import ldns 1.6.16
This commit is contained in:
parent
a1ba2d1ca3
commit
2f10c3e258
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/vendor/ldns/dist/; revision=246828 svn path=/vendor/ldns/1.6.16/; revision=246829; tag=vendor/ldns/1.6.16
48
Changelog
48
Changelog
@ -1,3 +1,51 @@
|
||||
1.6.16 2012-11-13
|
||||
* Fix Makefile to build pyldns with BSD make
|
||||
* Fix typo in exporting b32_* symbols to make pyldns load again
|
||||
* Allow leaving the RR owner name empty in ldns-testns datafiles.
|
||||
* Fix fail to create NSEC3 bitmap for empty non-terminal (bug
|
||||
introduced in 1.6.14).
|
||||
|
||||
1.6.15 2012-10-25
|
||||
* Remove LDNS_STATUS_EXISTS_ERR from ldns/error.h to make ldns
|
||||
binary compatible with earlier releases again.
|
||||
|
||||
1.6.14 2012-10-23
|
||||
* DANE support (RFC6698), including ldns-dane example tool.
|
||||
* Configurable default CA certificate repository for ldns-dane with
|
||||
--with-ca-file=CAFILE and --with-ca-path=CAPATH
|
||||
* Configurable default trust anchor with --with-trust-anchor=FILE
|
||||
for drill, ldns-verify-zone and ldns-dane
|
||||
* bugfix #474: Define socklen_t when undefined (like in Win32)
|
||||
* bugfix #473: Dead code removal and resource leak fix in drill
|
||||
* bugfix #471: Let ldns_resolver_push_dnssec_anchor accept DS RR's too.
|
||||
* Various bugfixes from code reviews from CZ.NIC and Paul Wouters
|
||||
* ldns-notify TSIG option argument checking
|
||||
* Let ldns_resolver_nameservers_randomize keep nameservers and rtt's
|
||||
in sync.
|
||||
* Let ldns_pkt_push_rr now return false on (memory) errors.
|
||||
* Make buffer_export comply to documentation and fix buffer2str
|
||||
* Various improvements and fixes of pyldns from Katel Slany
|
||||
now documented in their own Changelog.
|
||||
* bugfix: Make ldns_resolver_pop_nameserver clear the array when
|
||||
there was only one.
|
||||
* bugfix #459: Remove ldns_symbols and export symbols based on regex
|
||||
* bugfix #458: Track all newly created signatures when signing.
|
||||
* bugfix #454: Only set -g and -O2 CFLAGS when no CFLAGS was given.
|
||||
* bugfix #457: Memory leak fix for ldns_key_new_frm_algorithm.
|
||||
* pyldns memory handling fixes and the python3/ldns-signzone.py
|
||||
examples script contribution from Karel Slany.
|
||||
* bugfix #450: Base # bytes for P, G and Y (T) on the guaranteed
|
||||
to be bigger (or equal) P in ldns_key_dsa2bin.
|
||||
* bugfix #449: Deep free cloned rdf's in ldns_tsig_mac_new.
|
||||
* bugfix #448: Copy nameserver value (in stead of reference) of the
|
||||
answering nameserver to the answer packet in ldns_send_buffer, so
|
||||
the original value may be deep freed with the ldns_resolver struct.
|
||||
* New -0 option for ldns-read-zone to replace inception, expiration
|
||||
and signature rdata fields with (null). Thanks Paul Wouters.
|
||||
* New -p option for ldns-read-zone to prepend-pad SOA serial to take
|
||||
up ten characters.
|
||||
* Return error if printing RR fails due to unknown/null RDATA.
|
||||
|
||||
1.6.13 2012-05-21
|
||||
* New -S option for ldns-verify-zone to chase signatures online.
|
||||
* New -k option for ldns-verify-zone to validate using a trusted key.
|
||||
|
955
Makefile.in
955
Makefile.in
File diff suppressed because it is too large
Load Diff
3
buffer.c
3
buffer.c
@ -140,7 +140,8 @@ ldns_buffer_free(ldns_buffer *buffer)
|
||||
return;
|
||||
}
|
||||
|
||||
LDNS_FREE(buffer->_data);
|
||||
if (!buffer->_fixed)
|
||||
LDNS_FREE(buffer->_data);
|
||||
|
||||
LDNS_FREE(buffer);
|
||||
}
|
||||
|
153
configure
vendored
153
configure
vendored
@ -1,6 +1,6 @@
|
||||
#! /bin/sh
|
||||
# Guess values for system-dependent variables and create Makefiles.
|
||||
# Generated by GNU Autoconf 2.68 for ldns 1.6.13.
|
||||
# Generated by GNU Autoconf 2.68 for ldns 1.6.16.
|
||||
#
|
||||
# Report bugs to <libdns@nlnetlabs.nl>.
|
||||
#
|
||||
@ -570,8 +570,8 @@ MAKEFLAGS=
|
||||
# Identity of this package.
|
||||
PACKAGE_NAME='ldns'
|
||||
PACKAGE_TARNAME='libdns'
|
||||
PACKAGE_VERSION='1.6.13'
|
||||
PACKAGE_STRING='ldns 1.6.13'
|
||||
PACKAGE_VERSION='1.6.16'
|
||||
PACKAGE_STRING='ldns 1.6.16'
|
||||
PACKAGE_BUGREPORT='libdns@nlnetlabs.nl'
|
||||
PACKAGE_URL=''
|
||||
|
||||
@ -613,17 +613,23 @@ ac_includes_default="\
|
||||
#endif"
|
||||
|
||||
ac_subst_vars='LTLIBOBJS
|
||||
CONFIG_FILES
|
||||
ldns_build_config_have_attr_unused
|
||||
ldns_build_config_have_attr_format
|
||||
ldns_build_config_have_ssl
|
||||
DEFAULT_CAPATH
|
||||
DEFAULT_CAFILE
|
||||
LDNS_TRUST_ANCHOR_FILE
|
||||
WINDRES
|
||||
LIBOBJS
|
||||
ldns_build_config_have_socklen_t
|
||||
LIBPCAP_LIBS
|
||||
include_unistd_h
|
||||
include_systypes_h
|
||||
include_inttypes_h
|
||||
ldns_build_config_have_inttypes_h
|
||||
include_sys_socket_h
|
||||
LIBSSL_SSL_LIBS
|
||||
LIBSSL_LIBS
|
||||
LIBSSL_LDFLAGS
|
||||
LIBSSL_CPPFLAGS
|
||||
@ -767,6 +773,9 @@ enable_sha2
|
||||
enable_gost
|
||||
enable_ecdsa
|
||||
enable_rpath
|
||||
with_trust_anchor
|
||||
with_ca_file
|
||||
with_ca_path
|
||||
'
|
||||
ac_precious_vars='build_alias
|
||||
host_alias
|
||||
@ -1320,7 +1329,7 @@ if test "$ac_init_help" = "long"; then
|
||||
# Omit some internal or obsolete options to make the list less imposing.
|
||||
# This message is too long to be a string in the A/UX 3.1 sh.
|
||||
cat <<_ACEOF
|
||||
\`configure' configures ldns 1.6.13 to adapt to many kinds of systems.
|
||||
\`configure' configures ldns 1.6.16 to adapt to many kinds of systems.
|
||||
|
||||
Usage: $0 [OPTION]... [VAR=VALUE]...
|
||||
|
||||
@ -1385,7 +1394,7 @@ fi
|
||||
|
||||
if test -n "$ac_init_help"; then
|
||||
case $ac_init_help in
|
||||
short | recursive ) echo "Configuration of ldns 1.6.13:";;
|
||||
short | recursive ) echo "Configuration of ldns 1.6.16:";;
|
||||
esac
|
||||
cat <<\_ACEOF
|
||||
|
||||
@ -1421,6 +1430,12 @@ Optional Packages:
|
||||
--with-ssl=pathname enable SSL (will check /usr/local/ssl /usr/lib/ssl
|
||||
/usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw
|
||||
/usr)
|
||||
--with-trust-anchor=KEYFILE
|
||||
Default location of the trust anchor file for drill
|
||||
and ldns-dane. [default=SYSCONFDIR/unbound/root.key]
|
||||
--with-ca-file=CAFILE File containing CA certificates for ldns-dane
|
||||
--with-ca-path=CAPATH Directory containing CA certificate files for
|
||||
ldns-dane
|
||||
|
||||
Some influential environment variables:
|
||||
CC C compiler command
|
||||
@ -1502,7 +1517,7 @@ fi
|
||||
test -n "$ac_init_help" && exit $ac_status
|
||||
if $ac_init_version; then
|
||||
cat <<\_ACEOF
|
||||
ldns configure 1.6.13
|
||||
ldns configure 1.6.16
|
||||
generated by GNU Autoconf 2.68
|
||||
|
||||
Copyright (C) 2010 Free Software Foundation, Inc.
|
||||
@ -2206,7 +2221,7 @@ cat >config.log <<_ACEOF
|
||||
This file contains any messages produced by compilers while
|
||||
running configure, to aid debugging if configure makes a mistake.
|
||||
|
||||
It was created by ldns $as_me 1.6.13, which was
|
||||
It was created by ldns $as_me 1.6.16, which was
|
||||
generated by GNU Autoconf 2.68. Invocation command line was
|
||||
|
||||
$ $0 $@
|
||||
@ -2556,13 +2571,13 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
|
||||
|
||||
|
||||
# needed to build correct soname
|
||||
LIBTOOL_VERSION_INFO=1:6:13
|
||||
LIBTOOL_VERSION_INFO=1:6:16
|
||||
|
||||
LDNS_VERSION_MAJOR=1
|
||||
|
||||
LDNS_VERSION_MINOR=6
|
||||
|
||||
LDNS_VERSION_MICRO=13
|
||||
LDNS_VERSION_MICRO=16
|
||||
|
||||
|
||||
OURCPPFLAGS=''
|
||||
@ -4684,6 +4699,7 @@ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
|
||||
ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
|
||||
ac_compiler_gnu=$ac_cv_c_compiler_gnu
|
||||
|
||||
if test "x$CFLAGS" = "x" ; then
|
||||
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -g" >&5
|
||||
@ -4707,7 +4723,7 @@ if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
|
||||
$as_echo "yes" >&6; }
|
||||
:
|
||||
CFLAGS="-g $CFLAGS"
|
||||
CFLAGS="-g"
|
||||
else
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
|
||||
$as_echo "no" >&6; }
|
||||
@ -4746,6 +4762,7 @@ $as_echo "no" >&6; }
|
||||
|
||||
fi
|
||||
|
||||
fi
|
||||
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -Wall" >&5
|
||||
@ -5931,6 +5948,7 @@ This does not work with the --with-drill option.
|
||||
Please remove the config.h from the drill subdirectory
|
||||
or do not use the --with-drill option." "$LINENO" 5
|
||||
fi
|
||||
DRILL_CONFIG=" drill/drill.1"
|
||||
else
|
||||
DRILL=""
|
||||
|
||||
@ -5942,6 +5960,7 @@ else
|
||||
|
||||
LINT_DRILL=""
|
||||
|
||||
DRILL_CONFIG=""
|
||||
fi
|
||||
|
||||
|
||||
@ -5971,6 +5990,7 @@ This does not work with the --with-examples option.
|
||||
Please remove the config.h from the examples subdirectory
|
||||
or do not use the --with-examples option." "$LINENO" 5
|
||||
fi
|
||||
EXAMPLES_CONFIG=" examples/ldns-dane.1 examples/ldns-verify-zone.1"
|
||||
else
|
||||
EXAMPLES=""
|
||||
|
||||
@ -5982,6 +6002,7 @@ else
|
||||
|
||||
LINT_EXAMPLES=""
|
||||
|
||||
EXAMPLES_CONFIG=""
|
||||
fi
|
||||
|
||||
# add option to disable installation of ldns-config script
|
||||
@ -6981,7 +7002,6 @@ else
|
||||
|
||||
fi
|
||||
|
||||
|
||||
# Use libtool
|
||||
|
||||
# skip these tests, we do not need them.
|
||||
@ -14706,6 +14726,10 @@ esac
|
||||
|
||||
|
||||
|
||||
if test "x$HAVE_SSL" = "xyes"; then
|
||||
LIBSSL_SSL_LIBS="$LIBSSL_LIBS -lssl"
|
||||
|
||||
fi
|
||||
CPPFLAGS=$tmp_CPPFLAGS
|
||||
LDFLAGS=$tmp_LDFLAGS
|
||||
LIBS=$tmp_LIBS
|
||||
@ -15452,6 +15476,13 @@ $as_echo "#define socklen_t int" >>confdefs.h
|
||||
|
||||
fi
|
||||
|
||||
if test "x$ac_cv_type_socklen_t" = xyes; then
|
||||
ldns_build_config_have_socklen_t=1
|
||||
|
||||
else
|
||||
ldns_build_config_have_socklen_t=0
|
||||
|
||||
fi
|
||||
ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default"
|
||||
if test "x$ac_cv_type_size_t" = xyes; then :
