diff options
| author | Jakob Schlyter <jakob@cvs.openbsd.org> | 2005-03-22 16:52:41 +0000 |
|---|---|---|
| committer | Jakob Schlyter <jakob@cvs.openbsd.org> | 2005-03-22 16:52:41 +0000 |
| commit | aa143c5d97c7073734423303e4c620db67d3e778 (patch) | |
| tree | 66071754b6f7957bf77609e5c3dfb2e20a48e36a /usr.sbin | |
| parent | 85f94e9dbf9ef0e23e9d1ef58ccb87bcdc40a53b (diff) | |
resolve conflicts
Diffstat (limited to 'usr.sbin')
86 files changed, 2706 insertions, 7170 deletions
diff --git a/usr.sbin/bind/CHANGES b/usr.sbin/bind/CHANGES index aea126caaa5..1673ae0c476 100644 --- a/usr.sbin/bind/CHANGES +++ b/usr.sbin/bind/CHANGES @@ -1,4 +1,238 @@ + --- 9.3.1 released --- + +1818. [bug] 'named-checkconf -z' triggered an INSIST. [RT #13599] + + --- 9.3.1rc1 released --- + +1812. [port] win32: IN6_IS_ADDR_UNSPECIFIED macro is incorrect. + [RT #13453] + +1808. [bug] zone.c:notify_zone() contained a race condition, + zone->db could change underneath it. [RT #13511] + +1806. [bug] The resolver returned the wrong result when a CNAME / + DNAME was encountered when fetching glue from a + secure namespace. [RT #13501] + +1805. [bug] Pending status was not being cleared when DLV was + active. [RT #13501] + + --- 9.3.1beta2 released --- + +1800. [bug] Changes #1719 allowed a INSIST to be triggered. + [RT #13428] + + --- 9.3.1beta1 released --- + +1790. [cleanup] Move lib/dns/sec/dst up into lib/dns. This should + allow parallel make to succeed. + +1789. [bug] Prerequisite test for tkey and dnssec could fail + with "configure --with-libtool". + +1788. [bug] libbind9.la/libbind9.so needs to link against + libisccfg.la/libisccfg.so. + +1787. [port] HPUX: both "cc" and "gcc" need -Wl,+vnocompatwarnings. + +1786. [port] AIX: libt_api needs to be taught to look for + T_testlist in the main executable (--with-libtool). + [RT #13239] + +1785. [bug] libbind9.la/libbind9.so needs to link against + libisc.la/libisc.so. + +1784. [cleanup] "libtool -allow-undefined" is the default. + Leave hooks in configure to allow it to be set + if needed in the future. + +1783. [cleanup] We only need one copy of libtool.m4, ltmain.sh in the + source tree. + +1782. [port] OSX: --with-libtool + --enable-libbind broke on + __evOptMonoTime. [RT #13219] + +1781. [port] FreeBSD 5.3: set PTHREAD_SCOPE_SYSTEM. [RT #12810] + +1780. [bug] Update libtool to 1.5.10. + +1779. [port] OSF 5.1: libtool didn't handle -pthread correctly. + +1778. [port] HUX 11.11: fix broken IN6ADDR_ANY_INIT and + IN6ADDR_LOOPBACK_INIT macros. + +1777. [port] OSF 5.1: fix broken IN6ADDR_ANY_INIT and + IN6ADDR_LOOPBACK_INIT macros. + +1776. [port] Solaris 2.9: fix broken IN6ADDR_ANY_INIT and + IN6ADDR_LOOPBACK_INIT macros. + +1775. [bug] Only compile getnetent_r.c when threaded. [RT #13205] + +1774. [port] Aix: Silence compiler warnings / build failures. + [RT #13154] + +1773. [bug] Fast retry on host / net unreachable. [RT #13153] + +1770. [bug] named-checkconf failed to report missing a missing + file clause for rbt{64} master/hint zones. [RT#13009] + +1769. [port] win32: change compiler flags /MTd ==> /MDd, + /MT ==> /MD. + +1768. [bug] nsecnoexistnodata() could be called with a non-NSEC + rdataset. [RT #12907] + +1767. [port] Builds on IPv6 platforms without IPv6 Advanced API + support for (struct in6_pktinfo) failed. [RT #13077] + +1766. [bug] Update the master file timestamp on successful refresh + as well as the journal's timestamp. [RT# 13062] + +1765. [bug] configure --with-openssl=auto failed. [RT #12937] + +1764. [bug] dns_zone_replacedb failed to emit a error message + if there was no SOA record in the replacment db. + [RT #13016] + +1762. [bug] isc_interfaceiter_create() could return ISC_R_SUCCESS + even when it failed. [RT #12995] + +1761. [bug] 'rndc dumpdb' didn't report unassociated entries. + [RT #12971] + +1760. [bug] Host / net unreachable was not penalising rtt + estimates. [RT #12970] + +1759. [bug] Named failed to startup if the OS supported IPv6 + but had no IPv6 interfaces configured. [RT #12942] + +1754. [bug] We wern't always attempting to query the parent + server for the DS records at the zone cut. + [RT #12774] + +1753. [bug] Don't serve a slave zone which has no NS records. + [RT #12894] + +1752. [port] Move isc_app_start() to after ns_os_daemonise() + as some fork() implementations unblock the signals + that are blocked by isc_app_start(). [RT #12810] + +1751. [bug] --enable-getifaddrs failed under linux. [RT #12867] + +1750. [port] lib/bind/make/rules.in:subdirs was not bash friendly. + [RT #12864] + +1749. [bug] 'check-names response ignore;' failed to ignore. + [RT #12866] + +1747. [bug] BIND 8 compatability: named/named-checkconf failed + to parse "host-statistics-max" in named.conf. + +1745. [bug] Dig/host/nslookup accept replies from link locals + regardless of scope if no scope was specified when + query was sent. [RT #12745] + +1744. [bug] If tuple2msgname() failed to convert a tuple to + a name a REQUIRE could be triggered. [RT #12796] + +1743. [bug] If isc_taskmgr_create() was not able to create the + requested number of worker threads then destruction + of the manager would trigger an INSIST() failure. + [RT #12790] + +1742. [bug] Deleting all records at a node then adding a + previously existing record, in a single UPDATE + transaction, failed to leave / regenerate the + associated RRSIG records. [RT #12788] + +1741. [bug] Deleting all records at a node in a secure zone + using a update-policy grant failed. [RT #12787] + +1740. [bug] Replace rbt's hash algorithm as it performed badly + with certain zones. [RT #12729] + + NOTE: a hash context now needs to be established + via isc_hash_create() if the application was not + already doing this. + +1739. [bug] dns_rbt_deletetree() could incorrectly return + ISC_R_QUOTA. [RT #12695] + +1738. [bug] Enable overrun checking by default. [RT #12695] + +1737. [bug] named failed if more than 16 masters were specified. + [RT #12627] + +1736. [bug] dst_key_fromnamedfile() could fail to read a + public key. [RT #12687] + +1735. [bug] 'dig +sigtrace' could die with a REQUIRE failure. + [RE #12688] + +1734. [cleanup] 'rndc-confgen -a -t' remove extra '/' in path. + [RT #12588] + +1733. [bug] Return non-zero exit status on initial load failure. + [RT #12658] + +1732. [bug] 'rrset-order name "*"' wasn't being applied to ".". + [RT #12467] + +1731. [port] darwin: relax version test in ifconfig.sh. + [RT #12581] + +1730. [port] Determine the length type used by the socket API. + [RT #12581] + +1728. [doc] Update check-names documentation. + +1727. [bug] named-checkzone: check-names support didn't match + documentation. + +1726. [port] aix5: add support for aix5. + +1725. [port] linux: update error message on interaction of threads, + capabilities and setuid support (named -u). [RT #12541] + +1724. [bug] Look for DNSKEY records with "dig +sigtrace". + [RT #12557] + +1723. [cleanup] Silence compiler warnings from t_tasks.c. [RT #12493] + +1722. [bug] Don't commit the journal on malformed ixfr streams. + [RT #12519] + +1721. [bug] Error message from the journal processing were not + always identifing the relevent journal. [RT #12519] + +1720. [bug] 'dig +chase' did not terminate on a RFC 2308 Type 1 + negative response. [RT #12506] + +1719. [bug] named was not correctly caching a RFC 2308 Type 1 + negative response. [RT #12506] + +1718. [bug] nsupdate was not handling RFC 2308 Type 3 negative + responses when looking for the zone / master server. + [RT #12506] + +1717. [port] solaris: ifconfig.sh did not support Solaris 10. + "ifconfig.sh down" didn't work for Solaris 9. + +1716. [doc] named.conf(5) was being installed in the wrong + location. [RT# 12441] + +1714. [bug] dig/host/nslookup were only trying the first + address when a nameserver was specified by name. + [RT #12286] + +1713. [port] linux: extend capset failure message to say: + please ensure that the capset kernel module is + loaded. see insmod(8) + +1712. [bug] Missing FULLCHECK for "trusted-key" in dig. + --- 9.3.0 released --- 1711. [func] 'rndc unfreeze' has been deprecated by 'rndc thaw'. @@ -299,6 +533,10 @@ 1609. [func] dig now has support to chase DNSSEC signature chains. Requires -DDIG_SIGCHASE=1 to be set in STD_CDEFINES. + DNSSEC validation code in dig coded by Olivier Courtay + (olivier.courtay@irisa.fr) for the IDsA project + (http://idsa.irisa.fr). + 1608. [func] dig and host now accept -4/-6 to select IP transport to use when making queries. diff --git a/usr.sbin/bind/FAQ b/usr.sbin/bind/FAQ index 25eb00ce38b..f6ed41e422c 100644 --- a/usr.sbin/bind/FAQ +++ b/usr.sbin/bind/FAQ @@ -452,3 +452,19 @@ A: This is usually a configuration error. Q: I don't get RRSIG's returned when I use "dig +dnssec". A: You need to ensure DNSSEC is enabled (dnssec-enable yes;). + + +Q: I get "Error 1067" when starting named under Windows. + +A: This is the service manager saying that named exited. You need to + examine the Application log in the EventViewer to find out why. + + Common causes are that you failed to create "named.conf" (usually + "C:\windows\dns\etc\named.conf") or failed to specify the directory + in named.conf. + + options { + Directory "C:\windows\dns\etc"; + }; + + diff --git a/usr.sbin/bind/KNOWN_DEFECTS b/usr.sbin/bind/KNOWN_DEFECTS deleted file mode 100644 index 53d9ceb5ff2..00000000000 --- a/usr.sbin/bind/KNOWN_DEFECTS +++ /dev/null @@ -1,21 +0,0 @@ - - Known Defects in BIND 9.3.0 - -* 'dig +chase' does not terminate on a RFC 2308 Type 1 negative response. - -* named does not correctly caching a RFC 2308 Type 1 negative response. - This causes named to emit RFC 2308 Type 3 responses instead of RFC 2308 - Type 2 responses which inturn causes problems for nsupdate (below). - -* nsupdate does not handling RFC 2308 Type 3 negative responses when looking - for the zone / master server. Use server and zone commands to work around - this. - -* "ifconfig.sh down" doesn't work for Solaris 9. - -* named.conf(5) is being installed in the wrong location. - -* dig/host/nslookup are only trying the first address when a nameserver was - specified by name. - -* Missing FULLCHECK for "trusted-key" in dig. diff --git a/usr.sbin/bind/README b/usr.sbin/bind/README index 73715ce09de..8e3d01df5bb 100644 --- a/usr.sbin/bind/README +++ b/usr.sbin/bind/README @@ -43,6 +43,13 @@ BIND 9 Nominum, Inc. +BIND 9.3.1 + + BIND 9.3.1 is a maintenance release, containing fixes for + a number of bugs in 9.3.0. + + libbind: corresponds to that from BIND 8.4.6-REL. + BIND 9.3.0 BIND 9.3.0 has a number of new features over 9.2, @@ -295,6 +302,7 @@ Building * gcc-3.2.1 and gcc-3.1.1 is known to cause problems with solaris-x86. * gcc prior to gcc-3.2.3 ultrasparc generates incorrect code at -02. + * gcc-3.3.5 powerpc generates incorrect code at -02. A limited test suite can be run with "make test". Many of the tests require you to configure a set of virtual IP addresses diff --git a/usr.sbin/bind/acconfig.h b/usr.sbin/bind/acconfig.h index 52e0bf24c15..1faef9223f8 100644 --- a/usr.sbin/bind/acconfig.h +++ b/usr.sbin/bind/acconfig.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: acconfig.h,v 1.35.2.4.2.8 2004/05/21 08:24:04 marka Exp $ */ +/* $ISC: acconfig.h,v 1.35.2.4.2.10 2004/12/04 06:50:02 marka Exp $ */ /*** *** This file is not to be included by any public header files, because @@ -134,8 +134,14 @@ int sigwait(const unsigned int *set, int *sig); /* define if you have strerror in the C library. */ #undef HAVE_STRERROR -/* Define if you are running under Compaq TruCluster.. */ +/* Define if you are running under Compaq TruCluster. */ #undef HAVE_TRUCLUSTER /* Define if OpenSSL includes DSA support */ #undef HAVE_OPENSSL_DSA + +/* Define to the length type used by the socket API (socklen_t, size_t, int). */ +#undef ISC_SOCKADDR_LEN_T + +/* Define if threads need PTHREAD_SCOPE_SYSTEM */ +#undef NEED_PTHREAD_SCOPE_SYSTEM diff --git a/usr.sbin/bind/bin/dig/dig.c b/usr.sbin/bind/bin/dig/dig.c index df1330be8a2..f2277abcbc1 100644 --- a/usr.sbin/bind/bin/dig/dig.c +++ b/usr.sbin/bind/bin/dig/dig.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dig.c,v 1.157.2.13.2.20 2004/06/23 04:19:40 marka Exp $ */ +/* $ISC: dig.c,v 1.157.2.13.2.25 2004/09/16 02:14:14 marka Exp $ */ #include <config.h> #include <stdlib.h> @@ -41,6 +41,8 @@ #include <dns/rdataclass.h> #include <dns/result.h> +#include <bind9/getaddresses.h> + #include <dig/dig.h> extern ISC_LIST(dig_lookup_t) lookup_list; @@ -54,6 +56,7 @@ extern ISC_LIST(dig_searchlist_t) search_list; isc_buffer_putstr(b, s); \ } +#define DIG_MAX_ADDRESSES 20 extern isc_boolean_t have_ipv4, have_ipv6, specified_source, usesearch, qr; @@ -83,6 +86,7 @@ extern isc_boolean_t debugging, memdebugging; static char *batchname = NULL; static FILE *batchfp = NULL; static char *argv0; +static int addresscount = 0; static char domainopt[DNS_NAME_MAXTEXT]; @@ -622,6 +626,13 @@ printgreeting(int argc, char **argv, dig_lookup_t *lookup) { strlcat(lookup->cmdline, append, sizeof(lookup->cmdline)); } strlcat(lookup->cmdline, "\n", sizeof(lookup->cmdline)); + if (first && addresscount != 0) { + snprintf(append, sizeof(append), + "; (%d server%s found)\n", + addresscount, + addresscount > 1 ? "s" : ""); + strlcat(lookup->cmdline, append, sizeof(lookup->cmdline)); + } if (first) { snprintf(append, sizeof(append), ";; global options: %s %s\n", @@ -999,7 +1010,7 @@ plus_option(char *option, isc_boolean_t is_batchfile, lookup->stats = ISC_FALSE; lookup->section_additional = ISC_FALSE; lookup->section_authority = ISC_TRUE; - lookup->section_question = ISC_FALSE; + lookup->section_question = ISC_FALSE; } break; case 'i': /* tries */ @@ -1015,6 +1026,7 @@ plus_option(char *option, isc_boolean_t is_batchfile, break; #ifdef DIG_SIGCHASE case 'u': /* trusted-key */ + FULLCHECK("trusted-key"); if (value == NULL) goto need_value; if (!state) @@ -1059,8 +1071,7 @@ static const char *single_dash_opts = "46dhimnv"; static const char *dash_opts = "46bcdfhikmnptvyx"; static isc_boolean_t dash_option(char *option, char *next, dig_lookup_t **lookup, - isc_boolean_t *open_type_class, isc_boolean_t *firstarg, - int argc, char **argv) + isc_boolean_t *open_type_class) { char opt, *value, *ptr; isc_result_t result; @@ -1262,10 +1273,6 @@ dash_option(char *option, char *next, dig_lookup_t **lookup, if (!(*lookup)->rdclassset) (*lookup)->rdclass = dns_rdataclass_in; (*lookup)->new_search = ISC_TRUE; - if (*lookup && *firstarg) { - printgreeting(argc, argv, *lookup); - *firstarg = ISC_FALSE; - } ISC_LIST_APPEND(lookup_list, *lookup, link); } else { fprintf(stderr, "Invalid IP address %s\n", value); @@ -1313,12 +1320,35 @@ preparse_args(int argc, char **argv) { } static void +getaddresses(dig_lookup_t *lookup, const char *host) { + isc_result_t result; + isc_sockaddr_t sockaddrs[DIG_MAX_ADDRESSES]; + isc_netaddr_t netaddr; + int count, i; + dig_server_t *srv; + char tmp[ISC_NETADDR_FORMATSIZE]; + + result = bind9_getaddresses(host, 0, sockaddrs, + DIG_MAX_ADDRESSES, &count); + if (result != ISC_R_SUCCESS) + fatal("couldn't get address for '%s': %s", + host, isc_result_totext(result)); + + for (i = 0; i < count; i++) { + isc_netaddr_fromsockaddr(&netaddr, &sockaddrs[i]); + isc_netaddr_format(&netaddr, tmp, sizeof(tmp)); + srv = make_server(tmp, host); + ISC_LIST_APPEND(lookup->my_server_list, srv, link); + } + addresscount = count; +} + +static void parse_args(isc_boolean_t is_batchfile, isc_boolean_t config_only, int argc, char **argv) { isc_result_t result; isc_textregion_t tr; isc_boolean_t firstarg = ISC_TRUE; - dig_server_t *srv = NULL; dig_lookup_t *lookup = NULL; dns_rdatatype_t rdtype; dns_rdataclass_t rdclass; @@ -1398,24 +1428,20 @@ parse_args(isc_boolean_t is_batchfile, isc_boolean_t config_only, if (strncmp(rv[0], "%", 1) == 0) break; if (strncmp(rv[0], "@", 1) == 0) { - srv = make_server(&rv[0][1]); - ISC_LIST_APPEND(lookup->my_server_list, - srv, link); + getaddresses(lookup, &rv[0][1]); } else if (rv[0][0] == '+') { plus_option(&rv[0][1], is_batchfile, lookup); } else if (rv[0][0] == '-') { if (rc <= 1) { if (dash_option(&rv[0][1], NULL, - &lookup, &open_type_class, - &firstarg, argc, argv)) { + &lookup, &open_type_class)) { rc--; rv++; } } else { if (dash_option(&rv[0][1], rv[1], - &lookup, &open_type_class, - &firstarg, argc, argv)) { + &lookup, &open_type_class)) { rc--; rv++; } @@ -1486,10 +1512,6 @@ parse_args(isc_boolean_t is_batchfile, isc_boolean_t config_only, if (!config_only) { lookup = clone_lookup(default_lookup, ISC_TRUE); - if (firstarg) { - printgreeting(argc, argv, lookup); - firstarg = ISC_FALSE; - } strlcpy(lookup->textname, rv[0], sizeof(lookup->textname)); lookup->trace_root = ISC_TF(lookup->trace || @@ -1555,6 +1577,9 @@ parse_args(isc_boolean_t is_batchfile, isc_boolean_t config_only, firstarg = ISC_FALSE; } ISC_LIST_APPEND(lookup_list, lookup, link); + } else if (!config_only && firstarg) { + printgreeting(argc, argv, lookup); + firstarg = ISC_FALSE; } } diff --git a/usr.sbin/bind/bin/dig/dighost.c b/usr.sbin/bind/bin/dig/dighost.c index 2e8d3441e83..f4b07b932d0 100644 --- a/usr.sbin/bind/bin/dig/dighost.c +++ b/usr.sbin/bind/bin/dig/dighost.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dighost.c,v 1.221.2.19.2.14 2004/06/30 23:57:52 marka Exp $ */ +/* $ISC: dighost.c,v 1.221.2.19.2.20 2004/11/22 23:30:31 marka Exp $ */ /* * Notice to programmers: Do not use this code as an example of how to @@ -290,6 +290,8 @@ struct_tk_list tk_list = { {NULL, NULL, NULL, NULL, NULL}, 0}; #endif +#define DIG_MAX_ADDRESSES 20 + /* * Apply and clear locks at the event level in global task. * Can I get rid of these using shutdown events? XXX @@ -493,7 +495,7 @@ check_result(isc_result_t result, const char *msg) { * of finding the answer the user is looking for */ dig_server_t * -make_server(const char *servname) { +make_server(const char *servname, const char *userarg) { dig_server_t *srv; REQUIRE(servname != NULL); @@ -504,9 +506,11 @@ make_server(const char *servname) { fatal("memory allocation failure in %s:%d", __FILE__, __LINE__); strlcpy(srv->servername, servname, MXNAME); + strlcpy(srv->userarg, userarg, MXNAME); ISC_LINK_INIT(srv, link); return (srv); } + static int addr2af(int lwresaddrtype) { @@ -524,6 +528,7 @@ addr2af(int lwresaddrtype) return (af); } + /* * Create a copy of the server list from the lwres configuration structure. * The dest list must have already had ISC_LIST_INIT applied. @@ -541,11 +546,12 @@ copy_server_list(lwres_conf_t *confdata, dig_serverlist_t *dest) { lwres_net_ntop(af, confdata->nameservers[i].address, tmp, sizeof(tmp)); - newsrv = make_server(tmp); + newsrv = make_server(tmp, tmp); ISC_LINK_INIT(newsrv, link); ISC_LIST_ENQUEUE(*dest, newsrv, link); } } + void flush_server_list(void) { dig_server_t *s, *ps; @@ -559,18 +565,35 @@ flush_server_list(void) { isc_mem_free(mctx, ps); } } + void set_nameserver(char *opt) { + isc_result_t result; + isc_sockaddr_t sockaddrs[DIG_MAX_ADDRESSES]; + isc_netaddr_t netaddr; + int count, i; dig_server_t *srv; + char tmp[ISC_NETADDR_FORMATSIZE]; if (opt == NULL) return; + result = bind9_getaddresses(opt, 0, sockaddrs, + DIG_MAX_ADDRESSES, &count); + if (result != ISC_R_SUCCESS) + fatal("couldn't get address for '%s': %s", + opt, isc_result_totext(result)); + flush_server_list(); - srv = make_server(opt); - if (srv == NULL) - fatal("memory allocation failure"); - ISC_LIST_INITANDAPPEND(server_list, srv, link); + + for (i = 0; i < count; i++) { + isc_netaddr_fromsockaddr(&netaddr, &sockaddrs[i]); + isc_netaddr_format(&netaddr, tmp, sizeof(tmp)); + srv = make_server(tmp, opt); + if (srv == NULL) + fatal("memory allocation failure"); + ISC_LIST_APPEND(server_list, srv, link); + } } static isc_result_t @@ -612,7 +635,7 @@ clone_server_list(dig_serverlist_t src, dig_serverlist_t *dest) { debug("clone_server_list()"); srv = ISC_LIST_HEAD(src); while (srv != NULL) { - newsrv = make_server(srv->servername); + newsrv = make_server(srv->servername, srv->userarg); ISC_LINK_INIT(newsrv, link); ISC_LIST_ENQUEUE(*dest, newsrv, link); srv = ISC_LIST_NEXT(srv, link); @@ -1389,6 +1412,13 @@ followup_lookup(dns_message_t *msg, dig_query_t *query, dns_section_t section) name = NULL; dns_message_currentname(msg, section, &name); + if (section == DNS_SECTION_AUTHORITY) { + rdataset = NULL; + result = dns_message_findtype(name, dns_rdatatype_soa, + 0, &rdataset); + if (result == ISC_R_SUCCESS) + return (0); + } rdataset = NULL; result = dns_message_findtype(name, dns_rdatatype_ns, 0, &rdataset); @@ -1433,7 +1463,7 @@ followup_lookup(dns_message_t *msg, dig_query_t *query, dns_section_t section) query->lookup->ns_search_only; lookup->trace_root = ISC_FALSE; } - srv = make_server(namestr); + srv = make_server(namestr, namestr); debug("adding server %s", srv->servername); ISC_LIST_APPEND(lookup->my_server_list, srv, link); dns_rdata_reset(&rdata); @@ -1797,6 +1827,7 @@ setup_lookup(dig_lookup_t *lookup) { query->first_rr_serial = 0; query->second_rr_serial = 0; query->servname = serv->servername; + query->userarg = serv->userarg; query->rr_count = 0; query->msg_count = 0; ISC_LINK_INIT(query, link); @@ -2578,11 +2609,26 @@ recv_done(isc_task_t *task, isc_event_t *event) { else isc_sockaddr_any6(&any); +#ifdef ISC_PLATFORM_HAVESCOPEID /* - * We don't expect a match when the packet is - * sent to 0.0.0.0, :: or to a multicast addresses. - * XXXMPA broadcast needs to be handled here as well. - */ + * Accept answers from any scope if we havn't specified the + * scope as long as the address and port match. + */ + if (isc_sockaddr_pf(&query->sockaddr) == AF_INET6 && + query->sockaddr.type.sin6.sin6_scope_id == 0 && + memcmp(&sevent->address.type.sin6.sin6_addr, + &query->sockaddr.type.sin6.sin6_addr, + sizeof(query->sockaddr.type.sin6.sin6_addr)) == 0 && + isc_sockaddr_getport(&sevent->address) == + isc_sockaddr_getport(&query->sockaddr)) + /* empty */; + else +#endif + /* + * We don't expect a match above when the packet is + * sent to 0.0.0.0, :: or to a multicast addresses. + * XXXMPA broadcast needs to be handled here as well. + */ if ((!isc_sockaddr_eqaddr(&query->sockaddr, &any) && !isc_sockaddr_ismulticast(&query->sockaddr)) || isc_sockaddr_getport(&query->sockaddr) != @@ -3561,8 +3607,8 @@ get_trusted_key(isc_mem_t *mctx) return ISC_R_FAILURE; } fclose(fptemp); - result = dst_key_fromnamedfile(filetemp, DST_TYPE_PUBLIC | - DST_TYPE_KEY, mctx, &key); + result = dst_key_fromnamedfile(filetemp, DST_TYPE_PUBLIC, + mctx, &key); removetmpkey(mctx, filetemp); isc_mem_free(mctx, filetemp); if (result != ISC_R_SUCCESS ) { @@ -3685,7 +3731,7 @@ prepare_lookup(dns_name_t *name) dns_rdata_reset(&aaaa); - srv = make_server(namestr); + srv = make_server(namestr, namestr); ISC_LIST_APPEND(lookup->my_server_list, srv, link); @@ -3715,7 +3761,7 @@ prepare_lookup(dns_name_t *name) printf("ns name: %s\n", namestr); - srv = make_server(namestr); + srv = make_server(namestr, namestr); ISC_LIST_APPEND(lookup->my_server_list, srv, link); @@ -3727,7 +3773,7 @@ prepare_lookup(dns_name_t *name) printf("ns name: "); dns_name_print(&ns.name, stdout); printf("\n"); - srv = make_server(namestr); + srv = make_server(namestr, namestr); ISC_LIST_APPEND(lookup->my_server_list, srv, link); @@ -4902,7 +4948,7 @@ prove_nx_domain(dns_message_t *msg, dns_rdataset_t * nsecset = NULL; dns_rdataset_t * signsecset = NULL ; dns_rdata_t nsec = DNS_RDATA_INIT; - dns_name_t * nsecname = NULL; + dns_name_t * nsecname; dns_rdata_nsec_t nsecstruct; if ((result = dns_message_firstname(msg, DNS_SECTION_AUTHORITY)) @@ -4913,6 +4959,7 @@ prove_nx_domain(dns_message_t *msg, } do { + nsecname = NULL; dns_message_currentname(msg, DNS_SECTION_AUTHORITY, &nsecname); nsecset = search_type(nsecname, dns_rdatatype_nsec, dns_rdatatype_any); @@ -4958,7 +5005,6 @@ prove_nx_domain(dns_message_t *msg, dns_rdata_freestruct(&nsecstruct); } - nsecname = NULL; } while (dns_message_nextname(msg, DNS_SECTION_AUTHORITY) == ISC_R_SUCCESS); diff --git a/usr.sbin/bind/bin/dig/host.c b/usr.sbin/bind/bin/dig/host.c index 9a5fb2bb3e9..ea90b10544f 100644 --- a/usr.sbin/bind/bin/dig/host.c +++ b/usr.sbin/bind/bin/dig/host.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: host.c,v 1.76.2.5.2.9 2004/04/13 03:00:06 marka Exp $ */ +/* $ISC: host.c,v 1.76.2.5.2.10 2004/09/06 01:33:05 marka Exp $ */ #include <config.h> #include <limits.h> @@ -386,7 +386,7 @@ printmessage(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers) { char sockstr[ISC_SOCKADDR_FORMATSIZE]; printf("Using domain server:\n"); - printf("Name: %s\n", query->servname); + printf("Name: %s\n", query->userarg); isc_sockaddr_format(&query->sockaddr, sockstr, sizeof(sockstr)); printf("Address: %s\n", sockstr); diff --git a/usr.sbin/bind/bin/dig/include/dig/dig.h b/usr.sbin/bind/bin/dig/include/dig/dig.h index 3da7eb6953b..751e7df319b 100644 --- a/usr.sbin/bind/bin/dig/include/dig/dig.h +++ b/usr.sbin/bind/bin/dig/include/dig/dig.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dig.h,v 1.71.2.6.2.6 2004/06/19 02:30:12 sra Exp $ */ +/* $ISC: dig.h,v 1.71.2.6.2.7 2004/09/06 01:33:06 marka Exp $ */ #ifndef DIG_H #define DIG_H @@ -192,6 +192,7 @@ struct dig_query { isc_uint32_t msg_count; isc_uint32_t rr_count; char *servname; + char *userarg; isc_bufferlist_t sendlist, recvlist, lengthlist; @@ -209,6 +210,7 @@ struct dig_query { struct dig_server { char servername[MXNAME]; + char userarg[MXNAME]; ISC_LINK(dig_server_t) link; }; @@ -272,7 +274,7 @@ dig_lookup_t * clone_lookup(dig_lookup_t *lookold, isc_boolean_t servers); dig_server_t * -make_server(const char *servname); +make_server(const char *servname, const char *userarg); void flush_server_list(void); diff --git a/usr.sbin/bind/bin/dig/nslookup.c b/usr.sbin/bind/bin/dig/nslookup.c index 0a6ea08caea..98e1871cfd2 100644 --- a/usr.sbin/bind/bin/dig/nslookup.c +++ b/usr.sbin/bind/bin/dig/nslookup.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: nslookup.c,v 1.90.2.4.2.7 2004/08/18 23:25:58 marka Exp $ */ +/* $ISC: nslookup.c,v 1.90.2.4.2.8 2004/09/06 01:33:05 marka Exp $ */ #include <config.h> @@ -402,7 +402,7 @@ printmessage(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers) { debug("printmessage()"); isc_sockaddr_format(&query->sockaddr, servtext, sizeof(servtext)); - printf("Server:\t\t%s\n", query->servname); + printf("Server:\t\t%s\n", query->userarg); printf("Address:\t%s\n", servtext); puts(""); @@ -461,7 +461,7 @@ show_settings(isc_boolean_t full, isc_boolean_t serv_only) { get_address(srv->servername, port, &sockaddr); isc_sockaddr_format(&sockaddr, sockstr, sizeof(sockstr)); printf("Default server: %s\nAddress: %s\n", - srv->servername, sockstr); + srv->userarg, sockstr); if (!full) return; srv = ISC_LIST_NEXT(srv, link); @@ -737,7 +737,9 @@ get_next_command(void) { setoption(arg); else if ((strcasecmp(ptr, "server") == 0) || (strcasecmp(ptr, "lserver") == 0)) { + isc_app_block(); set_nameserver(arg); + isc_app_unblock(); show_settings(ISC_TRUE, ISC_TRUE); } else if (strcasecmp(ptr, "exit") == 0) { in_use = ISC_FALSE; diff --git a/usr.sbin/bind/bin/dnssec/dnssec-signzone.c b/usr.sbin/bind/bin/dnssec/dnssec-signzone.c index 683914b790c..e8645027a40 100644 --- a/usr.sbin/bind/bin/dnssec/dnssec-signzone.c +++ b/usr.sbin/bind/bin/dnssec/dnssec-signzone.c @@ -16,7 +16,7 @@ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: dnssec-signzone.c,v 1.139.2.2.4.16 2004/08/28 06:25:29 marka Exp $ */ +/* $ISC: dnssec-signzone.c,v 1.139.2.2.4.17 2004/10/25 01:36:06 marka Exp $ */ #include <config.h> @@ -28,6 +28,7 @@ #include <isc/entropy.h> #include <isc/event.h> #include <isc/file.h> +#include <isc/hash.h> #include <isc/mem.h> #include <isc/mutex.h> #include <isc/os.h> @@ -1824,6 +1825,11 @@ main(int argc, char *argv[]) { eflags = ISC_ENTROPY_BLOCKING; if (!pseudorandom) eflags |= ISC_ENTROPY_GOODONLY; + + result = isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE); + if (result != ISC_R_SUCCESS) + fatal("could not create hash context"); + result = dst_lib_init(mctx, ectx, eflags); if (result != ISC_R_SUCCESS) fatal("could not initialize dst"); @@ -2087,6 +2093,7 @@ main(int argc, char *argv[]) { cleanup_logging(&log); dst_lib_destroy(); + isc_hash_destroy(); cleanup_entropy(&ectx); if (verbose > 10) isc_mem_stats(mctx, stdout); diff --git a/usr.sbin/bind/bin/named/client.c b/usr.sbin/bind/bin/named/client.c index b71e02f8025..691ae3f472b 100644 --- a/usr.sbin/bind/bin/named/client.c +++ b/usr.sbin/bind/bin/named/client.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: client.c,v 1.176.2.13.4.22 2004/07/23 02:56:51 marka Exp $ */ +/* $ISC: client.c,v 1.176.2.13.4.23 2004/09/26 22:37:43 marka Exp $ */ #include <config.h> @@ -1938,7 +1938,7 @@ client_udprecv(ns_client_t *client) { client->task, client->recvevent, 0); if (result != ISC_R_SUCCESS) { UNEXPECTED_ERROR(__FILE__, __LINE__, - "isc_socket_recv() failed: %s", + "isc_socket_recv2() failed: %s", isc_result_totext(result)); /* * This cannot happen in the current implementation, since diff --git a/usr.sbin/bind/bin/named/config.c b/usr.sbin/bind/bin/named/config.c index 1048dfaa4d1..6308b766925 100644 --- a/usr.sbin/bind/bin/named/config.c +++ b/usr.sbin/bind/bin/named/config.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: config.c,v 1.11.2.4.8.28 2004/08/28 05:41:42 marka Exp $ */ +/* $ISC: config.c,v 1.11.2.4.8.29 2004/10/05 02:52:26 marka Exp $ */ #include <config.h> @@ -555,8 +555,8 @@ ns_config_getipandkeylist(cfg_obj_t *config, cfg_obj_t *list, isc_mem_t *mctx, if (new == NULL) goto cleanup; if (keycount != 0) { - memcpy(new, keys, newsize); - isc_mem_put(mctx, keys, newsize); + memcpy(new, keys, oldsize); + isc_mem_put(mctx, keys, oldsize); } keys = new; keycount = newlen; diff --git a/usr.sbin/bind/bin/named/control.c b/usr.sbin/bind/bin/named/control.c index 91a25027e47..157c7550d78 100644 --- a/usr.sbin/bind/bin/named/control.c +++ b/usr.sbin/bind/bin/named/control.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: control.c,v 1.7.2.2.2.10.4.1 2004/09/20 01:00:00 marka Exp $ */ +/* $ISC: control.c,v 1.7.2.2.2.11 2004/09/03 03:43:31 marka Exp $ */ #include <config.h> diff --git a/usr.sbin/bind/bin/named/include/named/control.h b/usr.sbin/bind/bin/named/include/named/control.h index 5f594b24fa1..8e2d4e7d4ba 100644 --- a/usr.sbin/bind/bin/named/include/named/control.h +++ b/usr.sbin/bind/bin/named/include/named/control.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: control.h,v 1.6.2.2.2.6.6.1 2004/09/20 01:00:01 marka Exp $ */ +/* $ISC: control.h,v 1.6.2.2.2.7 2004/09/03 03:43:32 marka Exp $ */ #ifndef NAMED_CONTROL_H #define NAMED_CONTROL_H 1 diff --git a/usr.sbin/bind/bin/named/main.c b/usr.sbin/bind/bin/named/main.c index 789d68499de..be963b29583 100644 --- a/usr.sbin/bind/bin/named/main.c +++ b/usr.sbin/bind/bin/named/main.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: main.c,v 1.119.2.3.2.16 2004/09/01 07:16:35 marka Exp $ */ +/* $ISC: main.c,v 1.119.2.3.2.17 2004/10/25 00:42:54 marka Exp $ */ #include <config.h> @@ -622,6 +622,15 @@ setup(void) { /* process is now unprivileged and inside a chroot */ + /* + * We call isc_app_start() here as some versions of FreeBSD's fork() + * destroys all the signal handling it sets up. + */ + result = isc_app_start(); + if (result != ISC_R_SUCCESS) + ns_main_earlyfatal("isc_app_start() failed: %s", + isc_result_totext(result)); + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ISC_LOG_NOTICE, "starting BIND %s%s", ns_g_version, saved_command_line); @@ -814,11 +823,6 @@ main(int argc, char *argv[]) { ns_os_init(program_name); - result = isc_app_start(); - if (result != ISC_R_SUCCESS) - ns_main_earlyfatal("isc_app_start() failed: %s", - isc_result_totext(result)); - dns_result_register(); dst_result_register(); isccc_result_register(); diff --git a/usr.sbin/bind/bin/named/server.c b/usr.sbin/bind/bin/named/server.c index 2c2e6b631f5..11bd82ec730 100644 --- a/usr.sbin/bind/bin/named/server.c +++ b/usr.sbin/bind/bin/named/server.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: server.c,v 1.339.2.15.2.56 2004/06/18 04:39:48 marka Exp $ */ +/* $ISC: server.c,v 1.339.2.15.2.59 2004/11/10 22:13:56 marka Exp $ */ #include <config.h> @@ -522,6 +522,7 @@ configure_order(dns_order_t *order, cfg_obj_t *ent) { const char *str; isc_buffer_t b; isc_result_t result; + isc_boolean_t addroot; result = ns_config_getclass(cfg_tuple_get(ent, "class"), dns_rdataclass_any, &rdclass); @@ -538,11 +539,12 @@ configure_order(dns_order_t *order, cfg_obj_t *ent) { str = cfg_obj_asstring(obj); else str = "*"; + addroot = ISC_TF(strcmp(str, "*") == 0); isc_buffer_init(&b, str, strlen(str)); isc_buffer_add(&b, strlen(str)); dns_fixedname_init(&fixed); result = dns_name_fromtext(dns_fixedname_name(&fixed), &b, - dns_rootname, ISC_FALSE, NULL); + dns_rootname, ISC_FALSE, NULL); if (result != ISC_R_SUCCESS) return (result); @@ -558,6 +560,18 @@ configure_order(dns_order_t *order, cfg_obj_t *ent) { else INSIST(0); + /* + * "*" should match everything including the root (BIND 8 compat). + * As dns_name_matcheswildcard(".", "*.") returns FALSE add a + * explict entry for "." when the name is "*". + */ + if (addroot) { + result = dns_order_add(order, dns_rootname, + rdtype, rdclass, mode); + if (result != ISC_R_SUCCESS) + return (result); + } + return (dns_order_add(order, dns_fixedname_name(&fixed), rdtype, rdclass, mode)); } @@ -1903,7 +1917,8 @@ adjust_interfaces(ns_server_t *server, isc_mem_t *mctx) { dns_dispatch_t *dispatch6; dispatch6 = dns_resolver_dispatchv6(view->resolver); - INSIST(dispatch6 != NULL); + if (dispatch6 == NULL) + continue; result = dns_dispatch_getlocaladdress(dispatch6, &addr); if (result != ISC_R_SUCCESS) goto fail; @@ -2808,7 +2823,7 @@ run_server(isc_task_t *task, isc_event_t *event) { isc_result_t result; ns_server_t *server = (ns_server_t *)event->ev_arg; - UNUSED(task); + INSIST(task == server->task); isc_event_free(&event); @@ -2846,11 +2861,11 @@ run_server(isc_task_t *task, isc_event_t *event) { isc_hash_init(); - CHECKFATAL(load_zones(server, ISC_FALSE), - "loading zones"); + CHECKFATAL(load_zones(server, ISC_FALSE), "loading zones"); + ns_os_started(); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, - ISC_LOG_INFO, "running"); + ISC_LOG_NOTICE, "running"); } void @@ -3190,8 +3205,7 @@ loadconfig(ns_server_t *server) { start_reserved_dispatches(server); result = load_configuration(ns_g_lwresdonly ? lwresd_g_conffile : ns_g_conffile, - server, - ISC_FALSE); + server, ISC_FALSE); if (result == ISC_R_SUCCESS) end_reserved_dispatches(server, ISC_FALSE); else diff --git a/usr.sbin/bind/bin/named/unix/include/named/os.h b/usr.sbin/bind/bin/named/unix/include/named/os.h index 91f2adea124..789bf35267c 100644 --- a/usr.sbin/bind/bin/named/unix/include/named/os.h +++ b/usr.sbin/bind/bin/named/unix/include/named/os.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: os.h,v 1.14.2.2.8.8 2004/03/08 04:04:21 marka Exp $ */ +/* $ISC: os.h,v 1.14.2.2.8.9 2004/09/29 06:36:44 marka Exp $ */ #ifndef NS_OS_H #define NS_OS_H 1 @@ -64,4 +64,7 @@ ns_os_shutdownmsg(char *command, isc_buffer_t *text); void ns_os_tzset(void); +void +ns_os_started(void); + #endif /* NS_OS_H */ diff --git a/usr.sbin/bind/bin/named/unix/os.c b/usr.sbin/bind/bin/named/unix/os.c index f4bd3415a32..7bbf88ac79d 100644 --- a/usr.sbin/bind/bin/named/unix/os.c +++ b/usr.sbin/bind/bin/named/unix/os.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: os.c,v 1.46.2.4.8.16 2004/05/04 03:19:42 marka Exp $ */ +/* $ISC: os.c,v 1.46.2.4.8.19 2004/10/07 02:34:20 marka Exp $ */ #include <config.h> #include <stdarg.h> @@ -107,6 +107,7 @@ static pid_t mainpid = 0; static struct passwd *runas_pw = NULL; static isc_boolean_t done_setuid = ISC_FALSE; +static int dfd[2] = { -1, -1 }; #ifdef HAVE_LINUX_CAPABILITY_H @@ -164,7 +165,10 @@ linux_setcaps(unsigned int caps) { cap.inheritable = caps; if (syscall(SYS_capset, &caphead, &cap) < 0) { isc__strerror(errno, strbuf, sizeof(strbuf)); - ns_main_earlyfatal("capset failed: %s", strbuf); + ns_main_earlyfatal("capset failed: %s:" + " please ensure that the capset kernel" + " module is loaded. see insmod(8)", + strbuf); } } @@ -305,13 +309,33 @@ ns_os_daemonize(void) { pid_t pid; char strbuf[ISC_STRERRORSIZE]; + if (pipe(dfd) == -1) { + isc__strerror(errno, strbuf, sizeof(strbuf)); + ns_main_earlyfatal("pipe(): %s", strbuf); + } + pid = fork(); if (pid == -1) { isc__strerror(errno, strbuf, sizeof(strbuf)); ns_main_earlyfatal("fork(): %s", strbuf); } - if (pid != 0) - _exit(0); + if (pid != 0) { + int n; + /* + * Wait for the child to finish loading for the first time. + * This would be so much simpler if fork() worked once we + * were multi-threaded. + */ + (void)close(dfd[1]); + do { + char buf; + n = read(dfd[0], &buf, 1); + if (n == 1) + _exit(0); + } while (n == -1 && errno == EINTR); + _exit(1); + } + (void)close(dfd[0]); /* * We're the child. @@ -353,6 +377,20 @@ ns_os_daemonize(void) { } void +ns_os_started(void) { + char buf = 0; + + /* + * Signal to the parent that we stated successfully. + */ + if (dfd[0] != -1 && dfd[1] != -1) { + write(dfd[1], &buf, 1); + close(dfd[1]); + dfd[0] = dfd[1] = -1; + } +} + +void ns_os_opendevnull(void) { devnullfd = open("/dev/null", O_RDWR, 0); } @@ -429,10 +467,14 @@ ns_os_changeuser(void) { #ifdef HAVE_LINUXTHREADS #ifdef HAVE_LINUX_CAPABILITY_H if (!non_root_caps) + ns_main_earlyfatal("-u with Linux threads not supported: " + "requires kernel support for " + "prctl(PR_SET_KEEPCAPS)"); +#else + ns_main_earlyfatal("-u with Linux threads not supported: " + "no capabilities support or capabilities " + "disabled at build time"); #endif - ns_main_earlyfatal( - "-u not supported on Linux kernels older than " - "2.3.99-pre3 or 2.2.18 when using threads"); #endif if (setgid(runas_pw->pw_gid) < 0) { diff --git a/usr.sbin/bind/bin/named/update.c b/usr.sbin/bind/bin/named/update.c index 129fb7f2d33..86dd24defaa 100644 --- a/usr.sbin/bind/bin/named/update.c +++ b/usr.sbin/bind/bin/named/update.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: update.c,v 1.88.2.5.2.23 2004/07/23 02:56:52 marka Exp $ */ +/* $ISC: update.c,v 1.88.2.5.2.25 2004/10/21 01:40:22 marka Exp $ */ #include <config.h> @@ -708,7 +708,7 @@ ssu_checkrule(void *data, dns_rdataset_t *rrset) { */ if (rrset->type == dns_rdatatype_rrsig || rrset->type == dns_rdatatype_nsec) - return (ISC_TRUE); + return (ISC_R_SUCCESS); result = dns_ssutable_checkrules(ssuinfo->table, ssuinfo->signer, ssuinfo->name, rrset->type); return (result == ISC_TRUE ? ISC_R_SUCCESS : ISC_R_FAILURE); @@ -965,13 +965,27 @@ typedef struct { */ /* - * Return true iff 'update_rr' is neither a SOA nor an NS RR. + * Return true iff 'db_rr' is neither a SOA nor an NS RR nor + * an RRSIG nor a NSEC. */ static isc_boolean_t type_not_soa_nor_ns_p(dns_rdata_t *update_rr, dns_rdata_t *db_rr) { UNUSED(update_rr); return ((db_rr->type != dns_rdatatype_soa && - db_rr->type != dns_rdatatype_ns) ? + db_rr->type != dns_rdatatype_ns && + db_rr->type != dns_rdatatype_rrsig && + db_rr->type != dns_rdatatype_nsec) ? + ISC_TRUE : ISC_FALSE); +} + +/* + * Return true iff 'db_rr' is neither a RRSIG nor a NSEC. + */ +static isc_boolean_t +type_not_dnssec(dns_rdata_t *update_rr, dns_rdata_t *db_rr) { + UNUSED(update_rr); + return ((db_rr->type != dns_rdatatype_rrsig && + db_rr->type != dns_rdatatype_nsec) ? ISC_TRUE : ISC_FALSE); } @@ -2514,7 +2528,8 @@ update_action(isc_task_t *task, isc_event_t *event) { dns_rdatatype_any, 0, &rdata, &diff)); } else { - CHECK(delete_if(true_p, db, ver, name, + CHECK(delete_if(type_not_dnssec, + db, ver, name, dns_rdatatype_any, 0, &rdata, &diff)); } diff --git a/usr.sbin/bind/bin/nsupdate/nsupdate.c b/usr.sbin/bind/bin/nsupdate/nsupdate.c index f78eb3bb320..ce154afc80d 100644 --- a/usr.sbin/bind/bin/nsupdate/nsupdate.c +++ b/usr.sbin/bind/bin/nsupdate/nsupdate.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: nsupdate.c,v 1.103.2.15.2.16 2004/06/17 01:00:38 sra Exp $ */ +/* $ISC: nsupdate.c,v 1.103.2.15.2.18 2004/09/16 02:12:18 marka Exp $ */ #include <config.h> @@ -627,7 +627,7 @@ parse_args(int argc, char **argv) { exit(1); } if (timeout == 0) - timeout = ULONG_MAX; + timeout = UINT_MAX; break; case 'u': result = isc_parse_uint32(&udp_timeout, @@ -637,7 +637,7 @@ parse_args(int argc, char **argv) { exit(1); } if (udp_timeout == 0) - udp_timeout = ULONG_MAX; + udp_timeout = UINT_MAX; break; case 'r': result = isc_parse_uint32(&udp_retries, @@ -1595,6 +1595,8 @@ recvsoa(isc_task_t *task, isc_event_t *event) { dns_message_t *soaquery = NULL; isc_sockaddr_t *addr; isc_boolean_t seencname = ISC_FALSE; + dns_name_t tname; + unsigned int nlabels; UNUSED(task); @@ -1703,9 +1705,8 @@ recvsoa(isc_task_t *task, isc_event_t *event) { section = DNS_SECTION_ANSWER; else if (pass == 1) section = DNS_SECTION_AUTHORITY; - else - fatal("response to SOA query didn't contain an SOA"); - + else + goto droplabel; result = dns_message_firstname(rcvmsg, section); if (result != ISC_R_SUCCESS) { @@ -1742,29 +1743,8 @@ recvsoa(isc_task_t *task, isc_event_t *event) { goto lookforsoa; } - if (seencname) { - dns_name_t tname; - unsigned int nlabels; - - result = dns_message_firstname(soaquery, DNS_SECTION_QUESTION); - INSIST(result == ISC_R_SUCCESS); - name = NULL; - dns_message_currentname(soaquery, DNS_SECTION_QUESTION, &name); - nlabels = dns_name_countlabels(name); - if (nlabels == 1) - fatal("could not find enclosing zone"); - dns_name_init(&tname, NULL); - dns_name_getlabelsequence(name, 1, nlabels - 1, &tname); - dns_name_clone(&tname, name); - dns_request_destroy(&request); - dns_message_renderreset(soaquery); - if (userserver != NULL) - sendrequest(localaddr, userserver, soaquery, &request); - else - sendrequest(localaddr, &servers[ns_inuse], soaquery, - &request); - goto out; - } + if (seencname) + goto droplabel; if (debugging) { char namestr[DNS_NAME_FORMATSIZE]; @@ -1807,17 +1787,38 @@ recvsoa(isc_task_t *task, isc_event_t *event) { get_address(serverstr, DNSDEFAULTPORT, &tempaddr); serveraddr = &tempaddr; } + dns_rdata_freestruct(&soa); send_update(zonename, serveraddr, localaddr); + setzoneclass(dns_rdataclass_none); dns_message_destroy(&soaquery); dns_request_destroy(&request); out: - setzoneclass(dns_rdataclass_none); - dns_rdata_freestruct(&soa); dns_message_destroy(&rcvmsg); ddebug("Out of recvsoa"); + return; + + droplabel: + result = dns_message_firstname(soaquery, DNS_SECTION_QUESTION); + INSIST(result == ISC_R_SUCCESS); + name = NULL; + dns_message_currentname(soaquery, DNS_SECTION_QUESTION, &name); + nlabels = dns_name_countlabels(name); + if (nlabels == 1) + fatal("could not find enclosing zone"); + dns_name_init(&tname, NULL); + dns_name_getlabelsequence(name, 1, nlabels - 1, &tname); + dns_name_clone(&tname, name); + dns_request_destroy(&request); + dns_message_renderreset(soaquery); + if (userserver != NULL) + sendrequest(localaddr, userserver, soaquery, &request); + else + sendrequest(localaddr, &servers[ns_inuse], soaquery, + &request); + goto out; } static void diff --git a/usr.sbin/bind/bin/rndc/rndc-confgen.c b/usr.sbin/bind/bin/rndc/rndc-confgen.c index 44c498f11cb..210bddb1f97 100644 --- a/usr.sbin/bind/bin/rndc/rndc-confgen.c +++ b/usr.sbin/bind/bin/rndc/rndc-confgen.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rndc-confgen.c,v 1.9.2.6.2.4 2004/03/06 10:21:31 marka Exp $ */ +/* $ISC: rndc-confgen.c,v 1.9.2.6.2.5 2004/09/28 07:14:57 marka Exp $ */ #include <config.h> @@ -273,7 +273,8 @@ main(int argc, char **argv) { buf = isc_mem_get(mctx, len); if (buf == NULL) fatal("isc_mem_get(%d) failed\n", len); - snprintf(buf, len, "%s/%s", chrootdir, keyfile); + snprintf(buf, len, "%s%s%s", chrootdir, + (*keyfile != '/') ? "/" : "", keyfile); write_key_file(buf, user, keyname, &key_txtbuffer); isc_mem_put(mctx, buf, len); diff --git a/usr.sbin/bind/bin/rndc/rndc.c b/usr.sbin/bind/bin/rndc/rndc.c index 26821521308..7945ef2a53c 100644 --- a/usr.sbin/bind/bin/rndc/rndc.c +++ b/usr.sbin/bind/bin/rndc/rndc.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rndc.c,v 1.77.2.5.2.12.6.1 2004/09/20 01:00:01 marka Exp $ */ +/* $ISC: rndc.c,v 1.77.2.5.2.13 2004/09/03 03:43:32 marka Exp $ */ /* * Principal Author: DCL diff --git a/usr.sbin/bind/bin/tests/system/ifconfig.sh b/usr.sbin/bind/bin/tests/system/ifconfig.sh index dc802eabdc8..636827c208c 100644 --- a/usr.sbin/bind/bin/tests/system/ifconfig.sh +++ b/usr.sbin/bind/bin/tests/system/ifconfig.sh @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: ifconfig.sh,v 1.35.2.8.2.5 2004/03/16 19:23:29 explorer Exp $ +# $ISC: ifconfig.sh,v 1.35.2.8.2.8 2004/10/05 03:18:16 marka Exp $ # # Set up interface aliases for bind9 system tests. @@ -72,7 +72,7 @@ case "$1" in *-sun-solaris2.[6-7]) ifconfig lo0:$int 10.53.0.$ns netmask 0xffffffff up ;; - *-*-solaris2.[8-9]) + *-*-solaris2.[8-9]|*-*-solaris2.10) /sbin/ifconfig lo0:$int plumb /sbin/ifconfig lo0:$int 10.53.0.$ns up ;; @@ -97,7 +97,7 @@ case "$1" in *-*-sysv5uw7*|*-*-sysv*UnixWare*|*-*-sysv*OpenUNIX*) ifconfig lo0 10.53.0.$ns alias netmask 0xffffffff ;; - *-ibm-aix4.*) + *-ibm-aix4.*|*-ibm-aix5.*) ifconfig lo0 alias 10.53.0.$ns ;; hpux) @@ -106,7 +106,7 @@ case "$1" in *-sco3.2v*) ifconfig lo0 alias 10.53.0.$ns ;; - *-darwin5*) + *-darwin*) ifconfig lo0 alias 10.53.0.$ns ;; *) @@ -132,7 +132,7 @@ case "$1" in *-sun-solaris2.[6-7]) ifconfig lo0:$int 10.53.0.$ns down ;; - *-*-solaris2.8) + *-*-solaris2.[8-9]|*-*-solaris2.10) ifconfig lo0:$int 10.53.0.$ns down ifconfig lo0:$int 10.53.0.$ns unplumb ;; @@ -157,7 +157,7 @@ case "$1" in *-*-sysv5uw7*|*-*-sysv*UnixWare*|*-*-sysv*OpenUNIX*) ifconfig lo0 -alias 10.53.0.$ns ;; - *-ibm-aix4.*) + *-ibm-aix4.*|*-ibm-aix5.*) ifconfig lo0 delete 10.53.0.$ns ;; hpux) @@ -166,7 +166,7 @@ case "$1" in *-sco3.2v*) ifconfig lo0 -alias 10.53.0.$ns ;; - *darwin5*) + *darwin*) ifconfig lo0 -alias 10.53.0.$ns ;; *) diff --git a/usr.sbin/bind/config.guess b/usr.sbin/bind/config.guess index 3d8a863a4c5..e05cdae4759 100644 --- a/usr.sbin/bind/config.guess +++ b/usr.sbin/bind/config.guess @@ -1,9 +1,9 @@ #! /bin/sh # Attempt to guess a canonical system name. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003 Free Software Foundation, Inc. +# 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc. -timestamp='2004-01-24' +timestamp='2004-09-07' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -53,7 +53,7 @@ version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001 +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO @@ -204,10 +204,24 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} exit 0 ;; + *:ekkoBSD:*:*) + echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} + exit 0 ;; + macppc:MirBSD:*:*) + echo powerppc-unknown-mirbsd${UNAME_RELEASE} + exit 0 ;; + *:MirBSD:*:*) + echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} + exit 0 ;; alpha:OSF1:*:*) - if test $UNAME_RELEASE = "V4.0"; then + case $UNAME_RELEASE in + *4.0) UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` - fi + ;; + *5.*) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` + ;; + esac # According to Compaq, /usr/sbin/psrinfo has been available on # OSF/1 and Tru64 systems produced since 1995. I hope that # covers most systems running today. This code pipes the CPU @@ -245,14 +259,12 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in "EV7.9 (21364A)") UNAME_MACHINE="alphaev79" ;; esac + # A Pn.n version is a patched version. # A Vn.n version is a released version. # A Tn.n version is a released field test version. # A Xn.n version is an unreleased experimental baselevel. # 1.2 uses "1.2" for uname -r. - echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - exit 0 ;; - Alpha*:OpenVMS:*:*) - echo alpha-hp-vms + echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` exit 0 ;; Alpha\ *:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? @@ -708,7 +720,7 @@ EOF echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit 0 ;; *:UNICOS/mp:*:*) - echo nv1-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit 0 ;; F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` @@ -731,21 +743,7 @@ EOF echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} exit 0 ;; *:FreeBSD:*:*) - # Determine whether the default compiler uses glibc. - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include <features.h> - #if __GLIBC__ >= 2 - LIBC=gnu - #else - LIBC= - #endif -EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=` - # GNU/KFreeBSD systems have a "k" prefix to indicate we are using - # FreeBSD's kernel, but not the complete OS. - case ${LIBC} in gnu) kernel_only='k' ;; esac - echo ${UNAME_MACHINE}-unknown-${kernel_only}freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`${LIBC:+-$LIBC} + echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` exit 0 ;; i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin @@ -794,9 +792,18 @@ EOF cris:Linux:*:*) echo cris-axis-linux-gnu exit 0 ;; + crisv32:Linux:*:*) + echo crisv32-axis-linux-gnu + exit 0 ;; + frv:Linux:*:*) + echo frv-unknown-linux-gnu + exit 0 ;; ia64:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit 0 ;; + m32r*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit 0 ;; m68*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit 0 ;; @@ -1037,9 +1044,9 @@ EOF M680?0:D-NIX:5.3:*) echo m68k-diab-dnix exit 0 ;; - M68*:*:R3V[567]*:*) + M68*:*:R3V[5678]*:*) test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;; - 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0) + 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) OS_REL='' test -r /etc/.relid \ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` @@ -1137,9 +1144,10 @@ EOF echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} exit 0 ;; *:Darwin:*:*) - case `uname -p` in + UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown + case $UNAME_PROCESSOR in *86) UNAME_PROCESSOR=i686 ;; - powerpc) UNAME_PROCESSOR=powerpc ;; + unknown) UNAME_PROCESSOR=powerpc ;; esac echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} exit 0 ;; @@ -1201,6 +1209,13 @@ EOF *:DragonFly:*:*) echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` exit 0 ;; + *:*VMS:*:*) + UNAME_MACHINE=`(uname -p) 2>/dev/null` + case "${UNAME_MACHINE}" in + A*) echo alpha-dec-vms && exit 0 ;; + I*) echo ia64-dec-vms && exit 0 ;; + V*) echo vax-dec-vms && exit 0 ;; + esac esac #echo '(No uname command or uname output not recognized.)' 