver * if _defnames is true the default domain will be added */ diff --git a/usr.sbin/unbound/ldns/ldns/rr.h b/usr.sbin/unbound/ldns/ldns/rr.h index ff499395c00..2e1dd76b48f 100644 --- a/usr.sbin/unbound/ldns/ldns/rr.h +++ b/usr.sbin/unbound/ldns/ldns/rr.h @@ -36,8 +36,8 @@ extern "C" { /** The bytes TTL, CLASS and length use up in an rr */ #define LDNS_RR_OVERHEAD 10 -/* The first fields are contiguous and can be referenced instantly */ -#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON 258 +/* The first fields are 'common' and can be referenced instantly */ +#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON 52 @@ -163,51 +163,32 @@ enum ldns_enum_rr_type LDNS_RR_TYPE_OPT = 41, /** RFC3123 */ LDNS_RR_TYPE_APL = 42, - /** RFC4034, RFC3658 */ + /** draft-ietf-dnsext-delegation */ LDNS_RR_TYPE_DS = 43, /** SSH Key Fingerprint */ - LDNS_RR_TYPE_SSHFP = 44, /* RFC 4255 */ - /** IPsec Key */ - LDNS_RR_TYPE_IPSECKEY = 45, /* RFC 4025 */ - /** DNSSEC */ - LDNS_RR_TYPE_RRSIG = 46, /* RFC 4034 */ - LDNS_RR_TYPE_NSEC = 47, /* RFC 4034 */ - LDNS_RR_TYPE_DNSKEY = 48, /* RFC 4034 */ - - LDNS_RR_TYPE_DHCID = 49, /* RFC 4701 */ - /* NSEC3 */ - LDNS_RR_TYPE_NSEC3 = 50, /* RFC 5155 */ - LDNS_RR_TYPE_NSEC3PARAM = 51, /* RFC 5155 */ + LDNS_RR_TYPE_SSHFP = 44, + /** draft-richardson-ipseckey-rr-11.txt */ + LDNS_RR_TYPE_IPSECKEY = 45, + /** draft-ietf-dnsext-dnssec-25 */ + LDNS_RR_TYPE_RRSIG = 46, + LDNS_RR_TYPE_NSEC = 47, + LDNS_RR_TYPE_DNSKEY = 48, + LDNS_RR_TYPE_DHCID = 49, + + LDNS_RR_TYPE_NSEC3 = 50, + LDNS_RR_TYPE_NSEC3PARAM = 51, LDNS_RR_TYPE_NSEC3PARAMS = 51, - LDNS_RR_TYPE_TLSA = 52, /* RFC 6698 */ - LDNS_RR_TYPE_HIP = 55, /* RFC 5205 */ - - /** draft-reid-dnsext-zs */ - LDNS_RR_TYPE_NINFO = 56, - /** draft-reid-dnsext-rkey */ - LDNS_RR_TYPE_RKEY = 57, /** draft-ietf-dnsop-trust-history */ LDNS_RR_TYPE_TALINK = 58, - /** draft-barwood-dnsop-ds-publis */ - LDNS_RR_TYPE_CDS = 59, - LDNS_RR_TYPE_SPF = 99, /* RFC 4408 */ + LDNS_RR_TYPE_SPF = 99, LDNS_RR_TYPE_UINFO = 100, LDNS_RR_TYPE_UID = 101, LDNS_RR_TYPE_GID = 102, LDNS_RR_TYPE_UNSPEC = 103, - LDNS_RR_TYPE_NID = 104, /* RFC 6742 */ - LDNS_RR_TYPE_L32 = 105, /* RFC 6742 */ - LDNS_RR_TYPE_L64 = 106, /* RFC 6742 */ - LDNS_RR_TYPE_LP = 107, /* RFC 6742 */ - - LDNS_RR_TYPE_EUI48 = 108, /* RFC 7043 */ - LDNS_RR_TYPE_EUI64 = 109, /* RFC 7043 */ - - LDNS_RR_TYPE_TKEY = 249, /* RFC 2930 */ LDNS_RR_TYPE_TSIG = 250, LDNS_RR_TYPE_IXFR = 251, LDNS_RR_TYPE_AXFR = 252, @@ -217,12 +198,7 @@ enum ldns_enum_rr_type LDNS_RR_TYPE_MAILA = 254, /** any type (wildcard) */ LDNS_RR_TYPE_ANY = 255, - /** draft-faltstrom-uri-06 */ - LDNS_RR_TYPE_URI = 256, - LDNS_RR_TYPE_CAA = 257, /* RFC 6844 */ - /** DNSSEC Trust Authorities */ - LDNS_RR_TYPE_TA = 32768, /* RFC 4431, 5074, DNSSEC Lookaside Validation */ LDNS_RR_TYPE_DLV = 32769, @@ -358,23 +334,6 @@ struct ldns_struct_rr_descriptor }; typedef struct ldns_struct_rr_descriptor ldns_rr_descriptor; - -/** - * Create a rr type bitmap rdf providing enough space to set all - * known (to ldns) rr types. - * \param[out] rdf the constructed rdf - * \return LDNS_STATUS_OK if all went well. - */ -ldns_status ldns_rdf_bitmap_known_rr_types_space(ldns_rdf** rdf); - -/** - * Create a rr type bitmap rdf with at least all known (to ldns) rr types set. - * \param[out] rdf the constructed rdf - * \return LDNS_STATUS_OK if all went well. - */ -ldns_status ldns_rdf_bitmap_known_rr_types(ldns_rdf** rdf); - - /** * creates a new rr structure. * \return ldns_rr * @@ -627,7 +586,7 @@ ldns_rr* ldns_rr_list_rr(const ldns_rr_list *rr_list, size_t nr); * creates a new rr_list structure. * \return a new rr_list structure */ -ldns_rr_list* ldns_rr_list_new(void); +ldns_rr_list* ldns_rr_list_new(); /** * frees an rr_list structure. diff --git a/usr.sbin/unbound/ldns/ldns/rr_functions.h b/usr.sbin/unbound/ldns/ldns/rr_functions.h index 09a28dd7f87..3db3b3dfa84 100644 --- a/usr.sbin/unbound/ldns/ldns/rr_functions.h +++ b/usr.sbin/unbound/ldns/ldns/rr_functions.h @@ -268,18 +268,18 @@ typedef uint32_t (*ldns_soa_serial_increment_func_t)(uint32_t, void*); /** * Function to be used with dns_rr_soa_increment_func_int, to set the soa * serial number. - * \param[in] unused the (unused) current serial number. + * \param[in] _ the (unused) current serial number. * \param[in] data the serial number to be set. */ -uint32_t ldns_soa_serial_identity(uint32_t unused, void *data); +uint32_t ldns_soa_serial_identity(uint32_t _, void *data); /** * Function to be used with dns_rr_soa_increment_func, to increment the soa * serial number with one. * \param[in] s the current serial number. - * \param[in] unused unused. + * \param[in] _ unused. */ -uint32_t ldns_soa_serial_increment(uint32_t s, void *unused); +uint32_t ldns_soa_serial_increment(uint32_t s, void *_); /** * Function to be used with dns_rr_soa_increment_func_int, to increment the soa diff --git a/usr.sbin/unbound/ldns/ldns/sha2.h b/usr.sbin/unbound/ldns/ldns/sha2.h index 76d3fe52c52..ecb7e069de1 100644 --- a/usr.sbin/unbound/ldns/ldns/sha2.h +++ b/usr.sbin/unbound/ldns/ldns/sha2.h @@ -40,7 +40,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: sha2.h,v 1.1.1.1 2012/03/26 18:08:25 sthen Exp $ + * $Id: sha2.h,v 1.1 2012/03/26 18:08:25 sthen Exp $ */ #ifndef __LDNS_SHA2_H__ diff --git a/usr.sbin/unbound/ldns/ldns/str2host.h b/usr.sbin/unbound/ldns/ldns/str2host.h index 341aa248195..09416cd2252 100644 --- a/usr.sbin/unbound/ldns/ldns/str2host.h +++ b/usr.sbin/unbound/ldns/ldns/str2host.h @@ -181,6 +181,14 @@ ldns_status ldns_str2rdf_alg(ldns_rdf **rd, const char *str); ldns_status ldns_str2rdf_unknown(ldns_rdf **rd, const char *str); /** + * convert string with a tsig? RR into wireformat + * \param[in] rd the rdf where to put the data + * \param[in] str the string to be converted + * \return ldns_status + */ +ldns_status ldns_str2rdf_tsig(ldns_rdf **rd, const char *str); + +/** * convert string with a protocol service into wireformat * \param[in] rd the rdf where to put the data * \param[in] str the string to be converted @@ -236,58 +244,6 @@ ldns_status ldns_str2rdf_ipseckey(ldns_rdf **rd, const char *str); */ ldns_status ldns_str2rdf_dname(ldns_rdf **rd, const char *str); -/** - * convert 4 * 16bit hex separated by colons into wireformat - * \param[in] rd the rdf where to put the data - * \param[in] str the string to be converted - * \return ldns_status - */ -ldns_status ldns_str2rdf_ilnp64(ldns_rdf **rd, const char *str); - -/** - * convert 6 hex bytes separated by dashes into wireformat - * \param[in] rd the rdf where to put the data - * \param[in] str the string to be converted - * \return ldns_status - */ -ldns_status ldns_str2rdf_eui48(ldns_rdf **rd, const char *str); - -/** - * convert 8 hex bytes separated by dashes into wireformat - * \param[in] rd the rdf where to put the data - * \param[in] str the string to be converted - * \return ldns_status - */ -ldns_status ldns_str2rdf_eui64(ldns_rdf **rd, const char *str); - -/** - * Convert a non-zero sequence of US-ASCII letters and numbers into wireformat - * \param[in] rd the rdf where to put the data - * \param[in] str the string to be converted - * \return ldns_status - */ -ldns_status ldns_str2rdf_tag(ldns_rdf **rd, const char *str); - -/** - * Convert a <character-string> encoding of the value field as specified - * [RFC1035], Section 5.1., encoded as one bug chunk of data. - * \param[in] rd the rdf where to put the data - * \param[in] str the string to be converted - * \return ldns_status - */ -ldns_status ldns_str2rdf_long_str(ldns_rdf **rd, const char *str); - -/** - * Convert a "<algorithm> <hit> <pk>" encoding of the value field as specified - * in Section 6. of [RFC5205], encoded as wireformat as specified in Section 5. - * of [RFC5205]. - * \param[in] rd the rdf where to put the data - * \param[in] str the string to be converted - * \return ldns_status - */ -ldns_status ldns_str2rdf_hip(ldns_rdf **rd, const char *str); - - #ifdef __cplusplus } #endif diff --git a/usr.sbin/unbound/ldns/ldns/util.h.in b/usr.sbin/unbound/ldns/ldns/util.h.in index b6c9abe022f..f9fb10420cc 100644 --- a/usr.sbin/unbound/ldns/ldns/util.h.in +++ b/usr.sbin/unbound/ldns/ldns/util.h.in @@ -268,8 +268,6 @@ const char * ldns_version(void); * \param[in] tm a struct tm* with the date * \return the seconds since epoch */ -time_t ldns_mktime_from_utc(const struct tm *tm); - time_t mktime_from_utc(const struct tm *tm); /** @@ -325,66 +323,42 @@ uint16_t ldns_get_random(void); */ char *ldns_bubblebabble(uint8_t *data, size_t len); - -INLINE time_t ldns_time(time_t *t) { return time(t); } - - +#ifndef B32_NTOP +int ldns_b32_ntop(uint8_t const *src, size_t srclength, + char *target, size_t targsize); +int b32_ntop(uint8_t const *src, size_t srclength, + char *target, size_t targsize); +int ldns_b32_ntop_extended_hex(uint8_t const *src, size_t srclength, + char *target, size_t targsize); +int b32_ntop_extended_hex(uint8_t const *src, size_t srclength, + char *target, size_t targsize); /** * calculates the size needed to store the result of b32_ntop */ /*@unused@*/ -INLINE size_t ldns_b32_ntop_calculate_size(size_t src_data_length) +INLINE size_t ldns_b32_ntop_calculate_size(size_t srcsize) { - return src_data_length == 0 ? 0 : ((src_data_length - 1) / 5 + 1) * 8; -} - -INLINE size_t ldns_b32_ntop_calculate_size_no_padding(size_t src_data_length) -{ - return ((src_data_length + 3) * 8 / 5) - 4; + size_t result = ((((srcsize / 5) * 8) - 2) + 2); + return result; } - -int ldns_b32_ntop(const uint8_t* src_data, size_t src_data_length, - char* target_text_buffer, size_t target_text_buffer_size); - -int ldns_b32_ntop_extended_hex(const uint8_t* src_data, size_t src_data_length, - char* target_text_buffer, size_t target_text_buffer_size); - -#if ! LDNS_BUILD_CONFIG_HAVE_B32_NTOP - -int b32_ntop(const uint8_t* src_data, size_t src_data_length, - char* target_text_buffer, size_t target_text_buffer_size); - -int b32_ntop_extended_hex(const uint8_t* src_data, size_t src_data_length, - char* target_text_buffer, size_t target_text_buffer_size); - -#endif /* ! LDNS_BUILD_CONFIG_HAVE_B32_NTOP */ - - +#endif /* !B32_NTOP */ +#ifndef B32_PTON +int ldns_b32_pton(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize); +int b32_pton(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize); +int ldns_b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize); +int b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize); /** * calculates the size needed to store the result of b32_pton */ /*@unused@*/ -INLINE size_t ldns_b32_pton_calculate_size(size_t src_text_length) +INLINE size_t ldns_b32_pton_calculate_size(size_t srcsize) { - return src_text_length * 5 / 8; + size_t result = ((((srcsize) / 8) * 5)); + return result; } +#endif /* !B32_PTON */ -int ldns_b32_pton(const char* src_text, size_t src_text_length, - uint8_t* target_data_buffer, size_t target_data_buffer_size); - -int ldns_b32_pton_extended_hex(const char* src_text, size_t src_text_length, - uint8_t* target_data_buffer, size_t target_data_buffer_size); - -#if ! LDNS_BUILD_CONFIG_HAVE_B32_PTON - -int b32_pton(const char* src_text, size_t src_text_length, - uint8_t* target_data_buffer, size_t target_data_buffer_size); - -int b32_pton_extended_hex(const char* src_text, size_t src_text_length, - uint8_t* target_data_buffer, size_t target_data_buffer_size); - -#endif /* ! LDNS_BUILD_CONFIG_HAVE_B32_PTON */ - +INLINE time_t ldns_time(time_t *t) { return time(t); } #ifdef __cplusplus } diff --git a/usr.sbin/unbound/ldns/libdns.doxygen b/usr.sbin/unbound/ldns/libdns.doxygen index 0f84b73435e..3325db94af4 100644 --- a/usr.sbin/unbound/ldns/libdns.doxygen +++ b/usr.sbin/unbound/ldns/libdns.doxygen @@ -1,4 +1,4 @@ -# Doxyfile 1.7.6.1 +# Doxyfile 1.7.3 # This file describes the settings to be used by the documentation system # doxygen (www.doxygen.org) for a project. @@ -22,9 +22,8 @@ DOXYFILE_ENCODING = UTF-8 -# The PROJECT_NAME tag is a single word (or sequence of words) that should -# identify the project. Note that if you do not use Doxywizard you need -# to put quotes around the project name if it contains spaces. +# The PROJECT_NAME tag is a single word (or a sequence of words surrounded +# by quotes) that should identify the project. PROJECT_NAME = ldns @@ -34,9 +33,7 @@ PROJECT_NAME = ldns PROJECT_NUMBER = 1.6.7 -# Using the PROJECT_BRIEF tag one can provide an optional one line description -# for a project that appears at the top of each page and should give viewer -# a quick idea about the purpose of the project. Keep the description short. +# Using the PROJECT_BRIEF tag one can provide an optional one line description for a project that appears at the top of each page and should give viewer a quick idea about the purpose of the project. Keep the description short. PROJECT_BRIEF = @@ -195,13 +192,6 @@ TAB_SIZE = 8 ALIASES = -# This tag can be used to specify a number of word-keyword mappings (TCL only). -# A mapping has the form "name=value". For example adding -# "class=itcl::class" will allow you to use the command class in the -# itcl::class meaning. - -TCL_SUBST = - # Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C # sources only. Doxygen will then generate output that is more tailored for C. # For instance, some of the names that are used will be different. The list @@ -284,22 +274,6 @@ DISTRIBUTE_GROUP_DOC = NO SUBGROUPING = YES -# When the INLINE_GROUPED_CLASSES tag is set to YES, classes, structs and -# unions are shown inside the group in which they are included (e.g. using -# @ingroup) instead of on a separate page (for HTML and Man pages) or -# section (for LaTeX and RTF). - -INLINE_GROUPED_CLASSES = NO - -# When the INLINE_SIMPLE_STRUCTS tag is set to YES, structs, classes, and -# unions with only public data fields will be shown inline in the documentation -# of the scope in which they are defined (i.e. file, namespace, or group -# documentation), provided this scope is documented. If set to NO (the default), -# structs, classes, and unions are shown on a separate page (for HTML and Man -# pages) or section (for LaTeX and RTF). - -INLINE_SIMPLE_STRUCTS = NO - # When TYPEDEF_HIDES_STRUCT is enabled, a typedef of a struct, union, or enum # is documented as struct, union, or enum with the name of the typedef. So # typedef struct TypeS {} TypeT, will appear in the documentation as a struct @@ -322,21 +296,10 @@ TYPEDEF_HIDES_STRUCT = NO # a logarithmic scale so increasing the size by one will roughly double the # memory usage. The cache size is given by this formula: # 2^(16+SYMBOL_CACHE_SIZE). The valid range is 0..9, the default is 0, -# corresponding to a cache size of 2^16 = 65536 symbols. +# corresponding to a cache size of 2^16 = 65536 symbols SYMBOL_CACHE_SIZE = 0 -# Similar to the SYMBOL_CACHE_SIZE the size of the symbol lookup cache can be -# set using LOOKUP_CACHE_SIZE. This cache is used to resolve symbols given -# their name and scope. Since this can be an expensive process and often the -# same symbol appear multiple times in the code, doxygen keeps a cache of -# pre-resolved symbols. If the cache is too small doxygen will become slower. -# If the cache is too large, memory is wasted. The cache size is given by this -# formula: 2^(16+LOOKUP_CACHE_SIZE). The valid range is 0..9, the default is 0, -# corresponding to a cache size of 2^16 = 65536 symbols. - -LOOKUP_CACHE_SIZE = 0 - #--------------------------------------------------------------------------- # Build related configuration options #--------------------------------------------------------------------------- @@ -486,11 +449,8 @@ SORT_GROUP_NAMES = NO SORT_BY_SCOPE_NAME = NO -# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to -# do proper type resolution of all parameters of a function it will reject a -# match between the prototype and the implementation of a member function even -# if there is only one candidate or it is obvious which candidate to choose -# by doing a simple string match. By disabling STRICT_PROTO_MATCHING doxygen +# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to do proper type resolution of all parameters of a function it will reject a +# match between the prototype and the implementation of a member function even if there is only one candidate or it is obvious which candidate to choose by doing a simple string match. By disabling STRICT_PROTO_MATCHING doxygen # will still accept a match between prototype and implementation in such cases. STRICT_PROTO_MATCHING = NO @@ -578,16 +538,6 @@ FILE_VERSION_FILTER = LAYOUT_FILE = -# The CITE_BIB_FILES tag can be used to specify one or more bib files -# containing the references data. This must be a list of .bib files. The -# .bib extension is automatically appended if omitted. Using this command -# requires the bibtex tool to be installed. See also -# http://en.wikipedia.org/wiki/BibTeX for more info. For LaTeX the style -# of the bibliography can be controlled using LATEX_BIB_STYLE. To use this -# feature you need bibtex and perl available in the search path. - -CITE_BIB_FILES = - #--------------------------------------------------------------------------- # configuration options related to warning and progress messages #--------------------------------------------------------------------------- @@ -679,15 +629,13 @@ FILE_PATTERNS = RECURSIVE = NO -# The EXCLUDE tag can be used to specify files and/or directories that should be +# The EXCLUDE tag can be used to specify files and/or directories that should # excluded from the INPUT source files. This way you can easily exclude a # subdirectory from a directory tree whose root is specified with the INPUT tag. -# Note that relative paths are relative to the directory from which doxygen is -# run. EXCLUDE = -# The EXCLUDE_SYMLINKS tag can be used to select whether or not files or +# The EXCLUDE_SYMLINKS tag can be used select whether or not files or # directories that are symbolic links (a Unix file system feature) are excluded # from the input. @@ -873,14 +821,7 @@ HTML_FILE_EXTENSION = .html # The HTML_HEADER tag can be used to specify a personal HTML header for # each generated HTML page. If it is left blank doxygen will generate a -# standard header. Note that when using a custom header you are responsible -# for the proper inclusion of any scripts and style sheets that doxygen -# needs, which is dependent on the configuration options used. -# It is advised to generate a default header using "doxygen -w html -# header.html footer.html stylesheet.css YourConfigFile" and then modify -# that header. Note that the header is subject to change so you typically -# have to redo this when upgrading to a newer version of doxygen or when -# changing the value of configuration settings such as GENERATE_TREEVIEW! +# standard header. HTML_HEADER = doc/header.html @@ -895,21 +836,12 @@ HTML_FOOTER = # fine-tune the look of the HTML output. If the tag is left blank doxygen # will generate a default style sheet. Note that doxygen will try to copy # the style sheet file to the HTML output directory, so don't put your own -# style sheet in the HTML output directory as well, or it will be erased! +# stylesheet in the HTML output directory as well, or it will be erased! HTML_STYLESHEET = -# The HTML_EXTRA_FILES tag can be used to specify one or more extra images or -# other source files which should be copied to the HTML output directory. Note -# that these files will be copied to the base HTML output directory. Use the -# $relpath$ marker in the HTML_HEADER and/or HTML_FOOTER files to load these -# files. In the HTML_STYLESHEET file, use the file name only. Also note that -# the files will be copied as-is; there are no commands or markers available. - -HTML_EXTRA_FILES = - # The HTML_COLORSTYLE_HUE tag controls the color of the HTML output. -# Doxygen will adjust the colors in the style sheet and background images +# Doxygen will adjust the colors in the stylesheet and background images # according