|
||||
|
||||
@ -16514,6 +16545,91 @@ $as_echo "#define SYSCONFDIR sysconfdir" >>confdefs.h
|
||||
|
||||
|
||||
|
||||
# Check whether --with-trust-anchor was given.
|
||||
if test "${with_trust_anchor+set}" = set; then :
|
||||
withval=$with_trust_anchor;
|
||||
LDNS_TRUST_ANCHOR_FILE="$withval"
|
||||
|
||||
else
|
||||
|
||||
if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then
|
||||
if test "x$sysconfdir" = 'x${prefix}/etc' ; then
|
||||
if test "x$prefix" = 'xNONE' ; then
|
||||
LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key"
|
||||
else
|
||||
LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key"
|
||||
fi
|
||||
else
|
||||
LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key"
|
||||
fi
|
||||
fi
|
||||
|
||||
fi
|
||||
|
||||
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
#define LDNS_TRUST_ANCHOR_FILE "$LDNS_TRUST_ANCHOR_FILE"
|
||||
_ACEOF
|
||||
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&5
|
||||
$as_echo "$as_me: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&6;}
|
||||
|
||||
|
||||
# Check whether --with-ca-file was given.
|
||||
if test "${with_ca_file+set}" = set; then :
|
||||
withval=$with_ca_file;
|
||||
|
||||
$as_echo "#define HAVE_DANE_CA_FILE 1" >>confdefs.h
|
||||
|
||||
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
#define LDNS_DANE_CA_FILE "$withval"
|
||||
_ACEOF
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: Using CAfile: $withval" >&5
|
||||
$as_echo "$as_me: Using CAfile: $withval" >&6;}
|
||||
DEFAULT_CAFILE="Default is $withval"
|
||||
|
||||
|
||||
else
|
||||
|
||||
|
||||
$as_echo "#define HAVE_DANE_CA_FILE 0" >>confdefs.h
|
||||
|
||||
|
||||
|
||||
fi
|
||||
|
||||
|
||||
|
||||
# Check whether --with-ca-path was given.
|
||||
if test "${with_ca_path+set}" = set; then :
|
||||
withval=$with_ca_path;
|
||||
|
||||
$as_echo "#define HAVE_DANE_CA_PATH 1" >>confdefs.h
|
||||
|
||||
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
#define LDNS_DANE_CA_PATH "$withval"
|
||||
_ACEOF
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: Using CApath: $withval" >&5
|
||||
$as_echo "$as_me: Using CApath: $withval" >&6;}
|
||||
DEFAULT_CAPATH="Default is $withval"
|
||||
|
||||
|
||||
else
|
||||
|
||||
|
||||
$as_echo "#define HAVE_DANE_CA_PATH 0" >>confdefs.h
|
||||
|
||||
|
||||
|
||||
fi
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@ -16539,7 +16655,9 @@ else
|
||||
|
||||
fi
|
||||
|
||||
ac_config_files="$ac_config_files Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config"
|
||||
CONFIG_FILES="Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config $DRILL_CONFIG $EXAMPLES_CONFIG"
|
||||
|
||||
ac_config_files="$ac_config_files $CONFIG_FILES"
|
||||
|
||||
|
||||
ac_config_headers="$ac_config_headers ldns/config.h"
|
||||
@ -17063,7 +17181,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
|
||||
# report actual input values of CONFIG_FILES etc. instead of their
|
||||
# values after options handling.
|
||||
ac_log="
|
||||
This file was extended by ldns $as_me 1.6.13, which was
|
||||
This file was extended by ldns $as_me 1.6.16, which was
|
||||
generated by GNU Autoconf 2.68. Invocation command line was
|
||||
|
||||
CONFIG_FILES = $CONFIG_FILES
|
||||
@ -17129,7 +17247,7 @@ _ACEOF
|
||||
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
|
||||
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
|
||||
ac_cs_version="\\
|
||||
ldns config.status 1.6.13
|
||||
ldns config.status 1.6.16
|
||||
configured by $0, generated by GNU Autoconf 2.68,
|
||||
with options \\"\$ac_cs_config\\"
|
||||
|
||||
@ -17534,12 +17652,7 @@ do
|
||||
case $ac_config_target in
|
||||
"libtool") CONFIG_COMMANDS="$CONFIG_COMMANDS libtool" ;;
|
||||
"disable-rpath") CONFIG_COMMANDS="$CONFIG_COMMANDS disable-rpath" ;;
|
||||
"Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
|
||||
"ldns/common.h") CONFIG_FILES="$CONFIG_FILES ldns/common.h" ;;
|
||||
"ldns/net.h") CONFIG_FILES="$CONFIG_FILES ldns/net.h" ;;
|
||||
"ldns/util.h") CONFIG_FILES="$CONFIG_FILES ldns/util.h" ;;
|
||||
"packaging/libldns.pc") CONFIG_FILES="$CONFIG_FILES packaging/libldns.pc" ;;
|
||||
"packaging/ldns-config") CONFIG_FILES="$CONFIG_FILES packaging/ldns-config" ;;
|
||||
"$CONFIG_FILES") CONFIG_FILES="$CONFIG_FILES $CONFIG_FILES" ;;
|
||||
"ldns/config.h") CONFIG_HEADERS="$CONFIG_HEADERS ldns/config.h" ;;
|
||||
|
||||
*) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
|
||||
|
62
configure.ac
62
configure.ac
@ -6,7 +6,7 @@ sinclude(acx_nlnetlabs.m4)
|
||||
# must be numbers. ac_defun because of later processing.
|
||||
m4_define([VERSION_MAJOR],[1])
|
||||
m4_define([VERSION_MINOR],[6])
|
||||
m4_define([VERSION_MICRO],[13])
|
||||
m4_define([VERSION_MICRO],[16])
|
||||
AC_INIT(ldns, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), libdns@nlnetlabs.nl, libdns)
|
||||
AC_CONFIG_SRCDIR([packet.c])
|
||||
# needed to build correct soname
|
||||
@ -63,8 +63,10 @@ COPY_FILES($srcdir/$1/*.h, $2)
|
||||
# Checks for typedefs, structures, and compiler characteristics.
|
||||
AC_C_CONST
|
||||
AC_LANG_C
|
||||
ACX_CHECK_COMPILER_FLAG(g, [CFLAGS="-g $CFLAGS"])
|
||||
if test "x$CFLAGS" = "x" ; then
|
||||
ACX_CHECK_COMPILER_FLAG(g, [CFLAGS="-g"])
|
||||
ACX_CHECK_COMPILER_FLAG(O2, [CFLAGS="-O2 $CFLAGS"])
|
||||
fi
|
||||
ACX_CHECK_COMPILER_FLAG(Wall, [CFLAGS="-Wall $CFLAGS"])
|
||||
ACX_CHECK_COMPILER_FLAG(W, [CFLAGS="-W $CFLAGS"])
|
||||
ACX_CHECK_COMPILER_FLAG(Wwrite-strings, [CFLAGS="-Wwrite-strings $CFLAGS"])
|
||||
@ -112,12 +114,14 @@ This does not work with the --with-drill option.
|
||||
Please remove the config.h from the drill subdirectory
|
||||
or do not use the --with-drill option.])
|
||||
fi
|
||||
DRILL_CONFIG=" drill/drill.1"
|
||||
else
|
||||
AC_SUBST(DRILL,[""])
|
||||
AC_SUBST(INSTALL_DRILL,[""])
|
||||
AC_SUBST(UNINSTALL_DRILL,[""])
|
||||
AC_SUBST(CLEAN_DRILL,[""])
|
||||
AC_SUBST(LINT_DRILL,[""])
|
||||
DRILL_CONFIG=""
|
||||
fi
|
||||
|
||||
|
||||
@ -137,12 +141,14 @@ This does not work with the --with-examples option.
|
||||
Please remove the config.h from the examples subdirectory
|
||||
or do not use the --with-examples option.])
|
||||
fi
|
||||
EXAMPLES_CONFIG=" examples/ldns-dane.1 examples/ldns-verify-zone.1"
|
||||
else
|
||||
AC_SUBST(EXAMPLES,[""])
|
||||
AC_SUBST(INSTALL_EXAMPLES,[""])
|
||||
AC_SUBST(UNINSTALL_EXAMPLES,[""])
|
||||
AC_SUBST(CLEAN_EXAMPLES,[""])
|
||||
AC_SUBST(LINT_EXAMPLES,[""])
|
||||
EXAMPLES_CONFIG=""
|
||||
fi
|
||||
|
||||
# add option to disable installation of ldns-config script
|
||||
@ -249,7 +255,6 @@ else
|
||||
AC_SUBST(PYLDNSXUNINST, "")
|
||||
fi
|
||||
|
||||
|
||||
# Use libtool
|
||||
ACX_LIBTOOL_C_ONLY
|
||||
|
||||
@ -318,6 +323,9 @@ esac
|
||||
AC_SUBST(LIBSSL_CPPFLAGS)
|
||||
AC_SUBST(LIBSSL_LDFLAGS)
|
||||
AC_SUBST(LIBSSL_LIBS)
|
||||
if test "x$HAVE_SSL" = "xyes"; then
|
||||
AC_SUBST(LIBSSL_SSL_LIBS, ["$LIBSSL_LIBS -lssl"])
|
||||
fi
|
||||
CPPFLAGS=$tmp_CPPFLAGS
|
||||
LDFLAGS=$tmp_LDFLAGS
|
||||
LIBS=$tmp_LIBS
|
||||
@ -444,6 +452,11 @@ AC_INCLUDES_DEFAULT
|
||||
fi
|
||||
|
||||
ACX_TYPE_SOCKLEN_T
|
||||
if test "x$ac_cv_type_socklen_t" = xyes; then
|
||||
AC_SUBST(ldns_build_config_have_socklen_t, 1)
|
||||
else
|
||||
AC_SUBST(ldns_build_config_have_socklen_t, 0)
|
||||
fi
|
||||
AC_TYPE_SIZE_T
|
||||
AC_TYPE_SSIZE_T
|
||||
AC_TYPE_INTPTR_T
|
||||
@ -507,6 +520,45 @@ fi
|
||||
|
||||
AC_DEFINE([SYSCONFDIR], [sysconfdir], [System configuration dir])
|
||||
|
||||
AC_ARG_WITH(trust-anchor, AC_HELP_STRING([--with-trust-anchor=KEYFILE], [Default location of the trust anchor file for drill and ldns-dane. [default=SYSCONFDIR/unbound/root.key]]), [
|
||||
LDNS_TRUST_ANCHOR_FILE="$withval"
|
||||
],[
|
||||
if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then
|
||||
if test "x$sysconfdir" = 'x${prefix}/etc' ; then
|
||||
if test "x$prefix" = 'xNONE' ; then
|
||||
LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key"
|
||||
else
|
||||
LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key"
|
||||
fi
|
||||
else
|
||||
LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key"
|
||||
fi
|
||||
fi
|
||||
])
|
||||
AC_DEFINE_UNQUOTED([LDNS_TRUST_ANCHOR_FILE], ["$LDNS_TRUST_ANCHOR_FILE"], [Default trust anchor file])
|
||||
AC_SUBST(LDNS_TRUST_ANCHOR_FILE)
|
||||
AC_MSG_NOTICE([Default trust anchor: $LDNS_TRUST_ANCHOR_FILE])
|
||||
|
||||
AC_ARG_WITH(ca-file, AC_HELP_STRING([--with-ca-file=CAFILE], [File containing CA certificates for ldns-dane]), [
|
||||
AC_DEFINE([HAVE_DANE_CA_FILE], [1], [Is a CAFILE given at configure time])
|
||||
AC_DEFINE_UNQUOTED([LDNS_DANE_CA_FILE], ["$withval"], [Is a CAFILE given at configure time])
|
||||
AC_MSG_NOTICE([Using CAfile: $withval])
|
||||
AC_SUBST(DEFAULT_CAFILE, ["Default is $withval"])
|
||||
],[
|
||||
AC_DEFINE([HAVE_DANE_CA_FILE], [0], [Is a CAFILE given at configure time])
|
||||
AC_SUBST(DEFAULT_CAFILE, [])
|
||||
])
|
||||
|
||||
AC_ARG_WITH(ca-path, AC_HELP_STRING([--with-ca-path=CAPATH], [Directory containing CA certificate files for ldns-dane]), [
|
||||
AC_DEFINE([HAVE_DANE_CA_PATH], [1], [Is a CAPATH given at configure time])
|
||||
AC_DEFINE_UNQUOTED([LDNS_DANE_CA_PATH], ["$withval"], [Is a CAPATH given at configure time])
|
||||
AC_MSG_NOTICE([Using CApath: $withval])
|
||||
AC_SUBST(DEFAULT_CAPATH, ["Default is $withval"])
|
||||
],[
|
||||
AC_DEFINE([HAVE_DANE_CA_PATH], [0], [Is a CAPATH given at configure time])
|
||||
AC_SUBST(DEFAULT_CAPATH, [])
|
||||
])
|
||||
|
||||
AH_BOTTOM([
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
@ -663,7 +715,9 @@ else
|
||||
AC_SUBST(ldns_build_config_have_attr_unused, 0)
|
||||
fi
|
||||
|
||||
AC_CONFIG_FILES([Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config])
|
||||
CONFIG_FILES="Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config $DRILL_CONFIG $EXAMPLES_CONFIG"
|
||||
AC_SUBST(CONFIG_FILES)
|
||||
AC_CONFIG_FILES([$CONFIG_FILES])
|
||||
|
||||
AC_CONFIG_HEADER([ldns/config.h])
|
||||
AC_OUTPUT
|
||||
|
66
contrib/python/Changelog
Normal file
66
contrib/python/Changelog
Normal file
@ -0,0 +1,66 @@
|
||||
1.6.16 2012-11-13
|
||||
* Fix typo in ldns_struct_pkt.opcode2str
|
||||
|
||||
1.6.14 2012-10-23
|
||||
* Added rich comparison methods for ldns_dname, ldns_rdf, ldns_rr and
|
||||
ldns_rr_list classes.