1>&2 diff --git a/usr.sbin/bind/config.h.in b/usr.sbin/bind/config.h.in index c53c7d1313d..3dc3004cbc7 100644 --- a/usr.sbin/bind/config.h.in +++ b/usr.sbin/bind/config.h.in @@ -16,7 +16,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: config.h.in,v 1.47.2.3.2.11 2004/09/01 07:18:30 marka Exp $ */ +/* $ISC: config.h.in,v 1.47.2.3.2.13 2004/12/04 06:53:50 marka Exp $ */ /*** *** This file is not to be included by any public header files, because @@ -134,12 +134,18 @@ int sigwait(const unsigned int *set, int *sig); /* define if you have strerror in the C library. */ #undef HAVE_STRERROR -/* Define if you are running under Compaq TruCluster.. */ +/* Define if you are running under Compaq TruCluster. */ #undef HAVE_TRUCLUSTER /* Define if OpenSSL includes DSA support */ #undef HAVE_OPENSSL_DSA +/* Define to the length type used by the socket API (socklen_t, size_t, int). */ +#undef ISC_SOCKADDR_LEN_T + +/* Define if threads need PTHREAD_SCOPE_SYSTEM */ +#undef NEED_PTHREAD_SCOPE_SYSTEM + /* Define to 1 if you have the <dlfcn.h> header file. */ #undef HAVE_DLFCN_H diff --git a/usr.sbin/bind/configure b/usr.sbin/bind/configure index 1699ee2043b..6ac1126740f 100644 --- a/usr.sbin/bind/configure +++ b/usr.sbin/bind/configure @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. # -# $ISC: configure,v 1.284.2.19.2.26 2004/09/01 07:18:30 marka Exp $ +# $ISC: configure,v 1.284.2.19.2.35 2004/12/09 04:09:03 marka Exp $ # # Portions Copyright (C) 1996-2001 Nominum, Inc. # @@ -29,7 +29,7 @@ # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT # OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -# From configure.in Revision: 1.294.2.23.2.30 . +# From configure.in Revision: 1.294.2.23.2.39 . # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.59. # @@ -309,7 +309,7 @@ fi # The HP-UX ksh and POSIX shell print the target directory to stdout # if CDPATH is set. -if test "X${CDPATH+set}" = Xset; then CDPATH=:; export CDPATH; fi +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH if test -z "$ECHO"; then if test "X${echo_test_string+set}" != Xset; then @@ -495,7 +495,7 @@ ac_includes_default="\ # include <unistd.h> #endif" -ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS subdirs build build_cpu build_vendor build_os host host_cpu host_vendor host_os SET_MAKE RANLIB ac_ct_RANLIB INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA STD_CINCLUDES STD_CDEFINES STD_CWARNINGS CCOPT AR ARFLAGS LN ETAGS PERL CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT CPP EGREP ISC_PLATFORM_HAVELONGLONG ISC_PLATFORM_HAVELIFCONF ISC_PLATFORM_NEEDSYSSELECTH LWRES_PLATFORM_NEEDSYSSELECTH USE_OPENSSL DST_OPENSSL_INC USE_GSSAPI DST_GSSAPI_INC DNS_CRYPTO_LIBS ALWAYS_DEFINES ISC_PLATFORM_USETHREADS ISC_THREAD_DIR MKDEPCC MKDEPCFLAGS MKDEPPROG IRIX_DNSSEC_WARNINGS_HACK purify_path PURIFY LN_S ECHO ac_ct_AR STRIP ac_ct_STRIP CXX CXXFLAGS ac_ct_CXX CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL O A SA LIBTOOL_MKDEP_SED LIBTOOL_MODE_COMPILE LIBTOOL_MODE_INSTALL LIBTOOL_MODE_LINK LIBBIND ISC_PLATFORM_HAVEIPV6 LWRES_PLATFORM_HAVEIPV6 ISC_PLATFORM_NEEDNETINETIN6H LWRES_PLATFORM_NEEDNETINETIN6H ISC_PLATFORM_NEEDNETINET6IN6H LWRES_PLATFORM_NEEDNETINET6IN6H ISC_PLATFORM_HAVEINADDR6 LWRES_PLATFORM_HAVEINADDR6 ISC_PLATFORM_NEEDIN6ADDRANY LWRES_PLATFORM_NEEDIN6ADDRANY ISC_PLATFORM_NEEDIN6ADDRLOOPBACK LWRES_PLATFORM_NEEDIN6ADDRLOOPBACK ISC_PLATFORM_HAVEIN6PKTINFO ISC_PLATFORM_FIXIN6ISADDR ISC_IPV6_H ISC_IPV6_O ISC_ISCIPV6_O ISC_IPV6_C LWRES_HAVE_SIN6_SCOPE_ID ISC_PLATFORM_HAVESCOPEID ISC_PLATFORM_HAVEIF_LADDRREQ ISC_PLATFORM_HAVEIF_LADDRCONF ISC_PLATFORM_NEEDNTOP ISC_PLATFORM_NEEDPTON ISC_PLATFORM_NEEDATON ISC_PLATFORM_HAVESALEN LWRES_PLATFORM_HAVESALEN ISC_PLATFORM_MSGHDRFLAVOR ISC_PLATFORM_NEEDPORTT ISC_LWRES_NEEDADDRINFO ISC_LWRES_NEEDRRSETINFO ISC_LWRES_SETHOSTENTINT ISC_LWRES_ENDHOSTENTINT ISC_LWRES_GETNETBYADDRINADDR ISC_LWRES_SETNETENTINT ISC_LWRES_ENDNETENTINT ISC_LWRES_GETHOSTBYADDRVOID ISC_LWRES_NEEDHERRNO ISC_LWRES_GETIPNODEPROTO ISC_LWRES_GETADDRINFOPROTO ISC_LWRES_GETNAMEINFOPROTO ISC_PLATFORM_NEEDSTRSEP ISC_PLATFORM_NEEDMEMMOVE ISC_PLATFORM_NEEDSTRTOUL ISC_PLATFORM_NEEDSTRLCPY ISC_PLATFORM_NEEDSTRLCAT ISC_PLATFORM_NEEDSPRINTF LWRES_PLATFORM_NEEDSPRINTF ISC_PLATFORM_NEEDVSNPRINTF LWRES_PLATFORM_NEEDVSNPRINTF ISC_EXTRA_OBJS ISC_EXTRA_SRCS ISC_PLATFORM_QUADFORMAT ISC_PLATFORM_RLIMITTYPE ISC_PLATFORM_USEDECLSPEC LWRES_PLATFORM_USEDECLSPEC ISC_PLATFORM_BRACEPTHREADONCEINIT ISC_PLATFORM_HAVEIFNAMETOINDEX OPENJADE JADETEX PDFJADETEX SGMLCATALOG HTMLSTYLE PRINTSTYLE XMLDCL DOCBOOK2MANSPEC BIND9_TOP_BUILDDIR BIND9_ISC_BUILDINCLUDE BIND9_ISCCC_BUILDINCLUDE BIND9_ISCCFG_BUILDINCLUDE BIND9_DNS_BUILDINCLUDE BIND9_LWRES_BUILDINCLUDE BIND9_BIND9_BUILDINCLUDE BIND9_VERSION LIBOBJS LTLIBOBJS' +ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS subdirs build build_cpu build_vendor build_os host host_cpu host_vendor host_os SET_MAKE RANLIB ac_ct_RANLIB INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA STD_CINCLUDES STD_CDEFINES STD_CWARNINGS CCOPT AR ARFLAGS LN ETAGS PERL CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT CPP EGREP ISC_SOCKADDR_LEN_T ISC_PLATFORM_HAVELONGLONG ISC_PLATFORM_HAVELIFCONF ISC_PLATFORM_NEEDSYSSELECTH LWRES_PLATFORM_NEEDSYSSELECTH USE_OPENSSL DST_OPENSSL_INC USE_GSSAPI DST_GSSAPI_INC DNS_CRYPTO_LIBS ALWAYS_DEFINES ISC_PLATFORM_USETHREADS ISC_THREAD_DIR MKDEPCC MKDEPCFLAGS MKDEPPROG IRIX_DNSSEC_WARNINGS_HACK purify_path PURIFY LN_S ECHO ac_ct_AR STRIP ac_ct_STRIP CXX CXXFLAGS ac_ct_CXX CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL O A SA LIBTOOL_MKDEP_SED LIBTOOL_MODE_COMPILE LIBTOOL_MODE_INSTALL LIBTOOL_MODE_LINK LIBTOOL_ALLOW_UNDEFINED LIBTOOL_IN_MAIN LIBBIND ISC_PLATFORM_HAVEIPV6 LWRES_PLATFORM_HAVEIPV6 ISC_PLATFORM_NEEDNETINETIN6H LWRES_PLATFORM_NEEDNETINETIN6H ISC_PLATFORM_NEEDNETINET6IN6H LWRES_PLATFORM_NEEDNETINET6IN6H ISC_PLATFORM_HAVEINADDR6 LWRES_PLATFORM_HAVEINADDR6 ISC_PLATFORM_NEEDIN6ADDRANY LWRES_PLATFORM_NEEDIN6ADDRANY ISC_PLATFORM_NEEDIN6ADDRLOOPBACK LWRES_PLATFORM_NEEDIN6ADDRLOOPBACK ISC_PLATFORM_HAVEIN6PKTINFO ISC_PLATFORM_FIXIN6ISADDR ISC_IPV6_H ISC_IPV6_O ISC_ISCIPV6_O ISC_IPV6_C LWRES_HAVE_SIN6_SCOPE_ID ISC_PLATFORM_HAVESCOPEID ISC_PLATFORM_HAVEIF_LADDRREQ ISC_PLATFORM_HAVEIF_LADDRCONF ISC_PLATFORM_NEEDNTOP ISC_PLATFORM_NEEDPTON ISC_PLATFORM_NEEDATON ISC_PLATFORM_HAVESALEN LWRES_PLATFORM_HAVESALEN ISC_PLATFORM_MSGHDRFLAVOR ISC_PLATFORM_NEEDPORTT ISC_LWRES_NEEDADDRINFO ISC_LWRES_NEEDRRSETINFO ISC_LWRES_SETHOSTENTINT ISC_LWRES_ENDHOSTENTINT ISC_LWRES_GETNETBYADDRINADDR ISC_LWRES_SETNETENTINT ISC_LWRES_ENDNETENTINT ISC_LWRES_GETHOSTBYADDRVOID ISC_LWRES_NEEDHERRNO ISC_LWRES_GETIPNODEPROTO ISC_LWRES_GETADDRINFOPROTO ISC_LWRES_GETNAMEINFOPROTO ISC_PLATFORM_NEEDSTRSEP ISC_PLATFORM_NEEDMEMMOVE ISC_PLATFORM_NEEDSTRTOUL ISC_PLATFORM_NEEDSTRLCPY ISC_PLATFORM_NEEDSTRLCAT ISC_PLATFORM_NEEDSPRINTF LWRES_PLATFORM_NEEDSPRINTF ISC_PLATFORM_NEEDVSNPRINTF LWRES_PLATFORM_NEEDVSNPRINTF ISC_EXTRA_OBJS ISC_EXTRA_SRCS ISC_PLATFORM_QUADFORMAT ISC_PLATFORM_RLIMITTYPE ISC_PLATFORM_USEDECLSPEC LWRES_PLATFORM_USEDECLSPEC ISC_PLATFORM_BRACEPTHREADONCEINIT ISC_PLATFORM_HAVEIFNAMETOINDEX OPENJADE JADETEX PDFJADETEX SGMLCATALOG HTMLSTYLE PRINTSTYLE XMLDCL DOCBOOK2MANSPEC BIND9_TOP_BUILDDIR BIND9_ISC_BUILDINCLUDE BIND9_ISCCC_BUILDINCLUDE BIND9_ISCCFG_BUILDINCLUDE BIND9_DNS_BUILDINCLUDE BIND9_LWRES_BUILDINCLUDE BIND9_BIND9_BUILDINCLUDE BIND9_VERSION LIBOBJS LTLIBOBJS' ac_subst_files='BIND9_MAKE_INCLUDES BIND9_MAKE_RULES LIBISC_API LIBISCCC_API LIBISCCFG_API LIBDNS_API LIBBIND9_API LIBLWRES_API' # Initialize some variables set by options. @@ -4105,6 +4105,132 @@ _ACEOF fi +echo "$as_me:$LINENO: checking for socklen_t" >&5 +echo $ECHO_N "checking for socklen_t... $ECHO_C" >&6 +if test "${ac_cv_type_socklen_t+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +#include <sys/types.h> +#include <sys/socket.h> + + +int +main () +{ +if ((socklen_t *) 0) + return 0; +if (sizeof (socklen_t)) + return 0; + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_type_socklen_t=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_type_socklen_t=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: $ac_cv_type_socklen_t" >&5 +echo "${ECHO_T}$ac_cv_type_socklen_t" >&6 +if test $ac_cv_type_socklen_t = yes; then + cat >>confdefs.h <<\_ACEOF +#define ISC_SOCKADDR_LEN_T socklen_t +_ACEOF + +else + +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +#include <sys/types.h> +#include <sys/socket.h> +int getsockname(int, struct sockaddr *, size_t *); + +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + cat >>confdefs.h <<\_ACEOF +#define ISC_SOCKADDR_LEN_T size_t +_ACEOF + +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +cat >>confdefs.h <<\_ACEOF +#define ISC_SOCKADDR_LEN_T int +_ACEOF + +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext + +fi + + echo "$as_me:$LINENO: checking whether time.h and sys/time.h may both be included" >&5 echo $ECHO_N "checking whether time.h and sys/time.h may both be included... $ECHO_C" >&6 if test "${ac_cv_header_time+set}" = set; then @@ -4624,6 +4750,18 @@ else use_openssl="auto" fi; +openssldirs="/usr /usr/local /usr/local/ssl /usr/pkg" +if test "$use_openssl" = "auto" +then + for d in $openssldirs + do + if test -f $d/include/openssl/opensslv.h + then + use_openssl=$d + break + fi + done +fi case "$use_openssl" in no) echo "$as_me:$LINENO: result: no" >&5 @@ -4631,11 +4769,16 @@ echo "${ECHO_T}no" >&6 DST_OPENSSL_INC="" USE_OPENSSL="" ;; + auto) + DST_OPENSSL_INC="" + USE_OPENSSL="" + echo "$as_me:$LINENO: result: not found" >&5 +echo "${ECHO_T}not found" >&6 + ;; *) - if test "$use_openssl" = "yes" -o "$use_openssl" = "auto" + if test "$use_openssl" = "yes" then # User did not specify a path - guess it - openssldirs="/usr /usr/local /usr/local/ssl /usr/pkg" for d in $openssldirs do if test -f $d/include/openssl/opensslv.h @@ -4651,13 +4794,6 @@ echo "${ECHO_T}not found" >&6 { { echo "$as_me:$LINENO: error: OpenSSL was not found in any of $openssldirs; use --with-openssl=/path" >&5 echo "$as_me: error: OpenSSL was not found in any of $openssldirs; use --with-openssl=/path" >&2;} { (exit 1); exit 1; }; } - elif test "$use_openssl" = "auto" - then - DST_OPENSSL_INC="" - USE_OPENSSL="" - echo "$as_me:$LINENO: result: not found" >&5 -echo "${ECHO_T}not found" >&6 - break fi fi USE_OPENSSL='-DOPENSSL' @@ -6335,6 +6471,14 @@ _ACEOF fi + case $host in + *-freebsd5.3|*-freebsd5.3.*) + cat >>confdefs.h <<\_ACEOF +#define NEED_PTHREAD_SCOPE_SYSTEM 1 +_ACEOF + + ;; + esac ;; # # BSDI 3.0 through 4.0.1 needs pthread_init() to be @@ -6954,6 +7098,11 @@ IRIX_DNSSEC_WARNINGS_HACK="" if test "X$GCC" = "Xyes"; then STD_CWARNINGS="$STD_CWARNINGS -W -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -Wformat" + case "$host" in + *-hp-hpux*) + LDFLAGS="-Wl,+vnocompatwarnings $LDFALGS" + ;; + esac else case $host in *-dec-osf*) @@ -6977,7 +7126,7 @@ else ;; esac CCOPT="$CCOPT -Ae -z" - LIBS="-Wl,+vnocompatwarnings $LIBS" + LDFLAGS="-Wl,+vnocompatwarnings $LDFALGS" MKDEPPROG='cc -Ae -E -Wp,-M >/dev/null 2>>$TMP' ;; *-sgi-irix*) @@ -7504,10 +7653,10 @@ for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do fi done done -SED=$lt_cv_path_SED fi +SED=$lt_cv_path_SED echo "$as_me:$LINENO: result: $SED" >&5 echo "${ECHO_T}$SED" >&6 @@ -7633,6 +7782,15 @@ case $reload_flag in *) reload_flag=" $reload_flag" ;; esac reload_cmds='$LD$reload_flag -o $output$reload_objs' +case $host_os in + darwin*) + if test "$GCC" = yes; then + reload_cmds='$CC -nostdlib ${wl}-r -o $output$reload_objs' + else + reload_cmds='$LD$reload_flag -o $output$reload_objs' + fi + ;; +esac echo "$as_me:$LINENO: checking for BSD-compatible nm" >&5 echo $ECHO_N "checking for BSD-compatible nm... $ECHO_C" >&6 @@ -7719,21 +7877,21 @@ beos*) lt_cv_deplibs_check_method=pass_all ;; -bsdi4*) +bsdi[45]*) lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)' lt_cv_file_magic_cmd='/usr/bin/file -L' lt_cv_file_magic_test_file=/shlib/libc.so ;; cygwin*) - # win32_libid is a shell function defined in ltmain.sh + # func_win32_libid is a shell function defined in ltmain.sh lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' - lt_cv_file_magic_cmd='win32_libid' + lt_cv_file_magic_cmd='func_win32_libid' ;; mingw* | pw32*) # Base MSYS/MinGW do not provide the 'file' command needed by - # win32_libid shell function, so use a weaker test based on 'objdump'. + # func_win32_libid shell function, so use a weaker test based on 'objdump'. lt_cv_deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?' lt_cv_file_magic_cmd='$OBJDUMP -f' ;; @@ -7792,15 +7950,6 @@ irix5* | irix6* | nonstopux*) # This must be Linux ELF. linux*) - case $host_cpu in - alpha*|hppa*|i*86|ia64*|m68*|mips*|powerpc*|sparc*|s390*|sh*) - lt_cv_deplibs_check_method=pass_all ;; - *) - # glibc up to 2.1.1 does not perform some relocations on ARM - # this will be overridden with pass_all, but let us keep it just in case - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB (shared object|dynamic lib )' ;; - esac - lt_cv_file_magic_test_file=`echo /lib/libc.so* /lib/libc-*.so` lt_cv_deplibs_check_method=pass_all ;; @@ -7823,12 +7972,10 @@ nto-qnx*) ;; openbsd*) - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB shared object' + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|\.so|_pic\.a)$' else - lt_cv_deplibs_check_method='file_magic OpenBSD.* shared library' + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' fi ;; @@ -7920,7 +8067,7 @@ ia64-*-hpux*) ;; *-*-irix6*) # Find out which ABI we are using. - echo '#line 7923 "configure"' > conftest.$ac_ext + echo '#line 8070 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -8587,7 +8734,12 @@ ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_cxx_compiler_gnu -ac_ext=cc + + +if test -n "$CXX" && ( test "X$CXX" != "Xno" && + ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || + (test "X$CXX" != "Xg++"))) ; then + ac_ext=cc ac_cpp='$CXXCPP $CPPFLAGS' ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' @@ -8817,6 +8969,8 @@ ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_cxx_compiler_gnu +fi + ac_ext=f ac_compile='$F77 -c $FFLAGS conftest.$ac_ext >&5' @@ -8910,7 +9064,7 @@ fi # Provide some information about the compiler. -echo "$as_me:8913:" \ +echo "$as_me:9067:" \ "checking for Fortran 77 compiler version" >&5 ac_compiler=`set X $ac_compile; echo $2` { (eval echo "$as_me:$LINENO: \"$ac_compiler --version </dev/null >&5\"") >&5 @@ -9065,7 +9219,7 @@ if test "${lt_cv_sys_max_cmd_len+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else i=0 - testring="ABCD" + teststring="ABCD" case $build_os in msdosdjgpp*) @@ -9100,20 +9254,34 @@ else lt_cv_sys_max_cmd_len=8192; ;; + netbsd* | freebsd* | openbsd* | darwin* ) + # This has been around since 386BSD, at least. Likely further. + if test -x /sbin/sysctl; then + lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` + elif test -x /usr/sbin/sysctl; then + lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` + else + lt_cv_sys_max_cmd_len=65536 # usable default for *BSD + fi + # And add a safety zone + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` + ;; + *) # If test is not a shell built-in, we'll probably end up computing a # maximum length that is only half of the actual maximum length, but # we can't tell. - while (test "X"`$CONFIG_SHELL $0 --fallback-echo "X$testring" 2>/dev/null` \ - = "XX$testring") >/dev/null 2>&1 && - new_result=`expr "X$testring" : ".*" 2>&1` && + SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} + while (test "X"`$SHELL $0 --fallback-echo "X$teststring" 2>/dev/null` \ + = "XX$teststring") >/dev/null 2>&1 && + new_result=`expr "X$teststring" : ".*" 2>&1` && lt_cv_sys_max_cmd_len=$new_result && test $i != 17 # 1/2 MB should be enough do i=`expr $i + 1` - testring=$testring$testring + teststring=$teststring$teststring done - testring= + teststring= # Add a significant safety factor because C++ compilers can tack on massive # amounts of additional arguments before passing them to the linker. # It appears as though 1/2 is a usable value. @@ -9174,6 +9342,13 @@ hpux*) # Its linker distinguishes data from code symbols lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" ;; +linux*) + if test "$host_cpu" = ia64; then + symcode='[ABCDGIRSTW]' + lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" + lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" + fi + ;; irix* | nonstopux*) symcode='[BCDEGRST]' ;; @@ -9673,6 +9848,8 @@ if test -n "$RANLIB"; then old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" fi +cc_basename=`$echo X"$compiler" | $Xsed -e 's%^.*/%%'` + # Only perform the check for file, if the check method requires it case $deplibs_check_method in file_magic*) @@ -9948,11 +10125,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:9951: $lt_compile\"" >&5) + (eval echo "\"\$as_me:10128: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:9955: \$? = $ac_status" >&5 + echo "$as_me:10132: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings @@ -10059,6 +10236,16 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6 lt_prog_compiler_static='-bnso -bI:/lib/syscalls.exp' fi ;; + darwin*) + # PIC is the default on this platform + # Common symbols not allowed in MH_DYLIB files + case "$cc_basename" in + xlc*) + lt_prog_compiler_pic='-qnocommon' + lt_prog_compiler_wl='-Wl,' + ;; + esac + ;; mingw* | pw32* | os2*) # This hack is so that the source file can tell whether it is being @@ -10181,11 +10368,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:10184: $lt_compile\"" >&5) + (eval echo "\"\$as_me:10371: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:10188: \$? = $ac_status" >&5 + echo "$as_me:10375: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings @@ -10241,11 +10428,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:10244: $lt_compile\"" >&5) + (eval echo "\"\$as_me:10431: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:10248: \$? = $ac_status" >&5 + echo "$as_me:10435: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -10457,7 +10644,7 @@ EOF ;; linux*) - if $LD --help 2>&1 | egrep ': supported targets:.* elf' > /dev/null; then + if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then tmp_archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' archive_cmds="$tmp_archive_cmds" supports_anon_versioning=no @@ -10745,7 +10932,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ld_shlibs=no ;; - bsdi4*) + bsdi[45]*) export_dynamic_flag_spec=-rdynamic ;; @@ -10759,7 +10946,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi # Tell ltmain to make .lib files, not .a files. libext=lib # Tell ltmain to make .dll files, not .so files. - shrext=".dll" + shrext_cmds=".dll" # FIXME: Setting linknames here is a bad hack. archive_cmds='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames=' # The linker will automatically build a .lib file if we build a DLL. @@ -10771,52 +10958,52 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ;; darwin* | rhapsody*) - if test "$GXX" = yes ; then - archive_cmds_need_lc=no case "$host_os" in - rhapsody* | darwin1.[012]) - allow_undefined_flag='-undefined suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - allow_undefined_flag='-flat_namespace -undefined suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[012]) - allow_undefined_flag='-flat_namespace -undefined suppress' - ;; - 10.*) - allow_undefined_flag='-undefined dynamic_lookup' - ;; - esac - fi - ;; + rhapsody* | darwin1.[012]) + allow_undefined_flag='${wl}-undefined ${wl}suppress' + ;; + *) # Darwin 1.3 on + if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then + allow_undefined_flag='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' + else + case ${MACOSX_DEPLOYMENT_TARGET} in + 10.[012]) + allow_undefined_flag='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' + ;; + 10.*) + allow_undefined_flag='${wl}-undefined ${wl}dynamic_lookup' + ;; + esac + fi + ;; esac - lt_int_apple_cc_single_mod=no - output_verbose_link_cmd='echo' - if $CC -dumpspecs 2>&1 | grep 'single_module' >/dev/null ; then - lt_int_apple_cc_single_mod=yes - fi - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - archive_cmds='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - else - archive_cmds='$CC -r ${wl}-bind_at_load -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - fi - module_cmds='$CC ${wl}-bind_at_load $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - archive_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - archive_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r ${wl}-bind_at_load -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - fi - module_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + archive_cmds_need_lc=no hardcode_direct=no hardcode_automatic=yes hardcode_shlibpath_var=unsupported - whole_archive_flag_spec='-all_load $convenience' + whole_archive_flag_spec='' link_all_deplibs=yes + if test "$GCC" = yes ; then + output_verbose_link_cmd='echo' + archive_cmds='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' + module_cmds='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' + # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's + archive_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + module_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' else - ld_shlibs=no + case "$cc_basename" in + xlc*) + output_verbose_link_cmd='echo' + archive_cmds='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' + module_cmds='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' + # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's + archive_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + module_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + ;; + *) + ld_shlibs=no + ;; + esac fi ;; @@ -10961,6 +11148,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi hardcode_shlibpath_var=no if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' hardcode_libdir_flag_spec='${wl}-rpath,$libdir' export_dynamic_flag_spec='${wl}-E' else @@ -11215,7 +11403,7 @@ echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6 library_names_spec= libname_spec='lib$name' soname_spec= -shrext=".so" +shrext_cmds=".so" postinstall_cmds= postuninstall_cmds= finish_cmds= @@ -11312,7 +11500,7 @@ beos*) shlibpath_var=LIBRARY_PATH ;; -bsdi4*) +bsdi[45]*) version_type=linux need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -11328,7 +11516,7 @@ bsdi4*) cygwin* | mingw* | pw32*) version_type=windows - shrext=".dll" + shrext_cmds=".dll" need_version=no need_lib_prefix=no @@ -11393,7 +11581,7 @@ darwin* | rhapsody*) soname_spec='${libname}${release}${major}$shared_ext' shlibpath_overrides_runpath=yes shlibpath_var=DYLD_LIBRARY_PATH - shrext='$(test .$module = .yes && echo .so || echo .dylib)' + shrext_cmds='$(test .$module = .yes && echo .so || echo .dylib)' # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. if test "$GCC" = yes; then sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` @@ -11476,7 +11664,7 @@ hpux9* | hpux10* | hpux11*) need_version=no case "$host_cpu" in ia64*) - shrext='.so' + shrext_cmds='.so' hardcode_into_libs=yes dynamic_linker="$host_os dld.so" shlibpath_var=LD_LIBRARY_PATH @@ -11491,7 +11679,7 @@ hpux9* | hpux10* | hpux11*) sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec ;; hppa*64*) - shrext='.sl' + shrext_cmds='.sl' hardcode_into_libs=yes dynamic_linker="$host_os dld.sl" shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH @@ -11502,7 +11690,7 @@ hpux9* | hpux10* | hpux11*) sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec ;; *) - shrext='.sl' + shrext_cmds='.sl' dynamic_linker="$host_os dld.sl" shlibpath_var=SHLIB_PATH shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH @@ -11573,8 +11761,8 @@ linux*) # Append ld.so.conf contents to the search path if test -f /etc/ld.so.conf; then - ld_extra=`$SED -e 's/:,\t/ /g;s/=^=*$//;s/=^= * / /g' /etc/ld.so.conf` - sys_lib_dlsearch_path_spec="/lib /usr/lib $ld_extra" + lt_ld_extra=`$SED -e 's/:,\t/ /g;s/=^=*$//;s/=^= * / /g' /etc/ld.so.conf | tr '\n' ' '` + sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" fi # We used to test for /lib/ld.so.1 and disable shared libraries on @@ -11636,7 +11824,7 @@ nto-qnx*) openbsd*) version_type=sunos need_lib_prefix=no - need_version=yes + need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' shlibpath_var=LD_LIBRARY_PATH @@ -11656,7 +11844,7 @@ openbsd*) os2*) libname_spec='$name' - shrext=".dll" + shrext_cmds=".dll" need_lib_prefix=no library_names_spec='$libname${shared_ext} $libname.a' dynamic_linker='OS/2 ld.exe' @@ -11758,8 +11946,8 @@ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5 echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6 hardcode_action= if test -n "$hardcode_libdir_flag_spec" || \ - test -n "$runpath_var " || \ - test "X$hardcode_automatic"="Xyes" ; then + test -n "$runpath_var" || \ + test "X$hardcode_automatic" = "Xyes" ; then # We can hardcode non-existant directories. if test "$hardcode_direct" != no && @@ -12425,7 +12613,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<EOF -#line 12428 "configure" +#line 12616 "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -12523,7 +12711,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<EOF -#line 12526 "configure" +#line 12714 "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -12648,47 +12836,10 @@ aix3*) fi ;; -aix4*) +aix4* | aix5*) if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then test "$enable_shared" = yes && enable_static=no fi - ;; - darwin* | rhapsody*) - if test "$GCC" = yes; then - archive_cmds_need_lc=no - case "$host_os" in - rhapsody* | darwin1.[012]) - allow_undefined_flag='-undefined suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - allow_undefined_flag='-flat_namespace -undefined suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[012]) - allow_undefined_flag='-flat_namespace -undefined suppress' - ;; - 10.*) - allow_undefined_flag='-undefined dynamic_lookup' - ;; - esac - fi - ;; - esac - output_verbose_link_cmd='echo' - archive_cmds='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs$compiler_flags -install_name $rpath/$soname $verstring' - module_cmds='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's - archive_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs$compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - module_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - hardcode_direct=no - hardcode_automatic=yes - hardcode_shlibpath_var=unsupported - whole_archive_flag_spec='-all_load $convenience' - link_all_deplibs=yes - else - ld_shlibs=no - fi ;; esac echo "$as_me:$LINENO: result: $enable_shared" >&5 @@ -12833,7 +12984,7 @@ Xsed="$SED -e s/^X//" # The HP-UX ksh and POSIX shell print the target directory to stdout # if CDPATH is set. -if test "X\${CDPATH+set}" = Xset; then CDPATH=:; export CDPATH; fi +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH # The names of the tagged configurations supported by this script. available_tags= @@ -12924,7 +13075,7 @@ objext="$ac_objext" libext="$libext" # Shared library suffix (normally ".so"). -shrext='$shrext' +shrext_cmds='$shrext_cmds' # Executable file suffix (normally ""). exeext="$exeext" @@ -13234,7 +13385,9 @@ echo "$as_me: error: tag name \"$tagname\" already exists" >&2;} case $tagname in CXX) - if test -n "$CXX" && test "X$CXX" != "Xno"; then + if test -n "$CXX" && ( test "X$CXX" != "Xno" && + ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || + (test "X$CXX" != "Xg++"))) ; then ac_ext=cc ac_cpp='$CXXCPP $CPPFLAGS' ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' @@ -13709,6 +13862,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi esac ;; + cygwin* | mingw* | pw32*) # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, CXX) is actually meaningless, # as there is no search path for DLLs. @@ -13732,57 +13886,68 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ld_shlibs_CXX=no fi ;; + darwin* | rhapsody*) + case "$host_os" in + rhapsody* | darwin1.[012]) + allow_undefined_flag_CXX='${wl}-undefined ${wl}suppress' + ;; + *) # Darwin 1.3 on + if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then + allow_undefined_flag_CXX='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' + else + case ${MACOSX_DEPLOYMENT_TARGET} in + 10.[012]) + allow_undefined_flag_CXX='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' + ;; + 10.*) + allow_undefined_flag_CXX='${wl}-undefined ${wl}dynamic_lookup' + ;; + esac + fi + ;; + esac + archive_cmds_need_lc_CXX=no + hardcode_direct_CXX=no + hardcode_automatic_CXX=yes + hardcode_shlibpath_var_CXX=unsupported + whole_archive_flag_spec_CXX='' + link_all_deplibs_CXX=yes - darwin* | rhapsody*) - if test "$GXX" = yes; then - archive_cmds_need_lc_CXX=no - case "$host_os" in - rhapsody* | darwin1.[012]) - allow_undefined_flag_CXX='-undefined suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - allow_undefined_flag_CXX='-flat_namespace -undefined suppress' + if test "$GXX" = yes ; then + lt_int_apple_cc_single_mod=no + output_verbose_link_cmd='echo' + if $CC -dumpspecs 2>&1 | $EGREP 'single_module' >/dev/null ; then + lt_int_apple_cc_single_mod=yes + fi + if test "X$lt_int_apple_cc_single_mod" = Xyes ; then + archive_cmds_CXX='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[012]) - allow_undefined_flag_CXX='-flat_namespace -undefined suppress' - ;; - 10.*) - allow_undefined_flag_CXX='-undefined dynamic_lookup' - ;; - esac + archive_cmds_CXX='$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring' + fi + module_cmds_CXX='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' + # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's + if test "X$lt_int_apple_cc_single_mod" = Xyes ; then + archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + else + archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + fi + module_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + else + case "$cc_basename" in + xlc*) + output_verbose_link_cmd='echo' + archive_cmds_CXX='$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' + module_cmds_CXX='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' + # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's + archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + module_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + ;; + *) + ld_shlibs_CXX=no + ;; + esac fi - ;; - esac - lt_int_apple_cc_single_mod=no - output_verbose_link_cmd='echo' - if $CC -dumpspecs 2>&1 | grep 'single_module' >/dev/null ; then - lt_int_apple_cc_single_mod=yes - fi - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - archive_cmds_CXX='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - else - archive_cmds_CXX='$CC -r ${wl}-bind_at_load -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - fi - module_cmds_CXX='$CC ${wl}-bind_at_load $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r ${wl}-bind_at_load -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - fi - module_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - hardcode_direct_CXX=no - hardcode_automatic_CXX=yes - hardcode_shlibpath_var_CXX=unsupported - whole_archive_flag_spec_CXX='-all_load $convenience' - link_all_deplibs_CXX=yes - else - ld_shlibs_CXX=no - fi - ;; + ;; dgux*) case $cc_basename in @@ -13839,7 +14004,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi # explicitly linking system object files so we need to strip them # from the output so that they don't get included in the library # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | egrep "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' + output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' ;; *) if test "$GXX" = yes; then @@ -13988,9 +14153,20 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi icpc) # Intel C++ with_gnu_ld=yes + # version 8.0 and above of icpc choke on multiply defined symbols + # if we add $predep_objects and $postdep_objects, however 7.1 and + # earlier do not add the objects themselves. + case `$CC -V 2>&1` in + *"Version 7."*) + archive_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + ;; + *) # Version 8.0 or newer + archive_cmds_CXX='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds_CXX='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + ;; + esac archive_cmds_need_lc_CXX=no - archive_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir' export_dynamic_flag_spec_CXX='${wl}--export-dynamic' whole_archive_flag_spec_CXX='${wl}--whole-archive$convenience ${wl}--no-whole-archive' @@ -14047,6 +14223,22 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi # Workaround some broken pre-1.5 toolchains output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"' ;; + openbsd2*) + # C++ shared libraries are fairly broken + ld_shlibs_CXX=no + ;; + openbsd*) + hardcode_direct_CXX=yes + hardcode_shlibpath_var_CXX=no + archive_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' + hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir' + if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + archive_expsym_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib' + export_dynamic_flag_spec_CXX='${wl}-E' + whole_archive_flag_spec_CXX="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' + fi + output_verbose_link_cmd='echo' + ;; osf3*) case $cc_basename in KCC) @@ -14506,6 +14698,16 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6 ;; esac ;; + darwin*) + # PIC is the default on this platform + # Common symbols not allowed in MH_DYLIB files + case "$cc_basename" in + xlc*) + lt_prog_compiler_pic_CXX='-qnocommon' + lt_prog_compiler_wl_CXX='-Wl,' + ;; + esac + ;; dgux*) case $cc_basename in ec++) @@ -14706,11 +14908,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:14709: $lt_compile\"" >&5) + (eval echo "\"\$as_me:14911: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:14713: \$? = $ac_status" >&5 + echo "$as_me:14915: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings @@ -14766,11 +14968,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:14769: $lt_compile\"" >&5) + (eval echo "\"\$as_me:14971: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:14773: \$? = $ac_status" >&5 + echo "$as_me:14975: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -14917,7 +15119,7 @@ echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6 library_names_spec= libname_spec='lib$name' soname_spec= -shrext=".so" +shrext_cmds=".so" postinstall_cmds= postuninstall_cmds= finish_cmds= @@ -15014,7 +15216,7 @@ beos*) shlibpath_var=LIBRARY_PATH ;; -bsdi4*) +bsdi[45]*) version_type=linux need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -15030,7 +15232,7 @@ bsdi4*) cygwin* | mingw* | pw32*) version_type=windows - shrext=".dll" + shrext_cmds=".dll" need_version=no need_lib_prefix=no @@ -15095,7 +15297,7 @@ darwin* | rhapsody*) soname_spec='${libname}${release}${major}$shared_ext' shlibpath_overrides_runpath=yes shlibpath_var=DYLD_LIBRARY_PATH - shrext='$(test .$module = .yes && echo .so || echo .dylib)' + shrext_cmds='$(test .$module = .yes && echo .so || echo .dylib)' # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. if test "$GCC" = yes; then sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` @@ -15178,7 +15380,7 @@ hpux9* | hpux10* | hpux11*) need_version=no case "$host_cpu" in ia64*) - shrext='.so' + shrext_cmds='.so' hardcode_into_libs=yes dynamic_linker="$host_os dld.so" shlibpath_var=LD_LIBRARY_PATH @@ -15193,7 +15395,7 @@ hpux9* | hpux10* | hpux11*) sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec ;; hppa*64*) - shrext='.sl' + shrext_cmds='.sl' hardcode_into_libs=yes dynamic_linker="$host_os dld.sl" shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH @@ -15204,7 +15406,7 @@ hpux9* | hpux10* | hpux11*) sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec ;; *) - shrext='.sl' + shrext_cmds='.sl' dynamic_linker="$host_os dld.sl" shlibpath_var=SHLIB_PATH shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH @@ -15275,8 +15477,8 @@ linux*) # Append ld.so.conf contents to the search path if test -f /etc/ld.so.conf; then - ld_extra=`$SED -e 's/:,\t/ /g;s/=^=*$//;s/=^= * / /g' /etc/ld.so.conf` - sys_lib_dlsearch_path_spec="/lib /usr/lib $ld_extra" + lt_ld_extra=`$SED -e 's/:,\t/ /g;s/=^=*$//;s/=^= * / /g' /etc/ld.so.conf | tr '\n' ' '` + sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" fi # We used to test for /lib/ld.so.1 and disable shared libraries on @@ -15338,7 +15540,7 @@ nto-qnx*) openbsd*) version_type=sunos need_lib_prefix=no - need_version=yes + need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' shlibpath_var=LD_LIBRARY_PATH @@ -15358,7 +15560,7 @@ openbsd*) os2*) libname_spec='$name' - shrext=".dll" + shrext_cmds=".dll" need_lib_prefix=no library_names_spec='$libname${shared_ext} $libname.a' dynamic_linker='OS/2 ld.exe' @@ -15460,8 +15662,8 @@ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5 echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6 hardcode_action_CXX= if test -n "$hardcode_libdir_flag_spec_CXX" || \ - test -n "$runpath_var CXX" || \ - test "X$hardcode_automatic_CXX"="Xyes" ; then + test -n "$runpath_var_CXX" || \ + test "X$hardcode_automatic_CXX" = "Xyes" ; then # We can hardcode non-existant directories. if test "$hardcode_direct_CXX" != no && @@ -16127,7 +16329,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<EOF -#line 16130 "configure" +#line 16332 "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -16225,7 +16427,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<EOF -#line 16228 "configure" +#line 16430 "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -16504,7 +16706,7 @@ objext="$ac_objext" libext="$libext" # Shared library suffix (normally ".so"). -shrext='$shrext' +shrext_cmds='$shrext_cmds' # Executable file suffix (normally ""). exeext="$exeext" @@ -16826,7 +17028,7 @@ aix3*) postinstall_cmds='$RANLIB $lib' fi ;; -aix4*) +aix4* | aix5*) test "$enable_shared" = yes && enable_static=no ;; esac @@ -16930,6 +17132,16 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6 lt_prog_compiler_static_F77='-bnso -bI:/lib/syscalls.exp' fi ;; + darwin*) + # PIC is the default on this platform + # Common symbols not allowed in MH_DYLIB files + case "$cc_basename" in + xlc*) + lt_prog_compiler_pic_F77='-qnocommon' + lt_prog_compiler_wl_F77='-Wl,' + ;; + esac + ;; mingw* | pw32* | os2*) # This hack is so that the source file can tell whether it is being @@ -17052,11 +17264,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:17055: $lt_compile\"" >&5) + (eval echo "\"\$as_me:17267: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:17059: \$? = $ac_status" >&5 + echo "$as_me:17271: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings @@ -17112,11 +17324,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:17115: $lt_compile\"" >&5) + (eval echo "\"\$as_me:17327: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:17119: \$? = $ac_status" >&5 + echo "$as_me:17331: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -17328,7 +17540,7 @@ EOF ;; linux*) - if $LD --help 2>&1 | egrep ': supported targets:.* elf' > /dev/null; then + if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then tmp_archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' archive_cmds_F77="$tmp_archive_cmds" supports_anon_versioning=no @@ -17596,7 +17808,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ld_shlibs_F77=no ;; - bsdi4*) + bsdi[45]*) export_dynamic_flag_spec_F77=-rdynamic ;; @@ -17610,7 +17822,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi # Tell ltmain to make .lib files, not .a files. libext=lib # Tell ltmain to make .dll files, not .so files. - shrext=".dll" + shrext_cmds=".dll" # FIXME: Setting linknames here is a bad hack. archive_cmds_F77='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames=' # The linker will automatically build a .lib file if we build a DLL. @@ -17622,52 +17834,52 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ;; darwin* | rhapsody*) - if test "$GXX" = yes ; then - archive_cmds_need_lc_F77=no case "$host_os" in - rhapsody* | darwin1.[012]) - allow_undefined_flag_F77='-undefined suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - allow_undefined_flag_F77='-flat_namespace -undefined suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[012]) - allow_undefined_flag_F77='-flat_namespace -undefined suppress' - ;; - 10.*) - allow_undefined_flag_F77='-undefined dynamic_lookup' - ;; - esac - fi - ;; + rhapsody* | darwin1.[012]) + allow_undefined_flag_F77='${wl}-undefined ${wl}suppress' + ;; + *) # Darwin 1.3 on + if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then + allow_undefined_flag_F77='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' + else + case ${MACOSX_DEPLOYMENT_TARGET} in + 10.[012]) + allow_undefined_flag_F77='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' + ;; + 10.*) + allow_undefined_flag_F77='${wl}-undefined ${wl}dynamic_lookup' + ;; + esac + fi + ;; esac - lt_int_apple_cc_single_mod=no - output_verbose_link_cmd='echo' - if $CC -dumpspecs 2>&1 | grep 'single_module' >/dev/null ; then - lt_int_apple_cc_single_mod=yes - fi - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - archive_cmds_F77='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - else - archive_cmds_F77='$CC -r ${wl}-bind_at_load -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - fi - module_cmds_F77='$CC ${wl}-bind_at_load $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - archive_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - archive_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r ${wl}-bind_at_load -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - fi - module_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + archive_cmds_need_lc_F77=no hardcode_direct_F77=no hardcode_automatic_F77=yes hardcode_shlibpath_var_F77=unsupported - whole_archive_flag_spec_F77='-all_load $convenience' + whole_archive_flag_spec_F77='' link_all_deplibs_F77=yes + if test "$GCC" = yes ; then + output_verbose_link_cmd='echo' + archive_cmds_F77='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' + module_cmds_F77='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' + # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's + archive_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + module_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' else - ld_shlibs_F77=no + case "$cc_basename" in + xlc*) + output_verbose_link_cmd='echo' + archive_cmds_F77='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' + module_cmds_F77='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' + # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's + archive_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + module_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + ;; + *) + ld_shlibs_F77=no + ;; + esac fi ;; @@ -17812,6 +18024,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi hardcode_shlibpath_var_F77=no if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then archive_cmds_F77='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds_F77='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' hardcode_libdir_flag_spec_F77='${wl}-rpath,$libdir' export_dynamic_flag_spec_F77='${wl}-E' else @@ -18066,7 +18279,7 @@ echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6 library_names_spec= libname_spec='lib$name' soname_spec= -shrext=".so" +shrext_cmds=".so" postinstall_cmds= postuninstall_cmds= finish_cmds= @@ -18163,7 +18376,7 @@ beos*) shlibpath_var=LIBRARY_PATH ;; -bsdi4*) +bsdi[45]*) version_type=linux need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -18179,7 +18392,7 @@ bsdi4*) cygwin* | mingw* | pw32*) version_type=windows - shrext=".dll" + shrext_cmds=".dll" need_version=no need_lib_prefix=no @@ -18244,7 +18457,7 @@ darwin* | rhapsody*) soname_spec='${libname}${release}${major}$shared_ext' shlibpath_overrides_runpath=yes shlibpath_var=DYLD_LIBRARY_PATH - shrext='$(test .$module = .yes && echo .so || echo .dylib)' + shrext_cmds='$(test .$module = .yes && echo .so || echo .dylib)' # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. if test "$GCC" = yes; then sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` @@ -18327,7 +18540,7 @@ hpux9* | hpux10* | hpux11*) need_version=no case "$host_cpu" in ia64*) - shrext='.so' + shrext_cmds='.so' hardcode_into_libs=yes dynamic_linker="$host_os dld.so" shlibpath_var=LD_LIBRARY_PATH @@ -18342,7 +18555,7 @@ hpux9* | hpux10* | hpux11*) sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec ;; hppa*64*) - shrext='.sl' + shrext_cmds='.sl' hardcode_into_libs=yes dynamic_linker="$host_os dld.sl" shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH @@ -18353,7 +18566,7 @@ hpux9* | hpux10* | hpux11*) sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec ;; *) - shrext='.sl' + shrext_cmds='.sl' dynamic_linker="$host_os dld.sl" shlibpath_var=SHLIB_PATH shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH @@ -18424,8 +18637,8 @@ linux*) # Append ld.so.conf contents to the search path if test -f /etc/ld.so.conf; then - ld_extra=`$SED -e 's/:,\t/ /g;s/=^=*$//;s/=^= * / /g' /etc/ld.so.conf` - sys_lib_dlsearch_path_spec="/lib /usr/lib $ld_extra" + lt_ld_extra=`$SED -e 's/:,\t/ /g;s/=^=*$//;s/=^= * / /g' /etc/ld.so.conf | tr '\n' ' '` + sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" fi # We used to test for /lib/ld.so.1 and disable shared libraries on @@ -18487,7 +18700,7 @@ nto-qnx*) openbsd*) version_type=sunos need_lib_prefix=no - need_version=yes + need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' shlibpath_var=LD_LIBRARY_PATH @@ -18507,7 +18720,7 @@ openbsd*) os2*) libname_spec='$name' - shrext=".dll" + shrext_cmds=".dll" need_lib_prefix=no library_names_spec='$libname${shared_ext} $libname.a' dynamic_linker='OS/2 ld.exe' @@ -18609,8 +18822,8 @@ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5 echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6 hardcode_action_F77= if test -n "$hardcode_libdir_flag_spec_F77" || \ - test -n "$runpath_var F77" || \ - test "X$hardcode_automatic_F77"="Xyes" ; then + test -n "$runpath_var_F77" || \ + test "X$hardcode_automatic_F77" = "Xyes" ; then # We can hardcode non-existant directories. if test "$hardcode_direct_F77" != no && @@ -18848,7 +19061,7 @@ objext="$ac_objext" libext="$libext" # Shared library suffix (normally ".so"). -shrext='$shrext' +shrext_cmds='$shrext_cmds' # Executable file suffix (normally ""). exeext="$exeext" @@ -19150,11 +19363,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:19153: $lt_compile\"" >&5) + (eval echo "\"\$as_me:19366: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:19157: \$? = $ac_status" >&5 + echo "$as_me:19370: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings @@ -19261,6 +19474,16 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6 lt_prog_compiler_static_GCJ='-bnso -bI:/lib/syscalls.exp' fi ;; + darwin*) + # PIC is the default on this platform + # Common symbols not allowed in MH_DYLIB files + case "$cc_basename" in + xlc*) + lt_prog_compiler_pic_GCJ='-qnocommon' + lt_prog_compiler_wl_GCJ='-Wl,' + ;; + esac + ;; mingw* | pw32* | os2*) # This hack is so that the source file can tell whether it is being @@ -19383,11 +19606,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:19386: $lt_compile\"" >&5) + (eval echo "\"\$as_me:19609: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:19390: \$? = $ac_status" >&5 + echo "$as_me:19613: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings @@ -19443,11 +19666,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:19446: $lt_compile\"" >&5) + (eval echo "\"\$as_me:19669: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:19450: \$? = $ac_status" >&5 + echo "$as_me:19673: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -19659,7 +19882,7 @@ EOF ;; linux*) - if $LD --help 2>&1 | egrep ': supported targets:.* elf' > /dev/null; then + if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then tmp_archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' archive_cmds_GCJ="$tmp_archive_cmds" supports_anon_versioning=no @@ -19947,7 +20170,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ld_shlibs_GCJ=no ;; - bsdi4*) + bsdi[45]*) export_dynamic_flag_spec_GCJ=-rdynamic ;; @@ -19961,7 +20184,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi # Tell ltmain to make .lib files, not .a files. libext=lib # Tell ltmain to make .dll files, not .so files. - shrext=".dll" + shrext_cmds=".dll" # FIXME: Setting linknames here is a bad hack. archive_cmds_GCJ='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames=' # The linker will automatically build a .lib file if we build a DLL. @@ -19973,52 +20196,52 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ;; darwin* | rhapsody*) - if test "$GXX" = yes ; then - archive_cmds_need_lc_GCJ=no case "$host_os" in - rhapsody* | darwin1.[012]) - allow_undefined_flag_GCJ='-undefined suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - allow_undefined_flag_GCJ='-flat_namespace -undefined suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[012]) - allow_undefined_flag_GCJ='-flat_namespace -undefined suppress' - ;; - 10.*) - allow_undefined_flag_GCJ='-undefined dynamic_lookup' - ;; - esac - fi - ;; + rhapsody* | darwin1.[012]) + allow_undefined_flag_GCJ='${wl}-undefined ${wl}suppress' + ;; + *) # Darwin 1.3 on + if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then + allow_undefined_flag_GCJ='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' + else + case ${MACOSX_DEPLOYMENT_TARGET} in + 10.[012]) + allow_undefined_flag_GCJ='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' + ;; + 10.*) + allow_undefined_flag_GCJ='${wl}-undefined ${wl}dynamic_lookup' + ;; + esac + fi + ;; esac - lt_int_apple_cc_single_mod=no - output_verbose_link_cmd='echo' - if $CC -dumpspecs 2>&1 | grep 'single_module' >/dev/null ; then - lt_int_apple_cc_single_mod=yes - fi - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - archive_cmds_GCJ='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - else - archive_cmds_GCJ='$CC -r ${wl}-bind_at_load -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - fi - module_cmds_GCJ='$CC ${wl}-bind_at_load $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - archive_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - archive_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r ${wl}-bind_at_load -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - fi - module_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + archive_cmds_need_lc_GCJ=no hardcode_direct_GCJ=no hardcode_automatic_GCJ=yes hardcode_shlibpath_var_GCJ=unsupported - whole_archive_flag_spec_GCJ='-all_load $convenience' + whole_archive_flag_spec_GCJ='' link_all_deplibs_GCJ=yes + if test "$GCC" = yes ; then + output_verbose_link_cmd='echo' + archive_cmds_GCJ='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' + module_cmds_GCJ='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' + # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's + archive_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + module_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' else - ld_shlibs_GCJ=no + case "$cc_basename" in + xlc*) + output_verbose_link_cmd='echo' + archive_cmds_GCJ='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' + module_cmds_GCJ='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' + # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's + archive_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + module_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + ;; + *) + ld_shlibs_GCJ=no + ;; + esac fi ;; @@ -20163,6 +20386,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi hardcode_shlibpath_var_GCJ=no if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then archive_cmds_GCJ='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + archive_expsym_cmds_GCJ='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' hardcode_libdir_flag_spec_GCJ='${wl}-rpath,$libdir' export_dynamic_flag_spec_GCJ='${wl}-E' else @@ -20417,7 +20641,7 @@ echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6 library_names_spec= libname_spec='lib$name' soname_spec= -shrext=".so" +shrext_cmds=".so" postinstall_cmds= postuninstall_cmds= finish_cmds= @@ -20514,7 +20738,7 @@ beos*) shlibpath_var=LIBRARY_PATH ;; -bsdi4*) +bsdi[45]*) version_type=linux need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -20530,7 +20754,7 @@ bsdi4*) cygwin* | mingw* | pw32*) version_type=windows - shrext=".dll" + shrext_cmds=".dll" need_version=no need_lib_prefix=no @@ -20595,7 +20819,7 @@ darwin* | rhapsody*) soname_spec='${libname}${release}${major}$shared_ext' shlibpath_overrides_runpath=yes shlibpath_var=DYLD_LIBRARY_PATH - shrext='$(test .$module = .yes && echo .so || echo .dylib)' + shrext_cmds='$(test .$module = .yes && echo .so || echo .dylib)' # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. if test "$GCC" = yes; then sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` @@ -20678,7 +20902,7 @@ hpux9* | hpux10* | hpux11*) need_version=no case "$host_cpu" in ia64*) - shrext='.so' + shrext_cmds='.so' hardcode_into_libs=yes dynamic_linker="$host_os dld.so" shlibpath_var=LD_LIBRARY_PATH @@ -20693,7 +20917,7 @@ hpux9* | hpux10* | hpux11*) sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec ;; hppa*64*) - shrext='.sl' + shrext_cmds='.sl' hardcode_into_libs=yes dynamic_linker="$host_os dld.sl" shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH @@ -20704,7 +20928,7 @@ hpux9* | hpux10* | hpux11*) sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec ;; *) - shrext='.sl' + shrext_cmds='.sl' dynamic_linker="$host_os dld.sl" shlibpath_var=SHLIB_PATH shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH @@ -20775,8 +20999,8 @@ linux*) # Append ld.so.conf contents to the search path if test -f /etc/ld.so.conf; then - ld_extra=`$SED -e 's/:,\t/ /g;s/=^=*$//;s/=^= * / /g' /etc/ld.so.conf` - sys_lib_dlsearch_path_spec="/lib /usr/lib $ld_extra" + lt_ld_extra=`$SED -e 's/:,\t/ /g;s/=^=*$//;s/=^= * / /g' /etc/ld.so.conf | tr '\n' ' '` + sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" fi # We used to test for /lib/ld.so.1 and disable shared libraries on @@ -20838,7 +21062,7 @@ nto-qnx*) openbsd*) version_type=sunos need_lib_prefix=no - need_version=yes + need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' shlibpath_var=LD_LIBRARY_PATH @@ -20858,7 +21082,7 @@ openbsd*) os2*) libname_spec='$name' - shrext=".dll" + shrext_cmds=".dll" need_lib_prefix=no library_names_spec='$libname${shared_ext} $libname.a' dynamic_linker='OS/2 ld.exe' @@ -20960,8 +21184,8 @@ echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5 echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6 hardcode_action_GCJ= if test -n "$hardcode_libdir_flag_spec_GCJ" || \ - test -n "$runpath_var GCJ" || \ - test "X$hardcode_automatic_GCJ"="Xyes" ; then + test -n "$runpath_var_GCJ" || \ + test "X$hardcode_automatic_GCJ" = "Xyes" ; then # We can hardcode non-existant directories. if test "$hardcode_direct_GCJ" != no && @@ -21627,7 +21851,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<EOF -#line 21630 "configure" +#line 21854 "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -21725,7 +21949,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<EOF -#line 21728 "configure" +#line 21952 "configure" #include "confdefs.h" #if HAVE_DLFCN_H @@ -22004,7 +22228,7 @@ objext="$ac_objext" libext="$libext" # Shared library suffix (normally ".so"). -shrext='$shrext' +shrext_cmds='$shrext_cmds' # Executable file suffix (normally ""). exeext="$exeext" @@ -22449,7 +22673,7 @@ objext="$ac_objext" libext="$libext" # Shared library suffix (normally ".so"). -shrext='$shrext' +shrext_cmds='$shrext_cmds' # Executable file suffix (normally ""). exeext="$exeext" @@ -22745,6 +22969,13 @@ LIBTOOL='$(SHELL) $(top_builddir)/libtool' LIBTOOL_MODE_COMPILE='--mode=compile' LIBTOOL_MODE_INSTALL='--mode=install' LIBTOOL_MODE_LINK='--mode=link' + case "$host" in + *) LIBTOOL_ALLOW_UNDEFINED= ;; + esac + case "$host" in + *-ibm-aix*) LIBTOOL_IN_MAIN="-Wl,-bI:T_testlist.imp" ;; + *) LIBTOOL_IN_MAIN= ;; + esac; ;; *) O=o @@ -22755,6 +22986,8 @@ LIBTOOL='$(SHELL) $(top_builddir)/libtool' LIBTOOL_MODE_COMPILE= LIBTOOL_MODE_INSTALL= LIBTOOL_MODE_LINK= + LIBTOOL_ALLOW_UNDEFINED= + LIBTOOL_IN_MAIN= ;; esac @@ -22772,6 +23005,8 @@ SA=a + + # # build libbind? # @@ -24708,7 +24943,7 @@ case $host in # project handles the AF_INET6 case correctly. We need to avoid # using the former but prefer the latter unless overridden by # --enable-getifaddrs=glibc. - if test $use_getifaddrs = glibc + if test $want_getifaddrs = glibc then echo "$as_me:$LINENO: checking for getifaddrs" >&5 echo $ECHO_N "checking for getifaddrs... $ECHO_C" >&6 @@ -26710,6 +26945,9 @@ LWRES_PLATFORM_USEDECLSPEC="#undef LWRES_PLATFORM_USEDECLSPEC" ISC_PLATFORM_BRACEPTHREADONCEINIT="#undef ISC_PLATFORM_BRACEPTHREADONCEINIT" case "$host" in + *-aix5.1.