to this color. Hue is specified as an angle on a colorwheel, # see http://en.wikipedia.org/wiki/Hue for more information. # For instance the value 0 represents red, 60 is yellow, 120 is green, @@ -939,6 +871,12 @@ HTML_COLORSTYLE_GAMMA = 80 HTML_TIMESTAMP = YES +# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes, +# files or namespaces will be aligned in HTML using tables. If set to +# NO a bullet list will be used. + +HTML_ALIGN_MEMBERS = YES + # If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML # documentation will contain sections that can be hidden and shown after the # page has loaded. For this to work a browser that supports @@ -1098,14 +1036,18 @@ GENERATE_ECLIPSEHELP = NO ECLIPSE_DOC_ID = org.doxygen.Project -# The DISABLE_INDEX tag can be used to turn on/off the condensed index (tabs) -# at top of each HTML page. The value NO (the default) enables the index and -# the value YES disables it. Since the tabs have the same information as the -# navigation tree you can set this option to NO if you already set -# GENERATE_TREEVIEW to YES. +# The DISABLE_INDEX tag can be used to turn on/off the condensed index at +# top of each HTML page. The value NO (the default) enables the index and +# the value YES disables it. DISABLE_INDEX = NO +# This tag can be used to set the number of enum values (range [0,1..20]) +# that doxygen will group on one line in the generated HTML documentation. +# Note that a value of 0 will completely suppress the enum values from appearing in the overview section. + +ENUM_VALUES_PER_LINE = 4 + # The GENERATE_TREEVIEW tag is used to specify whether a tree-like index # structure should be generated to display hierarchical information. # If the tag value is set to YES, a side panel will be generated @@ -1113,17 +1055,13 @@ DISABLE_INDEX = NO # is generated for HTML Help). For this to work a browser that supports # JavaScript, DHTML, CSS and frames is required (i.e. any modern browser). # Windows users are probably better off using the HTML help feature. -# Since the tree basically has the same information as the tab index you -# could consider to set DISABLE_INDEX to NO when enabling this option. GENERATE_TREEVIEW = NO -# The ENUM_VALUES_PER_LINE tag can be used to set the number of enum values -# (range [0,1..20]) that doxygen will group on one line in the generated HTML -# documentation. Note that a value of 0 will completely suppress the enum -# values from appearing in the overview section. +# By enabling USE_INLINE_TREES, doxygen will generate the Groups, Directories, +# and Class Hierarchy pages using a tree view instead of an ordered list. -ENUM_VALUES_PER_LINE = 4 +USE_INLINE_TREES = NO # If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be # used to set the initial width (in pixels) of the frame in which the tree @@ -1165,18 +1103,12 @@ USE_MATHJAX = NO # HTML output directory using the MATHJAX_RELPATH option. The destination # directory should contain the MathJax.js script. For instance, if the mathjax # directory is located at the same level as the HTML output directory, then -# MATHJAX_RELPATH should be ../mathjax. The default value points to the -# mathjax.org site, so you can quickly see the result without installing +# MATHJAX_RELPATH should be ../mathjax. The default value points to the mathjax.org site, so you can quickly see the result without installing # MathJax, but it is strongly recommended to install a local copy of MathJax # before deployment. MATHJAX_RELPATH = http://www.mathjax.org/mathjax -# The MATHJAX_EXTENSIONS tag can be used to specify one or MathJax extension -# names that should be enabled during MathJax rendering. - -MATHJAX_EXTENSIONS = - # When the SEARCHENGINE tag is enabled doxygen will generate a search box # for the HTML output. The underlying search engine uses javascript # and DHTML and should work on any modern browser. Note that when using @@ -1250,13 +1182,6 @@ EXTRA_PACKAGES = LATEX_HEADER = -# The LATEX_FOOTER tag can be used to specify a personal LaTeX footer for -# the generated latex document. The footer should contain everything after -# the last chapter. If it is left blank doxygen will generate a -# standard footer. Notice: only use this tag if you know what you are doing! - -LATEX_FOOTER = - # If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated # is prepared for conversion to pdf (using ps2pdf). The pdf file will # contain links (just like the HTML output) instead of page references @@ -1290,12 +1215,6 @@ LATEX_HIDE_INDICES = NO LATEX_SOURCE_CODE = NO -# The LATEX_BIB_STYLE tag can be used to specify the style to use for the -# bibliography, e.g. plainnat, or ieeetr. The default style is "plain". See -# http://en.wikipedia.org/wiki/BibTeX for more info. - -LATEX_BIB_STYLE = plain - #--------------------------------------------------------------------------- # configuration options related to the RTF output #--------------------------------------------------------------------------- @@ -1327,7 +1246,7 @@ COMPACT_RTF = NO RTF_HYPERLINKS = NO -# Load style sheet definitions from file. Syntax is similar to doxygen's +# Load stylesheet definitions from file. Syntax is similar to doxygen's # config file, i.e. a series of assignments. You only have to provide # replacements, missing definitions are set to their default value. @@ -1472,7 +1391,7 @@ MACRO_EXPANSION = YES EXPAND_ONLY_PREDEF = NO # If the SEARCH_INCLUDES tag is set to YES (the default) the includes files -# pointed to by INCLUDE_PATH will be searched when a #include is found. +# in the INCLUDE_PATH (see below) will be search if a #include is found. SEARCH_INCLUDES = YES @@ -1480,7 +1399,7 @@ SEARCH_INCLUDES = YES # contain include files that are not input files but should be processed by # the preprocessor. -INCLUDE_PATH = . +INCLUDE_PATH = # You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard # patterns (like *.h and *.hpp) to filter out the header-files in the @@ -1502,8 +1421,7 @@ PREDEFINED = HAVE_SSL # If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then # this tag can be used to specify a list of macro names that should be expanded. # The macro definition that is found in the sources will be used. -# Use the PREDEFINED tag if you want to use a different macro definition that -# overrules the definition found in the source code. +# Use the PREDEFINED tag if you want to use a different macro definition that overrules the definition found in the source code. EXPAND_AS_DEFINED = @@ -1601,12 +1519,13 @@ HAVE_DOT = NO DOT_NUM_THREADS = 0 -# By default doxygen will use the Helvetica font for all dot files that -# doxygen generates. When you want a differently looking font you can specify -# the font name using DOT_FONTNAME. You need to make sure dot is able to find -# the font, which can be done by putting it in a standard location or by setting -# the DOTFONTPATH environment variable or by setting DOT_FONTPATH to the -# directory containing the font. +# By default doxygen will write a font called Helvetica to the output +# directory and reference it in all dot files that doxygen generates. +# When you want a differently looking font you can specify the font name +# using DOT_FONTNAME. You need to make sure dot is able to find the font, +# which can be done by putting it in a standard location or by setting the +# DOTFONTPATH environment variable or by setting DOT_FONTPATH to the directory +# containing the font. DOT_FONTNAME = Helvetica @@ -1615,16 +1534,17 @@ DOT_FONTNAME = Helvetica DOT_FONTSIZE = 10 -# By default doxygen will tell dot to use the Helvetica font. -# If you specify a different font using DOT_FONTNAME you can use DOT_FONTPATH to -# set the path where dot can find it. +# By default doxygen will tell dot to use the output directory to look for the +# FreeSans.ttf font (which doxygen will put there itself). If you specify a +# different font using DOT_FONTNAME you can set the path where dot +# can find it using this tag. DOT_FONTPATH = # If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen # will generate a graph for each documented class showing the direct and # indirect inheritance relations. Setting this tag to YES will force the -# CLASS_DIAGRAMS tag to NO. +# the CLASS_DIAGRAMS tag to NO. CLASS_GRAPH = YES @@ -1694,22 +1614,11 @@ GRAPHICAL_HIERARCHY = YES DIRECTORY_GRAPH = YES # The DOT_IMAGE_FORMAT tag can be used to set the image format of the images -# generated by dot. Possible values are svg, png, jpg, or gif. -# If left blank png will be used. If you choose svg you need to set -# HTML_FILE_EXTENSION to xhtml in order to make the SVG files -# visible in IE 9+ (other browsers do not have this requirement). +# generated by dot. Possible values are png, svg, gif or svg. +# If left blank png will be used. DOT_IMAGE_FORMAT = png -# If DOT_IMAGE_FORMAT is set to svg, then this option can be set to YES to -# enable generation of interactive SVG images that allow zooming and panning. -# Note that this requires a modern browser other than Internet Explorer. -# Tested and working are Firefox, Chrome, Safari, and Opera. For IE 9+ you -# need to set HTML_FILE_EXTENSION to xhtml in order to make the SVG files -# visible. Older versions of IE do not have SVG support. - -INTERACTIVE_SVG = NO - # The tag DOT_PATH can be used to specify the path where the dot tool can be # found. If left blank, it is assumed the dot tool can be found in the path. diff --git a/usr.sbin/unbound/ldns/ltmain.sh b/usr.sbin/unbound/ldns/ltmain.sh index c2852d85613..b4a3231ca3b 100755..100644 --- a/usr.sbin/unbound/ldns/ltmain.sh +++ b/usr.sbin/unbound/ldns/ltmain.sh @@ -1,9 +1,9 @@ -# libtool (GNU libtool) 2.4.2 +# libtool (GNU libtool) 2.4 # Written by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996 # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, -# 2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc. +# 2007, 2008, 2009, 2010 Free Software Foundation, Inc. # This is free software; see the source for copying conditions. There is NO # warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. @@ -41,7 +41,6 @@ # --quiet, --silent don't print informational messages # --no-quiet, --no-silent # print informational messages (default) -# --no-warn don't display warning messages # --tag=TAG use configuration variables from tag TAG # -v, --verbose print more informational messages than default # --no-verbose don't print the extra informational messages @@ -70,7 +69,7 @@ # compiler: $LTCC # compiler flags: $LTCFLAGS # linker: $LD (gnu? $with_gnu_ld) -# $progname: (GNU libtool) 2.4.2 Debian-2.4.2-1ubuntu1 +# $progname: (GNU libtool) 2.4 Debian-2.4-2ubuntu1 # automake: $automake_version # autoconf: $autoconf_version # @@ -80,9 +79,9 @@ PROGRAM=libtool PACKAGE=libtool -VERSION="2.4.2 Debian-2.4.2-1ubuntu1" +VERSION="2.4 Debian-2.4-2ubuntu1" TIMESTAMP="" -package_revision=1.3337 +package_revision=1.3293 # Be Bourne compatible if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then @@ -137,10 +136,15 @@ progpath="$0" : ${CP="cp -f"} test "${ECHO+set}" = set || ECHO=${as_echo-'printf %s\n'} +: ${EGREP="/bin/grep -E"} +: ${FGREP="/bin/grep -F"} +: ${GREP="/bin/grep"} +: ${LN_S="ln -s"} : ${MAKE="make"} : ${MKDIR="mkdir"} : ${MV="mv -f"} : ${RM="rm -f"} +: ${SED="/bin/sed"} : ${SHELL="${CONFIG_SHELL-/bin/sh}"} : ${Xsed="$SED -e 1s/^X//"} @@ -383,7 +387,7 @@ case $progpath in ;; *) save_IFS="$IFS" - IFS=${PATH_SEPARATOR-:} + IFS=: for progdir in $PATH; do IFS="$save_IFS" test -x "$progdir/$progname" && break @@ -767,8 +771,8 @@ func_help () s*\$LTCFLAGS*'"$LTCFLAGS"'* s*\$LD*'"$LD"'* s/\$with_gnu_ld/'"$with_gnu_ld"'/ - s/\$automake_version/'"`(${AUTOMAKE-automake} --version) 2>/dev/null |$SED 1q`"'/ - s/\$autoconf_version/'"`(${AUTOCONF-autoconf} --version) 2>/dev/null |$SED 1q`"'/ + s/\$automake_version/'"`(automake --version) 2>/dev/null |$SED 1q`"'/ + s/\$autoconf_version/'"`(autoconf --version) 2>/dev/null |$SED 1q`"'/ p d } @@ -1048,7 +1052,6 @@ opt_finish=false opt_help=false opt_help_all=false opt_silent=: -opt_warning=: opt_verbose=: opt_silent=false opt_verbose=false @@ -1117,10 +1120,6 @@ esac opt_silent=false func_append preserve_args " $opt" ;; - --no-warning|--no-warn) - opt_warning=false -func_append preserve_args " $opt" - ;; --no-verbose) opt_verbose=false func_append preserve_args " $opt" @@ -2060,7 +2059,7 @@ func_mode_compile () *.[cCFSifmso] | \ *.ada | *.adb | *.ads | *.asm | \ *.c++ | *.cc | *.ii | *.class | *.cpp | *.cxx | \ - *.[fF][09]? | *.for | *.java | *.go | *.obj | *.sx | *.cu | *.cup) + *.[fF][09]? | *.for | *.java | *.obj | *.sx | *.cu | *.cup) func_xform "$libobj" libobj=$func_xform_result ;; @@ -3202,13 +3201,11 @@ func_mode_install () # Set up the ranlib parameters. oldlib="$destdir/$name" - func_to_tool_file "$oldlib" func_convert_file_msys_to_w32 - tool_oldlib=$func_to_tool_file_result func_show_eval "$install_prog \$file \$oldlib" 'exit $?' if test -n "$stripme" && test -n "$old_striplib"; then - func_show_eval "$old_striplib $tool_oldlib" 'exit $?' + func_show_eval "$old_striplib $oldlib" 'exit $?' fi # Do each command in the postinstall commands. @@ -3473,7 +3470,7 @@ static const void *lt_preloaded_setup() { # linked before any other PIC object. But we must not use # pic_flag when linking with -static. The problem exists in # FreeBSD 2.2.6 and is fixed in FreeBSD 3.1. - *-*-freebsd2.*|*-*-freebsd3.0*|*-*-freebsdelf3.0*) + *-*-freebsd2*|*-*-freebsd3.0*|*-*-freebsdelf3.0*) pic_flag_for_symtable=" $pic_flag -DFREEBSD_WORKAROUND" ;; *-*-hpux*) pic_flag_for_symtable=" $pic_flag" ;; @@ -3985,17 +3982,14 @@ func_exec_program_core () # launches target application with the remaining arguments. func_exec_program () { - case \" \$* \" in - *\\ --lt-*) - for lt_wr_arg - do - case \$lt_wr_arg in - --lt-*) ;; - *) set x \"\$@\" \"\$lt_wr_arg\"; shift;; - esac - shift - done ;; - esac + for lt_wr_arg + do + case \$lt_wr_arg in + --lt-*) ;; + *) set x \"\$@\" \"\$lt_wr_arg\"; shift;; + esac + shift + done func_exec_program_core \${1+\"\$@\"} } @@ -5063,15 +5057,9 @@ void lt_dump_script (FILE* f) { EOF func_emit_wrapper yes | - $SED -n -e ' -s/^\(.\{79\}\)\(..*\)/\1\ -\2/ -h -s/\([\\"]\)/\\\1/g -s/$/\\n/ -s/\([^\n]*\).*/ fputs ("\1", f);/p -g -D' + $SED -e 's/\([\\"]\)/\\\1/g' \ + -e 's/^/ fputs ("/' -e 's/$/\\n", f);/' + cat <<"EOF" } EOF @@ -5655,8 +5643,7 @@ func_mode_link () continue ;; - -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \ - |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*) + -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe|-threads) func_append compiler_flags " $arg" func_append compile_command " $arg" func_append finalize_command " $arg" @@ -6163,8 +6150,7 @@ func_mode_link () lib= found=no case $deplib in - -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \ - |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*) + -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe|-threads) if test "$linkmode,$pass" = "prog,link"; then compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" @@ -6848,7 +6834,7 @@ func_mode_link () test "$hardcode_direct_absolute" = no; then add="$dir/$linklib" elif test "$hardcode_minus_L" = yes; then - add_dir="-L$absdir" + add_dir="-L$dir" # Try looking first in the location we're being installed to. if test -n "$inst_prefix_dir"; then case $libdir in @@ -7333,7 +7319,6 @@ func_mode_link () # which has an extra 1 added just for fun # case $version_type in - # correct linux to gnu/linux during the next big refactor darwin|linux|osf|windows|none) func_arith $number_major + $number_minor current=$func_arith_result @@ -7453,7 +7438,7 @@ func_mode_link () versuffix="$major.$revision" ;; - linux) # correct to gnu/linux during the next big refactor + linux) func_arith $current - $age major=.$func_arith_result versuffix="$major.$age.$revision" @@ -8041,11 +8026,6 @@ EOF # Test again, we may have decided not to build it any more if test "$build_libtool_libs" = yes; then - # Remove ${wl} instances when linking with ld. - # FIXME: should test the right _cmds variable. - case $archive_cmds in - *\$LD\ *) wl= ;; - esac if test "$hardcode_into_libs" = yes; then # Hardcode the library paths hardcode_libdirs= @@ -8076,7 +8056,7 @@ EOF elif test -n "$runpath_var"; then case "$perm_rpath " in *" $libdir "*) ;; - *) func_append perm_rpath " $libdir" ;; + *) func_apped perm_rpath " $libdir" ;; esac fi done @@ -8084,7 +8064,11 @@ EOF if test -n "$hardcode_libdir_separator" && test -n "$hardcode_libdirs"; then libdir="$hardcode_libdirs" - eval "dep_rpath=\"$hardcode_libdir_flag_spec\"" + if test -n "$hardcode_libdir_flag_spec_ld"; then + eval dep_rpath=\"$hardcode_libdir_flag_spec_ld\" + else + eval dep_rpath=\"$hardcode_libdir_flag_spec\" + fi fi if test -n "$runpath_var" && test -n "$perm_rpath"; then # We should set the runpath_var. @@ -9174,8 +9158,6 @@ EOF esac done fi - func_to_tool_file "$oldlib" func_convert_file_msys_to_w32 - tool_oldlib=$func_to_tool_file_result eval cmds=\"$old_archive_cmds\" func_len " $cmds" @@ -9285,8 +9267,7 @@ EOF *.la) func_basename "$deplib" name="$func_basename_result" - func_resolve_sysroot "$deplib" - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $func_resolve_sysroot_result` + eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` test -z "$libdir" && \ func_fatal_error "\`$deplib' is not a valid libtool archive" func_append newdependency_libs " ${lt_sysroot:+=}$libdir/$name" diff --git a/usr.sbin/unbound/ldns/net.c b/usr.sbin/unbound/ldns/net.c index b8a5385e1c2..870511a75b2 100644 --- a/usr.sbin/unbound/ldns/net.c +++ b/usr.sbin/unbound/ldns/net.c @@ -56,53 +56,172 @@ ldns_send(ldns_pkt **result_packet, ldns_resolver *r, const ldns_pkt *query_pkt) return result; } -/* code from rdata.c */ -static struct sockaddr_storage * -ldns_rdf2native_sockaddr_storage_port( - const ldns_rdf *rd, uint16_t port, size_t *size) +ldns_status +ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf *tsig_mac) { - struct sockaddr_storage *data; - struct sockaddr_in *data_in; - struct sockaddr_in6 *data_in6; + uint8_t i; + + struct sockaddr_storage *ns; + size_t ns_len; + struct timeval tv_s; + struct timeval tv_e; + + ldns_rdf **ns_array; + size_t *rtt; + ldns_pkt *reply; + bool all_servers_rtt_inf; + uint8_t retries; + + uint8_t *reply_bytes = NULL; + size_t reply_size = 0; + ldns_status status, send_status; + + assert(r != NULL); + + status = LDNS_STATUS_OK; + rtt = ldns_resolver_rtt(r); + ns_array = ldns_resolver_nameservers(r); + reply = NULL; + ns_len = 0; + + all_servers_rtt_inf = true; + + if (ldns_resolver_random(r)) { + ldns_resolver_nameservers_randomize(r); + } + + /* loop through all defined nameservers */ + for (i = 0; i < ldns_resolver_nameserver_count(r); i++) { + if (rtt[i] == LDNS_RESOLV_RTT_INF) { + /* not reachable nameserver! */ + continue; + } + + /* maybe verbosity setting? + printf("Sending to "); + ldns_rdf_print(stdout, ns_array[i]); + printf("\n"); + */ + ns = ldns_rdf2native_sockaddr_storage(ns_array[i], + ldns_resolver_port(r), &ns_len); - data = LDNS_MALLOC(struct sockaddr_storage); - if (!data) { - return NULL; - } - /* zero the structure for portability */ - memset(data, 0, sizeof(struct sockaddr_storage)); - switch(ldns_rdf_get_type(rd)) { - case LDNS_RDF_TYPE_A: -#ifndef S_SPLINT_S - data->ss_family = AF_INET; -#endif - data_in = (struct sockaddr_in*) data; - data_in->sin_port = (in_port_t)htons(port); - memcpy(&(data_in->sin_addr), ldns_rdf_data(rd), ldns_rdf_size(rd)); - *size = sizeof(struct sockaddr_in); - return data; - case LDNS_RDF_TYPE_AAAA: #ifndef S_SPLINT_S - data->ss_family = AF_INET6; + if ((ns->ss_family == AF_INET) && + (ldns_resolver_ip6(r) == LDNS_RESOLV_INET6)) { + /* not reachable */ + continue; + } + + if ((ns->ss_family == AF_INET6) && + (ldns_resolver_ip6(r) == LDNS_RESOLV_INET)) { + /* not reachable */ + continue; + } #endif - data_in6 = (struct sockaddr_in6*) data; - data_in6->sin6_port = (in_port_t)htons(port); - memcpy(&data_in6->sin6_addr, ldns_rdf_data(rd), ldns_rdf_size(rd)); - *size = sizeof(struct sockaddr_in6); - return data; - default: - LDNS_FREE(data); - return NULL; - } -} -struct sockaddr_storage * -ldns_rdf2native_sockaddr_storage( - const ldns_rdf *rd, uint16_t port, size_t *size) -{ - return ldns_rdf2native_sockaddr_storage_port( - rd, (port == 0 ? (uint16_t)LDNS_PORT : port), size); + all_servers_rtt_inf = false; + + gettimeofday(&tv_s, NULL); + + send_status = LDNS_STATUS_ERR; + + /* reply_bytes implicitly handles our error */ + if (1 == ldns_resolver_usevc(r)) { + for (retries = ldns_resolver_retry(r); retries > 0; retries--) { + send_status = + ldns_tcp_send(&reply_bytes, qb, ns, + (socklen_t)ns_len, ldns_resolver_timeout(r), + &reply_size); + if (send_status == LDNS_STATUS_OK) { + break; + } + } + } else { + for (retries = ldns_resolver_retry(r); retries > 0; retries--) { + /* ldns_rdf_print(stdout, ns_array[i]); */ + send_status = + ldns_udp_send(&reply_bytes, qb, ns, + (socklen_t)ns_len, ldns_resolver_timeout(r), + &reply_size); + + if (send_status == LDNS_STATUS_OK) { + break; + } + } + } + + if (send_status != LDNS_STATUS_OK) { + ldns_resolver_set_nameserver_rtt(r, i, LDNS_RESOLV_RTT_INF); + status = send_status; + } + + /* obey the fail directive */ + if (!reply_bytes) { + /* the current nameserver seems to have a problem, blacklist it */ + if (ldns_resolver_fail(r)) { + LDNS_FREE(ns); + return LDNS_STATUS_ERR; + } else { + LDNS_FREE(ns); + continue; + } + } + + status = ldns_wire2pkt(&reply, reply_bytes, reply_size); + if (status != LDNS_STATUS_OK) { + LDNS_FREE(reply_bytes); + LDNS_FREE(ns); + return status; + } + + LDNS_FREE(ns); + gettimeofday(&tv_e, NULL); + + if (reply) { + ldns_pkt_set_querytime(reply, (uint32_t) + ((tv_e.tv_sec - tv_s.tv_sec) * 1000) + + (tv_e.tv_usec - tv_s.tv_usec) / 1000); + ldns_pkt_set_answerfrom(reply, ns_array[i]); + ldns_pkt_set_timestamp(reply, tv_s); + ldns_pkt_set_size(reply, reply_size); + break; + } else { + if (ldns_resolver_fail(r)) { + /* if fail is set bail out, after the first + * one */ + break; + } + } + + /* wait retrans seconds... */ + sleep((unsigned int) ldns_resolver_retrans(r)); + } + + if (all_servers_rtt_inf) { + LDNS_FREE(reply_bytes); + return LDNS_STATUS_RES_NO_NS; + } +#ifdef HAVE_SSL + if (tsig_mac && reply_bytes) { + if (!ldns_pkt_tsig_verify(reply, + reply_bytes, + reply_size, + ldns_resolver_tsig_keyname(r), + ldns_resolver_tsig_keydata(r), tsig_mac)) { + status = LDNS_STATUS_CRYPTO_TSIG_BOGUS; + } + } +#else + (void)tsig_mac; +#endif /* HAVE_SSL */ + + LDNS_FREE(reply_bytes); + if (result) { + *result = reply; + } + + return status; } /** best effort to set nonblocking */ @@ -168,10 +287,90 @@ ldns_sock_wait(int sockfd, struct timeval timeout, int write) return 1; } +ldns_status +ldns_udp_send(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to, + socklen_t tolen, struct timeval timeout, size_t *answer_size) +{ + int sockfd; + uint8_t *answer; -static int -ldns_tcp_connect_from(const struct sockaddr_storage *to, socklen_t tolen, - const struct sockaddr_storage *from, socklen_t fromlen, + sockfd = ldns_udp_bgsend(qbin, to, tolen, timeout); + + if (sockfd == 0) { + return LDNS_STATUS_SOCKET_ERROR; + } + + /* wait for an response*/ + if(!ldns_sock_wait(sockfd, timeout, 0)) { +#ifndef USE_WINSOCK + close(sockfd); +#else + closesocket(sockfd); +#endif + return LDNS_STATUS_NETWORK_ERR; + } + + /* set to nonblocking, so if the checksum is bad, it becomes + * an EGAIN error and the ldns_udp_send function does not block, + * but returns a 'NETWORK_ERROR' much like a timeout. */ + ldns_sock_nonblock(sockfd); + + answer = ldns_udp_read_wire(sockfd, answer_size, NULL, NULL); +#ifndef USE_WINSOCK + close(sockfd); +#else + closesocket(sockfd); +#endif + + if (*answer_size == 0) { + /* oops */ + return LDNS_STATUS_NETWORK_ERR; + } + + *result = answer; + return LDNS_STATUS_OK; +} + +int +ldns_udp_bgsend(ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen, + struct timeval timeout) +{ + int sockfd; + + sockfd = ldns_udp_connect(to, timeout); + + if (sockfd == 0) { + return 0; + } + + if (ldns_udp_send_query(qbin, sockfd, to, tolen) == 0) { +#ifndef USE_WINSOCK + close(sockfd); +#else + closesocket(sockfd); +#endif + return 0; + } + return sockfd; +} + +int +ldns_udp_connect(const struct sockaddr_storage *to, struct timeval ATTR_UNUSED(timeout)) +{ + int sockfd; + +#ifndef S_SPLINT_S + if ((sockfd = socket((int)((struct sockaddr*)to)->sa_family, SOCK_DGRAM, + IPPROTO_UDP)) + == -1) { + return 0; + } +#endif + return sockfd; +} + +int +ldns_tcp_connect(const struct sockaddr_storage *to, socklen_t tolen, struct timeval timeout) { int sockfd; @@ -182,9 +381,6 @@ ldns_tcp_connect_from(const struct sockaddr_storage *to, socklen_t tolen, return 0; } #endif - if (from && bind(sockfd, (const struct sockaddr*)from, fromlen) == -1){ - return 0; - } /* perform nonblocking connect, to be able to wait with select() */ ldns_sock_nonblock(sockfd); @@ -263,387 +459,6 @@ ldns_tcp_connect_from(const struct sockaddr_storage *to, socklen_t tolen, return sockfd; } -int -ldns_tcp_connect(const struct sockaddr_storage *to, socklen_t tolen, - struct timeval timeout) -{ - return ldns_tcp_connect_from(to, tolen, NULL, 0, timeout); -} - -static int -ldns_tcp_bgsend_from(ldns_buffer *qbin, - const struct sockaddr_storage *to, socklen_t tolen, - const struct sockaddr_storage *from, socklen_t fromlen, - struct timeval timeout) -{ - int sockfd; - - sockfd = ldns_tcp_connect_from(to, tolen, from, fromlen, timeout); - - if (sockfd == 0) { - return 0; - } - - if (ldns_tcp_send_query(qbin, sockfd, to, tolen) == 0) { -#ifndef USE_WINSOCK - close(sockfd); -#else - closesocket(sockfd); -#endif - return 0; - } - - return sockfd; -} - -int -ldns_tcp_bgsend(ldns_buffer *qbin, - const struct sockaddr_storage *to, socklen_t tolen, - struct timeval timeout) -{ - return ldns_tcp_bgsend_from(qbin, to, tolen, NULL, 0, timeout); -} - - -/* keep in mind that in DNS tcp messages the first 2 bytes signal the - * amount data to expect - */ -static ldns_status -ldns_tcp_send_from(uint8_t **result, ldns_buffer *qbin, - const struct sockaddr_storage *to, socklen_t tolen, - const struct sockaddr_storage *from, socklen_t fromlen, - struct timeval timeout, size_t *answer_size) -{ - int sockfd; - uint8_t *answer; - - sockfd = ldns_tcp_bgsend_from(qbin, to, tolen, from, fromlen, timeout); - - if (sockfd == 0) { - return LDNS_STATUS_ERR; - } - - answer = ldns_tcp_read_wire_timeout(sockfd, answer_size, timeout); -#ifndef USE_WINSOCK - close(sockfd); -#else - closesocket(sockfd); -#endif - - if (*answer_size == 0) { - /* oops */ - return LDNS_STATUS_NETWORK_ERR; - } - - /* resize accordingly */ - *result = LDNS_XREALLOC(answer, uint8_t, (size_t)*answer_size); - if(!*result) { - LDNS_FREE(answer); - return LDNS_STATUS_MEM_ERR; - } - return LDNS_STATUS_OK; -} - -ldns_status -ldns_tcp_send(uint8_t **result, ldns_buffer *qbin, - const struct sockaddr_storage *to, socklen_t tolen, - struct timeval timeout, size_t *answer_size) -{ - return ldns_tcp_send_from(result, qbin, - to, tolen, NULL, 0, timeout, answer_size); -} - -int -ldns_udp_connect(const struct sockaddr_storage *to, struct timeval ATTR_UNUSED(timeout)) -{ - int sockfd; - -#ifndef S_SPLINT_S - if ((sockfd = socket((int)((struct sockaddr*)to)->sa_family, SOCK_DGRAM, - IPPROTO_UDP)) - == -1) { - return 0; - } -#endif - return sockfd; -} - -static int -ldns_udp_bgsend_from(ldns_buffer *qbin, - const struct sockaddr_storage *to , socklen_t tolen, - const struct sockaddr_storage *from, socklen_t fromlen, - struct timeval timeout) -{ - int sockfd; - - sockfd = ldns_udp_connect(to, timeout); - - if (sockfd == 0) { - return 0; - } - - if (from && bind(sockfd, (const struct sockaddr*)from, fromlen) == -1){ - return 0; - } - - if (ldns_udp_send_query(qbin, sockfd, to, tolen) == 0) { -#ifndef USE_WINSOCK - close(sockfd); -#else - closesocket(sockfd); -#endif - return 0; - } - return sockfd; -} - -int -ldns_udp_bgsend(ldns_buffer *qbin, - const struct sockaddr_storage *to , socklen_t tolen, - struct timeval timeout) -{ - return ldns_udp_bgsend_from(qbin, to, tolen, NULL, 0, timeout); -} - -static ldns_status -ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, - const struct sockaddr_storage *to , socklen_t tolen, - const struct sockaddr_storage *from, socklen_t fromlen, - struct timeval timeout, size_t *answer_size) -{ - int sockfd; - uint8_t *answer; - - sockfd = ldns_udp_bgsend_from(qbin, to, tolen, from, fromlen, timeout); - - if (sockfd == 0) { - return LDNS_STATUS_SOCKET_ERROR; - } - - /* wait for an response*/ - if(!ldns_sock_wait(sockfd, timeout, 0)) { -#ifndef USE_WINSOCK - close(sockfd); -#else - closesocket(sockfd); -#endif - return LDNS_STATUS_NETWORK_ERR; - } - - /* set to nonblocking, so if the checksum is bad, it becomes - * an EGAIN error and the ldns_udp_send function does not block, - * but returns a 'NETWORK_ERROR' much like a timeout. */ - ldns_sock_nonblock(sockfd); - - answer = ldns_udp_read_wire(sockfd, answer_size, NULL, NULL); -#ifndef USE_WINSOCK - close(sockfd); -#else - closesocket(sockfd); -#endif - - if (*answer_size == 0) { - /* oops */ - return LDNS_STATUS_NETWORK_ERR; - } - - *result = answer; - return LDNS_STATUS_OK; -} - -ldns_status -ldns_udp_send(uint8_t **result, ldns_buffer *qbin, - const struct sockaddr_storage *to , socklen_t tolen, - struct timeval timeout, size_t *answer_size) -{ - return ldns_udp_send_from(result, qbin, to, tolen, NULL, 0, - timeout, answer_size); -} - -ldns_status -ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf *tsig_mac) -{ - uint8_t i; - - struct sockaddr_storage *src = NULL; - size_t src_len; - struct sockaddr_storage *ns; - size_t ns_len; - struct timeval tv_s; - struct timeval tv_e; - - ldns_rdf **ns_array; - size_t *rtt; - ldns_pkt *reply; - bool all_servers_rtt_inf; - uint8_t retries; - - uint8_t *reply_bytes = NULL; - size_t reply_size = 0; - ldns_status status, send_status; - - assert(r != NULL); - - status = LDNS_STATUS_OK; - rtt = ldns_resolver_rtt(r); - ns_array = ldns_resolver_nameservers(r); - reply = NULL; - ns_len = 0; - - all_servers_rtt_inf = true; - - if (ldns_resolver_random(r)) { - ldns_resolver_nameservers_randomize(r); - } - - if(ldns_resolver_source(r)) { - src = ldns_rdf2native_sockaddr_storage_port( - ldns_resolver_source(r), 0, &src_len); - } - - /* loop through all defined nameservers */ - for (i = 0; i < ldns_resolver_nameserver_count(r); i++) { - if (rtt[i] == LDNS_RESOLV_RTT_INF) { - /* not reachable nameserver! */ - continue; - } - - /* maybe verbosity setting? - printf("Sending to "); - ldns_rdf_print(stdout, ns_array[i]); - printf("\n"); - */ - ns = ldns_rdf2native_sockaddr_storage(ns_array[i], - ldns_resolver_port(r), &ns_len); - - -#ifndef S_SPLINT_S - if ((ns->ss_family == AF_INET) && - (ldns_resolver_ip6(r) == LDNS_RESOLV_INET6)) { - /* not reachable */ - LDNS_FREE(ns); - continue; - } - - if ((ns->ss_family == AF_INET6) && - (ldns_resolver_ip6(r) == LDNS_RESOLV_INET)) { - /* not reachable */ - LDNS_FREE(ns); - continue; - } -#endif - - all_servers_rtt_inf = false; - - gettimeofday(&tv_s, NULL); - - send_status = LDNS_STATUS_ERR; - - /* reply_bytes implicitly handles our error */ - if (ldns_resolver_usevc(r)) { - for (retries = ldns_resolver_retry(r); retries > 0; retries--) { - send_status = - ldns_tcp_send_from(&reply_bytes, qb, - ns, (socklen_t)ns_len, - src, (socklen_t)src_len, - ldns_resolver_timeout(r), - &reply_size); - if (send_status == LDNS_STATUS_OK) { - break; - } - } - } else { - for (retries = ldns_resolver_retry(r); retries > 0; retries--) { - /* ldns_rdf_print(stdout, ns_array[i]); */ - send_status = - ldns_udp_send_from(&reply_bytes, qb, - ns, (socklen_t)ns_len, - src, (socklen_t)src_len, - ldns_resolver_timeout(r), - &reply_size); - if (send_status == LDNS_STATUS_OK) { - break; - } - } - } - - if (send_status != LDNS_STATUS_OK) { - ldns_resolver_set_nameserver_rtt(r, i, LDNS_RESOLV_RTT_INF); - status = send_status; - } - - /* obey the fail directive */ - if (!reply_bytes) { - /* the current nameserver seems to have a problem, blacklist it */ - if (ldns_resolver_fail(r)) { - LDNS_FREE(ns); - return LDNS_STATUS_ERR; - } else { - LDNS_FREE(ns); - continue; - } - } - - status = ldns_wire2pkt(&reply, reply_bytes, reply_size); - if (status != LDNS_STATUS_OK) { - LDNS_FREE(reply_bytes); - LDNS_FREE(ns); - return status; - } - - LDNS_FREE(ns); - gettimeofday(&tv_e, NULL); - - if (reply) { - ldns_pkt_set_querytime(reply, (uint32_t) - ((tv_e.tv_sec - tv_s.tv_sec) * 1000) + - (tv_e.tv_usec - tv_s.tv_usec) / 1000); - ldns_pkt_set_answerfrom(reply, - ldns_rdf_clone(ns_array[i])); - ldns_pkt_set_timestamp(reply, tv_s); - ldns_pkt_set_size(reply, reply_size); - break; - } else { - if (ldns_resolver_fail(r)) { - /* if fail is set bail out, after the first - * one */ - break; - } - } - - /* wait retrans seconds... */ - sleep((unsigned int) ldns_resolver_retrans(r)); - } - - if(src) { - LDNS_FREE(src); - } - if (all_servers_rtt_inf) { - LDNS_FREE(reply_bytes); - return LDNS_STATUS_RES_NO_NS; - } -#ifdef HAVE_SSL - if (tsig_mac && reply && reply_bytes) { - if (!ldns_pkt_tsig_verify(reply, - reply_bytes, - reply_size, - ldns_resolver_tsig_keyname(r), - ldns_resolver_tsig_keydata(r), tsig_mac)) { - status = LDNS_STATUS_CRYPTO_TSIG_BOGUS; - } - } -#else - (void)tsig_mac; -#endif /* HAVE_SSL */ - - LDNS_FREE(reply_bytes); - if (result) { - *result = reply; - } - - return status; -} - ssize_t ldns_tcp_send_query(ldns_buffer *qbin, int sockfd, const struct sockaddr_storage *to, socklen_t tolen) @@ -655,7 +470,7 @@ ldns_tcp_send_query(ldns_buffer *qbin, int sockfd, sendbuf = LDNS_XMALLOC(uint8_t, ldns_buffer_position(qbin) + 2); if(!sendbuf) return 0; ldns_write_uint16(sendbuf, ldns_buffer_position(qbin)); - memcpy(sendbuf + 2, ldns_buffer_begin(qbin), ldns_buffer_position(qbin)); + memcpy(sendbuf + 2, ldns_buffer_export(qbin), ldns_buffer_position(qbin)); bytes = sendto(sockfd, (void*)sendbuf, ldns_buffer_position(qbin) + 2, 0, (struct sockaddr *)to, tolen); @@ -825,6 +640,110 @@ ldns_tcp_read_wire(int sockfd, size_t *size) return wire; } +/* keep in mind that in DNS tcp messages the first 2 bytes signal the + * amount data to expect + */ +ldns_status +ldns_tcp_send(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to, + socklen_t tolen, struct timeval timeout, size_t *answer_size) +{ + int sockfd; + uint8_t *answer; + + sockfd = ldns_tcp_bgsend(qbin, to, tolen, timeout); + + if (sockfd == 0) { + return LDNS_STATUS_ERR; + } + + answer = ldns_tcp_read_wire_timeout(sockfd, answer_size, timeout); +#ifndef USE_WINSOCK + close(sockfd); +#else + closesocket(sockfd); +#endif + + if (*answer_size == 0) { + /* oops */ + return LDNS_STATUS_NETWORK_ERR; + } + + /* resize accordingly */ + *result = (uint8_t*)LDNS_XREALLOC(answer, uint8_t *, (size_t)*answer_size); + if(!*result) { + LDNS_FREE(answer); + return LDNS_STATUS_MEM_ERR; + } + return LDNS_STATUS_OK; +} + +int +ldns_tcp_bgsend(ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen, + struct timeval timeout) +{ + int sockfd; + + sockfd = ldns_tcp_connect(to, tolen, timeout); + + if (sockfd == 0) { + return 0; + } + + if (ldns_tcp_send_query(qbin, sockfd, to, tolen) == 0) { +#ifndef USE_WINSOCK + close(sockfd); +#else + closesocket(sockfd); +#endif + return 0; + } + + return sockfd; +} + +/* code from rdata.c */ +struct sockaddr_storage * +ldns_rdf2native_sockaddr_storage(const ldns_rdf *rd, uint16_t port, size_t *size) +{ + struct sockaddr_storage *data; + struct sockaddr_in *data_in; + struct sockaddr_in6 *data_in6; + + data = LDNS_MALLOC(struct sockaddr_storage); + if (!data) { + return NULL; + } + /* zero the structure for portability */ + memset(data, 0, sizeof(struct sockaddr_storage)); + if (port == 0) { + port = LDNS_PORT; + } + + switch(ldns_rdf_get_type(rd)) { + case LDNS_RDF_TYPE_A: +#ifndef S_SPLINT_S + data->ss_family = AF_INET; +#endif + data_in = (struct sockaddr_in*) data; + data_in->sin_port = (in_port_t)htons(port); + memcpy(&(data_in->sin_addr), ldns_rdf_data(rd), ldns_rdf_size(rd)); + *size = sizeof(struct sockaddr_in); + return data; + case LDNS_RDF_TYPE_AAAA: +#ifndef S_SPLINT_S + data->ss_family = AF_INET6; +#endif + data_in6 = (struct sockaddr_in6*) data; + data_in6->sin6_port = (in_port_t)htons(port); + memcpy(&data_in6->sin6_addr, ldns_rdf_data(rd), ldns_rdf_size(rd)); + *size = sizeof(struct sockaddr_in6); + return data; + default: + LDNS_FREE(data); + return NULL; + } +} + #ifndef S_SPLINT_S ldns_rdf * ldns_sockaddr_storage2rdf(struct sockaddr_storage *sock, uint16_t *port) @@ -867,8 +786,6 @@ ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class class) ldns_pkt *query; ldns_buffer *query_wire; - struct sockaddr_storage *src = NULL; - size_t src_len = 0; struct sockaddr_storage *ns = NULL; size_t ns_len = 0; size_t ns_i; @@ -883,10 +800,6 @@ ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class class) if (!query) { return LDNS_STATUS_ADDRESS_ERR; } - if(ldns_resolver_source(resolver)) { - src = ldns_rdf2native_sockaddr_storage_port( - ldns_resolver_source(resolver), 0, &src_len); - } /* For AXFR, we have to make the connection ourselves */ /* try all nameservers (which usually would mean v4 fallback if * @hostname is used */ @@ -894,16 +807,11 @@ ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class class) ns_i < ldns_resolver_nameserver_count(resolver) && resolver->_socket == 0; ns_i++) { - if (ns != NULL) { - LDNS_FREE(ns); - } ns = ldns_rdf2native_sockaddr_storage( resolver->_nameservers[ns_i], ldns_resolver_port(resolver), &ns_len); - resolver->_socket = ldns_tcp_connect_from( - ns, (socklen_t)ns_len, - src, (socklen_t)src_len, + resolver->_socket = ldns_tcp_connect(ns, (socklen_t)ns_len, ldns_resolver_timeout(resolver)); } @@ -920,8 +828,8 @@ ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class class) ldns_resolver_tsig_keydata(resolver), 300, ldns_resolver_tsig_algorithm(resolver), NULL); if (status != LDNS_STATUS_OK) { - /* to prevent problems on subsequent calls to - * ldns_axfr_start we have to close the socket here! */ + /* RoRi: to prevent problems on subsequent calls to ldns_axfr_start + we have to close the socket here! */ #ifndef USE_WINSOCK close(resolver->_socket); #else @@ -929,9 +837,6 @@ ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class class) #endif resolver->_socket = 0; - ldns_pkt_free(query); - LDNS_FREE(ns); - return LDNS_STATUS_CRYPTO_TSIG_ERR; } } @@ -959,8 +864,8 @@ ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class class) ldns_buffer_free(query_wire); LDNS_FREE(ns); - /* to prevent problems on subsequent calls to ldns_axfr_start - * we have to close the socket here! */ + /* RoRi: to prevent problems on subsequent calls to ldns_axfr_start + we have to close the socket here! */ #ifndef USE_WINSOCK close(resolver->_socket); #else @@ -977,8 +882,8 @@ ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class class) ldns_buffer_free(query_wire); LDNS_FREE(ns); - /* to prevent problems on subsequent calls to ldns_axfr_start - * we have to close the socket here! */ + /* RoRi: to prevent problems on subsequent calls to ldns_axfr_start + we have to close the socket here! */ #ifndef USE_WINSOCK close(resolver->_socket); diff --git a/usr.sbin/unbound/ldns/packaging/ldns-config.1 b/usr.sbin/unbound/ldns/packaging/ldns-config.1 index 72afc1898eb..c5a00a1eb38 100644 --- a/usr.sbin/unbound/ldns/packaging/ldns-config.1 +++ b/usr.sbin/unbound/ldns/packaging/ldns-config.1 @@ -24,11 +24,7 @@ Show the flags to be used to link with ldns .TP \fB--version\fR -Shows the ldns version of the installed ldns library - -.TP -\fB--libversion\fR -Shows version of the binary api of the installed ldns library +Shows the version of the installed ldns library .TP \fB--help\fR diff --git a/usr.sbin/unbound/ldns/packaging/ldns-config.in b/usr.sbin/unbound/ldns/packaging/ldns-config.in index d2cf4d43caf..b728ba544e1 100755..100644 --- a/usr.sbin/unbound/ldns/packaging/ldns-config.in +++ b/usr.sbin/unbound/ldns/packaging/ldns-config.in @@ -9,7 +9,6 @@ LDFLAGS="@LDFLAGS@ @LIBSSL_LDFLAGS@ @PYTHON_LDFLAGS@" LIBS="@LIBS@ @LIBSSL_LIBS@" LIBDIR="@libdir@" INCLUDEDIR="@includedir@" -LIBVERSION="@LIBLDNS_CURRENT@.