|
||||
* Added deprecation warnings into ldns_rr.new_frm_fp() and
|
||||
ldns_rr.new_frm_fp_l() and others.
|
||||
* Fixed ldns_rr.set_rdf(), which may cause memory leaks, because it
|
||||
returns new objects (in the scope of Python). Also it leaked memory,
|
||||
when the call was not successful.
|
||||
* Fixed ldns_get_rr_list_hosts_frm_file, marked as newobject.
|
||||
* Fixed ldns_rr_list.cat() to return bool as mentioned in documentation.
|
||||
* Fixed ldns_rr_list_cat_clone, marked as newobject.
|
||||
* Fixed ldns_rr_list.new_frm_file(). Exception argument was invalid.
|
||||
* Fixed ldns_rr_list.push_rr() to return bool as mentioned in
|
||||
documentation.
|
||||
* Fixed ldns_rr_list.push_rr_list() to return bool as mentioned in
|
||||
documentation.
|
||||
* Fixed ldns_rr_list.set_rr(), which caused memory corruption, double free
|
||||
problems and memory leaks. (The wrapper used original function instead
|
||||
of its push cloned variant which was missing.)
|
||||
* Fixed ldns_rr_list.set_rr_count(), added python exception raise in order
|
||||
to avoid assertion failure.
|
||||
* Fixed ldns_rr_list.subtype_by_rdf(), marked as newobject.
|
||||
* Added ldns_rr.to_canonical(), ldns_rr.is_question(),
|
||||
ldns_rr.type_by_name(), ldns_rr.class_by_name(), ldns_rr_list.new(),
|
||||
ldns_rr.set_question().
|
||||
* Modified ldns_rr_list.owner() and ldns_rr.owner(), now returns ldns_dname.
|
||||
* Fixed assertion failures for several methods when receiving incorrect but
|
||||
syntactically valid arguments (i.e., ldns_rr.a_address(),
|
||||
ldns_rr.dnskey_algorithm(), ldns_rr.dnskey_flags(),
|
||||
ldns_rr.dnskey_key(), ldns_rr.dnskey_protocol(),
|
||||
ldns_rr.mx_exchange(), ldns_rr.mx_preference(), ldns_rr.ns_nsdname(),
|
||||
ldns_rr.owner(), ldns_rr.rdf(), ldns_rr.rrsig_algorithm(),
|
||||
ldns_rr.rrsig_expiration(), ldns_rr.rrsig_inception(),
|
||||
ldns_rr.rrsig_keytag(), ldns_rr.rrsig_labels(), ldns_rr.rrsig_origttl(),
|
||||
ldns_rr.rrsig_sig(), ldns_rr.rrsig_signame(),
|
||||
ldns_rr.rrsig_typecovered(), ldns_rr_list.owner(), ldns_rr_list.rr())
|
||||
* Fixed ldns_rr.a_address(), which was asserting when called
|
||||
on non A or AAAA type rr. Now returns None when fails.
|
||||
* Added scripts for testing the basic functionality of the ldns_rr,
|
||||
ldns_rr_descriptor and ldns_rr_list class code.
|
||||
* Improved documentation of ldns_rr, ldns_rr_descriptor and ldns_rr_list.
|
||||
* Fixed automatic conversion from Python string to ldns_rdf and
|
||||
ldns_dname. Caused memory corruption when using Python 3.
|
||||
* The Python 3 wrapper code now raises TypeError instead of ValueError
|
||||
when receiving a non FILE * argument when it should be a FILE *.
|
||||
* Fixed wrong handling of _ldns_rr_list_free() and
|
||||
_ldns_rr_list_deep_free() when compiling with LDNS_DEBUG directive.
|
||||
* Fixed malfunctioning ldns.ldns_rdf_new_frm_fp_l().
|
||||
* Fixed malfunctioning ldns_drf.absolute() and ldns_dname.absolute().
|
||||
* Marked several functions related to ldns_rdf and ldns_buffer as
|
||||
returning new objects.
|
||||
* Method operating on ldns_dnames and returning dname ldns_rdfs now
|
||||
return ldns_dname instances.
|
||||
* Improved documentation of ldns_buffer, ldns_rdf and ldns_dname
|
||||
classes.
|
||||
* Methods ldns_buffer.available() and ldns_buffer.available_at() now
|
||||
return bool types as described in the documentation.
|
||||
* Added scripts for testing the basic functionality of the ldns_buffer,
|
||||
ldns_rdf, ldns_dname class code.
|
||||
* Added deprecation warnings to ldns_rdf methods operating on dname
|
||||
rdfs. The user is encouraged to converts dname ldns_rdfs to
|
||||
ldns_dnames.
|
||||
* Extended ldns_dname constructor to accept ldns_rdfs containing dnames.
|
@ -28,6 +28,9 @@
|
||||
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
# POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
|
||||
.PHONY: help clean testenv test doc te bw bw3 sw sw3
|
||||
|
||||
help:
|
||||
@echo "Please use \`make <target>' where <target> is one of"
|
||||
@echo " testenv to make test environment and run bash "
|
||||
@ -41,27 +44,65 @@ help:
|
||||
_ldns.so: ../../Makefile
|
||||
$(MAKE) -C ../..
|
||||
|
||||
../../.libs/ldns.so.1: ../../Makefile
|
||||
../../.libs/libldns.so.1: ../../Makefile
|
||||
$(MAKE) -C ../..
|
||||
|
||||
clean:
|
||||
rm -rdf examples/ldns
|
||||
rm -rf examples/ldns
|
||||
rm -f _ldns.so ldns_wrapper.o
|
||||
$(MAKE) -C ../.. clean
|
||||
|
||||
testenv: ../../.libs/libldns.so.1 _ldns.so
|
||||
rm -rdf examples/ldns
|
||||
cd examples && mkdir ldns && ln -s ../../ldns.py ldns/__init__.py && ln -s ../../_ldns.so ldns/_ldns.so && ln -s ../../../../.libs/libldns.so.1 ldns/libldns.so.1 && ls -la
|
||||
rm -rf examples/ldns
|
||||
cd examples && mkdir ldns && ln -s ../../ldns.py ldns/__init__.py && ln -s ../../../../.libs/_ldns.so ldns/_ldns.so && ln -s ../../../../.libs/libldns.so.1 ldns/libldns.so.1 && ls -la
|
||||
@echo "Run a script by typing ./script_name.py"
|
||||
cd examples && LD_LIBRARY_PATH=ldns bash
|
||||
rm -rdf examples/ldns
|
||||
rm -rf examples/ldns
|
||||
|
||||
doc: ../../.libs/ldns.so.1 _ldns.so
|
||||
test: ../../.libs/libldns.so.1 _ldns.so examples/test_buffer.py examples/test_rdf.py examples/test_dname.py examples/test_rr.py
|
||||
@rm -rf examples/ldns
|
||||
@cd examples && mkdir ldns && ln -s ../../ldns.py ldns/__init__.py && ln -s ../../../../.libs/_ldns.so ldns/_ldns.so && ln -s ../../../../.libs/libldns.so.1 ldns/libldns.so.1
|
||||
@cd examples && LD_LIBRARY_PATH=ldns ./test_buffer.py 2>/dev/null
|
||||
@cd examples && LD_LIBRARY_PATH=ldns ./test_rdf.py 2>/dev/null
|
||||
@cd examples && LD_LIBRARY_PATH=ldns ./test_dname.py 2>/dev/null
|
||||
@cd examples && LD_LIBRARY_PATH=ldns ./test_rr.py 2>/dev/null
|
||||
@rm -rf examples/ldns
|
||||
|
||||
doc: ../../.libs/libldns.so.1 _ldns.so
|
||||
echo @VERSION_MAJOR@
|
||||
rm -f _ldns.so
|
||||
ln -s ../../.libs/_ldns.so
|
||||
$(MAKE) -C docs html
|
||||
rm -f _ldns.so
|
||||
|
||||
#for development only
|
||||
swig: ldns.i
|
||||
swig -python -py3 -o ldns_wrapper.c -I../.. ldns.i
|
||||
gcc -c ldns_wrapper.c -O9 -fPIC -I../.. -I../../ldns -I/usr/include/python3.1 -I. -o ldns_wrapper.o
|
||||
ld -shared ldns_wrapper.o -L../../.libs -lldns -o _ldns.so
|
||||
# For development only:
|
||||
|
||||
# Test environment, does not build the wrapper from dependencies.
|
||||
te:
|
||||
rm -rf examples/ldns
|
||||
cd examples && mkdir ldns && ln -s ../../ldns.py ldns/__init__.py && ln -s ../../../../.libs/_ldns.so ldns/_ldns.so && ln -s ../../../../.libs/libldns.so.1 ldns/libldns.so.1 && ls -la
|
||||
@echo "Run a script by typing ./script_name.py"
|
||||
cd examples && LD_LIBRARY_PATH=ldns bash
|
||||
rm -rf examples/ldns
|
||||
|
||||
# Builds Python 2 wrapper from present wrapper C code.
|
||||
bw:
|
||||
gcc -c ldns_wrapper.c -O9 -fPIC -I../.. -I../../ldns -I/usr/include/python2.7 -I. -o ldns_wrapper.o
|
||||
mkdir -p ../../.libs
|
||||
ld -shared ldns_wrapper.o -L../../.libs -lldns -o ../../.libs/_ldns.so
|
||||
|
||||
# Builds Python 3 wrapper from present wrapper C code.
|
||||
bw3:
|
||||
gcc -c ldns_wrapper.c -O9 -fPIC -I../.. -I../../ldns -I/usr/include/python3.2 -I. -o ldns_wrapper.o
|
||||
mkdir -p ../../.libs
|
||||
ld -shared ldns_wrapper.o -L../../.libs -ldns -o ../../.libs/_ldns.so
|
||||
|
||||
# Builds Python 2 wrapper from interface file.
|
||||
sw: ldns.i
|
||||
swig -python -o ldns_wrapper.c -I../.. ldns.i
|
||||
$(MAKE) bw
|
||||
|
||||
# Builds Python 3 wrapper from interface file.
|
||||
sw3: ldns.i
|
||||
swig -python -py3 -DPY3 -o ldns_wrapper.c -I../.. ldns.i
|
||||
$(MAKE) bw3
|
||||
|
@ -43,9 +43,9 @@
|
||||
# other places throughout the built documents.
|
||||
#
|
||||
# The short X.Y version.
|
||||
version = '1.0'
|
||||
version = '1.6'
|
||||
# The full version, including alpha/beta/rc tags.
|
||||
release = '1.0.0'
|
||||
release = '1.6.16'
|
||||
|
||||
# There are two options for replacing |today|: either, you set today to some
|
||||
# non-false value, then it is used:
|
||||
|
@ -3,44 +3,70 @@ Installation
|
||||
|
||||
**Prerequisites**
|
||||
|
||||
Python 2.4 or higher, SWIG 1.3 or higher, GNU make
|
||||
SWIG 1.3 and GNU make are required to build modules for Python 2.4 and higher
|
||||
(but lower than 3). In order to build modules for Python 3.2 or higher,
|
||||
SWIG in version 2.0.4 or higher is required.
|
||||
|
||||
Note that Python 3.0 and 3.1 are not supported.
|
||||
|
||||
In order to build this documentation the Sphinx Python documentation generator
|
||||
is required.
|
||||
|
||||
**Download**
|
||||
|
||||
You can download the source codes `here`_.
|
||||
The latest release is 1.4.1, Jan 15, 2009.
|
||||
The lates source codes can be downloaded from `here`_.
|
||||
|
||||
.. _here: ldns-1.4.1-py.tar.gz
|
||||
.. _here: http://nlnetlabs.nl/projects/ldns/
|
||||
|
||||
**Compiling**
|
||||
|
||||
After downloading, you can compile the library by doing::
|
||||
After downloading the source code archive (this example uses
|
||||
ldns-1.6.13.tar.gz), pyLDNS can be enabled and compiled by typing::
|
||||
|
||||
> tar -xzf ldns-1.4.1-py.tar.gz
|
||||
> cd ldns-1.4.1
|
||||
> tar -xzf ldns-1.6.13.tar.gz
|
||||
> cd ldns-1.6.13
|
||||
> ./configure --with-pyldns
|
||||
> make
|
||||
|
||||
You need GNU make to compile pyLDNS; SWIG and Python development libraries to compile extension module.
|
||||
You need GNU make to compile pyLDNS; SWIG and Python development libraries to
|
||||
compile the extension module.
|
||||
|
||||
**Selecting Target Python Interpreter**
|
||||
|
||||
By default, the pyLDNS module builds for the default Python interpreter (i.e.,
|
||||
the Python interpreter which can be accessed by just typing ``python`` in
|
||||
the command line). If you desire to build the pyLDNS module for a different
|
||||
Python version then you must specify the desired Python version by setting
|
||||
the ``PYTHON_VERSION`` variable during the configure phase::
|
||||
|
||||
> PYTHON_VERSION=3.2 ./configure --with-pyldns
|
||||
> make
|
||||
|
||||
By default the pyLDNS compiles from sources for a single Python interpreter.
|
||||
Remember to execute scripts requiring pyLDNS in those Python interpreters which
|
||||
have pyLDNS installed.
|
||||
|
||||
**Testing**
|
||||
|
||||
If the compilation is successfull, you can test the python LDNS extension module by::
|
||||
If the compilation is successful, you can test the python LDNS extension module
|
||||
by executing the commands::
|
||||
|
||||
> cd contrib/python
|
||||
> make testenv
|
||||
> ./ldns-mx.py
|
||||
|
||||
This will start a new shell, during which the symbolic links will be working.