*) + hack_shutup_pthreadonceinit=yes + ;; *-bsdi3.1*) hack_shutup_sputaux=yes ;; @@ -27364,7 +27602,7 @@ LIBBIND9_API=$srcdir/lib/bind9/api LIBLWRES_API=$srcdir/lib/lwres/api - ac_config_files="$ac_config_files make/rules make/includes Makefile make/Makefile make/mkdep lib/Makefile lib/isc/Makefile lib/isc/include/Makefile lib/isc/include/isc/Makefile lib/isc/include/isc/platform.h lib/isc/unix/Makefile lib/isc/unix/include/Makefile lib/isc/unix/include/isc/Makefile lib/isc/nls/Makefile lib/isc/$thread_dir/Makefile lib/isc/$thread_dir/include/Makefile lib/isc/$thread_dir/include/isc/Makefile lib/isccc/Makefile lib/isccc/include/Makefile lib/isccc/include/isccc/Makefile lib/isccfg/Makefile lib/isccfg/include/Makefile lib/isccfg/include/isccfg/Makefile lib/dns/Makefile lib/dns/include/Makefile lib/dns/include/dns/Makefile lib/dns/sec/Makefile lib/dns/sec/dst/Makefile lib/dns/sec/dst/include/Makefile lib/dns/sec/dst/include/dst/Makefile lib/bind9/Makefile lib/bind9/include/Makefile lib/bind9/include/bind9/Makefile lib/lwres/Makefile lib/lwres/include/Makefile lib/lwres/include/lwres/Makefile lib/lwres/include/lwres/netdb.h lib/lwres/include/lwres/platform.h lib/lwres/man/Makefile lib/lwres/unix/Makefile lib/lwres/unix/include/Makefile lib/lwres/unix/include/lwres/Makefile lib/tests/Makefile lib/tests/include/Makefile lib/tests/include/tests/Makefile bin/Makefile bin/check/Makefile bin/named/Makefile bin/named/unix/Makefile bin/rndc/Makefile bin/rndc/unix/Makefile bin/dig/Makefile bin/nsupdate/Makefile bin/tests/Makefile bin/tests/names/Makefile bin/tests/master/Makefile bin/tests/rbt/Makefile bin/tests/db/Makefile bin/tests/tasks/Makefile bin/tests/timers/Makefile bin/tests/dst/Makefile bin/tests/mem/Makefile bin/tests/net/Makefile bin/tests/sockaddr/Makefile bin/tests/system/Makefile bin/tests/system/conf.sh bin/tests/system/lwresd/Makefile bin/tests/system/tkey/Makefile bin/tests/headerdep_test.sh bin/dnssec/Makefile doc/Makefile doc/arm/Makefile doc/arm/nominum-docbook-html.dsl doc/arm/nominum-docbook-print.dsl doc/arm/validate.sh doc/misc/Makefile docutil/docbook2man-wrapper.sh isc-config.sh" + ac_config_files="$ac_config_files make/rules make/includes Makefile make/Makefile make/mkdep lib/Makefile lib/isc/Makefile lib/isc/include/Makefile lib/isc/include/isc/Makefile lib/isc/include/isc/platform.h lib/isc/unix/Makefile lib/isc/unix/include/Makefile lib/isc/unix/include/isc/Makefile lib/isc/nls/Makefile lib/isc/$thread_dir/Makefile lib/isc/$thread_dir/include/Makefile lib/isc/$thread_dir/include/isc/Makefile lib/isccc/Makefile lib/isccc/include/Makefile lib/isccc/include/isccc/Makefile lib/isccfg/Makefile lib/isccfg/include/Makefile lib/isccfg/include/isccfg/Makefile lib/dns/Makefile lib/dns/include/Makefile lib/dns/include/dns/Makefile lib/dns/include/dst/Makefile lib/bind9/Makefile lib/bind9/include/Makefile lib/bind9/include/bind9/Makefile lib/lwres/Makefile lib/lwres/include/Makefile lib/lwres/include/lwres/Makefile lib/lwres/include/lwres/netdb.h lib/lwres/include/lwres/platform.h lib/lwres/man/Makefile lib/lwres/unix/Makefile lib/lwres/unix/include/Makefile lib/lwres/unix/include/lwres/Makefile lib/tests/Makefile lib/tests/include/Makefile lib/tests/include/tests/Makefile bin/Makefile bin/check/Makefile bin/named/Makefile bin/named/unix/Makefile bin/rndc/Makefile bin/rndc/unix/Makefile bin/dig/Makefile bin/nsupdate/Makefile bin/tests/Makefile bin/tests/names/Makefile bin/tests/master/Makefile bin/tests/rbt/Makefile bin/tests/db/Makefile bin/tests/tasks/Makefile bin/tests/timers/Makefile bin/tests/dst/Makefile bin/tests/mem/Makefile bin/tests/net/Makefile bin/tests/sockaddr/Makefile bin/tests/system/Makefile bin/tests/system/conf.sh bin/tests/system/lwresd/Makefile bin/tests/system/tkey/Makefile bin/tests/headerdep_test.sh bin/dnssec/Makefile doc/Makefile doc/arm/Makefile doc/arm/nominum-docbook-html.dsl doc/arm/nominum-docbook-print.dsl doc/arm/validate.sh doc/misc/Makefile docutil/docbook2man-wrapper.sh isc-config.sh" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure @@ -27916,10 +28154,7 @@ do "lib/dns/Makefile" ) CONFIG_FILES="$CONFIG_FILES lib/dns/Makefile" ;; "lib/dns/include/Makefile" ) CONFIG_FILES="$CONFIG_FILES lib/dns/include/Makefile" ;; "lib/dns/include/dns/Makefile" ) CONFIG_FILES="$CONFIG_FILES lib/dns/include/dns/Makefile" ;; - "lib/dns/sec/Makefile" ) CONFIG_FILES="$CONFIG_FILES lib/dns/sec/Makefile" ;; - "lib/dns/sec/dst/Makefile" ) CONFIG_FILES="$CONFIG_FILES lib/dns/sec/dst/Makefile" ;; - "lib/dns/sec/dst/include/Makefile" ) CONFIG_FILES="$CONFIG_FILES lib/dns/sec/dst/include/Makefile" ;; - "lib/dns/sec/dst/include/dst/Makefile" ) CONFIG_FILES="$CONFIG_FILES lib/dns/sec/dst/include/dst/Makefile" ;; + "lib/dns/include/dst/Makefile" ) CONFIG_FILES="$CONFIG_FILES lib/dns/include/dst/Makefile" ;; "lib/bind9/Makefile" ) CONFIG_FILES="$CONFIG_FILES lib/bind9/Makefile" ;; "lib/bind9/include/Makefile" ) CONFIG_FILES="$CONFIG_FILES lib/bind9/include/Makefile" ;; "lib/bind9/include/bind9/Makefile" ) CONFIG_FILES="$CONFIG_FILES lib/bind9/include/bind9/Makefile" ;; @@ -28086,6 +28321,7 @@ s,@EXEEXT@,$EXEEXT,;t t s,@OBJEXT@,$OBJEXT,;t t s,@CPP@,$CPP,;t t s,@EGREP@,$EGREP,;t t +s,@ISC_SOCKADDR_LEN_T@,$ISC_SOCKADDR_LEN_T,;t t s,@ISC_PLATFORM_HAVELONGLONG@,$ISC_PLATFORM_HAVELONGLONG,;t t s,@ISC_PLATFORM_HAVELIFCONF@,$ISC_PLATFORM_HAVELIFCONF,;t t s,@ISC_PLATFORM_NEEDSYSSELECTH@,$ISC_PLATFORM_NEEDSYSSELECTH,;t t @@ -28124,6 +28360,8 @@ s,@LIBTOOL_MKDEP_SED@,$LIBTOOL_MKDEP_SED,;t t s,@LIBTOOL_MODE_COMPILE@,$LIBTOOL_MODE_COMPILE,;t t s,@LIBTOOL_MODE_INSTALL@,$LIBTOOL_MODE_INSTALL,;t t s,@LIBTOOL_MODE_LINK@,$LIBTOOL_MODE_LINK,;t t +s,@LIBTOOL_ALLOW_UNDEFINED@,$LIBTOOL_ALLOW_UNDEFINED,;t t +s,@LIBTOOL_IN_MAIN@,$LIBTOOL_IN_MAIN,;t t s,@LIBBIND@,$LIBBIND,;t t s,@ISC_PLATFORM_HAVEIPV6@,$ISC_PLATFORM_HAVEIPV6,;t t s,@LWRES_PLATFORM_HAVEIPV6@,$LWRES_PLATFORM_HAVEIPV6,;t t diff --git a/usr.sbin/bind/configure.in b/usr.sbin/bind/configure.in index 588bc23a6cb..d694e7ef7a8 100644 --- a/usr.sbin/bind/configure.in +++ b/usr.sbin/bind/configure.in @@ -18,7 +18,7 @@ AC_DIVERT_PUSH(1)dnl esyscmd([sed "s/^/# /" COPYRIGHT])dnl AC_DIVERT_POP()dnl -AC_REVISION($Revision: 1.9 $) +AC_REVISION($Revision: 1.10 $) AC_INIT(lib/dns/name.c) AC_PREREQ(2.13) @@ -261,6 +261,23 @@ AC_TRY_COMPILE(, [ AC_TYPE_SIZE_T AC_CHECK_TYPE(ssize_t, int) +AC_CHECK_TYPE(socklen_t, +[AC_DEFINE(ISC_SOCKADDR_LEN_T, socklen_t)], +[ +AC_TRY_COMPILE( +[ +#include <sys/types.h> +#include <sys/socket.h> +int getsockname(int, struct sockaddr *, size_t *); +],[], +[AC_DEFINE(ISC_SOCKADDR_LEN_T, size_t)], +[AC_DEFINE(ISC_SOCKADDR_LEN_T, int)]) +], +[ +#include <sys/types.h> +#include <sys/socket.h> +]) +AC_SUBST(ISC_SOCKADDR_LEN_T) AC_HEADER_TIME AC_MSG_CHECKING(for long long) AC_TRY_COMPILE([],[long long i = 0; return (0);], @@ -345,17 +362,33 @@ AC_ARG_WITH(openssl, (Required for DNSSEC)], use_openssl="$withval", use_openssl="auto") +openssldirs="/usr /usr/local /usr/local/ssl /usr/pkg" +if test "$use_openssl" = "auto" +then + for d in $openssldirs + do + if test -f $d/include/openssl/opensslv.h + then + use_openssl=$d + break + fi + done +fi case "$use_openssl" in no) AC_MSG_RESULT(no) DST_OPENSSL_INC="" USE_OPENSSL="" ;; + auto) + DST_OPENSSL_INC="" + USE_OPENSSL="" + AC_MSG_RESULT(not found) + ;; *) - if test "$use_openssl" = "yes" -o "$use_openssl" = "auto" + if test "$use_openssl" = "yes" then # User did not specify a path - guess it - openssldirs="/usr /usr/local /usr/local/ssl /usr/pkg" for d in $openssldirs do if test -f $d/include/openssl/opensslv.h @@ -369,12 +402,6 @@ case "$use_openssl" in AC_MSG_RESULT(not found) AC_MSG_ERROR( [OpenSSL was not found in any of $openssldirs; use --with-openssl=/path]) - elif test "$use_openssl" = "auto" - then - DST_OPENSSL_INC="" - USE_OPENSSL="" - AC_MSG_RESULT(not found) - break fi fi USE_OPENSSL='-DOPENSSL' @@ -762,6 +789,11 @@ then # *-freebsd*) AC_CHECK_LIB(c_r, sigwait, AC_DEFINE(HAVE_SIGWAIT),) + case $host in + *-freebsd5.3|*-freebsd5.3.*) + AC_DEFINE(NEED_PTHREAD_SCOPE_SYSTEM) + ;; + esac ;; # # BSDI 3.0 through 4.0.1 needs pthread_init() to be @@ -905,6 +937,11 @@ IRIX_DNSSEC_WARNINGS_HACK="" if test "X$GCC" = "Xyes"; then STD_CWARNINGS="$STD_CWARNINGS -W -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -Wformat" + case "$host" in + *-hp-hpux*) + LDFLAGS="-Wl,+vnocompatwarnings $LDFALGS" + ;; + esac else case $host in *-dec-osf*) @@ -928,7 +965,7 @@ else ;; esac CCOPT="$CCOPT -Ae -z" - LIBS="-Wl,+vnocompatwarnings $LIBS" + LDFLAGS="-Wl,+vnocompatwarnings $LDFALGS" MKDEPPROG='cc -Ae -E -Wp,-M >/dev/null 2>>$TMP' ;; *-sgi-irix*) @@ -1039,6 +1076,13 @@ case $use_libtool in LIBTOOL_MODE_COMPILE='--mode=compile' LIBTOOL_MODE_INSTALL='--mode=install' LIBTOOL_MODE_LINK='--mode=link' + case "$host" in + *) LIBTOOL_ALLOW_UNDEFINED= ;; + esac + case "$host" in + *-ibm-aix*) LIBTOOL_IN_MAIN="-Wl,-bI:T_testlist.imp" ;; + *) LIBTOOL_IN_MAIN= ;; + esac; ;; *) O=o @@ -1049,6 +1093,8 @@ case $use_libtool in LIBTOOL_MODE_COMPILE= LIBTOOL_MODE_INSTALL= LIBTOOL_MODE_LINK= + LIBTOOL_ALLOW_UNDEFINED= + LIBTOOL_IN_MAIN= ;; esac @@ -1065,6 +1111,8 @@ AC_SUBST(LIBTOOL_MKDEP_SED) AC_SUBST(LIBTOOL_MODE_COMPILE) AC_SUBST(LIBTOOL_MODE_INSTALL) AC_SUBST(LIBTOOL_MODE_LINK) +AC_SUBST(LIBTOOL_ALLOW_UNDEFINED) +AC_SUBST(LIBTOOL_IN_MAIN) # # build libbind? @@ -1592,7 +1640,7 @@ case $host in # project handles the AF_INET6 case correctly. We need to avoid # using the former but prefer the latter unless overridden by # --enable-getifaddrs=glibc. - if test $use_getifaddrs = glibc + if test $want_getifaddrs = glibc then AC_CHECK_FUNC(getifaddrs, AC_DEFINE(HAVE_GETIFADDRS)) else @@ -1830,6 +1878,9 @@ AC_SUBST(ISC_PLATFORM_BRACEPTHREADONCEINIT) ISC_PLATFORM_BRACEPTHREADONCEINIT="#undef ISC_PLATFORM_BRACEPTHREADONCEINIT" case "$host" in + *-aix5.1.*) + hack_shutup_pthreadonceinit=yes + ;; *-bsdi3.1*) hack_shutup_sputaux=yes ;; @@ -2119,10 +2170,7 @@ AC_OUTPUT( lib/dns/Makefile lib/dns/include/Makefile lib/dns/include/dns/Makefile - lib/dns/sec/Makefile - lib/dns/sec/dst/Makefile - lib/dns/sec/dst/include/Makefile - lib/dns/sec/dst/include/dst/Makefile + lib/dns/include/dst/Makefile lib/bind9/Makefile lib/bind9/include/Makefile lib/bind9/include/bind9/Makefile diff --git a/usr.sbin/bind/doc/arm/Bv9ARM-book.xml b/usr.sbin/bind/doc/arm/Bv9ARM-book.xml index fef31e7e058..545c33b6ec4 100644 --- a/usr.sbin/bind/doc/arm/Bv9ARM-book.xml +++ b/usr.sbin/bind/doc/arm/Bv9ARM-book.xml @@ -2,7 +2,7 @@ <!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN" "http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd"> -<!-- File: $ISC: Bv9ARM-book.xml,v 1.155.2.27.2.49 2004/08/16 00:55:29 marka Exp $ --> +<!-- File: $ISC: Bv9ARM-book.xml,v 1.155.2.27.2.52 2005/02/09 03:48:57 marka Exp $ --> <book> <title>BIND 9 Administrator Reference Manual</title> @@ -679,8 +679,13 @@ of a server.</para> syntax and consistency.</para> <cmdsynopsis label="Usage"> <command>named-checkzone</command> - <arg>-dq</arg> + <arg>-djqvD</arg> <arg>-c <replaceable>class</replaceable></arg> + <arg>-o <replaceable>output</replaceable></arg> + <arg>-t <replaceable>directory</replaceable></arg> + <arg>-w <replaceable>directory</replaceable></arg> + <arg>-k <replaceable>(ignore|warn|fail)</replaceable></arg> + <arg>-n <replaceable>(ignore|warn|fail)</replaceable></arg> <arg choice="plain"><replaceable>zone</replaceable></arg> <arg><replaceable>filename</replaceable></arg> </cmdsynopsis> @@ -2707,6 +2712,7 @@ statement in the <filename>named.conf</filename> file:</para> <optional> flush-zones-on-shutdown <replaceable>yes_or_no</replaceable>; </optional> <optional> has-old-clients <replaceable>yes_or_no</replaceable>; </optional> <optional> host-statistics <replaceable>yes_or_no</replaceable>; </optional> + <optional> host-statistics-max <replaceable>number</replaceable>; </optional> <optional> minimal-responses <replaceable>yes_or_no</replaceable>; </optional> <optional> multiple-cnames <replaceable>yes_or_no</replaceable>; </optional> <optional> notify <replaceable>yes_or_no</replaceable> | <replaceable>explicit</replaceable>; </optional> @@ -2720,7 +2726,7 @@ statement in the <filename>named.conf</filename> file:</para> <optional> forward ( <replaceable>only</replaceable> | <replaceable>first</replaceable> ); </optional> <optional> forwarders { <replaceable>ip_addr</replaceable> <optional>port <replaceable>ip_port</replaceable></optional> ; <optional> <replaceable>ip_addr</replaceable> <optional>port <replaceable>ip_port</replaceable></optional> ; ... </optional> }; </optional> <optional> dual-stack-servers <optional>port <replaceable>ip_port</replaceable></optional> { ( <replaceable>domain_name</replaceable> <optional>port <replaceable>ip_port</replaceable></optional> | <replaceable>ip_addr</replaceable> <optional>port <replaceable>ip_port</replaceable></optional> ) ; ... }; </optional> - <optional> check-names ( <replaceable>master</replaceable> | <replaceable>slave</replaceable> | <replaceable> response</replaceable> )( <replaceable>warn</replaceable> | <replaceable>fail</replaceable> | <replaceable>ignore</replaceable> ); </optional> + <optional> check-names ( <replaceable>master</replaceable> | <replaceable>slave</replaceable> | <replaceable>response</replaceable> )( <replaceable>warn</replaceable> | <replaceable>fail</replaceable> | <replaceable>ignore</replaceable> ); </optional> <optional> allow-notify { <replaceable>address_match_list</replaceable> }; </optional> <optional> allow-query { <replaceable>address_match_list</replaceable> }; </optional> <optional> allow-transfer { <replaceable>address_match_list</replaceable> }; </optional> @@ -2791,8 +2797,8 @@ statement in the <filename>named.conf</filename> file:</para> <optional> edns-udp-size <replaceable>number</replaceable>; </optional> <optional> root-delegation-only <optional> exclude { <replaceable>namelist</replaceable> } </optional> ; </optional> <optional> querylog <replaceable>yes_or_no</replaceable> ; </optional> -}; <optional> disable-algorithms <replaceable>domain</replaceable> { <replaceable>algorithm</replaceable>; <optional> <replaceable>algorithm</replaceable>; </optional> }; </optional> +}; </programlisting> </sect2> @@ -3338,6 +3344,28 @@ If <command>querylog</command> is not specified then the query logging is determined by the presence of the logging category <command>queries</command>. </para></listitem></varlistentry> +<varlistentry><term><command>check-names</command></term> +<listitem> +<para> +This option is used to restrict the character set and syntax of +certain domain names in master files and/or DNS responses received +from the network. The default varies according to usage area. For +<command>master</command> zones the default is <command>fail</command>. +For <command>slave</command> zones the default is <command>warn</command>. +For answer received from the network (<command>response</command>) +the default is <command>ignore</command>. +</para> +<para>The rules for legal hostnames / mail domains are derived from RFC 952 +and RFC 821 as modified by RFC 1123. +</para> +<para><command>check-names</command> applies to the owner names of A, AAA and +MX records. It also applies to the domain names in the RDATA of NS, SOA and MX +records. It also applies to the RDATA of PTR records where the owner name +indicated that it is a reverse lookup of a hostname (the owner name ends in +IN-ADDR.ARPA, IP6.ARPA, IP6.INT). +</para> +</listitem></varlistentry> + </variablelist> </sect3> @@ -3820,6 +3848,12 @@ will be automatically removed. The default is <literal>unlimited</literal>.</para> </listitem></varlistentry> +<varlistentry><term><command>host-statistics-max</command></term> +<listitem><para>In BIND 8, specifies the maximum number of host statistic +entries to be kept. +Not implemented in BIND 9. +</para></listitem></varlistentry> + <varlistentry><term><command>recursive-clients</command></term> <listitem><para>The maximum number of simultaneous recursive lookups the server will perform on behalf of clients. The default is @@ -4728,7 +4762,8 @@ The default is the empty list.</para> <listitem><para> This option is used to restrict the character set and syntax of certain domain names in master files and/or DNS responses received from the -network. +network. The default varies according to zone type. For <command>master</command> zones the default is <command>fail</command>. For <command>slave</command> +zones the default is <command>warn</command>. </para> </listitem></varlistentry> diff --git a/usr.sbin/bind/doc/arm/Bv9ARM.ch03.html b/usr.sbin/bind/doc/arm/Bv9ARM.ch03.html index 204d64ced91..37362d5daef 100644 --- a/usr.sbin/bind/doc/arm/Bv9ARM.ch03.html +++ b/usr.sbin/bind/doc/arm/Bv9ARM.ch03.html @@ -651,9 +651,24 @@ CLASS="command" ><B CLASS="command" >named-checkzone</B -> [-dq] [-c <VAR +> [-djqvD] [-c <VAR CLASS="replaceable" >class</VAR +>] [-o <VAR +CLASS="replaceable" +>output</VAR +>] [-t <VAR +CLASS="replaceable" +>directory</VAR +>] [-w <VAR +CLASS="replaceable" +>directory</VAR +>] [-k <VAR +CLASS="replaceable" +>(ignore|warn|fail)</VAR +>] [-n <VAR +CLASS="replaceable" +>(ignore|warn|fail)</VAR >] <VAR CLASS="replaceable" >zone</VAR @@ -1318,7 +1333,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN679" +NAME="AEN689" >3.3.2. Signals</A ></H2 ><P @@ -1333,7 +1348,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN683" +NAME="AEN693" ></A ><TABLE CELLPADDING="3" diff --git a/usr.sbin/bind/doc/arm/Bv9ARM.ch04.html b/usr.sbin/bind/doc/arm/Bv9ARM.ch04.html index a1f90b4c512..8a4ab28875c 100644 --- a/usr.sbin/bind/doc/arm/Bv9ARM.ch04.html +++ b/usr.sbin/bind/doc/arm/Bv9ARM.ch04.html @@ -96,7 +96,7 @@ HREF="Bv9ARM.ch04.html#incremental_zone_transfers" ></DT ><DT >4.4. <A -HREF="Bv9ARM.ch04.html#AEN757" +HREF="Bv9ARM.ch04.html#AEN767" >Split DNS</A ></DT ><DT @@ -106,12 +106,12 @@ HREF="Bv9ARM.ch04.html#tsig" ></DT ><DT >4.6. <A -HREF="Bv9ARM.ch04.html#AEN917" +HREF="Bv9ARM.ch04.html#AEN927" >TKEY</A ></DT ><DT >4.7. <A -HREF="Bv9ARM.ch04.html#AEN932" +HREF="Bv9ARM.ch04.html#AEN942" >SIG(0)</A ></DT ><DT @@ -121,7 +121,7 @@ HREF="Bv9ARM.ch04.html#DNSSEC" ></DT ><DT >4.9. <A -HREF="Bv9ARM.ch04.html#AEN1001" +HREF="Bv9ARM.ch04.html#AEN1011" >IPv6 Support in <ACRONYM CLASS="acronym" >BIND</ACRONYM @@ -338,7 +338,7 @@ CLASS="sect1" ><H1 CLASS="sect1" ><A -NAME="AEN757" +NAME="AEN767" >4.4. Split DNS</A ></H1 ><P @@ -756,7 +756,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN848" +NAME="AEN858" >4.5.1. Generate Shared Keys for Each Pair of Hosts</A ></H2 ><P @@ -780,7 +780,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN853" +NAME="AEN863" >4.5.1.1. Automatic Generation</A ></H3 ><P @@ -820,7 +820,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN864" +NAME="AEN874" >4.5.1.2. Manual Generation</A ></H3 ><P @@ -841,7 +841,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN869" +NAME="AEN879" >4.5.2. Copying the Shared Secret to Both Machines</A ></H2 ><P @@ -853,7 +853,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN872" +NAME="AEN882" >4.5.3. Informing the Servers of the Key's Existence</A ></H2 ><P @@ -907,7 +907,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN884" +NAME="AEN894" >4.5.4. Instructing the Server to Use the Key</A ></H2 ><P @@ -991,7 +991,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN900" +NAME="AEN910" >4.5.5. TSIG Key Based Access Control</A ></H2 ><P @@ -1037,7 +1037,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN913" +NAME="AEN923" >4.5.6. Errors</A ></H2 ><P @@ -1066,7 +1066,7 @@ CLASS="sect1" ><H1 CLASS="sect1" ><A -NAME="AEN917" +NAME="AEN927" >4.6. TKEY</A ></H1 ><P @@ -1133,7 +1133,7 @@ CLASS="sect1" ><H1 CLASS="sect1" ><A -NAME="AEN932" +NAME="AEN942" >4.7. SIG(0)</A ></H1 ><P @@ -1220,7 +1220,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN952" +NAME="AEN962" >4.8.1. Generating Keys</A ></H2 ><P @@ -1298,7 +1298,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN972" +NAME="AEN982" >4.8.2. Signing the Zone</A ></H2 ><P @@ -1378,7 +1378,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN994" +NAME="AEN1004" >4.8.3. Configuring Servers</A ></H2 ><P @@ -1406,7 +1406,7 @@ CLASS="sect1" ><H1 CLASS="sect1" ><A -NAME="AEN1001" +NAME="AEN1011" >4.9. IPv6 Support in <ACRONYM CLASS="acronym" >BIND</ACRONYM @@ -1486,7 +1486,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1019" +NAME="AEN1029" >4.9.1. Address Lookups Using AAAA Records</A ></H2 ><P @@ -1512,7 +1512,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1025" +NAME="AEN1035" >4.9.2. Address to Name Lookups Using Nibble Format</A ></H2 ><P diff --git a/usr.sbin/bind/doc/arm/Bv9ARM.ch05.html b/usr.sbin/bind/doc/arm/Bv9ARM.ch05.html index 2ae7f2ec130..dd59488d938 100644 --- a/usr.sbin/bind/doc/arm/Bv9ARM.ch05.html +++ b/usr.sbin/bind/doc/arm/Bv9ARM.ch05.html @@ -84,7 +84,7 @@ CLASS="TOC" ></DT ><DT >5.1. <A -HREF="Bv9ARM.ch05.html#AEN1034" +HREF="Bv9ARM.ch05.html#AEN1044" >The Lightweight Resolver Library</A ></DT ><DT @@ -99,7 +99,7 @@ CLASS="sect1" ><H1 CLASS="sect1" ><A -NAME="AEN1034" +NAME="AEN1044" >5.1. The Lightweight Resolver Library</A ></H1 ><P diff --git a/usr.sbin/bind/doc/arm/Bv9ARM.ch06.html b/usr.sbin/bind/doc/arm/Bv9ARM.ch06.html index a83ec38ef3f..8cd4c7022db 100644 --- a/usr.sbin/bind/doc/arm/Bv9ARM.ch06.html +++ b/usr.sbin/bind/doc/arm/Bv9ARM.ch06.html @@ -94,7 +94,7 @@ HREF="Bv9ARM.ch06.html#Configuration_File_Grammar" ></DT ><DT >6.3. <A -HREF="Bv9ARM.ch06.html#AEN4015" +HREF="Bv9ARM.ch06.html#AEN4050" >Zone File</A ></DT ></DL @@ -151,7 +151,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN1076" +NAME="AEN1086" ></A ><TABLE CELLPADDING="3" @@ -623,7 +623,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN1241" +NAME="AEN1251" >6.1.1.1. Syntax</A ></H3 ><PRE @@ -654,7 +654,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN1249" +NAME="AEN1259" >6.1.1.2. Definition and Usage</A ></H3 ><P @@ -768,7 +768,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1280" +NAME="AEN1290" >6.1.2. Comment Syntax</A ></H2 ><P @@ -787,7 +787,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN1285" +NAME="AEN1295" >6.1.2.1. Syntax</A ></H3 ><P @@ -819,7 +819,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN1294" +NAME="AEN1304" >6.1.2.2. Definition and Usage</A ></H3 ><P @@ -932,7 +932,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN1318" +NAME="AEN1328" ></A ><TABLE CELLPADDING="3" @@ -1132,7 +1132,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1401" +NAME="AEN1411" >6.2.1. <B CLASS="command" >acl</B @@ -1181,7 +1181,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN1414" +NAME="AEN1424" ></A ><TABLE CELLPADDING="3" @@ -1264,7 +1264,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1445" +NAME="AEN1455" >6.2.3. <B CLASS="command" >controls</B @@ -1578,7 +1578,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1524" +NAME="AEN1534" >6.2.5. <B CLASS="command" >include</B @@ -1596,7 +1596,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1529" +NAME="AEN1539" >6.2.6. <B CLASS="command" >include</B @@ -1625,7 +1625,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1536" +NAME="AEN1546" >6.2.7. <B CLASS="command" >key</B @@ -1653,7 +1653,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1543" +NAME="AEN1553" >6.2.8. <B CLASS="command" >key</B @@ -1735,7 +1735,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1563" +NAME="AEN1573" >6.2.9. <B CLASS="command" >logging</B @@ -1877,7 +1877,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1603" +NAME="AEN1613" >6.2.10. <B CLASS="command" >logging</B @@ -1940,7 +1940,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN1619" +NAME="AEN1629" >6.2.10.1. The <B CLASS="command" >channel</B @@ -2456,7 +2456,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN1743" +NAME="AEN1753" ></A ><TABLE CELLPADDING="3" @@ -2783,7 +2783,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1873" +NAME="AEN1883" >6.2.11. <B CLASS="command" >lwres</B @@ -2864,7 +2864,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1897" +NAME="AEN1907" >6.2.12. <B CLASS="command" >lwres</B @@ -2938,7 +2938,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1916" +NAME="AEN1926" >6.2.13. <B CLASS="command" >masters</B @@ -2987,7 +2987,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1931" +NAME="AEN1941" >6.2.14. <B CLASS="command" >masters</B @@ -3005,7 +3005,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN1936" +NAME="AEN1946" >6.2.15. <B CLASS="command" >options</B @@ -3175,6 +3175,13 @@ CLASS="replaceable" >] [<SPAN CLASS="optional" +> host-statistics-max <VAR +CLASS="replaceable" +>number</VAR +>; </SPAN +>] + [<SPAN +CLASS="optional" > minimal-responses <VAR CLASS="replaceable" >yes_or_no</VAR @@ -3322,7 +3329,7 @@ CLASS="replaceable" >slave</VAR > | <VAR CLASS="replaceable" -> response</VAR +>response</VAR > )( <VAR CLASS="replaceable" >warn</VAR @@ -3953,7 +3960,6 @@ CLASS="replaceable" >yes_or_no</VAR > ; </SPAN >] -}; [<SPAN CLASS="optional" > disable-algorithms <VAR @@ -3970,6 +3976,7 @@ CLASS="replaceable" >; </SPAN >] }; </SPAN >] +}; </PRE ></DIV ><DIV @@ -4490,7 +4497,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN2390" +NAME="AEN2402" ></A ><TABLE CELLPADDING="3" @@ -5281,6 +5288,54 @@ CLASS="command" >. </P ></DD +><DT +><B +CLASS="command" +>check-names</B +></DT +><DD +><P +> This option is used to restrict the character set and syntax of +certain domain names in master files and/or DNS responses received +from the network. The default varies according to usage area. For +<B +CLASS="command" +>master</B +> zones the default is <B +CLASS="command" +>fail</B +>. +For <B +CLASS="command" +>slave</B +> zones the default is <B +CLASS="command" +>warn</B +>. +For answer received from the network (<B +CLASS="command" +>response</B +>) +the default is <B +CLASS="command" +>ignore</B +>. +</P +><P +>The rules for legal hostnames / mail domains are derived from RFC 952 +and RFC 821 as modified by RFC 1123. +</P +><P +><B +CLASS="command" +>check-names</B +> applies to the owner names of A, AAA and +MX records. It also applies to the domain names in the RDATA of NS, SOA and MX +records. It also applies to the RDATA of PTR records where the owner name +indicated that it is a reverse lookup of a hostname (the owner name ends in +IN-ADDR.ARPA, IP6.ARPA, IP6.INT). +</P +></DD ></DL ></DIV ></DIV @@ -5289,7 +5344,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN2669" +NAME="AEN2695" >6.2.16.2. Forwarding</A ></H3 ><P @@ -5357,7 +5412,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN2688" +NAME="AEN2714" >6.2.16.3. Dual-stack Servers</A ></H3 ><P @@ -5569,7 +5624,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN2755" +NAME="AEN2781" >6.2.16.5. Interfaces</A ></H3 ><P @@ -5672,7 +5727,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN2782" +NAME="AEN2808" >6.2.16.6. Query Address</A ></H3 ><P @@ -6180,7 +6235,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN2948" +NAME="AEN2974" >6.2.16.8. Bad UDP Port Lists</A ></H3 ><P @@ -6204,7 +6259,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN2953" +NAME="AEN2979" >6.2.16.9. Operating System Resource Limits</A ></H3 ><P @@ -6324,7 +6379,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN2990" +NAME="AEN3016" >6.2.16.10. Server Resource Limits</A ></H3 ><P @@ -6374,6 +6429,18 @@ CLASS="literal" ><DT ><B CLASS="command" +>host-statistics-max</B +></DT +><DD +><P +>In BIND 8, specifies the maximum number of host statistic +entries to be kept. +Not implemented in BIND 9. +</P +></DD +><DT +><B +CLASS="command" >recursive-clients</B ></DT ><DD @@ -6447,7 +6514,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN3031" +NAME="AEN3062" >6.2.16.11. Periodic Task Intervals</A ></H3 ><P @@ -6812,7 +6879,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN3119" +NAME="AEN3150" ></A ><TABLE CELLPADDING="3" @@ -7274,7 +7341,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN3263" +NAME="AEN3294" ></A ><TABLE CELLPADDING="3" @@ -7746,7 +7813,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN3402" +NAME="AEN3433" >6.2.19. <B CLASS="command" >trusted-keys</B @@ -7801,7 +7868,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN3418" +NAME="AEN3449" >6.2.20. <B CLASS="command" >trusted-keys</B @@ -7889,7 +7956,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN3440" +NAME="AEN3471" >6.2.22. <B CLASS="command" >view</B @@ -8523,7 +8590,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN3614" +NAME="AEN3645" >6.2.24. <B CLASS="command" >zone</B @@ -8534,7 +8601,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN3617" +NAME="AEN3648" >6.2.24.1. Zone Types</A ></H3 ><DIV @@ -8542,7 +8609,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN3619" +NAME="AEN3650" ></A ><TABLE CELLPADDING="3" @@ -8774,7 +8841,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN3682" +NAME="AEN3713" >6.2.24.2. Class</A ></H3 ><P @@ -8812,7 +8879,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN3692" +NAME="AEN3723" >6.2.24.3. Zone Options</A ></H3 ><P @@ -8956,7 +9023,20 @@ CLASS="command" ><P > This option is used to restrict the character set and syntax of certain domain names in master files and/or DNS responses received from the -network. +network. The default varies according to zone type. For <B +CLASS="command" +>master</B +> zones the default is <B +CLASS="command" +>fail</B +>. For <B +CLASS="command" +>slave</B +> +zones the default is <B +CLASS="command" +>warn</B +>. </P ></DD ><DT @@ -9548,7 +9628,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN3974" +NAME="AEN4009" ></A ><TABLE CELLPADDING="3" @@ -9673,7 +9753,7 @@ CLASS="sect1" ><H1 CLASS="sect1" ><A -NAME="AEN4015" +NAME="AEN4050" >6.3. Zone File</A ></H1 ><DIV @@ -9694,7 +9774,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN4020" +NAME="AEN4055" >6.3.1.1. Resource Records</A ></H3 ><P @@ -9719,7 +9799,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN4026" +NAME="AEN4061" ></A ><TABLE CELLPADDING="3" @@ -9800,7 +9880,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN4058" +NAME="AEN4093" ></A ><TABLE CELLPADDING="3" @@ -10151,7 +10231,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN4210" +NAME="AEN4245" ></A ><TABLE CELLPADDING="3" @@ -10233,7 +10313,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN4234" +NAME="AEN4269" >6.3.1.2. Textual expression of RRs</A ></H3 ><P @@ -10265,7 +10345,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN4241" +NAME="AEN4276" ></A ><TABLE CELLPADDING="3" @@ -10420,7 +10500,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN4307" +NAME="AEN4342" ></A ><TABLE CELLPADDING="3" @@ -10491,7 +10571,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN4335" +NAME="AEN4370" >6.3.2. Discussion of MX Records</A ></H2 ><P @@ -10529,7 +10609,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN4341" +NAME="AEN4376" ></A ><TABLE CELLPADDING="3" @@ -10750,7 +10830,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN4433" +NAME="AEN4468" ></A ><TABLE CELLPADDING="3" @@ -10813,7 +10893,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN4456" +NAME="AEN4491" >6.3.4. Inverse Mapping in IPv4</A ></H2 ><P @@ -10842,7 +10922,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN4461" +NAME="AEN4496" ></A ><TABLE CELLPADDING="3" @@ -10908,7 +10988,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN4483" +NAME="AEN4518" >6.3.5. Other Zone File Directives</A ></H2 ><P @@ -10933,7 +11013,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN4490" +NAME="AEN4525" >6.3.5.1. The <B CLASS="command" >$ORIGIN</B @@ -10999,7 +11079,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN4510" +NAME="AEN4545" >6.3.5.2. The <B CLASS="command" >$INCLUDE</B @@ -11075,7 +11155,7 @@ CLASS="sect3" ><H3 CLASS="sect3" ><A -NAME="AEN4530" +NAME="AEN4565" >6.3.5.3. The <B CLASS="command" >$TTL</B @@ -11111,7 +11191,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN4541" +NAME="AEN4576" >6.3.6. <ACRONYM CLASS="acronym" >BIND</ACRONYM @@ -11194,7 +11274,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN4565" +NAME="AEN4600" ></A ><TABLE CELLPADDING="3" diff --git a/usr.sbin/bind/doc/arm/Bv9ARM.ch07.html b/usr.sbin/bind/doc/arm/Bv9ARM.ch07.html index a7c47077387..9e5cc9b8f3f 100644 --- a/usr.sbin/bind/doc/arm/Bv9ARM.ch07.html +++ b/usr.sbin/bind/doc/arm/Bv9ARM.ch07.html @@ -89,7 +89,7 @@ HREF="Bv9ARM.ch07.html#Access_Control_Lists" ></DT ><DT >7.2. <A -HREF="Bv9ARM.ch07.html#AEN4658" +HREF="Bv9ARM.ch07.html#AEN4693" ><B CLASS="command" >chroot</B @@ -197,7 +197,7 @@ CLASS="sect1" ><H1 CLASS="sect1" ><A -NAME="AEN4658" +NAME="AEN4693" >7.2. <B CLASS="command" >chroot</B @@ -275,7 +275,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN4681" +NAME="AEN4716" >7.2.1. The <B CLASS="command" >chroot</B @@ -351,7 +351,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN4699" +NAME="AEN4734" >7.2.2. Using the <B CLASS="command" >setuid</B diff --git a/usr.sbin/bind/doc/arm/Bv9ARM.ch08.html b/usr.sbin/bind/doc/arm/Bv9ARM.ch08.html index fe173a8f47a..94d3d795246 100644 --- a/usr.sbin/bind/doc/arm/Bv9ARM.ch08.html +++ b/usr.sbin/bind/doc/arm/Bv9ARM.ch08.html @@ -81,17 +81,17 @@ CLASS="TOC" ></DT ><DT >8.1. <A -HREF="Bv9ARM.ch08.html#AEN4720" +HREF="Bv9ARM.ch08.html#AEN4755" >Common Problems</A ></DT ><DT >8.2. <A -HREF="Bv9ARM.ch08.html#AEN4725" +HREF="Bv9ARM.ch08.html#AEN4760" >Incrementing and Changing the Serial Number</A ></DT ><DT >8.3. <A -HREF="Bv9ARM.ch08.html#AEN4730" +HREF="Bv9ARM.ch08.html#AEN4765" >Where Can I Get Help?</A ></DT ></DL @@ -101,7 +101,7 @@ CLASS="sect1" ><H1 CLASS="sect1" ><A -NAME="AEN4720" +NAME="AEN4755" >8.1. Common Problems</A ></H1 ><DIV @@ -109,7 +109,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN4722" +NAME="AEN4757" >8.1.1. It's not working; how can I figure out what's wrong?</A ></H2 ><P @@ -125,7 +125,7 @@ CLASS="sect1" ><H1 CLASS="sect1" ><A -NAME="AEN4725" +NAME="AEN4760" >8.2. Incrementing and Changing the Serial Number</A ></H1 ><P @@ -154,7 +154,7 @@ CLASS="sect1" ><H1 CLASS="sect1" ><A -NAME="AEN4730" +NAME="AEN4765" >8.3. Where Can I Get Help?</A ></H1 ><P diff --git a/usr.sbin/bind/doc/arm/Bv9ARM.ch09.html b/usr.sbin/bind/doc/arm/Bv9ARM.ch09.html index 130257c2411..ea6202b2eb8 100644 --- a/usr.sbin/bind/doc/arm/Bv9ARM.ch09.html +++ b/usr.sbin/bind/doc/arm/Bv9ARM.ch09.html @@ -74,7 +74,7 @@ CLASS="TOC" ></DT ><DT >A.1. <A -HREF="Bv9ARM.ch09.html#AEN4746" +HREF="Bv9ARM.ch09.html#AEN4781" >Acknowledgments</A ></DT ><DT @@ -97,7 +97,7 @@ CLASS="sect1" ><H1 CLASS="sect1" ><A -NAME="AEN4746" +NAME="AEN4781" >A.1. Acknowledgments</A ></H1 ><DIV @@ -105,7 +105,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN4748" +NAME="AEN4783" >A.1.1. A Brief History of the <ACRONYM CLASS="acronym" >DNS</ACRONYM @@ -271,7 +271,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN4784" +NAME="AEN4819" ></A ><TABLE CELLPADDING="3" @@ -410,7 +410,7 @@ CLASS="informaltable" ><P ></P ><A -NAME="AEN4853" +NAME="AEN4888" ></A ><TABLE CELLPADDING="3" @@ -608,19 +608,19 @@ TARGET="_top" </P ><H3 ><A -NAME="AEN4921" +NAME="AEN4956" >Bibliography</A ></H3 ><H2 CLASS="bibliodiv" ><A -NAME="AEN4922" +NAME="AEN4957" >Standards</A ></H2 ><DIV CLASS="biblioentry" ><A -NAME="AEN4924" +NAME="AEN4959" ></A ><P >[RFC974] <SPAN @@ -637,7 +637,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN4931" +NAME="AEN4966" ></A ><P >[RFC1034] <SPAN @@ -654,7 +654,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN4938" +NAME="AEN4973" ></A ><P >[RFC1035] <SPAN @@ -678,7 +678,7 @@ NAME="proposed_standards" ><DIV CLASS="biblioentry" ><A -NAME="AEN4947" +NAME="AEN4982" ></A ><P >[RFC2181] <SPAN @@ -698,7 +698,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN4955" +NAME="AEN4990" ></A ><P >[RFC2308] <SPAN @@ -718,7 +718,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN4963" +NAME="AEN4998" ></A ><P >[RFC1995] <SPAN @@ -738,7 +738,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN4971" +NAME="AEN5006" ></A ><P >[RFC1996] <SPAN @@ -755,7 +755,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN4978" +NAME="AEN5013" ></A ><P >[RFC2136] <SPAN @@ -781,7 +781,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN4995" +NAME="AEN5030" ></A ><P >[RFC2845] <SPAN @@ -810,13 +810,13 @@ STYLE="margin-left: 0.5in" ><H2 CLASS="bibliodiv" ><A -NAME="AEN5014" +NAME="AEN5049" >Proposed Standards Still Under Development</A ></H2 ><DIV CLASS="biblioentry" ><A -NAME="AEN5019" +NAME="AEN5054" ></A ><P >[RFC1886] <SPAN @@ -839,7 +839,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5031" +NAME="AEN5066" ></A ><P >[RFC2065] <SPAN @@ -859,7 +859,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5043" +NAME="AEN5078" ></A ><P >[RFC2137] <SPAN @@ -876,7 +876,7 @@ STYLE="margin-left: 0.5in" ><H2 CLASS="bibliodiv" ><A -NAME="AEN5051" +NAME="AEN5086" >Other Important RFCs About <ACRONYM CLASS="acronym" >DNS</ACRONYM @@ -885,7 +885,7 @@ CLASS="acronym" ><DIV CLASS="biblioentry" ><A -NAME="AEN5054" +NAME="AEN5089" ></A ><P >[RFC1535] <SPAN @@ -905,7 +905,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5062" +NAME="AEN5097" ></A ><P >[RFC1536] <SPAN @@ -937,7 +937,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5083" +NAME="AEN5118" ></A ><P >[RFC1982] <SPAN @@ -957,13 +957,13 @@ STYLE="margin-left: 0.5in" ><H2 CLASS="bibliodiv" ><A -NAME="AEN5094" +NAME="AEN5129" >Resource Record Types</A ></H2 ><DIV CLASS="biblioentry" ><A -NAME="AEN5096" +NAME="AEN5131" ></A ><P >[RFC1183] <SPAN @@ -992,7 +992,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5114" +NAME="AEN5149" ></A ><P >[RFC1706] <SPAN @@ -1015,7 +1015,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5126" +NAME="AEN5161" ></A ><P >[RFC2168] <SPAN @@ -1036,7 +1036,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5137" +NAME="AEN5172" ></A ><P >[RFC1876] <SPAN @@ -1063,7 +1063,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5154" +NAME="AEN5189" ></A ><P >[RFC2052] <SPAN @@ -1087,7 +1087,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5166" +NAME="AEN5201" ></A ><P >[RFC2163] <SPAN @@ -1108,7 +1108,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5174" +NAME="AEN5209" ></A ><P >[RFC2230] <SPAN @@ -1128,7 +1128,7 @@ STYLE="margin-left: 0.5in" ><H2 CLASS="bibliodiv" ><A -NAME="AEN5182" +NAME="AEN5217" ><ACRONYM CLASS="acronym" >DNS</ACRONYM @@ -1137,7 +1137,7 @@ CLASS="acronym" ><DIV CLASS="biblioentry" ><A -NAME="AEN5185" +NAME="AEN5220" ></A ><P >[RFC1101] <SPAN @@ -1157,7 +1157,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5193" +NAME="AEN5228" ></A ><P >[RFC1123] <SPAN @@ -1174,7 +1174,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5200" +NAME="AEN5235" ></A ><P >[RFC1591] <SPAN @@ -1191,7 +1191,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5207" +NAME="AEN5242" ></A ><P >[RFC2317] <SPAN @@ -1214,7 +1214,7 @@ STYLE="margin-left: 0.5in" ><H2 CLASS="bibliodiv" ><A -NAME="AEN5221" +NAME="AEN5256" ><ACRONYM CLASS="acronym" >DNS</ACRONYM @@ -1223,7 +1223,7 @@ CLASS="acronym" ><DIV CLASS="biblioentry" ><A -NAME="AEN5224" +NAME="AEN5259" ></A ><P >[RFC1537] <SPAN @@ -1243,7 +1243,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5232" +NAME="AEN5267" ></A ><P >[RFC1912] <SPAN @@ -1263,7 +1263,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5240" +NAME="AEN5275" ></A ><P >[RFC2010] <SPAN @@ -1283,7 +1283,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5251" +NAME="AEN5286" ></A ><P >[RFC2219] <SPAN @@ -1306,7 +1306,7 @@ STYLE="margin-left: 0.5in" ><H2 CLASS="bibliodiv" ><A -NAME="AEN5263" +NAME="AEN5298" >Other <ACRONYM CLASS="acronym" >DNS</ACRONYM @@ -1315,7 +1315,7 @@ CLASS="acronym" ><DIV CLASS="biblioentry" ><A -NAME="AEN5269" +NAME="AEN5304" ></A ><P >[RFC1464] <SPAN @@ -1332,7 +1332,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5276" +NAME="AEN5311" ></A ><P >[RFC1713] <SPAN @@ -1352,7 +1352,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5284" +NAME="AEN5319" ></A ><P >[RFC1794] <SPAN @@ -1372,7 +1372,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5292" +NAME="AEN5327" ></A ><P >[RFC2240] <SPAN @@ -1389,7 +1389,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5299" +NAME="AEN5334" ></A ><P >[RFC2345] <SPAN @@ -1412,7 +1412,7 @@ STYLE="margin-left: 0.5in" ><DIV CLASS="biblioentry" ><A -NAME="AEN5313" +NAME="AEN5348" ></A ><P >[RFC2352] <SPAN @@ -1429,13 +1429,13 @@ STYLE="margin-left: 0.5in" ><H2 CLASS="bibliodiv" ><A -NAME="AEN5320" +NAME="AEN5355" >Obsolete and Unimplemented Experimental RRs</A ></H2 ><DIV CLASS="biblioentry" ><A -NAME="AEN5322" +NAME="AEN5357" ></A ><P >[RFC1712] <SPAN @@ -1486,7 +1486,7 @@ CLASS="sect2" ><H2 CLASS="sect2" ><A -NAME="AEN5343" +NAME="AEN5378" >A.3.3. Other Documents About <ACRONYM CLASS="acronym" >BIND</ACRONYM @@ -1496,13 +1496,13 @@ CLASS="acronym" ></P ><H3 ><A -NAME="AEN5347" +NAME="AEN5382" >Bibliography</A ></H3 ><DIV CLASS="biblioentry" ><A -NAME="AEN5348" +NAME="AEN5383" ></A ><P ><SPAN diff --git a/usr.sbin/bind/doc/arm/Bv9ARM.html b/usr.sbin/bind/doc/arm/Bv9ARM.html index bf8b49e9679..21d46214cc8 100644 --- a/usr.sbin/bind/doc/arm/Bv9ARM.html +++ b/usr.sbin/bind/doc/arm/Bv9ARM.html @@ -191,7 +191,7 @@ HREF="Bv9ARM.ch03.html#AEN347" ></DT ><DT >3.3.2. <A -HREF="Bv9ARM.ch03.html#AEN679" +HREF="Bv9ARM.ch03.html#AEN689" >Signals</A ></DT ></DL @@ -231,7 +231,7 @@ HREF="Bv9ARM.ch04.html#incremental_zone_transfers" ></DT ><DT >4.4. <A -HREF="Bv9ARM.ch04.html#AEN757" +HREF="Bv9ARM.ch04.html#AEN767" >Split DNS</A ></DT ><DT @@ -243,44 +243,44 @@ HREF="Bv9ARM.ch04.html#tsig" ><DL ><DT >4.5.1. <A -HREF="Bv9ARM.ch04.html#AEN848" +HREF="Bv9ARM.ch04.html#AEN858" >Generate Shared Keys for Each Pair of Hosts</A ></DT ><DT >4.5.2. <A -HREF="Bv9ARM.ch04.html#AEN869" +HREF="Bv9ARM.ch04.html#AEN879" >Copying the Shared Secret to Both Machines</A ></DT ><DT >4.5.3. <A -HREF="Bv9ARM.ch04.html#AEN872" +HREF="Bv9ARM.ch04.html#AEN882" >Informing the Servers of the Key's Existence</A ></DT ><DT >4.5.4. <A -HREF="Bv9ARM.ch04.html#AEN884" +HREF="Bv9ARM.ch04.html#AEN894" >Instructing the Server to Use the Key</A ></DT ><DT >4.5.5. <A -HREF="Bv9ARM.ch04.html#AEN900" +HREF="Bv9ARM.ch04.html#AEN910" >TSIG Key Based Access Control</A ></DT ><DT >4.5.6. <A -HREF="Bv9ARM.ch04.html#AEN913" +HREF="Bv9ARM.ch04.html#AEN923" >Errors</A ></DT ></DL ></DD ><DT >4.6. <A -HREF="Bv9ARM.ch04.html#AEN917" +HREF="Bv9ARM.ch04.html#AEN927" >TKEY</A ></DT ><DT >4.7. <A -HREF="Bv9ARM.ch04.html#AEN932" +HREF="Bv9ARM.ch04.html#AEN942" >SIG(0)</A ></DT ><DT @@ -292,24 +292,24 @@ HREF="Bv9ARM.ch04.html#DNSSEC" ><DL ><DT >4.8.1. <A -HREF="Bv9ARM.ch04.html#AEN952" +HREF="Bv9ARM.ch04.html#AEN962" >Generating Keys</A ></DT ><DT >4.8.2. <A -HREF="Bv9ARM.ch04.html#AEN972" +HREF="Bv9ARM.ch04.html#AEN982" >Signing the Zone</A ></DT ><DT >4.8.3. <A -HREF="Bv9ARM.ch04.html#AEN994" +HREF="Bv9ARM.ch04.html#AEN1004" >Configuring Servers</A ></DT ></DL ></DD ><DT >4.9. <A -HREF="Bv9ARM.ch04.html#AEN1001" +HREF="Bv9ARM.ch04.html#AEN1011" >IPv6 Support in <ACRONYM CLASS="acronym" >BIND</ACRONYM @@ -319,12 +319,12 @@ CLASS="acronym" ><DL ><DT >4.9.1. <A -HREF="Bv9ARM.ch04.html#AEN1019" +HREF="Bv9ARM.ch04.html#AEN1029" >Address Lookups Using AAAA Records</A ></DT ><DT >4.9.2. <A -HREF="Bv9ARM.ch04.html#AEN1025" +HREF="Bv9ARM.ch04.html#AEN1035" >Address to Name Lookups Using Nibble Format</A ></DT ></DL @@ -343,7 +343,7 @@ CLASS="acronym" ><DL ><DT >5.1. <A -HREF="Bv9ARM.ch05.html#AEN1034" +HREF="Bv9ARM.ch05.html#AEN1044" >The Lightweight Resolver Library</A ></DT ><DT @@ -377,7 +377,7 @@ HREF="Bv9ARM.ch06.html#address_match_lists" ></DT ><DT >6.1.2. <A -HREF="Bv9ARM.ch06.html#AEN1280" +HREF="Bv9ARM.ch06.html#AEN1290" >Comment Syntax</A ></DT ></DL @@ -391,7 +391,7 @@ HREF="Bv9ARM.ch06.html#Configuration_File_Grammar" ><DL ><DT >6.2.1. <A -HREF="Bv9ARM.ch06.html#AEN1401" +HREF="Bv9ARM.ch06.html#AEN1411" ><B CLASS="command" >acl</B @@ -408,7 +408,7 @@ Usage</A ></DT ><DT >6.2.3. <A -HREF="Bv9ARM.ch06.html#AEN1445" +HREF="Bv9ARM.ch06.html#AEN1455" ><B CLASS="command" >controls</B @@ -424,7 +424,7 @@ CLASS="command" ></DT ><DT >6.2.5. <A -HREF="Bv9ARM.ch06.html#AEN1524" +HREF="Bv9ARM.ch06.html#AEN1534" ><B CLASS="command" >include</B @@ -432,7 +432,7 @@ CLASS="command" ></DT ><DT >6.2.6. <A -HREF="Bv9ARM.ch06.html#AEN1529" +HREF="Bv9ARM.ch06.html#AEN1539" ><B CLASS="command" >include</B @@ -440,7 +440,7 @@ CLASS="command" ></DT ><DT >6.2.7. <A -HREF="Bv9ARM.ch06.html#AEN1536" +HREF="Bv9ARM.ch06.html#AEN1546" ><B CLASS="command" >key</B @@ -448,7 +448,7 @@ CLASS="command" ></DT ><DT >6.2.8. <A -HREF="Bv9ARM.ch06.html#AEN1543" +HREF="Bv9ARM.ch06.html#AEN1553" ><B CLASS="command" >key</B @@ -456,7 +456,7 @@ CLASS="command" ></DT ><DT >6.2.9. <A -HREF="Bv9ARM.ch06.html#AEN1563" +HREF="Bv9ARM.ch06.html#AEN1573" ><B CLASS="command" >logging</B @@ -464,7 +464,7 @@ CLASS="command" ></DT ><DT >6.2.10. <A -HREF="Bv9ARM.ch06.html#AEN1603" +HREF="Bv9ARM.ch06.html#AEN1613" ><B CLASS="command" >logging</B @@ -472,7 +472,7 @@ CLASS="command" ></DT ><DT >6.2.11. <A -HREF="Bv9ARM.ch06.html#AEN1873" +HREF="Bv9ARM.ch06.html#AEN1883" ><B CLASS="command" >lwres</B @@ -480,7 +480,7 @@ CLASS="command" ></DT ><DT >6.2.12. <A -HREF="Bv9ARM.ch06.html#AEN1897" +HREF="Bv9ARM.ch06.html#AEN1907" ><B CLASS="command" >lwres</B @@ -488,7 +488,7 @@ CLASS="command" ></DT ><DT >6.2.13. <A -HREF="Bv9ARM.ch06.html#AEN1916" +HREF="Bv9ARM.ch06.html#AEN1926" ><B CLASS="command" >masters</B @@ -496,7 +496,7 @@ CLASS="command" ></DT ><DT >6.2.14. <A -HREF="Bv9ARM.ch06.html#AEN1931" +HREF="Bv9ARM.ch06.html#AEN1941" ><B CLASS="command" >masters</B @@ -504,7 +504,7 @@ CLASS="command" ></DT ><DT >6.2.15. <A -HREF="Bv9ARM.ch06.html#AEN1936" +HREF="Bv9ARM.ch06.html#AEN1946" ><B CLASS="command" >options</B @@ -536,7 +536,7 @@ CLASS="command" ></DT ><DT >6.2.19. <A -HREF="Bv9ARM.ch06.html#AEN3402" +HREF="Bv9ARM.ch06.html#AEN3433" ><B CLASS="command" >trusted-keys</B @@ -544,7 +544,7 @@ CLASS="command" ></DT ><DT >6.2.20. <A -HREF="Bv9ARM.ch06.html#AEN3418" +HREF="Bv9ARM.ch06.html#AEN3449" ><B CLASS="command" >trusted-keys</B @@ -561,7 +561,7 @@ CLASS="command" ></DT ><DT >6.2.22. <A -HREF="Bv9ARM.ch06.html#AEN3440" +HREF="Bv9ARM.ch06.html#AEN3471" ><B CLASS="command" >view</B @@ -578,7 +578,7 @@ Statement Grammar</A ></DT ><DT >6.2.24. <A -HREF="Bv9ARM.ch06.html#AEN3614" +HREF="Bv9ARM.ch06.html#AEN3645" ><B CLASS="command" >zone</B @@ -588,7 +588,7 @@ CLASS="command" ></DD ><DT >6.3. <A -HREF="Bv9ARM.ch06.html#AEN4015" +HREF="Bv9ARM.ch06.html#AEN4050" >Zone File</A ></DT ><DD @@ -600,7 +600,7 @@ HREF="Bv9ARM.ch06.html#types_of_resource_records_and_when_to_use_them" ></DT ><DT >6.3.2. <A -HREF="Bv9ARM.ch06.html#AEN4335" +HREF="Bv9ARM.ch06.html#AEN4370" >Discussion of MX Records</A ></DT ><DT @@ -610,17 +610,17 @@ HREF="Bv9ARM.ch06.html#Setting_TTLs" ></DT ><DT >6.3.4. <A -HREF="Bv9ARM.ch06.html#AEN4456" +HREF="Bv9ARM.ch06.html#AEN4491" >Inverse Mapping in IPv4</A ></DT ><DT >6.3.5. <A -HREF="Bv9ARM.ch06.html#AEN4483" +HREF="Bv9ARM.ch06.html#AEN4518" >Other Zone File Directives</A ></DT ><DT >6.3.6. <A -HREF="Bv9ARM.ch06.html#AEN4541" +HREF="Bv9ARM.ch06.html#AEN4576" ><ACRONYM CLASS="acronym" >BIND</ACRONYM @@ -650,7 +650,7 @@ HREF="Bv9ARM.ch07.html#Access_Control_Lists" ></DT ><DT >7.2. <A -HREF="Bv9ARM.ch07.html#AEN4658" +HREF="Bv9ARM.ch07.html#AEN4693" ><B CLASS="command" >chroot</B @@ -664,7 +664,7 @@ UNIX servers)</A ><DL ><DT >7.2.1. <A -HREF="Bv9ARM.ch07.html#AEN4681" +HREF="Bv9ARM.ch07.html#AEN4716" >The <B CLASS="command" >chroot</B @@ -672,7 +672,7 @@ CLASS="command" ></DT ><DT >7.2.2. <A -HREF="Bv9ARM.ch07.html#AEN4699" +HREF="Bv9ARM.ch07.html#AEN4734" >Using the <B CLASS="command" >setuid</B @@ -696,26 +696,26 @@ HREF="Bv9ARM.ch08.html" ><DL ><DT >8.1. <A -HREF="Bv9ARM.ch08.html#AEN4720" +HREF="Bv9ARM.ch08.html#AEN4755" >Common Problems</A ></DT ><DD ><DL ><DT >8.1.1. <A -HREF="Bv9ARM.ch08.html#AEN4722" +HREF="Bv9ARM.ch08.html#AEN4757" >It's not working; how can I figure out what's wrong?</A ></DT ></DL ></DD ><DT >8.2. <A -HREF="Bv9ARM.ch08.html#AEN4725" +HREF="Bv9ARM.ch08.html#AEN4760" >Incrementing and Changing the Serial Number</A ></DT ><DT >8.3. <A -HREF="Bv9ARM.ch08.html#AEN4730" +HREF="Bv9ARM.ch08.html#AEN4765" >Where Can I Get Help?</A ></DT ></DL @@ -729,14 +729,14 @@ HREF="Bv9ARM.ch09.html" ><DL ><DT >A.1. <A -HREF="Bv9ARM.ch09.html#AEN4746" +HREF="Bv9ARM.ch09.html#AEN4781" >Acknowledgments</A ></DT ><DD ><DL ><DT >A.1.1. <A -HREF="Bv9ARM.ch09.html#AEN4748" +HREF="Bv9ARM.ch09.html#AEN4783" >A Brief History of the <ACRONYM CLASS="acronym" >DNS</ACRONYM @@ -783,7 +783,7 @@ HREF="Bv9ARM.ch09.html#internet_drafts" ></DT ><DT >A.3.3. <A -HREF="Bv9ARM.ch09.html#AEN5343" +HREF="Bv9ARM.ch09.html#AEN5378" >Other Documents About <ACRONYM CLASS="acronym" >BIND</ACRONYM diff --git a/usr.sbin/bind/doc/misc/migration b/usr.sbin/bind/doc/misc/migration index 5599c4bc85c..2e247311617 100644 --- a/usr.sbin/bind/doc/misc/migration +++ b/usr.sbin/bind/doc/misc/migration @@ -119,6 +119,15 @@ line. $GENERATE: The "$$" construct for getting a literal $ into a domain name is deprecated. Use \$ instead. +2.6. TXT records are no longer automatically split. + +Some versions of BIND accepted strings in TXT RDATA consisting of more +than 255 characters and silently split them to be able to encode the +strings in a protocol conformant way. You may now see errors like this + dns_rdata_fromtext: local.db:119: ran out of space +if you have TXT RRs with too longs strings. Make sure to split the +string in the zone data file at or before a single one reaches 255 +characters. 3. Interoperability Impact of New Protocol Features @@ -243,4 +252,4 @@ necessary, the umask should be set explicitly in the script used to start the named process. -$ISC: migration,v 1.37.2.3.2.2 2004/03/06 13:16:19 marka Exp $ +$ISC: migration,v 1.37.2.3.2.3 2004/11/22 22:33:09 marka Exp $ diff --git a/usr.sbin/bind/lib/bind9/getaddresses.c b/usr.sbin/bind/lib/bind9/getaddresses.c index 474928a251f..b5b97479888 100644 --- a/usr.sbin/bind/lib/bind9/getaddresses.c +++ b/usr.sbin/bind/lib/bind9/getaddresses.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: getaddresses.c,v 1.13.126.5 2004/05/15 03:46:12 jinmei Exp $ */ +/* $ISC: getaddresses.c,v 1.13.126.6 2004/09/16 01:00:58 marka Exp $ */ #include <config.h> #include <string.h> @@ -84,7 +84,7 @@ bind9_getaddresses(const char *hostname, in_port_t port, isc_sockaddr_v6fromin(&addrs[0], &in4, port); *addrcount = 1; return (ISC_R_SUCCESS); - } else if (strlen(hostname) <= 127) { + } else if (strlen(hostname) <= 127U) { char tmpbuf[128], *d; isc_uint32_t zone = 0; diff --git a/usr.sbin/bind/lib/dns/Makefile.in b/usr.sbin/bind/lib/dns/Makefile.in index 110d116a9dd..b4b8025bcc9 100644 --- a/usr.sbin/bind/lib/dns/Makefile.in +++ b/usr.sbin/bind/lib/dns/Makefile.in @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $ISC: Makefile.in,v 1.126.2.3.2.15 2004/07/20 07:01:57 marka Exp $ +# $ISC: Makefile.in,v 1.126.2.3.2.17 2004/12/09 04:07:15 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ @@ -29,9 +29,10 @@ top_srcdir = @top_srcdir@ @BIND9_MAKE_INCLUDES@ -CINCLUDES = -I. ${DNS_INCLUDES} ${ISC_INCLUDES} +CINCLUDES = -I. -Iinclude ${DNS_INCLUDES} \ + ${ISC_INCLUDES} @DST_OPENSSL_INC@ @DST_GSSAPI_INC@ -CDEFINES = +CDEFINES = -DUSE_MD5 @USE_OPENSSL@ @USE_GSSAPI@ CWARNINGS = ISCLIBS = ../../lib/isc/libisc.@A@ @@ -42,13 +43,10 @@ LIBS = @LIBS@ # Alphabetically -DSTOBJS = sec/dst/dst_api.