@LIBLDNS_REVISION@.@LIBLDNS_AGE@" for arg in $@ do @@ -29,8 +28,4 @@ do then echo "${VERSION}" fi - if [ $arg = "--libversion" ] - then - echo "${LIBVERSION}" - fi done diff --git a/usr.sbin/unbound/ldns/packet.c b/usr.sbin/unbound/ldns/packet.c index 0ac64c52fc4..0ac5ca8ba31 100644 --- a/usr.sbin/unbound/ldns/packet.c +++ b/usr.sbin/unbound/ldns/packet.c @@ -255,6 +255,7 @@ ldns_pkt_rr_list_by_name(ldns_pkt *packet, ldns_pkt_section sec) { ldns_rr_list *rrs; + ldns_rr_list *new; ldns_rr_list *ret; uint16_t i; @@ -263,17 +264,16 @@ ldns_pkt_rr_list_by_name(ldns_pkt *packet, } rrs = ldns_pkt_get_section_clone(packet, sec); + new = ldns_rr_list_new(); ret = NULL; for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) { - if (ldns_dname_compare(ldns_rr_owner( + if (ldns_rdf_compare(ldns_rr_owner( ldns_rr_list_rr(rrs, i)), ownername) == 0) { /* owner names match */ - if (ret == NULL) { - ret = ldns_rr_list_new(); - } - ldns_rr_list_push_rr(ret, ldns_rr_list_rr(rrs, i)); + ldns_rr_list_push_rr(new, ldns_rr_list_rr(rrs, i)); + ret = new; } } return ret; @@ -337,7 +337,7 @@ ldns_pkt_rr_list_by_name_and_type(const ldns_pkt *packet, for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) { if (type == ldns_rr_get_type(ldns_rr_list_rr(rrs, i)) && - ldns_dname_compare(ldns_rr_owner(ldns_rr_list_rr(rrs, i)), + ldns_rdf_compare(ldns_rr_owner(ldns_rr_list_rr(rrs, i)), ownername ) == 0 ) { @@ -649,27 +649,19 @@ ldns_pkt_push_rr(ldns_pkt *packet, ldns_pkt_section section, ldns_rr *rr) { switch(section) { case LDNS_SECTION_QUESTION: - if (!ldns_rr_list_push_rr(ldns_pkt_question(packet), rr)) { - return false; - } + ldns_rr_list_push_rr(ldns_pkt_question(packet), rr); ldns_pkt_set_qdcount(packet, ldns_pkt_qdcount(packet) + 1); break; case LDNS_SECTION_ANSWER: - if (!ldns_rr_list_push_rr(ldns_pkt_answer(packet), rr)) { - return false; - } + ldns_rr_list_push_rr(ldns_pkt_answer(packet), rr); ldns_pkt_set_ancount(packet, ldns_pkt_ancount(packet) + 1); break; case LDNS_SECTION_AUTHORITY: - if (!ldns_rr_list_push_rr(ldns_pkt_authority(packet), rr)) { - return false; - } + ldns_rr_list_push_rr(ldns_pkt_authority(packet), rr); ldns_pkt_set_nscount(packet, ldns_pkt_nscount(packet) + 1); break; case LDNS_SECTION_ADDITIONAL: - if (!ldns_rr_list_push_rr(ldns_pkt_additional(packet), rr)) { - return false; - } + ldns_rr_list_push_rr(ldns_pkt_additional(packet), rr); ldns_pkt_set_arcount(packet, ldns_pkt_arcount(packet) + 1); break; case LDNS_SECTION_ANY: @@ -729,7 +721,7 @@ ldns_pkt_edns(const ldns_pkt *pkt) { /* Create/destroy/convert functions */ ldns_pkt * -ldns_pkt_new(void) +ldns_pkt_new() { ldns_pkt *packet; packet = LDNS_MALLOC(ldns_pkt); @@ -791,7 +783,6 @@ ldns_pkt_free(ldns_pkt *packet) ldns_rr_list_deep_free(packet->_additional); ldns_rr_free(packet->_tsig_rr); ldns_rdf_deep_free(packet->_edns_data); - ldns_rdf_deep_free(packet->_answerfrom); LDNS_FREE(packet); } } @@ -826,89 +817,9 @@ ldns_pkt_set_flags(ldns_pkt *packet, uint16_t flags) return true; } - -static ldns_rr* -ldns_pkt_authsoa(ldns_rdf* rr_name, ldns_rr_class rr_class) -{ - ldns_rr* soa_rr = ldns_rr_new(); - ldns_rdf *owner_rdf; - ldns_rdf *mname_rdf; - ldns_rdf *rname_rdf; - ldns_rdf *serial_rdf; - ldns_rdf *refresh_rdf; - ldns_rdf *retry_rdf; - ldns_rdf *expire_rdf; - ldns_rdf *minimum_rdf; - - if (!soa_rr) { - return NULL; - } - owner_rdf = ldns_rdf_clone(rr_name); - if (!owner_rdf) { - ldns_rr_free(soa_rr); - return NULL; - } - - ldns_rr_set_owner(soa_rr, owner_rdf); - ldns_rr_set_type(soa_rr, LDNS_RR_TYPE_SOA); - ldns_rr_set_class(soa_rr, rr_class); - ldns_rr_set_question(soa_rr, false); - - if (ldns_str2rdf_dname(&mname_rdf, ".") != LDNS_STATUS_OK) { - ldns_rr_free(soa_rr); - return NULL; - } else { - ldns_rr_push_rdf(soa_rr, mname_rdf); - } - if (ldns_str2rdf_dname(&rname_rdf, ".") != LDNS_STATUS_OK) { - ldns_rr_free(soa_rr); - return NULL; - } else { - ldns_rr_push_rdf(soa_rr, rname_rdf); - } - serial_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); - if (!serial_rdf) { - ldns_rr_free(soa_rr); - return NULL; - } else { - ldns_rr_push_rdf(soa_rr, serial_rdf); - } - refresh_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); - if (!refresh_rdf) { - ldns_rr_free(soa_rr); - return NULL; - } else { - ldns_rr_push_rdf(soa_rr, refresh_rdf); - } - retry_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); - if (!retry_rdf) { - ldns_rr_free(soa_rr); - return NULL; - } else { - ldns_rr_push_rdf(soa_rr, retry_rdf); - } - expire_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); - if (!expire_rdf) { - ldns_rr_free(soa_rr); - return NULL; - } else { - ldns_rr_push_rdf(soa_rr, expire_rdf); - } - minimum_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); - if (!minimum_rdf) { - ldns_rr_free(soa_rr); - return NULL; - } else { - ldns_rr_push_rdf(soa_rr, minimum_rdf); - } - return soa_rr; -} - - -static ldns_status -ldns_pkt_query_new_frm_str_internal(ldns_pkt **p, const char *name, - ldns_rr_type rr_type, ldns_rr_class rr_class, uint16_t flags, - ldns_rr* authsoa_rr) +ldns_status +ldns_pkt_query_new_frm_str(ldns_pkt **p, const char *name, ldns_rr_type rr_type, + ldns_rr_class rr_class, uint16_t flags) { ldns_pkt *packet; ldns_rr *question_rr; @@ -918,11 +829,11 @@ ldns_pkt_query_new_frm_str_internal(ldns_pkt **p, const char *name, if (!packet) { return LDNS_STATUS_MEM_ERR; } - + if (!ldns_pkt_set_flags(packet, flags)) { return LDNS_STATUS_ERR; } - + question_rr = ldns_rr_new(); if (!question_rr) { return LDNS_STATUS_MEM_ERR; @@ -940,56 +851,28 @@ ldns_pkt_query_new_frm_str_internal(ldns_pkt **p, const char *name, ldns_rr_set_type(question_rr, rr_type); ldns_rr_set_class(question_rr, rr_class); ldns_rr_set_question(question_rr, true); - + ldns_pkt_push_rr(packet, LDNS_SECTION_QUESTION, question_rr); } else { ldns_rr_free(question_rr); ldns_pkt_free(packet); return LDNS_STATUS_ERR; } - - if (authsoa_rr) { - ldns_pkt_push_rr(packet, LDNS_SECTION_AUTHORITY, authsoa_rr); - } - + packet->_tsig_rr = NULL; + ldns_pkt_set_answerfrom(packet, NULL); if (p) { *p = packet; return LDNS_STATUS_OK; } else { - ldns_pkt_free(packet); return LDNS_STATUS_NULL; } } -ldns_status -ldns_pkt_query_new_frm_str(ldns_pkt **p, const char *name, - ldns_rr_type rr_type, ldns_rr_class rr_class, uint16_t flags) -{ - return ldns_pkt_query_new_frm_str_internal(p, name, rr_type, - rr_class, flags, NULL); -} - -ldns_status -ldns_pkt_ixfr_request_new_frm_str(ldns_pkt **p, const char *name, - ldns_rr_class rr_class, uint16_t flags, ldns_rr *soa) -{ - ldns_rr* authsoa_rr = soa; - if (!authsoa_rr) { - ldns_rdf *name_rdf; - if (ldns_str2rdf_dname(&name_rdf, name) == LDNS_STATUS_OK) { - authsoa_rr = ldns_pkt_authsoa(name_rdf, rr_class); - } - ldns_rdf_free(name_rdf); - } - return ldns_pkt_query_new_frm_str_internal(p, name, LDNS_RR_TYPE_IXFR, - rr_class, flags, authsoa_rr); -} - -static ldns_pkt * -ldns_pkt_query_new_internal(ldns_rdf *rr_name, ldns_rr_type rr_type, - ldns_rr_class rr_class, uint16_t flags, ldns_rr* authsoa_rr) +ldns_pkt * +ldns_pkt_query_new(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_class, + uint16_t flags) { ldns_pkt *packet; ldns_rr *question_rr; @@ -1002,10 +885,9 @@ ldns_pkt_query_new_internal(ldns_rdf *rr_name, ldns_rr_type rr_type, if (!ldns_pkt_set_flags(packet, flags)) { return NULL; } - + question_rr = ldns_rr_new(); if (!question_rr) { - ldns_pkt_free(packet); return NULL; } @@ -1020,36 +902,14 @@ ldns_pkt_query_new_internal(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_set_type(question_rr, rr_type); ldns_rr_set_class(question_rr, rr_class); ldns_rr_set_question(question_rr, true); + + packet->_tsig_rr = NULL; + ldns_pkt_push_rr(packet, LDNS_SECTION_QUESTION, question_rr); - if (authsoa_rr) { - ldns_pkt_push_rr(packet, LDNS_SECTION_AUTHORITY, authsoa_rr); - } - - packet->_tsig_rr = NULL; return packet; } -ldns_pkt * -ldns_pkt_query_new(ldns_rdf *rr_name, ldns_rr_type rr_type, - ldns_rr_class rr_class, uint16_t flags) -{ - return ldns_pkt_query_new_internal(rr_name, rr_type, - rr_class, flags, NULL); -} - -ldns_pkt * -ldns_pkt_ixfr_request_new(ldns_rdf *rr_name, ldns_rr_class rr_class, - uint16_t flags, ldns_rr* soa) -{ - ldns_rr* authsoa_rr = soa; - if (!authsoa_rr) { - authsoa_rr = ldns_pkt_authsoa(rr_name, rr_class); - } - return ldns_pkt_query_new_internal(rr_name, LDNS_RR_TYPE_IXFR, - rr_class, flags, authsoa_rr); -} - ldns_pkt_type ldns_pkt_reply_type(ldns_pkt *p) { @@ -1120,9 +980,7 @@ ldns_pkt_clone(ldns_pkt *pkt) ldns_pkt_set_ancount(new_pkt, ldns_pkt_ancount(pkt)); ldns_pkt_set_nscount(new_pkt, ldns_pkt_nscount(pkt)); ldns_pkt_set_arcount(new_pkt, ldns_pkt_arcount(pkt)); - if (ldns_pkt_answerfrom(pkt)) - ldns_pkt_set_answerfrom(new_pkt, - ldns_rdf_clone(ldns_pkt_answerfrom(pkt))); + ldns_pkt_set_answerfrom(new_pkt, ldns_pkt_answerfrom(pkt)); ldns_pkt_set_querytime(new_pkt, ldns_pkt_querytime(pkt)); ldns_pkt_set_size(new_pkt, ldns_pkt_size(pkt)); ldns_pkt_set_tsig(new_pkt, ldns_rr_clone(ldns_pkt_tsig(pkt))); diff --git a/usr.sbin/unbound/ldns/rbtree.c b/usr.sbin/unbound/ldns/rbtree.c index 4fbc067eb70..217e61d2757 100644 --- a/usr.sbin/unbound/ldns/rbtree.c +++ b/usr.sbin/unbound/ldns/rbtree.c @@ -43,7 +43,6 @@ #include <ldns/config.h> #include <ldns/rbtree.h> -#include <ldns/util.h> #include <stdlib.h> /** Node colour black */ @@ -82,7 +81,7 @@ ldns_rbtree_create (int (*cmpf)(const void *, const void *)) ldns_rbtree_t *rbtree; /* Allocate memory for it */ - rbtree = (ldns_rbtree_t *) LDNS_MALLOC(ldns_rbtree_t); + rbtree = (ldns_rbtree_t *) malloc(sizeof(ldns_rbtree_t)); if (!rbtree) { return NULL; } @@ -105,7 +104,7 @@ ldns_rbtree_init(ldns_rbtree_t *rbtree, int (*cmpf)(const void *, const void *)) void ldns_rbtree_free(ldns_rbtree_t *rbtree) { - LDNS_FREE(rbtree); + free(rbtree); } /* diff --git a/usr.sbin/unbound/ldns/rdata.c b/usr.sbin/unbound/ldns/rdata.c index 6493543f0a2..8af16a13a1c 100644 --- a/usr.sbin/unbound/ldns/rdata.c +++ b/usr.sbin/unbound/ldns/rdata.c @@ -112,14 +112,14 @@ time_t ldns_rdf2native_time_t(const ldns_rdf *rd) { uint32_t data; - - /* only allow 32 bit rdfs */ - if (ldns_rdf_size(rd) != LDNS_RDF_SIZE_DOUBLEWORD || - ldns_rdf_get_type(rd) != LDNS_RDF_TYPE_TIME) { - return 0; + + switch(ldns_rdf_get_type(rd)) { + case LDNS_RDF_TYPE_TIME: + memcpy(&data, ldns_rdf_data(rd), sizeof(data)); + return (time_t)ntohl(data); + default: + return 0; } - memcpy(&data, ldns_rdf_data(rd), sizeof(data)); - return (time_t)ntohl(data); } ldns_rdf * @@ -309,8 +309,8 @@ ldns_rdf_new_frm_str(ldns_rdf_type type, const char *str) case LDNS_RDF_TYPE_PERIOD: status = ldns_str2rdf_period(&rdf, str); break; - case LDNS_RDF_TYPE_HIP: - status = ldns_str2rdf_hip(&rdf, str); + case LDNS_RDF_TYPE_TSIG: + status = ldns_str2rdf_tsig(&rdf, str); break; case LDNS_RDF_TYPE_SERVICE: status = ldns_str2rdf_service(&rdf, str); @@ -336,21 +336,6 @@ ldns_rdf_new_frm_str(ldns_rdf_type type, const char *str) case LDNS_RDF_TYPE_NSEC3_NEXT_OWNER: status = ldns_str2rdf_b32_ext(&rdf, str); break; - case LDNS_RDF_TYPE_ILNP64: - status = ldns_str2rdf_ilnp64(&rdf, str); - break; - case LDNS_RDF_TYPE_EUI48: - status = ldns_str2rdf_eui48(&rdf, str); - break; - case LDNS_RDF_TYPE_EUI64: - status = ldns_str2rdf_eui64(&rdf, str); - break; - case LDNS_RDF_TYPE_TAG: - status = ldns_str2rdf_tag(&rdf, str); - break; - case LDNS_RDF_TYPE_LONG_STR: - status = ldns_str2rdf_long_str(&rdf, str); - break; case LDNS_RDF_TYPE_NONE: default: /* default default ??? */ @@ -519,64 +504,6 @@ ldns_rdf_address_reverse(ldns_rdf *rd) } ldns_status -ldns_rdf_hip_get_alg_hit_pk(ldns_rdf *rdf, uint8_t* alg, - uint8_t *hit_size, uint8_t** hit, - uint16_t *pk_size, uint8_t** pk) -{ - uint8_t *data; - size_t rdf_size; - - if (! rdf || ! alg || ! hit || ! hit_size || ! pk || ! pk_size) { - return LDNS_STATUS_INVALID_POINTER; - } else if (ldns_rdf_get_type(rdf) != LDNS_RDF_TYPE_HIP) { - return LDNS_STATUS_INVALID_RDF_TYPE; - } else if ((rdf_size = ldns_rdf_size(rdf)) < 6) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } - data = ldns_rdf_data(rdf); - *hit_size = data[0]; - *alg = data[1]; - *pk_size = ldns_read_uint16(data + 2); - *hit = data + 4; - *pk = data + 4 + *hit_size; - if (*hit_size == 0 || *pk_size == 0 || - rdf_size < (size_t) *hit_size + *pk_size + 4) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } - return LDNS_STATUS_OK; -} - -ldns_status -ldns_rdf_hip_new_frm_alg_hit_pk(ldns_rdf** rdf, uint8_t alg, - uint8_t hit_size, uint8_t *hit, - uint16_t pk_size, uint8_t *pk) -{ - uint8_t *data; - - if (! rdf) { - return LDNS_STATUS_INVALID_POINTER; - } - if (4 + hit_size + pk_size > LDNS_MAX_RDFLEN) { - return LDNS_STATUS_RDATA_OVERFLOW; - } - data = LDNS_XMALLOC(uint8_t, 4 + hit_size + pk_size); - if (data == NULL) { - return LDNS_STATUS_MEM_ERR; - } - data[0] = hit_size; - data[1] = alg; - ldns_write_uint16(data + 2, pk_size); - memcpy(data + 4, hit, hit_size); - memcpy(data + 4 + hit_size, pk, pk_size); - *rdf = ldns_rdf_new(LDNS_RDF_TYPE_HIP, 4 + hit_size + pk_size, data); - if (! *rdf) { - LDNS_FREE(data); - return LDNS_STATUS_MEM_ERR; - } - return LDNS_STATUS_OK; -} - -ldns_status ldns_octet(char *word, size_t *length) { char *s; diff --git a/usr.sbin/unbound/ldns/resolver.c b/usr.sbin/unbound/ldns/resolver.c index 16efc90f1a3..732f2a8a776 100644 --- a/usr.sbin/unbound/ldns/resolver.c +++ b/usr.sbin/unbound/ldns/resolver.c @@ -26,12 +26,6 @@ ldns_resolver_port(const ldns_resolver *r) return r->_port; } -ldns_rdf * -ldns_resolver_source(const ldns_resolver *r) -{ - return r->_source; -} - uint16_t ldns_resolver_edns_udp_size(const ldns_resolver *r) { @@ -240,12 +234,6 @@ ldns_resolver_set_port(ldns_resolver *r, uint16_t p) r->_port = p; } -void -ldns_resolver_set_source(ldns_resolver *r, ldns_rdf *s) -{ - r->_source = s; -} - ldns_rdf * ldns_resolver_pop_nameserver(ldns_resolver *r) { @@ -265,20 +253,13 @@ ldns_resolver_pop_nameserver(ldns_resolver *r) pop = nameservers[ns_count - 1]; - if (ns_count == 1) { - LDNS_FREE(nameservers); - LDNS_FREE(rtt); - - ldns_resolver_set_nameservers(r, NULL); - ldns_resolver_set_rtt(r, NULL); - } else { - nameservers = LDNS_XREALLOC(nameservers, ldns_rdf *, - (ns_count - 1)); - rtt = LDNS_XREALLOC(rtt, size_t, (ns_count - 1)); + nameservers = LDNS_XREALLOC(nameservers, ldns_rdf *, (ns_count - 1)); + rtt = LDNS_XREALLOC(rtt, size_t, (ns_count - 1)); + if(nameservers) ldns_resolver_set_nameservers(r, nameservers); + if(rtt) ldns_resolver_set_rtt(r, rtt); - } /* decr the count */ ldns_resolver_dec_nameserver_count(r); return pop; @@ -404,9 +385,7 @@ ldns_resolver_push_dnssec_anchor(ldns_resolver *r, ldns_rr *rr) { ldns_rr_list * trust_anchors; - if ((!rr) || (ldns_rr_get_type(rr) != LDNS_RR_TYPE_DNSKEY && - ldns_rr_get_type(rr) != LDNS_RR_TYPE_DS)) { - + if ((!rr) || (ldns_rr_get_type(rr) != LDNS_RR_TYPE_DNSKEY)) { return LDNS_STATUS_ERR; } @@ -448,7 +427,7 @@ ldns_resolver_set_fail(ldns_resolver *r, bool f) r->_fail =f; } -static void +void ldns_resolver_set_searchlist_count(ldns_resolver *r, size_t c) { r->_searchlist_count = c; @@ -637,7 +616,6 @@ ldns_resolver_new(void) ldns_resolver_set_igntc(r, false); ldns_resolver_set_recursive(r, false); ldns_resolver_set_dnsrch(r, true); - ldns_resolver_set_source(r, NULL); /* randomize the nameserver to be queried * when there are multiple @@ -683,15 +661,8 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) ssize_t gtr, bgtr; ldns_buffer *b; int lnr = 0, oldline; - FILE* myfp = fp; if(!line_nr) line_nr = &lnr; - if(!fp) { - myfp = fopen("/etc/resolv.conf", "r"); - if(!myfp) - return LDNS_STATUS_FILE_ERR; - } - /* do this better * expect = * 0: keyword @@ -711,7 +682,6 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) r = ldns_resolver_new(); if (!r) { - if(!fp) fclose(myfp); return LDNS_STATUS_MEM_ERR; } @@ -727,9 +697,9 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) /* skip until end of line */ int c; do { - c = fgetc(myfp); + c = fgetc(fp); } while(c != EOF && c != '\n'); - if(c=='\n') (*line_nr)++; + if(c=='\n' && line_nr) (*line_nr)++; } /* and read next to prepare for further parsing */ oldline = *line_nr; @@ -739,7 +709,7 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) switch(expect) { case LDNS_RESOLV_KEYWORD: /* keyword */ - gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr); + gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_NORMAL, 0, line_nr); if (gtr != 0) { if(word[0] == '#') continue; for(i = 0; i < LDNS_RESOLV_KEYWORDS; i++) { @@ -756,7 +726,6 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) /* skip line */ /* ldns_resolver_deep_free(r); - if(!fp) fclose(myfp); return LDNS_STATUS_SYNTAX_KEYWORD_ERR; */ } @@ -764,9 +733,8 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) break; case LDNS_RESOLV_DEFDOMAIN: /* default domain dname */ - gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr); + gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_NORMAL, 0, line_nr); if (gtr == 0) { - if(!fp) fclose(myfp); return LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR; } if(word[0] == '#') { @@ -776,7 +744,6 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, word); if (!tmp) { ldns_resolver_deep_free(r); - if(!fp) fclose(myfp); return LDNS_STATUS_SYNTAX_DNAME_ERR; } @@ -786,9 +753,8 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) break; case LDNS_RESOLV_NAMESERVER: /* NS aaaa or a record */ - gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr); + gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_NORMAL, 0, line_nr); if (gtr == 0) { - if(!fp) fclose(myfp); return LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR; } if(word[0] == '#') { @@ -808,7 +774,6 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) /* could not parse it, exit */ if (!tmp) { ldns_resolver_deep_free(r); - if(!fp) fclose(myfp); return LDNS_STATUS_SYNTAX_ERR; } (void)ldns_resolver_push_nameserver(r, tmp); @@ -817,11 +782,10 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) break; case LDNS_RESOLV_SEARCH: /* search list domain dname */ - gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr); + gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr); b = LDNS_MALLOC(ldns_buffer); if(!b) { ldns_resolver_deep_free(r); - if(!fp) fclose(myfp); return LDNS_STATUS_MEM_ERR; } @@ -829,7 +793,6 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) if(ldns_buffer_status(b) != LDNS_STATUS_OK) { LDNS_FREE(b); ldns_resolver_deep_free(r); - if(!fp) fclose(myfp); return LDNS_STATUS_MEM_ERR; } bgtr = ldns_bget_token(b, word, LDNS_PARSE_NORMAL, (size_t) gtr + 1); @@ -837,13 +800,13 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) gtr -= bgtr; if(word[0] == '#') { expect = LDNS_RESOLV_KEYWORD; - break; + ldns_buffer_free(b); + continue; } tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, word); if (!tmp) { ldns_resolver_deep_free(r); ldns_buffer_free(b); - if(!fp) fclose(myfp); return LDNS_STATUS_SYNTAX_DNAME_ERR; } @@ -854,27 +817,24 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) (size_t) gtr + 1); } ldns_buffer_free(b); - if (expect != LDNS_RESOLV_KEYWORD) { - gtr = 1; - expect = LDNS_RESOLV_KEYWORD; - } + gtr = 1; + expect = LDNS_RESOLV_KEYWORD; break; case LDNS_RESOLV_SORTLIST: - gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr); + gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr); /* sortlist not implemented atm */ expect = LDNS_RESOLV_KEYWORD; break; case LDNS_RESOLV_OPTIONS: - gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr); + gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr); /* options not implemented atm */ expect = LDNS_RESOLV_KEYWORD; break; case LDNS_RESOLV_ANCHOR: /* a file containing a DNSSEC trust anchor */ - gtr = ldns_fget_token_l(myfp, word, LDNS_PARSE_NORMAL, 0, line_nr); + gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_NORMAL, 0, line_nr); if (gtr == 0) { ldns_resolver_deep_free(r); - if(!fp) fclose(myfp); return LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR; } if(word[0] == '#') { @@ -892,9 +852,6 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) } } - if(!fp) - fclose(myfp); - if (res) { *res = r; return LDNS_STATUS_OK; @@ -928,7 +885,6 @@ ldns_resolver_new_frm_file(ldns_resolver **res, const char *filename) *res = r; return LDNS_STATUS_OK; } else { - ldns_resolver_free(r); return LDNS_STATUS_NULL; } } @@ -986,82 +942,92 @@ ldns_resolver_deep_free(ldns_resolver *res) } } -ldns_status -ldns_resolver_search_status(ldns_pkt** pkt, - ldns_resolver *r, const ldns_rdf *name, - ldns_rr_type t, ldns_rr_class c, uint16_t flags) +ldns_pkt * +ldns_resolver_search(const ldns_resolver *r,const ldns_rdf *name, + ldns_rr_type t, ldns_rr_class c, uint16_t flags) { + + char *str_dname; ldns_rdf *new_name; ldns_rdf **search_list; size_t i; - ldns_status s = LDNS_STATUS_OK; + ldns_pkt *p; + + str_dname = ldns_rdf2str(name); - if (ldns_dname_absolute(name)) { + if (ldns_dname_str_absolute(str_dname)) { /* query as-is */ - return ldns_resolver_query_status(pkt, r, name, t, c, flags); + return ldns_resolver_query(r, name, t, c, flags); } else if (ldns_resolver_dnsrch(r)) { search_list = ldns_resolver_searchlist(r); for (i = 0; i < ldns_resolver_searchlist_count(r); i++) { new_name = ldns_dname_cat_clone(name, search_list[i]); - s = ldns_resolver_query_status(pkt, r, - new_name, t, c, flags); + p = ldns_resolver_query(r, new_name, t, c, flags); ldns_rdf_free(new_name); - if (pkt) { - if (s == LDNS_STATUS_OK && *pkt && - ldns_pkt_get_rcode(*pkt) == - LDNS_RCODE_NOERROR) { - return LDNS_STATUS_OK; + if (p) { + if (ldns_pkt_get_rcode(p) == LDNS_RCODE_NOERROR) { + return p; + } else { + ldns_pkt_free(p); + p = NULL; } - ldns_pkt_free(*pkt); } } } - return s; + return NULL; } ldns_pkt * -ldns_resolver_search(const ldns_resolver *r,const ldns_rdf *name, +ldns_resolver_query(const ldns_resolver *r, const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t flags) { - ldns_pkt* pkt = NULL; - if (ldns_resolver_search_status(&pkt, (ldns_resolver *)r, - name, t, c, flags) != LDNS_STATUS_OK) { - ldns_pkt_free(pkt); - } - return pkt; -} - -ldns_status -ldns_resolver_query_status(ldns_pkt** pkt, - ldns_resolver *r, const ldns_rdf *name, - ldns_rr_type t, ldns_rr_class c, uint16_t flags) -{ ldns_rdf *newname; + ldns_pkt *pkt; ldns_status status; - if (!ldns_resolver_defnames(r) || !ldns_resolver_domain(r)) { - return ldns_resolver_send(pkt, r, name, t, c, flags); + pkt = NULL; + + if (!ldns_resolver_defnames(r)) { + status = ldns_resolver_send(&pkt, (ldns_resolver *)r, name, + t, c, flags); + if (status == LDNS_STATUS_OK) { + return pkt; + } else { + if (pkt) { + ldns_pkt_free(pkt); + } + return NULL; + } + } + + if (!ldns_resolver_domain(r)) { + /* _defnames is set, but the domain is not....?? */ + status = ldns_resolver_send(&pkt, (ldns_resolver *)r, name, + t, c, flags); + if (status == LDNS_STATUS_OK) { + return pkt; + } else { + if (pkt) { + ldns_pkt_free(pkt); + } + return NULL; + } } - newname = ldns_dname_cat_clone(name, ldns_resolver_domain(r)); + newname = ldns_dname_cat_clone((const ldns_rdf*)name, ldns_resolver_domain(r)); if (!newname) { - return LDNS_STATUS_MEM_ERR; + if (pkt) { + ldns_pkt_free(pkt); + } + return NULL; } - status = ldns_resolver_send(pkt, r, newname, t, c, flags); + + (void)ldns_resolver_send(&pkt, (ldns_resolver *)r, newname, t, c, + flags); + ldns_rdf_free(newname); - return status; -} -ldns_pkt * -ldns_resolver_query(const ldns_resolver *r, const ldns_rdf *name, - ldns_rr_type t, ldns_rr_class c, uint16_t flags) -{ - ldns_pkt* pkt = NULL; - if (ldns_resolver_query_status(&pkt, (ldns_resolver *)r, - name, t, c, flags) != LDNS_STATUS_OK) { - ldns_pkt_free(pkt); - } return pkt; } @@ -1158,12 +1124,7 @@ ldns_resolver_prepare_query_pkt(ldns_pkt **query_pkt, ldns_resolver *r, /* prepare a question pkt from the parameters * and then send this */ - if (t == LDNS_RR_TYPE_IXFR) { - *query_pkt = ldns_pkt_ixfr_request_new(ldns_rdf_clone(name), - c, flags, NULL); - } else { - *query_pkt = ldns_pkt_query_new(ldns_rdf_clone(name), t, c, flags); - } + *query_pkt = ldns_pkt_query_new(ldns_rdf_clone(name), t, c, flags); if (!*query_pkt) { return LDNS_STATUS_ERR; } @@ -1240,7 +1201,7 @@ ldns_resolver_send(ldns_pkt **answer, ldns_resolver *r, const ldns_rdf *name, /* if tsig values are set, tsign it */ /* TODO: make last 3 arguments optional too? maybe make complete - rr instead of separate values in resolver (and packet) + rr instead of seperate values in resolver (and packet) Jelte should this go in pkt_prepare? */ @@ -1251,11 +1212,9 @@ ldns_resolver_send(ldns_pkt **answer, ldns_resolver *r, const ldns_rdf *name, ldns_resolver_tsig_keydata(r), 300, ldns_resolver_tsig_algorithm(r), NULL); if (status != LDNS_STATUS_OK) { - ldns_pkt_free(query_pkt); return LDNS_STATUS_CRYPTO_TSIG_ERR; } #else - ldns_pkt_free(query_pkt); return LDNS_STATUS_CRYPTO_TSIG_ERR; #endif /* HAVE_SSL */ } @@ -1315,16 +1274,14 @@ ldns_axfr_next(ldns_resolver *resolver) status = ldns_wire2pkt(&resolver->_cur_axfr_pkt, packet_wire, packet_wire_size); - LDNS_FREE(packet_wire); + free(packet_wire); resolver->_axfr_i = 0; if (status != LDNS_STATUS_OK) { /* TODO: make status return type of this function (...api change) */ -#ifdef STDERR_MSGS fprintf(stderr, "Error parsing rr during AXFR: %s\n", ldns_get_errorstr_by_id(status)); -#endif - /* we must now also close the socket, otherwise subsequent uses of the + /* RoRi: we must now also close the socket, otherwise subsequent uses of the same resolver structure will fail because the link is still open or in an undefined state */ #ifndef USE_WINSOCK @@ -1337,18 +1294,9 @@ ldns_axfr_next(ldns_resolver *resolver) return NULL; } else if (ldns_pkt_get_rcode(resolver->_cur_axfr_pkt) != 0) { rcode = ldns_lookup_by_id(ldns_rcodes, (int) ldns_pkt_get_rcode(resolver->_cur_axfr_pkt)); -#ifdef STDERR_MSGS - if (rcode) { - fprintf(stderr, "Error in AXFR: %s\n", - rcode->name); - } else { - fprintf(stderr, "Error in AXFR: %d\n", - (int) ldns_pkt_get_rcode( - resolver->_cur_axfr_pkt)); - } -#endif + fprintf(stderr, "Error in AXFR: %s\n", rcode->name); - /* we must now also close the socket, otherwise subsequent uses of the + /* RoRi: we must now also close the socket, otherwise subsequent uses of the same resolver structure will fail because the link is still open or in an undefined state */ #ifndef USE_WINSOCK @@ -1367,26 +1315,6 @@ ldns_axfr_next(ldns_resolver *resolver) } -/* this function is needed to abort a transfer that is in progress; - * without it an aborted transfer will lead to the AXFR code in the - * library staying in an indetermined state because the socket for the - * AXFR is never closed - */ -void -ldns_axfr_abort(ldns_resolver *resolver) -{ - /* Only abort if an actual AXFR is in progress */ - if (resolver->_socket != 0) - { -#ifndef USE_WINSOCK - close(resolver->_socket); -#else - closesocket(resolver->_socket); -#endif - resolver->_socket = 0; - } -} - bool ldns_axfr_complete(const ldns_resolver *res) { @@ -1405,22 +1333,17 @@ void ldns_resolver_nameservers_randomize(ldns_resolver *r) { uint16_t i, j; - ldns_rdf **ns, *tmpns; - size_t *rtt, tmprtt; + ldns_rdf **ns, *tmp; /* should I check for ldns_resolver_random?? */ assert(r != NULL); ns = ldns_resolver_nameservers(r); - rtt = ldns_resolver_rtt(r); for (i = 0; i < ldns_resolver_nameserver_count(r); i++) { j = ldns_get_random() % ldns_resolver_nameserver_count(r); - tmpns = ns[i]; + tmp = ns[i]; ns[i] = ns[j]; - ns[j] = tmpns; - tmprtt = rtt[i]; - rtt[i] = rtt[j]; - rtt[j] = tmprtt; + ns[j] = tmp; } ldns_resolver_set_nameservers(r, ns); } diff --git a/usr.sbin/unbound/ldns/rr.c b/usr.sbin/unbound/ldns/rr.c index cfee170eb2b..b61e119309b 100644 --- a/usr.sbin/unbound/ldns/rr.c +++ b/usr.sbin/unbound/ldns/rr.c @@ -87,14 +87,6 @@ ldns_rr_free(ldns_rr *rr) } } -/* Syntactic sugar for ldns_rr_new_frm_str_internal */ -INLINE bool -ldns_rdf_type_maybe_quoted(ldns_rdf_type rdf_type) -{ - return rdf_type == LDNS_RDF_TYPE_STR || - rdf_type == LDNS_RDF_TYPE_LONG_STR; -} - /* * trailing spaces are allowed * leading spaces are not allowed @@ -127,7 +119,7 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str, char *type = NULL; char *rdata = NULL; char *rd = NULL; - char *xtok = NULL; /* For RDF types with spaces (i.e. extra tokens) */ + char *b64 = NULL; size_t rd_strlen; const char *delimiters; ssize_t c; @@ -146,12 +138,6 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str, uint16_t r_max; size_t pre_data_pos; - uint16_t hex_data_size; - char *hex_data_str = NULL; - uint16_t cur_hex_data_size; - size_t hex_pos = 0; - uint8_t *hex_data = NULL; - new = ldns_rr_new(); owner = LDNS_XMALLOC(char, LDNS_MAX_DOMAINLEN + 1); @@ -161,32 +147,26 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str, rr_buf = LDNS_MALLOC(ldns_buffer); rd_buf = LDNS_MALLOC(ldns_buffer); rd = LDNS_XMALLOC(char, LDNS_MAX_RDFLEN); - xtok = LDNS_XMALLOC(char, LDNS_MAX_RDFLEN); - if (rr_buf) { - rr_buf->_data = NULL; - } - if (rd_buf) { - rd_buf->_data = NULL; - } - if (!new || !owner || !ttl || !clas || !rdata || - !rr_buf || !rd_buf || !rd || !xtok) { - - goto memerror; + b64 = LDNS_XMALLOC(char, LDNS_MAX_RDFLEN); + if (!new || !owner || !ttl || !clas || !rdata || !rr_buf || !rd_buf || !rd || !b64 ) { + status = LDNS_STATUS_MEM_ERR; + LDNS_FREE(rr_buf); + goto ldnserror; } ldns_buffer_new_frm_data(rr_buf, (char*)str, strlen(str)); /* split the rr in its parts -1 signals trouble */ - if (ldns_bget_token(rr_buf, owner, "\t\n ", LDNS_MAX_DOMAINLEN) == -1){ - + if (ldns_bget_token(rr_buf, owner, "\t\n ", LDNS_MAX_DOMAINLEN) == -1) { status = LDNS_STATUS_SYNTAX_ERR; - goto error; + ldns_buffer_free(rr_buf); + goto ldnserror; } if (ldns_bget_token(rr_buf, ttl, "\t\n ", LDNS_TTL_DATALEN) == -1) { - status = LDNS_STATUS_SYNTAX_TTL_ERR; - goto error; + ldns_buffer_free(rr_buf); + goto ldnserror; } ttl_val = (uint32_t) ldns_str2period(ttl, &endptr); @@ -209,17 +189,18 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str, if (clas_val == 0) { clas_val = LDNS_RR_CLASS_IN; type = LDNS_XMALLOC(char, strlen(ttl) + 1); - if (!type) { - goto memerror; + if(!type) { + status = LDNS_STATUS_MEM_ERR; + ldns_buffer_free(rr_buf); + goto ldnserror; } strncpy(type, ttl, strlen(ttl) + 1); } } else { - if (-1 == ldns_bget_token( - rr_buf, clas, "\t\n ", LDNS_SYNTAX_DATALEN)) { - + if (ldns_bget_token(rr_buf, clas, "\t\n ", LDNS_SYNTAX_DATALEN) == -1) { status = LDNS_STATUS_SYNTAX_CLASS_ERR; - goto error; + ldns_buffer_free(rr_buf); + goto ldnserror; } clas_val = ldns_get_rr_class_by_name(clas); /* class can be left out too, assume IN, current @@ -228,8 +209,10 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str, if (clas_val == 0) { clas_val = LDNS_RR_CLASS_IN; type = LDNS_XMALLOC(char, strlen(clas) + 1); - if (!type) { - goto memerror; + if(!type) { + status = LDNS_STATUS_MEM_ERR; + ldns_buffer_free(rr_buf); + goto ldnserror; } strncpy(type, clas, strlen(clas) + 1); } @@ -238,22 +221,24 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str, if (!type) { type = LDNS_XMALLOC(char, LDNS_SYNTAX_DATALEN); - if (!type) { - goto memerror; + if(!type) { + status = LDNS_STATUS_MEM_ERR; + ldns_buffer_free(rr_buf); + goto ldnserror; } - if (-1 == ldns_bget_token( - rr_buf, type, "\t\n ", LDNS_SYNTAX_DATALEN)) { - + if (ldns_bget_token(rr_buf, type, "\t\n ", LDNS_SYNTAX_DATALEN) == -1) { status = LDNS_STATUS_SYNTAX_TYPE_ERR; - goto error; + ldns_buffer_free(rr_buf); + goto ldnserror; } } if (ldns_bget_token(rr_buf, rdata, "\0", LDNS_MAX_PACKETLEN) == -1) { /* apparently we are done, and it's only a question RR * so do not set status and go to ldnserror here - */ + */ } + ldns_buffer_new_frm_data(rd_buf, rdata, strlen(rdata)); if (strlen(owner) <= 1 && strncmp(owner, "@", 1) == 0) { @@ -271,7 +256,9 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str, ldns_rdf_deep_free(*prev); *prev = ldns_rdf_clone(ldns_rr_owner(new)); if (!*prev) { - goto memerror; + status = LDNS_STATUS_MEM_ERR; + ldns_buffer_free(rr_buf); + goto ldnserror; } } } else { @@ -283,49 +270,57 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str, } else if (origin) { ldns_rr_set_owner(new, ldns_rdf_clone(origin)); } else { - ldns_rr_set_owner(new, - ldns_dname_new_frm_str(".")); + ldns_rr_set_owner(new, ldns_dname_new_frm_str(".")); } if(!ldns_rr_owner(new)) { - goto memerror; + status = LDNS_STATUS_MEM_ERR; + ldns_buffer_free(rr_buf); + goto ldnserror; } } else { owner_dname = ldns_dname_new_frm_str(owner); if (!owner_dname) { status = LDNS_STATUS_SYNTAX_ERR; - goto error; + ldns_buffer_free(rr_buf); + goto ldnserror; } ldns_rr_set_owner(new, owner_dname); if (!ldns_dname_str_absolute(owner) && origin) { - if(ldns_dname_cat(ldns_rr_owner(new), origin) - != LDNS_STATUS_OK) { - + if(ldns_dname_cat(ldns_rr_owner(new), + origin) != LDNS_STATUS_OK) { status = LDNS_STATUS_SYNTAX_ERR; - goto error; + ldns_buffer_free(rr_buf); + goto ldnserror; } } if (prev) { ldns_rdf_deep_free(*prev); *prev = ldns_rdf_clone(ldns_rr_owner(new)); - if (!*prev) { - goto error; + if(!*prev) { + status = LDNS_STATUS_MEM_ERR; + ldns_buffer_free(rr_buf); + goto ldnserror; } } } } LDNS_FREE(owner); + owner = NULL; ldns_rr_set_question(new, question); ldns_rr_set_ttl(new, ttl_val); LDNS_FREE(ttl); + ttl = NULL; ldns_rr_set_class(new, clas_val); LDNS_FREE(clas); + clas = NULL; rr_type = ldns_get_rr_type_by_name(type); LDNS_FREE(type); + type = NULL; desc = ldns_rr_descript((uint16_t)rr_type); ldns_rr_set_type(new, rr_type); @@ -338,311 +333,287 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str, r_max = 1; } - for (done = false, r_cnt = 0; !done && r_cnt < r_max; r_cnt++) { - quoted = false; - - switch (ldns_rr_descriptor_field_type(desc, r_cnt)) { - case LDNS_RDF_TYPE_B64 : - case LDNS_RDF_TYPE_HEX : /* These rdf types may con- */ - case LDNS_RDF_TYPE_LOC : /* tain whitespace, only if */ - case LDNS_RDF_TYPE_WKS : /* it is the last rd field. */ - case LDNS_RDF_TYPE_IPSECKEY : - case LDNS_RDF_TYPE_NSEC : if (r_cnt == r_max - 1) { - delimiters = "\n\t"; - break; - } - default : delimiters = "\n\t "; - } - - if (ldns_rdf_type_maybe_quoted( - ldns_rr_descriptor_field_type( - desc, r_cnt)) && - ldns_buffer_remaining(rd_buf) > 0){ - - /* skip spaces */ - while (*(ldns_buffer_current(rd_buf)) == ' ') { - ldns_buffer_skip(rd_buf, 1); - } - - if (*(ldns_buffer_current(rd_buf)) == '\"') { - delimiters = "\"\0"; - ldns_buffer_skip(rd_buf, 1); - quoted = true; - } - } - - /* because number of fields can be variable, we can't rely on - * _maximum() only - */ - - /* skip spaces */ - while (ldns_buffer_position(rd_buf) < ldns_buffer_limit(rd_buf) - && *(ldns_buffer_current(rd_buf)) == ' ' - && !quoted) { - - ldns_buffer_skip(rd_buf, 1); - } + /* depending on the rr_type we need to extract + * the rdata differently, e.g. NSEC/NSEC3 */ + switch(rr_type) { + default: + done = false; + + for (r_cnt = 0; !done && r_cnt < r_max; r_cnt++) { + quoted = false; + /* if type = B64, the field may contain spaces */ + if (ldns_rr_descriptor_field_type(desc, + r_cnt) == LDNS_RDF_TYPE_B64 || + ldns_rr_descriptor_field_type(desc, + r_cnt) == LDNS_RDF_TYPE_HEX || + ldns_rr_descriptor_field_type(desc, + r_cnt) == LDNS_RDF_TYPE_LOC || + ldns_rr_descriptor_field_type(desc, + r_cnt) == LDNS_RDF_TYPE_WKS || + ldns_rr_descriptor_field_type(desc, + r_cnt) == LDNS_RDF_TYPE_IPSECKEY || + ldns_rr_descriptor_field_type(desc, + r_cnt) == LDNS_RDF_TYPE_NSEC) { + delimiters = "\n\t"; + } else { + delimiters = "\n\t "; + } - pre_data_pos = ldns_buffer_position(rd_buf); - if (-1 == (c = ldns_bget_token( - rd_buf, rd, delimiters, LDNS_MAX_RDFLEN))) { + if (ldns_rr_descriptor_field_type(desc, + r_cnt) == LDNS_RDF_TYPE_STR && + ldns_buffer_remaining(rd_buf) > 0) { + /* skip spaces */ + while (*(ldns_buffer_current(rd_buf)) == ' ') { + ldns_buffer_skip(rd_buf, 1); + } - done = true; - break; - } - /* hmmz, rfc3597 specifies that any type can be represented - * with \# method, which can contain spaces... - * it does specify size though... - */ - rd_strlen = strlen(rd); - - /* unknown RR data */ - if (strncmp(rd, "\\#", 2) == 0 && !quoted && - (rd_strlen == 2 || rd[2]==' ')) { - - was_unknown_rr_format = 1; - /* go back to before \# - * and skip it while setting delimiters better - */ - ldns_buffer_set_position(rd_buf, pre_data_pos); - delimiters = "\n\t "; - (void)ldns_bget_token(rd_buf, rd, - delimiters, LDNS_MAX_RDFLEN); - /* read rdata octet length */ - c = ldns_bget_token(rd_buf, rd, - delimiters, LDNS_MAX_RDFLEN); - if (c == -1) { - /* something goes very wrong here */ - status = LDNS_STATUS_SYNTAX_RDATA_ERR; - goto error; - } - hex_data_size = (uint16_t) atoi(rd); - /* copy hex chars into hex str (2 chars per byte) */ - hex_data_str = LDNS_XMALLOC(char, 2*hex_data_size + 1); - if (!hex_data_str) { - /* malloc error */ - goto memerror; - } - cur_hex_data_size = 0; - while(cur_hex_data_size < 2 * hex_data_size) { - c = ldns_bget_token(rd_buf, rd, - delimiters, LDNS_MAX_RDFLEN); - if (c != -1) { - rd_strlen = strlen(rd); + if (*(ldns_buffer_current(rd_buf)) == '\"') { + delimiters = "\"\0"; + ldns_buffer_skip(rd_buf, 1); + quoted = true; + } } - if (c == -1 || - (size_t)cur_hex_data_size + rd_strlen > - 2 * (size_t)hex_data_size) { - status = LDNS_STATUS_SYNTAX_RDATA_ERR; - goto error; + /* because number of fields can be variable, we can't + rely on _maximum() only */ + /* skip spaces */ + while (ldns_buffer_position(rd_buf) < ldns_buffer_limit(rd_buf) && + *(ldns_buffer_current(rd_buf)) == ' ' && !quoted + ) { + ldns_buffer_skip(rd_buf, 1); } - strncpy(hex_data_str + cur_hex_data_size, rd, - rd_strlen); - - cur_hex_data_size += rd_strlen; - } - hex_data_str[cur_hex_data_size] = '\0'; - /* correct the rdf type */ - /* if *we* know the type, interpret it as wireformat */ - if (desc) { - hex_pos = 0; - hex_data = - LDNS_XMALLOC(uint8_t, hex_data_size+2); - - if (!hex_data) { - goto memerror; - } - ldns_write_uint16(hex_data, hex_data_size); - ldns_hexstring_to_data( - hex_data + 2, hex_data_str); - status = ldns_wire2rdf(new, hex_data, - hex_data_size + 2, &hex_pos); - if (status != LDNS_STATUS_OK) { - goto error; - } - LDNS_FREE(hex_data); - } else { - r = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_HEX, - hex_data_str); - if (!r) { - goto memerror; - } - ldns_rdf_set_type(r, LDNS_RDF_TYPE_UNKNOWN); - if (!ldns_rr_push_rdf(new, r)) { - goto memerror; - } - } - LDNS_FREE(hex_data_str); + pre_data_pos = ldns_buffer_position(rd_buf); + if ((c = ldns_bget_token(rd_buf, rd, delimiters, + LDNS_MAX_RDFLEN)) != -1) { + /* hmmz, rfc3597 specifies that any type can be represented with + * \# method, which can contain spaces... + * it does specify size though... + */ + rd_strlen = strlen(rd); - } else { - /* Normal RR */ - switch(ldns_rr_descriptor_field_type(desc, r_cnt)) { - - case LDNS_RDF_TYPE_HEX: - case LDNS_RDF_TYPE_B64: - /* When this is the last rdata field, then the - * rest should be read in (cause then these - * rdf types may contain spaces). - */ - if (r_cnt == r_max - 1) { - c = ldns_bget_token(rd_buf, xtok, - "\n", LDNS_MAX_RDFLEN); - if (c != -1) { - (void) strncat(rd, xtok, - LDNS_MAX_RDFLEN - - strlen(rd) - 1); + /* unknown RR data */ + if (strncmp(rd, "\\#", 2) == 0 && !quoted && (rd_strlen == 2 || rd[2]==' ')) { + uint16_t hex_data_size; + char *hex_data_str; + uint16_t cur_hex_data_size; + + was_unknown_rr_format = 1; + /* go back to before \# and skip it while setting delimiters better */ + ldns_buffer_set_position(rd_buf, pre_data_pos); + delimiters = "\n\t "; + (void)ldns_bget_token(rd_buf, rd, delimiters, LDNS_MAX_RDFLEN); + /* read rdata octet length */ + c = ldns_bget_token(rd_buf, rd, delimiters, LDNS_MAX_RDFLEN); + if (c == -1) { + /* something goes very wrong here */ + LDNS_FREE(rd); + LDNS_FREE(b64); + ldns_buffer_free(rd_buf); + ldns_buffer_free(rr_buf); + LDNS_FREE(rdata); + ldns_rr_free(new); + return LDNS_STATUS_SYNTAX_RDATA_ERR; + } + hex_data_size = (uint16_t) atoi(rd); + /* copy the hex chars into hex str (which is 2 chars per byte) */ + hex_data_str = LDNS_XMALLOC(char, 2 * hex_data_size + 1); + if (!hex_data_str) { + /* malloc error */ + LDNS_FREE(rd); + LDNS_FREE(b64); + ldns_buffer_free(rd_buf); + ldns_buffer_free(rr_buf); + LDNS_FREE(rdata); + ldns_rr_free(new); + return LDNS_STATUS_SYNTAX_RDATA_ERR; + } + cur_hex_data_size = 0; + while(cur_hex_data_size < 2 * hex_data_size) { + c = ldns_bget_token(rd_buf, rd, delimiters, LDNS_MAX_RDFLEN); + if (c != -1) { + rd_strlen = strlen(rd); + } + if (c == -1 || (size_t)cur_hex_data_size + rd_strlen > 2 * (size_t)hex_data_size) { + LDNS_FREE(hex_data_str); + LDNS_FREE(rd); + LDNS_FREE(b64); + ldns_buffer_free(rd_buf); + ldns_buffer_free(rr_buf); + LDNS_FREE(rdata); + ldns_rr_free(new); + return LDNS_STATUS_SYNTAX_RDATA_ERR; + } + strncpy(hex_data_str + cur_hex_data_size, rd, rd_strlen); + cur_hex_data_size += rd_strlen; + } + hex_data_str[cur_hex_data_size] = '\0'; + + /* correct the rdf type */ + /* if *we* know the type, interpret it as wireformat */ + if (desc) { + size_t hex_pos = 0; + uint8_t *hex_data = LDNS_XMALLOC(uint8_t, hex_data_size + 2); + ldns_status s; + if(!hex_data) { + LDNS_FREE(hex_data_str); + LDNS_FREE(rd); + LDNS_FREE(b64); + ldns_buffer_free(rd_buf); + ldns_buffer_free(rr_buf); + LDNS_FREE(rdata); + ldns_rr_free(new); + return LDNS_STATUS_MEM_ERR; + } + ldns_write_uint16(hex_data, hex_data_size); + ldns_hexstring_to_data(hex_data + 2, hex_data_str); + s = ldns_wire2rdf(new, hex_data, + hex_data_size+2, &hex_pos); + if(s != LDNS_STATUS_OK) { + LDNS_FREE(hex_data_str); + LDNS_FREE(rd); + LDNS_FREE(b64); + ldns_buffer_free(rd_buf); + ldns_buffer_free(rr_buf); + LDNS_FREE(rdata); + ldns_rr_free(new); + return s; + } + LDNS_FREE(hex_data); + } else { + r = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_HEX, hex_data_str); + if(!r) { + LDNS_FREE(hex_data_str); + LDNS_FREE(rd); + LDNS_FREE(b64); + ldns_buffer_free(rd_buf); + ldns_buffer_free(rr_buf); + LDNS_FREE(rdata); + ldns_rr_free(new); + return LDNS_STATUS_MEM_ERR; + } + ldns_rdf_set_type(r, LDNS_RDF_TYPE_UNKNOWN); + if(!ldns_rr_push_rdf(new, r)) { + LDNS_FREE(hex_data_str); + LDNS_FREE(rd); + LDNS_FREE(b64); + ldns_buffer_free(rd_buf); + ldns_buffer_free(rr_buf); + LDNS_FREE(rdata); + ldns_rr_free(new); + return LDNS_STATUS_MEM_ERR; + } + } + LDNS_FREE(hex_data_str); + } else { + /* Normal RR */ + switch(ldns_rr_descriptor_field_type(desc, r_cnt)) { + case LDNS_RDF_TYPE_HEX: + case LDNS_RDF_TYPE_B64: + /* can have spaces, and will always be the last + * record of the rrdata. Read in the rest */ + if ((c = ldns_bget_token(rd_buf, + b64, + "\n", + LDNS_MAX_RDFLEN)) + != -1) { + rd = strncat(rd, + b64, + LDNS_MAX_RDFLEN + - strlen(rd) - 1); + } + r = ldns_rdf_new_frm_str( + ldns_rr_descriptor_field_type(desc, r_cnt), + rd); + break; + case LDNS_RDF_TYPE_DNAME: + r = ldns_rdf_new_frm_str( + ldns_rr_descriptor_field_type(desc, r_cnt), + rd); + + /* check if the origin should be used or concatenated */ + if (r && ldns_rdf_size(r) > 1 && ldns_rdf_data(r)[0] == 1 + && ldns_rdf_data(r)[1] == '@') { + ldns_rdf_deep_free(r); + if (origin) { + r = ldns_rdf_clone(origin); + } else { + /* if this is the SOA, use its own owner name */ + if (rr_type == LDNS_RR_TYPE_SOA) { + r = ldns_rdf_clone(ldns_rr_owner(new)); + } else { + r = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, "."); + } + } + } else if (r && rd_strlen >= 1 && !ldns_dname_str_absolute(rd) && origin) { + if (ldns_dname_cat(r, origin) != LDNS_STATUS_OK) { + LDNS_FREE(rd); + LDNS_FREE(b64); + ldns_buffer_free(rd_buf); + ldns_buffer_free(rr_buf); + LDNS_FREE(rdata); + ldns_rr_free(new); + return LDNS_STATUS_ERR; + } + } + break; + default: + r = ldns_rdf_new_frm_str( + ldns_rr_descriptor_field_type(desc, r_cnt), + rd); + break; + } + if (r) { + ldns_rr_push_rdf(new, r); + } else { + LDNS_FREE(rd); + LDNS_FREE(b64); + ldns_buffer_free(rd_buf); + ldns_buffer_free(rr_buf); + LDNS_FREE(rdata); + ldns_rr_free(new); + return LDNS_STATUS_SYNTAX_RDATA_ERR; + } } - } - r = ldns_rdf_new_frm_str( - ldns_rr_descriptor_field_type( - desc, r_cnt), rd); - break; - - case LDNS_RDF_TYPE_HIP: - /* - * In presentation format this RDATA type has - * three tokens: An algorithm byte, then a - * variable length HIT (in hexbytes) and then - * a variable length Public Key (in base64). - * - * We have just read the algorithm, so we need - * two more tokens: HIT and Public Key. - */ - do { - /* Read and append HIT */ - if (ldns_bget_token(rd_buf, - xtok, delimiters, - LDNS_MAX_RDFLEN) == -1) - break; - - (void) strncat(rd, " ", - LDNS_MAX_RDFLEN - - strlen(rd) - 1); - (void) strncat(rd, xtok, - LDNS_MAX_RDFLEN - - strlen(rd) - 1); - - /* Read and append Public Key*/ - if (ldns_bget_token(rd_buf, - xtok, delimiters, - LDNS_MAX_RDFLEN) == -1) - break; - - (void) strncat(rd, " ", - LDNS_MAX_RDFLEN - - strlen(rd) - 1); - (void) strncat(rd, xtok, - LDNS_MAX_RDFLEN - - strlen(rd) - 1); - } while (false); - - r = ldns_rdf_new_frm_str( - ldns_rr_descriptor_field_type( - desc, r_cnt), rd); - break; - - case LDNS_RDF_TYPE_DNAME: - r = ldns_rdf_new_frm_str( - ldns_rr_descriptor_field_type( - desc, r_cnt), rd); - - /* check if the origin should be used - * or concatenated - */ - if (r && ldns_rdf_size(r) > 1 && - ldns_rdf_data(r)[0] == 1 && - ldns_rdf_data(r)[1] == '@') { - - ldns_rdf_deep_free(r); - - r = origin ? ldns_rdf_clone(origin) - - : ( rr_type == LDNS_RR_TYPE_SOA ? - - ldns_rdf_clone( - ldns_rr_owner(new)) - - : ldns_rdf_new_frm_str( - LDNS_RDF_TYPE_DNAME, ".") - ); - - } else if (r && rd_strlen >= 1 && origin && - !ldns_dname_str_absolute(rd)) { - - status = ldns_dname_cat(r, origin); - if (status != LDNS_STATUS_OK) { - goto error; + if (quoted) { + if (ldns_buffer_available(rd_buf, 1)) { + ldns_buffer_skip(rd_buf, 1); + } else { + done = true; + } } + } else { + done = true; } - break; - default: - r = ldns_rdf_new_frm_str( - ldns_rr_descriptor_field_type( - desc, r_cnt), rd); - break; - } - if (!r) { - status = LDNS_STATUS_SYNTAX_RDATA_ERR; - goto error; - } - ldns_rr_push_rdf(new, r); - } - if (quoted) { - if (ldns_buffer_available(rd_buf, 1)) { - ldns_buffer_skip(rd_buf, 1); - } else { - done = true; } - } - - } /* for (done = false, r_cnt = 0; !done && r_cnt < r_max; r_cnt++) */ + } LDNS_FREE(rd); - LDNS_FREE(xtok); + LDNS_FREE(b64); ldns_buffer_free(rd_buf); ldns_buffer_free(rr_buf); LDNS_FREE(rdata); - if (!question && desc && !was_unknown_rr_format && - ldns_rr_rd_count(new) < r_min) { - + if (!question && desc && !was_unknown_rr_format && ldns_rr_rd_count(new) < r_min) { ldns_rr_free(new); return LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR; } if (newrr) { *newrr = new; - } else { - /* Maybe the caller just wanted to see if it would parse? */ - ldns_rr_free(new); } return LDNS_STATUS_OK; -memerror: - status = LDNS_STATUS_MEM_ERR; -error: - if (rd_buf && rd_buf->_data) { - ldns_buffer_free(rd_buf); - } else { - LDNS_FREE(rd_buf); - } - if (rr_buf && rr_buf->_data) { - ldns_buffer_free(rr_buf); - } else { - LDNS_FREE(rr_buf); - } +ldnserror: LDNS_FREE(type); LDNS_FREE(owner); LDNS_FREE(ttl); LDNS_FREE(clas); - LDNS_FREE(hex_data); - LDNS_FREE(hex_data_str); - LDNS_FREE(xtok); - LDNS_FREE(rd); LDNS_FREE(rdata); + LDNS_FREE(rd); + LDNS_FREE(rd_buf); + LDNS_FREE(b64); ldns_rr_free(new); - return status; + return status; } ldns_status @@ -753,13 +724,8 @@ ldns_rr_new_frm_fp_l(ldns_rr **newrr, FILE *fp, uint32_t *default_ttl, ldns_rdf } } LDNS_FREE(line); - if (s == LDNS_STATUS_OK) { - if (newrr) { - *newrr = rr; - } else { - /* Just testing if it would parse? */ - ldns_rr_free(rr); - } + if (newrr && s == LDNS_STATUS_OK) { + *newrr = rr; } return s; } @@ -961,7 +927,7 @@ ldns_rr_list_rr(const ldns_rr_list *rr_list, size_t nr) } ldns_rr_list * -ldns_rr_list_new(void) +ldns_rr_list_new() { ldns_rr_list *rr_list = LDNS_MALLOC(ldns_rr_list); if(!rr_list) return NULL; @@ -1190,8 +1156,7 @@ ldns_rr_list_pop_rr_list(ldns_rr_list *rr_list, size_t howmany) i--; } - if (i == howmany) { /* so i <= 0 */ - ldns_rr_list_free(popped); + if (i == howmany) { return NULL; } else { return popped; @@ -1420,7 +1385,25 @@ ldns_rr_list_clone(const ldns_rr_list *rrlist) } -static int +int +qsort_rr_compare(const void *a, const void *b) +{ + const ldns_rr *rr1 = * (const ldns_rr **) a; + const ldns_rr *rr2 = * (const ldns_rr **) b; + + if (rr1 == NULL && rr2 == NULL) { + return 0; + } + if (rr1 == NULL) { + return -1; + } + if (rr2 == NULL) { + return 1; + } + return ldns_rr_compare(rr1, rr2); +} + +int qsort_schwartz_rr_compare(const void *a, const void *b) { int result = 0; @@ -1497,7 +1480,6 @@ ldns_rr_list_sort(ldns_rr_list *unsorted) LDNS_FREE(sortables[i]); } /* no way to return error */ - LDNS_FREE(sortables); return; } sortables[i]->original_object = ldns_rr_list_rr(unsorted, i); @@ -1754,9 +1736,6 @@ ldns_rr2canonical(ldns_rr *rr) /* * lowercase the rdata dnames if the rr type is one * of the list in chapter 7 of RFC3597 - * Also added RRSIG, because a "Signer's Name" should be canonicalized - * too. See dnssec-bis-updates-16. We can add it to this list because - * the "Signer's Name" is the only dname type rdata field in a RRSIG. */ switch(ldns_rr_get_type(rr)) { case LDNS_RR_TYPE_NS: @@ -1781,7 +1760,6 @@ ldns_rr2canonical(ldns_rr *rr) case LDNS_RR_TYPE_SRV: case LDNS_RR_TYPE_DNAME: case LDNS_RR_TYPE_A6: - case LDNS_RR_TYPE_RRSIG: for (i = 0; i < ldns_rr_rd_count(rr); i++) { ldns_dname2canonical(ldns_rr_rdf(rr, i)); } @@ -1870,7 +1848,9 @@ static const ldns_rdf_type type_px_wireformat[] = { LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_DNAME }; static const ldns_rdf_type type_gpos_wireformat[] = { - LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_STR + LDNS_RDF_TYPE_STR, + LDNS_RDF_TYPE_STR, + LDNS_RDF_TYPE_STR }; static const ldns_rdf_type type_aaaa_wireformat[] = { LDNS_RDF_TYPE_AAAA }; static const ldns_rdf_type type_loc_wireformat[] = { LDNS_RDF_TYPE_LOC }; @@ -1948,15 +1928,6 @@ static const ldns_rdf_type type_dnskey_wireformat[] = { LDNS_RDF_TYPE_ALG, LDNS_RDF_TYPE_B64 }; -static const ldns_rdf_type type_tkey_wireformat[] = { - LDNS_RDF_TYPE_DNAME, - LDNS_RDF_TYPE_TIME, - LDNS_RDF_TYPE_TIME, - LDNS_RDF_TYPE_INT16, - LDNS_RDF_TYPE_INT16, - LDNS_RDF_TYPE_INT16_DATA, - LDNS_RDF_TYPE_INT16_DATA, -}; static const ldns_rdf_type type_tsig_wireformat[] = { LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_TSIGTIME, @@ -1966,49 +1937,6 @@ static const ldns_rdf_type type_tsig_wireformat[] = { LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_INT16_DATA }; -static const ldns_rdf_type type_tlsa_wireformat[] = { - LDNS_RDF_TYPE_INT8, - LDNS_RDF_TYPE_INT8, - LDNS_RDF_TYPE_INT8, - LDNS_RDF_TYPE_HEX -}; -static const ldns_rdf_type type_hip_wireformat[] = { - LDNS_RDF_TYPE_HIP -}; -static const ldns_rdf_type type_nid_wireformat[] = { - LDNS_RDF_TYPE_INT16, - LDNS_RDF_TYPE_ILNP64 -}; -static const ldns_rdf_type type_l32_wireformat[] = { - LDNS_RDF_TYPE_INT16, - LDNS_RDF_TYPE_A -}; -static const ldns_rdf_type type_l64_wireformat[] = { - LDNS_RDF_TYPE_INT16, - LDNS_RDF_TYPE_ILNP64 -}; -static const ldns_rdf_type type_lp_wireformat[] = { - LDNS_RDF_TYPE_INT16, - LDNS_RDF_TYPE_DNAME -}; -static const ldns_rdf_type type_eui48_wireformat[] = { - LDNS_RDF_TYPE_EUI48 -}; -static const ldns_rdf_type type_eui64_wireformat[] = { - LDNS_RDF_TYPE_EUI64 -}; -#ifdef RRTYPE_URI -static const ldns_rdf_type type_uri_wireformat[] = { - LDNS_RDF_TYPE_INT16, - LDNS_RDF_TYPE_INT16, - LDNS_RDF_TYPE_LONG_STR -}; -#endif -static const ldns_rdf_type type_caa_wireformat[] = { - LDNS_RDF_TYPE_INT8, - LDNS_RDF_TYPE_TAG, - LDNS_RDF_TYPE_LONG_STR -}; /** \endcond */ /** \cond */ @@ -2072,7 +2000,7 @@ static ldns_rr_descriptor rdata_field_descriptors[] = { /* 26 */ {LDNS_RR_TYPE_PX, "PX", 3, 3, type_px_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 2 }, /* 27 */ - {LDNS_RR_TYPE_GPOS, "GPOS", 3, 3, type_gpos_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, + {LDNS_RR_TYPE_GPOS, "GPOS", 1, 1, type_gpos_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, /* 28 */ {LDNS_RR_TYPE_AAAA, "AAAA", 1, 1, type_aaaa_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, /* 29 */ @@ -2112,50 +2040,24 @@ static ldns_rr_descriptor rdata_field_descriptors[] = { /* 46 */ {LDNS_RR_TYPE_RRSIG, "RRSIG", 9, 9, type_rrsig_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 }, /* 47 */ - {LDNS_RR_TYPE_NSEC, "NSEC", 1, 2, type_nsec_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 }, + {LDNS_RR_TYPE_NSEC, "NSEC", 1, 2, type_nsec_wireformat, LDNS_RDF_TYPE_NSEC, LDNS_RR_NO_COMPRESS, 1 }, /* 48 */ {LDNS_RR_TYPE_DNSKEY, "DNSKEY", 4, 4, type_dnskey_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, /* 49 */ - {LDNS_RR_TYPE_DHCID, "DHCID", 1, 1, type_dhcid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, +{LDNS_RR_TYPE_DHCID, "DHCID", 1, 1, type_dhcid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, /* 50 */ {LDNS_RR_TYPE_NSEC3, "NSEC3", 5, 6, type_nsec3_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, /* 51 */ - {LDNS_RR_TYPE_NSEC3PARAM, "NSEC3PARAM", 4, 4, type_nsec3param_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, +{LDNS_RR_TYPE_NSEC3PARAM, "NSEC3PARAM", 4, 4, type_nsec3param_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, /* 52 */ - {LDNS_RR_TYPE_TLSA, "TLSA", 4, 4, type_tlsa_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - +{LDNS_RR_TYPE_NULL, "TYPE52", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE53", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE54", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - - /* 55 - * Hip ends with 0 or more Rendezvous Servers represented as dname's. - * Hence the LDNS_RDF_TYPE_DNAME _variable field and the _maximum field - * set to 0. - */ - {LDNS_RR_TYPE_HIP, "HIP", 1, 1, type_hip_wireformat, LDNS_RDF_TYPE_DNAME, LDNS_RR_NO_COMPRESS, 0 }, - -#ifdef RRTYPE_NINFO - /* 56 */ - {LDNS_RR_TYPE_NINFO, "NINFO", 1, 0, NULL, LDNS_RDF_TYPE_STR, LDNS_RR_NO_COMPRESS, 0 }, -#else +{LDNS_RR_TYPE_NULL, "TYPE55", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE56", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, -#endif -#ifdef RRTYPE_RKEY - /* 57 */ - {LDNS_RR_TYPE_RKEY, "RKEY", 4, 4, type_key_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, -#else {LDNS_RR_TYPE_NULL, "TYPE57", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, -#endif - /* 58 */ - {LDNS_RR_TYPE_TALINK, "TALINK", 2, 2, type_talink_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 2 }, - -#ifdef RRTYPE_CDS - /* 59 */ - {LDNS_RR_TYPE_CDS, "CDS", 4, 4, type_ds_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, -#else +{LDNS_RR_TYPE_TALINK, "TALINK", 2, 2, type_talink_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 2 }, {LDNS_RR_TYPE_NULL, "TYPE59", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, -#endif - {LDNS_RR_TYPE_NULL, "TYPE60", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE61", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE62", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, @@ -2195,32 +2097,17 @@ static ldns_rr_descriptor rdata_field_descriptors[] = { {LDNS_RR_TYPE_NULL, "TYPE96", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE97", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE98", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - - /* 99 */ - {LDNS_RR_TYPE_SPF, "SPF", 1, 0, NULL, LDNS_RDF_TYPE_STR, LDNS_RR_NO_COMPRESS, 0 }, - - /* UINFO [IANA-Reserved] */ +{LDNS_RR_TYPE_SPF, "SPF", 1, 0, NULL, LDNS_RDF_TYPE_STR, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE100", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - /* UID [IANA-Reserved] */ {LDNS_RR_TYPE_NULL, "TYPE101", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - /* GID [IANA-Reserved] */ {LDNS_RR_TYPE_NULL, "TYPE102", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - /* UNSPEC [IANA-Reserved] */ {LDNS_RR_TYPE_NULL, "TYPE103", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - - /* 104 */ - {LDNS_RR_TYPE_NID, "NID", 2, 2, type_nid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - /* 105 */ - {LDNS_RR_TYPE_L32, "L32", 2, 2, type_l32_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - /* 106 */ - {LDNS_RR_TYPE_L64, "L64", 2, 2, type_l64_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - /* 107 */ - {LDNS_RR_TYPE_LP, "LP", 2, 2, type_lp_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 }, - /* 108 */ - {LDNS_RR_TYPE_EUI48, "EUI48", 1, 1, type_eui48_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - /* 109 */ - {LDNS_RR_TYPE_EUI64, "EUI64", 1, 1, type_eui64_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - +{LDNS_RR_TYPE_NULL, "TYPE104", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, +{LDNS_RR_TYPE_NULL, "TYPE105", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, +{LDNS_RR_TYPE_NULL, "TYPE106", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, +{LDNS_RR_TYPE_NULL, "TYPE107", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, +{LDNS_RR_TYPE_NULL, "TYPE108", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, +{LDNS_RR_TYPE_NULL, "TYPE109", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE110", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE111", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE112", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, @@ -2360,48 +2247,14 @@ static ldns_rr_descriptor rdata_field_descriptors[] = { {LDNS_RR_TYPE_NULL, "TYPE246", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE247", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE248", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - - /* LDNS_RDF_TYPE_INT16_DATA takes two fields (length and data) as one. - * So, unlike RFC 2930 spec, we have 7 min/max rdf's i.s.o. 8/9. - */ - /* 249 */ - {LDNS_RR_TYPE_TKEY, "TKEY", 7, 7, type_tkey_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 }, - /* LDNS_RDF_TYPE_INT16_DATA takes two fields (length and data) as one. - * So, unlike RFC 2930 spec, we have 7 min/max rdf's i.s.o. 8/9. - */ - /* 250 */ - {LDNS_RR_TYPE_TSIG, "TSIG", 7, 7, type_tsig_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 }, - - /* IXFR: A request for a transfer of an incremental zone transfer */ -{LDNS_RR_TYPE_NULL, "TYPE251", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - /* AXFR: A request for a transfer of an entire zone */ -{LDNS_RR_TYPE_NULL, "TYPE252", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - /* MAILB: A request for mailbox-related records (MB, MG or MR) */ -{LDNS_RR_TYPE_NULL, "TYPE253", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - /* MAILA: A request for mail agent RRs (Obsolete - see MX) */ -{LDNS_RR_TYPE_NULL, "TYPE254", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - /* ANY: A request for all (available) records */ -{LDNS_RR_TYPE_NULL, "TYPE255", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - -#ifdef RRTYPE_URI - /* 256 */ - {LDNS_RR_TYPE_URI, "URI", 3, 3, type_uri_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, -#else -{LDNS_RR_TYPE_NULL, "TYPE256", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, -#endif - /* 257 */ - {LDNS_RR_TYPE_CAA, "CAA", 3, 3, type_caa_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, - +{LDNS_RR_TYPE_NULL, "TYPE249", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, +/* LDNS_RDF_TYPE_INT16_DATA essentially takes two fields (length and data) and + * makes them into one. So, while in rfc 2845 is specified that a TSIG may have + * 8 or 9 rdata fields, by this implementation, the min/max are 7 each. + */ +{LDNS_RR_TYPE_TSIG, "TSIG", 7, 7, type_tsig_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, /* split in array, no longer contiguous */ - -#ifdef RRTYPE_TA - /* 