|
||||
When you exit the shell, then symbolic links will be deleted.
|
||||
Again, remember to use the Python interpreter version which the pyLDNS module
|
||||
has been compiled with.
|
||||
|
||||
In ``contrib/examples`` you can find many simple applications in python which demostrates the capabilities of LDNS library.
|
||||
The commands will start a new shell, in which several symbolic links will be
|
||||
set-up. When you exit the shell, then symbolic links will be deleted.
|
||||
|
||||
In ``contrib/python/examples`` several simple Python scripts utilising pyLDNS
|
||||
can be found. These scripts demonstrate the capabilities of the LDNS library.
|
||||
|
||||
**Installation**
|
||||
|
||||
To install libraries and extension type::
|
||||
To install the libraries and it's extensions type::
|
||||
|
||||
> cd ldns-1.4.1
|
||||
> cd ldns-1.6.13
|
||||
> make install
|
||||
|
||||
|
@ -7,7 +7,7 @@
|
||||
algorithm = ldns.LDNS_SIGN_DSA
|
||||
bits = 512
|
||||
|
||||
ldns.ldns_init_random(open("/dev/random","rb"), (bits+7)//8)
|
||||
ldns.ldns_init_random(open("/dev/urandom","rb"), (bits+7)//8)
|
||||
|
||||
domain = ldns.ldns_dname("example.")
|
||||
|
||||
|
65
contrib/python/examples/python3/ldns-signzone.py
Executable file
65
contrib/python/examples/python3/ldns-signzone.py
Executable file
@ -0,0 +1,65 @@
|
||||
#!/usr/bin/python
|
||||
# This example shows how to sign a given zone file with private key
|
||||
|
||||
import ldns
|
||||
import sys, os, time
|
||||
|
||||
#private key TAG which identifies the private key
|
||||
#use ldns-keygen.py in order to obtain private key
|
||||
keytag = 30761
|
||||
|
||||
# Read zone file
|
||||
#-------------------------------------------------------------
|
||||
|
||||
zone = ldns.ldns_zone.new_frm_fp(open("zone.txt","r"), None, 0, ldns.LDNS_RR_CLASS_IN)
|
||||
soa = zone.soa()
|
||||
origin = soa.owner()
|
||||
|
||||
# Prepare keys
|
||||
#-------------------------------------------------------------
|
||||
|
||||
#Read private key from file
|
||||
keyfile = open("key-%s-%d.private" % (origin, keytag), "r");
|
||||
key = ldns.ldns_key.new_frm_fp(keyfile)
|
||||
|
||||
#Read public key from file
|
||||
pubfname = "key-%s-%d.key" % (origin, keytag)
|
||||
pubkey = None
|
||||
if os.path.isfile(pubfname):
|
||||
pubkeyfile = open(pubfname, "r");
|
||||
pubkey,_,_,_ = ldns.ldns_rr.new_frm_fp(pubkeyfile)
|
||||
|
||||
if not pubkey:
|
||||
#Create new public key
|
||||
pubkey = key.key_to_rr()
|
||||
|
||||
#Set key expiration
|
||||
key.set_expiration(int(time.time()) + 365*60*60*24) #365 days
|
||||
|
||||
#Set key owner (important step)
|
||||
key.set_pubkey_owner(origin)
|
||||
|
||||
#Insert DNSKEY RR
|
||||
zone.push_rr(pubkey)
|
||||
|
||||
# Sign zone
|
||||
#-------------------------------------------------------------
|
||||
|
||||
#Create keylist and push private key
|
||||
keys = ldns.ldns_key_list()
|
||||
keys.push_key(key)
|
||||
|
||||
#Add SOA
|
||||
signed_zone = ldns.ldns_dnssec_zone()
|
||||
signed_zone.add_rr(soa)
|
||||
|
||||
#Add RRs
|
||||
for rr in zone.rrs().rrs():
|
||||
print("RR:", str(rr), end=" ")
|
||||
signed_zone.add_rr(rr)
|
||||
|
||||
added_rrs = ldns.ldns_rr_list()
|
||||
status = signed_zone.sign(added_rrs, keys)
|
||||
if (status == ldns.LDNS_STATUS_OK):
|
||||
signed_zone.print_to_file(open("zone_signed.txt","w"))
|
||||
|
843
contrib/python/examples/test_buffer.py
Executable file
843
contrib/python/examples/test_buffer.py
Executable file
@ -0,0 +1,843 @@
|
||||
#!/usr/bin/env python
|
||||
|
||||
#
|
||||
# ldns_buffer testing script.
|
||||
#
|
||||
# Do not use constructs that differ between Python 2 and 3.
|
||||
# Use write on stdout or stderr.
|
||||
#
|
||||
|
||||
|
||||
import ldns
|
||||
import sys
|
||||
import os
|
||||
import inspect
|
||||
|
||||
|
||||
class_name = "ldns_buffer"
|
||||
method_name = None
|
||||
error_detected = False
|
||||
|
||||
|
||||
def set_error():
|
||||
"""
|
||||
Writes an error message and sets error flag.
|
||||
"""
|
||||
global class_name
|
||||
global method_name
|
||||
global error_detected
|
||||
error_detected = True
|
||||
sys.stderr.write("(line %d): malfunctioning method %s.\n" % \
|
||||
(inspect.currentframe().f_back.f_lineno, method_name))
|
||||
|
||||
|
||||
# Buffer creation.
|
||||
capacity = 1024
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.__init__()"
|
||||
try:
|
||||
buf = ldns.ldns_buffer(1024)
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.__str__()"
|
||||
buf.printf("abcedf")
|
||||
try:
|
||||
string = buf.__str__()
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(string, str):
|
||||
# Should be string.
|
||||
set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.at()"
|
||||
try:
|
||||
ret = buf.at(512)
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
# Must raise TypeError.
|
||||
ret = buf.at("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.available()"
|
||||
try:
|
||||
ret = buf.available(capacity)
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, bool):
|
||||
# Should be bool.
|
||||
set_error()
|
||||
if not buf.available(capacity):
|
||||
# Should return True.
|
||||
set_error()
|
||||
if buf.available(capacity + 1):
|
||||
# Should return False.
|
||||
set_error()
|
||||
try:
|
||||
# Must raise TypeError.
|
||||
ret = buf.available("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
# try:
|
||||
# # Must raise ValueError.
|
||||
# ret = buf.available("")
|
||||
# set_error()
|
||||
# except ValueError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.available_at()"
|
||||
try:
|
||||
ret = buf.available_at(512, capacity - 512)
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, bool):
|
||||
# Should be bool.
|
||||
set_error()
|
||||
if not buf.available_at(512, capacity - 512):
|
||||
# Should return True.
|
||||
set_error()
|
||||
if buf.available_at(512, capacity - 512 + 1):
|
||||
# Should return False.
|
||||
set_error()
|
||||
try:
|
||||
# Must raise TypeError.
|
||||
ret = buf.available_at("", 1)
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
# Must raise TypeError.
|
||||
ret = buf.available_at(1, "")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
# try:
|
||||
# # Must raise ValueError.
|
||||
# ret = buf.available_at(-1, 512)
|
||||
# set_error()
|
||||
# except ValueError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
# try:
|
||||
# # Must raise ValueError.
|
||||
# ret = buf.available_at(512, -1)
|
||||
# set_error()
|
||||
# except ValueError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.begin()"
|
||||
try:
|
||||
ret = buf.begin()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.capacity()"
|
||||
try:
|
||||
ret = buf.capacity()
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, int):
|
||||
# Should be int.
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.clear()"
|
||||
try:
|
||||
buf.clear()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.copy()"
|
||||
sys.stderr.write("%s not tested.\n" % (method_name))
|
||||
# buf2 = ldns.ldns_buffer(10)
|
||||
# buf2.printf("abcdef")
|
||||
# try:
|
||||
# buf.copy(buf2)
|
||||
# print buf.capacity()
|
||||
# print buf2.capacity()
|
||||
# except:
|
||||
# set_error()
|
||||
# buf.printf("2")
|
||||
# print buf
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.current()"
|
||||
try:
|
||||
ret = buf.current()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.end()"
|
||||
try:
|
||||
ret = buf.end()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.export()"
|
||||
sys.stderr.write("%s not tested.\n" % (method_name))
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
mehod_name = "ldns_buffer.flip()"
|
||||
buf.printf("abcdef")
|
||||
try:
|
||||
buf.flip()
|
||||
except:
|
||||
set_error()
|
||||
# if buf.remaining() != capacity:
|
||||
# # Should be at beginning.
|
||||
# set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.getc()"
|
||||
buf.printf("a")
|
||||
buf.rewind()
|
||||
try:
|
||||
ret = buf.getc()
|
||||
except:
|
||||
set_error()
|
||||
if ret != ord("a"):
|
||||
set_error()
|
||||
# Test return value for -1
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.invariant()"
|
||||
try:
|
||||
buf.invariant()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.limit()"
|
||||
try:
|
||||
ret = buf.limit()
|
||||
except:
|
||||
set_error()
|
||||
if ret != capacity:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.position()"
|
||||
try:
|
||||
ret = buf.position()
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.printf()"
|
||||
try:
|
||||
ret = buf.printf("abcdef")
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
try:
|
||||
ret = buf.printf(10)
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.read()"
|
||||
sys.stderr.write("%s not tested.\n" % (method_name))
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.read_at()"
|
||||
sys.stderr.write("%s not tested.\n" % (method_name))
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.read_u16()"
|
||||
buf.printf("aac")
|
||||
buf.rewind()
|
||||
try:
|
||||
ret = buf.read_u16()
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
if ret != (ord("a") * 0x0101):
|
||||
set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.read_u16_at()"
|
||||
buf.printf("abbc")
|
||||
try:
|
||||
ret = buf.read_u16_at(1)
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
if ret != (ord("b") * 0x0101):
|
||||
set_error()
|
||||
try:
|
||||
ret = buf.read_u16_at("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
# try:
|
||||
# ret = buf.read_u16_at(-1)
|
||||
# set_error()
|
||||
# except ValueError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.read_u32()"
|
||||
buf.printf("aaaac")
|
||||
buf.rewind()
|
||||
try:
|
||||
ret = buf.read_u32()
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
if ret != (ord("a") * 0x01010101):
|
||||
set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.read_u32_at()"
|
||||
buf.printf("abbbbc")
|
||||
try:
|
||||
ret = buf.read_u32_at(1)
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
if ret != (ord("b") * 0x01010101):
|
||||
set_error()
|
||||
try:
|
||||
ret = buf.read_u32_at("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
# try:
|
||||
# ret = buf.read_u32_at(-1)
|
||||
# set_error()
|
||||
# except ValueError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.read_u8()"
|
||||
buf.printf("ac")
|
||||
buf.rewind()
|
||||
try:
|
||||
ret = buf.read_u8()
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
if ret != ord("a"):
|
||||
set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.read_u8_at()"
|
||||
buf.printf("abc")
|
||||
try:
|
||||
ret = buf.read_u8_at(1)
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
if ret != ord("b"):
|
||||
set_error()
|
||||
try:
|
||||
ret = buf.read_u8_at("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
# try:
|
||||
# ret = buf.read_u8_at(-1)
|
||||
# set_error()
|
||||
# except ValueError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.remaining()"
|
||||
buf.printf("abcdef")
|
||||
try:
|
||||
ret = buf.remaining()
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
if ret != (capacity - 6):
|
||||
set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.remaining_at()"
|
||||
buf.printf("abcdef")
|
||||
try:
|
||||
ret = buf.remaining_at(1)
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
if ret != (capacity - 1):
|
||||
set_error()
|
||||
try:
|
||||
ret = buf.remaining_at("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
# try:
|
||||
# ret = buf.remaining_at(-1)
|
||||
# set_error()
|
||||
# except ValueError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.reserve()"
|
||||
buf2 = ldns.ldns_buffer(512)
|
||||
try:
|
||||
ret = buf2.reserve(1024)
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
try:
|
||||
ret = buf2.reserve("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
# try:
|
||||
# ret = buf2.reserve(-1)
|
||||
# set_error()
|
||||
# except ValueError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.rewind()"
|
||||
buf.printf("abcdef")
|
||||
try:
|
||||
buf.rewind()
|
||||
except:
|
||||
set_error()
|
||||
if buf.position() != 0:
|
||||
set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.set_capacity()"
|
||||
try:
|
||||
ret = buf.set_capacity(capacity)
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
try:
|
||||
ret = buf.set_capacity("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
# try:
|
||||
# ret = buf.set_capacity(-1)
|
||||
# set_error()
|
||||
# except ValueError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.set_limit()"
|
||||
try:
|
||||
buf.set_limit(0)
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
buf.set_limit("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
# try:
|
||||
# buf.set_limit(-1)
|
||||
# set_error()
|
||||
# except ValueError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.set_position()"
|
||||
try:
|
||||
buf.set_position(0)
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
buf.set_position("")
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
# try:
|
||||
# buf.set_position(-1)
|
||||
# except ValueError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.skip()"
|
||||
try:
|
||||
buf.skip(10)
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
buf.skip(-1)
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
buf.skip("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.status()"
|
||||
try:
|
||||
ret = buf.status()
|
||||
except:
|
||||
set_error()