@O@ \ - sec/dst/dst_lib.@O@ sec/dst/dst_parse.@O@ \ - sec/dst/dst_result.@O@ sec/dst/gssapi_link.@O@ \ - sec/dst/gssapictx.@O@ sec/dst/hmac_link.@O@ \ - sec/dst/key.@O@ sec/dst/openssl_link.@O@ \ - sec/dst/openssldh_link.@O@ sec/dst/openssldsa_link.@O@ \ - sec/dst/opensslrsa_link.@O@ +DSTOBJS = dst_api.@O@ dst_lib.@O@ dst_parse.@O@ dst_result.@O@ \ + gssapi_link.@O@ gssapictx.@O@ hmac_link.@O@ key.@O@ \ + openssl_link.@O@ openssldh_link.@O@ openssldsa_link.@O@ \ + opensslrsa_link.@O@ # Alphabetically DNSOBJS = acl.@O@ adb.@O@ byaddr.@O@ \ @@ -69,6 +67,12 @@ DNSOBJS = acl.@O@ adb.@O@ byaddr.@O@ \ OBJS= ${DNSOBJS} ${OTHEROBJS} ${DSTOBJS} # Alphabetically +DSTSRCS = dst_api.c dst_lib.c dst_parse.c \ + dst_result.c gssapi_link.c gssapictx.c \ + hmac_link.c key.c \ + openssl_link.c openssldh_link.c \ + openssldsa_link.c opensslrsa_link.c + SRCS = acl.c adb.c byaddr.c \ cache.c callbacks.c compress.c \ db.c dbiterator.c dbtable.c diff.c dispatch.c \ @@ -83,8 +87,9 @@ SRCS = acl.c adb.c byaddr.c \ stats.c tcpmsg.c time.c timer.c tkey.c \ tsig.c ttl.c validator.c \ version.c view.c xfrin.c zone.c zonekey.c zt.c ${OTHERSRCS} +SRCS = ${DSTSRCS} ${DNSSRCS} -SUBDIRS = include sec +SUBDIRS = include TARGETS = include/dns/enumtype.h include/dns/enumclass.h \ include/dns/rdatastruct.h timestamp @@ -159,6 +164,5 @@ depend: include/dns/enumtype.h include/dns/enumclass.h \ include/dns/rdatastruct.h code.h subdirs: include/dns/enumtype.h include/dns/enumclass.h \ include/dns/rdatastruct.h code.h -${DNSOBJS}: include/dns/enumtype.h include/dns/enumclass.h \ +${OBJS}: include/dns/enumtype.h include/dns/enumclass.h \ include/dns/rdatastruct.h -rdata.${0}: code.h diff --git a/usr.sbin/bind/lib/dns/adb.c b/usr.sbin/bind/lib/dns/adb.c index 23aa704a2bd..e21965a91ae 100644 --- a/usr.sbin/bind/lib/dns/adb.c +++ b/usr.sbin/bind/lib/dns/adb.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: adb.c,v 1.181.2.11.2.19 2004/09/01 05:19:57 marka Exp $ */ +/* $ISC: adb.c,v 1.181.2.11.2.20 2004/11/10 22:32:40 marka Exp $ */ /* * Implementation notes @@ -278,7 +278,7 @@ static inline dns_adbname_t *find_name_and_lock(dns_adb_t *, dns_name_t *, unsigned int, int *); static inline dns_adbentry_t *find_entry_and_lock(dns_adb_t *, isc_sockaddr_t *, int *); -static void dump_adb(dns_adb_t *, FILE *, isc_boolean_t debug); +static void dump_adb(dns_adb_t *, FILE *, isc_boolean_t debug, isc_stdtime_t); static void print_dns_name(FILE *, dns_name_t *); static void print_namehook_list(FILE *, const char *legend, dns_adbnamehooklist_t *list, @@ -315,7 +315,8 @@ static inline isc_boolean_t unlink_name(dns_adb_t *, dns_adbname_t *); static inline void link_entry(dns_adb_t *, int, dns_adbentry_t *); static inline isc_boolean_t unlink_entry(dns_adb_t *, dns_adbentry_t *); static isc_boolean_t kill_name(dns_adbname_t **, isc_eventtype_t); -static void water(void *arg, int mark); +static void water(void *, int); +static void dump_entry(FILE *, dns_adbentry_t *, isc_boolean_t, isc_stdtime_t); /* * MUST NOT overlap DNS_ADBFIND_* flags! @@ -1937,7 +1938,7 @@ timer_cleanup(isc_task_t *task, isc_event_t *ev) { if (adb->next_cleanbucket >= NBUCKETS) { adb->next_cleanbucket = 0; #ifdef DUMP_ADB_AFTER_CLEANING - dump_adb(adb, stdout, ISC_TRUE); + dump_adb(adb, stdout, ISC_TRUE, now); #endif } } @@ -2707,6 +2708,9 @@ dns_adb_cancelfind(dns_adbfind_t *find) { void dns_adb_dump(dns_adb_t *adb, FILE *f) { + int i; + isc_stdtime_t now; + REQUIRE(DNS_ADB_VALID(adb)); REQUIRE(f != NULL); @@ -2718,7 +2722,14 @@ dns_adb_dump(dns_adb_t *adb, FILE *f) { */ LOCK(&adb->lock); - dump_adb(adb, f, ISC_FALSE); + isc_stdtime_get(&now); + + for (i = 0; i < NBUCKETS; i++) + RUNTIME_CHECK(cleanup_names(adb, i, now) == ISC_FALSE); + for (i = 0; i < NBUCKETS; i++) + RUNTIME_CHECK(cleanup_entries(adb, i, now) == ISC_FALSE); + + dump_adb(adb, f, ISC_FALSE, now); UNLOCK(&adb->lock); } @@ -2730,12 +2741,10 @@ dump_ttl(FILE *f, const char *legend, isc_stdtime_t value, isc_stdtime_t now) { } static void -dump_adb(dns_adb_t *adb, FILE *f, isc_boolean_t debug) { +dump_adb(dns_adb_t *adb, FILE *f, isc_boolean_t debug, isc_stdtime_t now) { int i; dns_adbname_t *name; - isc_stdtime_t now; - - isc_stdtime_get(&now); + dns_adbentry_t *entry; fprintf(f, ";\n; Address database dump\n;\n"); if (debug) @@ -2793,6 +2802,17 @@ dump_adb(dns_adb_t *adb, FILE *f, isc_boolean_t debug) { } } + fprintf(f, ";\n; Unassociated entries\n;\n"); + + for (i = 0; i < NBUCKETS; i++) { + entry = ISC_LIST_HEAD(adb->entries[i]); + while (entry != NULL) { + if (entry->refcnt == 0) + dump_entry(f, entry, debug, now); + entry = ISC_LIST_NEXT(entry, plink); + } + } + /* * Unlock everything */ @@ -2818,6 +2838,8 @@ dump_entry(FILE *f, dns_adbentry_t *entry, isc_boolean_t debug, fprintf(f, ";\t%s [srtt %u] [flags %08x]", addrbuf, entry->srtt, entry->flags); + if (entry->expires != 0) + fprintf(f, " [ttl %d]", entry->expires - now); fprintf(f, "\n"); for (zi = ISC_LIST_HEAD(entry->zoneinfo); zi != NULL; @@ -3495,16 +3517,16 @@ dns_adb_flush(dns_adb_t *adb) { LOCK(&adb->lock); - for (i = 0; i < NBUCKETS; i++) { - /* - * Call our cleanup routines. - */ + /* + * Call our cleanup routines. + */ + for (i = 0; i < NBUCKETS; i++) RUNTIME_CHECK(cleanup_names(adb, i, INT_MAX) == ISC_FALSE); + for (i = 0; i < NBUCKETS; i++) RUNTIME_CHECK(cleanup_entries(adb, i, INT_MAX) == ISC_FALSE); - } #ifdef DUMP_ADB_AFTER_CLEANING - dump_adb(adb, stdout, ISC_TRUE); + dump_adb(adb, stdout, ISC_TRUE, INT_MAX); #endif UNLOCK(&adb->lock); diff --git a/usr.sbin/bind/lib/dns/api b/usr.sbin/bind/lib/dns/api index 444e0c5cd0c..c06a62ec803 100644 --- a/usr.sbin/bind/lib/dns/api +++ b/usr.sbin/bind/lib/dns/api @@ -1,3 +1,3 @@ LIBINTERFACE = 20 -LIBREVISION = 0 +LIBREVISION = 2 LIBAGE = 0 diff --git a/usr.sbin/bind/lib/dns/include/dns/name.h b/usr.sbin/bind/lib/dns/include/dns/name.h index 09b2948e34a..129ddfa5036 100644 --- a/usr.sbin/bind/lib/dns/include/dns/name.h +++ b/usr.sbin/bind/lib/dns/include/dns/name.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: name.h,v 1.95.2.3.2.11 2004/09/01 05:19:59 marka Exp $ */ +/* $ISC: name.h,v 1.95.2.3.2.12 2004/09/08 00:29:34 marka Exp $ */ #ifndef DNS_NAME_H #define DNS_NAME_H 1 @@ -576,7 +576,7 @@ dns_name_getlabel(const dns_name_t *name, unsigned int n, dns_label_t *label); * be changed while 'label' is still in use. * * Requires: - * n < dns_label_countlabels(name) + * n < dns_name_countlabels(name) */ void @@ -598,9 +598,9 @@ dns_name_getlabelsequence(const dns_name_t *source, unsigned int first, * Requires: * 'source' and 'target' are valid names. * - * first < dns_label_countlabels(name) + * first < dns_name_countlabels(name) * - * first + n <= dns_label_countlabels(name) + * first + n <= dns_name_countlabels(name) */ @@ -617,7 +617,7 @@ dns_name_clone(dns_name_t *source, dns_name_t *target); * This call is functionally equivalent to: * * dns_name_getlabelsequence(source, 0, - * dns_label_countlabels(source), + * dns_name_countlabels(source), * target); * * but is more efficient. Also, dns_name_clone() works even if 'source' diff --git a/usr.sbin/bind/lib/dns/include/dns/zone.h b/usr.sbin/bind/lib/dns/include/dns/zone.h index 551a3ac6f1f..f266f0375ab 100644 --- a/usr.sbin/bind/lib/dns/include/dns/zone.h +++ b/usr.sbin/bind/lib/dns/include/dns/zone.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: zone.h,v 1.106.2.7.4.14 2004/03/06 08:14:01 marka Exp $ */ +/* $ISC: zone.h,v 1.106.2.7.4.15 2004/10/26 02:08:43 marka Exp $ */ #ifndef DNS_ZONE_H #define DNS_ZONE_H 1 @@ -971,6 +971,13 @@ dns_zone_replacedb(dns_zone_t *zone, dns_db_t *db, isc_boolean_t dump); * * Requires: * 'zone' to be a valid zone. + * + * Returns: + * DNS_R_SUCCESS + * DNS_R_BADZONE zone failed basic consistancy checks: + * * a single SOA must exist + * * some NS records must exist. + * Others */ isc_uint32_t diff --git a/usr.sbin/bind/lib/dns/rbt.c b/usr.sbin/bind/lib/dns/rbt.c index b64433e4d0b..aef9d996ede 100644 --- a/usr.sbin/bind/lib/dns/rbt.c +++ b/usr.sbin/bind/lib/dns/rbt.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rbt.c,v 1.115.2.2.2.9 2004/03/08 21:06:27 marka Exp $ */ +/* $ISC: rbt.c,v 1.115.2.2.2.11 2004/10/25 01:36:07 marka Exp $ */ /* Principal Authors: DCL */ @@ -64,7 +64,6 @@ struct dns_rbt { unsigned int nodecount; unsigned int hashsize; dns_rbtnode_t ** hashtable; - unsigned int quantum; }; #define RED 0 @@ -180,25 +179,6 @@ find_up(dns_rbtnode_t *node) { return (PARENT(root)); } -#ifdef DNS_RBT_USEHASH -static inline void -compute_node_hash(dns_rbtnode_t *node) { - unsigned int hash; - dns_name_t name; - dns_rbtnode_t *up_node; - - dns_name_init(&name, NULL); - NODENAME(node, &name); - hash = dns_name_hashbylabel(&name, ISC_FALSE); - - up_node = find_up(node); - if (up_node != NULL) - hash += HASHVAL(up_node); - - HASHVAL(node) = hash; -} -#endif - /* * Forward declarations. */ @@ -207,11 +187,11 @@ create_node(isc_mem_t *mctx, dns_name_t *name, dns_rbtnode_t **nodep); #ifdef DNS_RBT_USEHASH static inline void -hash_node(dns_rbt_t *rbt, dns_rbtnode_t *node); +hash_node(dns_rbt_t *rbt, dns_rbtnode_t *node, dns_name_t *name); static inline void unhash_node(dns_rbt_t *rbt, dns_rbtnode_t *node); #else -#define hash_node(rbt, node) (ISC_R_SUCCESS) +#define hash_node(rbt, node, name) (ISC_R_SUCCESS) #define unhash_node(rbt, node) #endif @@ -231,7 +211,8 @@ static isc_result_t dns_rbt_deletetree(dns_rbt_t *rbt, dns_rbtnode_t *node); static void -dns_rbt_deletetreeflat(dns_rbt_t *rbt, dns_rbtnode_t **nodep); +dns_rbt_deletetreeflat(dns_rbt_t *rbt, unsigned int quantum, + dns_rbtnode_t **nodep); /* * Initialize a red/black tree of trees. @@ -268,7 +249,6 @@ dns_rbt_create(isc_mem_t *mctx, void (*deleter)(void *, void *), return (result); } #endif - rbt->quantum = 0; rbt->magic = RBT_MAGIC; *rbtp = rbt; @@ -292,9 +272,7 @@ dns_rbt_destroy2(dns_rbt_t **rbtp, unsigned int quantum) { rbt = *rbtp; - rbt->quantum = quantum; - - dns_rbt_deletetreeflat(rbt, &rbt->root); + dns_rbt_deletetreeflat(rbt, quantum, &rbt->root); if (rbt->root != NULL) return (ISC_R_QUOTA); @@ -377,13 +355,14 @@ dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep) { * Does this thing have too many variables or what? */ dns_rbtnode_t **root, *parent, *child, *current, *new_current; - dns_name_t *add_name, current_name, *prefix, *suffix; - dns_fixedname_t fixedcopy, fixedprefix, fixedsuffix; + dns_name_t *add_name, *new_name, current_name, *prefix, *suffix; + dns_fixedname_t fixedcopy, fixedprefix, fixedsuffix, fnewname; dns_offsets_t current_offsets; dns_namereln_t compared; isc_result_t result = ISC_R_SUCCESS; dns_rbtnodechain_t chain; unsigned int common_labels; + unsigned int nlabels, hlabels; int order; REQUIRE(VALID_RBT(rbt)); @@ -405,7 +384,7 @@ dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep) { new_current->is_root = 1; rbt->root = new_current; *nodep = new_current; - hash_node(rbt, new_current); + hash_node(rbt, new_current, name); } return (result); } @@ -423,6 +402,10 @@ dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep) { current = NULL; child = *root; dns_name_init(¤t_name, current_offsets); + dns_fixedname_init(&fnewname); + new_name = dns_fixedname_name(&fnewname); + nlabels = dns_name_countlabels(name); + hlabels = 0; do { current = child; @@ -462,6 +445,7 @@ dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep) { * the non-common parts of these two names should * start a new tree. */ + hlabels += common_labels; if (compared == dns_namereln_subdomain) { /* * All of the existing labels are in common, @@ -588,7 +572,10 @@ dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep) { ATTRS(current) &= ~DNS_NAMEATTR_ABSOLUTE; rbt->nodecount++; - hash_node(rbt, new_current); + dns_name_getlabelsequence(name, + nlabels - hlabels, + hlabels, new_name); + hash_node(rbt, new_current, new_name); if (common_labels == dns_name_countlabels(add_name)) { @@ -635,7 +622,7 @@ dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep) { dns_rbt_addonlevel(new_current, current, order, root); rbt->nodecount++; *nodep = new_current; - hash_node(rbt, new_current); + hash_node(rbt, new_current, name); } return (result); @@ -687,6 +674,7 @@ dns_rbt_findnode(dns_rbt_t *rbt, dns_name_t *name, dns_name_t *foundname, dns_namereln_t compared; isc_result_t result, saved_result; unsigned int common_labels; + unsigned int hlabels = 0; int order; REQUIRE(VALID_RBT(rbt)); @@ -782,11 +770,17 @@ dns_rbt_findnode(dns_rbt_t *rbt, dns_name_t *name, dns_name_t *foundname, dns_name_init(&hash_name, NULL); hashagain: + /* + * Hash includes tail. + */ + dns_name_getlabelsequence(name, + nlabels - tlabels, + hlabels + tlabels, + &hash_name); + hash = dns_name_fullhash(&hash_name, ISC_FALSE); dns_name_getlabelsequence(search_name, nlabels - tlabels, tlabels, &hash_name); - hash = HASHVAL(up_current) + - dns_name_hashbylabel(&hash_name, ISC_FALSE); for (hnode = rbt->hashtable[hash % rbt->hashsize]; hnode != NULL; @@ -863,6 +857,7 @@ dns_rbt_findnode(dns_rbt_t *rbt, dns_name_t *name, dns_name_t *foundname, */ dns_name_split(search_name, common_labels, search_name, NULL); + hlabels += common_labels; /* * This might be the closest enclosing name. */ @@ -1475,10 +1470,10 @@ create_node(isc_mem_t *mctx, dns_name_t *name, dns_rbtnode_t **nodep) { #ifdef DNS_RBT_USEHASH static inline void -hash_add_node(dns_rbt_t *rbt, dns_rbtnode_t *node) { +hash_add_node(dns_rbt_t *rbt, dns_rbtnode_t *node, dns_name_t *name) { unsigned int hash; - compute_node_hash(node); + HASHVAL(node) = dns_name_fullhash(name, ISC_FALSE); hash = HASHVAL(node) % rbt->hashsize; HASHNEXT(node) = rbt->hashtable[hash]; @@ -1539,14 +1534,14 @@ rehash(dns_rbt_t *rbt) { } static inline void -hash_node(dns_rbt_t *rbt, dns_rbtnode_t *node) { +hash_node(dns_rbt_t *rbt, dns_rbtnode_t *node, dns_name_t *name) { REQUIRE(DNS_RBTNODE_VALID(node)); if (rbt->nodecount >= (rbt->hashsize *3)) rehash(rbt); - hash_add_node(rbt, node); + hash_add_node(rbt, node, name); } static inline void @@ -2021,8 +2016,6 @@ dns_rbt_deletetree(dns_rbt_t *rbt, dns_rbtnode_t *node) { done: if (result != ISC_R_SUCCESS) return (result); - if (rbt->quantum != 0 && --rbt->quantum == 0) - return (ISC_R_QUOTA); if (DATA(node) != NULL && rbt->data_deleter != NULL) rbt->data_deleter(DATA(node), rbt->deleter_arg); @@ -2037,7 +2030,9 @@ dns_rbt_deletetree(dns_rbt_t *rbt, dns_rbtnode_t *node) { } static void -dns_rbt_deletetreeflat(dns_rbt_t *rbt, dns_rbtnode_t **nodep) { +dns_rbt_deletetreeflat(dns_rbt_t *rbt, unsigned int quantum, + dns_rbtnode_t **nodep) +{ dns_rbtnode_t *parent; dns_rbtnode_t *node = *nodep; REQUIRE(VALID_RBT(rbt)); @@ -2081,7 +2076,7 @@ dns_rbt_deletetreeflat(dns_rbt_t *rbt, dns_rbtnode_t **nodep) { isc_mem_put(rbt->mctx, node, NODE_SIZE(node)); rbt->nodecount--; node = parent; - if (rbt->quantum != 0 && --rbt->quantum == 0) { + if (quantum != 0 && --quantum == 0) { *nodep = node; return; } diff --git a/usr.sbin/bind/lib/dns/rdata.c b/usr.sbin/bind/lib/dns/rdata.c index 6be246c0afc..6527157414d 100644 --- a/usr.sbin/bind/lib/dns/rdata.c +++ b/usr.sbin/bind/lib/dns/rdata.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: rdata.c,v 1.147.2.11.2.15 2004/03/12 10:31:25 marka Exp $ */ +/* $ISC: rdata.c,v 1.147.2.11.2.16 2004/10/06 05:37:40 marka Exp $ */ #include <config.h> #include <ctype.h> @@ -1587,7 +1587,7 @@ warn_badname(dns_name_t *name, isc_lex_t *lexer, file = isc_lex_getsourcename(lexer); line = isc_lex_getsourceline(lexer); dns_name_format(name, namebuf, sizeof(namebuf)); - (*callbacks->warn)(callbacks, "%s:%u: %s: %s", + (*callbacks->warn)(callbacks, "%s:%u: warning: %s: %s", file, line, namebuf, dns_result_totext(DNS_R_BADNAME)); } diff --git a/usr.sbin/bind/lib/dns/rdata/in_1/wks_11.c b/usr.sbin/bind/lib/dns/rdata/in_1/wks_11.c index 5065edd7f1c..7a1419810d5 100644 --- a/usr.sbin/bind/lib/dns/rdata/in_1/wks_11.c +++ b/usr.sbin/bind/lib/dns/rdata/in_1/wks_11.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: wks_11.c,v 1.44.12.7 2004/03/08 09:04:44 marka Exp $ */ +/* $ISC: wks_11.c,v 1.44.12.8 2004/09/16 01:00:58 marka Exp $ */ /* Reviewed: Fri Mar 17 15:01:49 PST 2000 by explorer */ @@ -106,7 +106,7 @@ fromtext_in_wks(ARGS_FROMTEXT) { strlcpy(service, token.value.as_pointer, sizeof(service)); for (i = strlen(service) - 1; i >= 0; i--) if (isupper(service[i]&0xff)) - service[i] = tolower(service[i]); + service[i] = tolower(service[i]&0xff); port = strtol(DNS_AS_STR(token), &e, 10); if (*e == 0) diff --git a/usr.sbin/bind/lib/dns/resolver.c b/usr.sbin/bind/lib/dns/resolver.c index c72f269c1b8..c199c12a542 100644 --- a/usr.sbin/bind/lib/dns/resolver.c +++ b/usr.sbin/bind/lib/dns/resolver.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: resolver.c,v 1.218.2.18.4.43 2004/08/28 06:25:19 marka Exp $ */ +/* $ISC: resolver.c,v 1.218.2.18.4.51 2005/02/08 23:59:44 marka Exp $ */ #include <config.h> @@ -762,6 +762,9 @@ static void resquery_senddone(isc_task_t *task, isc_event_t *event) { isc_socketevent_t *sevent = (isc_socketevent_t *)event; resquery_t *query = event->ev_arg; + isc_boolean_t retry = ISC_FALSE; + isc_result_t result; + fetchctx_t *fctx; REQUIRE(event->ev_type == ISC_SOCKEVENT_SENDDONE); @@ -780,6 +783,7 @@ resquery_senddone(isc_task_t *task, isc_event_t *event) { INSIST(RESQUERY_SENDING(query)); query->sends--; + fctx = query->fctx; if (RESQUERY_CANCELED(query)) { if (query->sends == 0) { @@ -791,13 +795,43 @@ resquery_senddone(isc_task_t *task, isc_event_t *event) { isc_socket_detach(&query->tcpsocket); resquery_destroy(&query); } - } else if (sevent->result == ISC_R_HOSTUNREACH || - sevent->result == ISC_R_NETUNREACH) - fctx_cancelquery(&query, NULL, NULL, ISC_TRUE); - else if (sevent->result != ISC_R_SUCCESS) - fctx_cancelquery(&query, NULL, NULL, ISC_FALSE); + } else + switch (sevent->result) { + case ISC_R_SUCCESS: + break; + + case ISC_R_HOSTUNREACH: + case ISC_R_NETUNREACH: + case ISC_R_NOPERM: + case ISC_R_ADDRNOTAVAIL: + case ISC_R_CONNREFUSED: + + /* + * No route to remote. + */ + fctx_cancelquery(&query, NULL, NULL, ISC_TRUE); + retry = ISC_TRUE; + break; + + default: + fctx_cancelquery(&query, NULL, NULL, ISC_FALSE); + break; + } isc_event_free(&event); + + if (retry) { + /* + * Behave as if the idle timer has expired. For TCP + * this may not actually reflect the latest timer. + */ + fctx->attributes &= ~FCTX_ATTR_ADDRWAIT; + result = fctx_stopidletimer(fctx); + if (result != ISC_R_SUCCESS) + fctx_done(fctx, result); + else + fctx_try(fctx); + } } static inline isc_result_t @@ -1314,7 +1348,10 @@ static void resquery_connected(isc_task_t *task, isc_event_t *event) { isc_socketevent_t *sevent = (isc_socketevent_t *)event; resquery_t *query = event->ev_arg; + isc_boolean_t retry = ISC_FALSE; isc_result_t result; + unsigned int attrs; + fetchctx_t *fctx; REQUIRE(event->ev_type == ISC_SOCKEVENT_CONNECT); REQUIRE(VALID_QUERY(query)); @@ -1332,6 +1369,7 @@ resquery_connected(isc_task_t *task, isc_event_t *event) { */ query->connects--; + fctx = query->fctx; if (RESQUERY_CANCELED(query)) { /* @@ -1341,9 +1379,8 @@ resquery_connected(isc_task_t *task, isc_event_t *event) { isc_socket_detach(&query->tcpsocket); resquery_destroy(&query); } else { - if (sevent->result == ISC_R_SUCCESS) { - unsigned int attrs; - + switch (sevent->result) { + case ISC_R_SUCCESS: /* * We are connected. Create a dispatcher and * send the query. @@ -1376,26 +1413,48 @@ resquery_connected(isc_task_t *task, isc_event_t *event) { result = resquery_send(query); if (result != ISC_R_SUCCESS) { - fetchctx_t *fctx = query->fctx; fctx_cancelquery(&query, NULL, NULL, ISC_FALSE); fctx_done(fctx, result); } - } else if (sevent->result == ISC_R_HOSTUNREACH || - sevent->result == ISC_R_NETUNREACH) { + break; + + case ISC_R_NETUNREACH: + case ISC_R_HOSTUNREACH: + case ISC_R_CONNREFUSED: + case ISC_R_NOPERM: + case ISC_R_ADDRNOTAVAIL: + /* + * No route to remote. + */ isc_socket_detach(&query->tcpsocket); fctx_cancelquery(&query, NULL, NULL, ISC_TRUE); - } else { + retry = ISC_TRUE; + break; + + default: isc_socket_detach(&query->tcpsocket); fctx_cancelquery(&query, NULL, NULL, ISC_FALSE); + break; } } isc_event_free(&event); + + if (retry) { + /* + * Behave as if the idle timer has expired. For TCP + * connections this may not actually reflect the latest timer. + */ + fctx->attributes &= ~FCTX_ATTR_ADDRWAIT; + result = fctx_stopidletimer(fctx); + if (result != ISC_R_SUCCESS) + fctx_done(fctx, result); + else + fctx_try(fctx); + } } - - static void fctx_finddone(isc_task_t *task, isc_event_t *event) { fetchctx_t *fctx; @@ -3526,6 +3585,14 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, isc_stdtime_t now) { fctx->validators, validator, link); } + } else if (CHAINING(rdataset)) { + if (rdataset->type == dns_rdatatype_cname) + eresult = DNS_R_CNAME; + else { + INSIST(rdataset->type == + dns_rdatatype_dname); + eresult = DNS_R_DNAME; + } } } else if (!EXTERNAL(rdataset)) { /* @@ -4134,7 +4201,7 @@ noanswer_response(fetchctx_t *fctx, dns_name_t *oqname, dns_message_currentname(message, section, &name); if (dns_name_issubdomain(name, &fctx->domain)) { /* - * Look for NS RRset first. + * Look for NS/SOA RRsets first. */ for (rdataset = ISC_LIST_HEAD(name->list); rdataset != NULL; @@ -4148,7 +4215,7 @@ noanswer_response(fetchctx_t *fctx, dns_name_t *oqname, return (DNS_R_FORMERR); if (type == dns_rdatatype_ns) { /* - * NS or SIG NS. + * NS or RRSIG NS. * * Only one set of NS RRs is allowed. */ @@ -4166,17 +4233,9 @@ noanswer_response(fetchctx_t *fctx, dns_name_t *oqname, DNS_RDATASETATTR_CACHE; rdataset->trust = dns_trust_glue; } - } - for (rdataset = ISC_LIST_HEAD(name->list); - rdataset != NULL; - rdataset = ISC_LIST_NEXT(rdataset, link)) { - type = rdataset->type; - if (type == dns_rdatatype_rrsig) - type = rdataset->covers; - if (type == dns_rdatatype_soa || - type == dns_rdatatype_nsec) { + if (type == dns_rdatatype_soa) { /* - * SOA, RRSIG SOA, NSEC, or RRSIG NSEC. + * SOA, or RRSIG SOA. * * Only one SOA is allowed. */ @@ -4187,8 +4246,38 @@ noanswer_response(fetchctx_t *fctx, dns_name_t *oqname, return (DNS_R_FORMERR); soa_name = name; } - if (ns_name == NULL) { - negative_response = ISC_TRUE; + name->attributes |= + DNS_NAMEATTR_NCACHE; + rdataset->attributes |= + DNS_RDATASETATTR_NCACHE; + if (aa) + rdataset->trust = + dns_trust_authauthority; + else + rdataset->trust = + dns_trust_additional; + } + } + /* + * A negative response has a SOA record (Type 2) + * and a optional NS RRset (Type 1) or it has neither + * a SOA or a NS RRset (Type 3, handled above) or + * rcode is NXDOMAIN (handled above) in which case + * the NS RRset is allowed (Type 4). + */ + if (soa_name != NULL) + negative_response = ISC_TRUE; + for (rdataset = ISC_LIST_HEAD(name->list); + rdataset != NULL; + rdataset = ISC_LIST_NEXT(rdataset, link)) { + type = rdataset->type; + if (type == dns_rdatatype_rrsig) + type = rdataset->covers; + if (type == dns_rdatatype_nsec) { + /* + * NSEC or RRSIG NSEC. + */ + if (negative_response) { name->attributes |= DNS_NAMEATTR_NCACHE; rdataset->attributes |= @@ -4217,7 +4306,7 @@ noanswer_response(fetchctx_t *fctx, dns_name_t *oqname, * this is a referral, and there * should only be one DS. */ - if (negative_response) + if (ns_name == NULL) return (DNS_R_FORMERR); if (rdataset->type == dns_rdatatype_ds) { @@ -5236,10 +5325,15 @@ resquery_response(isc_task_t *task, isc_event_t *event) { domainbuf, namebuf, typebuf, classbuf, addrbuf); } - if ((fctx->res->options | DNS_RESOLVER_CHECKNAMES) != 0) + if ((fctx->res->options & DNS_RESOLVER_CHECKNAMES) != 0) checknames(message); /* + * Clear cache bits. + */ + fctx->attributes &= ~(FCTX_ATTR_WANTNCACHE | FCTX_ATTR_WANTCACHE); + + /* * Did we get any answers? */ if (message->counts[DNS_SECTION_ANSWER] > 0 && @@ -5387,13 +5481,16 @@ resquery_response(isc_task_t *task, isc_event_t *event) { return; } findoptions = 0; + if (dns_rdatatype_atparent(fctx->type)) + findoptions |= DNS_DBFIND_NOEXACT; if ((options & DNS_FETCHOPT_UNSHARED) == 0) name = &fctx->name; else name = &fctx->domain; result = dns_view_findzonecut(fctx->res->view, name, fname, - now, 0, ISC_TRUE, + now, findoptions, + ISC_TRUE, &fctx->nameservers, NULL); if (result != ISC_R_SUCCESS) { diff --git a/usr.sbin/bind/lib/dns/sec/Makefile.in b/usr.sbin/bind/lib/dns/sec/Makefile.in deleted file mode 100644 index 2b13a3b72b4..00000000000 --- a/usr.sbin/bind/lib/dns/sec/Makefile.in +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright (C) 1998-2001 Internet Software Consortium. -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM -# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL -# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING -# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, -# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION -# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -# $ISC: Makefile.in,v 1.11 2001/07/10 21:37:56 bwelling Exp $ - -srcdir = @srcdir@ -VPATH = @srcdir@ -top_srcdir = @top_srcdir@ - -SUBDIRS = dst -TARGETS = - -@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/dns/sec/dst/Makefile.in b/usr.sbin/bind/lib/dns/sec/dst/Makefile.in deleted file mode 100644 index cfa44e8e473..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/Makefile.in +++ /dev/null @@ -1,48 +0,0 @@ -# Copyright (C) 1998-2002 Internet Software Consortium. -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM -# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL -# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING -# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, -# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION -# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -# $ISC: Makefile.in,v 1.25.2.2 2002/08/05 06:57:14 marka Exp $ - -srcdir = @srcdir@ -VPATH = @srcdir@ -top_srcdir = @top_srcdir@ - -@BIND9_INCLUDES@ - -CINCLUDES = -I${srcdir} ${DNS_INCLUDES} \ - ${ISC_INCLUDES} @DST_OPENSSL_INC@ @DST_GSSAPI_INC@ - -CDEFINES = -DUSE_MD5 @USE_OPENSSL@ @USE_GSSAPI@ -CWARNINGS = - -LIBS = @LIBS@ - -# Alphabetically -OBJS = dst_api.@O@ dst_lib.@O@ dst_parse.@O@ \ - dst_result.@O@ gssapi_link.@O@ gssapictx.@O@ \ - hmac_link.@O@ key.@O@ \ - openssl_link.@O@ openssldh_link.@O@ \ - openssldsa_link.@O@ opensslrsa_link.@O@ - -SRCS = dst_api.c dst_lib.c dst_parse.c \ - dst_result.c gssapi_link.c gssapictx.c \ - hmac_link.c key.c \ - openssl_link.c openssldh_link.c \ - openssldsa_link.c opensslrsa_link.c - -SUBDIRS = include -TARGETS = ${OBJS} - -@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/dns/sec/dst/dst_api.c b/usr.sbin/bind/lib/dns/sec/dst/dst_api.c deleted file mode 100644 index 62b6e439616..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/dst_api.c +++ /dev/null @@ -1,1187 +0,0 @@ -/* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") - * Portions Copyright (C) 1999-2003 Internet Software Consortium. - * Portions Copyright (C) 1995-2000 by Network Associates, Inc. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS - * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE - * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR - * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Principal Author: Brian Wellington - * $ISC: dst_api.c,v 1.88.2.3.2.15 2004/06/16 01:05:01 marka Exp $ - */ - -#include <config.h> - -#include <stdlib.h> - -#include <isc/buffer.h> -#include <isc/dir.h> -#include <isc/entropy.h> -#include <isc/fsaccess.h> -#include <isc/lex.h> -#include <isc/mem.h> -#include <isc/once.h> -#include <isc/print.h> -#include <isc/random.h> -#include <isc/string.h> -#include <isc/time.h> -#include <isc/util.h> - -#include <dns/fixedname.h> -#include <dns/keyvalues.h> -#include <dns/name.h> -#include <dns/rdata.h> -#include <dns/rdataclass.h> -#include <dns/ttl.h> -#include <dns/types.h> - -#include <dst/result.h> - -#include "dst_internal.h" - -#define DST_AS_STR(t) ((t).value.as_textregion.base) - -static dst_func_t *dst_t_func[DST_MAX_ALGS]; -static isc_entropy_t *dst_entropy_pool = NULL; -static unsigned int dst_entropy_flags = 0; -static isc_boolean_t dst_initialized = ISC_FALSE; - -isc_mem_t *dst__memory_pool = NULL; - -/* - * Static functions. - */ -static dst_key_t * get_key_struct(dns_name_t *name, - unsigned int alg, - unsigned int flags, - unsigned int protocol, - unsigned int bits, - dns_rdataclass_t rdclass, - isc_mem_t *mctx); -static isc_result_t read_public_key(const char *filename, - int type, - isc_mem_t *mctx, - dst_key_t **keyp); -static isc_result_t write_public_key(const dst_key_t *key, int type, - const char *directory); -static isc_result_t buildfilename(dns_name_t *name, - dns_keytag_t id, - unsigned int alg, - unsigned int type, - const char *directory, - isc_buffer_t *out); -static isc_result_t computeid(dst_key_t *key); -static isc_result_t frombuffer(dns_name_t *name, - unsigned int alg, - unsigned int flags, - unsigned int protocol, - dns_rdataclass_t rdclass, - isc_buffer_t *source, - isc_mem_t *mctx, - dst_key_t **keyp); - -static isc_result_t algorithm_status(unsigned int alg); - -static isc_result_t addsuffix(char *filename, unsigned int len, - const char *ofilename, const char *suffix); - -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto out; \ - } while (0) - -#define CHECKALG(alg) \ - do { \ - isc_result_t _r; \ - _r = algorithm_status(alg); \ - if (_r != ISC_R_SUCCESS) \ - return (_r); \ - } while (0); \ - -isc_result_t -dst_lib_init(isc_mem_t *mctx, isc_entropy_t *ectx, unsigned int eflags) { - isc_result_t result; - - REQUIRE(mctx != NULL && ectx != NULL); - REQUIRE(dst_initialized == ISC_FALSE); - - dst__memory_pool = NULL; - -#ifdef OPENSSL - UNUSED(mctx); - /* - * When using --with-openssl, there seems to be no good way of not - * leaking memory due to the openssl error handling mechanism. - * Avoid assertions by using a local memory context and not checking - * for leaks on exit. - */ - result = isc_mem_create(0, 0, &dst__memory_pool); - if (result != ISC_R_SUCCESS) - return (result); - isc_mem_setdestroycheck(dst__memory_pool, ISC_FALSE); -#else - isc_mem_attach(mctx, &dst__memory_pool); -#endif - isc_entropy_attach(ectx, &dst_entropy_pool); - dst_entropy_flags = eflags; - - dst_result_register(); - - memset(dst_t_func, 0, sizeof(dst_t_func)); - RETERR(dst__hmacmd5_init(&dst_t_func[DST_ALG_HMACMD5])); -#ifdef OPENSSL - RETERR(dst__openssl_init()); - RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSAMD5])); - RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA1])); -#ifdef HAVE_OPENSSL_DSA - RETERR(dst__openssldsa_init(&dst_t_func[DST_ALG_DSA])); -#endif - RETERR(dst__openssldh_init(&dst_t_func[DST_ALG_DH])); -#endif /* OPENSSL */ -#ifdef GSSAPI - RETERR(dst__gssapi_init(&dst_t_func[DST_ALG_GSSAPI])); -#endif - dst_initialized = ISC_TRUE; - return (ISC_R_SUCCESS); - - out: - dst_lib_destroy(); - return (result); -} - -void -dst_lib_destroy(void) { - int i; - RUNTIME_CHECK(dst_initialized == ISC_TRUE); - dst_initialized = ISC_FALSE; - - for (i = 0; i < DST_MAX_ALGS; i++) - if (dst_t_func[i] != NULL && dst_t_func[i]->cleanup != NULL) - dst_t_func[i]->cleanup(); -#ifdef OPENSSL - dst__openssl_destroy(); -#endif - if (dst__memory_pool != NULL) - isc_mem_detach(&dst__memory_pool); - if (dst_entropy_pool != NULL) - isc_entropy_detach(&dst_entropy_pool); - -} - -isc_boolean_t -dst_algorithm_supported(unsigned int alg) { - REQUIRE(dst_initialized == ISC_TRUE); - - if (alg >= DST_MAX_ALGS || dst_t_func[alg] == NULL) - return (ISC_FALSE); - return (ISC_TRUE); -} - -isc_result_t -dst_context_create(dst_key_t *key, isc_mem_t *mctx, dst_context_t **dctxp) { - dst_context_t *dctx; - isc_result_t result; - - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(VALID_KEY(key)); - REQUIRE(mctx != NULL); - REQUIRE(dctxp != NULL && *dctxp == NULL); - - if (key->func->createctx == NULL) - return (DST_R_UNSUPPORTEDALG); - if (key->opaque == NULL) - return (DST_R_NULLKEY); - - dctx = isc_mem_get(mctx, sizeof(dst_context_t)); - if (dctx == NULL) - return (ISC_R_NOMEMORY); - dctx->key = key; - dctx->mctx = mctx; - result = key->func->createctx(key, dctx); - if (result != ISC_R_SUCCESS) { - isc_mem_put(mctx, dctx, sizeof(dst_context_t)); - return (result); - } - dctx->magic = CTX_MAGIC; - *dctxp = dctx; - return (ISC_R_SUCCESS); -} - -void -dst_context_destroy(dst_context_t **dctxp) { - dst_context_t *dctx; - - REQUIRE(dctxp != NULL && VALID_CTX(*dctxp)); - - dctx = *dctxp; - INSIST(dctx->key->func->destroyctx != NULL); - dctx->key->func->destroyctx(dctx); - dctx->magic = 0; - isc_mem_put(dctx->mctx, dctx, sizeof(dst_context_t)); - *dctxp = NULL; -} - -isc_result_t -dst_context_adddata(dst_context_t *dctx, const isc_region_t *data) { - REQUIRE(VALID_CTX(dctx)); - REQUIRE(data != NULL); - INSIST(dctx->key->func->adddata != NULL); - - return (dctx->key->func->adddata(dctx, data)); -} - -isc_result_t -dst_context_sign(dst_context_t *dctx, isc_buffer_t *sig) { - dst_key_t *key; - - REQUIRE(VALID_CTX(dctx)); - REQUIRE(sig != NULL); - - key = dctx->key; - CHECKALG(key->key_alg); - if (key->opaque == NULL) - return (DST_R_NULLKEY); - if (key->func->sign == NULL) - return (DST_R_NOTPRIVATEKEY); - if (key->func->isprivate == NULL || - key->func->isprivate(key) == ISC_FALSE) - return (DST_R_NOTPRIVATEKEY); - - return (key->func->sign(dctx, sig)); -} - -isc_result_t -dst_context_verify(dst_context_t *dctx, isc_region_t *sig) { - REQUIRE(VALID_CTX(dctx)); - REQUIRE(sig != NULL); - - CHECKALG(dctx->key->key_alg); - if (dctx->key->opaque == NULL) - return (DST_R_NULLKEY); - if (dctx->key->func->verify == NULL) - return (DST_R_NOTPUBLICKEY); - - return (dctx->key->func->verify(dctx, sig)); -} - -isc_result_t -dst_key_computesecret(const dst_key_t *pub, const dst_key_t *priv, - isc_buffer_t *secret) -{ - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(VALID_KEY(pub) && VALID_KEY(priv)); - REQUIRE(secret != NULL); - - CHECKALG(pub->key_alg); - CHECKALG(priv->key_alg); - - if (pub->opaque == NULL || priv->opaque == NULL) - return (DST_R_NULLKEY); - - if (pub->key_alg != priv->key_alg || - pub->func->computesecret == NULL || - priv->func->computesecret == NULL) - return (DST_R_KEYCANNOTCOMPUTESECRET); - - if (dst_key_isprivate(priv) == ISC_FALSE) - return (DST_R_NOTPRIVATEKEY); - - return (pub->func->computesecret(pub, priv, secret)); -} - -isc_result_t -dst_key_tofile(const dst_key_t *key, int type, const char *directory) { - isc_result_t ret = ISC_R_SUCCESS; - - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(VALID_KEY(key)); - REQUIRE((type & (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC)) != 0); - - CHECKALG(key->key_alg); - - if (key->func->tofile == NULL) - return (DST_R_UNSUPPORTEDALG); - - if (type & DST_TYPE_PUBLIC) { - ret = write_public_key(key, type, directory); - if (ret != ISC_R_SUCCESS) - return (ret); - } - - if ((type & DST_TYPE_PRIVATE) && - (key->key_flags & DNS_KEYFLAG_TYPEMASK) != DNS_KEYTYPE_NOKEY) - return (key->func->tofile(key, directory)); - else - return (ISC_R_SUCCESS); -} - -isc_result_t -dst_key_fromfile(dns_name_t *name, dns_keytag_t id, - unsigned int alg, int type, const char *directory, - isc_mem_t *mctx, dst_key_t **keyp) -{ - char filename[ISC_DIR_NAMEMAX]; - isc_buffer_t b; - dst_key_t *key; - isc_result_t result; - - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(dns_name_isabsolute(name)); - REQUIRE((type & (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC)) != 0); - REQUIRE(mctx != NULL); - REQUIRE(keyp != NULL && *keyp == NULL); - - CHECKALG(alg); - - isc_buffer_init(&b, filename, sizeof(filename)); - result = buildfilename(name, id, alg, type, directory, &b); - if (result != ISC_R_SUCCESS) - return (result); - - key = NULL; - result = dst_key_fromnamedfile(filename, type, mctx, &key); - if (result != ISC_R_SUCCESS) - return (result); - - result = computeid(key); - if (result != ISC_R_SUCCESS) { - dst_key_free(&key); - return (result); - } - - if (!dns_name_equal(name, key->key_name) || - id != key->key_id || - alg != key->key_alg) - { - dst_key_free(&key); - return (DST_R_INVALIDPRIVATEKEY); - } - key->key_id = id; - - *keyp = key; - return (ISC_R_SUCCESS); -} - -isc_result_t -dst_key_fromnamedfile(const char *filename, int type, isc_mem_t *mctx, - dst_key_t **keyp) -{ - isc_result_t result; - dst_key_t *pubkey = NULL, *key = NULL; - dns_keytag_t id; - char *newfilename = NULL; - int newfilenamelen = 0; - isc_lex_t *lex = NULL; - - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(filename != NULL); - REQUIRE((type & (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC)) != 0); - REQUIRE(mctx != NULL); - REQUIRE(keyp != NULL && *keyp == NULL); - - result = read_public_key(filename, type, mctx, &pubkey); - if (result != ISC_R_SUCCESS) - return (result); - - if (type == DST_TYPE_PUBLIC || - (pubkey->key_flags & DNS_KEYFLAG_TYPEMASK) == DNS_KEYTYPE_NOKEY) - { - result = computeid(pubkey); - if (result != ISC_R_SUCCESS) { - dst_key_free(&pubkey); - return (result); - } - - *keyp = pubkey; - return (ISC_R_SUCCESS); - } - - result = algorithm_status(pubkey->key_alg); - if (result != ISC_R_SUCCESS) { - dst_key_free(&pubkey); - return (result); - } - - key = get_key_struct(pubkey->key_name, pubkey->key_alg, - pubkey->key_flags, pubkey->key_proto, 0, - pubkey->key_class, mctx); - id = pubkey->key_id; - dst_key_free(&pubkey); - - if (key == NULL) - return (ISC_R_NOMEMORY); - - if (key->func->parse == NULL) - RETERR(DST_R_UNSUPPORTEDALG); - - newfilenamelen = strlen(filename) + 9; - newfilename = isc_mem_get(mctx, newfilenamelen); - if (newfilename == NULL) - RETERR(ISC_R_NOMEMORY); - result = addsuffix(newfilename, newfilenamelen, filename, ".private"); - INSIST(result == ISC_R_SUCCESS); - - RETERR(isc_lex_create(mctx, 1500, &lex)); - RETERR(isc_lex_openfile(lex, newfilename)); - isc_mem_put(mctx, newfilename, newfilenamelen); - - RETERR(key->func->parse(key, lex)); - isc_lex_destroy(&lex); - - RETERR(computeid(key)); - - if (id != key->key_id) - RETERR(DST_R_INVALIDPRIVATEKEY); - - *keyp = key; - return (ISC_R_SUCCESS); - out: - if (newfilename != NULL) - isc_mem_put(mctx, newfilename, newfilenamelen); - if (lex != NULL) - isc_lex_destroy(&lex); - dst_key_free(&key); - return (result); -} - -isc_result_t -dst_key_todns(const dst_key_t *key, isc_buffer_t *target) { - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(VALID_KEY(key)); - REQUIRE(target != NULL); - - CHECKALG(key->key_alg); - - if (key->func->todns == NULL) - return (DST_R_UNSUPPORTEDALG); - - if (isc_buffer_availablelength(target) < 4) - return (ISC_R_NOSPACE); - isc_buffer_putuint16(target, (isc_uint16_t)(key->key_flags & 0xffff)); - isc_buffer_putuint8(target, (isc_uint8_t)key->key_proto); - isc_buffer_putuint8(target, (isc_uint8_t)key->key_alg); - - if (key->key_flags & DNS_KEYFLAG_EXTENDED) { - if (isc_buffer_availablelength(target) < 2) - return (ISC_R_NOSPACE); - isc_buffer_putuint16(target, - (isc_uint16_t)((key->key_flags >> 16) - & 0xffff)); - } - - if (key->opaque == NULL) /* NULL KEY */ - return (ISC_R_SUCCESS); - - return (key->func->todns(key, target)); -} - -isc_result_t -dst_key_fromdns(dns_name_t *name, dns_rdataclass_t rdclass, - isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp) -{ - isc_uint8_t alg, proto; - isc_uint32_t flags, extflags; - dst_key_t *key = NULL; - dns_keytag_t id; - isc_region_t r; - isc_result_t result; - - REQUIRE(dst_initialized); - - isc_buffer_remainingregion(source, &r); - - if (isc_buffer_remaininglength(source) < 4) - return (DST_R_INVALIDPUBLICKEY); - flags = isc_buffer_getuint16(source); - proto = isc_buffer_getuint8(source); - alg = isc_buffer_getuint8(source); - - id = dst_region_computeid(&r, alg); - - if (flags & DNS_KEYFLAG_EXTENDED) { - if (isc_buffer_remaininglength(source) < 2) - return (DST_R_INVALIDPUBLICKEY); - extflags = isc_buffer_getuint16(source); - flags |= (extflags << 16); - } - - result = frombuffer(name, alg, flags, proto, rdclass, source, - mctx, &key); - if (result != ISC_R_SUCCESS) - return (result); - key->key_id = id; - - *keyp = key; - return (ISC_R_SUCCESS); -} - -isc_result_t -dst_key_frombuffer(dns_name_t *name, unsigned int alg, - unsigned int flags, unsigned int protocol, - dns_rdataclass_t rdclass, - isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp) -{ - dst_key_t *key = NULL; - isc_result_t result; - - REQUIRE(dst_initialized); - - result = frombuffer(name, alg, flags, protocol, rdclass, source, - mctx, &key); - if (result != ISC_R_SUCCESS) - return (result); - - result = computeid(key); - if (result != ISC_R_SUCCESS) { - dst_key_free(&key); - return (result); - } - - *keyp = key; - return (ISC_R_SUCCESS); -} - -isc_result_t -dst_key_tobuffer(const dst_key_t *key, isc_buffer_t *target) { - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(VALID_KEY(key)); - REQUIRE(target != NULL); - - CHECKALG(key->key_alg); - - if (key->func->todns == NULL) - return (DST_R_UNSUPPORTEDALG); - - return (key->func->todns(key, target)); -} - -isc_result_t -dst_key_privatefrombuffer(dst_key_t *key, isc_buffer_t *buffer) { - isc_lex_t *lex = NULL; - isc_result_t result = ISC_R_SUCCESS; - - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(VALID_KEY(key)); - REQUIRE(!dst_key_isprivate(key)); - REQUIRE(buffer != NULL); - - if (key->func->parse == NULL) - RETERR(DST_R_UNSUPPORTEDALG); - - RETERR(isc_lex_create(key->mctx, 1500, &lex)); - RETERR(isc_lex_openbuffer(lex, buffer)); - RETERR(key->func->parse(key, lex)); - out: - if (lex != NULL) - isc_lex_destroy(&lex); - return (result); -} - -isc_result_t -dst_key_fromgssapi(dns_name_t *name, void *opaque, isc_mem_t *mctx, - dst_key_t **keyp) -{ - dst_key_t *key; - - REQUIRE(opaque != NULL); - REQUIRE(keyp != NULL && *keyp == NULL); - - key = get_key_struct(name, DST_ALG_GSSAPI, 0, DNS_KEYPROTO_DNSSEC, - 0, dns_rdataclass_in, mctx); - if (key == NULL) - return (ISC_R_NOMEMORY); - key->opaque = opaque; - *keyp = key; - return (ISC_R_SUCCESS); -} - -isc_result_t -dst_key_generate(dns_name_t *name, unsigned int alg, - unsigned int bits, unsigned int param, - unsigned int flags, unsigned int protocol, - dns_rdataclass_t rdclass, - isc_mem_t *mctx, dst_key_t **keyp) -{ - dst_key_t *key; - isc_result_t ret; - - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(dns_name_isabsolute(name)); - REQUIRE(mctx != NULL); - REQUIRE(keyp != NULL && *keyp == NULL); - - CHECKALG(alg); - - key = get_key_struct(name, alg, flags, protocol, bits, rdclass, mctx); - if (key == NULL) - return (ISC_R_NOMEMORY); - - if (bits == 0) { /* NULL KEY */ - key->key_flags |= DNS_KEYTYPE_NOKEY; - *keyp = key; - return (ISC_R_SUCCESS); - } - - if (key->func->generate == NULL) { - dst_key_free(&key); - return (DST_R_UNSUPPORTEDALG); - } - - ret = key->func->generate(key, param); - if (ret != ISC_R_SUCCESS) { - dst_key_free(&key); - return (ret); - } - - ret = computeid(key); - if (ret != ISC_R_SUCCESS) { - dst_key_free(&key); - return (ret); - } - - *keyp = key; - return (ISC_R_SUCCESS); -} - -isc_boolean_t -dst_key_compare(const dst_key_t *key1, const dst_key_t *key2) { - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(VALID_KEY(key1)); - REQUIRE(VALID_KEY(key2)); - - if (key1 == key2) - return (ISC_TRUE); - if (key1 == NULL || key2 == NULL) - return (ISC_FALSE); - if (key1->key_alg == key2->key_alg && - key1->key_id == key2->key_id && - key1->func->compare != NULL && - key1->func->compare(key1, key2) == ISC_TRUE) - return (ISC_TRUE); - else - return (ISC_FALSE); -} - -isc_boolean_t -dst_key_paramcompare(const dst_key_t *key1, const dst_key_t *key2) { - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(VALID_KEY(key1)); - REQUIRE(VALID_KEY(key2)); - - if (key1 == key2) - return (ISC_TRUE); - if (key1 == NULL || key2 == NULL) - return (ISC_FALSE); - if (key1->key_alg == key2->key_alg && - key1->func->paramcompare != NULL && - key1->func->paramcompare(key1, key2) == ISC_TRUE) - return (ISC_TRUE); - else - return (ISC_FALSE); -} - -void -dst_key_free(dst_key_t **keyp) { - isc_mem_t *mctx; - dst_key_t *key; - - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(keyp != NULL && VALID_KEY(*keyp)); - - key = *keyp; - mctx = key->mctx; - - if (key->opaque != NULL) { - INSIST(key->func->destroy != NULL); - key->func->destroy(key); - } - - dns_name_free(key->key_name, mctx); - isc_mem_put(mctx, key->key_name, sizeof(dns_name_t)); - memset(key, 0, sizeof(dst_key_t)); - isc_mem_put(mctx, key, sizeof(dst_key_t)); - *keyp = NULL; -} - -isc_boolean_t -dst_key_isprivate(const dst_key_t *key) { - REQUIRE(VALID_KEY(key)); - INSIST(key->func->isprivate != NULL); - return (key->func->isprivate(key)); -} - -isc_result_t -dst_key_buildfilename(const dst_key_t *key, int type, - const char *directory, isc_buffer_t *out) { - - REQUIRE(VALID_KEY(key)); - REQUIRE(type == DST_TYPE_PRIVATE || type == DST_TYPE_PUBLIC || - type == 0); - - return (buildfilename(key->key_name, key->key_id, key->key_alg, - type, directory, out)); -} - -isc_result_t -dst_key_sigsize(const dst_key_t *key, unsigned int *n) { - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(VALID_KEY(key)); - REQUIRE(n != NULL); - - /* XXXVIX this switch statement is too sparse to gen a jump table. */ - switch (key->key_alg) { - case DST_ALG_RSAMD5: - case DST_ALG_RSASHA1: - *n = (key->key_size + 7) / 8; - break; - case DST_ALG_DSA: - *n = DNS_SIG_DSASIGSIZE; - break; - case DST_ALG_HMACMD5: - *n = 16; - break; - case DST_ALG_GSSAPI: - *n = 128; /* XXX */ - break; - case DST_ALG_DH: - default: - return (DST_R_UNSUPPORTEDALG); - } - return (ISC_R_SUCCESS); -} - -isc_result_t -dst_key_secretsize(const dst_key_t *key, unsigned int *n) { - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(VALID_KEY(key)); - REQUIRE(n != NULL); - - if (key->key_alg == DST_ALG_DH) - *n = (key->key_size + 7) / 8; - else - return (DST_R_UNSUPPORTEDALG); - return (ISC_R_SUCCESS); -} - -/*** - *** Static methods - ***/ - -/* - * Allocates a key structure and fills in some of the fields. - */ -static dst_key_t * -get_key_struct(dns_name_t *name, unsigned int alg, - unsigned int flags, unsigned int protocol, - unsigned int bits, dns_rdataclass_t rdclass, - isc_mem_t *mctx) -{ - dst_key_t *key; - isc_result_t result; - - key = (dst_key_t *) isc_mem_get(mctx, sizeof(dst_key_t)); - if (key == NULL) - return (NULL); - - memset(key, 0, sizeof(dst_key_t)); - key->magic = KEY_MAGIC; - - key->key_name = isc_mem_get(mctx, sizeof(dns_name_t)); - if (key->key_name == NULL) { - isc_mem_put(mctx, key, sizeof(dst_key_t)); - return (NULL); - } - dns_name_init(key->key_name, NULL); - result = dns_name_dup(name, mctx, key->key_name); - if (result != ISC_R_SUCCESS) { - isc_mem_put(mctx, key->key_name, sizeof(dns_name_t)); - isc_mem_put(mctx, key, sizeof(dst_key_t)); - return (NULL); - } - key->key_alg = alg; - key->key_flags = flags; - key->key_proto = protocol; - key->mctx = mctx; - key->opaque = NULL; - key->key_size = bits; - key->key_class = rdclass; - key->func = dst_t_func[alg]; - return (key); -} - -/* - * Reads a public key from disk - */ -static isc_result_t -read_public_key(const char *filename, int type, - isc_mem_t *mctx, dst_key_t **keyp) -{ - u_char rdatabuf[DST_KEY_MAXSIZE]; - isc_buffer_t b; - dns_fixedname_t name; - isc_lex_t *lex = NULL; - isc_token_t token; - isc_result_t ret; - dns_rdata_t rdata = DNS_RDATA_INIT; - unsigned int opt = ISC_LEXOPT_DNSMULTILINE; - char *newfilename; - unsigned int newfilenamelen; - dns_rdataclass_t rdclass = dns_rdataclass_in; - isc_lexspecials_t specials; - isc_uint32_t ttl; - isc_result_t result; - dns_rdatatype_t keytype; - - newfilenamelen = strlen(filename) + 5; - newfilename = isc_mem_get(mctx, newfilenamelen); - if (newfilename == NULL) - return (ISC_R_NOMEMORY); - ret = addsuffix(newfilename, newfilenamelen, filename, ".key"); - INSIST(ret == ISC_R_SUCCESS); - - /* - * Open the file and read its formatted contents - * File format: - * domain.name [ttl] [class] KEY <flags> <protocol> <algorithm> <key> - */ - - /* 1500 should be large enough for any key */ - ret = isc_lex_create(mctx, 1500, &lex); - if (ret != ISC_R_SUCCESS) - goto cleanup; - - memset(specials, 0, sizeof(specials)); - specials['('] = 1; - specials[')'] = 1; - specials['"'] = 1; - isc_lex_setspecials(lex, specials); - isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); - - ret = isc_lex_openfile(lex, newfilename); - if (ret != ISC_R_SUCCESS) - goto cleanup; - -#define NEXTTOKEN(lex, opt, token) { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ - } - -#define BADTOKEN() { \ - ret = ISC_R_UNEXPECTEDTOKEN; \ - goto cleanup; \ - } - - /* Read the domain name */ - NEXTTOKEN(lex, opt, &token); - if (token.type != isc_tokentype_string) - BADTOKEN(); - dns_fixedname_init(&name); - isc_buffer_init(&b, DST_AS_STR(token), strlen(DST_AS_STR(token))); - isc_buffer_add(&b, strlen(DST_AS_STR(token))); - ret = dns_name_fromtext(dns_fixedname_name(&name), &b, dns_rootname, - ISC_FALSE, NULL); - if (ret != ISC_R_SUCCESS) - goto cleanup; - - /* Read the next word: either TTL, class, or 'KEY' */ - NEXTTOKEN(lex, opt, &token); - - /* If it's a TTL, read the next one */ - result = dns_ttl_fromtext(&token.value.as_textregion, &ttl); - if (result == ISC_R_SUCCESS) - NEXTTOKEN(lex, opt, &token); - - if (token.type != isc_tokentype_string) - BADTOKEN(); - - ret = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); - if (ret == ISC_R_SUCCESS) - NEXTTOKEN(lex, opt, &token); - - if (token.type != isc_tokentype_string) - BADTOKEN(); - - if (strcasecmp(DST_AS_STR(token), "DNSKEY") == 0) - keytype = dns_rdatatype_dnskey; - else if (strcasecmp(DST_AS_STR(token), "KEY") == 0) - keytype = dns_rdatatype_key; /* SIG(0), TKEY */ - else - BADTOKEN(); - - if (((type & DST_TYPE_KEY) != 0 && keytype != dns_rdatatype_key) || - ((type & DST_TYPE_KEY) == 0 && keytype != dns_rdatatype_dnskey)) { - ret = DST_R_BADKEYTYPE; - goto cleanup; - } - - isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf)); - ret = dns_rdata_fromtext(&rdata, rdclass, keytype, lex, NULL, - ISC_FALSE, mctx, &b, NULL); - if (ret != ISC_R_SUCCESS) - goto cleanup; - - ret = dst_key_fromdns(dns_fixedname_name(&name), rdclass, &b, mctx, - keyp); - if (ret != ISC_R_SUCCESS) - goto cleanup; - - cleanup: - if (lex != NULL) - isc_lex_destroy(&lex); - isc_mem_put(mctx, newfilename, newfilenamelen); - - return (ret); -} - -static isc_boolean_t -issymmetric(const dst_key_t *key) { - REQUIRE(dst_initialized == ISC_TRUE); - REQUIRE(VALID_KEY(key)); - - /* XXXVIX this switch statement is too sparse to gen a jump table. */ - switch (key->key_alg) { - case DST_ALG_RSAMD5: - case DST_ALG_RSASHA1: - case DST_ALG_DSA: - case DST_ALG_DH: - return (ISC_FALSE); - case DST_ALG_HMACMD5: - case DST_ALG_GSSAPI: - return (ISC_TRUE); - default: - return (ISC_FALSE); - } -} - -/* - * Writes a public key to disk in DNS format. - */ -static isc_result_t -write_public_key(const dst_key_t *key, int type, const char *directory) { - FILE *fp; - isc_buffer_t keyb, textb, fileb, classb; - isc_region_t r; - char filename[ISC_DIR_NAMEMAX]; - unsigned char key_array[DST_KEY_MAXSIZE]; - char text_array[DST_KEY_MAXTEXTSIZE]; - char class_array[10]; - isc_result_t ret; - dns_rdata_t rdata = DNS_RDATA_INIT; - isc_fsaccess_t access; - - REQUIRE(VALID_KEY(key)); - - isc_buffer_init(&keyb, key_array, sizeof(key_array)); - isc_buffer_init(&textb, text_array, sizeof(text_array)); - isc_buffer_init(&classb, class_array, sizeof(class_array)); - - ret = dst_key_todns(key, &keyb); - if (ret != ISC_R_SUCCESS) - return (ret); - - isc_buffer_usedregion(&keyb, &r); - dns_rdata_fromregion(&rdata, key->key_class, dns_rdatatype_dnskey, &r); - - ret = dns_rdata_totext(&rdata, (dns_name_t *) NULL, &textb); - if (ret != ISC_R_SUCCESS) - return (DST_R_INVALIDPUBLICKEY); - - ret = dns_rdataclass_totext(key->key_class, &classb); - if (ret != ISC_R_SUCCESS) - return (DST_R_INVALIDPUBLICKEY); - - /* - * Make the filename. - */ - isc_buffer_init(&fileb, filename, sizeof(filename)); - ret = dst_key_buildfilename(key, DST_TYPE_PUBLIC, directory, &fileb); - if (ret != ISC_R_SUCCESS) - return (ret); - - /* - * Create public key file. - */ - if ((fp = fopen(filename, "w")) == NULL) - return (DST_R_WRITEERROR); - - if (issymmetric(key)) { - access = 0; - isc_fsaccess_add(ISC_FSACCESS_OWNER, - ISC_FSACCESS_READ | ISC_FSACCESS_WRITE, - &access); - (void)isc_fsaccess_set(filename, access); - } - - ret = dns_name_print(key->key_name, fp); - if (ret != ISC_R_SUCCESS) - return (ret); - - fprintf(fp, " "); - - isc_buffer_usedregion(&classb, &r); - fwrite(r.base, 1, r.length, fp); - - if ((type & DST_TYPE_KEY) != 0) - fprintf(fp, " KEY "); - else - fprintf(fp, " DNSKEY "); - - isc_buffer_usedregion(&textb, &r); - fwrite(r.base, 1, r.length, fp); - - fputc('\n', fp); - fclose(fp); - - return (ISC_R_SUCCESS); -} - -static isc_result_t -buildfilename(dns_name_t *name, dns_keytag_t id, - unsigned int alg, unsigned int type, - const char *directory, isc_buffer_t *out) -{ - const char *suffix = ""; - unsigned int len; - isc_result_t result; - - REQUIRE(out != NULL); - if ((type & DST_TYPE_PRIVATE) != 0) - suffix = ".private"; - else if (type == DST_TYPE_PUBLIC) - suffix = ".key"; - if (directory != NULL) { - if (isc_buffer_availablelength(out) < strlen(directory)) - return (ISC_R_NOSPACE); - isc_buffer_putstr(out, directory); - if (strlen(directory) > 0U && - directory[strlen(directory) - 1] != '/') - isc_buffer_putstr(out, "/"); - } - if (isc_buffer_availablelength(out) < 1) - return (ISC_R_NOSPACE); - isc_buffer_putstr(out, "K"); - result = dns_name_tofilenametext(name, ISC_FALSE, out); - if (result != ISC_R_SUCCESS) - return (result); - len = 1 + 3 + 1 + 5 + strlen(suffix) + 1; - if (isc_buffer_availablelength(out) < len) - return (ISC_R_NOSPACE); - snprintf((char *) isc_buffer_used(out), - isc_buffer_availablelength(out), - "+%03d+%05d%s", alg, id, suffix); - isc_buffer_add(out, len); - return (ISC_R_SUCCESS); -} - -static isc_result_t -computeid(dst_key_t *key) { - isc_buffer_t dnsbuf; - unsigned char dns_array[DST_KEY_MAXSIZE]; - isc_region_t r; - isc_result_t ret; - - isc_buffer_init(&dnsbuf, dns_array, sizeof(dns_array)); - ret = dst_key_todns(key, &dnsbuf); - if (ret != ISC_R_SUCCESS) - return (ret); - - isc_buffer_usedregion(&dnsbuf, &r); - key->key_id = dst_region_computeid(&r, key->key_alg); - return (ISC_R_SUCCESS); -} - -static isc_result_t -frombuffer(dns_name_t *name, unsigned int alg, unsigned int flags, - unsigned int protocol, dns_rdataclass_t rdclass, - isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp) -{ - dst_key_t *key; - isc_result_t ret; - - REQUIRE(dns_name_isabsolute(name)); - REQUIRE(source != NULL); - REQUIRE(mctx != NULL); - REQUIRE(keyp != NULL && *keyp == NULL); - - key = get_key_struct(name, alg, flags, protocol, 0, rdclass, mctx); - if (key == NULL) - return (ISC_R_NOMEMORY); - - if (isc_buffer_remaininglength(source) > 0) { - ret = algorithm_status(alg); - if (ret != ISC_R_SUCCESS) { - dst_key_free(&key); - return (ret); - } - if (key->func->fromdns == NULL) { - dst_key_free(&key); - return (DST_R_UNSUPPORTEDALG); - } - - ret = key->func->fromdns(key, source); - if (ret != ISC_R_SUCCESS) { - dst_key_free(&key); - return (ret); - } - } - - *keyp = key; - return (ISC_R_SUCCESS); -} - -static isc_result_t -algorithm_status(unsigned int alg) { - REQUIRE(dst_initialized == ISC_TRUE); - - if (dst_algorithm_supported(alg)) - return (ISC_R_SUCCESS); -#ifndef OPENSSL - if (alg == DST_ALG_RSAMD5 || alg == DST_ALG_RSASHA1 || - alg == DST_ALG_DSA || alg == DST_ALG_DH || - alg == DST_ALG_HMACMD5) - return (DST_R_NOCRYPTO); -#endif - return (DST_R_UNSUPPORTEDALG); -} - -static isc_result_t -addsuffix(char *filename, unsigned int len, const char *ofilename, - const char *suffix) -{ - int olen = strlen(ofilename); - int n; - - if (olen > 1 && ofilename[olen - 1] == '.') - olen -= 1; - else if (olen > 8 && strcmp(ofilename + olen - 8, ".private") == 0) - olen -= 8; - else if (olen > 4 && strcmp(ofilename + olen - 4, ".key") == 0) - olen -= 4; - - n = snprintf(filename, len, "%.