32768 */ - {LDNS_RR_TYPE_TA, "TA", 4, 4, type_ds_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, -#else -{LDNS_RR_TYPE_NULL, "TYPE32768", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, -#endif - /* 32769 */ - {LDNS_RR_TYPE_DLV, "DLV", 4, 4, type_ds_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 } +{LDNS_RR_TYPE_DLV, "DLV", 4, 4, type_ds_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 } }; /** \endcond */ @@ -2412,130 +2265,11 @@ static ldns_rr_descriptor rdata_field_descriptors[] = { #define LDNS_RDATA_FIELD_DESCRIPTORS_COUNT \ (sizeof(rdata_field_descriptors)/sizeof(rdata_field_descriptors[0])) - -/*---------------------------------------------------------------------------* - * The functions below return an bitmap RDF with the space required to set - * or unset all known RR types. Arguably these functions are better situated - * in rdata.c, however for the space calculation it is necesarry to walk - * through rdata_field_descriptors which is not easily possible from anywhere - * other than rr.c where it is declared static. - * - * Alternatively rr.c could have provided an iterator for rr_type or - * rdf_descriptors, but this seemed overkill for internal use only. - */ -static ldns_rr_descriptor* rdata_field_descriptors_end = - &rdata_field_descriptors[LDNS_RDATA_FIELD_DESCRIPTORS_COUNT]; - -/* From RFC3845: - * - * 2.1.2. The List of Type Bit Map(s) Field - * - * The RR type space is split into 256 window blocks, each representing - * the low-order 8 bits of the 16-bit RR type space. Each block that - * has at least one active RR type is encoded using a single octet - * window number (from 0 to 255), a single octet bitmap length (from 1 - * to 32) indicating the number of octets used for the window block's - * bitmap, and up to 32 octets (256 bits) of bitmap. - * - * Window blocks are present in the NSEC RR RDATA in increasing - * numerical order. - * - * "|" denotes concatenation - * - * Type Bit Map(s) Field = ( Window Block # | Bitmap Length | Bitmap ) + - * - * <cut> - * - * Blocks with no types present MUST NOT be included. Trailing zero - * octets in the bitmap MUST be omitted. The length of each block's - * bitmap is determined by the type code with the largest numerical - * value within that block, among the set of RR types present at the - * NSEC RR's owner name. Trailing zero octets not specified MUST be - * interpreted as zero octets. - */ -static ldns_status -ldns_rdf_bitmap_known_rr_types_set(ldns_rdf** rdf, int value) -{ - uint8_t window; /* most significant octet of type */ - uint8_t subtype; /* least significant octet of type */ - uint16_t windows[256] /* Max subtype per window */ -#ifndef S_SPLINT_S - = { 0 } -#endif - ; - ldns_rr_descriptor* d; /* used to traverse rdata_field_descriptors */ - size_t i; /* used to traverse windows array */ - - size_t sz; /* size needed for type bitmap rdf */ - uint8_t* data = NULL; /* rdf data */ - uint8_t* dptr; /* used to itraverse rdf data */ - - assert(rdf != NULL); - - /* Which windows need to be in the bitmap rdf? - */ - for (d=rdata_field_descriptors; d < rdata_field_descriptors_end; d++) { - window = d->_type >> 8; - subtype = d->_type & 0xff; - if (windows[window] < subtype) { - windows[window] = subtype; - } - } - - /* How much space do we need in the rdf for those windows? - */ - sz = 0; - for (i = 0; i < 256; i++) { - if (windows[i]) { - sz += windows[i] / 8 + 3; - } - } - if (sz > 0) { - /* Format rdf data according RFC3845 Section 2.1.2 (see above) - */ - dptr = data = LDNS_XMALLOC(uint8_t, sz); - memset(data, value, sz); - if (!data) { - return LDNS_STATUS_MEM_ERR; - } - for (i = 0; i < 256; i++) { - if (windows[i]) { - *dptr++ = (uint8_t)i; - *dptr++ = (uint8_t)(windows[i] / 8 + 1); - dptr += dptr[-1]; - } - } - } - /* Allocate and return rdf structure for the data - */ - *rdf = ldns_rdf_new(LDNS_RDF_TYPE_BITMAP, sz, data); - if (!*rdf) { - LDNS_FREE(data); - return LDNS_STATUS_MEM_ERR; - } - return LDNS_STATUS_OK; -} - -ldns_status -ldns_rdf_bitmap_known_rr_types_space(ldns_rdf** rdf) -{ - return ldns_rdf_bitmap_known_rr_types_set(rdf, 0); -} - -ldns_status -ldns_rdf_bitmap_known_rr_types(ldns_rdf** rdf) -{ - return ldns_rdf_bitmap_known_rr_types_set(rdf, 255); -} -/* End of RDF bitmap functions - *---------------------------------------------------------------------------*/ - - const ldns_rr_descriptor * ldns_rr_descript(uint16_t type) { size_t i; - if (type < LDNS_RDATA_FIELD_DESCRIPTORS_COMMON) { + if (type <= LDNS_RDATA_FIELD_DESCRIPTORS_COMMON) { return &rdata_field_descriptors[type]; } else { /* because not all array index equals type code */ diff --git a/usr.sbin/unbound/ldns/rr_functions.c b/usr.sbin/unbound/ldns/rr_functions.c index b03751b01ec..b4847d62c64 100644 --- a/usr.sbin/unbound/ldns/rr_functions.c +++ b/usr.sbin/unbound/ldns/rr_functions.c @@ -341,12 +341,12 @@ ldns_rr_dnskey_key_size(const ldns_rr *key) ); } -uint32_t ldns_soa_serial_identity(uint32_t ATTR_UNUSED(unused), void *data) +uint32_t ldns_soa_serial_identity(uint32_t ATTR_UNUSED(_), void *data) { return (uint32_t) (intptr_t) data; } -uint32_t ldns_soa_serial_increment(uint32_t s, void *ATTR_UNUSED(unused)) +uint32_t ldns_soa_serial_increment(uint32_t s, void *ATTR_UNUSED(_)) { return ldns_soa_serial_increment_by(s, (void *)1); } @@ -360,19 +360,19 @@ uint32_t ldns_soa_serial_datecounter(uint32_t s, void *data) { struct tm tm; char s_str[11]; - int32_t new_s; + uint32_t new_s; time_t t = data ? (time_t) (intptr_t) data : ldns_time(NULL); (void) strftime(s_str, 11, "%Y%m%d00", localtime_r(&t, &tm)); - new_s = (int32_t) atoi(s_str); - return new_s - ((int32_t) s) <= 0 ? s+1 : ((uint32_t) new_s); + new_s = (uint32_t) atoi(s_str); + return new_s > s ? new_s : s+1; } uint32_t ldns_soa_serial_unixtime(uint32_t s, void *data) { - int32_t new_s = data ? (int32_t) (intptr_t) data - : (int32_t) ldns_time(NULL); - return new_s - ((int32_t) s) <= 0 ? s+1 : ((uint32_t) new_s); + uint32_t new_s = data ? (uint32_t) (intptr_t) data + : (uint32_t) ldns_time(NULL); + return new_s > s ? new_s : s+1; } void diff --git a/usr.sbin/unbound/ldns/sha1.c b/usr.sbin/unbound/ldns/sha1.c index 18a4dd28f34..5dec680a1b7 100644 --- a/usr.sbin/unbound/ldns/sha1.c +++ b/usr.sbin/unbound/ldns/sha1.c @@ -15,12 +15,12 @@ */ /* #define LITTLE_ENDIAN * This should be #define'd already, if true. */ +/* #define SHA1HANDSOFF * Copies data before messing with it. */ #include <ldns/config.h> #include <ldns/ldns.h> #include <strings.h> -#define SHA1HANDSOFF 1 /* Copies data before messing with it. */ #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) /* blk0() and blk() perform the initial expand. */ diff --git a/usr.sbin/unbound/ldns/sha2.c b/usr.sbin/unbound/ldns/sha2.c index a808325c2fb..7fca594e9cb 100644 --- a/usr.sbin/unbound/ldns/sha2.c +++ b/usr.sbin/unbound/ldns/sha2.c @@ -37,7 +37,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: sha2.c,v 1.1.1.2 2014/02/04 03:48:15 brad Exp $ + * $Id: sha2.c,v 1.1 2012/03/26 18:08:22 sthen Exp $ */ #include <ldns/config.h> @@ -546,15 +546,9 @@ void ldns_sha256_update(ldns_sha256_CTX* context, const sha2_byte *data, size_t usedspace = freespace = 0; } -typedef union _ldns_sha2_buffer_union { - uint8_t* theChars; - uint64_t* theLongs; -} ldns_sha2_buffer_union; - void ldns_sha256_final(sha2_byte digest[], ldns_sha256_CTX* context) { sha2_word32 *d = (sha2_word32*)digest; size_t usedspace; - ldns_sha2_buffer_union cast_var; /* Sanity check: */ assert(context != (ldns_sha256_CTX*)0); @@ -591,8 +585,7 @@ void ldns_sha256_final(sha2_byte digest[], ldns_sha256_CTX* context) { *context->buffer = 0x80; } /* Set the bit count: */ - cast_var.theChars = context->buffer; - cast_var.theLongs[ldns_sha256_SHORT_BLOCK_LENGTH / 8] = context->bitcount; + *(sha2_word64*)&context->buffer[ldns_sha256_SHORT_BLOCK_LENGTH] = context->bitcount; /* final transform: */ ldns_sha256_Transform(context, (sha2_word32*)context->buffer); @@ -857,7 +850,6 @@ void ldns_sha512_update(ldns_sha512_CTX* context, const sha2_byte *data, size_t static void ldns_sha512_Last(ldns_sha512_CTX* context) { size_t usedspace; - ldns_sha2_buffer_union cast_var; usedspace = (context->bitcount[0] >> 3) % LDNS_SHA512_BLOCK_LENGTH; #if BYTE_ORDER == LITTLE_ENDIAN @@ -890,9 +882,8 @@ static void ldns_sha512_Last(ldns_sha512_CTX* context) { *context->buffer = 0x80; } /* Store the length of input data (in bits): */ - cast_var.theChars = context->buffer; - cast_var.theLongs[ldns_sha512_SHORT_BLOCK_LENGTH / 8] = context->bitcount[1]; - cast_var.theLongs[ldns_sha512_SHORT_BLOCK_LENGTH / 8 + 1] = context->bitcount[0]; + *(sha2_word64*)&context->buffer[ldns_sha512_SHORT_BLOCK_LENGTH] = context->bitcount[1]; + *(sha2_word64*)&context->buffer[ldns_sha512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0]; /* final transform: */ ldns_sha512_Transform(context, (sha2_word64*)context->buffer); diff --git a/usr.sbin/unbound/ldns/str2host.c b/usr.sbin/unbound/ldns/str2host.c index 26cef3d036e..4ec9d379bc7 100644 --- a/usr.sbin/unbound/ldns/str2host.c +++ b/usr.sbin/unbound/ldns/str2host.c @@ -96,7 +96,7 @@ ldns_str2rdf_time(ldns_rdf **rd, const char *time) goto bad_format; } - l = htonl(ldns_mktime_from_utc(&tm)); + l = htonl(mktime_from_utc(&tm)); memcpy(r, &l, sizeof(uint32_t)); *rd = ldns_rdf_new_frm_data( LDNS_RDF_TYPE_TIME, sizeof(uint32_t), r); @@ -257,48 +257,29 @@ ldns_str2rdf_int8(ldns_rdf **rd, const char *bytestr) * Returns the number of bytes read from the escaped string, or * 0 on error */ -INLINE bool -parse_escape(uint8_t *ch_p, const char** str_p) -{ - uint16_t val; - - if ((*str_p)[0] && isdigit((*str_p)[0]) && - (*str_p)[1] && isdigit((*str_p)[1]) && - (*str_p)[2] && isdigit((*str_p)[2])) { - - val = (uint16_t)(((*str_p)[0] - '0') * 100 + - ((*str_p)[1] - '0') * 10 + - ((*str_p)[2] - '0')); - - if (val > 255) { - goto error; +static int +parse_escape(uint8_t *s, uint8_t *q) { + uint8_t val; + if (strlen((char *)s) > 3 && + isdigit((int) s[1]) && + isdigit((int) s[2]) && + isdigit((int) s[3])) { + /* cast this so it fits */ + val = (uint8_t) ldns_hexdigit_to_int((char) s[1]) * 100 + + ldns_hexdigit_to_int((char) s[2]) * 10 + + ldns_hexdigit_to_int((char) s[3]); + *q = val; + return 3; + } else { + s++; + if (*s == '\0' || isdigit((int) *s)) { + /* apparently the string terminator + * or a digit has been escaped... + */ + return 0; } - *ch_p = (uint8_t)val; - *str_p += 3; - return true; - - } else if ((*str_p)[0] && !isdigit((*str_p)[0])) { - - *ch_p = (uint8_t)*(*str_p)++; - return true; - } -error: - *str_p = NULL; - return false; /* LDNS_STATUS_SYNTAX_BAD_ESCAPE */ -} - -INLINE bool -parse_char(uint8_t *ch_p, const char** str_p) -{ - switch (**str_p) { - - case '\0': return false; - - case '\\': *str_p += 1; - return parse_escape(ch_p, str_p); - - default: *ch_p = (uint8_t)*(*str_p)++; - return true; + *q = *s; + return 1; } } @@ -312,8 +293,8 @@ ldns_str2rdf_dname(ldns_rdf **d, const char *str) { size_t len; - const char *s; - uint8_t *q, *pq, label_len; + int esc; + uint8_t *s, *q, *pq, label_len; uint8_t buf[LDNS_MAX_DOMAINLEN + 1]; *d = NULL; @@ -343,7 +324,7 @@ ldns_str2rdf_dname(ldns_rdf **d, const char *str) q = buf+1; pq = buf; label_len = 0; - for (s = str; *s; s++, q++) { + for (s = (uint8_t *)str; *s; s++, q++) { if (q > buf + LDNS_MAX_DOMAINLEN) { return LDNS_STATUS_DOMAINNAME_OVERFLOW; } @@ -363,15 +344,16 @@ ldns_str2rdf_dname(ldns_rdf **d, const char *str) break; case '\\': /* octet value or literal char */ - s += 1; - if (! parse_escape(q, &s)) { + esc = parse_escape(s, q); + if (esc > 0) { + s += esc; + label_len++; + } else { return LDNS_STATUS_SYNTAX_BAD_ESCAPE; } - s -= 1; - label_len++; break; default: - *q = (uint8_t)*s; + *q = *s; label_len++; } } @@ -427,44 +409,36 @@ ldns_str2rdf_aaaa(ldns_rdf **rd, const char *str) ldns_status ldns_str2rdf_str(ldns_rdf **rd, const char *str) { - uint8_t *data, *dp, ch = 0; - size_t length; + uint8_t *data; + size_t i, str_i, esc_i; - /* Worst case space requirement. We'll realloc to actual size later. */ - dp = data = LDNS_XMALLOC(uint8_t, strlen(str) > 255 ? 256 : (strlen(str) + 1)); - if (! data) { - return LDNS_STATUS_MEM_ERR; + if (strlen(str) > 255) { + return LDNS_STATUS_INVALID_STR; } - /* Fill data (up to 255 characters) */ - while (parse_char(&ch, &str)) { - if (dp - data >= 255) { - LDNS_FREE(data); - return LDNS_STATUS_INVALID_STR; - } - *++dp = ch; - } - if (! str) { - return LDNS_STATUS_SYNTAX_BAD_ESCAPE; - } - length = (size_t)(dp - data); - /* Fix last length byte */ - data[0] = (uint8_t)length; + data = LDNS_XMALLOC(uint8_t, strlen(str) + 1); + if(!data) return LDNS_STATUS_MEM_ERR; + i = 1; - /* Lose the overmeasure */ - data = LDNS_XREALLOC(dp = data, uint8_t, length + 1); - if (! data) { - LDNS_FREE(dp); - return LDNS_STATUS_MEM_ERR; + for (str_i = 0; str_i < strlen(str); str_i++) { + if (str[str_i] == '\\') { + /* octet value or literal char */ + esc_i = (size_t) parse_escape((uint8_t*) &str[str_i], (uint8_t*) &data[i]); + if (esc_i == 0) { + LDNS_FREE(data); + return LDNS_STATUS_SYNTAX_BAD_ESCAPE; + } + str_i += esc_i; + } else { + data[i] = (uint8_t) str[str_i]; + } + i++; } + data[0] = i - 1; + *rd = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_STR, i, data); - /* Create rdf */ - *rd = ldns_rdf_new(LDNS_RDF_TYPE_STR, length + 1, data); - if (! *rd) { - LDNS_FREE(data); - return LDNS_STATUS_MEM_ERR; - } - return LDNS_STATUS_OK; + LDNS_FREE(data); + return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR; } ldns_status @@ -556,7 +530,6 @@ ldns_str2rdf_apl(ldns_rdf **rd, const char *str) data = LDNS_XMALLOC(uint8_t, 4 + afdlength); if(!data) { - LDNS_FREE(afdpart); LDNS_FREE(my_ip_str); return LDNS_STATUS_INVALID_STR; } @@ -803,21 +776,30 @@ ldns_str2rdf_alg(ldns_rdf **rd, const char *str) } ldns_status -ldns_str2rdf_unknown( ATTR_UNUSED(ldns_rdf **rd) - , ATTR_UNUSED(const char *str) - ) +ldns_str2rdf_unknown(ldns_rdf **rd, const char *str) { /* this should be caught in an earlier time (general str2host for rr's */ + rd = rd; + str = str; return LDNS_STATUS_NOT_IMPL; } ldns_status -ldns_str2rdf_service( ATTR_UNUSED(ldns_rdf **rd) - , ATTR_UNUSED(const char *str) - ) +ldns_str2rdf_tsig(ldns_rdf **rd, const char *str) +{ + /* there is no strign representation for TSIG rrs */ + rd = rd; + str = str; + return LDNS_STATUS_NOT_IMPL; +} + +ldns_status +ldns_str2rdf_service(ldns_rdf **rd, const char *str) { /* is this used? is this actually WKS? or SRV? */ + rd = rd; + str = str; return LDNS_STATUS_NOT_IMPL; } @@ -1118,6 +1100,8 @@ ldns_str2rdf_wks(ldns_rdf **rd, const char *str) data[0] = (uint8_t) proto->p_proto; } else if (proto_str) { data[0] = (uint8_t) atoi(proto_str); + } else { + data[0] = 0; } memcpy(data + 1, bitmap, (size_t) bm_len); @@ -1330,240 +1314,3 @@ ldns_str2rdf_ipseckey(ldns_rdf **rd, const char *str) if(!*rd) return LDNS_STATUS_MEM_ERR; return LDNS_STATUS_OK; } - -ldns_status -ldns_str2rdf_ilnp64(ldns_rdf **rd, const char *str) -{ - unsigned int a, b, c, d; - uint16_t shorts[4]; - int l; - - if (sscanf(str, "%4x:%4x:%4x:%4x%n", &a, &b, &c, &d, &l) != 4 || - l != (int)strlen(str) || /* more data to read */ - strpbrk(str, "+-") /* signed hexes */ - ) { - return LDNS_STATUS_INVALID_ILNP64; - } else { - shorts[0] = htons(a); - shorts[1] = htons(b); - shorts[2] = htons(c); - shorts[3] = htons(d); - *rd = ldns_rdf_new_frm_data( - LDNS_RDF_TYPE_ILNP64, 4 * sizeof(uint16_t), &shorts); - } - return *rd ? LDNS_STATUS_OK : LDNS_STATUS_MEM_ERR; -} - -ldns_status -ldns_str2rdf_eui48(ldns_rdf **rd, const char *str) -{ - unsigned int a, b, c, d, e, f; - uint8_t bytes[6]; - int l; - - if (sscanf(str, "%2x-%2x-%2x-%2x-%2x-%2x%n", - &a, &b, &c, &d, &e, &f, &l) != 6 || - l != (int)strlen(str) || /* more data to read */ - strpbrk(str, "+-") /* signed hexes */ - ) { - return LDNS_STATUS_INVALID_EUI48; - } else { - bytes[0] = a; - bytes[1] = b; - bytes[2] = c; - bytes[3] = d; - bytes[4] = e; - bytes[5] = f; - *rd = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_EUI48, 6, &bytes); - } - return *rd ? LDNS_STATUS_OK : LDNS_STATUS_MEM_ERR; -} - -ldns_status -ldns_str2rdf_eui64(ldns_rdf **rd, const char *str) -{ - unsigned int a, b, c, d, e, f, g, h; - uint8_t bytes[8]; - int l; - - if (sscanf(str, "%2x-%2x-%2x-%2x-%2x-%2x-%2x-%2x%n", - &a, &b, &c, &d, &e, &f, &g, &h, &l) != 8 || - l != (int)strlen(str) || /* more data to read */ - strpbrk(str, "+-") /* signed hexes */ - ) { - return LDNS_STATUS_INVALID_EUI64; - } else { - bytes[0] = a; - bytes[1] = b; - bytes[2] = c; - bytes[3] = d; - bytes[4] = e; - bytes[5] = f; - bytes[6] = g; - bytes[7] = h; - *rd = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_EUI64, 8, &bytes); - } - return *rd ? LDNS_STATUS_OK : LDNS_STATUS_MEM_ERR; -} - -ldns_status -ldns_str2rdf_tag(ldns_rdf **rd, const char *str) -{ - uint8_t *data; - const char* ptr; - - if (strlen(str) > 255) { - return LDNS_STATUS_INVALID_TAG; - } - for (ptr = str; *ptr; ptr++) { - if (! isalnum(*ptr)) { - return LDNS_STATUS_INVALID_TAG; - } - } - data = LDNS_XMALLOC(uint8_t, strlen(str) + 1); - if (!data) { - return LDNS_STATUS_MEM_ERR; - } - data[0] = strlen(str); - memcpy(data + 1, str, strlen(str)); - - *rd = ldns_rdf_new(LDNS_RDF_TYPE_TAG, strlen(str) + 1, data); - if (!*rd) { - LDNS_FREE(data); - return LDNS_STATUS_MEM_ERR; - } - return LDNS_STATUS_OK; -} - -ldns_status -ldns_str2rdf_long_str(ldns_rdf **rd, const char *str) -{ - uint8_t *data, *dp, ch = 0; - size_t length; - - /* Worst case space requirement. We'll realloc to actual size later. */ - dp = data = LDNS_XMALLOC(uint8_t, strlen(str)); - if (! data) { - return LDNS_STATUS_MEM_ERR; - } - - /* Fill data with parsed bytes */ - while (parse_char(&ch, &str)) { - *dp++ = ch; - if (dp - data > LDNS_MAX_RDFLEN) { - LDNS_FREE(data); - return LDNS_STATUS_INVALID_STR; - } - } - if (! str) { - return LDNS_STATUS_SYNTAX_BAD_ESCAPE; - } - length = (size_t)(dp - data); - - /* Lose the overmeasure */ - data = LDNS_XREALLOC(dp = data, uint8_t, length); - if (! data) { - LDNS_FREE(dp); - return LDNS_STATUS_MEM_ERR; - } - - /* Create rdf */ - *rd = ldns_rdf_new(LDNS_RDF_TYPE_LONG_STR, length, data); - if (! *rd) { - LDNS_FREE(data); - return LDNS_STATUS_MEM_ERR; - } - return LDNS_STATUS_OK; -} - -ldns_status -ldns_str2rdf_hip(ldns_rdf **rd, const char *str) -{ - const char *hit = strchr(str, ' ') + 1; - const char *pk = hit == NULL ? NULL : strchr(hit, ' ') + 1; - size_t hit_size = hit == NULL ? 0 - : pk == NULL ? strlen(hit) : (size_t) (pk - hit) - 1; - size_t pk_size = pk == NULL ? 