|
||||
# Returned status is an integer.
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.status_ok()"
|
||||
try:
|
||||
ret = buf.status_ok()
|
||||
except:
|
||||
set_error()
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.write()"
|
||||
sys.stderr.write("%s not tested.\n" % (method_name))
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.write_at()"
|
||||
sys.stderr.write("%s not tested.\n" % (method_name))
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.write_string()"
|
||||
try:
|
||||
buf.write_string("abcdef")
|
||||
except:
|
||||
set_error()
|
||||
# try:
|
||||
# buf.write_sring(-1)
|
||||
# set_error()
|
||||
# except TypeError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
sys.stderr.write("%s not tested for parameter correctness.\n" % \
|
||||
(method_name))
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.write_string_at()"
|
||||
sys.stderr.write("%s not tested.\n" % (method_name))
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.write_u16()"
|
||||
try:
|
||||
buf.write_u16(ord("b") * 0x0101)
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
buf.write_u16("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.write_u16_at()"
|
||||
buf.printf("a")
|
||||
try:
|
||||
buf.write_u16_at(1, ord("b") * 0x0101)
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
buf.write_u16_at("", ord("b") * 0x0101)
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
# try:
|
||||
# buf.write_u16_at(-1, ord("b") * 0x0101)
|
||||
# set_error()
|
||||
# except ValueError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
try:
|
||||
buf.write_u16_at(1, "")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.write_u32()"
|
||||
try:
|
||||
buf.write_u32(ord("b") * 0x01010101)
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
buf.write_u32("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.write_u32_at()"
|
||||
buf.printf("a")
|
||||
try:
|
||||
buf.write_u32_at(1, ord("b") * 0x01010101)
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
buf.write_u32_at("", ord("b") * 0x01010101)
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
# try:
|
||||
# buf.write_u32_at(-1, ord("b") * 0x01010101)
|
||||
# set_error()
|
||||
# except ValueError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
try:
|
||||
buf.write_u32_at(1, "")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.write_u8()"
|
||||
try:
|
||||
buf.write_u8(ord("b"))
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
buf.write_u8("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
buf.clear()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_buffer.write_u8_at()"
|
||||
buf.printf("a")
|
||||
try:
|
||||
buf.write_u8_at(1, ord("b"))
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
buf.write_u8_at("", ord("b"))
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
# try:
|
||||
# buf.write_u8_at(-1, ord("b"))
|
||||
# set_error()
|
||||
# except ValueError:
|
||||
# pass
|
||||
# except:
|
||||
# set_error()
|
||||
try:
|
||||
buf.write_u8_at(1, "")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
if not error_detected:
|
||||
sys.stdout.write("%s: passed.\n" % (os.path.basename(__file__)))
|
||||
else:
|
||||
sys.stdout.write("%s: errors detected.\n" % (os.path.basename(__file__)))
|
||||
sys.exit(1)
|
474
contrib/python/examples/test_dname.py
Executable file
474
contrib/python/examples/test_dname.py
Executable file
@ -0,0 +1,474 @@
|
||||
#!/usr/bin/env python
|
||||
|
||||
#
|
||||
# ldns_dname testing script.
|
||||
#
|
||||
# Do not use constructs that differ between Python 2 and 3.
|
||||
# Use write on stdout or stderr.
|
||||
#
|
||||
|
||||
|
||||
import ldns
|
||||
import sys
|
||||
import os
|
||||
import inspect
|
||||
|
||||
|
||||
class_name = "ldns_dname"
|
||||
method_name = None
|
||||
error_detected = False
|
||||
temp_fname = "tmp_dname.txt"
|
||||
|
||||
|
||||
def set_error():
|
||||
"""
|
||||
Writes an error message and sets error flag.
|
||||
"""
|
||||
global class_name
|
||||
global method_name
|
||||
global error_detected
|
||||
error_detected = True
|
||||
sys.stderr.write("(line %d): malfunctioning method %s.\n" % \
|
||||
(inspect.currentframe().f_back.f_lineno, method_name))
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".__init__()"
|
||||
rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "test.nic.cz.")
|
||||
rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "217.31.205.50")
|
||||
try:
|
||||
dname = ldns.ldns_dname("www.nic.cz.")
|
||||
if not isinstance(dname, ldns.ldns_dname):
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
#
|
||||
# Error when printing a dname wich was created fron an empty string.
|
||||
# Must find out why.
|
||||
#
|
||||
try:
|
||||
dname = ldns.ldns_dname(rdf1)
|
||||
if not isinstance(dname, ldns.ldns_dname):
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
# Test whether rdf1 and dname independent.
|
||||
dname.cat(dname)
|
||||
if dname.__str__() == rdf1.__str__():
|
||||
set_error()
|
||||
# Test whether rdf1 and dname are dependent.
|
||||
dname = ldns.ldns_dname(rdf1, clone=False)
|
||||
dname.cat(dname)
|
||||
if dname.__str__() != rdf1.__str__():
|
||||
set_error()
|
||||
# Test whether constructs from non-dname rdfs.
|
||||
try:
|
||||
dname = ldns.ldns_dname(rdf2)
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
dname = ldns.ldns_dname(1)
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".[comparison operators]"
|
||||
dn1 = ldns.ldns_dname("a.test")
|
||||
dn2 = ldns.ldns_dname("b.test")
|
||||
try:
|
||||
ret = dn1 < dn2
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn2 < dn1
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn1 <= dn2
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn2 <= dn1
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn1 == dn2
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn1 == dn1
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn1 != dn2
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn1 != dn1
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn1 > dn2
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn2 > dn1
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn1 >= dn2
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn2 >= dn1
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".absolute()"
|
||||
dname = ldns.ldns_dname("www.nic.cz.")
|
||||
try:
|
||||
ret = dname.absolute()
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".cat()"
|
||||
rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "test.nic.cz.")
|
||||
rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "217.31.205.50")
|
||||
dname = ldns.ldns_dname("www.nic.cz.")
|
||||
try:
|
||||
ret = dname.cat(dname)
|
||||
if ret != ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
if dname.__str__() != "www.nic.cz.www.nic.cz.":
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dname.cat(rdf1)
|
||||
if ret != ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
if dname.__str__() != "www.nic.cz.www.nic.cz.test.nic.cz.":
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dname.cat(rdf2)
|
||||
if ret == ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dname.cat("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".cat_clone()"
|
||||
rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "test.nic.cz.")
|
||||
rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "217.31.205.50")
|
||||
dname = ldns.ldns_dname("www.nic.cz.")
|
||||
try:
|
||||
ret = dname.cat_clone(dname)
|
||||
if not isinstance(ret, ldns.ldns_dname):
|
||||
set_error()
|
||||
if ret.__str__() != "www.nic.cz.www.nic.cz.":
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dname.cat_clone(rdf1)
|
||||
if not isinstance(ret, ldns.ldns_dname):
|
||||
set_error()
|
||||
if ret.__str__() != "www.nic.cz.test.nic.cz.":
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dname.cat_clone(rdf2)
|
||||
if ret != None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dname.cat_clone("")
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".interval()"
|
||||
dn1 = ldns.ldns_dname("a.ns.nic.cz.")
|
||||
dn2 = ldns.ldns_dname("b.ns.nic.cz.")
|
||||
dn3 = ldns.ldns_dname("c.ns.nic.cz.")
|
||||
try:
|
||||
ret = dn1.interval(dn2, dn3)
|
||||
if ret != -1:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn2.interval(dn1, dn3)
|
||||
if ret != 1:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
rdf4 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "d.ns.nic.cz.")
|
||||
rdf5 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "194.0.12.1")
|
||||
try:
|
||||
ret = dn1.interval(dn2, rdf4)
|
||||
if ret != -1:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn2.interval(dn1, rdf4)
|
||||
if ret != 1:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn1.interval(dn2, rdf5)
|
||||
set_error()
|
||||
except Exception:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn1.interval(dn2, "")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".is_subdomain()"
|
||||
dn1 = ldns.ldns_dname("nic.cz.")
|
||||
dn2 = ldns.ldns_dname("www.nic.cz.")
|
||||
rdf3 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
try:
|
||||
ret = dn1.is_subdomain(dn2)
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret == True:
|
||||
set_error()
|
||||
ret = dn2.is_subdomain(dn1)
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn1.is_subdomain(rdf3)
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret == True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
rdf4 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "194.0.12.1")
|
||||
try:
|
||||
ret = dn1.is_subdomain(rdf4)
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn1.is_subdomain("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".label()"
|
||||
dn = ldns.ldns_dname("nic.cz.")
|
||||
try:
|
||||
ret = dn.label(0)
|
||||
if not isinstance(ret, ldns.ldns_dname):
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn.label(10)
|
||||
if ret != None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn.label("")
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".label_count()"
|
||||
dn = ldns.ldns_dname("www.nic.cz.")
|
||||
try:
|
||||
ret = dn.label_count()
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
if ret != 3:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".left_chop()"
|
||||
dn = ldns.ldns_dname("www.nic.cz.")
|
||||
try:
|
||||
ret = dn.left_chop()
|
||||
if not isinstance(ret, ldns.ldns_dname):
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".make_canonical()"
|
||||
dn = ldns.ldns_dname("WWW.NIC.CZ.")
|
||||
try:
|
||||
dn.make_canonical()
|
||||
if dn.__str__() != "www.nic.cz.":
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".new_frm_rdf()"
|
||||
# Tested via constructor call.
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".new_frm_str()"
|
||||
# Tested via constructor call.
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".reverse()"
|
||||
dn = ldns.ldns_dname("www.nic.cz.")
|
||||
try:
|
||||
ret = dn.reverse()
|
||||
if not isinstance(ret, ldns.ldns_dname):
|
||||
set_error()
|
||||
if ret.__str__() != "cz.nic.www.":
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".write_to_buffer()"
|
||||
dn = ldns.ldns_dname("www.nic.cz.")
|
||||
buf = ldns.ldns_buffer(1024)
|
||||
try:
|
||||
ret = dn.write_to_buffer(buf)
|
||||
if ret != ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
if buf.position() != 12:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = dn.write_to_buffer("")
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
if not error_detected:
|
||||
sys.stdout.write("%s: passed.\n" % (os.path.basename(__file__)))
|
||||
else:
|
||||
sys.stdout.write("%s: errors detected.\n" % (os.path.basename(__file__)))
|
||||
sys.exit(1)
|
805
contrib/python/examples/test_rdf.py
Executable file
805
contrib/python/examples/test_rdf.py
Executable file
@ -0,0 +1,805 @@
|
||||
#!/usr/bin/env python
|
||||
|
||||
#
|
||||
# ldns_rdf testing script.
|
||||
#
|
||||
# Do not use constructs that differ between Python 2 and 3.
|
||||
# Use write on stdout or stderr.
|
||||
#
|
||||
|
||||
|
||||
import ldns
|
||||
import sys
|
||||
import os
|
||||
import inspect
|
||||
|
||||
|
||||
class_name = "ldns_rdf"
|
||||
method_name = None
|
||||
error_detected = False
|
||||
temp_fname = "tmp_rdf.txt"
|
||||
|
||||
|
||||
def set_error():
|
||||
"""
|
||||
Writes an error message and sets error flag.
|
||||
"""
|
||||
global class_name
|
||||
global method_name
|
||||
global error_detected
|
||||
error_detected = True
|
||||
sys.stderr.write("(line %d): malfunctioning method %s.\n" % \
|
||||
(inspect.currentframe().f_back.f_lineno, method_name))
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".__init__()"
|
||||
try:
|
||||
# Should raise an Exception
|
||||
rdf = ldns.ldns_rdf()
|
||||
set_error()
|
||||
except Exception as e:
|
||||
pass
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = class_name + ".[comparison operators]"
|
||||
rdf1 = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A)
|
||||
rdf2 = ldns.ldns_rdf.new_frm_str("1.1.1.1", ldns.LDNS_RDF_TYPE_A)
|
||||
try:
|
||||
ret = rdf1 < rdf2
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf2 < rdf1
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf1 <= rdf2
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf2 <= rdf1
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf1 == rdf2
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf1 == rdf1
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf1 != rdf2
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf1 != rdf1
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf1 > rdf2
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf2 > rdf1
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf1 >= rdf2
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf2 >= rdf1
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf_new()"
|
||||
sys.stderr.write("%s not tested.\n" % (method_name))
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf_new_frm_data()"
|
||||
sys.stderr.write("%s not tested.\n" % (method_name))
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf_new_frm_str()"
|
||||
try:
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz")
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
rdf = ldns.ldns_rdf_new_frm_str("", "www.nic.cz")
|
||||
et_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, 1)
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf_new_frm_fp()"
|
||||
f = open(temp_fname, "w")
|
||||
f.write("217.31.205.50")
|
||||
f.close()
|
||||
f = open(temp_fname, "r")
|
||||
try:
|
||||
status, rdf = ldns.ldns_rdf_new_frm_fp(ldns.LDNS_RDF_TYPE_A, f)
|
||||
if status != ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
if rdf == None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
# Reading past file end.
|
||||
status, rdf = ldns.ldns_rdf_new_frm_fp(ldns.LDNS_RDF_TYPE_AAAA, f)
|
||||
if status == ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
if rdf != None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
f.close()
|
||||
f = open(temp_fname, "r")
|
||||
try:
|
||||
status, rdf = ldns.ldns_rdf_new_frm_fp(ldns.LDNS_RDF_TYPE_AAAA, f)
|
||||
if status != ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
if rdf != None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
f.close()
|
||||
os.remove(temp_fname)
|
||||
try:
|
||||
status, rdf = ldns.ldns_rdf_new_frm_fp("", f)
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
status, rdf = ldns.ldns_rdf_new_frm_fp(ldns.LDNS_RDF_TYPE_AAAA, "")
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf_new_frm_fp_l()"
|
||||
f = open(temp_fname, "w")
|
||||
f.write("217.31.205.50\n194.0.12.1")
|
||||
f.close()
|
||||
f = open(temp_fname, "r")
|
||||
try:
|
||||
status, rdf, line = ldns.ldns_rdf_new_frm_fp_l(ldns.LDNS_RDF_TYPE_A, f)
|
||||
if status != ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
if rdf == None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
status, rdf, line = ldns.ldns_rdf_new_frm_fp_l(ldns.LDNS_RDF_TYPE_A, f)
|
||||
if status != ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
if rdf == None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
# Reading past file end.
|
||||
status, rdf, line = ldns.ldns_rdf_new_frm_fp_l(ldns.LDNS_RDF_TYPE_A, f)
|
||||
if status == ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
if rdf != None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
f.close()
|
||||
os.remove(temp_fname)
|
||||
try:
|
||||
status, rdf = ldns.ldns_rdf_new_frm_fp_l("", f)
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
status, rdf = ldns.ldns_rdf_new_frm_fp_l(ldns.LDNS_RDF_TYPE_AAAA, "")
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_drf.absolute()"
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
try:
|
||||
ret = rdf.absolute()
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if not ret:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.address_reverse()"
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "194.0.12.1")
|
||||
try:
|
||||
ret = rdf.address_reverse()
|
||||
if ret == None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_AAAA, "::1")
|
||||
try:
|
||||
ret = rdf.address_reverse()
|
||||
if ret == None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
try:
|
||||
ret = rdf.address_reverse()
|
||||
if ret != None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.cat()"
|
||||
rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic")
|
||||
rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "cz.")