*s%s", olen, ofilename, suffix); - if (n < 0) - return (ISC_R_NOSPACE); - return (ISC_R_SUCCESS); -} - -isc_result_t -dst__entropy_getdata(void *buf, unsigned int len, isc_boolean_t pseudo) { - unsigned int flags = dst_entropy_flags; - if (pseudo) - flags &= ~ISC_ENTROPY_GOODONLY; - return (isc_entropy_getdata(dst_entropy_pool, buf, len, NULL, flags)); -} diff --git a/usr.sbin/bind/lib/dns/sec/dst/dst_internal.h b/usr.sbin/bind/lib/dns/sec/dst/dst_internal.h deleted file mode 100644 index bc8e48b20c4..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/dst_internal.h +++ /dev/null @@ -1,143 +0,0 @@ -/* - * Portions Copyright (C) 2000, 2001 Internet Software Consortium. - * Portions Copyright (C) 1995-2000 by Network Associates, Inc. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM AND - * NETWORK ASSOCIATES DISCLAIM ALL WARRANTIES WITH REGARD TO THIS - * SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND - * FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE CONSORTIUM OR NETWORK - * ASSOCIATES BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR - * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF - * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR - * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - * PERFORMANCE OF THIS SOFTWARE. - */ - -/* $ISC: dst_internal.h,v 1.38 2001/08/28 03:58:25 marka Exp $ */ - -#ifndef DST_DST_INTERNAL_H -#define DST_DST_INTERNAL_H 1 - -#include <isc/lang.h> -#include <isc/buffer.h> -#include <isc/int.h> -#include <isc/magic.h> -#include <isc/region.h> - -#include <dst/dst.h> - -ISC_LANG_BEGINDECLS - -#define KEY_MAGIC ISC_MAGIC('D','S','T','K') -#define CTX_MAGIC ISC_MAGIC('D','S','T','C') - -#define VALID_KEY(x) ISC_MAGIC_VALID(x, KEY_MAGIC) -#define VALID_CTX(x) ISC_MAGIC_VALID(x, CTX_MAGIC) - -/*** - *** Types - ***/ - -typedef struct dst_func dst_func_t; - -struct dst_key { - unsigned int magic; - dns_name_t * key_name; /* name of the key */ - unsigned int key_size; /* size of the key in bits */ - unsigned int key_proto; /* protocols this key is used for */ - unsigned int key_alg; /* algorithm of the key */ - isc_uint32_t key_flags; /* flags of the public key */ - isc_uint16_t key_id; /* identifier of the key */ - dns_rdataclass_t key_class; /* class of the key record */ - isc_mem_t *mctx; /* memory context */ - void * opaque; /* pointer to key in crypto pkg fmt */ - dst_func_t * func; /* crypto package specific functions */ -}; - -struct dst_context { - unsigned int magic; - dst_key_t *key; - isc_mem_t *mctx; - void *opaque; -}; - -struct dst_func { - /* - * Context functions - */ - isc_result_t (*createctx)(dst_key_t *key, dst_context_t *dctx); - void (*destroyctx)(dst_context_t *dctx); - isc_result_t (*adddata)(dst_context_t *dctx, const isc_region_t *data); - - /* - * Key operations - */ - isc_result_t (*sign)(dst_context_t *dctx, isc_buffer_t *sig); - isc_result_t (*verify)(dst_context_t *dctx, const isc_region_t *sig); - isc_result_t (*computesecret)(const dst_key_t *pub, - const dst_key_t *priv, - isc_buffer_t *secret); - isc_boolean_t (*compare)(const dst_key_t *key1, const dst_key_t *key2); - isc_boolean_t (*paramcompare)(const dst_key_t *key1, - const dst_key_t *key2); - isc_result_t (*generate)(dst_key_t *key, int parms); - isc_boolean_t (*isprivate)(const dst_key_t *key); - isc_boolean_t (*issymmetric)(void); - void (*destroy)(dst_key_t *key); - - /* conversion functions */ - isc_result_t (*todns)(const dst_key_t *key, isc_buffer_t *data); - isc_result_t (*fromdns)(dst_key_t *key, isc_buffer_t *data); - isc_result_t (*tofile)(const dst_key_t *key, const char *directory); - isc_result_t (*fromfile)(dst_key_t *key, const char *filename); -}; - -/* - * Initializers - */ -isc_result_t dst__openssl_init(void); - -isc_result_t dst__hmacmd5_init(struct dst_func **funcp); -isc_result_t dst__opensslrsa_init(struct dst_func **funcp); -isc_result_t dst__openssldsa_init(struct dst_func **funcp); -isc_result_t dst__openssldh_init(struct dst_func **funcp); -isc_result_t dst__gssapi_init(struct dst_func **funcp); - -/* - * Destructors - */ -void dst__openssl_destroy(void); - -void dst__hmacmd5_destroy(void); -void dst__opensslrsa_destroy(void); -void dst__openssldsa_destroy(void); -void dst__openssldh_destroy(void); -void dst__gssapi_destroy(void); - -/* - * Memory allocators using the DST memory pool. - */ -void * dst__mem_alloc(size_t size); -void dst__mem_free(void *ptr); -void * dst__mem_realloc(void *ptr, size_t size); - -/* - * Entropy retriever using the DST entropy pool. - */ -isc_result_t dst__entropy_getdata(void *buf, unsigned int len, - isc_boolean_t pseudo); - -/* - * Generic helper functions. - */ -isc_result_t -dst__file_addsuffix(char *filename, unsigned int len, - const char *ofilename, const char *suffix); - -ISC_LANG_ENDDECLS - -#endif /* DST_DST_INTERNAL_H */ diff --git a/usr.sbin/bind/lib/dns/sec/dst/dst_lib.c b/usr.sbin/bind/lib/dns/sec/dst/dst_lib.c deleted file mode 100644 index e746bb4f15f..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/dst_lib.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (C) 1999-2001 Internet Software Consortium. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM - * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL - * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, - * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING - * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, - * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION - * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Principal Author: Brian Wellington - * $ISC: dst_lib.c,v 1.8 2001/01/09 21:55:29 bwelling Exp $ - */ - -#include <config.h> - -#include <stddef.h> - -#include <isc/once.h> -#include <isc/msgcat.h> -#include <isc/util.h> - -#include <dst/lib.h> - -/*** - *** Globals - ***/ - -isc_msgcat_t * dst_msgcat = NULL; - - -/*** - *** Private - ***/ - -static isc_once_t msgcat_once = ISC_ONCE_INIT; - - -/*** - *** Functions - ***/ - -static void -open_msgcat(void) { - isc_msgcat_open("libdst.cat", &dst_msgcat); -} - -void -dst_lib_initmsgcat(void) { - - /* - * Initialize the DST library's message catalog, dst_msgcat, if it - * has not already been initialized. - */ - - RUNTIME_CHECK(isc_once_do(&msgcat_once, open_msgcat) == ISC_R_SUCCESS); -} diff --git a/usr.sbin/bind/lib/dns/sec/dst/dst_openssl.h b/usr.sbin/bind/lib/dns/sec/dst/dst_openssl.h deleted file mode 100644 index 192752740c4..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/dst_openssl.h +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") - * Copyright (C) 2002 Internet Software Consortium. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH - * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY - * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, - * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM - * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE - * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - * PERFORMANCE OF THIS SOFTWARE. - */ - -/* $ISC: dst_openssl.h,v 1.1.202.3 2004/03/08 09:04:45 marka Exp $ */ - -#ifndef DST_OPENSSL_H -#define DST_OPENSSL_H 1 - -#include <isc/lang.h> -#include <isc/result.h> - -ISC_LANG_BEGINDECLS - -isc_result_t -dst__openssl_toresult(isc_result_t fallback); - -ISC_LANG_ENDDECLS - -#endif /* DST_OPENSSL_H */ diff --git a/usr.sbin/bind/lib/dns/sec/dst/dst_parse.c b/usr.sbin/bind/lib/dns/sec/dst/dst_parse.c deleted file mode 100644 index a63149aa4dd..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/dst_parse.c +++ /dev/null @@ -1,421 +0,0 @@ -/* - * Portions Copyright (C) 1999-2001 Internet Software Consortium. - * Portions Copyright (C) 1995-2000 by Network Associates, Inc. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM AND - * NETWORK ASSOCIATES DISCLAIM ALL WARRANTIES WITH REGARD TO THIS - * SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND - * FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE CONSORTIUM OR NETWORK - * ASSOCIATES BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR - * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF - * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR - * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - * PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Principal Author: Brian Wellington - * $ISC: dst_parse.c,v 1.31.2.1 2001/09/15 00:37:18 gson Exp $ - */ - -#include <config.h> - -#include <isc/base64.h> -#include <isc/dir.h> -#include <isc/fsaccess.h> -#include <isc/lex.h> -#include <isc/mem.h> -#include <isc/string.h> -#include <isc/util.h> - -#include "dst_internal.h" -#include "dst_parse.h" -#include "dst/result.h" - - -#define PRIVATE_KEY_STR "Private-key-format:" -#define ALGORITHM_STR "Algorithm:" -#define RSA_STR "RSA" -#define DH_STR "DH" -#define DSA_STR "DSA" -#define HMACMD5_STR "HMAC_MD5" - -struct parse_map { - const int value; - const char *tag; -}; - -static struct parse_map map[] = { - {TAG_RSA_MODULUS, "Modulus:"}, - {TAG_RSA_PUBLICEXPONENT, "PublicExponent:"}, - {TAG_RSA_PRIVATEEXPONENT, "PrivateExponent:"}, - {TAG_RSA_PRIME1, "Prime1:"}, - {TAG_RSA_PRIME2, "Prime2:"}, - {TAG_RSA_EXPONENT1, "Exponent1:"}, - {TAG_RSA_EXPONENT2, "Exponent2:"}, - {TAG_RSA_COEFFICIENT, "Coefficient:"}, - - {TAG_DH_PRIME, "Prime(p):"}, - {TAG_DH_GENERATOR, "Generator(g):"}, - {TAG_DH_PRIVATE, "Private_value(x):"}, - {TAG_DH_PUBLIC, "Public_value(y):"}, - - {TAG_DSA_PRIME, "Prime(p):"}, - {TAG_DSA_SUBPRIME, "Subprime(q):"}, - {TAG_DSA_BASE, "Base(g):"}, - {TAG_DSA_PRIVATE, "Private_value(x):"}, - {TAG_DSA_PUBLIC, "Public_value(y):"}, - - {TAG_HMACMD5_KEY, "Key:"}, - {0, NULL} -}; - -static int -find_value(const char *s, const unsigned int alg) { - int i; - - for (i = 0; ; i++) { - if (map[i].tag == NULL) - return (-1); - else if (strcasecmp(s, map[i].tag) == 0 && - TAG_ALG(map[i].value) == alg) - return (map[i].value); - } -} - -static const char * -find_tag(const int value) { - int i; - - for (i = 0; ; i++) { - if (map[i].tag == NULL) - return (NULL); - else if (value == map[i].value) - return (map[i].tag); - } -} - -static int -check_rsa(const dst_private_t *priv) { - int i, j; - if (priv->nelements != RSA_NTAGS) - return (-1); - for (i = 0; i < RSA_NTAGS; i++) { - for (j = 0; j < priv->nelements; j++) - if (priv->elements[j].tag == TAG(DST_ALG_RSAMD5, i)) - break; - if (j == priv->nelements) - return (-1); - } - return (0); -} - -static int -check_dh(const dst_private_t *priv) { - int i, j; - if (priv->nelements != DH_NTAGS) - return (-1); - for (i = 0; i < DH_NTAGS; i++) { - for (j = 0; j < priv->nelements; j++) - if (priv->elements[j].tag == TAG(DST_ALG_DH, i)) - break; - if (j == priv->nelements) - return (-1); - } - return (0); -} - -static int -check_dsa(const dst_private_t *priv) { - int i, j; - if (priv->nelements != DSA_NTAGS) - return (-1); - for (i = 0; i < DSA_NTAGS; i++) { - for (j = 0; j < priv->nelements; j++) - if (priv->elements[j].tag == TAG(DST_ALG_DSA, i)) - break; - if (j == priv->nelements) - return (-1); - } - return (0); -} - -static int -check_hmac_md5(const dst_private_t *priv) { - if (priv->nelements != HMACMD5_NTAGS) - return (-1); - if (priv->elements[0].tag != TAG_HMACMD5_KEY) - return (-1); - return (0); -} - -static int -check_data(const dst_private_t *priv, const unsigned int alg) { - switch (alg) { - case DST_ALG_RSAMD5: - return (check_rsa(priv)); - case DST_ALG_DH: - return (check_dh(priv)); - case DST_ALG_DSA: - return (check_dsa(priv)); - case DST_ALG_HMACMD5: - return (check_hmac_md5(priv)); - default: - return (DST_R_UNSUPPORTEDALG); - } -} - -void -dst__privstruct_free(dst_private_t *priv, isc_mem_t *mctx) { - int i; - - if (priv == NULL) - return; - for (i = 0; i < priv->nelements; i++) { - if (priv->elements[i].data == NULL) - continue; - memset(priv->elements[i].data, 0, MAXFIELDSIZE); - isc_mem_put(mctx, priv->elements[i].data, MAXFIELDSIZE); - } - priv->nelements = 0; -} - -int -dst__privstruct_parsefile(dst_key_t *key, const char *filename, - isc_mem_t *mctx, dst_private_t *priv) -{ - int n = 0, major, minor; - isc_buffer_t b; - isc_lex_t *lex = NULL; - isc_token_t token; - unsigned int opt = ISC_LEXOPT_EOL; - char *newfilename; - int newfilenamelen; - isc_result_t ret; - - REQUIRE(priv != NULL); - - newfilenamelen = strlen(filename) + 9; - newfilename = isc_mem_get(mctx, newfilenamelen); - if (newfilename == NULL) - return (ISC_R_NOMEMORY); - ret = dst__file_addsuffix(newfilename, newfilenamelen, filename, - ".private"); - INSIST(ret == ISC_R_SUCCESS); - - priv->nelements = 0; - - ret = isc_lex_create(mctx, 1024, &lex); - if (ret != ISC_R_SUCCESS) - return (ret); - - ret = isc_lex_openfile(lex, newfilename); - if (ret != ISC_R_SUCCESS) - goto fail; - -#define NEXTTOKEN(lex, opt, token) \ - { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto fail; \ - } - -#define READLINE(lex, opt, token) \ - do { \ - NEXTTOKEN(lex, opt, token) \ - } while ((*token).type != isc_tokentype_eol) \ - - /* - * Read the description line. - */ - NEXTTOKEN(lex, opt, &token); - if (token.type != isc_tokentype_string || - strcmp(token.value.as_pointer, PRIVATE_KEY_STR) != 0) - { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; - } - - NEXTTOKEN(lex, opt, &token); - if (token.type != isc_tokentype_string || - ((char *)token.value.as_pointer)[0] != 'v') - { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; - } - if (sscanf(token.value.as_pointer, "v%d.%d", &major, &minor) != 2) - { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; - } - - if (major > MAJOR_VERSION || - (major == MAJOR_VERSION && minor > MINOR_VERSION)) - { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; - } - - READLINE(lex, opt, &token); - - /* - * Read the algorithm line. - */ - NEXTTOKEN(lex, opt, &token); - if (token.type != isc_tokentype_string || - strcmp(token.value.as_pointer, ALGORITHM_STR) != 0) - { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; - } - - NEXTTOKEN(lex, opt | ISC_LEXOPT_NUMBER, &token); - if (token.type != isc_tokentype_number || - token.value.as_ulong != (unsigned long) dst_key_alg(key)) - { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; - } - - READLINE(lex, opt, &token); - - /* - * Read the key data. - */ - for (n = 0; n < MAXFIELDS; n++) { - int tag; - unsigned char *data; - isc_region_t r; - - do { - ret = isc_lex_gettoken(lex, opt, &token); - if (ret == ISC_R_EOF) - goto done; - if (ret != ISC_R_SUCCESS) - goto fail; - } while (token.type == isc_tokentype_eol); - - if (token.type != isc_tokentype_string) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; - } - - memset(&priv->elements[n], 0, sizeof(dst_private_element_t)); - tag = find_value(token.value.as_pointer, dst_key_alg(key)); - if (tag < 0 || TAG_ALG(tag) != dst_key_alg(key)) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; - } - priv->elements[n].tag = tag; - - data = (unsigned char *) isc_mem_get(mctx, MAXFIELDSIZE); - if (data == NULL) - goto fail; - - isc_buffer_init(&b, data, MAXFIELDSIZE); - ret = isc_base64_tobuffer(lex, &b, -1); - if (ret != ISC_R_SUCCESS) - goto fail; - isc_buffer_usedregion(&b, &r); - priv->elements[n].length = r.length; - priv->elements[n].data = r.base; - - READLINE(lex, opt, &token); - } - done: - priv->nelements = n; - - if (check_data(priv, dst_key_alg(key)) < 0) - goto fail; - - isc_lex_close(lex); - isc_lex_destroy(&lex); - isc_mem_put(mctx, newfilename, newfilenamelen); - - return (ISC_R_SUCCESS); - -fail: - if (lex != NULL) { - isc_lex_close(lex); - isc_lex_destroy(&lex); - } - isc_mem_put(mctx, newfilename, newfilenamelen); - - priv->nelements = n; - dst__privstruct_free(priv, mctx); - return (ret); -} - -int -dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv, - const char *directory) -{ - FILE *fp; - int ret, i; - isc_result_t iret; - char filename[ISC_DIR_NAMEMAX]; - char buffer[MAXFIELDSIZE * 2]; - isc_buffer_t b; - isc_fsaccess_t access; - - REQUIRE(priv != NULL); - - if (check_data(priv, dst_key_alg(key)) < 0) - return (DST_R_INVALIDPRIVATEKEY); - - isc_buffer_init(&b, filename, sizeof(filename)); - ret = dst_key_buildfilename(key, DST_TYPE_PRIVATE, directory, &b); - if (ret != ISC_R_SUCCESS) - return (ret); - - if ((fp = fopen(filename, "w")) == NULL) - return (DST_R_WRITEERROR); - - access = 0; - isc_fsaccess_add(ISC_FSACCESS_OWNER, - ISC_FSACCESS_READ | ISC_FSACCESS_WRITE, - &access); - (void)isc_fsaccess_set(filename, access); - - /* XXXDCL return value should be checked for full filesystem */ - fprintf(fp, "%s v%d.%d\n", PRIVATE_KEY_STR, MAJOR_VERSION, - MINOR_VERSION); - - fprintf(fp, "%s %d ", ALGORITHM_STR, dst_key_alg(key)); - switch (dst_key_alg(key)) { - case DST_ALG_RSAMD5: fprintf(fp, "(RSA)\n"); break; - case DST_ALG_DH: fprintf(fp, "(DH)\n"); break; - case DST_ALG_DSA: fprintf(fp, "(DSA)\n"); break; - case DST_ALG_HMACMD5: fprintf(fp, "(HMAC_MD5)\n"); break; - default : fprintf(fp, "(?)\n"); break; - } - - for (i = 0; i < priv->nelements; i++) { - isc_buffer_t b; - isc_region_t r; - const char *s; - - s = find_tag(priv->elements[i].tag); - - r.base = priv->elements[i].data; - r.length = priv->elements[i].length; - isc_buffer_init(&b, buffer, sizeof(buffer)); - iret = isc_base64_totext(&r, sizeof(buffer), "", &b); - if (iret != ISC_R_SUCCESS) { - fclose(fp); - return (DST_R_INVALIDPRIVATEKEY); - } - isc_buffer_usedregion(&b, &r); - - fprintf(fp, "%s ", s); - fwrite(r.base, 1, r.length, fp); - fprintf(fp, "\n"); - } - - fclose(fp); - return (ISC_R_SUCCESS); -} diff --git a/usr.sbin/bind/lib/dns/sec/dst/dst_parse.h b/usr.sbin/bind/lib/dns/sec/dst/dst_parse.h deleted file mode 100644 index b5913892938..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/dst_parse.h +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Portions Copyright (C) 2000, 2001 Internet Software Consortium. - * Portions Copyright (C) 1995-2000 by Network Associates, Inc. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM AND - * NETWORK ASSOCIATES DISCLAIM ALL WARRANTIES WITH REGARD TO THIS - * SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND - * FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE CONSORTIUM OR NETWORK - * ASSOCIATES BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR - * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF - * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR - * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - * PERFORMANCE OF THIS SOFTWARE. - */ - -/* $ISC: dst_parse.h,v 1.19 2001/05/10 19:07:13 bwelling Exp $ */ - -#ifndef DST_DST_PARSE_H -#define DST_DST_PARSE_H 1 - -#include <isc/lang.h> - -#include <dst/dst.h> - -#define MAJOR_VERSION 1 -#define MINOR_VERSION 2 - -#define MAXFIELDSIZE 512 -#define MAXFIELDS 12 - -#define TAG_SHIFT 4 -#define TAG_ALG(tag) ((unsigned int)(tag) >> TAG_SHIFT) -#define TAG(alg, off) (((alg) << TAG_SHIFT) + (off)) - -/* These are used by both RSA-MD5 and RSA-SHA1 */ -#define RSA_NTAGS 8 -#define TAG_RSA_MODULUS ((DST_ALG_RSAMD5 << TAG_SHIFT) + 0) -#define TAG_RSA_PUBLICEXPONENT ((DST_ALG_RSAMD5 << TAG_SHIFT) + 1) -#define TAG_RSA_PRIVATEEXPONENT ((DST_ALG_RSAMD5 << TAG_SHIFT) + 2) -#define TAG_RSA_PRIME1 ((DST_ALG_RSAMD5 << TAG_SHIFT) + 3) -#define TAG_RSA_PRIME2 ((DST_ALG_RSAMD5 << TAG_SHIFT) + 4) -#define TAG_RSA_EXPONENT1 ((DST_ALG_RSAMD5 << TAG_SHIFT) + 5) -#define TAG_RSA_EXPONENT2 ((DST_ALG_RSAMD5 << TAG_SHIFT) + 6) -#define TAG_RSA_COEFFICIENT ((DST_ALG_RSAMD5 << TAG_SHIFT) + 7) - -#define DH_NTAGS 4 -#define TAG_DH_PRIME ((DST_ALG_DH << TAG_SHIFT) + 0) -#define TAG_DH_GENERATOR ((DST_ALG_DH << TAG_SHIFT) + 1) -#define TAG_DH_PRIVATE ((DST_ALG_DH << TAG_SHIFT) + 2) -#define TAG_DH_PUBLIC ((DST_ALG_DH << TAG_SHIFT) + 3) - -#define DSA_NTAGS 5 -#define TAG_DSA_PRIME ((DST_ALG_DSA << TAG_SHIFT) + 0) -#define TAG_DSA_SUBPRIME ((DST_ALG_DSA << TAG_SHIFT) + 1) -#define TAG_DSA_BASE ((DST_ALG_DSA << TAG_SHIFT) + 2) -#define TAG_DSA_PRIVATE ((DST_ALG_DSA << TAG_SHIFT) + 3) -#define TAG_DSA_PUBLIC ((DST_ALG_DSA << TAG_SHIFT) + 4) - -#define HMACMD5_NTAGS 1 -#define TAG_HMACMD5_KEY ((DST_ALG_HMACMD5 << TAG_SHIFT) + 0) - -struct dst_private_element { - unsigned short tag; - unsigned short length; - unsigned char *data; -}; - -typedef struct dst_private_element dst_private_element_t; - -struct dst_private { - unsigned short nelements; - dst_private_element_t elements[MAXFIELDS]; -}; - -typedef struct dst_private dst_private_t; - -ISC_LANG_BEGINDECLS - -void -dst__privstruct_free(dst_private_t *priv, isc_mem_t *mctx); - -int -dst__privstruct_parsefile(dst_key_t *key, const char *filename, - isc_mem_t *mctx, dst_private_t *priv); - -int -dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv, - const char *directory); - -ISC_LANG_ENDDECLS - -#endif /* DST_DST_PARSE_H */ diff --git a/usr.sbin/bind/lib/dns/sec/dst/dst_result.c b/usr.sbin/bind/lib/dns/sec/dst/dst_result.c deleted file mode 100644 index b2a4265481f..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/dst_result.c +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright (C) 1999-2001 Internet Software Consortium. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM - * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL - * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, - * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING - * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, - * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION - * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Principal Author: Brian Wellington - * $ISC: dst_result.c,v 1.18.2.1 2001/12/19 01:29:29 marka Exp $ - */ - -#include <config.h> - -#include <isc/once.h> -#include <isc/util.h> - -#include <dst/result.h> -#include <dst/lib.h> - -static const char *text[DST_R_NRESULTS] = { - "algorithm is unsupported", /* 0 */ - "openssl failure", /* 1 */ - "built with no crypto support", /* 2 */ - "illegal operation for a null key", /* 3 */ - "public key is invalid", /* 4 */ - "private key is invalid", /* 5 */ - "UNUSED6", /* 6 */ - "error occurred writing key to disk", /* 7 */ - "invalid algorithm specific parameter", /* 8 */ - "UNUSED9", /* 9 */ - "UNUSED10", /* 10 */ - "sign failure", /* 11 */ - "UNUSED12", /* 12 */ - "UNUSED13", /* 13 */ - "verify failure", /* 14 */ - "not a public key", /* 15 */ - "not a private key", /* 16 */ - "not a key that can compute a secret", /* 17 */ - "failure computing a shared secret", /* 18 */ - "no randomness available", /* 19 */ -}; - -#define DST_RESULT_RESULTSET 2 - -static isc_once_t once = ISC_ONCE_INIT; - -static void -initialize_action(void) { - isc_result_t result; - - result = isc_result_register(ISC_RESULTCLASS_DST, DST_R_NRESULTS, - text, dst_msgcat, DST_RESULT_RESULTSET); - if (result != ISC_R_SUCCESS) - UNEXPECTED_ERROR(__FILE__, __LINE__, - "isc_result_register() failed: %u", result); -} - -static void -initialize(void) { - dst_lib_initmsgcat(); - RUNTIME_CHECK(isc_once_do(&once, initialize_action) == ISC_R_SUCCESS); -} - -const char * -dst_result_totext(isc_result_t result) { - initialize(); - - return (isc_result_totext(result)); -} - -void -dst_result_register(void) { - initialize(); -} diff --git a/usr.sbin/bind/lib/dns/sec/dst/gssapi_link.c b/usr.sbin/bind/lib/dns/sec/dst/gssapi_link.c deleted file mode 100644 index 5fddb4cf626..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/gssapi_link.c +++ /dev/null @@ -1,229 +0,0 @@ -/* - * Copyright (C) 2000, 2001 Internet Software Consortium. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM - * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL - * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, - * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING - * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, - * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION - * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * $ISC: gssapi_link.c,v 1.7 2001/03/21 20:45:55 bwelling Exp $ - */ - -#ifdef GSSAPI - -#include <config.h> - -#include <isc/buffer.h> -#include <isc/mem.h> -#include <isc/string.h> -#include <isc/util.h> - -#include <dst/result.h> - -#include "dst_internal.h" -#include "dst_parse.h" - -#include <gssapi/gssapi.h> - -#define INITIAL_BUFFER_SIZE 1024 -#define BUFFER_EXTRA 1024 - -#define REGION_TO_GBUFFER(r, gb) \ - do { \ - (gb).length = (r).length; \ - (gb).value = (r).base; \ - } while (0) - -typedef struct gssapi_ctx { - isc_buffer_t *buffer; - gss_ctx_id_t *context_id; -} gssapi_ctx_t; - - -static isc_result_t -gssapi_createctx(dst_key_t *key, dst_context_t *dctx) { - gssapi_ctx_t *ctx; - isc_result_t result; - - UNUSED(key); - - ctx = isc_mem_get(dctx->mctx, sizeof(gssapi_ctx_t)); - if (ctx == NULL) - return (ISC_R_NOMEMORY); - ctx->buffer = NULL; - result = isc_buffer_allocate(dctx->mctx, &ctx->buffer, - INITIAL_BUFFER_SIZE); - if (result != ISC_R_SUCCESS) { - isc_mem_put(dctx->mctx, ctx, sizeof(gssapi_ctx_t)); - return (result); - } - ctx->context_id = key->opaque; - dctx->opaque = ctx; - return (ISC_R_SUCCESS); -} - -static void -gssapi_destroyctx(dst_context_t *dctx) { - gssapi_ctx_t *ctx = dctx->opaque; - - if (ctx != NULL) { - if (ctx->buffer != NULL) - isc_buffer_free(&ctx->buffer); - isc_mem_put(dctx->mctx, ctx, sizeof(gssapi_ctx_t)); - dctx->opaque = NULL; - } -} - -static isc_result_t -gssapi_adddata(dst_context_t *dctx, const isc_region_t *data) { - gssapi_ctx_t *ctx = dctx->opaque; - isc_buffer_t *newbuffer = NULL; - isc_region_t r; - unsigned int length; - isc_result_t result; - - result = isc_buffer_copyregion(ctx->buffer, data); - if (result == ISC_R_SUCCESS) - return (ISC_R_SUCCESS); - - length = isc_buffer_length(ctx->buffer) + data->length + BUFFER_EXTRA; - - result = isc_buffer_allocate(dctx->mctx, &newbuffer, length); - if (result != ISC_R_SUCCESS) - return (result); - - isc_buffer_usedregion(ctx->buffer, &r); - (void) isc_buffer_copyregion(newbuffer, &r); - (void) isc_buffer_copyregion(newbuffer, data); - - isc_buffer_free(&ctx->buffer); - ctx->buffer = newbuffer; - - return (ISC_R_SUCCESS); -} - -static isc_result_t -gssapi_sign(dst_context_t *dctx, isc_buffer_t *sig) { - gssapi_ctx_t *ctx = dctx->opaque; - isc_region_t message; - gss_buffer_desc gmessage, gsig; - OM_uint32 minor, gret; - - isc_buffer_usedregion(ctx->buffer, &message); - REGION_TO_GBUFFER(message, gmessage); - - gret = gss_get_mic(&minor, ctx->context_id, - GSS_C_QOP_DEFAULT, &gmessage, &gsig); - if (gret != 0) - return (ISC_R_FAILURE); - - if (gsig.length > isc_buffer_availablelength(sig)) { - gss_release_buffer(&minor, &gsig); - return (ISC_R_NOSPACE); - } - - isc_buffer_putmem(sig, gsig.value, gsig.length); - - gss_release_buffer(&minor, &gsig); - - return (ISC_R_SUCCESS); -} - -static isc_result_t -gssapi_verify(dst_context_t *dctx, const isc_region_t *sig) { - gssapi_ctx_t *ctx = dctx->opaque; - isc_region_t message; - gss_buffer_desc gmessage, gsig; - OM_uint32 minor, gret; - - isc_buffer_usedregion(ctx->buffer, &message); - REGION_TO_GBUFFER(message, gmessage); - - REGION_TO_GBUFFER(*sig, gsig); - - gret = gss_verify_mic(&minor, ctx->context_id, &gmessage, &gsig, NULL); - if (gret != 0) - return (ISC_R_FAILURE); - - return (ISC_R_SUCCESS); -} - -static isc_boolean_t -gssapi_compare(const dst_key_t *key1, const dst_key_t *key2) { - gss_ctx_id_t gsskey1 = key1->opaque; - gss_ctx_id_t gsskey2 = key2->opaque; - - /* No idea */ - return (ISC_TF(gsskey1 == gsskey2)); -} - -static isc_result_t -gssapi_generate(dst_key_t *key, int unused) { - UNUSED(key); - UNUSED(unused); - - /* No idea */ - return (ISC_R_FAILURE); -} - -static isc_boolean_t -gssapi_isprivate(const dst_key_t *key) { - UNUSED(key); - return (ISC_TRUE); -} - -static isc_boolean_t -gssapi_issymmetric(const dst_key_t *key) { - UNUSED(key); - return (ISC_TRUE); -} - -static void -gssapi_destroy(dst_key_t *key) { - UNUSED(key); - /* No idea */ -} - -static dst_func_t gssapi_functions = { - gssapi_createctx, - gssapi_destroyctx, - gssapi_adddata, - gssapi_sign, - gssapi_verify, - NULL, /* computesecret */ - gssapi_compare, - NULL, /* paramcompare */ - gssapi_generate, - gssapi_isprivate, - gssapi_issymmetric, - gssapi_destroy, - NULL, /* todns */ - NULL, /* fromdns */ - NULL, /* tofile */ - NULL, /* fromfile */ -}; - -isc_result_t -dst__gssapi_init(dst_func_t **funcp) { - REQUIRE(funcp != NULL && *funcp == NULL); - *funcp = &gssapi_functions; - return (ISC_R_SUCCESS); -} - -void -dst__gssapi_destroy(void) { -} - -#else -int gssapi_link_unneeded = 1; -#endif diff --git a/usr.sbin/bind/lib/dns/sec/dst/gssapictx.c b/usr.sbin/bind/lib/dns/sec/dst/gssapictx.c deleted file mode 100644 index a3c3acde384..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/gssapictx.c +++ /dev/null @@ -1,262 +0,0 @@ -/* - * Copyright (C) 2000, 2001 Internet Software Consortium. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM - * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL - * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, - * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING - * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, - * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION - * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* $ISC: gssapictx.c,v 1.3.2.1 2001/12/19 01:29:32 marka Exp $ */ - -#include <config.h> - -#include <stdlib.h> - -#include <isc/buffer.h> -#include <isc/dir.h> -#include <isc/entropy.h> -#include <isc/lex.h> -#include <isc/mem.h> -#include <isc/once.h> -#include <isc/random.h> -#include <isc/string.h> -#include <isc/time.h> -#include <isc/util.h> - -#include <dns/fixedname.h> -#include <dns/name.h> -#include <dns/rdata.h> -#include <dns/rdataclass.h> -#include <dns/result.h> -#include <dns/types.h> -#include <dns/keyvalues.h> - -#include <dst/gssapi.h> -#include <dst/result.h> - -#include "dst_internal.h" - -#ifdef GSSAPI - -#include <gssapi/gssapi.h> - -#define RETERR(x) do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto out; \ - } while (0) - -#define REGION_TO_GBUFFER(r, gb) \ - do { \ - (gb).length = (r).length; \ - (gb).value = (r).base; \ - } while (0) - -#define GBUFFER_TO_REGION(gb, r) \ - do { \ - (r).length = (gb).length; \ - (r).base = (gb).value; \ - } while (0) - -static inline void -name_to_gbuffer(dns_name_t *name, isc_buffer_t *buffer, - gss_buffer_desc *gbuffer) -{ - dns_name_t tname, *namep; - isc_region_t r; - isc_result_t result; - - if (!dns_name_isabsolute(name)) - namep = name; - else { - unsigned int labels; - dns_name_init(&tname, NULL); - labels = dns_name_countlabels(name); - dns_name_getlabelsequence(name, 0, labels - 1, &tname); - namep = &tname; - } - - result = dns_name_totext(namep, ISC_FALSE, buffer); - isc_buffer_putuint8(buffer, 0); - isc_buffer_usedregion(buffer, &r); - REGION_TO_GBUFFER(r, *gbuffer); -} - -isc_result_t -dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, void **cred) { - isc_buffer_t namebuf; - gss_name_t gname; - gss_buffer_desc gnamebuf; - unsigned char array[DNS_NAME_MAXTEXT + 1]; - OM_uint32 gret, minor; - gss_OID_set mechs; - OM_uint32 lifetime; - gss_cred_usage_t usage; - - REQUIRE(cred != NULL && *cred == NULL); - - if (name != NULL) { - isc_buffer_init(&namebuf, array, sizeof(array)); - name_to_gbuffer(name, &namebuf, &gnamebuf); - gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, - &gname); - if (gret != GSS_S_COMPLETE) - return (ISC_R_FAILURE); - } else - gname = NULL; - - if (initiate) - usage = GSS_C_INITIATE; - else - usage = GSS_C_ACCEPT; - - gret = gss_acquire_cred(&minor, gname, GSS_C_INDEFINITE, - GSS_C_NO_OID_SET, usage, - cred, &mechs, &lifetime); - if (gret != GSS_S_COMPLETE) - return (ISC_R_FAILURE); - return (ISC_R_SUCCESS); -} - -isc_result_t -dst_gssapi_initctx(dns_name_t *name, void *cred, - isc_region_t *intoken, isc_buffer_t *outtoken, - void **context) -{ - isc_region_t r; - isc_buffer_t namebuf; - gss_buffer_desc gnamebuf, gintoken, *gintokenp, gouttoken; - OM_uint32 gret, minor, flags, ret_flags; - gss_OID mech_type, ret_mech_type; - OM_uint32 lifetime; - gss_name_t gname; - isc_result_t result; - unsigned char array[DNS_NAME_MAXTEXT + 1]; - - isc_buffer_init(&namebuf, array, sizeof(array)); - name_to_gbuffer(name, &namebuf, &gnamebuf); - gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname); - if (gret != GSS_S_COMPLETE) - return (ISC_R_FAILURE); - - if (intoken != NULL) { - REGION_TO_GBUFFER(*intoken, gintoken); - gintokenp = &gintoken; - } else - gintokenp = NULL; - - if (*context == NULL) - *context = GSS_C_NO_CONTEXT; - flags = GSS_C_REPLAY_FLAG | GSS_C_MUTUAL_FLAG | GSS_C_DELEG_FLAG | - GSS_C_SEQUENCE_FLAG | GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG; - mech_type = GSS_C_NO_OID; - - gret = gss_init_sec_context(&minor, cred, context, gname, - mech_type, flags, 0, - GSS_C_NO_CHANNEL_BINDINGS, gintokenp, - &ret_mech_type, &gouttoken, &ret_flags, - &lifetime); - if (gret != GSS_S_COMPLETE && gret != GSS_S_CONTINUE_NEEDED) - return (ISC_R_FAILURE); - - GBUFFER_TO_REGION(gouttoken, r); - RETERR(isc_buffer_copyregion(outtoken, &r)); - - if (gret == GSS_S_COMPLETE) - return (ISC_R_SUCCESS); - else - return (DNS_R_CONTINUE); - - out: - return (result); -} - -isc_result_t -dst_gssapi_acceptctx(dns_name_t *name, void *cred, - isc_region_t *intoken, isc_buffer_t *outtoken, - void **context) -{ - isc_region_t r; - isc_buffer_t namebuf; - gss_buffer_desc gnamebuf, gintoken, gouttoken; - OM_uint32 gret, minor, flags; - gss_OID mech_type; - OM_uint32 lifetime; - gss_cred_id_t delegated_cred; - gss_name_t gname; - isc_result_t result; - unsigned char array[DNS_NAME_MAXTEXT + 1]; - - isc_buffer_init(&namebuf, array, sizeof(array)); - name_to_gbuffer(name, &namebuf, &gnamebuf); - gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname); - if (gret != GSS_S_COMPLETE) - return (ISC_R_FAILURE); - - REGION_TO_GBUFFER(*intoken, gintoken); - - if (*context == NULL) - *context = GSS_C_NO_CONTEXT; - - gret = gss_accept_sec_context(&minor, context, cred, &gintoken, - GSS_C_NO_CHANNEL_BINDINGS, gname, - &mech_type, &gouttoken, &flags, - &lifetime, &delegated_cred); - if (gret != GSS_S_COMPLETE) - return (ISC_R_FAILURE); - - GBUFFER_TO_REGION(gouttoken, r); - RETERR(isc_buffer_copyregion(outtoken, &r)); - - return (ISC_R_SUCCESS); - - out: - return (result); -} - -#else - -isc_result_t -dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, void **cred) { - UNUSED(name); - UNUSED(initiate); - UNUSED(cred); - return (ISC_R_NOTIMPLEMENTED); -} - -isc_result_t -dst_gssapi_initctx(dns_name_t *name, void *cred, - isc_region_t *intoken, isc_buffer_t *outtoken, - void **context) -{ - UNUSED(name); - UNUSED(cred); - UNUSED(intoken); - UNUSED(outtoken); - UNUSED(context); - return (ISC_R_NOTIMPLEMENTED); -} - -isc_result_t -dst_gssapi_acceptctx(dns_name_t *name, void *cred, - isc_region_t *intoken, isc_buffer_t *outtoken, - void **context) -{ - UNUSED(name); - UNUSED(cred); - UNUSED(intoken); - UNUSED(outtoken); - UNUSED(context); - return (ISC_R_NOTIMPLEMENTED); -} - -#endif diff --git a/usr.sbin/bind/lib/dns/sec/dst/hmac_link.c b/usr.sbin/bind/lib/dns/sec/dst/hmac_link.c deleted file mode 100644 index 84324062657..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/hmac_link.c +++ /dev/null @@ -1,291 +0,0 @@ -/* - * Portions Copyright (C) 1999-2001 Internet Software Consortium. - * Portions Copyright (C) 1995-2000 by Network Associates, Inc. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM AND - * NETWORK ASSOCIATES DISCLAIM ALL WARRANTIES WITH REGARD TO THIS - * SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND - * FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE CONSORTIUM OR NETWORK - * ASSOCIATES BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR - * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF - * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR - * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - * PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Principal Author: Brian Wellington - * $ISC: hmac_link.c,v 1.53.2.1 2001/12/19 01:29:33 marka Exp $ - */ - -#include <config.h> - -#include <isc/buffer.h> -#include <isc/hmacmd5.h> -#include <isc/md5.h> -#include <isc/mem.h> -#include <isc/string.h> -#include <isc/util.h> - -#include <dst/result.h> - -#include "dst_internal.h" -#include "dst_parse.h" - -#define HMAC_LEN 64 -#define HMAC_IPAD 0x36 -#define HMAC_OPAD 0x5c - -static isc_result_t hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data); - -typedef struct hmackey { - unsigned char key[HMAC_LEN]; -} HMAC_Key; - -static isc_result_t -hmacmd5_createctx(dst_key_t *key, dst_context_t *dctx) { - isc_hmacmd5_t *hmacmd5ctx; - HMAC_Key *hkey = key->opaque; - - hmacmd5ctx = isc_mem_get(dctx->mctx, sizeof(isc_hmacmd5_t)); - if (hmacmd5ctx == NULL) - return (ISC_R_NOMEMORY); - isc_hmacmd5_init(hmacmd5ctx, hkey->key, HMAC_LEN); - dctx->opaque = hmacmd5ctx; - return (ISC_R_SUCCESS); -} - -static void -hmacmd5_destroyctx(dst_context_t *dctx) { - isc_hmacmd5_t *hmacmd5ctx = dctx->opaque; - - if (hmacmd5ctx != NULL) { - isc_hmacmd5_invalidate(hmacmd5ctx); - isc_mem_put(dctx->mctx, hmacmd5ctx, sizeof(isc_hmacmd5_t)); - dctx->opaque = NULL; - } -} - -static isc_result_t -hmacmd5_adddata(dst_context_t *dctx, const isc_region_t *data) { - isc_hmacmd5_t *hmacmd5ctx = dctx->opaque; - - isc_hmacmd5_update(hmacmd5ctx, data->base, data->length); - return (ISC_R_SUCCESS); -} - -static isc_result_t -hmacmd5_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_hmacmd5_t *hmacmd5ctx = dctx->opaque; - unsigned char *digest; - - if (isc_buffer_availablelength(sig) < ISC_MD5_DIGESTLENGTH) - return (ISC_R_NOSPACE); - digest = isc_buffer_used(sig); - isc_hmacmd5_sign(hmacmd5ctx, digest); - isc_buffer_add(sig, ISC_MD5_DIGESTLENGTH); - - return (ISC_R_SUCCESS); -} - -static isc_result_t -hmacmd5_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_hmacmd5_t *hmacmd5ctx = dctx->opaque; - - if (sig->length < ISC_MD5_DIGESTLENGTH) - return (DST_R_VERIFYFAILURE); - - if (isc_hmacmd5_verify(hmacmd5ctx, sig->base)) - return (ISC_R_SUCCESS); - else - return (DST_R_VERIFYFAILURE); -} - -static isc_boolean_t -hmacmd5_compare(const dst_key_t *key1, const dst_key_t *key2) { - HMAC_Key *hkey1, *hkey2; - - hkey1 = (HMAC_Key *)key1->opaque; - hkey2 = (HMAC_Key *)key2->opaque; - - if (hkey1 == NULL && hkey2 == NULL) - return (ISC_TRUE); - else if (hkey1 == NULL || hkey2 == NULL) - return (ISC_FALSE); - - if (memcmp(hkey1->key, hkey2->key, HMAC_LEN) == 0) - return (ISC_TRUE); - else - return (ISC_FALSE); -} - -static isc_result_t -hmacmd5_generate(dst_key_t *key, int pseudorandom_ok) { - isc_buffer_t b; - isc_result_t ret; - int bytes; - unsigned char data[HMAC_LEN]; - - bytes = (key->key_size + 7) / 8; - if (bytes > 64) { - bytes = 64; - key->key_size = 512; - } - - memset(data, 0, HMAC_LEN); - ret = dst__entropy_getdata(data, bytes, ISC_TF(pseudorandom_ok != 0)); - - if (ret != ISC_R_SUCCESS) - return (ret); - - isc_buffer_init(&b, data, bytes); - isc_buffer_add(&b, bytes); - ret = hmacmd5_fromdns(key, &b); - memset(data, 0, HMAC_LEN); - - return (ret); -} - -static isc_boolean_t -hmacmd5_isprivate(const dst_key_t *key) { - UNUSED(key); - return (ISC_TRUE); -} - -static isc_boolean_t -hmacmd5_issymmetric(void) { - return (ISC_TRUE); -} - -static void -hmacmd5_destroy(dst_key_t *key) { - HMAC_Key *hkey = key->opaque; - memset(hkey, 0, sizeof(HMAC_Key)); - isc_mem_put(key->mctx, hkey, sizeof(HMAC_Key)); - key->opaque = NULL; -} - -static isc_result_t -hmacmd5_todns(const dst_key_t *key, isc_buffer_t *data) { - HMAC_Key *hkey; - unsigned int bytes; - - REQUIRE(key->opaque != NULL); - - hkey = (HMAC_Key *) key->opaque; - - bytes = (key->key_size + 7) / 8; - if (isc_buffer_availablelength(data) < bytes) - return (ISC_R_NOSPACE); - isc_buffer_putmem(data, hkey->key, bytes); - - return (ISC_R_SUCCESS); -} - -static isc_result_t -hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data) { - HMAC_Key *hkey; - int keylen; - isc_region_t r; - isc_md5_t md5ctx; - - isc_buffer_remainingregion(data, &r); - if (r.length == 0) - return (ISC_R_SUCCESS); - - hkey = (HMAC_Key *) isc_mem_get(key->mctx, sizeof(HMAC_Key)); - if (hkey == NULL) - return (ISC_R_NOMEMORY); - - memset(hkey->key, 0, sizeof(hkey->key)); - - if (r.length > HMAC_LEN) { - isc_md5_init(&md5ctx); - isc_md5_update(&md5ctx, r.base, r.length); - isc_md5_final(&md5ctx, hkey->key); - keylen = ISC_MD5_DIGESTLENGTH; - } - else { - memcpy(hkey->key, r.base, r.length); - keylen = r.length; - } - - key->key_size = keylen * 8; - key->opaque = hkey; - - return (ISC_R_SUCCESS); -} - -static isc_result_t -hmacmd5_tofile(const dst_key_t *key, const char *directory) { - int cnt = 0; - HMAC_Key *hkey; - dst_private_t priv; - int bytes = (key->key_size + 7) / 8; - - if (key->opaque == NULL) - return (DST_R_NULLKEY); - - hkey = (HMAC_Key *) key->opaque; - - priv.elements[cnt].tag = TAG_HMACMD5_KEY; - priv.elements[cnt].length = bytes; - priv.elements[cnt++].data = hkey->key; - - priv.nelements = cnt; - return (dst__privstruct_writefile(key, &priv, directory)); -} - -static isc_result_t -hmacmd5_fromfile(dst_key_t *key, const char *filename) { - dst_private_t priv; - isc_result_t ret; - isc_buffer_t b; - isc_mem_t *mctx = key->mctx; - - /* read private key file */ - ret = dst__privstruct_parsefile(key, filename, mctx, &priv); - if (ret != ISC_R_SUCCESS) - return (ret); - - isc_buffer_init(&b, priv.elements[0].data, priv.elements[0].length); - isc_buffer_add(&b, priv.elements[0].length); - ret = hmacmd5_fromdns(key, &b); - dst__privstruct_free(&priv, mctx); - memset(&priv, 0, sizeof(priv)); - return (ret); -} - -static dst_func_t hmacmd5_functions = { - hmacmd5_createctx, - hmacmd5_destroyctx, - hmacmd5_adddata, - hmacmd5_sign, - hmacmd5_verify, - NULL, /* computesecret */ - hmacmd5_compare, - NULL, /* paramcompare */ - hmacmd5_generate, - hmacmd5_isprivate, - hmacmd5_issymmetric, - hmacmd5_destroy, - hmacmd5_todns, - hmacmd5_fromdns, - hmacmd5_tofile, - hmacmd5_fromfile, -}; - -isc_result_t -dst__hmacmd5_init(dst_func_t **funcp) { - REQUIRE(funcp != NULL && *funcp == NULL); - *funcp = &hmacmd5_functions; - return (ISC_R_SUCCESS); -} - -void -dst__hmacmd5_destroy(void) { -} diff --git a/usr.sbin/bind/lib/dns/sec/dst/include/Makefile.in b/usr.sbin/bind/lib/dns/sec/dst/include/Makefile.in deleted file mode 100644 index c62a26db338..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/include/Makefile.in +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright (C) 1998-2001 Internet Software Consortium. -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM -# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL -# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING -# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, -# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION -# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -# $ISC: Makefile.in,v 1.8 2001/01/09 21:55:41 bwelling Exp $ - -srcdir = @srcdir@ -VPATH = @srcdir@ -top_srcdir = @top_srcdir@ - -SUBDIRS = dst -TARGETS = - -@BIND9_MAKE_RULES@ diff --git a/usr.sbin/bind/lib/dns/sec/dst/include/dst/Makefile.in b/usr.sbin/bind/lib/dns/sec/dst/include/dst/Makefile.in deleted file mode 100644 index 79d09c2d443..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/include/dst/Makefile.in +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright (C) 1998-2001 Internet Software Consortium. -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM -# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL -# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING -# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, -# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION -# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -# $ISC: Makefile.in,v 1.10 2001/01/09 21:55:42 bwelling Exp $ - -srcdir = @srcdir@ -VPATH = @srcdir@ -top_srcdir = @top_srcdir@ - -@BIND9_VERSION@ - -HEADERS = dst.h lib.h result.h - -SUBDIRS = -TARGETS = - -@BIND9_MAKE_RULES@ - -installdirs: - $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${includedir}/dst - -install:: installdirs - for i in ${HEADERS}; do \ - ${INSTALL_DATA} ${srcdir}/$$i ${DESTDIR}${includedir}/dst ; \ - done diff --git a/usr.sbin/bind/lib/dns/sec/dst/include/dst/dst.h b/usr.sbin/bind/lib/dns/sec/dst/include/dst/dst.h deleted file mode 100644 index f0902d3cf8b..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/include/dst/dst.h +++ /dev/null @@ -1,545 +0,0 @@ -/* - * Copyright (C) 2000, 2001 Internet Software Consortium. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM - * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL - * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, - * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING - * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, - * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION - * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* $ISC: dst.h,v 1.42.2.1 2001/12/19 01:09:58 marka Exp $ */ - -#ifndef DST_DST_H -#define DST_DST_H 1 - -#include <isc/lang.h> - -#include <dns/types.h> - -ISC_LANG_BEGINDECLS - -/*** - *** Types - ***/ - -/* - * The dst_key structure is opaque. Applications should use the accessor - * functions provided to retrieve key attributes. If an application needs - * to set attributes, new accessor functions will be written. - */ - -typedef struct dst_key dst_key_t; -typedef struct dst_context dst_context_t; - -/* DST algorithm codes */ -#define DST_ALG_UNKNOWN 0 -#define DST_ALG_RSAMD5 1 -#define DST_ALG_RSA DST_ALG_RSAMD5 /* backwards compatibility */ -#define DST_ALG_DH 2 -#define DST_ALG_DSA 3 -#define DST_ALG_HMACMD5 157 -#define DST_ALG_GSSAPI 160 -#define DST_ALG_PRIVATE 254 -#define DST_ALG_EXPAND 255 -#define DST_MAX_ALGS 255 - -/* A buffer of this size is large enough to hold any key */ -#define DST_KEY_MAXSIZE 1280 - -/* - * A buffer of this size is large enough to hold the textual representation - * of any key - */ -#define DST_KEY_MAXTEXTSIZE 2048 - -/* 'Type' for dst_read_key() */ -#define DST_TYPE_PRIVATE 0x2000000 -#define DST_TYPE_PUBLIC 0x4000000 - -/*** - *** Functions - ***/ - -isc_result_t -dst_lib_init(isc_mem_t *mctx, isc_entropy_t *ectx, unsigned int eflags); -/* - * Initializes the DST subsystem. - * - * Requires: - * "mctx" is a valid memory context - * "ectx" is a valid entropy context - * - * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * - * Ensures: - * DST is properly initialized. - */ - -void -dst_lib_destroy(void); -/* - * Releases all resources allocated by DST. - */ - -isc_boolean_t -dst_algorithm_supported(unsigned int alg); -/* - * Checks that a given algorithm is supported by DST. - * - * Returns: - * ISC_TRUE - * ISC_FALSE - */ - -isc_result_t -dst_context_create(dst_key_t *key, isc_mem_t *mctx, dst_context_t **dctxp); -/* - * Creates a context to be used for a sign or verify operation. - * - * Requires: - * "key" is a valid key. - * "mctx" is a valid memory context. - * dctxp != NULL && *dctxp == NULL - * - * Returns: - * ISC_R_SUCCESS - * ISC_R_NOMEMORY - * - * Ensures: - * *dctxp will contain a usable context. - */ - -void -dst_context_destroy(dst_context_t **dctxp); -/* - * Destroys all memory associated with a context. - * - * Requires: - * *dctxp != NULL && *dctxp == NULL - * - * Ensures: - * *dctxp == NULL - */ - -isc_result_t -dst_context_adddata(dst_context_t *dctx, const isc_region_t *data); -/* - * Incrementally adds data to the context to be used in a sign or verify - * operation. - * - * Requires: - * "dctx" is a valid context - * "data" is a valid region - * - * Returns: - * ISC_R_SUCCESS - * DST_R_SIGNFAILURE - * all other errors indicate failure - */ - -isc_result_t -dst_context_sign(dst_context_t *dctx, isc_buffer_t *sig); -/* - * Computes a signature using the data and key stored in the context. - * - * Requires: - * "dctx" is a valid context. - * "sig" is a valid buffer. - * - * Returns: - * ISC_R_SUCCESS - * DST_R_VERIFYFAILURE - * all other errors indicate failure - * - * Ensures: - * "sig" will contain the signature - */ - -isc_result_t -dst_context_verify(dst_context_t *dctx, isc_region_t *sig); -/* - * Verifies the signature using the data and key stored in the context. - * - * Requires: - * "dctx" is a valid context. - * "sig" is a valid region. - * - * Returns: - * ISC_R_SUCCESS - * all other errors indicate failure - * - * Ensures: - * "sig" will contain the signature - */ - -isc_result_t -dst_key_computesecret(const dst_key_t *pub, const dst_key_t *priv, - isc_buffer_t *secret); -/* - * Computes a shared secret from two (Diffie-Hellman) keys. - * - * Requires: - * "pub" is a valid key that can be used to derive a shared secret - * "priv" is a valid private key that can be used to derive a shared secret - * "secret" is a valid buffer - * - * Returns: - * ISC_R_SUCCESS - * any other result indicates failure - * - * Ensures: - * If successful, secret will contain the derived shared secret. - */ - -isc_result_t -dst_key_fromfile(dns_name_t *name, dns_keytag_t id, unsigned int alg, int type, - const char *directory, isc_mem_t *mctx, dst_key_t **keyp); -/* - * Reads a key from permanent storage. The key can either be a public or - * private key, and is specified by name, algorithm, and id. If a private key - * is specified, the public key must also be present. If directory is NULL, - * the current directory is assumed. - * - * Requires: - * "name" is a valid absolute dns name. - * "id" is a valid key tag identifier. - * "alg" is a supported key algorithm. - * "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union. - * "mctx" is a valid memory context. - * "keyp" is not NULL and "*keyp" is NULL. - * - * Returns: - * ISC_R_SUCCESS - * any other result indicates failure - * - * Ensures: - * If successful, *keyp will contain a valid key. - */ - -isc_result_t -dst_key_fromnamedfile(const char *filename, int type, isc_mem_t *mctx, - dst_key_t **keyp); -/* - * Reads a key from permanent storage. The key can either be a public or - * key, and is specified by filename. If a private key is specified, the - * public key must also be present. - * - * Requires: - * "filename" is not NULL - * "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union - * "mctx" is a valid memory context - * "keyp" is not NULL and "*keyp" is NULL. - * - * Returns: - * ISC_R_SUCCESS - * any other result indicates failure - * - * Ensures: - * If successful, *keyp will contain a valid key. - */ - -isc_result_t -dst_key_tofile(const dst_key_t *key, int type, const char *directory); -/* - * Writes a key to permanent storage. The key can either be a public or - * private key. Public keys are written in DNS format and private keys - * are written as a set of base64 encoded values. If directory is NULL, - * the current directory is assumed. - * - * Requires: - * "key" is a valid key. - * "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union - * - * Returns: - * ISC_R_SUCCESS - * any other result indicates failure - */ - -isc_result_t -dst_key_fromdns(dns_name_t *name, dns_rdataclass_t rdclass, - isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp); -/* - * Converts a DNS KEY record into a DST key. - * - * Requires: - * "name" is a valid absolute dns name. - * "source" is a valid buffer. There must be at least 4 bytes available. - * "mctx" is a valid memory context. - * "keyp" is not NULL and "*keyp" is NULL. - * - * Returns: - * ISC_R_SUCCESS - * any other result indicates failure - * - * Ensures: - * If successful, *keyp will contain a valid key, and the consumed - * pointer in data will be advanced. - */ - -isc_result_t -dst_key_todns(const dst_key_t *key, isc_buffer_t *target); -/* - * Converts a DST key into a DNS KEY record. - * - * Requires: - * "key" is a valid key. - * "target" is a valid buffer. There must be at least 4 bytes unused. - * - * Returns: - * ISC_R_SUCCESS - * any other result indicates failure - * - * Ensures: - * If successful, the used pointer in 'target' is advanced by at least 4. - */ - -isc_result_t -dst_key_frombuffer(dns_name_t *name, unsigned int alg, - unsigned int flags, unsigned int protocol, - dns_rdataclass_t rdclass, - isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp); -/* - * Converts a buffer containing DNS KEY RDATA into a DST key. - * - * Requires: - * "name" is a valid absolute dns name. - * "alg" is a supported key algorithm. - * "source" is a valid buffer. - * "mctx" is a valid memory context. - * "keyp" is not NULL and "*keyp" is NULL. - * - * Returns: - * ISC_R_SUCCESS - * any other result indicates failure - * - * Ensures: - * If successful, *keyp will contain a valid key, and the consumed - * pointer in source will be advanced. - */ - -isc_result_t -dst_key_tobuffer(const dst_key_t *key, isc_buffer_t *target); -/* - * Converts a DST key into DNS KEY RDATA format. - * - * Requires: - * "key" is a valid key. - * "target" is a valid buffer. - * - * Returns: - * ISC_R_SUCCESS - * any other result indicates failure - * - * Ensures: - * If successful, the used pointer in 'target' is advanced. - */ - -isc_result_t -dst_key_fromgssapi(dns_name_t *name, void *opaque, isc_mem_t *mctx, - dst_key_t **keyp); -/* - * Converts a GSSAPI opaque context id into a DST key. - * - * Requires: - * "name" is a valid absolute dns name. - * "opaque" is a GSSAPI context id. - * "mctx" is a valid memory context. - * "keyp" is not NULL and "*keyp" is NULL. - * - * Returns: - * ISC_R_SUCCESS - * any other result indicates failure - * - * Ensures: - * If successful, *keyp will contain a valid key and be responsible for - * the context id. - */ - -isc_result_t -dst_key_generate(dns_name_t *name, unsigned int alg, - unsigned int bits, unsigned int param, - unsigned int flags, unsigned int protocol, - dns_rdataclass_t rdclass, - isc_mem_t *mctx, dst_key_t **keyp); -/* - * Generate a DST key (or keypair) with the supplied parameters. The - * interpretation of the "param" field depends on the algorithm: - * RSA: exponent - * 0 use exponent 3 - * !0 use Fermat4 (2^16 + 1) - * DH: generator - * 0 default - use well known prime if bits == 768 or 1024, - * otherwise use 2 as the generator. - * !0 use this value as the generator. - * DSA: unused - * HMACMD5: entropy - * 0 default - require good entropy - * !0 lack of good entropy is ok - * - * Requires: - * "name" is a valid absolute dns name. - * "keyp" is not NULL and "*keyp" is NULL. - * - * Returns: - * ISC_R_SUCCESS - * any other result indicates failure - * - * Ensures: - * If successful, *keyp will contain a valid key. - */ - -isc_boolean_t -dst_key_compare(const dst_key_t *key1, const dst_key_t *key2); -/* - * Compares two DST keys. - * - * Requires: - * "key1" is a valid key. - * "key2" is a valid key. - * - * Returns: - * ISC_TRUE - * ISC_FALSE - */ - -isc_boolean_t -dst_key_paramcompare(const dst_key_t *key1, const dst_key_t *key2); -/* - * Compares the parameters of two DST keys. This is used to determine if - * two (Diffie-Hellman) keys can be used to derive a shared secret. - * - * Requires: - * "key1" is a valid key. - * "key2" is a valid key. - * - * Returns: - * ISC_TRUE - * ISC_FALSE - */ - -void -dst_key_free(dst_key_t **keyp); -/* - * Release all memory associated with the key. - * - * Requires: - * "keyp" is not NULL and "*keyp" is a valid key. - * - * Ensures: - * All memory associated with "*keyp" will be freed. - * *keyp == NULL - */ - -/* - * Accessor functions to obtain key fields. - * - * Require: - * "key" is a valid key. - */ -dns_name_t * -dst_key_name(const dst_key_t *key); - -unsigned int -dst_key_size(const dst_key_t *key); - -unsigned int -dst_key_proto(const dst_key_t *key); - -unsigned int -dst_key_alg(const dst_key_t *key); - -isc_uint32_t -dst_key_flags(const dst_key_t *key); - -dns_keytag_t -dst_key_id(const dst_key_t *key); - -dns_rdataclass_t -dst_key_class(const dst_key_t *key); - -isc_boolean_t -dst_key_isprivate(const dst_key_t *key); - -isc_boolean_t -dst_key_iszonekey(const dst_key_t *key); - -isc_boolean_t -dst_key_isnullkey(const dst_key_t *key); - -isc_result_t -dst_key_buildfilename(const dst_key_t *key, int type, - const char *directory, isc_buffer_t *out); -/* - * Generates the filename used by dst to store the specified key. - * If directory is NULL, the current directory is assumed. - * - * Requires: - * "key" is a valid key - * "type" is either DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or 0 for no suffix. - * "out" is a valid buffer - * - * Ensures: - * the file name will be written to "out", and the used pointer will - * be advanced. - */ - -isc_result_t -dst_key_sigsize(const dst_key_t *key, unsigned int *n); -/* - * Computes the size of a signature generated by the given key. - * - * Requires: - * "key" is a valid key. - * "n" is not NULL - * - * Returns: - * ISC_R_SUCCESS - * DST_R_UNSUPPORTEDALG - * - * Ensures: - * "n" stores the size of a generated signature - */ - -isc_result_t -dst_key_secretsize(const dst_key_t *key, unsigned int *n); -/* - * Computes the size of a shared secret generated by the given key. - * - * Requires: - * "key" is a valid key. - * "n" is not NULL - * - * Returns: - * ISC_R_SUCCESS - * DST_R_UNSUPPORTEDALG - * - * Ensures: - * "n" stores the size of a generated shared secret - */ - -isc_uint16_t -dst_region_computeid(const isc_region_t *source, unsigned int alg); -/* - * Computes the key id of the key stored in the provided region with the - * given algorithm. - * - * Requires: - * "source" contains a valid, non-NULL region. - * - * Returns: - * the key id - */ - -ISC_LANG_ENDDECLS - -#endif /* DST_DST_H */ diff --git a/usr.sbin/bind/lib/dns/sec/dst/include/dst/gssapi.h b/usr.sbin/bind/lib/dns/sec/dst/include/dst/gssapi.h deleted file mode 100644 index 37bab9e217f..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/include/dst/gssapi.h +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (C) 2000, 2001 Internet Software Consortium. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM - * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL - * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, - * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING - * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, - * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION - * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* $ISC: gssapi.h,v 1.3 2001/01/09 21:55:44 bwelling Exp $ */ - -#ifndef DST_GSSAPI_H -#define DST_GSSAPI_H 1 - -#include <isc/lang.h> - -#include <isc/types.h> - -ISC_LANG_BEGINDECLS - -/*** - *** Types - ***/ - -/*** - *** Functions - ***/ - -isc_result_t -dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, void **cred); - -isc_result_t -dst_gssapi_initctx(dns_name_t *name, void *cred, - isc_region_t *intoken, isc_buffer_t *outtoken, - void **context); - -isc_result_t -dst_gssapi_acceptctx(dns_name_t *name, void *cred, - isc_region_t *intoken, isc_buffer_t *outtoken, - void **context); - -/* - * XXX - */ - -ISC_LANG_ENDDECLS - -#endif /* DST_GSSAPI_H */ diff --git a/usr.sbin/bind/lib/dns/sec/dst/include/dst/lib.h b/usr.sbin/bind/lib/dns/sec/dst/include/dst/lib.h deleted file mode 100644 index c51735f3693..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/include/dst/lib.h +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (C) 1999-2001 Internet Software Consortium. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM - * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL - * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, - * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING - * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, - * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION - * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* $ISC: lib.h,v 1.6 2001/01/09 21:55:45 bwelling Exp $ */ - -#ifndef DST_LIB_H -#define DST_LIB_H 1 - -#include <isc/types.h> -#include <isc/lang.h> - -ISC_LANG_BEGINDECLS - -extern isc_msgcat_t *dst_msgcat; - -void -dst_lib_initmsgcat(void); -/* - * Initialize the DST library's message catalog, dst_msgcat, if it - * has not already been initialized. - */ - -ISC_LANG_ENDDECLS - -#endif /* DST_LIB_H */ diff --git a/usr.sbin/bind/lib/dns/sec/dst/include/dst/result.h b/usr.sbin/bind/lib/dns/sec/dst/include/dst/result.h deleted file mode 100644 index 9014b44c983..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/include/dst/result.h +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (C) 1999-2001 Internet Software Consortium. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM - * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL - * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, - * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING - * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, - * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION - * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* $ISC: result.h,v 1.20 2001/07/10 04:34:36 bwelling Exp $ */ - -#ifndef DST_RESULT_H -#define DST_RESULT_H 1 - -#include <isc/lang.h> -#include <isc/resultclass.h> - -/* - * Nothing in this file truly depends on <isc/result.h>, but the - * DST result codes are considered to be publicly derived from - * the ISC result codes, so including this file buys you the ISC_R_ - * namespace too. - */ -#include <isc/result.h> /* Contractual promise. */ - -#define DST_R_UNSUPPORTEDALG (ISC_RESULTCLASS_DST + 0) -#define DST_R_OPENSSLFAILURE (ISC_RESULTCLASS_DST + 1) -#define DST_R_NOCRYPTO (ISC_RESULTCLASS_DST + 2) -#define DST_R_NULLKEY (ISC_RESULTCLASS_DST + 3) -#define DST_R_INVALIDPUBLICKEY (ISC_RESULTCLASS_DST + 4) -#define DST_R_INVALIDPRIVATEKEY (ISC_RESULTCLASS_DST + 5) -/* 6 is unused */ -#define DST_R_WRITEERROR (ISC_RESULTCLASS_DST + 7) -#define DST_R_INVALIDPARAM (ISC_RESULTCLASS_DST + 8) -/* 9 is unused */ -/* 10 is unused */ -#define DST_R_SIGNFAILURE (ISC_RESULTCLASS_DST + 11) -/* 12 is unused */ -/* 13 is unused */ -#define DST_R_VERIFYFAILURE (ISC_RESULTCLASS_DST + 14) -#define DST_R_NOTPUBLICKEY (ISC_RESULTCLASS_DST + 15) -#define DST_R_NOTPRIVATEKEY (ISC_RESULTCLASS_DST + 16) -#define DST_R_KEYCANNOTCOMPUTESECRET (ISC_RESULTCLASS_DST + 17) -#define DST_R_COMPUTESECRETFAILURE (ISC_RESULTCLASS_DST + 18) -#define DST_R_NORANDOMNESS (ISC_RESULTCLASS_DST + 19) - -#define DST_R_NRESULTS 20 /* Number of results */ - -ISC_LANG_BEGINDECLS - -const char * -dst_result_totext(isc_result_t); - -void -dst_result_register(void); - -ISC_LANG_ENDDECLS - -#endif /* DST_RESULT_H */ diff --git a/usr.sbin/bind/lib/dns/sec/dst/key.c b/usr.sbin/bind/lib/dns/sec/dst/key.c deleted file mode 100644 index ee7a3dd8705..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/key.c +++ /dev/null @@ -1,126 +0,0 @@ -/* - * Copyright (C) 2001 Internet Software Consortium. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM - * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL - * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, - * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING - * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, - * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION - * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* $ISC: key.c,v 1.6 2001/06/27 04:21:18 bwelling Exp $ */ - -#include <config.h> - -#include <stdlib.h> - -#include <isc/region.h> -#include <isc/util.h> - -#include <dns/keyvalues.h> - -#include <dst/dst.h> - -#include "dst_internal.h" - -isc_uint16_t -dst_region_computeid(const isc_region_t *source, unsigned int alg) { - isc_uint32_t ac; - const unsigned char *p; - int size; - - REQUIRE(source != NULL); - REQUIRE(source->length >= 4); - - p = source->base; - size = source->length; - - if (alg == DST_ALG_RSAMD5) - return ((p[size - 3] << 8) + p[size - 2]); - - for (ac = 0; size > 1; size -= 2, p += 2) - ac += ((*p) << 8) + *(p + 1); - - if (size > 0) - ac += ((*p) << 8); - ac += (ac >> 16) & 0xffff; - - return ((isc_uint16_t)(ac & 0xffff)); -} - -dns_name_t * -dst_key_name(const dst_key_t *key) { - REQUIRE(VALID_KEY(key)); - return (key->key_name); -} - -unsigned int -dst_key_size(const dst_key_t *key) { - REQUIRE(VALID_KEY(key)); - return (key->key_size); -} - -unsigned int -dst_key_proto(const dst_key_t *key) { - REQUIRE(VALID_KEY(key)); - return (key->key_proto); -} - -unsigned int -dst_key_alg(const dst_key_t *key) { - REQUIRE(VALID_KEY(key)); - return (key->key_alg); -} - -isc_uint32_t -dst_key_flags(const dst_key_t *key) { - REQUIRE(VALID_KEY(key)); - return (key->key_flags); -} - -dns_keytag_t -dst_key_id(const dst_key_t *key) { - REQUIRE(VALID_KEY(key)); - return (key->key_id); -} - -dns_rdataclass_t -dst_key_class(const dst_key_t *key) { - REQUIRE(VALID_KEY(key)); - return (key->key_class); -} - -isc_boolean_t -dst_key_iszonekey(const dst_key_t *key) { - REQUIRE(VALID_KEY(key)); - - if ((key->key_flags & DNS_KEYTYPE_NOAUTH) != 0) - return (ISC_FALSE); - if ((key->key_flags & DNS_KEYFLAG_OWNERMASK) != DNS_KEYOWNER_ZONE) - return (ISC_FALSE); - if (key->key_proto != DNS_KEYPROTO_DNSSEC && - key->key_proto != DNS_KEYPROTO_ANY) - return (ISC_FALSE); - return (ISC_TRUE); -} - -isc_boolean_t -dst_key_isnullkey(const dst_key_t *key) { - REQUIRE(VALID_KEY(key)); - - if ((key->key_flags & DNS_KEYFLAG_TYPEMASK) != DNS_KEYTYPE_NOKEY) - return (ISC_FALSE); - if ((key->key_flags & DNS_KEYFLAG_OWNERMASK) != DNS_KEYOWNER_ZONE) - return (ISC_FALSE); - if (key->key_proto != DNS_KEYPROTO_DNSSEC && - key->key_proto != DNS_KEYPROTO_ANY) - return (ISC_FALSE); - return (ISC_TRUE); -} diff --git a/usr.sbin/bind/lib/dns/sec/dst/openssl_link.c b/usr.sbin/bind/lib/dns/sec/dst/openssl_link.c deleted file mode 100644 index 3a81544262c..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/openssl_link.c +++ /dev/null @@ -1,219 +0,0 @@ -/* - * Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") - * Portions Copyright (C) 1999-2003 Internet Software Consortium. - * Portions Copyright (C) 1995-2000 by Network Associates, Inc. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS - * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE - * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR - * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Principal Author: Brian Wellington - * $ISC: openssl_link.c,v 1.46.2.2.2.9 2004/03/16 05:50:23 marka Exp $ - */ -#ifdef OPENSSL - -#include <config.h> - -#include <isc/entropy.h> -#include <isc/mem.h> -#include <isc/mutex.h> -#include <isc/mutexblock.h> -#include <isc/string.h> -#include <isc/thread.h> -#include <isc/util.h> - -#include "dst_internal.h" -#include "dst_openssl.h" - -#include <openssl/err.h> -#include <openssl/rand.h> -#include <openssl/crypto.h> - -#if defined(CRYPTO_LOCK_ENGINE) && (OPENSSL_VERSION_NUMBER < 0x00907000L) -#define USE_ENGINE 1 -#endif - -#ifdef USE_ENGINE -#include <openssl/engine.h> -#endif - -static RAND_METHOD *rm = NULL; -static isc_mutex_t *locks = NULL; -static int nlocks; - -#ifdef USE_ENGINE -static ENGINE *e; -#endif - - -static int -entropy_get(unsigned char *buf, int num) { - isc_result_t result; - if (num < 0) - return (-1); - result = dst__entropy_getdata(buf, (unsigned int) num, ISC_FALSE); - return (result == ISC_R_SUCCESS ? num : -1); -} - -static int -entropy_getpseudo(unsigned char *buf, int num) { - isc_result_t result; - if (num < 0) - return (-1); - result = dst__entropy_getdata(buf, (unsigned int) num, ISC_TRUE); - return (result == ISC_R_SUCCESS ? num : -1); -} - -static void -entropy_add(const void *buf, int num, double entropy) { - /* - * Do nothing. The only call to this provides no useful data anyway. - */ - UNUSED(buf); - UNUSED(num); - UNUSED(entropy); -} - -static void -lock_callback(int mode, int type, const char *file, int line) { - UNUSED(file); - UNUSED(line); - if ((mode & CRYPTO_LOCK) != 0) - LOCK(&locks[type]); - else - UNLOCK(&locks[type]); -} - -static unsigned long -id_callback(void) { - return ((unsigned long)isc_thread_self()); -} - -static void * -mem_alloc(size_t size) { - INSIST(dst__memory_pool != NULL); - return (isc_mem_allocate(dst__memory_pool, size)); -} - -static void -mem_free(void *ptr) { - INSIST(dst__memory_pool != NULL); - if (ptr != NULL) - isc_mem_free(dst__memory_pool, ptr); -} - -static void * -mem_realloc(void *ptr, size_t size) { - void *p; - - INSIST(dst__memory_pool != NULL); - p = NULL; - if (size > 0U) { - p = mem_alloc(size); - if (p != NULL && ptr != NULL) - memcpy(p, ptr, size); - } - if (ptr != NULL) - mem_free(ptr); - return (p); -} - -isc_result_t -dst__openssl_init() { - isc_result_t result; - - CRYPTO_set_mem_functions(mem_alloc, mem_realloc, mem_free); - nlocks = CRYPTO_num_locks(); - locks = mem_alloc(sizeof(isc_mutex_t) * nlocks); - if (locks == NULL) - return (ISC_R_NOMEMORY); - result = isc_mutexblock_init(locks, nlocks); - if (result != ISC_R_SUCCESS) - goto cleanup_mutexalloc; - CRYPTO_set_locking_callback(lock_callback); - CRYPTO_set_id_callback(id_callback); - rm = mem_alloc(sizeof(RAND_METHOD)); - if (rm == NULL) { - result = ISC_R_NOMEMORY; - goto cleanup_mutexinit; - } - rm->seed = NULL; - rm->bytes = entropy_get; - rm->cleanup = NULL; - rm->add = entropy_add; - rm->pseudorand = entropy_getpseudo; - rm->status = NULL; -#ifdef USE_ENGINE - e = ENGINE_new(); - if (e == NULL) { - result = ISC_R_NOMEMORY; - goto cleanup_rm; - } - ENGINE_set_RAND(e, rm); - RAND_set_rand_method(e); -#else - RAND_set_rand_method(rm); -#endif - return (ISC_R_SUCCESS); - -#ifdef USE_ENGINE - cleanup_rm: - mem_free(rm); -#endif - cleanup_mutexinit: - DESTROYMUTEXBLOCK(locks, nlocks); - cleanup_mutexalloc: - mem_free(locks); - return (result); -} - -void -dst__openssl_destroy() { - ERR_clear_error(); -#ifdef USE_ENGINE - if (e != NULL) { - ENGINE_free(e); - e = NULL; - } -#endif - if (locks != NULL) { - DESTROYMUTEXBLOCK(locks, nlocks); - mem_free(locks); - } - if (rm != NULL) - mem_free(rm); -} - -isc_result_t -dst__openssl_toresult(isc_result_t fallback) { - isc_result_t result = fallback; - int err = ERR_get_error(); - - switch (ERR_GET_REASON(err)) { - case ERR_R_MALLOC_FAILURE: - result = ISC_R_NOMEMORY; - break; - default: - break; - } - ERR_clear_error(); - return (result); -} - -#else /* OPENSSL */ - -#include <isc/util.h> - -EMPTY_TRANSLATION_UNIT - -#endif /* OPENSSL */ diff --git a/usr.sbin/bind/lib/dns/sec/dst/openssldh_link.c b/usr.sbin/bind/lib/dns/sec/dst/openssldh_link.c deleted file mode 100644 index e4696ec2f9d..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/openssldh_link.c +++ /dev/null @@ -1,573 +0,0 @@ -/* - * Portions Copyright (C) 1999-2001 Internet Software Consortium. - * Portions Copyright (C) 1995-2000 by Network Associates, Inc. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM AND - * NETWORK ASSOCIATES DISCLAIM ALL WARRANTIES WITH REGARD TO THIS - * SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND - * FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE CONSORTIUM OR NETWORK - * ASSOCIATES BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR - * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF - * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR - * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - * PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Principal Author: Brian Wellington - * $ISC: openssldh_link.c,v 1.38.2.2 2001/12/19 01:29:34 marka Exp $ - */ - -#ifdef OPENSSL - -#include <config.h> - -#include <ctype.h> - -#include <isc/mem.h> -#include <isc/string.h> -#include <isc/util.h> - -#include <dst/result.h> - -#include "dst_internal.h" -#include "dst_parse.h" - -#include <openssl/dh.h> - -#define PRIME768 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088" \ - "A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25" \ - "F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF" - -#define PRIME1024 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" \ - "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF2" \ - "5F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406" \ - "B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF" - -static isc_result_t openssldh_todns(const dst_key_t *key, isc_buffer_t *data); - -static BIGNUM bn2, bn768, bn1024; - -static isc_result_t -openssldh_computesecret(const dst_key_t *pub, const dst_key_t *priv, - isc_buffer_t *secret) -{ - DH *dhpub, *dhpriv; - int ret; - isc_region_t r; - unsigned int len; - - REQUIRE(pub->opaque != NULL); - REQUIRE(priv->opaque != NULL); - - dhpub = (DH *) pub->opaque; - dhpriv = (DH *) priv->opaque; - - len = DH_size(dhpriv); - isc_buffer_availableregion(secret, &r); - if (r.length < len) - return (ISC_R_NOSPACE); - ret = DH_compute_key(r.base, dhpub->pub_key, dhpriv); - if (ret == 0) - return (DST_R_COMPUTESECRETFAILURE); - isc_buffer_add(secret, len); - return (ISC_R_SUCCESS); -} - -static isc_boolean_t -openssldh_compare(const dst_key_t *key1, const dst_key_t *key2) { - int status; - DH *dh1, *dh2; - - dh1 = (DH *) key1->opaque; - dh2 = (DH *) key2->opaque; - - if (dh1 == NULL && dh2 == NULL) - return (ISC_TRUE); - else if (dh1 == NULL || dh2 == NULL) - return (ISC_FALSE); - - status = BN_cmp(dh1->p, dh2->p) || - BN_cmp(dh1->g, dh2->g) || - BN_cmp(dh1->pub_key, dh2->pub_key); - - if (status != 0) - return (ISC_FALSE); - - if (dh1->priv_key != NULL || dh2->priv_key != NULL) { - if (dh1->priv_key == NULL || dh2->priv_key == NULL) - return (ISC_FALSE); - if (BN_cmp(dh1->priv_key, dh2->priv_key) != 0) - return (ISC_FALSE); - } - return (ISC_TRUE); -} - -static isc_boolean_t -openssldh_paramcompare(const dst_key_t *key1, const dst_key_t *key2) { - int status; - DH *dh1, *dh2; - - dh1 = (DH *) key1->opaque; - dh2 = (DH *) key2->opaque; - - if (dh1 == NULL && dh2 == NULL) - return (ISC_TRUE); - else if (dh1 == NULL || dh2 == NULL) - return (ISC_FALSE); - - status = BN_cmp(dh1->p, dh2->p) || - BN_cmp(dh1->g, dh2->g); - - if (status != 0) - return (ISC_FALSE); - return (ISC_TRUE); -} - -static isc_result_t -openssldh_generate(dst_key_t *key, int generator) { - DH *dh = NULL; - - if (generator == 0) { - if (key->key_size == 768 || key->key_size == 1024) { - dh = DH_new(); - if (dh == NULL) - return (ISC_R_NOMEMORY); - if (key->key_size == 768) - dh->p = &bn768; - else - dh->p = &bn1024; - dh->g = &bn2; - } - else - generator = 2; - } - - if (generator != 0) - dh = DH_generate_parameters(key->key_size, generator, - NULL, NULL); - - if (dh == NULL) - return (DST_R_OPENSSLFAILURE); - - if (DH_generate_key(dh) == 0) { - DH_free(dh); - return (DST_R_OPENSSLFAILURE); - } - dh->flags &= ~DH_FLAG_CACHE_MONT_P; - - key->opaque = dh; - - return (ISC_R_SUCCESS); -} - -static isc_boolean_t -openssldh_isprivate(const dst_key_t *key) { - DH *dh = (DH *) key->opaque; - return (ISC_TF(dh != NULL && dh->priv_key != NULL)); -} - -static isc_boolean_t -openssldh_issymmetric(void) { - return (ISC_FALSE); -} - -static void -openssldh_destroy(dst_key_t *key) { - DH *dh = key->opaque; - - if (dh == NULL) - return; - - if (dh->p == &bn768 || dh->p == &bn1024) - dh->p = NULL; - if (dh->g == &bn2) - dh->g = NULL; - DH_free(dh); - key->opaque = NULL; -} - -static void -uint16_toregion(isc_uint16_t val, isc_region_t *region) { - *region->base++ = (val & 0xff00) >> 8; - *region->base++ = (val & 0x00ff); -} - -static isc_uint16_t -uint16_fromregion(isc_region_t *region) { - isc_uint16_t val; - unsigned char *cp = region->base; - - val = ((unsigned int)(cp[0])) << 8; - val |= ((unsigned int)(cp[1])); - - region->base += 2; - return (val); -} - -static isc_result_t -openssldh_todns(const dst_key_t *key, isc_buffer_t *data) { - DH *dh; - isc_region_t r; - isc_uint16_t dnslen, plen, glen, publen; - - REQUIRE(key->opaque != NULL); - - dh = (DH *) key->opaque; - - isc_buffer_availableregion(data, &r); - - if (dh->g == &bn2 && (dh->p == &bn768 || dh->p == &bn1024)) { - plen = 1; - glen = 0; - } - else { - plen = BN_num_bytes(dh->p); - glen = BN_num_bytes(dh->g); - } - publen = BN_num_bytes(dh->pub_key); - dnslen = plen + glen + publen + 6; - if (r.length < (unsigned int) dnslen) - return (ISC_R_NOSPACE); - - uint16_toregion(plen, &r); - if (plen == 1) { - if (dh->p == &bn768) - *r.base = 1; - else - *r.base = 2; - } - else - BN_bn2bin(dh->p, r.base); - r.base += plen; - - uint16_toregion(glen, &r); - if (glen > 0) - BN_bn2bin(dh->g, r.base); - r.base += glen; - - uint16_toregion(publen, &r); - BN_bn2bin(dh->pub_key, r.base); - r.base += publen; - - isc_buffer_add(data, dnslen); - - return (ISC_R_SUCCESS); -} - -static isc_result_t -openssldh_fromdns(dst_key_t *key, isc_buffer_t *data) { - DH *dh; - isc_region_t r; - isc_uint16_t plen, glen, publen; - int special = 0; - - isc_buffer_remainingregion(data, &r); - if (r.length == 0) - return (ISC_R_SUCCESS); - - dh = DH_new(); - if (dh == NULL) - return (ISC_R_NOMEMORY); - dh->flags &= ~DH_FLAG_CACHE_MONT_P; - - /* - * Read the prime length. 1 & 2 are table entries, > 16 means a - * prime follows, otherwise an error. - */ - if (r.length < 2) { - DH_free(dh); - return (DST_R_INVALIDPUBLICKEY); - } - plen = uint16_fromregion(&r); - if (plen < 16 && plen != 1 && plen != 2) { - DH_free(dh); - return (DST_R_INVALIDPUBLICKEY); - } - if (r.length < plen) { - DH_free(dh); - return (DST_R_INVALIDPUBLICKEY); - } - if (plen == 1 || plen == 2) { - if (plen == 1) - special = *r.base++; - else - special = uint16_fromregion(&r); - switch (special) { - case 1: - dh->p = &bn768; - break; - case 2: - dh->p = &bn1024; - break; - default: - DH_free(dh); - return (DST_R_INVALIDPUBLICKEY); - } - } - else { - dh->p = BN_bin2bn(r.base, plen, NULL); - r.base += plen; - } - - /* - * Read the generator length. This should be 0 if the prime was - * special, but it might not be. If it's 0 and the prime is not - * special, we have a problem. - */ - if (r.length < 2) { - DH_free(dh); - return (DST_R_INVALIDPUBLICKEY); - } - glen = uint16_fromregion(&r); - if (r.length < glen) { - DH_free(dh); - return (DST_R_INVALIDPUBLICKEY); - } - if (special != 0) { - if (glen == 0) - dh->g = &bn2; - else { - dh->g = BN_bin2bn(r.base, glen, NULL); - if (BN_cmp(dh->g, &bn2) == 0) { - BN_free(dh->g); - dh->g = &bn2; - } - else { - DH_free(dh); - return (DST_R_INVALIDPUBLICKEY); - } - } - } - else { - if (glen == 0) { - DH_free(dh); - return (DST_R_INVALIDPUBLICKEY); - } - dh->g = BN_bin2bn(r.base, glen, NULL); - } - r.base += glen; - - if (r.length < 2) { - DH_free(dh); - return (DST_R_INVALIDPUBLICKEY); - } - publen = uint16_fromregion(&r); - if (r.length < publen) { - DH_free(dh); - return (DST_R_INVALIDPUBLICKEY); - } - dh->pub_key = BN_bin2bn(r.base, publen, NULL); - r.base += publen; - - key->key_size = BN_num_bits(dh->p); - - isc_buffer_forward(data, plen + glen + publen + 6); - - key->opaque = (void *) dh; - - return (ISC_R_SUCCESS); -} - -static isc_result_t -openssldh_tofile(const dst_key_t *key, const char *directory) { - int i; - DH *dh; - dst_private_t priv; - unsigned char *bufs[4]; - isc_result_t result; - - if (key->opaque == NULL) - return (DST_R_NULLKEY); - - dh = (DH *) key->opaque; - - for (i = 0; i < 4; i++) { - bufs[i] = isc_mem_get(key->mctx, BN_num_bytes(dh->p)); - if (bufs[i] == NULL) { - result = ISC_R_NOMEMORY; - goto fail; - } - } - - i = 0; - - priv.elements[i].tag = TAG_DH_PRIME; - priv.elements[i].length = BN_num_bytes(dh->p); - BN_bn2bin(dh->p, bufs[i]); - priv.elements[i].data = bufs[i]; - i++; - - priv.elements[i].tag = TAG_DH_GENERATOR; - priv.elements[i].length = BN_num_bytes(dh->g); - BN_bn2bin(dh->g, bufs[i]); - priv.elements[i].data = bufs[i]; - i++; - - priv.elements[i].tag = TAG_DH_PRIVATE; - priv.elements[i].length = BN_num_bytes(dh->priv_key); - BN_bn2bin(dh->priv_key, bufs[i]); - priv.elements[i].data = bufs[i]; - i++; - - priv.elements[i].tag = TAG_DH_PUBLIC; - priv.elements[i].length = BN_num_bytes(dh->pub_key); - BN_bn2bin(dh->pub_key, bufs[i]); - priv.elements[i].data = bufs[i]; - i++; - - priv.nelements = i; - result = dst__privstruct_writefile(key, &priv, directory); - fail: - for (i = 0; i < 4; i++) { - if (bufs[i] == NULL) - break; - isc_mem_put(key->mctx, bufs[i], BN_num_bytes(dh->p)); - } - return (result); -} - -static isc_result_t -openssldh_fromfile(dst_key_t *key, const char *filename) { - dst_private_t priv; - isc_result_t ret; - int i; - DH *dh = NULL; - isc_mem_t *mctx; -#define DST_RET(a) {ret = a; goto err;} - - mctx = key->mctx; - - /* read private key file */ - ret = dst__privstruct_parsefile(key, filename, mctx, &priv); - if (ret != ISC_R_SUCCESS) - return (ret); - - dh = DH_new(); - if (dh == NULL) - DST_RET(ISC_R_NOMEMORY); - dh->flags &= ~DH_FLAG_CACHE_MONT_P; - key->opaque = dh; - - for (i = 0; i < priv.nelements; i++) { - BIGNUM *bn; - bn = BN_bin2bn(priv.elements[i].data, - priv.elements[i].length, NULL); - if (bn == NULL) - DST_RET(ISC_R_NOMEMORY); - - switch (priv.elements[i].tag) { - case TAG_DH_PRIME: - dh->p = bn; - break; - case TAG_DH_GENERATOR: - dh->g = bn; - break; - case TAG_DH_PRIVATE: - dh->priv_key = bn; - break; - case TAG_DH_PUBLIC: - dh->pub_key = bn; - break; - } - } - dst__privstruct_free(&priv, mctx); - - key->key_size = BN_num_bits(dh->p); - - if ((key->key_size == 768 || key->key_size == 1024) && - BN_cmp(dh->g, &bn2) == 0) - { - if (key->key_size == 768 && BN_cmp(dh->p, &bn768) == 0) { - BN_free(dh->p); - BN_free(dh->g); - dh->p = &bn768; - dh->g = &bn2; - } else if (key->key_size == 1024 && - BN_cmp(dh->p, &bn1024) == 0) { - BN_free(dh->p); - BN_free(dh->g); - dh->p = &bn1024; - dh->g = &bn2; - } - } - - return (ISC_R_SUCCESS); - - err: - openssldh_destroy(key); - dst__privstruct_free(&priv, mctx); - memset(&priv, 0, sizeof(priv)); - return (ret); -} - -static void -BN_fromhex(BIGNUM *b, const char *str) { - static const char hexdigits[] = "0123456789abcdef"; - unsigned char data[512]; - unsigned int i; - BIGNUM *out; - - RUNTIME_CHECK(strlen(str) < 1024 && strlen(str) % 2 == 0); - for (i = 0; i < strlen(str); i += 2) { - char *s; - unsigned int high, low; - - s = strchr(hexdigits, tolower((unsigned char)str[i])); - RUNTIME_CHECK(s != NULL); - high = s - hexdigits; - - s = strchr(hexdigits, tolower((unsigned char)str[i + 1])); - RUNTIME_CHECK(s != NULL); - low = s - hexdigits; - - data[i/2] = (unsigned char)((high << 4) + low); - } - out = BN_bin2bn(data, strlen(str)/2, b); - RUNTIME_CHECK(out != NULL); -} - -static dst_func_t openssldh_functions = { - NULL, /* createctx */ - NULL, /* destroyctx */ - NULL, /* adddata */ - NULL, /* openssldh_sign */ - NULL, /* openssldh_verify */ - openssldh_computesecret, - openssldh_compare, - openssldh_paramcompare, - openssldh_generate, - openssldh_isprivate, - openssldh_issymmetric, - openssldh_destroy, - openssldh_todns, - openssldh_fromdns, - openssldh_tofile, - openssldh_fromfile, -}; - -isc_result_t -dst__openssldh_init(dst_func_t **funcp) { - REQUIRE(funcp != NULL && *funcp == NULL); - BN_init(&bn2); - BN_init(&bn768); - BN_init(&bn1024); - BN_set_word(&bn2, 2); - BN_fromhex(&bn768, PRIME768); - BN_fromhex(&bn1024, PRIME1024); - *funcp = &openssldh_functions; - return (ISC_R_SUCCESS); -} - -void -dst__openssldh_destroy(void) { - BN_free(&bn2); - BN_free(&bn768); - BN_free(&bn1024); -} - -#endif /* OPENSSL */ diff --git a/usr.sbin/bind/lib/dns/sec/dst/openssldsa_link.c b/usr.sbin/bind/lib/dns/sec/dst/openssldsa_link.c deleted file mode 100644 index f1474e80480..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/openssldsa_link.c +++ /dev/null @@ -1,445 +0,0 @@ -/* - * Portions Copyright (C) 1999-2001 Internet Software Consortium. - * Portions Copyright (C) 1995-2000 by Network Associates, Inc. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM AND - * NETWORK ASSOCIATES DISCLAIM ALL WARRANTIES WITH REGARD TO THIS - * SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND - * FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE CONSORTIUM OR NETWORK - * ASSOCIATES BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR - * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF - * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR - * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - * PERFORMANCE OF THIS SOFTWARE. - */ - -/* $ISC: openssldsa_link.c,v 1.4.2.1 2001/12/19 01:29:35 marka Exp $ */ - -#ifdef OPENSSL - -#include <config.h> - -#include <string.h> - -#include <isc/entropy.h> -#include <isc/mem.h> -#include <isc/sha1.h> -#include <isc/util.h> - -#include <dst/result.h> - -#include "dst_internal.h" -#include "dst_parse.h" - -#include <openssl/dsa.h> - -static isc_result_t openssldsa_todns(const dst_key_t *key, isc_buffer_t *data); - -static isc_result_t -openssldsa_createctx(dst_key_t *key, dst_context_t *dctx) { - isc_sha1_t *sha1ctx; - - UNUSED(key); - - sha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_sha1_t)); - isc_sha1_init(sha1ctx); - dctx->opaque = sha1ctx; - return (ISC_R_SUCCESS); -} - -static void -openssldsa_destroyctx(dst_context_t *dctx) { - isc_sha1_t *sha1ctx = dctx->opaque; - - if (sha1ctx != NULL) { - isc_sha1_invalidate(sha1ctx); - isc_mem_put(dctx->mctx, sha1ctx, sizeof(isc_sha1_t)); - dctx->opaque = NULL; - } -} - -static isc_result_t -openssldsa_adddata(dst_context_t *dctx, const isc_region_t *data) { - isc_sha1_t *sha1ctx = dctx->opaque; - - isc_sha1_update(sha1ctx, data->base, data->length); - return (ISC_R_SUCCESS); -} - -static int -BN_bn2bin_fixed(BIGNUM *bn, unsigned char *buf, int size) { - int bytes = size - BN_num_bytes(bn); - while (bytes-- > 0) - *buf++ = 0; - BN_bn2bin(bn, buf); - return (size); -} - -static isc_result_t -openssldsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_sha1_t *sha1ctx = dctx->opaque; - dst_key_t *key = dctx->key; - DSA *dsa = key->opaque; - DSA_SIG *dsasig; - isc_region_t r; - unsigned char digest[ISC_SHA1_DIGESTLENGTH]; - - isc_buffer_availableregion(sig, &r); - if (r.length < ISC_SHA1_DIGESTLENGTH * 2 + 1) - return (ISC_R_NOSPACE); - - isc_sha1_final(sha1ctx, digest); - - dsasig = DSA_do_sign(digest, ISC_SHA1_DIGESTLENGTH, dsa); - if (dsasig == NULL) - return (DST_R_SIGNFAILURE); - - *r.base++ = (key->key_size - 512)/64; - BN_bn2bin_fixed(dsasig->r, r.base, ISC_SHA1_DIGESTLENGTH); - r.base += ISC_SHA1_DIGESTLENGTH; - BN_bn2bin_fixed(dsasig->s, r.base, ISC_SHA1_DIGESTLENGTH); - r.base += ISC_SHA1_DIGESTLENGTH; - DSA_SIG_free(dsasig); - isc_buffer_add(sig, ISC_SHA1_DIGESTLENGTH * 2 + 1); - - return (ISC_R_SUCCESS); -} - -static isc_result_t -openssldsa_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_sha1_t *sha1ctx = dctx->opaque; - dst_key_t *key = dctx->key; - DSA *dsa = key->opaque; - DSA_SIG *dsasig; - int status = 0; - unsigned char digest[ISC_SHA1_DIGESTLENGTH]; - unsigned char *cp = sig->base; - - isc_sha1_final(sha1ctx, digest); - - if (sig->length < 2 * ISC_SHA1_DIGESTLENGTH + 1) - return (DST_R_VERIFYFAILURE); - - cp++; /* Skip T */ - dsasig = DSA_SIG_new(); - dsasig->r = BN_bin2bn(cp, ISC_SHA1_DIGESTLENGTH, NULL); - cp += ISC_SHA1_DIGESTLENGTH; - dsasig->s = BN_bin2bn(cp, ISC_SHA1_DIGESTLENGTH, NULL); - cp += ISC_SHA1_DIGESTLENGTH; - - status = DSA_do_verify(digest, ISC_SHA1_DIGESTLENGTH, dsasig, dsa); - DSA_SIG_free(dsasig); - if (status == 0) - return (DST_R_VERIFYFAILURE); - - return (ISC_R_SUCCESS); -} - -static isc_boolean_t -openssldsa_compare(const dst_key_t *key1, const dst_key_t *key2) { - int status; - DSA *dsa1, *dsa2; - - dsa1 = (DSA *) key1->opaque; - dsa2 = (DSA *) key2->opaque; - - if (dsa1 == NULL && dsa2 == NULL) - return (ISC_TRUE); - else if (dsa1 == NULL || dsa2 == NULL) - return (ISC_FALSE); - - status = BN_cmp(dsa1->p, dsa2->p) || - BN_cmp(dsa1->q, dsa2->q) || - BN_cmp(dsa1->g, dsa2->g) || - BN_cmp(dsa1->pub_key, dsa2->pub_key); - - if (status != 0) - return (ISC_FALSE); - - if (dsa1->priv_key != NULL || dsa2->priv_key != NULL) { - if (dsa1->priv_key == NULL || dsa2->priv_key == NULL) - return (ISC_FALSE); - if (BN_cmp(dsa1->priv_key, dsa2->priv_key)) - return (ISC_FALSE); - } - return (ISC_TRUE); -} - -static isc_result_t -openssldsa_generate(dst_key_t *key, int unused) { - DSA *dsa; - unsigned char rand_array[ISC_SHA1_DIGESTLENGTH]; - isc_result_t result; - - UNUSED(unused); - - result = dst__entropy_getdata(rand_array, sizeof(rand_array), - ISC_FALSE); - if (result != ISC_R_SUCCESS) - return (result); - - dsa = DSA_generate_parameters(key->key_size, rand_array, - ISC_SHA1_DIGESTLENGTH, NULL, NULL, - NULL, NULL); - - if (dsa == NULL) - return (DST_R_OPENSSLFAILURE); - - if (DSA_generate_key(dsa) == 0) { - DSA_free(dsa); - return (DST_R_OPENSSLFAILURE); - } - dsa->flags &= ~DSA_FLAG_CACHE_MONT_P; - - key->opaque = dsa; - - return (ISC_R_SUCCESS); -} - -static isc_boolean_t -openssldsa_isprivate(const dst_key_t *key) { - DSA *dsa = (DSA *) key->opaque; - return (ISC_TF(dsa != NULL && dsa->priv_key != NULL)); -} - -static isc_boolean_t -openssldsa_issymmetric(void) { - return (ISC_FALSE); -} - -static void -openssldsa_destroy(dst_key_t *key) { - DSA *dsa = key->opaque; - DSA_free(dsa); - key->opaque = NULL; -} - - -static isc_result_t -openssldsa_todns(const dst_key_t *key, isc_buffer_t *data) { - DSA *dsa; - isc_region_t r; - int dnslen; - unsigned int t, p_bytes; - - REQUIRE(key->opaque != NULL); - - dsa = (DSA *) key->opaque; - - isc_buffer_availableregion(data, &r); - - t = (BN_num_bytes(dsa->p) - 64) / 8; - if (t > 8) - return (DST_R_INVALIDPUBLICKEY); - p_bytes = 64 + 8 * t; - - dnslen = 1 + (key->key_size * 3)/8 + ISC_SHA1_DIGESTLENGTH; - if (r.length < (unsigned int) dnslen) - return (ISC_R_NOSPACE); - - *r.base++ = t; - BN_bn2bin_fixed(dsa->q, r.base, ISC_SHA1_DIGESTLENGTH); - r.base += ISC_SHA1_DIGESTLENGTH; - BN_bn2bin_fixed(dsa->p, r.base, key->key_size/8); - r.base += p_bytes; - BN_bn2bin_fixed(dsa->g, r.base, key->key_size/8); - r.base += p_bytes; - BN_bn2bin_fixed(dsa->pub_key, r.base, key->key_size/8); - r.base += p_bytes; - - isc_buffer_add(data, dnslen); - - return (ISC_R_SUCCESS); -} - -static isc_result_t -openssldsa_fromdns(dst_key_t *key, isc_buffer_t *data) { - DSA *dsa; - isc_region_t r; - unsigned int t, p_bytes; - isc_mem_t *mctx = key->mctx; - - UNUSED(mctx); - - isc_buffer_remainingregion(data, &r); - if (r.length == 0) - return (ISC_R_SUCCESS); - - dsa = DSA_new(); - if (dsa == NULL) - return (ISC_R_NOMEMORY); - dsa->flags &= ~DSA_FLAG_CACHE_MONT_P; - - t = (unsigned int) *r.base++; - if (t > 8) { - DSA_free(dsa); - return (DST_R_INVALIDPUBLICKEY); - } - p_bytes = 64 + 8 * t; - - if (r.length < 1 + ISC_SHA1_DIGESTLENGTH + 3 * p_bytes) { - DSA_free(dsa); - return (DST_R_INVALIDPUBLICKEY); - } - - dsa->q = BN_bin2bn(r.base, ISC_SHA1_DIGESTLENGTH, NULL); - r.base += ISC_SHA1_DIGESTLENGTH; - - dsa->p = BN_bin2bn(r.base, p_bytes, NULL); - r.base += p_bytes; - - dsa->g = BN_bin2bn(r.base, p_bytes, NULL); - r.base += p_bytes; - - dsa->pub_key = BN_bin2bn(r.base, p_bytes, NULL); - r.base += p_bytes; - - key->key_size = p_bytes * 8; - - isc_buffer_forward(data, 1 + ISC_SHA1_DIGESTLENGTH + 3 * p_bytes); - - key->opaque = (void *) dsa; - - return (ISC_R_SUCCESS); -} - - -static isc_result_t -openssldsa_tofile(const dst_key_t *key, const char *directory) { - int cnt = 0; - DSA *dsa; - dst_private_t priv; - unsigned char bufs[5][128]; - - if (key->opaque == NULL) - return (DST_R_NULLKEY); - - dsa = (DSA *) key->opaque; - - priv.elements[cnt].tag = TAG_DSA_PRIME; - priv.elements[cnt].length = BN_num_bytes(dsa->p); - BN_bn2bin(dsa->p, bufs[cnt]); - priv.elements[cnt].data = bufs[cnt]; - cnt++; - - priv.elements[cnt].tag = TAG_DSA_SUBPRIME; - priv.elements[cnt].length = BN_num_bytes(dsa->q); - BN_bn2bin(dsa->q, bufs[cnt]); - priv.elements[cnt].data = bufs[cnt]; - cnt++; - - priv.elements[cnt].tag = TAG_DSA_BASE; - priv.elements[cnt].length = BN_num_bytes(dsa->g); - BN_bn2bin(dsa->g, bufs[cnt]); - priv.elements[cnt].data = bufs[cnt]; - cnt++; - - priv.elements[cnt].tag = TAG_DSA_PRIVATE; - priv.elements[cnt].length = BN_num_bytes(dsa->priv_key); - BN_bn2bin(dsa->priv_key, bufs[cnt]); - priv.elements[cnt].data = bufs[cnt]; - cnt++; - - priv.elements[cnt].tag = TAG_DSA_PUBLIC; - priv.elements[cnt].length = BN_num_bytes(dsa->pub_key); - BN_bn2bin(dsa->pub_key, bufs[cnt]); - priv.elements[cnt].data = bufs[cnt]; - cnt++; - - priv.nelements = cnt; - return (dst__privstruct_writefile(key, &priv, directory)); -} - -static isc_result_t -openssldsa_fromfile(dst_key_t *key, const char *filename) { - dst_private_t priv; - isc_result_t ret; - int i; - DSA *dsa = NULL; - isc_mem_t *mctx = key->mctx; -#define DST_RET(a) {ret = a; goto err;} - - /* read private key file */ - ret = dst__privstruct_parsefile(key, filename, mctx, &priv); - if (ret != ISC_R_SUCCESS) - return (ret); - - dsa = DSA_new(); - if (dsa == NULL) - DST_RET(ISC_R_NOMEMORY); - dsa->flags &= ~DSA_FLAG_CACHE_MONT_P; - key->opaque = dsa; - - for (i=0; i < priv.nelements; i++) { - BIGNUM *bn; - bn = BN_bin2bn(priv.elements[i].data, - priv.elements[i].length, NULL); - if (bn == NULL) - DST_RET(ISC_R_NOMEMORY); - - switch (priv.elements[i].tag) { - case TAG_DSA_PRIME: - dsa->p = bn; - break; - case TAG_DSA_SUBPRIME: - dsa->q = bn; - break; - case TAG_DSA_BASE: - dsa->g = bn; - break; - case TAG_DSA_PRIVATE: - dsa->priv_key = bn; - break; - case TAG_DSA_PUBLIC: - dsa->pub_key = bn; - break; - } - } - dst__privstruct_free(&priv, mctx); - - key->key_size = BN_num_bits(dsa->p); - - return (ISC_R_SUCCESS); - - err: - openssldsa_destroy(key); - dst__privstruct_free(&priv, mctx); - memset(&priv, 0, sizeof(priv)); - return (ret); -} - -static dst_func_t openssldsa_functions = { - openssldsa_createctx, - openssldsa_destroyctx, - openssldsa_adddata, - openssldsa_sign, - openssldsa_verify, - NULL, /* computesecret */ - openssldsa_compare, - NULL, /* paramcompare */ - openssldsa_generate, - openssldsa_isprivate, - openssldsa_issymmetric, - openssldsa_destroy, - openssldsa_todns, - openssldsa_fromdns, - openssldsa_tofile, - openssldsa_fromfile, -}; - -isc_result_t -dst__openssldsa_init(dst_func_t **funcp) { - REQUIRE(funcp != NULL && *funcp == NULL); - *funcp = &openssldsa_functions; - return (ISC_R_SUCCESS); -} - -void -dst__openssldsa_destroy(void) { -} - -#endif /* OPENSSL */ diff --git a/usr.sbin/bind/lib/dns/sec/dst/opensslrsa_link.c b/usr.sbin/bind/lib/dns/sec/dst/opensslrsa_link.c deleted file mode 100644 index ee46e00c9e4..00000000000 --- a/usr.sbin/bind/lib/dns/sec/dst/opensslrsa_link.c +++ /dev/null @@ -1,567 +0,0 @@ -/* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") - * Copyright (C) 2000-2003 Internet Software Consortium. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH - * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY - * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, - * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM - * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE - * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - * PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Principal Author: Brian Wellington - * $ISC: opensslrsa_link.c,v 1.12.2.4.2.8 2004/03/16 05:50:24 marka Exp $ - */ -#ifdef OPENSSL - -#include <config.h> - -#include <isc/entropy.h> -#include <isc/md5.h> -#include <isc/sha1.h> -#include <isc/mem.h> -#include <isc/string.h> -#include <isc/util.h> - -#include <dst/result.h> - -#include "dst_internal.h" -#include "dst_openssl.h" -#include "dst_parse.h" - -#include <openssl/err.h> -#include <openssl/objects.h> -#include <openssl/rsa.h> - - /* - * XXXMPA Temporarially disable RSA_BLINDING as it requires - * good quality random data that cannot currently be guarenteed. - * XXXMPA Find which versions of openssl use pseudo random data - * and set RSA_FLAG_BLINDING for those. - */ - -#if 0 -#if OPENSSL_VERSION_NUMBER < 0x0090601fL -#define SET_FLAGS(rsa) \ - do { \ - (rsa)->flags &= ~(RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE); \ - (rsa)->flags |= RSA_FLAG_BLINDING; \ - } while (0) -#else -#define SET_FLAGS(rsa) \ - do { \ - (rsa)->flags |= RSA_FLAG_BLINDING; \ - } while (0) -#endif -#endif - -#if OPENSSL_VERSION_NUMBER < 0x0090601fL -#define SET_FLAGS(rsa) \ - do { \ - (rsa)->flags &= ~(RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE); \ - (rsa)->flags &= ~RSA_FLAG_BLINDING; \ - } while (0) -#else -#define SET_FLAGS(rsa) \ - do { \ - (rsa)->flags &= ~RSA_FLAG_BLINDING; \ - } while (0) -#endif - -static isc_result_t opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data); - -static isc_result_t -opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) { - UNUSED(key); - REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || - dctx->key->key_alg == DST_ALG_RSASHA1); - - if (dctx->key->key_alg == DST_ALG_RSAMD5) { - isc_md5_t *md5ctx; - - md5ctx = isc_mem_get(dctx->mctx, sizeof(isc_md5_t)); - isc_md5_init(md5ctx); - dctx->opaque = md5ctx; - } else { - isc_sha1_t *sha1ctx; - - sha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_sha1_t)); - isc_sha1_init(sha1ctx); - dctx->opaque = sha1ctx; - } - - return (ISC_R_SUCCESS); -} - -static void -opensslrsa_destroyctx(dst_context_t *dctx) { - REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || - dctx->key->key_alg == DST_ALG_RSASHA1); - - if (dctx->key->key_alg == DST_ALG_RSAMD5) { - isc_md5_t *md5ctx = dctx->opaque; - - if (md5ctx != NULL) { - isc_md5_invalidate(md5ctx); - isc_mem_put(dctx->mctx, md5ctx, sizeof(isc_md5_t)); - } - } else { - isc_sha1_t *sha1ctx = dctx->opaque; - - if (sha1ctx != NULL) { - isc_sha1_invalidate(sha1ctx); - isc_mem_put(dctx->mctx, sha1ctx, sizeof(isc_sha1_t)); - } - } - dctx->opaque = NULL; -} - -static isc_result_t -opensslrsa_adddata(dst_context_t *dctx, const isc_region_t *data) { - REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || - dctx->key->key_alg == DST_ALG_RSASHA1); - - if (dctx->key->key_alg == DST_ALG_RSAMD5) { - isc_md5_t *md5ctx = dctx->opaque; - isc_md5_update(md5ctx, data->base, data->length); - } else { - isc_sha1_t *sha1ctx = dctx->opaque; - isc_sha1_update(sha1ctx, data->base, data->length); - } - return (ISC_R_SUCCESS); -} - -static isc_result_t -opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { - dst_key_t *key = dctx->key; - RSA *rsa = key->opaque; - isc_region_t r; - /* note: ISC_SHA1_DIGESTLENGTH > ISC_MD5_DIGESTLENGTH */ - unsigned char digest[ISC_SHA1_DIGESTLENGTH]; - unsigned int siglen = 0; - int status; - int type; - unsigned int digestlen; - char *message; - unsigned long err; - const char* file; - int line; - - REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || - dctx->key->key_alg == DST_ALG_RSASHA1); - - isc_buffer_availableregion(sig, &r); - - if (r.length < (unsigned int) RSA_size(rsa)) - return (ISC_R_NOSPACE); - - if (dctx->key->key_alg == DST_ALG_RSAMD5) { - isc_md5_t *md5ctx = dctx->opaque; - isc_md5_final(md5ctx, digest); - type = NID_md5; - digestlen = ISC_MD5_DIGESTLENGTH; - } else { - isc_sha1_t *sha1ctx = dctx->opaque; - isc_sha1_final(sha1ctx, digest); - type = NID_sha1; - digestlen = ISC_SHA1_DIGESTLENGTH; - } - - status = RSA_sign(type, digest, digestlen, r.base, &siglen, rsa); - if (status == 0) { - err = ERR_peek_error_line(&file, &line); - if (err != 0U) { - message = ERR_error_string(err, NULL); - fprintf(stderr, "%s:%s:%d\n", message, - file ? file : "", line); - } - return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); - } - - isc_buffer_add(sig, siglen); - - return (ISC_R_SUCCESS); -} - -static isc_result_t -opensslrsa_verify(dst_context_t *dctx, const isc_region_t *sig) { - dst_key_t *key = dctx->key; - RSA *rsa = key->opaque; - /* note: ISC_SHA1_DIGESTLENGTH > ISC_MD5_DIGESTLENGTH */ - unsigned char digest[ISC_SHA1_DIGESTLENGTH]; - int status = 0; - int type; - unsigned int digestlen; - - REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || - dctx->key->key_alg == DST_ALG_RSASHA1); - - if (dctx->key->key_alg == DST_ALG_RSAMD5) { - isc_md5_t *md5ctx = dctx->opaque; - isc_md5_final(md5ctx, digest); - type = NID_md5; - digestlen = ISC_MD5_DIGESTLENGTH; - } else { - isc_sha1_t *sha1ctx = dctx->opaque; - isc_sha1_final(sha1ctx, digest); - type = NID_sha1; - digestlen = ISC_SHA1_DIGESTLENGTH; - } - - if (sig->length < (unsigned int) RSA_size(rsa)) - return (DST_R_VERIFYFAILURE); - - status = RSA_verify(type, digest, digestlen, sig->base, - RSA_size(rsa), rsa); - if (status == 0) - return (dst__openssl_toresult(DST_R_VERIFYFAILURE)); - - return (ISC_R_SUCCESS); -} - -static isc_boolean_t -opensslrsa_compare(const dst_key_t *key1, const dst_key_t *key2) { - int status; - RSA *rsa1, *rsa2; - - rsa1 = (RSA *) key1->opaque; - rsa2 = (RSA *) key2->opaque; - - if (rsa1 == NULL && rsa2 == NULL) - return (ISC_TRUE); - else if (rsa1 == NULL || rsa2 == NULL) - return (ISC_FALSE); - - status = BN_cmp(rsa1->n, rsa2->n) || - BN_cmp(rsa1->e, rsa2->e); - - if (status != 0) - return (ISC_FALSE); - - if (rsa1->d != NULL || rsa2->d != NULL) { - if (rsa1->d == NULL || rsa2->d == NULL) - return (ISC_FALSE); - status = BN_cmp(rsa1->d, rsa2->d) || - BN_cmp(rsa1->p, rsa2->p) || - BN_cmp(rsa1->q, rsa2->q); - - if (status != 0) - return (ISC_FALSE); - } - return (ISC_TRUE); -} - -static isc_result_t -opensslrsa_generate(dst_key_t *key, int exp) { - RSA *rsa; - unsigned long e; - - if (exp == 0) - e = RSA_3; - else - e = RSA_F4; - rsa = RSA_generate_key(key->key_size, e, NULL, NULL); - if (rsa == NULL) - return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); - SET_FLAGS(rsa); - key->opaque = rsa; - - return (ISC_R_SUCCESS); -} - -static isc_boolean_t -opensslrsa_isprivate(const dst_key_t *key) { - RSA *rsa = (RSA *) key->opaque; - return (ISC_TF(rsa != NULL && rsa->d != NULL)); -} - -static void -opensslrsa_destroy(dst_key_t *key) { - RSA *rsa = key->opaque; - RSA_free(rsa); - key->opaque = NULL; -} - - -static isc_result_t -opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { - RSA *rsa; - isc_region_t r; - unsigned int e_bytes; - unsigned int mod_bytes; - - REQUIRE(key->opaque != NULL); - - rsa = (RSA *) key->opaque; - - isc_buffer_availableregion(data, &r); - - e_bytes = BN_num_bytes(rsa->e); - mod_bytes = BN_num_bytes(rsa->n); - - if (e_bytes < 256) { /* key exponent is <= 2040 bits */ - if (r.length < 1) - return (ISC_R_NOSPACE); - isc_buffer_putuint8(data, (isc_uint8_t) e_bytes); - } else { - if (r.length < 3) - return (ISC_R_NOSPACE); - isc_buffer_putuint8(data, 0); - isc_buffer_putuint16(data, (isc_uint16_t) e_bytes); - } - - if (r.length < e_bytes + mod_bytes) - return (ISC_R_NOSPACE); - isc_buffer_availableregion(data, &r); - - BN_bn2bin(rsa->e, r.base); - r.base += e_bytes; - BN_bn2bin(rsa->n, r.base); - - isc_buffer_add(data, e_bytes + mod_bytes); - - return (ISC_R_SUCCESS); -} - -static isc_result_t -opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { - RSA *rsa; - isc_region_t r; - unsigned int e_bytes; - - isc_buffer_remainingregion(data, &r); - if (r.length == 0) - return (ISC_R_SUCCESS); - - rsa = RSA_new(); - if (rsa == NULL) - return (ISC_R_NOMEMORY); - SET_FLAGS(rsa); - - if (r.length < 1) { - RSA_free(rsa); - return (DST_R_INVALIDPUBLICKEY); - } - e_bytes = *r.base++; - r.length--; - - if (e_bytes == 0) { - if (r.length < 2) { - RSA_free(rsa); - return (DST_R_INVALIDPUBLICKEY); - } - e_bytes = ((*r.base++) << 8); - e_bytes += *r.base++; - r.length -= 2; - } - - if (r.length < e_bytes) { - RSA_free(rsa); - return (DST_R_INVALIDPUBLICKEY); - } - rsa->e = BN_bin2bn(r.base, e_bytes, NULL); - r.base += e_bytes; - r.length -= e_bytes; - - rsa->n = BN_bin2bn(r.base, r.length, NULL); - - key->key_size = BN_num_bits(rsa->n); - - isc_buffer_forward(data, r.length); - - key->opaque = (void *) rsa; - - return (ISC_R_SUCCESS); -} - - -static isc_result_t -opensslrsa_tofile(const dst_key_t *key, const char *directory) { - int i; - RSA *rsa; - dst_private_t priv; - unsigned char *bufs[8]; - isc_result_t result; - - if (key->opaque == NULL) - return (DST_R_NULLKEY); - - rsa = (RSA *) key->opaque; - - for (i = 0; i < 8; i++) { - bufs[i] = isc_mem_get(key->mctx, BN_num_bytes(rsa->n)); - if (bufs[i] == NULL) { - result = ISC_R_NOMEMORY; - goto fail; - } - } - - i = 0; - - priv.elements[i].tag = TAG_RSA_MODULUS; - priv.elements[i].length = BN_num_bytes(rsa->n); - BN_bn2bin(rsa->n, bufs[i]); - priv.elements[i].data = bufs[i]; - i++; - - priv.elements[i].tag = TAG_RSA_PUBLICEXPONENT; - priv.elements[i].length = BN_num_bytes(rsa->e); - BN_bn2bin(rsa->e, bufs[i]); - priv.elements[i].data = bufs[i]; - i++; - - priv.elements[i].tag = TAG_RSA_PRIVATEEXPONENT; - priv.elements[i].length = BN_num_bytes(rsa->d); - BN_bn2bin(rsa->d, bufs[i]); - priv.elements[i].data = bufs[i]; - i++; - - priv.elements[i].tag = TAG_RSA_PRIME1; - priv.elements[i].length = BN_num_bytes(rsa->p); - BN_bn2bin(rsa->p, bufs[i]); - priv.elements[i].data = bufs[i]; - i++; - - priv.elements[i].tag = TAG_RSA_PRIME2; - priv.elements[i].length = BN_num_bytes(rsa->q); - BN_bn2bin(rsa->q, bufs[i]); - priv.elements[i].data = bufs[i]; - i++; - - priv.elements[i].tag = TAG_RSA_EXPONENT1; - priv.elements[i].length = BN_num_bytes(rsa->dmp1); - BN_bn2bin(rsa->dmp1, bufs[i]); - priv.elements[i].data = bufs[i]; - i++; - - priv.elements[i].tag = TAG_RSA_EXPONENT2; - priv.elements[i].length = BN_num_bytes(rsa->dmq1); - BN_bn2bin(rsa->dmq1, bufs[i]); - priv.elements[i].data = bufs[i]; - i++; - - priv.elements[i].tag = TAG_RSA_COEFFICIENT; - priv.elements[i].length = BN_num_bytes(rsa->iqmp); - BN_bn2bin(rsa->iqmp, bufs[i]); - priv.elements[i].data = bufs[i]; - i++; - - priv.nelements = i; - result = dst__privstruct_writefile(key, &priv, directory); - fail: - for (i = 0; i < 8; i++) { - if (bufs[i] == NULL) - break; - isc_mem_put(key->mctx, bufs[i], BN_num_bytes(rsa->n)); - } - return (result); -} - -static isc_result_t -opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer) { - dst_private_t priv; - isc_result_t ret; - int i; - RSA *rsa = NULL; - isc_mem_t *mctx = key->mctx; -#define DST_RET(a) {ret = a; goto err;} - - /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv); - if (ret != ISC_R_SUCCESS) - return (ret); - - rsa = RSA_new(); - if (rsa == NULL) - DST_RET(ISC_R_NOMEMORY); - SET_FLAGS(rsa); - key->opaque = rsa; - - for (i = 0; i < priv.nelements; i++) { - BIGNUM *bn; - bn = BN_bin2bn(priv.elements[i].data, - priv.elements[i].length, NULL); - if (bn == NULL) - DST_RET(ISC_R_NOMEMORY); - - switch (priv.elements[i].tag) { - case TAG_RSA_MODULUS: - rsa->n = bn; - break; - case TAG_RSA_PUBLICEXPONENT: - rsa->e = bn; - break; - case TAG_RSA_PRIVATEEXPONENT: - rsa->d = bn; - break; - case TAG_RSA_PRIME1: - rsa->p = bn; - break; - case TAG_RSA_PRIME2: - rsa->q = bn; - break; - case TAG_RSA_EXPONENT1: - rsa->dmp1 = bn; - break; - case TAG_RSA_EXPONENT2: - rsa->dmq1 = bn; - break; - case TAG_RSA_COEFFICIENT: - rsa->iqmp = bn; - break; - } - } - dst__privstruct_free(&priv, mctx); - - key->key_size = BN_num_bits(rsa->n); - - return (ISC_R_SUCCESS); - - err: - opensslrsa_destroy(key); - dst__privstruct_free(&priv, mctx); - memset(&priv, 0, sizeof(priv)); - return (ret); -} - -static dst_func_t opensslrsa_functions = { - opensslrsa_createctx, - opensslrsa_destroyctx, - opensslrsa_adddata, - opensslrsa_sign, - opensslrsa_verify, - NULL, /* computesecret */ - opensslrsa_compare, - NULL, /* paramcompare */ - opensslrsa_generate, - opensslrsa_isprivate, - opensslrsa_destroy, - opensslrsa_todns, - opensslrsa_fromdns, - opensslrsa_tofile, - opensslrsa_parse, - NULL, /* cleanup */ -}; - -isc_result_t -dst__opensslrsa_init(dst_func_t **funcp) { - REQUIRE(funcp != NULL); - if (*funcp == NULL) - *funcp = &opensslrsa_functions; - return (ISC_R_SUCCESS); -} - -#else /* OPENSSL */ - -#include <isc/util.h> - -EMPTY_TRANSLATION_UNIT - -#endif /* OPENSSL */ diff --git a/usr.sbin/bind/lib/dns/validator.c b/usr.sbin/bind/lib/dns/validator.c index afcfb9da97d..7a5f87c1db7 100644 --- a/usr.sbin/bind/lib/dns/validator.c +++ b/usr.sbin/bind/lib/dns/validator.