0 : strlen(pk); - size_t hit_wire_size = (hit_size + 1) / 2; - size_t pk_wire_size = ldns_b64_pton_calculate_size(pk_size); - size_t rdf_size = 4 + hit_wire_size + pk_wire_size; - - char *endptr; /* utility var for strtol usage */ - int algorithm = strtol(str, &endptr, 10); - - uint8_t *data, *dp; - int hi, lo, written; - - if (hit_size == 0 || pk_size == 0 || (hit_size + 1) / 2 > 255 - || rdf_size > LDNS_MAX_RDFLEN - || algorithm < 0 || algorithm > 255 - || (errno != 0 && algorithm == 0) /* out of range */ - || endptr == str /* no digits */) { - - return LDNS_STATUS_SYNTAX_ERR; - } - if ((data = LDNS_XMALLOC(uint8_t, rdf_size)) == NULL) { - - return LDNS_STATUS_MEM_ERR; - } - /* From RFC 5205 section 5. HIP RR Storage Format: - ************************************************* - - 0 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - | HIT length | PK algorithm | PK length | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - | | - ~ HIT ~ - | | - + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - | | | - +-+-+-+-+-+-+-+-+-+-+-+ + - | Public Key | - ~ ~ - | | - + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - | | | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + - | | - ~ Rendezvous Servers ~ - | | - + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - | | - +-+-+-+-+-+-+-+ */ - - data[0] = (uint8_t) hit_wire_size; - data[1] = (uint8_t) algorithm; - - for (dp = data + 4; *hit && *hit != ' '; dp++) { - - if ((hi = ldns_hexdigit_to_int(*hit++)) == -1 || - (lo = ldns_hexdigit_to_int(*hit++)) == -1) { - - LDNS_FREE(data); - return LDNS_STATUS_INVALID_HEX; - } - *dp = (uint8_t) hi << 4 | lo; - } - if ((written = ldns_b64_pton(pk, dp, pk_wire_size)) <= 0) { - - LDNS_FREE(data); - return LDNS_STATUS_INVALID_B64; - } - - /* Because ldns_b64_pton_calculate_size isn't always correct: - * (we have to fix it at some point) - */ - pk_wire_size = (uint16_t) written; - ldns_write_uint16(data + 2, pk_wire_size); - rdf_size = 4 + hit_wire_size + pk_wire_size; - - /* Create rdf */ - if (! (*rd = ldns_rdf_new(LDNS_RDF_TYPE_HIP, rdf_size, data))) { - - LDNS_FREE(data); - return LDNS_STATUS_MEM_ERR; - } - return LDNS_STATUS_OK; -} diff --git a/usr.sbin/unbound/ldns/tsig.c b/usr.sbin/unbound/ldns/tsig.c index 53aa85ecb46..90c20a03ea0 100644 --- a/usr.sbin/unbound/ldns/tsig.c +++ b/usr.sbin/unbound/ldns/tsig.c @@ -51,7 +51,7 @@ ldns_tsig_keydata_clone(ldns_tsig_credentials *tc) /* * Makes an exact copy of the wire, but with the tsig rr removed */ -static uint8_t * +uint8_t * ldns_tsig_prepare_pkt_wire(uint8_t *wire, size_t wire_len, size_t *result_len) { uint8_t *wire2 = NULL; @@ -134,15 +134,19 @@ ldns_digest_function(char *name) { /* these are the mandatory algorithms from RFC4635 */ /* The optional algorithms are not yet implemented */ - if (strcasecmp(name, "hmac-sha256.") == 0) { + if (strlen(name) == 12 + && strncasecmp(name, "hmac-sha256.", 11) == 0) { #ifdef HAVE_EVP_SHA256 return EVP_sha256(); #else return NULL; #endif - } else if (strcasecmp(name, "hmac-sha1.") == 0) { + } else if (strlen(name) == 10 + && strncasecmp(name, "hmac-sha1.", 9) == 0) { return EVP_sha1(); - } else if (strcasecmp(name, "hmac-md5.sig-alg.reg.int.") == 0) { + } else if (strlen(name) == 25 + && strncasecmp(name, "hmac-md5.sig-alg.reg.int.", 25) + == 0) { return EVP_md5(); } else { return NULL; @@ -175,12 +179,10 @@ ldns_tsig_mac_new(ldns_rdf **tsig_mac, uint8_t *pkt_wire, size_t pkt_wire_size, return LDNS_STATUS_NULL; } canonical_key_name_rdf = ldns_rdf_clone(key_name_rdf); - if (canonical_key_name_rdf == NULL) { - return LDNS_STATUS_MEM_ERR; - } canonical_algorithm_rdf = ldns_rdf_clone(algorithm_rdf); - if (canonical_algorithm_rdf == NULL) { - ldns_rdf_deep_free(canonical_key_name_rdf); + + if (canonical_key_name_rdf == NULL + || canonical_algorithm_rdf == NULL) { return LDNS_STATUS_MEM_ERR; } /* @@ -264,8 +266,8 @@ ldns_tsig_mac_new(ldns_rdf **tsig_mac, uint8_t *pkt_wire, size_t pkt_wire_size, LDNS_FREE(key_bytes); LDNS_FREE(algorithm_name); ldns_buffer_free(data_buffer); - ldns_rdf_deep_free(canonical_algorithm_rdf); - ldns_rdf_deep_free(canonical_key_name_rdf); + ldns_rdf_free(canonical_algorithm_rdf); + ldns_rdf_free(canonical_key_name_rdf); return status; } #endif /* HAVE_SSL */ diff --git a/usr.sbin/unbound/ldns/util.c b/usr.sbin/unbound/ldns/util.c index 33060d9637b..f49a30d1e28 100644 --- a/usr.sbin/unbound/ldns/util.c +++ b/usr.sbin/unbound/ldns/util.c @@ -20,12 +20,48 @@ #include <stdio.h> #include <sys/time.h> #include <time.h> -#include <ctype.h> #ifdef HAVE_SSL #include <openssl/rand.h> #endif +/* put this here tmp. for debugging */ +void +xprintf_rdf(ldns_rdf *rd) +{ + /* assume printable string */ + fprintf(stderr, "size\t:%u\n", (unsigned int)ldns_rdf_size(rd)); + fprintf(stderr, "type\t:%u\n", (unsigned int)ldns_rdf_get_type(rd)); + fprintf(stderr, "data\t:[%.*s]\n", (int)ldns_rdf_size(rd), + (char*)ldns_rdf_data(rd)); +} + +void +xprintf_rr(ldns_rr *rr) +{ + /* assume printable string */ + uint16_t count, i; + + count = ldns_rr_rd_count(rr); + + for(i = 0; i < count; i++) { + fprintf(stderr, "print rd %u\n", (unsigned int) i); + xprintf_rdf(rr->_rdata_fields[i]); + } +} + +void xprintf_hex(uint8_t *data, size_t len) +{ + size_t i; + for (i = 0; i < len; i++) { + if (i > 0 && i % 20 == 0) { + printf("\t; %u - %u\n", (unsigned int) i - 19, (unsigned int) i); + } + printf("%02x ", (unsigned int) data[i]); + } + printf("\n"); +} + ldns_lookup_table * ldns_lookup_by_name(ldns_lookup_table *table, const char *name) { @@ -71,10 +107,6 @@ ldns_get_bit_r(uint8_t bits[], size_t index) void ldns_set_bit(uint8_t *byte, int bit_nr, bool value) { - /* - * The bits are counted from right to left, so bit #0 is the - * right most bit. - */ if (bit_nr >= 0 && bit_nr < 8) { if (value) { *byte = *byte | (0x01 << bit_nr); @@ -191,7 +223,7 @@ leap_days(int y1, int y2) * Code adapted from Python 2.4.1 sources (Lib/calendar.py). */ time_t -ldns_mktime_from_utc(const struct tm *tm) +mktime_from_utc(const struct tm *tm) { int year = 1900 + tm->tm_year; time_t days = 365 * ((time_t) year - 1970) + leap_days(1970, year); @@ -215,12 +247,6 @@ ldns_mktime_from_utc(const struct tm *tm) return seconds; } -time_t -mktime_from_utc(const struct tm *tm) -{ - return ldns_mktime_from_utc(tm); -} - #if SIZEOF_TIME_T <= 4 static void @@ -368,7 +394,6 @@ ldns_init_random(FILE *fd, unsigned int size) if (read < size) { LDNS_FREE(seed); - if (!fd) fclose(rand_f); return 1; } else { #ifdef HAVE_SSL @@ -461,313 +486,3 @@ ldns_bubblebabble(uint8_t *data, size_t len) retval[j++] = '\0'; return retval; } - -/* - * For backwards compatibility, because we have always exported this symbol. - */ -#ifdef HAVE_B64_NTOP -int ldns_b64_ntop(const uint8_t* src, size_t srclength, - char *target, size_t targsize); -{ - return b64_ntop(src, srclength, target, targsize); -} -#endif - -/* - * For backwards compatibility, because we have always exported this symbol. - */ -#ifdef HAVE_B64_PTON -int ldns_b64_pton(const char* src, uint8_t *target, size_t targsize) -{ - return b64_pton(src, target, targsize); -} -#endif - - -static int -ldns_b32_ntop_base(const uint8_t* src, size_t src_sz, - char* dst, size_t dst_sz, - bool extended_hex, bool add_padding) -{ - size_t ret_sz; - const char* b32 = extended_hex ? "0123456789abcdefghijklmnopqrstuv" - : "abcdefghijklmnopqrstuvwxyz234567"; - - size_t c = 0; /* c is used to carry partial base32 character over - * byte boundaries for sizes with a remainder. - * (i.e. src_sz % 5 != 0) - */ - - ret_sz = add_padding ? ldns_b32_ntop_calculate_size(src_sz) - : ldns_b32_ntop_calculate_size_no_padding(src_sz); - - /* Do we have enough space? */ - if (dst_sz < ret_sz + 1) - return -1; - - /* We know the size; terminate the string */ - dst[ret_sz] = '\0'; - - /* First process all chunks of five */ - while (src_sz >= 5) { - /* 00000... ........ ........ ........ ........ */ - dst[0] = b32[(src[0] ) >> 3]; - - /* .....111 11...... ........ ........ ........ */ - dst[1] = b32[(src[0] & 0x07) << 2 | src[1] >> 6]; - - /* ........ ..22222. ........ ........ ........ */ - dst[2] = b32[(src[1] & 0x3e) >> 1]; - - /* ........ .......3 3333.... ........ ........ */ - dst[3] = b32[(src[1] & 0x01) << 4 | src[2] >> 4]; - - /* ........ ........ ....4444 4....... ........ */ - dst[4] = b32[(src[2] & 0x0f) << 1 | src[3] >> 7]; - - /* ........ ........ ........ .55555.. ........ */ - dst[5] = b32[(src[3] & 0x7c) >> 2]; - - /* ........ ........ ........ ......66 666..... */ - dst[6] = b32[(src[3] & 0x03) << 3 | src[4] >> 5]; - - /* ........ ........ ........ ........ ...77777 */ - dst[7] = b32[(src[4] & 0x1f) ]; - - src_sz -= 5; - src += 5; - dst += 8; - } - /* Process what remains */ - switch (src_sz) { - case 4: /* ........ ........ ........ ......66 666..... */ - dst[6] = b32[(src[3] & 0x03) << 3]; - - /* ........ ........ ........ .55555.. ........ */ - dst[5] = b32[(src[3] & 0x7c) >> 2]; - - /* ........ ........ ....4444 4....... ........ */ - c = src[3] >> 7 ; - case 3: dst[4] = b32[(src[2] & 0x0f) << 1 | c]; - - /* ........ .......3 3333.... ........ ........ */ - c = src[2] >> 4 ; - case 2: dst[3] = b32[(src[1] & 0x01) << 4 | c]; - - /* ........ ..22222. ........ ........ ........ */ - dst[2] = b32[(src[1] & 0x3e) >> 1]; - - /* .....111 11...... ........ ........ ........ */ - c = src[1] >> 6 ; - case 1: dst[1] = b32[(src[0] & 0x07) << 2 | c]; - - /* 00000... ........ ........ ........ ........ */ - dst[0] = b32[ src[0] >> 3]; - } - /* Add padding */ - if (add_padding) { - switch (src_sz) { - case 1: dst[2] = '='; - dst[3] = '='; - case 2: dst[4] = '='; - case 3: dst[5] = '='; - dst[6] = '='; - case 4: dst[7] = '='; - } - } - return (int)ret_sz; -} - -int -ldns_b32_ntop(const uint8_t* src, size_t src_sz, char* dst, size_t dst_sz) -{ - return ldns_b32_ntop_base(src, src_sz, dst, dst_sz, false, true); -} - -int -ldns_b32_ntop_extended_hex(const uint8_t* src, size_t src_sz, - char* dst, size_t dst_sz) -{ - return ldns_b32_ntop_base(src, src_sz, dst, dst_sz, true, true); -} - -#ifndef HAVE_B32_NTOP - -int -b32_ntop(const uint8_t* src, size_t src_sz, char* dst, size_t dst_sz) -{ - return ldns_b32_ntop_base(src, src_sz, dst, dst_sz, false, true); -} - -int -b32_ntop_extended_hex(const uint8_t* src, size_t src_sz, - char* dst, size_t dst_sz) -{ - return ldns_b32_ntop_base(src, src_sz, dst, dst_sz, true, true); -} - -#endif /* ! HAVE_B32_NTOP */ - -static int -ldns_b32_pton_base(const char* src, size_t src_sz, - uint8_t* dst, size_t dst_sz, - bool extended_hex, bool check_padding) -{ - size_t i = 0; - char ch = '\0'; - uint8_t buf[8]; - uint8_t* start = dst; - - while (src_sz) { - /* Collect 8 characters in buf (if possible) */ - for (i = 0; i < 8; i++) { - - do { - ch = *src++; - --src_sz; - - } while (isspace(ch) && src_sz > 0); - - if (ch == '=' || ch == '\0') - break; - - else if (extended_hex) - - if (ch >= '0' && ch <= '9') - buf[i] = (uint8_t)ch - '0'; - else if (ch >= 'a' && ch <= 'v') - buf[i] = (uint8_t)ch - 'a' + 10; - else if (ch >= 'A' && ch <= 'V') - buf[i] = (uint8_t)ch - 'A' + 10; - else - return -1; - - else if (ch >= 'a' && ch <= 'z') - buf[i] = (uint8_t)ch - 'a'; - else if (ch >= 'A' && ch <= 'Z') - buf[i] = (uint8_t)ch - 'A'; - else if (ch >= '2' && ch <= '7') - buf[i] = (uint8_t)ch - '2' + 26; - else - return -1; - } - /* Less that 8 characters. We're done. */ - if (i < 8) - break; - - /* Enough space available at the destination? */ - if (dst_sz < 5) - return -1; - - /* 00000... ........ ........ ........ ........ */ - /* .....111 11...... ........ ........ ........ */ - dst[0] = buf[0] << 3 | buf[1] >> 2; - - /* .....111 11...... ........ ........ ........ */ - /* ........ ..22222. ........ ........ ........ */ - /* ........ .......3 3333.... ........ ........ */ - dst[1] = buf[1] << 6 | buf[2] << 1 | buf[3] >> 4; - - /* ........ .......3 3333.... ........ ........ */ - /* ........ ........ ....4444 4....... ........ */ - dst[2] = buf[3] << 4 | buf[4] >> 1; - - /* ........ ........ ....4444 4....... ........ */ - /* ........ ........ ........ .55555.. ........ */ - /* ........ ........ ........ ......66 666..... */ - dst[3] = buf[4] << 7 | buf[5] << 2 | buf[6] >> 3; - - /* ........ ........ ........ ......66 666..... */ - /* ........ ........ ........ ........ ...77777 */ - dst[4] = buf[6] << 5 | buf[7]; - - dst += 5; - dst_sz -= 5; - } - /* Not ending on a eight byte boundary? */ - if (i > 0 && i < 8) { - - /* Enough space available at the destination? */ - if (dst_sz < (i + 1) / 2) - return -1; - - switch (i) { - case 7: /* ........ ........ ........ ......66 666..... */ - /* ........ ........ ........ .55555.. ........ */ - /* ........ ........ ....4444 4....... ........ */ - dst[3] = buf[4] << 7 | buf[5] << 2 | buf[6] >> 3; - - case 5: /* ........ ........ ....4444 4....... ........ */ - /* ........ .......3 3333.... ........ ........ */ - dst[2] = buf[3] << 4 | buf[4] >> 1; - - case 4: /* ........ .......3 3333.... ........ ........ */ - /* ........ ..22222. ........ ........ ........ */ - /* .....111 11...... ........ ........ ........ */ - dst[1] = buf[1] << 6 | buf[2] << 1 | buf[3] >> 4; - - case 2: /* .....111 11...... ........ ........ ........ */ - /* 00000... ........ ........ ........ ........ */ - dst[0] = buf[0] << 3 | buf[1] >> 2; - - break; - - default: - return -1; - } - dst += (i + 1) / 2; - - if (check_padding) { - /* Check remaining padding characters */ - if (ch != '=') - return -1; - - /* One down, 8 - i - 1 more to come... */ - for (i = 8 - i - 1; i > 0; i--) { - - do { - if (src_sz == 0) - return -1; - ch = *src++; - src_sz--; - - } while (isspace(ch)); - - if (ch != '=') - return -1; - } - } - } - return dst - start; -} - -int -ldns_b32_pton(const char* src, size_t src_sz, uint8_t* dst, size_t dst_sz) -{ - return ldns_b32_pton_base(src, src_sz, dst, dst_sz, false, true); -} - -int -ldns_b32_pton_extended_hex(const char* src, size_t src_sz, - uint8_t* dst, size_t dst_sz) -{ - return ldns_b32_pton_base(src, src_sz, dst, dst_sz, true, true); -} - -#ifndef HAVE_B32_PTON - -int -b32_pton(const char* src, size_t src_sz, uint8_t* dst, size_t dst_sz) -{ - return ldns_b32_pton_base(src, src_sz, dst, dst_sz, false, true); -} - -int -b32_pton_extended_hex(const char* src, size_t src_sz, - uint8_t* dst, size_t dst_sz) -{ - return ldns_b32_pton_base(src, src_sz, dst, dst_sz, true, true); -} - -#endif /* ! HAVE_B32_PTON */ - diff --git a/usr.sbin/unbound/ldns/wire2host.c b/usr.sbin/unbound/ldns/wire2host.c index f305808c285..e87fcdf5df6 100644 --- a/usr.sbin/unbound/ldns/wire2host.c +++ b/usr.sbin/unbound/ldns/wire2host.c @@ -64,12 +64,10 @@ ldns_wire2dname(ldns_rdf **dname, const uint8_t *wire, size_t max, size_t *pos) uint8_t tmp_dname[LDNS_MAX_DOMAINLEN]; unsigned int pointer_count = 0; - if (pos == NULL) { - return LDNS_STATUS_WIRE_RDATA_ERR; - } if (*pos >= max) { return LDNS_STATUS_PACKET_OVERFLOW; } + label_size = wire[*pos]; while (label_size > 0) { /* compression */ @@ -164,13 +162,9 @@ ldns_wire2rdf(ldns_rr *rr, const uint8_t *wire, size_t max, size_t *pos) uint16_t rd_length; ldns_rdf *cur_rdf = NULL; ldns_rdf_type cur_rdf_type; - const ldns_rr_descriptor *descriptor; + const ldns_rr_descriptor *descriptor = ldns_rr_descript(ldns_rr_get_type(rr)); ldns_status status; - assert(rr != NULL); - - descriptor = ldns_rr_descript(ldns_rr_get_type(rr)); - if (*pos + 2 > max) { return LDNS_STATUS_PACKET_OVERFLOW; } @@ -184,15 +178,14 @@ ldns_wire2rdf(ldns_rr *rr, const uint8_t *wire, size_t max, size_t *pos) end = *pos + (size_t) rd_length; - rdf_index = 0; - while (*pos < end && - rdf_index < ldns_rr_descriptor_maximum(descriptor)) { - + for (rdf_index = 0; + rdf_index < ldns_rr_descriptor_maximum(descriptor); rdf_index++) { + if (*pos >= end) { + break; + } cur_rdf_length = 0; - cur_rdf_type = ldns_rr_descriptor_field_type( - descriptor, rdf_index); - + cur_rdf_type = ldns_rr_descriptor_field_type(descriptor, rdf_index); /* handle special cases immediately, set length for fixed length rdata and do them below */ switch (cur_rdf_type) { @@ -217,40 +210,21 @@ ldns_wire2rdf(ldns_rr *rr, const uint8_t *wire, size_t max, size_t *pos) cur_rdf_length = LDNS_RDF_SIZE_DOUBLEWORD; break; case LDNS_RDF_TYPE_TSIGTIME: - case LDNS_RDF_TYPE_EUI48: cur_rdf_length = LDNS_RDF_SIZE_6BYTES; break; - case LDNS_RDF_TYPE_ILNP64: - case LDNS_RDF_TYPE_EUI64: - cur_rdf_length = LDNS_RDF_SIZE_8BYTES; - break; case LDNS_RDF_TYPE_AAAA: cur_rdf_length = LDNS_RDF_SIZE_16BYTES; break; case LDNS_RDF_TYPE_STR: case LDNS_RDF_TYPE_NSEC3_SALT: - case LDNS_RDF_TYPE_TAG: /* len is stored in first byte * it should be in the rdf too, so just * copy len+1 from this position */ cur_rdf_length = ((size_t) wire[*pos]) + 1; break; - case LDNS_RDF_TYPE_INT16_DATA: - if (*pos + 2 > end) { - return LDNS_STATUS_PACKET_OVERFLOW; - } - cur_rdf_length = - (size_t) ldns_read_uint16(&wire[*pos]) + 2; - break; - case LDNS_RDF_TYPE_HIP: - if (*pos + 4 > end) { - return LDNS_STATUS_PACKET_OVERFLOW; - } - cur_rdf_length = - (size_t) wire[*pos] + - (size_t) ldns_read_uint16(&wire[*pos + 2]) + 4; + cur_rdf_length = (size_t) ldns_read_uint16(&wire[*pos]) + 2; break; case LDNS_RDF_TYPE_B32_EXT: case LDNS_RDF_TYPE_NSEC3_NEXT_OWNER: @@ -268,7 +242,7 @@ ldns_wire2rdf(ldns_rr *rr, const uint8_t *wire, size_t max, size_t *pos) case LDNS_RDF_TYPE_NSAP: case LDNS_RDF_TYPE_ATMA: case LDNS_RDF_TYPE_IPSECKEY: - case LDNS_RDF_TYPE_LONG_STR: + case LDNS_RDF_TYPE_TSIG: case LDNS_RDF_TYPE_NONE: /* * Read to end of rr rdata @@ -288,8 +262,7 @@ ldns_wire2rdf(ldns_rr *rr, const uint8_t *wire, size_t max, size_t *pos) } memcpy(data, &wire[*pos], cur_rdf_length); - cur_rdf = ldns_rdf_new(cur_rdf_type, - cur_rdf_length, data); + cur_rdf = ldns_rdf_new(cur_rdf_type, cur_rdf_length, data); *pos = *pos + cur_rdf_length; } @@ -297,11 +270,7 @@ ldns_wire2rdf(ldns_rr *rr, const uint8_t *wire, size_t max, size_t *pos) ldns_rr_push_rdf(rr, cur_rdf); cur_rdf = NULL; } - - rdf_index++; - - } /* while (rdf_index < ldns_rr_descriptor_maximum(descriptor)) */ - + } return LDNS_STATUS_OK; } diff --git a/usr.sbin/unbound/ldns/zone.c b/usr.sbin/unbound/ldns/zone.c index d97a81ec3a4..0616a141b55 100644 --- a/usr.sbin/unbound/ldns/zone.c +++ b/usr.sbin/unbound/ldns/zone.c @@ -56,6 +56,103 @@ ldns_zone_push_rr(ldns_zone *z, ldns_rr *rr) return ldns_rr_list_push_rr( ldns_zone_rrs(z), rr); } +/* return a clone of the given rr list, without the glue records + * rr list should be the complete zone + * if present, stripped records are added to the list *glue_records + */ +ldns_rr_list * +ldns_zone_strip_glue_rrs(const ldns_rdf *zone_name, const ldns_rr_list *rrs, ldns_rr_list *glue_rrs) +{ + ldns_rr_list *new_list; + + /* when do we find glue? It means we find an IP address + * (AAAA/A) for a nameserver listed in the zone + * + * Alg used here: + * first find all the zonecuts (NS records) + * find all the AAAA or A records (can be done it the + * above loop). + * + * Check if the aaaa/a list are subdomains under the + * NS domains. + * If yes -> glue, if no -> not glue + */ + + ldns_rr_list *zone_cuts; + ldns_rr_list *addr; + ldns_rr *r, *ns, *a; + ldns_rdf *dname_a, *ns_owner; + uint16_t i,j; + + new_list = NULL; + zone_cuts = NULL; + addr = NULL; + + new_list = ldns_rr_list_new(); + if (!new_list) goto memory_error; + zone_cuts = ldns_rr_list_new(); + if (!zone_cuts) goto memory_error; + addr = ldns_rr_list_new(); + if (!addr) goto memory_error; + + for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) { + r = ldns_rr_list_rr(rrs, i); + if (ldns_rr_get_type(r) == LDNS_RR_TYPE_A || + ldns_rr_get_type(r) == LDNS_RR_TYPE_AAAA) { + /* possibly glue */ + if (!ldns_rr_list_push_rr(addr, r)) goto memory_error; + continue; + } + if (ldns_rr_get_type(r) == LDNS_RR_TYPE_NS) { + /* multiple zones will end up here - + * for now; not a problem + */ + /* don't add NS records for the current zone itself */ + if (ldns_rdf_compare(ldns_rr_owner(r), + zone_name) != 0) { + if (!ldns_rr_list_push_rr(zone_cuts, r)) goto memory_error; + } + continue; + } + } + + /* will sorting make it quicker ?? */ + for(i = 0; i < ldns_rr_list_rr_count(zone_cuts); i++) { + ns = ldns_rr_list_rr(zone_cuts, i); + ns_owner = ldns_rr_owner(ns); + for(j = 0; j < ldns_rr_list_rr_count(addr); j++) { + a = ldns_rr_list_rr(addr, j); + dname_a = ldns_rr_owner(a); + + if (ldns_dname_is_subdomain(dname_a, ns_owner)) { + /* GLUE! */ + if (glue_rrs) { + if (!ldns_rr_list_push_rr(glue_rrs, a)) goto memory_error; + } + break; + } else { + if (!ldns_rr_list_push_rr(new_list, a)) goto memory_error; + } + } + } + + ldns_rr_list_free(addr); + ldns_rr_list_free(zone_cuts); + + return new_list; + +memory_error: + if (new_list) { + ldns_rr_list_free(new_list); + } + if (zone_cuts) { + ldns_rr_list_free(zone_cuts); + } + if (addr) { + ldns_rr_list_free(addr); + } + return NULL; +} /* * Get the list of glue records in a zone @@ -302,6 +399,22 @@ ldns_zone_sort(ldns_zone *zone) ldns_rr_list_sort(zrr); } +#if 0 +/** + * ixfr function. Work on a ldns_zone and remove and add + * the rrs from the rrlist + * \param[in] z the zone to work on + * \param[in] del rr_list to remove from the zone + * \param[in] add rr_list to add to the zone + * \return Tja, wat zouden we eens returnen TODO + */ +void +ldns_zone_ixfr_del_add(ldns_zone *z, ldns_rr_list *del, ldns_rr_list *add) +{ + +} +#endif + void ldns_zone_free(ldns_zone *zone) { |