|
||||
try:
|
||||
ret = rdf1.cat(rdf2)
|
||||
if ret != ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.")
|
||||
rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1")
|
||||
try:
|
||||
ret = rdf1.cat(rdf2)
|
||||
if ret == ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf2.cat(rdf1)
|
||||
if ret == ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf2.cat("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.cat_clone()"
|
||||
rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic")
|
||||
rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "cz.")
|
||||
try:
|
||||
ret = rdf1.cat_clone(rdf2)
|
||||
if ret == None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.")
|
||||
rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1")
|
||||
try:
|
||||
ret = rdf1.cat_clone(rdf2)
|
||||
if ret != None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf2.cat_clone(rdf1)
|
||||
if ret != None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf2.cat_clone("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.clone()"
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
try:
|
||||
ret = rdf.clone()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.data()"
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
try:
|
||||
ret = rdf.data()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.dname_compare()"
|
||||
rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "nic.cz.")
|
||||
try:
|
||||
ret = rdf1.dname_compare(rdf2)
|
||||
if ret != 1:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf2.dname_compare(rdf1)
|
||||
if ret != -1:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf1.dname_compare(rdf1)
|
||||
if ret != 0:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1")
|
||||
try:
|
||||
ret = rdf1.dname_compare(rdf2)
|
||||
set_error()
|
||||
except Exception:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.dname_new_frm_str()"
|
||||
try:
|
||||
rdf = ldns.ldns_rdf.dname_new_frm_str("www.nic.cz.")
|
||||
if rdf == None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
rdf = ldns.ldns_rdf.dname_new_frm_str("")
|
||||
if rdf != None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
rdf = ldns.ldns_rdf.dname_new_frm_str(1)
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.get_type()"
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
try:
|
||||
ret = rdf.get_type()
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
if ret != ldns.LDNS_RDF_TYPE_DNAME:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.get_type_str()"
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
try:
|
||||
ret = rdf.get_type_str()
|
||||
if not isinstance(ret, str):
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.interval()"
|
||||
rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "a.ns.nic.cz.")
|
||||
rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "b.ns.nic.cz.")
|
||||
rdf3 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "c.ns.nic.cz.")
|
||||
try:
|
||||
ret = rdf1.interval(rdf2, rdf3)
|
||||
if ret != -1:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf2.interval(rdf1, rdf3)
|
||||
if ret != 1:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "194.0.12.1")
|
||||
rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "b.ns.nic.cz.")
|
||||
rdf3 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "c.ns.nic.cz.")
|
||||
try:
|
||||
ret = rdf1.interval(rdf2, rdf3)
|
||||
set_error()
|
||||
except Exception:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf2.interval("", rdf3)
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.is_subdomain()"
|
||||
rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "nic.cz.")
|
||||
rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
try:
|
||||
ret = rdf1.is_subdomain(rdf2)
|
||||
if not isinstance(ret, bool):
|
||||
set_error()
|
||||
if ret == True:
|
||||
set_error()
|
||||
ret = rdf2.is_subdomain(rdf1)
|
||||
if ret != True:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "194.0.12.1")
|
||||
rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
try:
|
||||
ret = rdf1.is_subdomain(rdf2)
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf2.is_subdomain(rdf1)
|
||||
if ret != False:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf2.is_subdomain("")
|
||||
set_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.label()"
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
try:
|
||||
ret = rdf.label(0)
|
||||
if not isinstance(ret, ldns.ldns_rdf):
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf.label(10)
|
||||
if ret != None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf.label("")
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1")
|
||||
try:
|
||||
ret = rdf.label(0)
|
||||
if ret != None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.label_count()"
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
try:
|
||||
ret = rdf.label_count()
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
if ret != 3:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1")
|
||||
try:
|
||||
ret = rdf.label_count()
|
||||
if not isinstance(ret, int):
|
||||
set_error()
|
||||
if ret != 0:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.left_chop()"
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
try:
|
||||
ret = rdf.left_chop()
|
||||
if not isinstance(ret, ldns.ldns_rdf):
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1")
|
||||
try:
|
||||
ret = rdf.left_chop()
|
||||
if ret != None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.make_canonical()"
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "WWW.NIC.CZ.")
|
||||
try:
|
||||
rdf.make_canonical()
|
||||
if rdf.__str__() != "www.nic.cz.":
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1")
|
||||
try:
|
||||
rdf.make_canonical()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.new_frm_str()"
|
||||
try:
|
||||
rdf = ldns.ldns_rdf.new_frm_str("www.nic.cz.", ldns.LDNS_RDF_TYPE_DNAME)
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
rdf = ldns.ldns_rdf.new_frm_str("www.nic.cz.", ldns.LDNS_RDF_TYPE_AAAA)
|
||||
set_error()
|
||||
except Exception:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
rdf = ldns.ldns_rdf.new_frm_str("www.nic.cz.", ldns.LDNS_RDF_TYPE_AAAA, raiseException = False)
|
||||
if rdf != None:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
rdf = ldns.ldns_rdf.new_frm_str("", "www.nic.cz")
|
||||
et_error()
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
rdf = ldns.ldns_rdf.new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, 1)
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1")
|
||||
f = open(temp_fname, "w")
|
||||
try:
|
||||
rdf.print_to_file(f)
|
||||
except:
|
||||
set_error()
|
||||
f.close()
|
||||
f = open(temp_fname, "r")
|
||||
if f.read() != "127.0.0.1":
|
||||
set_error()
|
||||
f.close()
|
||||
os.remove(temp_fname)
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
try:
|
||||
ret = rdf.reverse()
|
||||
if not isinstance(ret, ldns.ldns_rdf):
|
||||
set_error()
|
||||
if ret.__str__() != "cz.nic.www.":
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1")
|
||||
try:
|
||||
ret = rdf.reverse()
|
||||
if not isinstance(ret, ldns.ldns_rdf):
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.set_data()"
|
||||
sys.stderr.write("%s not tested.\n" % (method_name))
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.set_size()"
|
||||
sys.stderr.write("%s not tested.\n" % (method_name))
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.set_type()"
|
||||
sys.stderr.write("%s not tested.\n" % (method_name))
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.size()"
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
try:
|
||||
ret = rdf.size()
|
||||
if ret != 12:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.write_to_buffer()"
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.")
|
||||
buf = ldns.ldns_buffer(1024)
|
||||
try:
|
||||
ret = rdf.write_to_buffer(buf)
|
||||
if ret != ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
if buf.position() != 12:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf.write_to_buffer("")
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
#if not error_detected:
|
||||
if True:
|
||||
method_name = "ldns_rdf.write_to_buffer_canonical()"
|
||||
rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "WWW.NIC.CZ.")
|
||||
buf = ldns.ldns_buffer(1024)
|
||||
try:
|
||||
ret = rdf.write_to_buffer_canonical(buf)
|
||||
if ret != ldns.LDNS_STATUS_OK:
|
||||
set_error()
|
||||
if buf.position() != 12:
|
||||
set_error()
|
||||
except:
|
||||
set_error()
|
||||
try:
|
||||
ret = rdf.write_to_buffer_canonical("")
|
||||
except TypeError:
|
||||
pass
|
||||
except:
|
||||
set_error()
|
||||
|
||||
|
||||
if not error_detected:
|
||||
sys.stdout.write("%s: passed.\n" % (os.path.basename(__file__)))
|
||||
else:
|
||||
sys.stdout.write("%s: errors detected.\n" % (os.path.basename(__file__)))
|
||||
sys.exit(1)
|
2383
contrib/python/examples/test_rr.py
Normal file
2383
contrib/python/examples/test_rr.py
Normal file
File diff suppressed because it is too large
Load Diff
@ -103,7 +103,8 @@ dispose_file(FILE **fp) {
|
||||
|
||||
%typemap(check, noblock = 1) FILE* {
|
||||
if ($1 == NULL) {
|
||||
SWIG_exception_fail(SWIG_ValueError, "in method '" "$symname" "', argument "
|
||||
/* The generated wrapper function raises TypeError on mismatching types. */
|
||||
SWIG_exception_fail(SWIG_TypeError, "in method '" "$symname" "', argument "
|
||||
"$argnum"" of type '" "$type""'");
|
||||
}
|
||||
}
|
||||
|
@ -78,6 +78,36 @@
|
||||
#endif
|
||||
%include "typemaps.i"
|
||||
|
||||
|
||||
/* ========================================================================= */
|
||||
/* Preliminary Python code. */
|
||||
/* ========================================================================= */
|
||||
|
||||
%pythoncode
|
||||
%{
|
||||
#
|
||||
# Use and don't ignore DeprecationWarning and
|
||||
# PendingDeprecationWarning.
|
||||
#
|
||||
import warnings
|
||||
warnings.filterwarnings("module", category=DeprecationWarning)
|
||||
warnings.filterwarnings("module", category=PendingDeprecationWarning)
|
||||
%}
|
||||
|
||||
|
||||
/* Tell SWIG how to handle ssize_t as input parameter. */
|
||||
%typemap(in, noblock=1) (ssize_t)
|
||||
{
|
||||
int $1_res = 0;
|
||||
$1_res = SWIG_AsVal_long($input, &$1);
|
||||
if (!SWIG_IsOK($1_res)) {
|
||||
SWIG_exception_fail(SWIG_ArgError($1_res), "in method '"
|
||||
"$symname" "', argument " "$argnum" " of type '"
|
||||
"$type""'");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
%inline %{
|
||||
struct timeval* ldns_make_timeval(uint32_t sec, uint32_t usec)
|
||||
{
|
||||
@ -97,8 +127,9 @@ uint32_t ldns_read_timeval_usec(struct timeval* t) {
|
||||
%immutable ldns_error_str;
|
||||
%immutable ldns_signing_algorithms;
|
||||
|
||||
//new_frm_fp_l
|
||||
%apply int *OUTPUT { int *line_nr};
|
||||
//*_new_frm_fp_l
|
||||
%apply int *OUTPUT { (int *line_nr) };
|
||||
|
||||
%apply uint32_t *OUTPUT { uint32_t *default_ttl};
|
||||
|
||||
// wire2pkt
|
||||
@ -192,8 +223,53 @@ typedef struct ldns_dnssec_zone { };
|
||||
return tuple;
|
||||
}
|
||||
|
||||
PyObject* ldns_rr_new_frm_fp_(FILE *fp, uint32_t default_ttl, ldns_rdf* origin, ldns_rdf* prev)
|
||||
//returns tuple (status, ldns_rr, ttl, origin, prev)
|
||||
{
|
||||
uint32_t defttl = default_ttl;
|
||||
uint32_t *p_defttl = &defttl;
|
||||
if (defttl == 0) p_defttl = 0;
|
||||
|
||||
/* origin and prev have to be cloned in order to decouple the data
|
||||
* from the python wrapper
|
||||
*/
|
||||
if (origin != NULL)
|
||||
origin = ldns_rdf_clone(origin);
|
||||
if (prev != NULL)
|
||||
prev = ldns_rdf_clone(prev);
|
||||
|
||||
ldns_rdf *p_origin = origin;
|
||||
ldns_rdf **pp_origin = &p_origin;
|
||||
//if (p_origin == 0) pp_origin = 0;
|
||||
|
||||
ldns_rdf *p_prev = prev;
|
||||
ldns_rdf **pp_prev = &p_prev;
|
||||
//if (p_prev == 0) pp_prev = 0;
|
||||
|
||||
ldns_rr *p_rr = 0;
|
||||
ldns_rr **pp_rr = &p_rr;
|
||||
|
||||
ldns_status st = ldns_rr_new_frm_fp(pp_rr, fp, p_defttl, pp_origin, pp_prev);
|
||||
|
||||
PyObject* tuple;
|
||||
tuple = PyTuple_New(5);
|
||||
int idx = 0;
|
||||
PyTuple_SetItem(tuple, idx, SWIG_From_int(st));
|
||||
idx++;
|
||||
PyTuple_SetItem(tuple, idx, (st == LDNS_STATUS_OK) ?