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: validator.c,v 1.91.2.5.8.12 2004/06/11 01:17:36 marka Exp $ */ +/* $ISC: validator.c,v 1.91.2.5.8.15 2005/02/09 05:13:02 marka Exp $ */ #include <config.h> @@ -2356,8 +2356,18 @@ proveunsecure(dns_validator_t *val, isc_boolean_t resume) { } if (result == ISC_R_NOTFOUND) { - if (!val->havedlvsep) + if (!val->havedlvsep) { + validator_log(val, ISC_LOG_DEBUG(3), + "not beneath secure root / DLV"); + if (val->mustbesecure) { + validator_log(val, ISC_LOG_WARNING, + "must be secure failure"); + result = DNS_R_MUSTBESECURE; + goto out; + } + val->event->rdataset->trust = dns_trust_answer; return (ISC_R_SUCCESS); + } dns_name_copy(dns_fixedname_name(&val->dlvsep), dns_fixedname_name(&secroot), NULL); } else if (result != ISC_R_SUCCESS) diff --git a/usr.sbin/bind/lib/dns/xfrin.c b/usr.sbin/bind/lib/dns/xfrin.c index d10ef402bb5..55b6e2a5749 100644 --- a/usr.sbin/bind/lib/dns/xfrin.c +++ b/usr.sbin/bind/lib/dns/xfrin.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: xfrin.c,v 1.124.2.4.2.7 2004/03/08 09:04:33 marka Exp $ */ +/* $ISC: xfrin.c,v 1.124.2.4.2.9 2004/10/13 22:28:42 marka Exp $ */ #include <config.h> @@ -500,8 +500,8 @@ xfr_rr(dns_xfrin_ctx_t *xfr, dns_name_t *name, isc_uint32_t ttl, case XFRST_IXFR_ADD: if (rdata->type == dns_rdatatype_soa) { isc_uint32_t soa_serial = dns_soa_getserial(rdata); - CHECK(ixfr_commit(xfr)); if (soa_serial == xfr->end_serial) { + CHECK(ixfr_commit(xfr)); xfr->state = XFRST_END; break; } else if (soa_serial != xfr->ixfr.current_serial) { @@ -511,6 +511,7 @@ xfr_rr(dns_xfrin_ctx_t *xfr, dns_name_t *name, isc_uint32_t ttl, xfr->ixfr.current_serial, soa_serial); FAIL(DNS_R_FORMERR); } else { + CHECK(ixfr_commit(xfr)); xfr->state = XFRST_IXFR_DELSOA; goto redo; } diff --git a/usr.sbin/bind/lib/dns/zone.c b/usr.sbin/bind/lib/dns/zone.c index 0bc4aef47b5..775c9c8079b 100644 --- a/usr.sbin/bind/lib/dns/zone.c +++ b/usr.sbin/bind/lib/dns/zone.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: zone.c,v 1.333.2.23.2.50 2004/08/28 05:53:37 marka Exp $ */ +/* $ISC: zone.c,v 1.333.2.23.2.55 2005/02/03 23:50:45 marka Exp $ */ #include <config.h> @@ -1488,7 +1488,7 @@ zone_count_ns_rr(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, result = ISC_R_SUCCESS; goto invalidate_rdataset; } - else if (result != ISC_R_SUCCESS) + if (result != ISC_R_SUCCESS) goto invalidate_rdataset; count = 0; @@ -1524,6 +1524,22 @@ zone_load_soa_rr(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, dns_rdataset_init(&rdataset); result = dns_db_findrdataset(db, node, version, dns_rdatatype_soa, dns_rdatatype_none, 0, &rdataset, NULL); + if (result == ISC_R_NOTFOUND) { + if (soacount != NULL) + *soacount = 0; + if (serial != NULL) + *serial = 0; + if (refresh != NULL) + *refresh = 0; + if (retry != NULL) + *retry = 0; + if (expire != NULL) + *expire = 0; + if (minimum != NULL) + *minimum = 0; + result = ISC_R_SUCCESS; + goto invalidate_rdataset; + } if (result != ISC_R_SUCCESS) goto invalidate_rdataset; @@ -2199,7 +2215,6 @@ zone_expire(dns_zone_t *zone) { zone->refresh = DNS_ZONE_DEFAULTREFRESH; zone->retry = DNS_ZONE_DEFAULTRETRY; DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_HAVETIMERS); - DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NEEDDUMP); zone_unload(zone); } @@ -2554,6 +2569,7 @@ zone_unload(dns_zone_t *zone) { dns_db_detach(&zone->db); DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_LOADED); + DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_NEEDDUMP); } void @@ -2907,6 +2923,7 @@ zone_notify(dns_zone_t *zone) { dns_notifytype_t notifytype; unsigned int flags = 0; isc_boolean_t loggednotify = ISC_FALSE; + dns_db_t *db = NULL; REQUIRE(DNS_ZONE_VALID(zone)); @@ -2921,6 +2938,13 @@ zone_notify(dns_zone_t *zone) { if (notifytype == dns_notifytype_no) return; + LOCK_ZONE(zone); + if (zone->db != NULL) + dns_db_attach(zone->db, &db); + UNLOCK_ZONE(zone); + if (db == NULL) + return; + origin = &zone->origin; /* @@ -2933,14 +2957,13 @@ zone_notify(dns_zone_t *zone) { /* * Get SOA RRset. */ - dns_db_currentversion(zone->db, &version); - result = dns_db_findnode(zone->db, origin, ISC_FALSE, &node); + dns_db_currentversion(db, &version); + result = dns_db_findnode(db, origin, ISC_FALSE, &node); if (result != ISC_R_SUCCESS) goto cleanup1; dns_rdataset_init(&soardset); - result = dns_db_findrdataset(zone->db, node, version, - dns_rdatatype_soa, + result = dns_db_findrdataset(db, node, version, dns_rdatatype_soa, dns_rdatatype_none, 0, &soardset, NULL); if (result != ISC_R_SUCCESS) goto cleanup2; @@ -2997,8 +3020,7 @@ zone_notify(dns_zone_t *zone) { */ dns_rdataset_init(&nsrdset); - result = dns_db_findrdataset(zone->db, node, version, - dns_rdatatype_ns, + result = dns_db_findrdataset(db, node, version, dns_rdatatype_ns, dns_rdatatype_none, 0, &nsrdset, NULL); if (result != ISC_R_SUCCESS) goto cleanup3; @@ -3055,9 +3077,10 @@ zone_notify(dns_zone_t *zone) { if (dns_name_dynamic(&master)) dns_name_free(&master, zone->mctx); cleanup2: - dns_db_detachnode(zone->db, &node); + dns_db_detachnode(db, &node); cleanup1: - dns_db_closeversion(zone->db, &version, ISC_FALSE); + dns_db_closeversion(db, &version, ISC_FALSE); + dns_db_detach(&db); } /*** @@ -3623,7 +3646,12 @@ refresh_callback(isc_task_t *task, isc_event_t *event) { result = ISC_R_FAILURE; if (zone->journal != NULL) result = isc_file_settime(zone->journal, &now); - if (result != ISC_R_SUCCESS) + if (result == ISC_R_SUCCESS && + !DNS_ZONE_FLAG(zone, DNS_ZONEFLG_NEEDDUMP) && + !DNS_ZONE_FLAG(zone, DNS_ZONEFLG_DUMPING)) { + result = isc_file_settime(zone->masterfile, + &now); + } else if (result != ISC_R_SUCCESS) result = isc_file_settime(zone->masterfile, &now); /* Someone removed the file from underneath us! */ @@ -5208,6 +5236,8 @@ static isc_result_t zone_replacedb(dns_zone_t *zone, dns_db_t *db, isc_boolean_t dump) { dns_dbversion_t *ver; isc_result_t result; + unsigned int soacount = 0; + unsigned int nscount = 0; /* * 'zone' locked by caller. @@ -5215,6 +5245,27 @@ zone_replacedb(dns_zone_t *zone, dns_db_t *db, isc_boolean_t dump) { REQUIRE(DNS_ZONE_VALID(zone)); REQUIRE(LOCKED_ZONE(zone)); + result = zone_get_from_db(db, &zone->origin, &nscount, &soacount, + NULL, NULL, NULL, NULL, NULL); + if (result == ISC_R_SUCCESS) { + if (soacount != 1) { + dns_zone_log(zone, ISC_LOG_ERROR, + "has %d SOA records", soacount); + result = DNS_R_BADZONE; + } + if (nscount == 0) { + dns_zone_log(zone, ISC_LOG_ERROR, "has no NS records"); + result = DNS_R_BADZONE; + } + if (result != ISC_R_SUCCESS) + return (result); + } else { + dns_zone_log(zone, ISC_LOG_ERROR, + "retrieving SOA and NS records failed: %s", + dns_result_totext(result)); + return (result); + } + ver = NULL; dns_db_currentversion(db, &ver); @@ -5364,10 +5415,19 @@ zone_xfrdone(dns_zone_t *zone, isc_result_t result) { "transferred zone " "has %d SOA record%s", soacount, (soacount != 0) ? "s" : ""); - if (nscount == 0) + if (nscount == 0) { dns_zone_log(zone, ISC_LOG_ERROR, "transferred zone " "has no NS records"); + if (DNS_ZONE_FLAG(zone, + DNS_ZONEFLG_HAVETIMERS)) { + zone->refresh = DNS_ZONE_DEFAULTREFRESH; + zone->retry = DNS_ZONE_DEFAULTRETRY; + } + DNS_ZONE_CLRFLAG(zone, DNS_ZONEFLG_HAVETIMERS); + zone_unload(zone); + goto next_master; + } zone->serial = serial; zone->refresh = RANGE(refresh, zone->minrefresh, zone->maxrefresh); @@ -5442,6 +5502,7 @@ zone_xfrdone(dns_zone_t *zone, isc_result_t result) { goto same_master; default: + next_master: zone->curmaster++; same_master: if (zone->curmaster >= zone->masterscnt) { diff --git a/usr.sbin/bind/lib/isc/api b/usr.sbin/bind/lib/isc/api index 9d7fc51c828..63704dd62ad 100644 --- a/usr.sbin/bind/lib/isc/api +++ b/usr.sbin/bind/lib/isc/api @@ -1,3 +1,3 @@ LIBINTERFACE = 10 -LIBREVISION = 4 +LIBREVISION = 5 LIBAGE = 1 diff --git a/usr.sbin/bind/lib/isc/pthreads/thread.c b/usr.sbin/bind/lib/isc/pthreads/thread.c index fa34c43334c..459e65a9dfe 100644 --- a/usr.sbin/bind/lib/isc/pthreads/thread.c +++ b/usr.sbin/bind/lib/isc/pthreads/thread.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: thread.c,v 1.9.2.2.2.1 2004/03/06 08:14:54 marka Exp $ */ +/* $ISC: thread.c,v 1.9.2.2.2.2 2004/12/04 06:50:03 marka Exp $ */ #include <config.h> @@ -49,6 +49,12 @@ isc_thread_create(isc_threadfunc_t func, isc_threadarg_t arg, } #endif +#if defined(PTHREAD_SCOPE_SYSTEM) && defined(NEED_PTHREAD_SCOPE_SYSTEM) + ret = pthread_attr_setscope(&attr, PTHREAD_SCOPE_SYSTEM); + if (ret != 0) + return (ISC_R_UNEXPECTED); +#endif + ret = pthread_create(thread, &attr, func, arg); if (ret != 0) return (ISC_R_UNEXPECTED); diff --git a/usr.sbin/bind/lib/isc/string.c b/usr.sbin/bind/lib/isc/string.c index 1dc97243f8d..00a47a0ffeb 100644 --- a/usr.sbin/bind/lib/isc/string.c +++ b/usr.sbin/bind/lib/isc/string.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: string.c,v 1.6.164.4 2004/03/16 05:50:24 marka Exp $ */ +/* $ISC: string.c,v 1.6.164.5 2004/09/16 01:00:58 marka Exp $ */ #include <config.h> @@ -60,7 +60,7 @@ isc_string_touint64(char *source, char **end, int base) { tmp = 0; while ((c = *s) != 0) { - c = tolower(c); + c = tolower(c&0xff); /* end ? */ if ((o = strchr(digits, c)) == NULL) { *end = s; diff --git a/usr.sbin/bind/lib/isc/task.c b/usr.sbin/bind/lib/isc/task.c index ff0f72bcc07..ce0327067b6 100644 --- a/usr.sbin/bind/lib/isc/task.c +++ b/usr.sbin/bind/lib/isc/task.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: task.c,v 1.85.2.3.8.4 2004/03/08 21:06:29 marka Exp $ */ +/* $ISC: task.c,v 1.85.2.3.8.5 2004/10/15 00:45:45 marka Exp $ */ /* * Principal Author: Bob Halley @@ -105,8 +105,8 @@ struct isc_taskmgr { unsigned int magic; isc_mem_t * mctx; isc_mutex_t lock; - unsigned int workers; #ifdef ISC_PLATFORM_USETHREADS + unsigned int workers; isc_thread_t * threads; #endif /* ISC_PLATFORM_USETHREADS */ /* Locked by task manager lock. */ @@ -1025,8 +1025,7 @@ manager_free(isc_taskmgr_t *manager) { #ifdef ISC_PLATFORM_USETHREADS (void)isc_condition_destroy(&manager->exclusive_granted); (void)isc_condition_destroy(&manager->work_available); - isc_mem_put(manager->mctx, manager->threads, - manager->workers * sizeof(isc_thread_t)); + isc_mem_free(manager->mctx, manager->threads); #endif /* ISC_PLATFORM_USETHREADS */ DESTROYLOCK(&manager->lock); manager->magic = 0; @@ -1067,7 +1066,6 @@ isc_taskmgr_create(isc_mem_t *mctx, unsigned int workers, return (ISC_R_NOMEMORY); manager->magic = TASK_MANAGER_MAGIC; manager->mctx = NULL; - manager->workers = 0; if (isc_mutex_init(&manager->lock) != ISC_R_SUCCESS) { UNEXPECTED_ERROR(__FILE__, __LINE__, "isc_mutex_init() %s", @@ -1077,7 +1075,9 @@ isc_taskmgr_create(isc_mem_t *mctx, unsigned int workers, goto cleanup_mgr; } #ifdef ISC_PLATFORM_USETHREADS - manager->threads = isc_mem_get(mctx, workers * sizeof(isc_thread_t)); + manager->workers = 0; + manager->threads = isc_mem_allocate(mctx, + workers * sizeof(isc_thread_t)); if (manager->threads == NULL) { result = ISC_R_NOMEMORY; goto cleanup_lock; @@ -1107,7 +1107,6 @@ isc_taskmgr_create(isc_mem_t *mctx, unsigned int workers, manager->tasks_running = 0; manager->exclusive_requested = ISC_FALSE; manager->exiting = ISC_FALSE; - manager->workers = 0; isc_mem_attach(mctx, &manager->mctx); @@ -1144,7 +1143,7 @@ isc_taskmgr_create(isc_mem_t *mctx, unsigned int workers, cleanup_workavailable: (void)isc_condition_destroy(&manager->work_available); cleanup_threads: - isc_mem_put(mctx, manager->threads, workers * sizeof(isc_thread_t)); + isc_mem_free(mctx, manager->threads); cleanup_lock: DESTROYLOCK(&manager->lock); #endif diff --git a/usr.sbin/bind/lib/isc/unix/ifiter_ioctl.c b/usr.sbin/bind/lib/isc/unix/ifiter_ioctl.c index a5b5cc15a14..65c090b78b2 100644 --- a/usr.sbin/bind/lib/isc/unix/ifiter_ioctl.c +++ b/usr.sbin/bind/lib/isc/unix/ifiter_ioctl.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: ifiter_ioctl.c,v 1.19.2.5.2.14 2004/06/22 04:40:23 marka Exp $ */ +/* $ISC: ifiter_ioctl.c,v 1.19.2.5.2.15 2004/11/10 22:22:49 marka Exp $ */ /* * Obtain the list of network interfaces using the SIOCGLIFCONF ioctl. @@ -339,9 +339,8 @@ isc_interfaceiter_create(isc_mem_t *mctx, isc_interfaceiter_t **iterp) { result = ISC_R_UNEXPECTED; goto socket6_failure; } - iter->result6 = getbuf6(iter); - if (iter->result6 != ISC_R_NOTIMPLEMENTED && - iter->result6 != ISC_R_SUCCESS) + result = iter->result6 = getbuf6(iter); + if (result != ISC_R_NOTIMPLEMENTED && result != ISC_R_SUCCESS) goto ioctl6_failure; } #endif diff --git a/usr.sbin/bind/lib/isc/unix/socket.c b/usr.sbin/bind/lib/isc/unix/socket.c index 9005d145154..16eac939e62 100644 --- a/usr.sbin/bind/lib/isc/unix/socket.c +++ b/usr.sbin/bind/lib/isc/unix/socket.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: socket.c,v 1.207.2.19.2.13 2004/07/01 04:51:15 marka Exp $ */ +/* $ISC: socket.c,v 1.207.2.19.2.15 2004/11/18 21:31:16 marka Exp $ */ #include <config.h> @@ -63,12 +63,8 @@ * some as socklen_t. This is here so it can be easily changed if needed. */ #ifndef ISC_SOCKADDR_LEN_T -#ifdef _BSD_SOCKLEN_T_ -#define ISC_SOCKADDR_LEN_T _BSD_SOCKLEN_T_ -#else #define ISC_SOCKADDR_LEN_T unsigned int #endif -#endif /* * Define what the possible "soft" errors can be. These are non-fatal returns @@ -509,7 +505,7 @@ static void process_cmsg(isc_socket_t *sock, struct msghdr *msg, isc_socketevent_t *dev) { #ifdef USE_CMSG struct cmsghdr *cmsgp; -#ifdef ISC_PLATFORM_HAVEIPV6 +#ifdef ISC_PLATFORM_HAVEIN6PKTINFO struct in6_pktinfo *pktinfop; #endif #ifdef SO_TIMESTAMP @@ -548,7 +544,7 @@ process_cmsg(isc_socket_t *sock, struct msghdr *msg, isc_socketevent_t *dev) { #ifdef SO_TIMESTAMP timevalp = NULL; #endif -#ifdef ISC_PLATFORM_HAVEIPV6 +#ifdef ISC_PLATFORM_HAVEIN6PKTINFO pktinfop = NULL; #endif @@ -558,7 +554,7 @@ process_cmsg(isc_socket_t *sock, struct msghdr *msg, isc_socketevent_t *dev) { isc_msgcat, ISC_MSGSET_SOCKET, ISC_MSG_PROCESSCMSG, "processing cmsg %p", cmsgp); -#ifdef ISC_PLATFORM_HAVEIPV6 +#ifdef ISC_PLATFORM_HAVEIN6PKTINFO if (cmsgp->cmsg_level == IPPROTO_IPV6 && cmsgp->cmsg_type == IPV6_PKTINFO) { @@ -683,7 +679,7 @@ build_msghdr_send(isc_socket_t *sock, isc_socketevent_t *dev, msg->msg_control = NULL; msg->msg_controllen = 0; msg->msg_flags = 0; -#if defined(USE_CMSG) && defined(ISC_PLATFORM_HAVEIPV6) +#if defined(USE_CMSG) && defined(ISC_PLATFORM_HAVEIN6PKTINFO) if ((sock->type == isc_sockettype_udp) && ((dev->attributes & ISC_SOCKEVENTATTR_PKTINFO) != 0)) { struct cmsghdr *cmsgp; @@ -1222,7 +1218,7 @@ allocate_socket(isc_socketmgr_t *manager, isc_sockettype_t type, * set up cmsg buffers */ cmsgbuflen = 0; -#if defined(USE_CMSG) && defined(ISC_PLATFORM_HAVEIPV6) +#if defined(USE_CMSG) && defined(ISC_PLATFORM_HAVEIN6PKTINFO) cmsgbuflen = cmsg_space(sizeof(struct in6_pktinfo)); #endif #if defined(USE_CMSG) && defined(SO_TIMESTAMP) @@ -1236,7 +1232,7 @@ allocate_socket(isc_socketmgr_t *manager, isc_sockettype_t type, } cmsgbuflen = 0; -#if defined(USE_CMSG) && defined(ISC_PLATFORM_HAVEIPV6) +#if defined(USE_CMSG) && defined(ISC_PLATFORM_HAVEIN6PKTINFO) cmsgbuflen = cmsg_space(sizeof(struct in6_pktinfo)); #endif sock->sendcmsgbuflen = cmsgbuflen; @@ -1480,6 +1476,7 @@ isc_socket_create(isc_socketmgr_t *manager, int pf, isc_sockettype_t type, "No buffer available to receive " "IPv6 destination"); } +#ifdef ISC_PLATFORM_HAVEIN6PKTINFO #ifdef IPV6_RECVPKTINFO /* 2292bis */ if ((pf == AF_INET6) @@ -1511,6 +1508,7 @@ isc_socket_create(isc_socketmgr_t *manager, int pf, isc_sockettype_t type, strbuf); } #endif /* IPV6_RECVPKTINFO */ +#endif /* ISC_PLATFORM_HAVEIN6PKTINFO */ #ifdef IPV6_USE_MIN_MTU /*2292bis, not too common yet*/ /* use minimum MTU */ if (pf == AF_INET6) { diff --git a/usr.sbin/bind/lib/isccfg/api b/usr.sbin/bind/lib/isccfg/api index 7c378e6ef95..7e9f0b651e2 100644 --- a/usr.sbin/bind/lib/isccfg/api +++ b/usr.sbin/bind/lib/isccfg/api @@ -1,3 +1,3 @@ LIBINTERFACE = 1 -LIBREVISION = 4 +LIBREVISION = 5 LIBAGE = 0 diff --git a/usr.sbin/bind/lib/lwres/context.c b/usr.sbin/bind/lib/lwres/context.c index 4f45e1a4425..23143b0b57d 100644 --- a/usr.sbin/bind/lib/lwres/context.c +++ b/usr.sbin/bind/lib/lwres/context.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: context.c,v 1.41.2.1.2.3 2004/03/06 08:15:30 marka Exp $ */ +/* $ISC: context.c,v 1.41.2.1.2.4 2004/09/17 05:50:31 marka Exp $ */ #include <config.h> @@ -346,13 +346,12 @@ lwres_context_sendrecv(lwres_context_t *ctx, struct timeval timeout; /* - * Type of tv_sec is long, so make sure the unsigned long timeout - * does not overflow it. + * Type of tv_sec is 32 bits long. */ - if (ctx->timeout <= (unsigned int)LONG_MAX) - timeout.tv_sec = (long)ctx->timeout; + if (ctx->timeout <= 0x7FFFFFFFU) + timeout.tv_sec = (int)ctx->timeout; else - timeout.tv_sec = LONG_MAX; + timeout.tv_sec = 0x7FFFFFFF; timeout.tv_usec = 0; diff --git a/usr.sbin/bind/lib/lwres/print.c b/usr.sbin/bind/lib/lwres/print.c index 057fe0542d2..b167948e6bd 100644 --- a/usr.sbin/bind/lib/lwres/print.c +++ b/usr.sbin/bind/lib/lwres/print.c @@ -15,12 +15,13 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $ISC: print.c,v 1.2.4.1 2004/08/28 06:25:25 marka Exp $ */ +/* $ISC: print.c,v 1.2.4.3 2004/09/16 07:01:13 marka Exp $ */ #include <config.h> #include <ctype.h> #include <stdio.h> /* for sprintf */ +#include <string.h> #define LWRES__PRINT_SOURCE /* Used to get the lwres_print_* prototypes. */ @@ -96,7 +97,7 @@ lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) { while (*format != '\0') { if (*format != '%') { - if (size > 1) { + if (size > 1U) { *str++ = *format; size--; } @@ -170,7 +171,7 @@ lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) { case '\0': continue; case '%': - if (size > 1) { + if (size > 1U) { *str++ = *format; size--; } @@ -200,7 +201,7 @@ lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) { case 'x': case 'X': doint: - if (precision != 0) + if (precision != 0U) zero = 0; switch (*format) { case 'n': @@ -275,7 +276,7 @@ lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) { tmpui = va_arg(ap, unsigned int); if (alt) { head = "0x"; - if (precision > 2) + if (precision > 2U) precision -= 2; } snprintf(buf, sizeof(buf), "%llx", tmpui); @@ -290,19 +291,19 @@ lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) { tmpui = va_arg(ap, unsigned int); if (alt) { head = "0X"; - if (precision > 2) + if (precision > 2U) precision -= 2; } snprintf(buf, sizeof(buf), "%llX", tmpui); goto printint; printint: - if (precision != 0 || width != 0) { + if (precision != 0U || width != 0U) { length = strlen(buf); if (length < precision) zeropad = precision - length; else if (length < width && zero) zeropad = width - length; - if (width != 0) { + if (width != 0U) { pad = width - length - zeropad - strlen(head); if (pad < 0) @@ -312,28 +313,28 @@ lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) { count += strlen(head) + strlen(buf) + pad + zeropad; if (!left) { - while (pad > 0 && size > 1) { + while (pad > 0 && size > 1U) { *str++ = ' '; size--; pad--; } } cp = head; - while (*cp != '\0' && size > 1) { + while (*cp != '\0' && size > 1U) { *str++ = *cp++; size--; } - while (zeropad > 0 && size > 1) { + while (zeropad > 0 && size > 1U) { *str++ = '0'; size--; zeropad--; } cp = buf; - while (*cp != '\0' && size > 1) { + while (*cp != '\0' && size > 1U) { *str++ = *cp++; size--; } - while (pad > 0 && size > 1) { + while (pad > 0 && size > 1U) { *str++ = ' '; size--; pad--; @@ -347,7 +348,7 @@ lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) { cp = va_arg(ap, char *); REQUIRE(cp != NULL); - if (precision != 0) { + if (precision != 0U) { /* * cp need not be NULL terminated. */ @@ -356,37 +357,37 @@ lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) { n = precision; tp = cp; - while (n != 0 && *tp != '\0') + while (n != 0U && *tp != '\0') n--, tp++; length = precision - n; } else { length = strlen(cp); } - if (width != 0) { + if (width != 0U) { pad = width - length; if (pad < 0) pad = 0; } count += pad + length; if (!left) - while (pad > 0 && size > 1) { + while (pad > 0 && size > 1U) { *str++ = ' '; size--; pad--; } - if (precision != 0) - while (precision > 0 && *cp != '\0' && - size > 1) { + if (precision != 0U) + while (precision > 0U && *cp != '\0' && + size > 1U) { *str++ = *cp++; size--; precision--; } else - while (*cp != '\0' && size > 1) { + while (*cp != '\0' && size > 1U) { *str++ = *cp++; size--; } - while (pad > 0 && size > 1) { + while (pad > 0 && size > 1U) { *str++ = ' '; size--; pad--; @@ -394,24 +395,24 @@ lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) { break; case 'c': c = va_arg(ap, int); - if (width > 0) { + if (width > 0U) { count += width; width--; if (left) { *str++ = c; size--; } - while (width-- > 0 && size > 1) { + while (width-- > 0U && size > 1U) { *str++ = ' '; size--; } - if (!left && size > 1) { + if (!left && size > 1U) { *str++ = c; size--; } } else { count++; - if (size > 1) { + if (size > 1U) { *str++ = c; size--; } @@ -423,14 +424,14 @@ lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) { length = strlen(buf); if (precision > length) zeropad = precision - length; - if (width > 0) { + if (width > 0U) { pad = width - length - zeropad; if (pad < 0) pad = 0; } count += length + pad + zeropad; if (!left) - while (pad > 0 && size > 1) { + while (pad > 0 && size > 1U) { *str++ = ' '; size--; pad--; @@ -438,25 +439,25 @@ lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) { cp = buf; if (zeropad > 0 && buf[0] == '0' && (buf[1] == 'x' || buf[1] == 'X')) { - if (size > 1) { + if (size > 1U) { *str++ = *cp++; size--; } - if (size > 1) { + if (size > 1U) { *str++ = *cp++; size--; } - while (zeropad > 0 && size > 1) { + while (zeropad > 0 && size > 1U) { *str++ = '0'; size--; zeropad--; } } - while (*cp != '\0' && size > 1) { + while (*cp != '\0' && size > 1U) { *str++ = *cp++; size--; } - while (pad > 0 && size > 1) { + while (pad > 0 && size > 1U) { *str++ = ' '; size--; pad--; @@ -493,7 +494,7 @@ lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) { * if we cap the precision at 512 we will not * overflow buf. */ - if (precision > 512) + if (precision > 512U) precision = 512; snprintf(fmt, sizeof(fmt), "%%%s%s.%lu%s%c", alt ? "#" : "", @@ -516,24 +517,24 @@ lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) { snprintf(buf, sizeof(buf), fmt, dbl); } length = strlen(buf); - if (width > 0) { + if (width > 0U) { pad = width - length; if (pad < 0) pad = 0; } count += length + pad; if (!left) - while (pad > 0 && size > 1) { + while (pad > 0 && size > 1U) { *str++ = ' '; size--; pad--; } cp = buf; - while (*cp != ' ' && size > 1) { + while (*cp != ' ' && size > 1U) { *str++ = *cp++; size--; } - while (pad > 0 && size > 1) { + while (pad > 0 && size > 1U) { *str++ = ' '; size--; pad--; @@ -548,7 +549,7 @@ lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) { } format++; } - if (size > 0) + if (size > 0U) *str = '\0'; return (count); } diff --git a/usr.sbin/bind/libtool.m4 b/usr.sbin/bind/libtool.m4 index bbcc5f25270..c3b71e89326 100644 --- a/usr.sbin/bind/libtool.m4 +++ b/usr.sbin/bind/libtool.m4 @@ -1,5 +1,5 @@ # libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- -## Copyright 1996, 1997, 1998, 1999, 2000, 2001 +## Copyright 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004 ## Free Software Foundation, Inc. ## Originally by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996 ## @@ -200,6 +200,8 @@ if test -n "$RANLIB"; then old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" fi +cc_basename=`$echo X"$compiler" | $Xsed -e 's%^.*/%%'` + # Only perform the check for file, if the check method requires it case $deplibs_check_method in file_magic*) @@ -317,7 +319,7 @@ fi # The HP-UX ksh and POSIX shell print the target directory to stdout # if CDPATH is set. -if test "X${CDPATH+set}" = Xset; then CDPATH=:; export CDPATH; fi +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH if test -z "$ECHO"; then if test "X${echo_test_string+set}" != Xset; then @@ -641,7 +643,7 @@ AC_DEFUN([AC_LIBTOOL_SYS_MAX_CMD_LEN], AC_MSG_CHECKING([the maximum length of command line arguments]) AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl i=0 - testring="ABCD" + teststring="ABCD" case $build_os in msdosdjgpp*) @@ -676,20 +678,34 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl lt_cv_sys_max_cmd_len=8192; ;; + netbsd* | freebsd* | openbsd* | darwin* ) + # This has been around since 386BSD, at least. Likely further. + if test -x /sbin/sysctl; then + lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` + elif test -x /usr/sbin/sysctl; then + lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` + else + lt_cv_sys_max_cmd_len=65536 # usable default for *BSD + fi + # And add a safety zone + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` + ;; + *) # If test is not a shell built-in, we'll probably end up computing a # maximum length that is only half of the actual maximum length, but # we can't tell. - while (test "X"`$CONFIG_SHELL [$]0 --fallback-echo "X$testring" 2>/dev/null` \ - = "XX$testring") >/dev/null 2>&1 && - new_result=`expr "X$testring" : ".*" 2>&1` && + SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} + while (test "X"`$SHELL [$]0 --fallback-echo "X$teststring" 2>/dev/null` \ + = "XX$teststring") >/dev/null 2>&1 && + new_result=`expr "X$teststring" : ".*" 2>&1` && lt_cv_sys_max_cmd_len=$new_result && test $i != 17 # 1/2 MB should be enough do i=`expr $i + 1` - testring=$testring$testring + teststring=$teststring$teststring done - testring= + teststring= # Add a significant safety factor because C++ compilers can tack on massive # amounts of additional arguments before passing them to the linker. # It appears as though 1/2 is a usable value. @@ -1014,8 +1030,8 @@ AC_DEFUN([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH], [AC_MSG_CHECKING([how to hardcode library paths into programs]) _LT_AC_TAGVAR(hardcode_action, $1)= if test -n "$_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)" || \ - test -n "$_LT_AC_TAGVAR(runpath_var $1)" || \ - test "X$_LT_AC_TAGVAR(hardcode_automatic, $1)"="Xyes" ; then + test -n "$_LT_AC_TAGVAR(runpath_var, $1)" || \ + test "X$_LT_AC_TAGVAR(hardcode_automatic, $1)" = "Xyes" ; then # We can hardcode non-existant directories. if test "$_LT_AC_TAGVAR(hardcode_direct, $1)" != no && @@ -1085,7 +1101,7 @@ AC_DEFUN([AC_LIBTOOL_SYS_DYNAMIC_LINKER], library_names_spec= libname_spec='lib$name' soname_spec= -shrext=".so" +shrext_cmds=".so" postinstall_cmds= postuninstall_cmds= finish_cmds= @@ -1182,7 +1198,7 @@ beos*) shlibpath_var=LIBRARY_PATH ;; -bsdi4*) +bsdi[[45]]*) version_type=linux need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -1198,7 +1214,7 @@ bsdi4*) cygwin* | mingw* | pw32*) version_type=windows - shrext=".dll" + shrext_cmds=".dll" need_version=no need_lib_prefix=no @@ -1263,7 +1279,7 @@ darwin* | rhapsody*) soname_spec='${libname}${release}${major}$shared_ext' shlibpath_overrides_runpath=yes shlibpath_var=DYLD_LIBRARY_PATH - shrext='$(test .$module = .yes && echo .so || echo .dylib)' + shrext_cmds='$(test .$module = .yes && echo .so || echo .dylib)' # Apple's gcc prints 'gcc -print-search-dirs' doesn't operate the same. if test "$GCC" = yes; then sys_lib_search_path_spec=`$CC -print-search-dirs | tr "\n" "$PATH_SEPARATOR" | sed -e 's/libraries:/@libraries:/' | tr "@" "\n" | grep "^libraries:" | sed -e "s/^libraries://" -e "s,=/,/,g" -e "s,$PATH_SEPARATOR, ,g" -e "s,.*,& /lib /usr/lib /usr/local/lib,g"` @@ -1346,7 +1362,7 @@ hpux9* | hpux10* | hpux11*) need_version=no case "$host_cpu" in ia64*) - shrext='.so' + shrext_cmds='.so' hardcode_into_libs=yes dynamic_linker="$host_os dld.so" shlibpath_var=LD_LIBRARY_PATH @@ -1361,7 +1377,7 @@ hpux9* | hpux10* | hpux11*) sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec ;; hppa*64*) - shrext='.sl' + shrext_cmds='.sl' hardcode_into_libs=yes dynamic_linker="$host_os dld.sl" shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH @@ -1372,7 +1388,7 @@ hpux9* | hpux10* | hpux11*) sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec ;; *) - shrext='.sl' + shrext_cmds='.sl' dynamic_linker="$host_os dld.sl" shlibpath_var=SHLIB_PATH shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH @@ -1443,8 +1459,8 @@ linux*) # Append ld.so.conf contents to the search path if test -f /etc/ld.so.conf; then - ld_extra=`$SED -e 's/[:,\t]/ /g;s/=[^=]*$//;s/=[^= ]* / /g' /etc/ld.so.conf` - sys_lib_dlsearch_path_spec="/lib /usr/lib $ld_extra" + lt_ld_extra=`$SED -e 's/[:,\t]/ /g;s/=[^=]*$//;s/=[^= ]* / /g' /etc/ld.so.conf | tr '\n' ' '` + sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" fi # We used to test for /lib/ld.so.1 and disable shared libraries on @@ -1506,7 +1522,7 @@ nto-qnx*) openbsd*) version_type=sunos need_lib_prefix=no - need_version=yes + need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix' finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' shlibpath_var=LD_LIBRARY_PATH @@ -1526,7 +1542,7 @@ openbsd*) os2*) libname_spec='$name' - shrext=".dll" + shrext_cmds=".dll" need_lib_prefix=no library_names_spec='$libname${shared_ext} $libname.a' dynamic_linker='OS/2 ld.exe' @@ -1672,7 +1688,9 @@ if test -f "$ltmain" && test -n "$tagnames"; then case $tagname in CXX) - if test -n "$CXX" && test "X$CXX" != "Xno"; then + if test -n "$CXX" && ( test "X$CXX" != "Xno" && + ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || + (test "X$CXX" != "Xg++"))) ; then AC_LIBTOOL_LANG_CXX_CONFIG else tagname="" @@ -2077,6 +2095,15 @@ case $reload_flag in *) reload_flag=" $reload_flag" ;; esac reload_cmds='$LD$reload_flag -o $output$reload_objs' +case $host_os in + darwin*) + if test "$GCC" = yes; then + reload_cmds='$CC -nostdlib ${wl}-r -o $output$reload_objs' + else + reload_cmds='$LD$reload_flag -o $output$reload_objs' + fi + ;; +esac ])# AC_PROG_LD_RELOAD_FLAG @@ -2110,21 +2137,21 @@ beos*) lt_cv_deplibs_check_method=pass_all ;; -bsdi4*) +bsdi[[45]]*) lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib)' lt_cv_file_magic_cmd='/usr/bin/file -L' lt_cv_file_magic_test_file=/shlib/libc.so ;; cygwin*) - # win32_libid is a shell function defined in ltmain.sh + # func_win32_libid is a shell function defined in ltmain.sh lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' - lt_cv_file_magic_cmd='win32_libid' + lt_cv_file_magic_cmd='func_win32_libid' ;; mingw* | pw32*) # Base MSYS/MinGW do not provide the 'file' command needed by - # win32_libid shell function, so use a weaker test based on 'objdump'. + # func_win32_libid shell function, so use a weaker test based on 'objdump'. lt_cv_deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?' lt_cv_file_magic_cmd='$OBJDUMP -f' ;; @@ -2183,15 +2210,6 @@ irix5* | irix6* | nonstopux*) # This must be Linux ELF. linux*) - case $host_cpu in - alpha*|hppa*|i*86|ia64*|m68*|mips*|powerpc*|sparc*|s390*|sh*) - lt_cv_deplibs_check_method=pass_all ;; - *) - # glibc up to 2.1.1 does not perform some relocations on ARM - # this will be overridden with pass_all, but let us keep it just in case - lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB (shared object|dynamic lib )' ;; - esac - lt_cv_file_magic_test_file=`echo /lib/libc.so* /lib/libc-*.so` lt_cv_deplibs_check_method=pass_all ;; @@ -2214,12 +2232,10 @@ nto-qnx*) ;; openbsd*) - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB shared object' + lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|\.so|_pic\.a)$' else - lt_cv_deplibs_check_method='file_magic OpenBSD.* shared library' + lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' fi ;; @@ -2409,10 +2425,21 @@ AC_DEFUN([AC_LIBTOOL_CXX], # --------------- AC_DEFUN([_LT_AC_LANG_CXX], [AC_REQUIRE([AC_PROG_CXX]) -AC_REQUIRE([AC_PROG_CXXCPP]) +AC_REQUIRE([_LT_AC_PROG_CXXCPP]) _LT_AC_SHELL_INIT([tagnames=${tagnames+${tagnames},}CXX]) ])# _LT_AC_LANG_CXX +# _LT_AC_PROG_CXXCPP +# --------------- +AC_DEFUN([_LT_AC_PROG_CXXCPP], +[ +AC_REQUIRE([AC_PROG_CXX]) +if test -n "$CXX" && ( test "X$CXX" != "Xno" && + ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || + (test "X$CXX" != "Xg++"))) ; then + AC_PROG_CXXCPP +fi +])# _LT_AC_PROG_CXXCPP # AC_LIBTOOL_F77 # -------------- @@ -2548,47 +2575,10 @@ aix3*) fi ;; -aix4*) +aix4* | aix5*) if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then test "$enable_shared" = yes && enable_static=no fi - ;; - darwin* | rhapsody*) - if test "$GCC" = yes; then - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - case "$host_os" in - rhapsody* | darwin1.[[012]]) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-undefined suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-flat_namespace -undefined suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[[012]]) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-flat_namespace -undefined suppress' - ;; - 10.*) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-undefined dynamic_lookup' - ;; - esac - fi - ;; - esac - output_verbose_link_cmd='echo' - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs$compiler_flags -install_name $rpath/$soname $verstring' - _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs$compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_automatic, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='-all_load $convenience' - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi ;; esac AC_MSG_RESULT([$enable_shared]) @@ -2614,7 +2604,7 @@ AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG], [_LT_AC_LANG_CXX_CONFIG(CXX)]) AC_DEFUN([_LT_AC_LANG_CXX_CONFIG], [AC_LANG_PUSH(C++) AC_REQUIRE([AC_PROG_CXX]) -AC_REQUIRE([AC_PROG_CXXCPP]) +AC_REQUIRE([_LT_AC_PROG_CXXCPP]) _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no _LT_AC_TAGVAR(allow_undefined_flag, $1)= @@ -2866,6 +2856,7 @@ case $host_os in esac ;; + cygwin* | mingw* | pw32*) # _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, # as there is no search path for DLLs. @@ -2889,57 +2880,68 @@ case $host_os in _LT_AC_TAGVAR(ld_shlibs, $1)=no fi ;; + darwin* | rhapsody*) + case "$host_os" in + rhapsody* | darwin1.[[012]]) + _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}suppress' + ;; + *) # Darwin 1.3 on + if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then + _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' + else + case ${MACOSX_DEPLOYMENT_TARGET} in + 10.[[012]]) + _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' + ;; + 10.*) + _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}dynamic_lookup' + ;; + esac + fi + ;; + esac + _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no + _LT_AC_TAGVAR(hardcode_direct, $1)=no + _LT_AC_TAGVAR(hardcode_automatic, $1)=yes + _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported + _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='' + _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - darwin* | rhapsody*) - if test "$GXX" = yes; then - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - case "$host_os" in - rhapsody* | darwin1.[[012]]) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-undefined suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-flat_namespace -undefined suppress' + if test "$GXX" = yes ; then + lt_int_apple_cc_single_mod=no + output_verbose_link_cmd='echo' + if $CC -dumpspecs 2>&1 | $EGREP 'single_module' >/dev/null ; then + lt_int_apple_cc_single_mod=yes + fi + if test "X$lt_int_apple_cc_single_mod" = Xyes ; then + _LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[[012]]) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-flat_namespace -undefined suppress' - ;; - 10.*) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-undefined dynamic_lookup' - ;; - esac + _LT_AC_TAGVAR(archive_cmds, $1)='$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring' + fi + _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' + # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's + if test "X$lt_int_apple_cc_single_mod" = Xyes ; then + _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + else + _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + fi + _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + else + case "$cc_basename" in + xlc*) + output_verbose_link_cmd='echo' + _LT_AC_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' + _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' + # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's + _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj ${wl}-single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + ;; + *) + _LT_AC_TAGVAR(ld_shlibs, $1)=no + ;; + esac fi - ;; - esac - lt_int_apple_cc_single_mod=no - output_verbose_link_cmd='echo' - if $CC -dumpspecs 2>&1 | grep 'single_module' >/dev/null ; then - lt_int_apple_cc_single_mod=yes - fi - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -r ${wl}-bind_at_load -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - fi - _LT_AC_TAGVAR(module_cmds, $1)='$CC ${wl}-bind_at_load $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r ${wl}-bind_at_load -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - fi - _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - _LT_AC_TAGVAR(hardcode_direct, $1)=no - _LT_AC_TAGVAR(hardcode_automatic, $1)=yes - _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='-all_load $convenience' - _LT_AC_TAGVAR(link_all_deplibs, $1)=yes - else - _LT_AC_TAGVAR(ld_shlibs, $1)=no - fi - ;; + ;; dgux*) case $cc_basename in @@ -2996,7 +2998,7 @@ case $host_os in # explicitly linking system object files so we need to strip them # from the output so that they don't get included in the library # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | egrep "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' + output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | grep "[-]L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; echo $list' ;; *) if test "$GXX" = yes; then @@ -3145,9 +3147,20 @@ case $host_os in icpc) # Intel C++ with_gnu_ld=yes + # version 8.0 and above of icpc choke on multiply defined symbols + # if we add $predep_objects and $postdep_objects, however 7.1 and + # earlier do not add the objects themselves. + case `$CC -V 2>&1` in + *"Version 7."*) + _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + ;; + *) # Version 8.0 or newer + _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + ;; + esac _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive' @@ -3204,6 +3217,22 @@ case $host_os in # Workaround some broken pre-1.5 toolchains output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | grep conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"' ;; + openbsd2*) + # C++ shared libraries are fairly broken + _LT_AC_TAGVAR(ld_shlibs, $1)=no + ;; + openbsd*) + _LT_AC_TAGVAR(hardcode_direct, $1)=yes + _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no + _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' + _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' + if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib' + _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' + _LT_AC_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive' + fi + output_verbose_link_cmd='echo' + ;; osf3*) case $cc_basename in KCC) @@ -3703,7 +3732,7 @@ aix3*) postinstall_cmds='$RANLIB $lib' fi ;; -aix4*) +aix4* | aix5*) test "$enable_shared" = yes && enable_static=no ;; esac @@ -3970,7 +3999,7 @@ Xsed="$SED -e s/^X//" # The HP-UX ksh and POSIX shell print the target directory to stdout # if CDPATH is set. -if test "X\${CDPATH+set}" = Xset; then CDPATH=:; export CDPATH; fi +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH # The names of the tagged configurations supported by this script. available_tags= @@ -4062,7 +4091,7 @@ objext="$ac_objext" libext="$libext" # Shared library suffix (normally ".so"). -shrext='$shrext' +shrext_cmds='$shrext_cmds' # Executable file suffix (normally ""). exeext="$exeext" @@ -4375,6 +4404,13 @@ hpux*) # Its linker distinguishes data from code symbols lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" ;; +linux*) + if test "$host_cpu" = ia64; then + symcode='[[ABCDGIRSTW]]' + lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" + lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (lt_ptr) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (lt_ptr) \&\2},/p'" + fi + ;; irix* | nonstopux*) symcode='[[BCDEGRST]]' ;; @@ -4602,6 +4638,16 @@ AC_MSG_CHECKING([for $compiler option to produce PIC]) ;; esac ;; + darwin*) + # PIC is the default on this platform + # Common symbols not allowed in MH_DYLIB files + case "$cc_basename" in + xlc*) + _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-qnocommon' + _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + ;; + esac + ;; dgux*) case $cc_basename in ec++) @@ -4855,6 +4901,16 @@ AC_MSG_CHECKING([for $compiler option to produce PIC]) _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp' fi ;; + darwin*) + # PIC is the default on this platform + # Common symbols not allowed in MH_DYLIB files + case "$cc_basename" in + xlc*) + _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-qnocommon' + _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + ;; + esac + ;; mingw* | pw32* | os2*) # This hack is so that the source file can tell whether it is being @@ -5170,7 +5226,7 @@ EOF ;; linux*) - if $LD --help 2>&1 | egrep ': supported targets:.* elf' > /dev/null; then + if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then tmp_archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' _LT_AC_TAGVAR(archive_cmds, $1)="$tmp_archive_cmds" supports_anon_versioning=no @@ -5356,7 +5412,7 @@ $echo "local: *; };" >> $output_objdir/$libname.ver~ _LT_AC_TAGVAR(ld_shlibs, $1)=no ;; - bsdi4*) + bsdi[[45]]*) _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)=-rdynamic ;; @@ -5370,7 +5426,7 @@ $echo "local: *; };" >> $output_objdir/$libname.ver~ # Tell ltmain to make .lib files, not .a files. libext=lib # Tell ltmain to make .dll files, not .so files. - shrext=".dll" + shrext_cmds=".dll" # FIXME: Setting linknames here is a bad hack. _LT_AC_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `echo "$deplibs" | $SED -e '\''s/ -lc$//'\''` -link -dll~linknames=' # The linker will automatically build a .lib file if we build a DLL. @@ -5382,52 +5438,52 @@ $echo "local: *; };" >> $output_objdir/$libname.ver~ ;; darwin* | rhapsody*) - if test "$GXX" = yes ; then - _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no case "$host_os" in - rhapsody* | darwin1.[[012]]) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-undefined suppress' - ;; - *) # Darwin 1.3 on - if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-flat_namespace -undefined suppress' - else - case ${MACOSX_DEPLOYMENT_TARGET} in - 10.[[012]]) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-flat_namespace -undefined suppress' - ;; - 10.*) - _LT_AC_TAGVAR(allow_undefined_flag, $1)='-undefined dynamic_lookup' - ;; - esac - fi - ;; + rhapsody* | darwin1.[[012]]) + _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}suppress' + ;; + *) # Darwin 1.3 on + if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then + _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' + else + case ${MACOSX_DEPLOYMENT_TARGET} in + 10.[[012]]) + _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' + ;; + 10.*) + _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}dynamic_lookup' + ;; + esac + fi + ;; esac - lt_int_apple_cc_single_mod=no - output_verbose_link_cmd='echo' - if $CC -dumpspecs 2>&1 | grep 'single_module' >/dev/null ; then - lt_int_apple_cc_single_mod=yes - fi - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - else - _LT_AC_TAGVAR(archive_cmds, $1)='$CC -r ${wl}-bind_at_load -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring' - fi - _LT_AC_TAGVAR(module_cmds, $1)='$CC ${wl}-bind_at_load $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' - # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's - if test "X$lt_int_apple_cc_single_mod" = Xyes ; then - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - else - _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r ${wl}-bind_at_load -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' - fi - _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no _LT_AC_TAGVAR(hardcode_direct, $1)=no _LT_AC_TAGVAR(hardcode_automatic, $1)=yes _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported - _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='-all_load $convenience' + _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='' _LT_AC_TAGVAR(link_all_deplibs, $1)=yes + if test "$GCC" = yes ; then + output_verbose_link_cmd='echo' + _LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' + _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' + # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's + _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' else - _LT_AC_TAGVAR(ld_shlibs, $1)=no + case "$cc_basename" in + xlc*) + output_verbose_link_cmd='echo' + _LT_AC_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}`echo $rpath/$soname` $verstring' + _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' + # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin ld's + _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -qmkshrobj $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-install_name ${wl}$rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + ;; + *) + _LT_AC_TAGVAR(ld_shlibs, $1)=no + ;; + esac fi ;; @@ -5572,6 +5628,7 @@ $echo "local: *; };" >> $output_objdir/$libname.ver~ _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=no if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols' _LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir' _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E' else @@ -5937,7 +5994,7 @@ for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do fi done done -SED=$lt_cv_path_SED ]) +SED=$lt_cv_path_SED AC_MSG_RESULT([$SED]) ]) diff --git a/usr.sbin/bind/ltmain.sh b/usr.sbin/bind/ltmain.sh index 47fa4f179f4..a6453bbad4a 100644 --- a/usr.sbin/bind/ltmain.sh +++ b/usr.sbin/bind/ltmain.sh @@ -1,7 +1,7 @@ # ltmain.sh - Provide generalized library-building support services. # NOTE: Changing this file will not affect anything until you rerun configure. # -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003 +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004 # Free Software Foundation, Inc. # Originally by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996 # @@ -24,6 +24,34 @@ # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. +basename="s,^.*/,,g" + +# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh +# is ksh but when the shell is invoked as "sh" and the current value of +# the _XPG environment variable is not equal to 1 (one), the special +# positional parameter $0, within a function call, is the name of the +# function. +progpath="$0" + +# The name of this program: +progname=`echo "$progpath" | $SED $basename` +modename="$progname" + +# Global variables: +EXIT_SUCCESS=0 +EXIT_FAILURE=1 + +PROGRAM=ltmain.sh +PACKAGE=libtool +VERSION=1.5.10 +TIMESTAMP=" (1.1220.2.131 2004/09/19 12:46:56)" + +# See if we are running on zsh, and set the options which allow our +# commands through without removal of \ escapes. +if test -n "${ZSH_VERSION+set}" ; then + setopt NO_GLOB_SUBST +fi + # Check that we have a working $echo. if test "X$1" = X--no-reexec; then # Discard the --no-reexec flag, and continue. @@ -36,7 +64,7 @@ elif test "X`($echo '\t') 2>/dev/null`" = 'X\t'; then : else # Restart under the correct shell, and then maybe $echo will work. - exec $SHELL "$0" --no-reexec ${1+"$@"} + exec $SHELL "$progpath" --no-reexec ${1+"$@"} fi if test "X$1" = X--fallback-echo; then @@ -45,19 +73,9 @@ if test "X$1" = X--fallback-echo; then cat <<EOF $* EOF - exit 0 + exit $EXIT_SUCCESS fi -# The name of this program. -progname=`$echo "$0" | ${SED} 's%^.*/%%'` -modename="$progname" - -# Constants. -PROGRAM=ltmain.sh -PACKAGE=libtool -VERSION=1.5.2 -TIMESTAMP=" (1.1220.2.60 2004/01/25 12:25:08)" - default_mode= help="Try \`$progname --help' for more information." magic="%%%MAGIC variable%%%" @@ -100,7 +118,7 @@ fi if test "$build_libtool_libs" != yes && test "$build_old_libs" != yes; then $echo "$modename: not configured to build any kind of library" 1>&2 $echo "Fatal configuration error. See the $PACKAGE docs for more information." 