|
||||
SWIG_NewPointerObj(SWIG_as_voidptr(p_rr), SWIGTYPE_p_ldns_struct_rr, SWIG_POINTER_OWN | 0 ) :
|
||||
(Py_INCREF(Py_None), Py_None));
|
||||
idx++;
|
||||
PyTuple_SetItem(tuple, idx, SWIG_From_int(defttl));
|
||||
idx++;
|
||||
PyTuple_SetItem(tuple, idx, SWIG_NewPointerObj(SWIG_as_voidptr(p_origin), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 ));
|
||||
idx++;
|
||||
PyTuple_SetItem(tuple, idx, SWIG_NewPointerObj(SWIG_as_voidptr(p_prev), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 ));
|
||||
return tuple;
|
||||
}
|
||||
|
||||
PyObject* ldns_rr_new_frm_fp_l_(FILE *fp, uint32_t default_ttl, ldns_rdf* origin, ldns_rdf* prev)
|
||||
//returns tuple (status, ldns_rr, [line if ret_linenr], ttl, origin, prev)
|
||||
//returns tuple (status, ldns_rr, line, ttl, origin, prev)
|
||||
{
|
||||
int linenr = 0;
|
||||
int *p_linenr = &linenr;
|
||||
|
@ -14,8 +14,8 @@
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* * Neither the name of the organization nor the names of its
|
||||
* contributors may be used to endorse or promote products derived from this
|
||||
* software without specific prior written permission.
|
||||
* contributors may be used to endorse or promote products derived from
|
||||
* this software without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
||||
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
@ -28,46 +28,43 @@
|
||||
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
******************************************************************************/
|
||||
*****************************************************************************/
|
||||
|
||||
%typemap(in,numinputs=0,noblock=1) (ldns_buffer **)
|
||||
|
||||
/* ========================================================================= */
|
||||
/* SWIG setting and definitions. */
|
||||
/* ========================================================================= */
|
||||
|
||||
/* Creates a temporary instance of (ldns_buffer *). */
|
||||
%typemap(in, numinputs=0, noblock=1) (ldns_buffer **)
|
||||
{
|
||||
ldns_buffer *$1_buf;
|
||||
$1 = &$1_buf;
|
||||
ldns_buffer *$1_buf;
|
||||
$1 = &$1_buf;
|
||||
}
|
||||
|
||||
/* result generation */
|
||||
%typemap(argout,noblock=1) (ldns_buffer **)
|
||||
/* Result generation, appends (ldns_buffer *) after the result. */
|
||||
%typemap(argout, noblock=1) (ldns_buffer **)
|
||||
{
|
||||
$result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_buf), SWIGTYPE_p_ldns_struct_buffer, SWIG_POINTER_OWN | 0 ));
|
||||
$result = SWIG_Python_AppendOutput($result,
|
||||
SWIG_NewPointerObj(SWIG_as_voidptr($1_buf),
|
||||
SWIGTYPE_p_ldns_struct_buffer, SWIG_POINTER_OWN | 0));
|
||||
}
|
||||
|
||||
%nodefaultctor ldns_struct_buffer; //no default constructor & destructor
|
||||
%nodefaultdtor ldns_struct_buffer;
|
||||
|
||||
%delobject ldns_buffer_free;
|
||||
%newobject ldns_buffer_new;
|
||||
%newobject ldns_dname_new;
|
||||
%newobject ldns_dname_new_frm_data;
|
||||
%newobject ldns_dname_label;
|
||||
|
||||
# limit the number of arguments to 2 and
|
||||
# deal with variable number of arguments the Python way
|
||||
/*
|
||||
* Limit the number of arguments to 2 and deal with variable
|
||||
* number of arguments in the Python way.
|
||||
*/
|
||||
%varargs(2, char *arg = NULL) ldns_buffer_printf;
|
||||
|
||||
%rename(ldns_buffer) ldns_struct_buffer;
|
||||
%nodefaultctor ldns_struct_buffer; /* No default constructor. */
|
||||
%nodefaultdtor ldns_struct_buffer; /* No default destructor. */
|
||||
|
||||
#ifdef LDNS_DEBUG
|
||||
%rename(__ldns_buffer_free) ldns_buffer_free;
|
||||
%inline %{
|
||||
void _ldns_buffer_free (ldns_buffer* b) {
|
||||
printf("******** LDNS_BUFFER free 0x%lX ************\n", (long unsigned int)b);
|
||||
ldns_buffer_free(b);
|
||||
}
|
||||
%}
|
||||
#else
|
||||
%rename(_ldns_buffer_free) ldns_buffer_free;
|
||||
#endif
|
||||
%newobject ldns_buffer_new;
|
||||
%newobject ldns_dname_new_frm_data;
|
||||
|
||||
%delobject ldns_buffer_free;
|
||||
|
||||
%rename(ldns_buffer) ldns_struct_buffer;
|
||||
|
||||
%ignore ldns_struct_buffer::_position;
|
||||
%ignore ldns_struct_buffer::_limit;
|
||||
@ -76,301 +73,425 @@ void _ldns_buffer_free (ldns_buffer* b) {
|
||||
%ignore ldns_struct_buffer::_fixed;
|
||||
%ignore ldns_struct_buffer::_status;
|
||||
|
||||
%ignore ldns_buffer_new_frm_data;
|
||||
|
||||
|
||||
/* ========================================================================= */
|
||||
/* Debugging related code. */
|
||||
/* ========================================================================= */
|
||||
|
||||
#ifdef LDNS_DEBUG
|
||||
%rename(__ldns_buffer_free) ldns_buffer_free;
|
||||
%inline
|
||||
%{
|
||||
/*!
|
||||
* @brief Frees the buffer and print a message.
|
||||
*/
|
||||
void _ldns_buffer_free (ldns_buffer* b)
|
||||
{
|
||||
printf("******** LDNS_BUFFER free 0x%lX ************\n",
|
||||
(long unsigned int) b);
|
||||
ldns_buffer_free(b);
|
||||
}
|
||||
%}
|
||||
#else /* !LDNS_DEBUG */
|
||||
%rename(_ldns_buffer_free) ldns_buffer_free;
|
||||
#endif /* LDNS_DEBUG */
|
||||
|
||||
|
||||
/* ========================================================================= */
|
||||
/* Added C code. */
|
||||
/* ========================================================================= */
|
||||
|
||||
/* None. */
|
||||
|
||||
|
||||
/* ========================================================================= */
|
||||
/* Encapsulating Python code. */
|
||||
/* ========================================================================= */
|
||||
|
||||
%feature("docstring") "LDNS buffer."
|
||||
|
||||
%extend ldns_struct_buffer {
|
||||
|
||||
%pythoncode %{
|
||||
%pythoncode
|
||||
%{
|
||||
def __init__(self, capacity):
|
||||
"""Creates a new buffer with the specified capacity.
|
||||
"""
|
||||
Creates a new buffer with the specified capacity.
|
||||
|
||||
:param capacity: the size (in bytes) to allocate for the buffer
|
||||
:param capacity: Number of bytes to allocate for the buffer.
|
||||
:type capacity: integer
|
||||
:throws TypeError: When `capacity` of non-integer type.
|
||||
:return: (:class:`ldns_buffer`)
|
||||
"""
|
||||
self.this = _ldns.ldns_buffer_new(capacity)
|
||||
|
||||
__swig_destroy__ = _ldns._ldns_buffer_free
|
||||
|
||||
def __str__(self):
|
||||
"""Returns the data in the buffer as a string. Buffer data must be char * type."""
|
||||
"""
|
||||
Returns the data in the buffer as a string.
|
||||
Buffer data must be char * type.
|
||||
|
||||
:return: string
|
||||
"""
|
||||
return _ldns.ldns_buffer2str(self)
|
||||
|
||||
def getc(self):
|
||||
"""returns the next character from a buffer.
|
||||
"""
|
||||
Returns the next character from a buffer.
|
||||
|
||||
Advances the position pointer with 1. When end of buffer is reached returns EOF. This is the buffer's equivalent for getc().
|
||||
Advances the position pointer with 1. When end of buffer
|
||||
is reached returns EOF. This is the buffer's equivalent
|
||||
for getc().
|
||||
|
||||
:returns: (int) EOF on failure otherwise return the character
|
||||
:return: (integer) EOF on failure otherwise return
|
||||
the character.
|
||||
"""
|
||||
return _ldns.ldns_bgetc(self)
|
||||
|
||||
#LDNS_BUFFER_METHODS_#
|
||||
def at(self,at):
|
||||
"""returns a pointer to the data at the indicated position.
|
||||
|
||||
:param at:
|
||||
position
|
||||
:returns: (uint8_t \*) the pointer to the data
|
||||
#
|
||||
# LDNS_BUFFER_METHODS_
|
||||
#
|
||||
|
||||
def at(self, at):
|
||||
"""
|
||||
return _ldns.ldns_buffer_at(self,at)
|
||||
#parameters: const ldns_buffer *,size_t,
|
||||
Returns a pointer to the data at the indicated position.
|
||||
|
||||
:param at: position
|
||||
:type at: positive integer
|
||||
:throws TypeError: When `at` of non-integer type.
|
||||
:return: (uint8_t \*) The pointer to the data.
|
||||
"""
|
||||
return _ldns.ldns_buffer_at(self, at)
|
||||
#parameters: const ldns_buffer *, size_t,
|
||||
#retvals: uint8_t *
|
||||
|
||||
def available(self,count):
|
||||
"""checks if the buffer has count bytes available at the current position
|
||||
|
||||
:param count:
|
||||
how much is available
|
||||
:returns: (int) true or false
|
||||
def available(self, count):
|
||||
"""
|
||||
return _ldns.ldns_buffer_available(self,count)
|
||||
#parameters: ldns_buffer *,size_t,
|
||||
Checks whether the buffer has count bytes available at
|
||||
the current position.
|
||||
|
||||
:param count: How much is available.
|
||||
:type count: integer
|
||||
:throws TypeError: When `count` of non-integer type.
|
||||
:return: (bool) True or False.
|
||||
"""
|
||||
return _ldns.ldns_buffer_available(self, count) != 0
|
||||
#parameters: ldns_buffer *, size_t,
|
||||
#retvals: int
|
||||
|
||||
def available_at(self,at,count):
|
||||
"""checks if the buffer has at least COUNT more bytes available.
|
||||
|
||||
Before reading or writing the caller needs to ensure enough space is available!
|
||||
|
||||
:param at:
|
||||
indicated position
|
||||
:param count:
|
||||
how much is available
|
||||
:returns: (int) true or false
|
||||
def available_at(self, at, count):
|
||||
"""
|
||||
return _ldns.ldns_buffer_available_at(self,at,count)
|
||||
Checks if the buffer has at least `count` more bytes available.
|
||||
|
||||
Before reading or writing the caller needs to ensure that
|
||||
enough space is available!
|
||||
|
||||
:param at: Indicated position.
|
||||
:type at: positive integer
|
||||
:param count: How much is available.
|
||||
:type count: positive integer
|
||||
:throws TypeError: When `at` or `count` of non-integer type.
|
||||
:return: (bool) True or False.
|
||||
"""
|
||||
return _ldns.ldns_buffer_available_at(self, at, count) != 0
|
||||
#parameters: ldns_buffer *,size_t,size_t,
|
||||
#retvals: int
|
||||
|
||||
def begin(self):
|
||||
"""returns a pointer to the beginning of the buffer (the data at position 0).
|
||||
"""
|
||||
Returns a pointer to the beginning of the buffer
|
||||
(the data at position 0).
|
||||
|
||||
:returns: (uint8_t \*) the pointer
|
||||
:return: (uint8_t \*) Pointer.
|
||||
"""
|
||||
return _ldns.ldns_buffer_begin(self)
|
||||
#parameters: const ldns_buffer *,
|
||||
#retvals: uint8_t *
|
||||
|
||||
def capacity(self):
|
||||
"""returns the number of bytes the buffer can hold.
|
||||
"""
|
||||
Returns the number of bytes the buffer can hold.
|
||||
|
||||
:returns: (size_t) the number of bytes
|
||||
:return: (size_t) The number of bytes.
|
||||
"""
|
||||
return _ldns.ldns_buffer_capacity(self)
|
||||
#parameters: ldns_buffer *,
|
||||
#retvals: size_t
|
||||
|
||||
def clear(self):
|
||||
"""clears the buffer and make it ready for writing.
|
||||
"""
|
||||
Clears the buffer and make it ready for writing.
|
||||
|
||||
The buffer's limit is set to the capacity and the position is set to 0.
|
||||
The buffer's limit is set to the capacity and the position
|
||||
is set to 0.
|
||||
"""
|
||||
_ldns.ldns_buffer_clear(self)
|
||||
#parameters: ldns_buffer *,
|
||||
#retvals:
|
||||
|
||||
def copy(self,bfrom):
|
||||
"""Copy contents of the other buffer to this buffer.
|
||||
def copy(self, bfrom):
|
||||
"""
|
||||
Copy contents of the other buffer to this buffer.
|
||||
|
||||
Silently truncated if this buffer is too small.
|
||||
|
||||
:param bfrom: other buffer
|
||||
:param bfrom: Source buffer.