1>&2 - exit 1 + exit $EXIT_FAILURE fi # Global variables. @@ -119,10 +137,13 @@ o2lo="s/\\.${objext}\$/.lo/" # Shell function definitions: # This seems to be the best place for them +# func_win32_libid arg +# return the library type of file 'arg' +# # Need a lot of goo to handle *both* DLLs and import libs # Has to be a shell function in order to 'eat' the argument # that is supplied when $file_magic_command is called. -win32_libid () { +func_win32_libid () { win32_libid_type="unknown" win32_fileres=`file -L $1 2>/dev/null` case $win32_fileres in @@ -131,7 +152,7 @@ win32_libid () { ;; *ar\ archive*) # could be an import, or static if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null | \ - grep -E 'file format pe-i386(.*architecture: i386)?' >/dev/null ; then + $EGREP -e 'file format pe-i386(.*architecture: i386)?' >/dev/null ; then win32_nmres=`eval $NM -f posix -A $1 | \ sed -n -e '1,100{/ I /{x;/import/!{s/^/import/;h;p;};x;};}'` if test "X$win32_nmres" = "Ximport" ; then @@ -141,7 +162,7 @@ win32_libid () { fi fi ;; - *DLL*) + *DLL*) win32_libid_type="x86 DLL" ;; *executable*) # but shell scripts are "executable" too... @@ -155,9 +176,192 @@ win32_libid () { $echo $win32_libid_type } + +# func_infer_tag arg +# Infer tagged configuration to use if any are available and +# if one wasn't chosen via the "--tag" command line option. +# Only attempt this if the compiler in the base compile +# command doesn't match the default compiler. +# arg is usually of the form 'gcc ...' +func_infer_tag () { + if test -n "$available_tags" && test -z "$tagname"; then + CC_quoted= + for arg in $CC; do + case $arg in + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + arg="\"$arg\"" + ;; + esac + CC_quoted="$CC_quoted $arg" + done + case $@ in + # Blanks in the command may have been stripped by the calling shell, + # but not from the CC environment variable when configure was run. + " $CC "* | "$CC "* | " `$echo $CC` "* | "`$echo $CC` "* | " $CC_quoted"* | "$CC_quoted "* | " `$echo $CC_quoted` "* | "`$echo $CC_quoted` "*) ;; + # Blanks at the start of $base_compile will cause this to fail + # if we don't check for them as well. + *) + for z in $available_tags; do + if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $z$" < "$progpath" > /dev/null; then + # Evaluate the configuration. + eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $progpath`" + CC_quoted= + for arg in $CC; do + # Double-quote args containing other shell metacharacters. + case $arg in + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + arg="\"$arg\"" + ;; + esac + CC_quoted="$CC_quoted $arg" + done + case "$@ " in + " $CC "* | "$CC "* | " `$echo $CC` "* | "`$echo $CC` "* | " $CC_quoted"* | "$CC_quoted "* | " `$echo $CC_quoted` "* | "`$echo $CC_quoted` "*) + # The compiler in the base compile command matches + # the one in the tagged configuration. + # Assume this is the tagged configuration we want. + tagname=$z + break + ;; + esac + fi + done + # If $tagname still isn't set, then no tagged configuration + # was found and let the user know that the "--tag" command + # line option must be used. + if test -z "$tagname"; then + $echo "$modename: unable to infer tagged configuration" + $echo "$modename: specify a tag with \`--tag'" 1>&2 + exit $EXIT_FAILURE +# else +# $echo "$modename: using $tagname tagged configuration" + fi + ;; + esac + fi +} + + +# func_extract_archives gentop oldlib ... +func_extract_archives () { + my_gentop="$1"; shift + my_oldlibs=${1+"$@"} + my_oldobjs="" + my_xlib="" + my_xabs="" + my_xdir="" + my_status="" + + $show "${rm}r $my_gentop" + $run ${rm}r "$my_gentop" + $show "$mkdir $my_gentop" + $run $mkdir "$my_gentop" + my_status=$? + if test "$my_status" -ne 0 && test ! -d "$my_gentop"; then + exit $my_status + fi + + for my_xlib in $my_oldlibs; do + # Extract the objects. + case $my_xlib in + [\\/]* | [A-Za-z]:[\\/]*) my_xabs="$my_xlib" ;; + *) my_xabs=`pwd`"/$my_xlib" ;; + esac + my_xlib=`$echo "X$my_xlib" | $Xsed -e 's%^.*/%%'` + my_xdir="$my_gentop/$my_xlib" + + $show "${rm}r $my_xdir" + $run ${rm}r "$my_xdir" + $show "$mkdir $my_xdir" + $run $mkdir "$my_xdir" + status=$? + if test "$status" -ne 0 && test ! -d "$my_xdir"; then + exit $status + fi + case $host in + *-darwin*) + $show "Extracting $my_xabs" + # Do not bother doing anything if just a dry run + if test -z "$run"; then + darwin_orig_dir=`pwd` + cd $my_xdir || exit $? + darwin_archive=$my_xabs + darwin_curdir=`pwd` + darwin_base_archive=`basename $darwin_archive` + darwin_arches=`lipo -info "$darwin_archive" 2>/dev/null | $EGREP Architectures 2>/dev/null` + if test -n "$darwin_arches"; then + darwin_arches=`echo "$darwin_arches" | $SED -e 's/.*are://'` + darwin_arch= + $show "$darwin_base_archive has multiple architectures $darwin_arches" + for darwin_arch in $darwin_arches ; do + mkdir -p "unfat-$$/${darwin_base_archive}-${darwin_arch}" + lipo -thin $darwin_arch -output "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" "${darwin_archive}" + # Remove the table of contents from the thin files. + $AR -d "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" __.SYMDEF 2>/dev/null || true + $AR -d "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" __.SYMDEF\ SORTED 2>/dev/null || true + cd "unfat-$$/${darwin_base_archive}-${darwin_arch}" + $AR -xo "${darwin_base_archive}" + rm "${darwin_base_archive}" + cd "$darwin_curdir" + done # $darwin_arches + ## Okay now we have a bunch of thin objects, gotta fatten them up :) + darwin_filelist=`find unfat-$$ -type f | xargs basename | sort -u | $NL2SP` + darwin_file= + darwin_files= + for darwin_file in $darwin_filelist; do + darwin_files=`find unfat-$$ -name $darwin_file -print | $NL2SP` + lipo -create -output "$darwin_file" $darwin_files + done # $darwin_filelist + rm -rf unfat-$$ + cd "$darwin_orig_dir" + else + cd $darwin_orig_dir + (cd $my_xdir && $AR x $my_xabs) || exit $? + fi # $darwin_arches + fi # $run + ;; + *) + # We will extract separately just the conflicting names and we will + # no longer touch any unique names. It is faster to leave these + # extract automatically by $AR in one run. + $show "(cd $my_xdir && $AR x $my_xabs)" + $run eval "(cd \$my_xdir && $AR x \$my_xabs)" || exit $? + if ($AR t "$my_xabs" | sort | sort -uc >/dev/null 2>&1); then + : + else + $echo "$modename: warning: object name conflicts; renaming object files" 1>&2 + $echo "$modename: warning: to ensure that they will not overwrite" 1>&2 + $AR t "$my_xabs" | sort | uniq -cd | while read -r count name + do + i=1 + while test "$i" -le "$count" + do + # Put our $i before any first dot (extension) + # Never overwrite any file + name_to="$name" + while test "X$name_to" = "X$name" || test -f "$my_xdir/$name_to" + do + name_to=`$echo "X$name_to" | $Xsed -e "s/\([^.]*\)/\1-$i/"` + done + $show "(cd $my_xdir && $AR xN $i $my_xabs '$name' && $mv '$name' '$name_to')" + $run eval "(cd \$my_xdir && $AR xN $i \$my_xabs '$name' && $mv '$name' '$name_to')" || exit $? + i=`expr $i + 1` + done + done + fi + ;; + esac + my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | $NL2SP` + done + + func_extract_archives_result="$my_oldobjs" +} # End of Shell function definitions ##################################### +# Darwin sucks +eval std_shrext=\"$shrext_cmds\" + # Parse our command line options once, thoroughly. while test "$#" -gt 0 do @@ -183,7 +387,7 @@ do case $tagname in *[!-_A-Za-z0-9,/]*) $echo "$progname: invalid tag name: $tagname" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; esac @@ -193,10 +397,10 @@ do # not specially marked. ;; *) - if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$" < "$0" > /dev/null; then + if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$" < "$progpath" > /dev/null; then taglist="$taglist $tagname" # Evaluate the configuration. - eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$tagname'$/,/^# ### END LIBTOOL TAG CONFIG: '$tagname'$/p' < $0`" + eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$tagname'$/,/^# ### END LIBTOOL TAG CONFIG: '$tagname'$/p' < $progpath`" else $echo "$progname: ignoring unknown tag $tagname" 1>&2 fi @@ -225,16 +429,16 @@ do $echo "Copyright (C) 2003 Free Software Foundation, Inc." $echo "This is free software; see the source for copying conditions. There is NO" $echo "warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." - exit 0 + exit $EXIT_SUCCESS ;; --config) - ${SED} -e '1,/^# ### BEGIN LIBTOOL CONFIG/d' -e '/^# ### END LIBTOOL CONFIG/,$d' $0 + ${SED} -e '1,/^# ### BEGIN LIBTOOL CONFIG/d' -e '/^# ### END LIBTOOL CONFIG/,$d' $progpath # Now print the configurations for the tags. for tagname in $taglist; do - ${SED} -n -e "/^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$/,/^# ### END LIBTOOL TAG CONFIG: $tagname$/p" < "$0" + ${SED} -n -e "/^# ### BEGIN LIBTOOL TAG CONFIG: $tagname$/,/^# ### END LIBTOOL TAG CONFIG: $tagname$/p" < "$progpath" done - exit 0 + exit $EXIT_SUCCESS ;; --debug) @@ -259,7 +463,7 @@ do else $echo "disable static libraries" fi - exit 0 + exit $EXIT_SUCCESS ;; --finish) mode="finish" ;; @@ -290,7 +494,7 @@ do -*) $echo "$modename: unrecognized option \`$arg'" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; *) @@ -303,7 +507,7 @@ done if test -n "$prevopt"; then $echo "$modename: option \`$prevopt' requires an argument" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi # If this variable is set in any of the actions, the command in it @@ -359,7 +563,7 @@ if test -z "$show_help"; then if test -n "$execute_dlfiles" && test "$mode" != execute; then $echo "$modename: unrecognized option \`-dlopen'" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi # Change the help message to a mode-specific one. @@ -401,7 +605,7 @@ if test -z "$show_help"; then -o) if test -n "$libobj" ; then $echo "$modename: you cannot specify \`-o' more than once" 1>&2 - exit 1 + exit $EXIT_FAILURE fi arg_mode=target continue @@ -426,7 +630,7 @@ if test -z "$show_help"; then args=`$echo "X$arg" | $Xsed -e "s/^-Wc,//"` lastarg= save_ifs="$IFS"; IFS=',' - for arg in $args; do + for arg in $args; do IFS="$save_ifs" # Double-quote args containing other shell metacharacters. @@ -476,11 +680,11 @@ if test -z "$show_help"; then case $arg_mode in arg) $echo "$modename: you must specify an argument for -Xcompile" - exit 1 + exit $EXIT_FAILURE ;; target) $echo "$modename: you must specify a target with \`-o'" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; *) # Get the name of the library object. @@ -513,50 +717,11 @@ if test -z "$show_help"; then *.lo) obj=`$echo "X$libobj" | $Xsed -e "$lo2o"` ;; *) $echo "$modename: cannot determine name of library object from \`$libobj'" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; esac - # Infer tagged configuration to use if any are available and - # if one wasn't chosen via the "--tag" command line option. - # Only attempt this if the compiler in the base compile - # command doesn't match the default compiler. - if test -n "$available_tags" && test -z "$tagname"; then - case $base_compile in - # Blanks in the command may have been stripped by the calling shell, - # but not from the CC environment variable when configure was run. - " $CC "* | "$CC "* | " `$echo $CC` "* | "`$echo $CC` "*) ;; - # Blanks at the start of $base_compile will cause this to fail - # if we don't check for them as well. - *) - for z in $available_tags; do - if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $z$" < "$0" > /dev/null; then - # Evaluate the configuration. - eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $0`" - case "$base_compile " in - "$CC "* | " $CC "* | "`$echo $CC` "* | " `$echo $CC` "*) - # The compiler in the base compile command matches - # the one in the tagged configuration. - # Assume this is the tagged configuration we want. - tagname=$z - break - ;; - esac - fi - done - # If $tagname still isn't set, then no tagged configuration - # was found and let the user know that the "--tag" command - # line option must be used. - if test -z "$tagname"; then - $echo "$modename: unable to infer tagged configuration" - $echo "$modename: specify a tag with \`--tag'" 1>&2 - exit 1 -# else -# $echo "$modename: using $tagname tagged configuration" - fi - ;; - esac - fi + func_infer_tag $base_compile for arg in $later; do case $arg in @@ -589,7 +754,7 @@ if test -z "$show_help"; then if test -z "$base_compile"; then $echo "$modename: you must specify a compilation command" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi # Delete any leftover library objects. @@ -600,7 +765,7 @@ if test -z "$show_help"; then fi $run $rm $removelist - trap "$run $rm $removelist; exit 1" 1 2 15 + trap "$run $rm $removelist; exit $EXIT_FAILURE" 1 2 15 # On Cygwin there's no "real" PIC flag so we must build both object types case $host_os in @@ -619,7 +784,7 @@ if test -z "$show_help"; then output_obj=`$echo "X$srcfile" | $Xsed -e 's%^.*/%%' -e 's%\.[^.]*$%%'`.${objext} lockfile="$output_obj.lock" removelist="$removelist $output_obj $lockfile" - trap "$run $rm $removelist; exit 1" 1 2 15 + trap "$run $rm $removelist; exit $EXIT_FAILURE" 1 2 15 else output_obj= need_locks=no @@ -629,7 +794,7 @@ if test -z "$show_help"; then # Lock this critical section if it is needed # We use this script file to make the link, it avoids creating a new file if test "$need_locks" = yes; then - until $run ln "$0" "$lockfile" 2>/dev/null; do + until $run ln "$progpath" "$lockfile" 2>/dev/null; do $show "Waiting for $lockfile to be removed" sleep 2 done @@ -647,7 +812,7 @@ avoid parallel builds (make -j) in this platform, or get a better compiler." $run $rm $removelist - exit 1 + exit $EXIT_FAILURE fi $echo $srcfile > "$lockfile" fi @@ -702,7 +867,7 @@ EOF if $run eval "$command"; then : else test -n "$output_obj" && $run $rm $removelist - exit 1 + exit $EXIT_FAILURE fi if test "$need_locks" = warn && @@ -722,7 +887,7 @@ avoid parallel builds (make -j) in this platform, or get a better compiler." $run $rm $removelist - exit 1 + exit $EXIT_FAILURE fi # Just move the object if needed, then go on to compile the next one @@ -774,7 +939,7 @@ EOF if $run eval "$command"; then : else $run $rm $removelist - exit 1 + exit $EXIT_FAILURE fi if test "$need_locks" = warn && @@ -794,7 +959,7 @@ avoid parallel builds (make -j) in this platform, or get a better compiler." $run $rm $removelist - exit 1 + exit $EXIT_FAILURE fi # Just move the object if needed @@ -832,7 +997,7 @@ EOF $run $rm "$lockfile" fi - exit 0 + exit $EXIT_SUCCESS ;; # libtool link mode @@ -904,46 +1069,7 @@ EOF vinfo= vinfo_number=no - # Infer tagged configuration to use if any are available and - # if one wasn't chosen via the "--tag" command line option. - # Only attempt this if the compiler in the base link - # command doesn't match the default compiler. - if test -n "$available_tags" && test -z "$tagname"; then - case $base_compile in - # Blanks in the command may have been stripped by the calling shell, - # but not from the CC environment variable when configure was run. - "$CC "* | " $CC "* | "`$echo $CC` "* | " `$echo $CC` "*) ;; - # Blanks at the start of $base_compile will cause this to fail - # if we don't check for them as well. - *) - for z in $available_tags; do - if grep "^# ### BEGIN LIBTOOL TAG CONFIG: $z$" < "$0" > /dev/null; then - # Evaluate the configuration. - eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $0`" - case $base_compile in - "$CC "* | " $CC "* | "`$echo $CC` "* | " `$echo $CC` "*) - # The compiler in $compile_command matches - # the one in the tagged configuration. - # Assume this is the tagged configuration we want. - tagname=$z - break - ;; - esac - fi - done - # If $tagname still isn't set, then no tagged configuration - # was found and let the user know that the "--tag" command - # line option must be used. - if test -z "$tagname"; then - $echo "$modename: unable to infer tagged configuration" - $echo "$modename: specify a tag with \`--tag'" 1>&2 - exit 1 -# else -# $echo "$modename: using $tagname tagged configuration" - fi - ;; - esac - fi + func_infer_tag $base_compile # We need to know -static, to get the right output filenames. for arg @@ -1039,7 +1165,7 @@ EOF export_symbols="$arg" if test ! -f "$arg"; then $echo "$modename: symbol file \`$arg' does not exist" - exit 1 + exit $EXIT_FAILURE fi prev= continue @@ -1091,7 +1217,7 @@ EOF test "$pic_object" = none && \ test "$non_pic_object" = none; then $echo "$modename: cannot find name of object for \`$arg'" 1>&2 - exit 1 + exit $EXIT_FAILURE fi # Extract subdirectory from the argument. @@ -1144,7 +1270,7 @@ EOF # Only an error if not doing a dry-run. if test -z "$run"; then $echo "$modename: \`$arg' is not a valid libtool object" 1>&2 - exit 1 + exit $EXIT_FAILURE else # Dry-run case. @@ -1165,7 +1291,7 @@ EOF done else $echo "$modename: link input file \`$save_arg' does not exist" - exit 1 + exit $EXIT_FAILURE fi arg=$save_arg prev= @@ -1177,7 +1303,7 @@ EOF [\\/]* | [A-Za-z]:[\\/]*) ;; *) $echo "$modename: only absolute run-paths are allowed" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; esac if test "$prev" = rpath; then @@ -1217,6 +1343,11 @@ EOF finalize_command="$finalize_command $qarg" continue ;; + shrext) + shrext_cmds="$arg" + prev= + continue + ;; *) eval "$prev=\"\$arg\"" prev= @@ -1265,7 +1396,7 @@ EOF -export-symbols | -export-symbols-regex) if test -n "$export_symbols" || test -n "$export_symbols_regex"; then $echo "$modename: more than one -exported-symbols argument is not allowed" - exit 1 + exit $EXIT_FAILURE fi if test "X$arg" = "X-export-symbols"; then prev=expsyms @@ -1301,7 +1432,7 @@ EOF absdir=`cd "$dir" && pwd` if test -z "$absdir"; then $echo "$modename: cannot determine absolute directory name of \`$dir'" 1>&2 - exit 1 + exit $EXIT_FAILURE fi dir="$absdir" ;; @@ -1357,7 +1488,10 @@ EOF ;; -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe) - deplibs="$deplibs $arg" + case "$archive_cmds" in + *"\$LD"*) ;; + *) deplibs="$deplibs $arg";; + esac continue ;; @@ -1452,7 +1586,7 @@ EOF [\\/]* | [A-Za-z]:[\\/]*) ;; *) $echo "$modename: only absolute run-paths are allowed" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; esac case "$xrpath " in @@ -1575,7 +1709,7 @@ EOF test "$pic_object" = none && \ test "$non_pic_object" = none; then $echo "$modename: cannot find name of object for \`$arg'" 1>&2 - exit 1 + exit $EXIT_FAILURE fi # Extract subdirectory from the argument. @@ -1628,7 +1762,7 @@ EOF # Only an error if not doing a dry-run. if test -z "$run"; then $echo "$modename: \`$arg' is not a valid libtool object" 1>&2 - exit 1 + exit $EXIT_FAILURE else # Dry-run case. @@ -1695,7 +1829,7 @@ EOF if test -n "$prev"; then $echo "$modename: the \`$prevarg' option requires an argument" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi if test "$export_dynamic" = yes && test -n "$export_dynamic_flag_spec"; then @@ -1739,7 +1873,7 @@ EOF "") $echo "$modename: you must specify an output file" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; *.$libext) linkmode=oldlib ;; *.lo | *.$objext) linkmode=obj ;; @@ -1749,7 +1883,7 @@ EOF case $host in *cygwin* | *mingw* | *pw32*) - # don't eliminate duplcations in $postdeps and $predeps + # don't eliminate duplications in $postdeps and $predeps duplicate_compiler_generated_deps=yes ;; *) @@ -1802,7 +1936,7 @@ EOF *.la) ;; *) $echo "$modename: libraries can \`-dlopen' only libtool libraries: $file" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; esac done @@ -1845,7 +1979,10 @@ EOF compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" else - deplibs="$deplib $deplibs" + case "$archive_cmds" in + *"\$LD"*) ;; + *) deplibs="$deplibs $arg";; + esac fi continue ;; @@ -1860,7 +1997,7 @@ EOF fi name=`$echo "X$deplib" | $Xsed -e 's/^-l//'` for searchdir in $newlib_search_path $lib_search_path $sys_lib_search_path $shlib_search_path; do - for search_ext in .la $shrext .so .a; do + for search_ext in .la $std_shrext .so .a; do # Search the libtool library lib="$searchdir/lib${name}${search_ext}" if test -f "$lib"; then @@ -1936,11 +2073,11 @@ EOF fi if test "$pass" = scan; then deplibs="$deplib $deplibs" - newlib_search_path="$newlib_search_path "`$echo "X$deplib" | $Xsed -e 's/^-L//'` else compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" fi + newlib_search_path="$newlib_search_path "`$echo "X$deplib" | $Xsed -e 's/^-L//'` ;; *) $echo "$modename: warning: \`-L' is ignored for archives/objects" 1>&2 @@ -1968,7 +2105,22 @@ EOF fi case $linkmode in lib) - if test "$deplibs_check_method" != pass_all; then + valid_a_lib=no + case $deplibs_check_method in + match_pattern*) + set dummy $deplibs_check_method + match_pattern_regex=`expr "$deplibs_check_method" : "$2 \(.*\)"` + if eval $echo \"$deplib\" 2>/dev/null \ + | $SED 10q \ + | $EGREP "$match_pattern_regex" > /dev/null; then + valid_a_lib=yes + fi + ;; + pass_all) + valid_a_lib=yes + ;; + esac + if test "$valid_a_lib" != yes; then $echo $echo "*** Warning: Trying to link with static lib archive $deplib." $echo "*** I have the capability to make that library automatically link in when" @@ -2019,14 +2171,14 @@ EOF if test "$found" = yes || test -f "$lib"; then : else $echo "$modename: cannot find the library \`$lib'" 1>&2 - exit 1 + exit $EXIT_FAILURE fi # Check to see that this really is a libtool archive. if (${SED} -e '2q' $lib | grep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then : else $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2 - exit 1 + exit $EXIT_FAILURE fi ladir=`$echo "X$lib" | $Xsed -e 's%/[^/]*$%%'` @@ -2062,7 +2214,7 @@ EOF if test -z "$libdir"; then if test -z "$old_library"; then $echo "$modename: cannot find name of link library for \`$lib'" 1>&2 - exit 1 + exit $EXIT_FAILURE fi # It is a libtool convenience library, so add in its objects. convenience="$convenience $ladir/$objdir/$old_library" @@ -2079,12 +2231,12 @@ EOF done elif test "$linkmode" != prog && test "$linkmode" != lib; then $echo "$modename: \`$lib' is not a convenience library" 1>&2 - exit 1 + exit $EXIT_FAILURE fi continue fi # $pass = conv - + # Get the name of the library we link against. linklib= for l in $old_library $library_names; do @@ -2092,16 +2244,18 @@ EOF done if test -z "$linklib"; then $echo "$modename: cannot find name of link library for \`$lib'" 1>&2 - exit 1 + exit $EXIT_FAILURE fi # This library was specified with -dlopen. if test "$pass" = dlopen; then if test -z "$libdir"; then $echo "$modename: cannot -dlopen a convenience library: \`$lib'" 1>&2 - exit 1 + exit $EXIT_FAILURE fi - if test -z "$dlname" || test "$dlopen_support" != yes || test "$build_libtool_libs" = no; then + if test -z "$dlname" || + test "$dlopen_support" != yes || + test "$build_libtool_libs" = no; then # If there is no dlname, no dlopen support or we're linking # statically, we need to preload. We also need to preload any # dependent libraries so libltdl's deplib preloader doesn't @@ -2139,10 +2293,17 @@ EOF absdir="$libdir" fi else - dir="$ladir/$objdir" - absdir="$abs_ladir/$objdir" - # Remove this search path later - notinst_path="$notinst_path $abs_ladir" + if test ! -f "$ladir/$objdir/$linklib" && test -f "$abs_ladir/$linklib"; then + dir="$ladir" + absdir="$abs_ladir" + # Remove this search path later + notinst_path="$notinst_path $abs_ladir" + else + dir="$ladir/$objdir" + absdir="$abs_ladir/$objdir" + # Remove this search path later + notinst_path="$notinst_path $abs_ladir" + fi fi # $installed = yes name=`$echo "X$laname" | $Xsed -e 's/\.la$//' -e 's/^lib//'` @@ -2150,7 +2311,7 @@ EOF if test "$pass" = dlpreopen; then if test -z "$libdir"; then $echo "$modename: cannot -dlpreopen a convenience library: \`$lib'" 1>&2 - exit 1 + exit $EXIT_FAILURE fi # Prefer using a static library (so that no silly _DYNAMIC symbols # are required to link). @@ -2177,7 +2338,7 @@ EOF continue fi - + if test "$linkmode" = prog && test "$pass" != link; then newlib_search_path="$newlib_search_path $ladir" deplibs="$lib $deplibs" @@ -2264,17 +2425,18 @@ EOF need_relink=yes fi # This is a shared library - - # Warn about portability, can't link against -module's on some systems (darwin) - if test "$shouldnotlink" = yes && test "$pass" = link ; then + + # Warn about portability, can't link against -module's on + # some systems (darwin) + if test "$shouldnotlink" = yes && test "$pass" = link ; then $echo if test "$linkmode" = prog; then $echo "*** Warning: Linking the executable $output against the loadable module" else $echo "*** Warning: Linking the shared library $output against the loadable module" fi - $echo "*** $linklib is not portable!" - fi + $echo "*** $linklib is not portable!" + fi if test "$linkmode" = lib && test "$hardcode_into_libs" = yes; then # Hardcode the library path. @@ -2372,9 +2534,9 @@ EOF case $host in *-*-sco3.2v5* ) add_dir="-L$dir" ;; *-*-darwin* ) - # if the lib is a module then we can not link against it, someone - # is ignoring the new warnings I added - if /usr/bin/file -L $add 2> /dev/null | grep "bundle" >/dev/null ; then + # if the lib is a module then we can not link against + # it, someone is ignoring the new warnings I added + if /usr/bin/file -L $add 2> /dev/null | $EGREP "bundle" >/dev/null ; then $echo "** Warning, lib $linklib is a module, not a shared library" if test -z "$old_library" ; then $echo @@ -2382,7 +2544,7 @@ EOF $echo "** The link will probably fail, sorry" else add="$dir/$old_library" - fi + fi fi esac elif test "$hardcode_minus_L" = no; then @@ -2424,7 +2586,7 @@ EOF if test "$lib_linked" != yes; then $echo "$modename: configuration error: unsupported hardcode properties" - exit 1 + exit $EXIT_FAILURE fi if test -n "$add_shlibpath"; then @@ -2467,7 +2629,8 @@ EOF esac add="-l$name" elif test "$hardcode_automatic" = yes; then - if test -n "$inst_prefix_dir" && test -f "$inst_prefix_dir$libdir/$linklib" ; then + if test -n "$inst_prefix_dir" && + test -f "$inst_prefix_dir$libdir/$linklib" ; then add="$inst_prefix_dir$libdir/$linklib" else add="$libdir/$linklib" @@ -2547,7 +2710,8 @@ EOF if test "$linkmode" = lib; then if test -n "$dependency_libs" && - { test "$hardcode_into_libs" != yes || test "$build_old_libs" = yes || + { test "$hardcode_into_libs" != yes || + test "$build_old_libs" = yes || test "$link_static" = yes; }; then # Extract -R from dependency_libs temp_deplibs= @@ -2604,7 +2768,7 @@ EOF eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` if test -z "$libdir"; then $echo "$modename: \`$deplib' is not a valid libtool archive" 1>&2 - exit 1 + exit $EXIT_FAILURE fi if test "$absdir" != "$libdir"; then $echo "$modename: warning: \`$deplib' seems to be moved" 1>&2 @@ -2614,7 +2778,8 @@ EOF depdepl= case $host in *-*-darwin*) - # we do not want to link against static libs, but need to link against shared + # we do not want to link against static libs, + # but need to link against shared eval deplibrary_names=`${SED} -n -e 's/^library_names=\(.*\)$/\1/p' $deplib` if test -n "$deplibrary_names" ; then for tmp in $deplibrary_names ; do @@ -2622,7 +2787,7 @@ EOF done if test -f "$path/$depdepl" ; then depdepl="$path/$depdepl" - fi + fi # do not add paths which are already there case " $newlib_search_path " in *" $path "*) ;; @@ -2632,33 +2797,32 @@ EOF path="" ;; *) - path="-L$path" - ;; - esac - + path="-L$path" + ;; + esac ;; - -l*) + -l*) case $host in *-*-darwin*) - # Again, we only want to link against shared libraries - eval tmp_libs=`$echo "X$deplib" | $Xsed -e "s,^\-l,,"` - for tmp in $newlib_search_path ; do - if test -f "$tmp/lib$tmp_libs.dylib" ; then - eval depdepl="$tmp/lib$tmp_libs.dylib" - break - fi - done - path="" + # Again, we only want to link against shared libraries + eval tmp_libs=`$echo "X$deplib" | $Xsed -e "s,^\-l,,"` + for tmp in $newlib_search_path ; do + if test -f "$tmp/lib$tmp_libs.dylib" ; then + eval depdepl="$tmp/lib$tmp_libs.dylib" + break + fi + done + path="" ;; *) continue ;; - esac + esac ;; *) continue ;; esac case " $deplibs " in *" $depdepl "*) ;; - *) deplibs="$deplibs $depdepl" ;; - esac + *) deplibs="$depdepl $deplibs" ;; + esac case " $deplibs " in *" $path "*) ;; *) deplibs="$deplibs $path" ;; @@ -2748,7 +2912,8 @@ EOF eval $var=\"$tmp_libs\" done # for var fi - # Last step: remove runtime libs from dependency_libs (they stay in deplibs) + # Last step: remove runtime libs from dependency_libs + # (they stay in deplibs) tmp_libs= for i in $dependency_libs ; do case " $predeps $postdeps $compiler_lib_search_path " in @@ -2808,19 +2973,19 @@ EOF case $outputname in lib*) name=`$echo "X$outputname" | $Xsed -e 's/\.la$//' -e 's/^lib//'` - eval shared_ext=\"$shrext\" + eval shared_ext=\"$shrext_cmds\" eval libname=\"$libname_spec\" ;; *) if test "$module" = no; then $echo "$modename: libtool library \`$output' must begin with \`lib'" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi if test "$need_lib_prefix" != no; then # Add the "lib" prefix for modules if required name=`$echo "X$outputname" | $Xsed -e 's/\.la$//'` - eval shared_ext=\"$shrext\" + eval shared_ext=\"$shrext_cmds\" eval libname=\"$libname_spec\" else libname=`$echo "X$outputname" | $Xsed -e 's/\.la$//'` @@ -2831,7 +2996,7 @@ EOF if test -n "$objs"; then if test "$deplibs_check_method" != pass_all; then $echo "$modename: cannot build libtool library \`$output' from non-libtool objects on this host:$objs" 2>&1 - exit 1 + exit $EXIT_FAILURE else $echo $echo "*** Warning: Linking the shared library $output against the non-libtool" @@ -2879,13 +3044,13 @@ EOF if test -n "$8"; then $echo "$modename: too many parameters to \`-version-info'" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi # convert absolute version numbers to libtool ages # this retains compatibility with .la files and attempts # to make the code below a bit more comprehensible - + case $vinfo_number in yes) number_major="$2" @@ -2929,7 +3094,7 @@ EOF *) $echo "$modename: CURRENT \`$current' is not a nonnegative integer" 1>&2 $echo "$modename: \`$vinfo' is not valid version information" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; esac @@ -2938,7 +3103,7 @@ EOF *) $echo "$modename: REVISION \`$revision' is not a nonnegative integer" 1>&2 $echo "$modename: \`$vinfo' is not valid version information" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; esac @@ -2947,14 +3112,14 @@ EOF *) $echo "$modename: AGE \`$age' is not a nonnegative integer" 1>&2 $echo "$modename: \`$vinfo' is not valid version information" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; esac if test "$age" -gt "$current"; then $echo "$modename: AGE \`$age' is greater than the current interface number \`$current'" 1>&2 $echo "$modename: \`$vinfo' is not valid version information" 1>&2 - exit 1 + exit $EXIT_FAILURE fi # Calculate the version variables. @@ -2971,7 +3136,7 @@ EOF versuffix="$major.$age.$revision" # Darwin ld doesn't like 0 for these options... minor_current=`expr $current + 1` - verstring="-compatibility_version $minor_current -current_version $minor_current.$revision" + verstring="${wl}-compatibility_version ${wl}$minor_current ${wl}-current_version ${wl}$minor_current.$revision" ;; freebsd-aout) @@ -3043,7 +3208,7 @@ EOF *) $echo "$modename: unknown library version type \`$version_type'" 1>&2 $echo "Fatal configuration error. See the $PACKAGE docs for more information." 1>&2 - exit 1 + exit $EXIT_FAILURE ;; esac @@ -3097,9 +3262,11 @@ EOF *.$objext) ;; $output_objdir/$outputname | $output_objdir/$libname.* | $output_objdir/${libname}${release}.*) - if echo $p | $EGREP -e "$precious_files_regex" >/dev/null 2>&1 - then - continue + if test "X$precious_files_regex" != "X"; then + if echo $p | $EGREP -e "$precious_files_regex" >/dev/null 2>&1 + then + continue + fi fi removelist="$removelist $p" ;; @@ -3580,7 +3747,7 @@ EOF fi # Get the real and link names of the library. - eval shared_ext=\"$shrext\" + eval shared_ext=\"$shrext_cmds\" eval library_names=\"$library_names_spec\" set dummy $library_names realname="$2" @@ -3644,12 +3811,12 @@ EOF for test_deplib in $deplibs; do case " $convenience " in *" $test_deplib "*) ;; - *) + *) tmp_deplibs="$tmp_deplibs $test_deplib" ;; esac done - deplibs="$tmp_deplibs" + deplibs="$tmp_deplibs" if test -n "$convenience"; then if test -n "$whole_archive_flag_spec"; then @@ -3657,67 +3824,13 @@ EOF eval libobjs=\"\$libobjs $whole_archive_flag_spec\" else gentop="$output_objdir/${outputname}x" - $show "${rm}r $gentop" - $run ${rm}r "$gentop" - $show "$mkdir $gentop" - $run $mkdir "$gentop" - status=$? - if test "$status" -ne 0 && test ! -d "$gentop"; then - exit $status - fi generated="$generated $gentop" - for xlib in $convenience; do - # Extract the objects. - case $xlib in - [\\/]* | [A-Za-z]:[\\/]*) xabs="$xlib" ;; - *) xabs=`pwd`"/$xlib" ;; - esac - xlib=`$echo "X$xlib" | $Xsed -e 's%^.*/%%'` - xdir="$gentop/$xlib" - - $show "${rm}r $xdir" - $run ${rm}r "$xdir" - $show "$mkdir $xdir" - $run $mkdir "$xdir" - status=$? - if test "$status" -ne 0 && test ! -d "$xdir"; then - exit $status - fi - # We will extract separately just the conflicting names and we will no - # longer touch any unique names. It is faster to leave these extract - # automatically by $AR in one run. - $show "(cd $xdir && $AR x $xabs)" - $run eval "(cd \$xdir && $AR x \$xabs)" || exit $? - if ($AR t "$xabs" | sort | sort -uc >/dev/null 2>&1); then - : - else - $echo "$modename: warning: object name conflicts; renaming object files" 1>&2 - $echo "$modename: warning: to ensure that they will not overwrite" 1>&2 - $AR t "$xabs" | sort | uniq -cd | while read -r count name - do - i=1 - while test "$i" -le "$count" - do - # Put our $i before any first dot (extension) - # Never overwrite any file - name_to="$name" - while test "X$name_to" = "X$name" || test -f "$xdir/$name_to" - do - name_to=`$echo "X$name_to" | $Xsed -e "s/\([^.]*\)/\1-$i/"` - done - $show "(cd $xdir && $AR xN $i $xabs '$name' && $mv '$name' '$name_to')" - $run eval "(cd \$xdir && $AR xN $i \$xabs '$name' && $mv '$name' '$name_to')" || exit $? - i=`expr $i + 1` - done - done - fi - - libobjs="$libobjs "`find $xdir -name \*.$objext -print -o -name \*.lo -print | $NL2SP` - done + func_extract_archives $gentop $convenience + libobjs="$libobjs $func_extract_archives_result" fi fi - + if test "$thread_safe" = yes && test -n "$thread_safe_flag_spec"; then eval flag=\"$thread_safe_flag_spec\" linker_flags="$linker_flags $flag" @@ -3832,7 +3945,6 @@ EOF save_ifs="$IFS"; IFS='~' for cmd in $concat_cmds; do IFS="$save_ifs" - eval cmd=\"$cmd\" $show "$cmd" $run eval "$cmd" || exit $? done @@ -3879,7 +3991,7 @@ EOF # Restore the uninstalled library and exit if test "$mode" = relink; then $run eval '(cd $output_objdir && $rm ${realname}T && $mv $realname ${realname}T && $mv "$realname"U $realname)' || exit $? - exit 0 + exit $EXIT_SUCCESS fi # Create links to the real library. @@ -3927,7 +4039,7 @@ EOF *.lo) if test -n "$objs$old_deplibs"; then $echo "$modename: cannot build library object \`$output' from non-libtool objects" 1>&2 - exit 1 + exit $EXIT_FAILURE fi libobj="$output" obj=`$echo "X$output" | $Xsed -e "$lo2o"` @@ -3956,64 +4068,10 @@ EOF eval reload_conv_objs=\"\$reload_objs $whole_archive_flag_spec\" else gentop="$output_objdir/${obj}x" - $show "${rm}r $gentop" - $run ${rm}r "$gentop" - $show "$mkdir $gentop" - $run $mkdir "$gentop" - status=$? - if test "$status" -ne 0 && test ! -d "$gentop"; then - exit $status - fi generated="$generated $gentop" - for xlib in $convenience; do - # Extract the objects. - case $xlib in - [\\/]* | [A-Za-z]:[\\/]*) xabs="$xlib" ;; - *) xabs=`pwd`"/$xlib" ;; - esac - xlib=`$echo "X$xlib" | $Xsed -e 's%^.*/%%'` - xdir="$gentop/$xlib" - - $show "${rm}r $xdir" - $run ${rm}r "$xdir" - $show "$mkdir $xdir" - $run $mkdir "$xdir" - status=$? - if test "$status" -ne 0 && test ! -d "$xdir"; then - exit $status - fi - # We will extract separately just the conflicting names and we will no - # longer touch any unique names. It is faster to leave these extract - # automatically by $AR in one run. - $show "(cd $xdir && $AR x $xabs)" - $run eval "(cd \$xdir && $AR x \$xabs)" || exit $? - if ($AR t "$xabs" | sort | sort -uc >/dev/null 2>&1); then - : - else - $echo "$modename: warning: object name conflicts; renaming object files" 1>&2 - $echo "$modename: warning: to ensure that they will not overwrite" 1>&2 - $AR t "$xabs" | sort | uniq -cd | while read -r count name - do - i=1 - while test "$i" -le "$count" - do - # Put our $i before any first dot (extension) - # Never overwrite any file - name_to="$name" - while test "X$name_to" = "X$name" || test -f "$xdir/$name_to" - do - name_to=`$echo "X$name_to" | $Xsed -e "s/\([^.]*\)/\1-$i/"` - done - $show "(cd $xdir && $AR xN $i $xabs '$name' && $mv '$name' '$name_to')" - $run eval "(cd \$xdir && $AR xN $i \$xabs '$name' && $mv '$name' '$name_to')" || exit $? - i=`expr $i + 1` - done - done - fi - - reload_conv_objs="$reload_objs "`find $xdir -name \*.$objext -print -o -name \*.lo -print | $NL2SP` - done + func_extract_archives $gentop $convenience + reload_conv_objs="$reload_objs $func_extract_archives_result" fi fi @@ -4038,7 +4096,7 @@ EOF $run ${rm}r $gentop fi - exit 0 + exit $EXIT_SUCCESS fi if test "$build_libtool_libs" != yes; then @@ -4051,7 +4109,7 @@ EOF # accidentally link it into a program. # $show "echo timestamp > $libobj" # $run eval "echo timestamp > $libobj" || exit $? - exit 0 + exit $EXIT_SUCCESS fi if test -n "$pic_flag" || test "$pic_mode" != default; then @@ -4074,7 +4132,7 @@ EOF $run ${rm}r $gentop fi - exit 0 + exit $EXIT_SUCCESS ;; prog) @@ -4392,7 +4450,7 @@ static const void *lt_preloaded_setup() { ;; *) $echo "$modename: unknown suffix for \`$dlsyms'" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; esac else @@ -4480,7 +4538,7 @@ static const void *lt_preloaded_setup() { # Link the executable and exit $show "$link_command" $run eval "$link_command" || exit $? - exit 0 + exit $EXIT_SUCCESS fi if test "$hardcode_action" = relink; then @@ -4535,10 +4593,10 @@ static const void *lt_preloaded_setup() { fi # Quote $echo for shipping. - if test "X$echo" = "X$SHELL $0 --fallback-echo"; then - case $0 in - [\\/]* | [A-Za-z]:[\\/]*) qecho="$SHELL $0 --fallback-echo";; - *) qecho="$SHELL `pwd`/$0 --fallback-echo";; + if test "X$echo" = "X$SHELL $progpath --fallback-echo"; then + case $progpath in + [\\/]* | [A-Za-z]:[\\/]*) qecho="$SHELL $progpath --fallback-echo";; + *) qecho="$SHELL `pwd`/$progpath --fallback-echo";; esac qecho=`$echo "X$qecho" | $Xsed -e "$sed_quote_subst"` else @@ -4564,7 +4622,7 @@ static const void *lt_preloaded_setup() { cwrappersource=`$echo ${objdir}/lt-${output}.c` cwrapper=`$echo ${output}.exe` $rm $cwrappersource $cwrapper - trap "$rm $cwrappersource $cwrapper; exit 1" 1 2 15 + trap "$rm $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15 cat > $cwrappersource <<EOF @@ -4573,7 +4631,7 @@ static const void *lt_preloaded_setup() { The $output program cannot be directly executed until all the libtool libraries that it depends on are installed. - + This wrapper executable should never be moved out of the build directory. If it is, it will not operate correctly. @@ -4605,7 +4663,7 @@ EOF #if defined (_WIN32) || defined (__MSDOS__) || defined (__DJGPP__) || \ defined (__OS2__) #define HAVE_DOS_BASED_FILE_SYSTEM -#ifndef DIR_SEPARATOR_2 +#ifndef DIR_SEPARATOR_2 #define DIR_SEPARATOR_2 '\\' #endif #endif @@ -4636,7 +4694,7 @@ main (int argc, char *argv[]) { char **newargz; int i; - + program_name = (char *) xstrdup ((char *) basename (argv[0])); newargz = XMALLOC(char *, argc+2); EOF @@ -4649,7 +4707,7 @@ EOF newargz[1] = fnqualify(argv[0]); /* we know the script has the same name, without the .exe */ /* so make sure newargz[1] doesn't end in .exe */ - strendzap(newargz[1],".exe"); + strendzap(newargz[1],".exe"); for (i = 1; i < argc; i++) newargz[i+1] = xstrdup(argv[i]); newargz[argc+1] = NULL; @@ -4672,7 +4730,7 @@ xmalloc (size_t num) return p; } -char * +char * xstrdup (const char *string) { return string ? strcpy ((char *) xmalloc (strlen (string) + 1), string) : NULL @@ -4686,7 +4744,7 @@ basename (const char *name) #if defined (HAVE_DOS_BASED_FILE_SYSTEM) /* Skip over the disk name in MSDOS pathnames. */ - if (isalpha (name[0]) && name[1] == ':') + if (isalpha (name[0]) && name[1] == ':') name += 2; #endif @@ -4696,7 +4754,7 @@ basename (const char *name) return (char *) base; } -char * +char * fnqualify(const char *path) { size_t size; @@ -4724,7 +4782,7 @@ fnqualify(const char *path) } char * -strendzap(char *str, const char *pat) +strendzap(char *str, const char *pat) { size_t len, patlen; @@ -4744,7 +4802,7 @@ strendzap(char *str, const char *pat) } static void -lt_error_core (int exit_status, const char * mode, +lt_error_core (int exit_status, const char * mode, const char * message, va_list ap) { fprintf (stderr, "%s: %s: ", program_name, mode); @@ -4773,7 +4831,7 @@ EOF ;; esac $rm $output - trap "$rm $output; exit 1" 1 2 15 + trap "$rm $output; exit $EXIT_FAILURE" 1 2 15 $echo > $output "\ #! $SHELL @@ -4794,7 +4852,7 @@ sed_quote_subst='$sed_quote_subst' # The HP-UX ksh and POSIX shell print the target directory to stdout # if CDPATH is set. -if test \"\${CDPATH+set}\" = set; then CDPATH=:; export CDPATH; fi +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH relink_command=\"$relink_command\" @@ -4873,7 +4931,7 @@ else else $echo \"\$relink_command_output\" >&2 $rm \"\$progdir/\$file\" - exit 1 + exit $EXIT_FAILURE fi fi @@ -4935,20 +4993,20 @@ else esac $echo >> $output "\ \$echo \"\$0: cannot exec \$program \${1+\"\$@\"}\" - exit 1 + exit $EXIT_FAILURE fi else # The program doesn't exist. \$echo \"\$0: error: \$progdir/\$program does not exist\" 1>&2 \$echo \"This script is just a wrapper for \$program.\" 1>&2 $echo \"See the $PACKAGE documentation for more information.\" 1>&2 - exit 1 + exit $EXIT_FAILURE fi fi\ " chmod +x $output fi - exit 0 + exit $EXIT_SUCCESS ;; esac @@ -4971,65 +5029,10 @@ fi\ if test -n "$addlibs"; then gentop="$output_objdir/${outputname}x" - $show "${rm}r $gentop" - $run ${rm}r "$gentop" - $show "$mkdir $gentop" - $run $mkdir "$gentop" - status=$? - if test "$status" -ne 0 && test ! -d "$gentop"; then - exit $status - fi generated="$generated $gentop" - # Add in members from convenience archives. - for xlib in $addlibs; do - # Extract the objects. - case $xlib in - [\\/]* | [A-Za-z]:[\\/]*) xabs="$xlib" ;; - *) xabs=`pwd`"/$xlib" ;; - esac - xlib=`$echo "X$xlib" | $Xsed -e 's%^.*/%%'` - xdir="$gentop/$xlib" - - $show "${rm}r $xdir" - $run ${rm}r "$xdir" - $show "$mkdir $xdir" - $run $mkdir "$xdir" - status=$? - if test "$status" -ne 0 && test ! -d "$xdir"; then - exit $status - fi - # We will extract separately just the conflicting names and we will no - # longer touch any unique names. It is faster to leave these extract - # automatically by $AR in one run. - $show "(cd $xdir && $AR x $xabs)" - $run eval "(cd \$xdir && $AR x \$xabs)" || exit $? - if ($AR t "$xabs" | sort | sort -uc >/dev/null 2>&1); then - : - else - $echo "$modename: warning: object name conflicts; renaming object files" 1>&2 - $echo "$modename: warning: to ensure that they will not overwrite" 1>&2 - $AR t "$xabs" | sort | uniq -cd | while read -r count name - do - i=1 - while test "$i" -le "$count" - do - # Put our $i before any first dot (extension) - # Never overwrite any file - name_to="$name" - while test "X$name_to" = "X$name" || test -f "$xdir/$name_to" - do - name_to=`$echo "X$name_to" | $Xsed -e "s/\([^.]*\)/\1-$i/"` - done - $show "(cd $xdir && $AR xN $i $xabs '$name' && $mv '$name' '$name_to')" - $run eval "(cd \$xdir && $AR xN $i \$xabs '$name' && $mv '$name' '$name_to')" || exit $? - i=`expr $i + 1` - done - done - fi - - oldobjs="$oldobjs "`find $xdir -name \*.${objext} -print -o -name \*.lo -print | $NL2SP` - done + func_extract_archives $gentop $addlibs + oldobjs="$oldobjs $func_extract_archives_result" fi # Do each command in the archive commands. @@ -5067,7 +5070,7 @@ fi\ for obj in $save_oldobjs do last_oldobj=$obj - done + done for obj in $save_oldobjs do oldobjs="$objlist $obj" @@ -5081,7 +5084,7 @@ fi\ oldobjs=$objlist if test "$obj" = "$last_oldobj" ; then RANLIB=$save_RANLIB - fi + fi test -z "$concat_cmds" || concat_cmds=$concat_cmds~ eval concat_cmds=\"\${concat_cmds}$old_archive_cmds\" objlist= @@ -5130,11 +5133,13 @@ fi\ fi done # Quote the link command for shipping. - relink_command="(cd `pwd`; $SHELL $0 $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)" + relink_command="(cd `pwd`; $SHELL $progpath $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)" relink_command=`$echo "X$relink_command" | $Xsed -e "$sed_quote_subst"` if test "$hardcode_automatic" = yes ; then - relink_command= - fi + relink_command= + fi + + # Only create the output if not a dry run. if test -z "$run"; then for installed in no yes; do @@ -5152,7 +5157,7 @@ fi\ eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` if test -z "$libdir"; then $echo "$modename: \`$deplib' is not a valid libtool archive" 1>&2 - exit 1 + exit $EXIT_FAILURE fi newdependency_libs="$newdependency_libs $libdir/$name" ;; @@ -5166,7 +5171,7 @@ fi\ eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib` if test -z "$libdir"; then $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2 - exit 1 + exit $EXIT_FAILURE fi newdlfiles="$newdlfiles $libdir/$name" done @@ -5177,7 +5182,7 @@ fi\ eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib` if test -z "$libdir"; then $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2 - exit 1 + exit $EXIT_FAILURE fi newdlprefiles="$newdlprefiles $libdir/$name" done @@ -5185,7 +5190,7 @@ fi\ else newdlfiles= for lib in $dlfiles; do - case $lib in + case $lib in [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;; *) abs=`pwd`"/$lib" ;; esac @@ -5194,7 +5199,7 @@ fi\ dlfiles="$newdlfiles" newdlprefiles= for lib in $dlprefiles; do - case $lib in + case $lib in [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;; *) abs=`pwd`"/$lib" ;; esac @@ -5257,7 +5262,7 @@ relink_command=\"$relink_command\"" $run eval '(cd $output_objdir && $rm $outputname && $LN_S ../$outputname $outputname)' || exit $? ;; esac - exit 0 + exit $EXIT_SUCCESS ;; # libtool install mode @@ -5346,13 +5351,13 @@ relink_command=\"$relink_command\"" if test -z "$install_prog"; then $echo "$modename: you must specify an install program" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi if test -n "$prev"; then $echo "$modename: the \`$prev' option requires an argument" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi if test -z "$files"; then @@ -5362,7 +5367,7 @@ relink_command=\"$relink_command\"" $echo "$modename: you must specify a destination" 1>&2 fi $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi # Strip any trailing slash from the destination. @@ -5383,7 +5388,7 @@ relink_command=\"$relink_command\"" if test "$#" -gt 2; then $echo "$modename: \`$dest' is not a directory" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi fi case $destdir in @@ -5395,7 +5400,7 @@ relink_command=\"$relink_command\"" *) $echo "$modename: \`$destdir' must be an absolute directory name" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; esac done @@ -5424,7 +5429,7 @@ relink_command=\"$relink_command\"" else $echo "$modename: \`$file' is not a valid libtool archive" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi library_names= @@ -5466,7 +5471,7 @@ relink_command=\"$relink_command\"" # but it's something to keep an eye on. if test "$inst_prefix_dir" = "$destdir"; then $echo "$modename: error: cannot install \`$file' to a directory not ending in $libdir" 1>&2 - exit 1 + exit $EXIT_FAILURE fi if test -n "$inst_prefix_dir"; then @@ -5481,7 +5486,7 @@ relink_command=\"$relink_command\"" if $run eval "$relink_command"; then : else $echo "$modename: error: relink \`$file' with the above command before installing it" 1>&2 - exit 1 + exit $EXIT_FAILURE fi fi @@ -5560,7 +5565,7 @@ relink_command=\"$relink_command\"" *) $echo "$modename: cannot copy a libtool object to \`$destfile'" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; esac @@ -5578,7 +5583,7 @@ relink_command=\"$relink_command\"" $show "$install_prog $staticobj $staticdest" $run eval "$install_prog \$staticobj \$staticdest" || exit $? fi - exit 0 + exit $EXIT_SUCCESS ;; *) @@ -5632,7 +5637,7 @@ relink_command=\"$relink_command\"" # Check the variables that should have been set. if test -z "$notinst_deplibs"; then $echo "$modename: invalid libtool wrapper script \`$wrapper'" 1>&2 - exit 1 + exit $EXIT_FAILURE fi finalize=yes @@ -5673,8 +5678,12 @@ relink_command=\"$relink_command\"" tmpdir="/tmp" test -n "$TMPDIR" && tmpdir="$TMPDIR" tmpdir="$tmpdir/libtool-$$" - if $mkdir "$tmpdir" && chmod 700 "$tmpdir"; then : + save_umask=`umask` + umask 0077 + if $mkdir "$tmpdir"; then + umask $save_umask else + umask $save_umask $echo "$modename: error: cannot create temporary directory \`$tmpdir'" 1>&2 continue fi @@ -5757,9 +5766,9 @@ relink_command=\"$relink_command\"" if test -n "$current_libdirs"; then # Maybe just do a dry run. test -n "$run" && current_libdirs=" -n$current_libdirs" - exec_cmd='$SHELL $0 $preserve_args --finish$current_libdirs' + exec_cmd='$SHELL $progpath $preserve_args --finish$current_libdirs' else - exit 0 + exit $EXIT_SUCCESS fi ;; @@ -5799,7 +5808,7 @@ relink_command=\"$relink_command\"" fi # Exit here if they wanted silent mode. - test "$show" = : && exit 0 + test "$show" = : && exit $EXIT_SUCCESS $echo "----------------------------------------------------------------------" $echo "Libraries have been installed in:" @@ -5835,7 +5844,7 @@ relink_command=\"$relink_command\"" $echo "See any operating system documentation about shared libraries for" $echo "more information, such as the ld(1) and ld.so(8) manual pages." $echo "----------------------------------------------------------------------" - exit 0 + exit $EXIT_SUCCESS ;; # libtool execute mode @@ -5847,7 +5856,7 @@ relink_command=\"$relink_command\"" if test -z "$cmd"; then $echo "$modename: you must specify a COMMAND" 1>&2 $echo "$help" - exit 1 + exit $EXIT_FAILURE fi # Handle -dlopen flags immediately. @@ -5855,7 +5864,7 @@ relink_command=\"$relink_command\"" if test ! -f "$file"; then $echo "$modename: \`$file' is not a file" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi dir= @@ -5866,7 +5875,7 @@ relink_command=\"$relink_command\"" else $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi # Read the libtool library. @@ -5893,7 +5902,7 @@ relink_command=\"$relink_command\"" dir="$dir/$objdir" else $echo "$modename: cannot find \`$dlname' in \`$dir' or \`$dir/$objdir'" 1>&2 - exit 1 + exit $EXIT_FAILURE fi ;; @@ -5973,7 +5982,7 @@ relink_command=\"$relink_command\"" $echo "export $shlibpath_var" fi $echo "$cmd$args" - exit 0 + exit $EXIT_SUCCESS fi ;; @@ -6001,7 +6010,7 @@ relink_command=\"$relink_command\"" if test -z "$rm"; then $echo "$modename: you must specify an RM program" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi rmdirs= @@ -6115,7 +6124,7 @@ relink_command=\"$relink_command\"" if test "$mode" = clean ; then noexename=$name case $file in - *.exe) + *.exe) file=`$echo $file|${SED} 's,.exe$,,'` noexename=`$echo $name|${SED} 's,.exe$,,'` # $file with .exe has already been added to rmfiles, @@ -6160,20 +6169,20 @@ relink_command=\"$relink_command\"" "") $echo "$modename: you must specify a MODE" 1>&2 $echo "$generic_help" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; esac if test -z "$exec_cmd"; then $echo "$modename: invalid operation mode \`$mode'" 1>&2 $echo "$generic_help" 1>&2 - exit 1 + exit $EXIT_FAILURE fi fi # test -z "$show_help" if test -n "$exec_cmd"; then eval exec $exec_cmd - exit 1 + exit $EXIT_FAILURE fi # We need to display help for each of the modes. @@ -6209,7 +6218,7 @@ MODE-ARGS vary depending on the MODE. Try \`$modename --help --mode=MODE' for a more detailed description of MODE. Report bugs to <bug-libtool@gnu.org>." - exit 0 + exit $EXIT_SUCCESS ;; clean) @@ -6364,14 +6373,14 @@ Otherwise, only FILE itself is deleted using RM." *) $echo "$modename: invalid operation mode \`$mode'" 1>&2 $echo "$help" 1>&2 - exit 1 + exit $EXIT_FAILURE ;; esac $echo $echo "Try \`$modename --help' for more information about other modes." -exit 0 +exit $EXIT_SUCCESS # The TAGs below are defined such that we never get into a situation # in which we disable both kinds of libraries. Given conflicting diff --git a/usr.sbin/bind/version b/usr.sbin/bind/version index b074de905d3..e560f62bc71 100644 --- a/usr.sbin/bind/version +++ b/usr.sbin/bind/version @@ -1,10 +1,10 @@ -# $ISC: version,v 1.26.2.17.2.10.4.1 2004/09/20 01:01:01 marka Exp $ +# $ISC: version,v 1.26.2.17.2.17 2005/03/03 04:51:08 marka Exp $ # # This file must follow /bin/sh rules. It is imported directly via # configure. # MAJORVER=9 MINORVER=3 -PATCHVER=0 +PATCHVER=1 RELEASETYPE= RELEASEVER= |