|
||||
:type bfrom: :class:`ldns_buffer`
|
||||
:throws TypeError: When `bfrom` of non-:class:`ldns_buffer`
|
||||
type.
|
||||
"""
|
||||
_ldns.ldns_buffer_copy(self,bfrom)
|
||||
#parameters: ldns_buffer *,ldns_buffer *,
|
||||
_ldns.ldns_buffer_copy(self, bfrom)
|
||||
#parameters: ldns_buffer *, ldns_buffer *,
|
||||
#retvals:
|
||||
|
||||
def current(self):
|
||||
"""returns a pointer to the data at the buffer's current position.
|
||||
"""
|
||||
Returns a pointer to the data at the buffer's current position.
|
||||
|
||||
:returns: (uint8_t \*) the pointer
|
||||
:return: (uint8_t \*) A pointer.
|
||||
"""
|
||||
return _ldns.ldns_buffer_current(self)
|
||||
#parameters: ldns_buffer *,
|
||||
#retvals: uint8_t *
|
||||
|
||||
def end(self):
|
||||
"""returns a pointer to the end of the buffer (the data at the buffer's limit).
|
||||
"""
|
||||
Returns a pointer to the end of the buffer (the data
|
||||
at the buffer's limit).
|
||||
|
||||
:returns: (uint8_t \*) the pointer
|
||||
:return: (uint8_t \*) Pointer.
|
||||
"""
|
||||
return _ldns.ldns_buffer_end(self)
|
||||
#parameters: ldns_buffer *,
|
||||
#retvals: uint8_t *
|
||||
|
||||
def export(self):
|
||||
"""Makes the buffer fixed and returns a pointer to the data.
|
||||
"""
|
||||
Makes the buffer fixed and returns a pointer to the data.
|
||||
|
||||
The caller is responsible for free'ing the result.
|
||||
The caller is responsible for freeing the result.
|
||||
|
||||
:returns: (void \*) void
|
||||
:return: (void \*) Void pointer.
|
||||
"""
|
||||
return _ldns.ldns_buffer_export(self)
|
||||
#parameters: ldns_buffer *,
|
||||
#retvals: void *
|
||||
|
||||
def flip(self):
|
||||
"""makes the buffer ready for reading the data that has been written to the buffer.
|
||||
"""
|
||||
Makes the buffer ready for reading the data that has been
|
||||
written to the buffer.
|
||||
|
||||
The buffer's limit is set to the current position and the position is set to 0.
|
||||
The buffer's limit is set to the current position and
|
||||
the position is set to 0.
|
||||
"""
|
||||
_ldns.ldns_buffer_flip(self)
|
||||
#parameters: ldns_buffer *,
|
||||
|
||||
def invariant(self):
|
||||
"""
|
||||
Performs no action.
|
||||
|
||||
In debugging mode this method performs a buffer settings
|
||||
check. It asserts if something is wrong.
|
||||
"""
|
||||
_ldns.ldns_buffer_invariant(self)
|
||||
#parameters: ldns_buffer *,
|
||||
|
||||
def limit(self):
|
||||
"""returns the maximum size of the buffer
|
||||
"""
|
||||
Returns the maximum size of the buffer.
|
||||
|
||||
:returns: (size_t) the size
|
||||
:return: (size_t) The size.
|
||||
"""
|
||||
return _ldns.ldns_buffer_limit(self)
|
||||
#parameters: ldns_buffer *,
|
||||
#retvals: size_t
|
||||
|
||||
def position(self):
|
||||
"""returns the current position in the buffer (as a number of bytes)
|
||||
"""
|
||||
Returns the current position in the buffer
|
||||
(as a number of bytes).
|
||||
|
||||
:returns: (size_t) the current position
|
||||
:return: (size_t) The current position.
|
||||
"""
|
||||
return _ldns.ldns_buffer_position(self)
|
||||
#parameters: ldns_buffer *,
|
||||
#retvals: size_t
|
||||
|
||||
def printf(self, str, *args):
|
||||
"""Prints to the buffer, increasing the capacity if required using buffer_reserve().
|
||||
|
||||
The buffer's position is set to the terminating '\0'. Returns the number of characters written (not including the terminating '\0') or -1 on failure.
|
||||
:param str: a string
|
||||
:returns: (int)
|
||||
def printf(self, string, *args):
|
||||
"""
|
||||
data = str % args
|
||||
return _ldns.ldns_buffer_printf(self,data)
|
||||
#parameters: ldns_buffer *,const char *,...
|
||||
Prints to the buffer, increasing the capacity
|
||||
if required using buffer_reserve().
|
||||
|
||||
The buffer's position is set to the terminating '\0'.
|
||||
Returns the number of characters written (not including
|
||||
the terminating '\0') or -1 on failure.
|
||||
|
||||
:param string: A string to be written.
|
||||
:type string: string
|
||||
:throws: TypeError when `string` not a string.
|
||||
:return: (int) Number of written characters or -1 on failure.
|
||||
"""
|
||||
data = string % args
|
||||
return _ldns.ldns_buffer_printf(self, data)
|
||||
#parameters: ldns_buffer *, const char *, ...
|
||||
#retvals: int
|
||||
|
||||
def read(self,data,count):
|
||||
"""copies count bytes of data at the current position to the given data-array
|
||||
def read(self, data, count):
|
||||
"""
|
||||
Copies count bytes of data at the current position to the given
|
||||
`data`-array
|
||||
|
||||
:param data:
|
||||
buffer to copy to
|
||||
:param count:
|
||||
the length of the data to copy
|
||||
:param data: Target buffer to copy to.
|
||||
:type data: void \*
|
||||
:param count: The length of the data to copy.
|
||||
:type count: size_t
|
||||
"""
|
||||
_ldns.ldns_buffer_read(self,data,count)
|
||||
#parameters: ldns_buffer *,void *,size_t,
|
||||
#parameters: ldns_buffer *, void *, size_t,
|
||||
#retvals:
|
||||
|
||||
def read_at(self,at,data,count):
|
||||
"""copies count bytes of data at the given position to the given data-array
|
||||
def read_at(self, at, data, count):
|
||||
"""
|
||||
Copies count bytes of data at the given position to the
|
||||
given `data`-array.
|
||||
|
||||
:param at:
|
||||
the position in the buffer to start
|
||||
:param data:
|
||||
buffer to copy to
|
||||
:param count:
|
||||
the length of the data to copy
|
||||
:param at: The position in the buffer to start reading.
|
||||
:type at: size_t
|
||||
:param data: Target buffer to copy to.
|
||||
:type data: void \*
|
||||
:param count: The length of the data to copy.
|
||||
:type count: size_t
|
||||
"""
|
||||
_ldns.ldns_buffer_read_at(self,at,data,count)
|
||||
#parameters: ldns_buffer *,size_t,void *,size_t,
|
||||
#parameters: ldns_buffer *, size_t, void *, size_t,
|
||||
#retvals:
|
||||
|
||||
def read_u16(self):
|
||||
"""returns the 2-byte integer value at the current position in the buffer
|
||||
"""
|
||||
Returns the 2-byte integer value at the current position
|
||||
from the buffer.
|
||||
|
||||
:returns: (uint16_t) 2 byte integer
|
||||
:return: (uint16_t) Word.
|
||||
"""
|
||||
return _ldns.ldns_buffer_read_u16(self)
|
||||
#parameters: ldns_buffer *,
|
||||
#retvals: uint16_t
|
||||
|
||||
def read_u16_at(self,at):
|
||||
"""returns the 2-byte integer value at the given position in the buffer
|
||||
|
||||
:param at:
|
||||
position in the buffer
|
||||
:returns: (uint16_t) 2 byte integer
|
||||
def read_u16_at(self, at):
|
||||
"""
|
||||
return _ldns.ldns_buffer_read_u16_at(self,at)
|
||||
#parameters: ldns_buffer *,size_t,
|
||||
Returns the 2-byte integer value at the given position
|
||||
from the buffer.
|
||||
|
||||
:param at: Position in the buffer.
|
||||
:type at: positive integer
|
||||
:throws TypeError: When `at` of non-integer type.
|
||||
:return: (uint16_t) Word.
|
||||
"""
|
||||
return _ldns.ldns_buffer_read_u16_at(self, at)
|
||||
#parameters: ldns_buffer *, size_t,
|
||||
#retvals: uint16_t
|
||||
|
||||
def read_u32(self):
|
||||
"""returns the 4-byte integer value at the current position in the buffer
|
||||
"""
|
||||
Returns the 4-byte integer value at the current position
|
||||
from the buffer.
|
||||
|
||||
:returns: (uint32_t) 4 byte integer
|
||||
:return: (uint32_t) Double-word.
|
||||
"""
|
||||
return _ldns.ldns_buffer_read_u32(self)
|
||||
#parameters: ldns_buffer *,
|
||||
#retvals: uint32_t
|
||||
|
||||
def read_u32_at(self,at):
|
||||
"""returns the 4-byte integer value at the given position in the buffer
|
||||
|
||||
:param at:
|
||||
position in the buffer
|
||||
:returns: (uint32_t) 4 byte integer
|
||||
def read_u32_at(self, at):
|
||||
"""
|
||||
return _ldns.ldns_buffer_read_u32_at(self,at)
|
||||
#parameters: ldns_buffer *,size_t,
|
||||
Returns the 4-byte integer value at the given position
|
||||
from the buffer.
|
||||
|
||||
:param at: Position in the buffer.
|
||||
:type at: positive integer
|
||||
:throws TypeError: When `at` of non-integer type.
|
||||
:return: (uint32_t) Double-word.
|
||||
"""
|
||||
return _ldns.ldns_buffer_read_u32_at(self, at)
|
||||
#parameters: ldns_buffer *, size_t,
|
||||
#retvals: uint32_t
|
||||
|
||||
def read_u8(self):
|
||||
"""returns the byte value at the current position in the buffer
|
||||
"""
|
||||
Returns the byte value at the current position from the buffer.
|
||||
|
||||
:returns: (uint8_t) 1 byte integer
|
||||
:return: (uint8_t) A byte (not a character).
|
||||
"""
|
||||
return _ldns.ldns_buffer_read_u8(self)
|
||||
#parameters: ldns_buffer *,
|
||||
#retvals: uint8_t
|
||||
|
||||
def read_u8_at(self,at):
|
||||
"""returns the byte value at the given position in the buffer
|
||||
|
||||
:param at:
|
||||
the position in the buffer
|
||||
:returns: (uint8_t) 1 byte integer
|
||||
def read_u8_at(self, at):
|
||||
"""
|
||||
return _ldns.ldns_buffer_read_u8_at(self,at)
|
||||
#parameters: ldns_buffer *,size_t,
|
||||
Returns the byte value at the given position from the buffer.
|
||||
|
||||
:param at: The position in the buffer.
|
||||
:type at: positive integer
|
||||
:throws TypeError: When `at` of non-integer type.
|
||||
:return: (uint8_t) Byte value.
|
||||
"""
|
||||
return _ldns.ldns_buffer_read_u8_at(self, at)
|
||||
#parameters: ldns_buffer *, size_t,
|
||||
#retvals: uint8_t
|
||||
|
||||
def remaining(self):
|
||||
"""returns the number of bytes remaining between the buffer's position and limit.
|
||||
"""
|
||||
Returns the number of bytes remaining between the buffer's
|
||||
position and limit.
|
||||
|
||||
:returns: (size_t) the number of bytes
|
||||
:return: (size_t) The number of bytes.
|
||||
"""
|
||||
return _ldns.ldns_buffer_remaining(self)
|
||||
#parameters: ldns_buffer *,
|
||||
#retvals: size_t
|
||||
|
||||
def remaining_at(self,at):
|
||||
"""returns the number of bytes remaining between the indicated position and the limit.
|
||||
|
||||
:param at:
|
||||
indicated position
|
||||
:returns: (size_t) number of bytes
|
||||
def remaining_at(self, at):
|
||||
"""
|
||||
return _ldns.ldns_buffer_remaining_at(self,at)
|
||||
Returns the number of bytes remaining between the indicated
|
||||
position and the limit.
|
||||
|
||||
:param at: Indicated position.
|
||||
:type at: positive integer
|
||||
:throws TypeError: When `at` of non-integer type.
|
||||
:return: (size_t) number of bytes
|
||||
"""
|
||||
return _ldns.ldns_buffer_remaining_at(self, at)
|
||||
#parameters: ldns_buffer *,size_t,
|
||||
#retvals: size_t
|
||||
|
||||
def reserve(self,amount):
|
||||
"""ensures BUFFER can contain at least AMOUNT more bytes.
|
||||
|
||||
The buffer's capacity is increased if necessary using buffer_set_capacity().
|
||||
|
||||
The buffer's limit is always set to the (possibly increased) capacity.
|
||||
|
||||
:param amount:
|
||||
amount to use
|
||||
:returns: (bool) whether this failed or succeeded
|
||||
def reserve(self, amount):
|
||||
"""
|
||||
return _ldns.ldns_buffer_reserve(self,amount)
|
||||
#parameters: ldns_buffer *,size_t,
|
||||
Ensures that the buffer can contain at least `amount` more
|
||||
bytes.
|
||||
|
||||
The buffer's capacity is increased if necessary using
|
||||
buffer_set_capacity().
|
||||
|
||||
The buffer's limit is always set to the (possibly increased)
|
||||
capacity.
|
||||
|
||||
:param amount: Amount to use.
|
||||
:type amount: positive integer
|
||||
:throws TypeError: When `amount` of non-integer type.
|
||||
:return: (bool) hether this failed or succeeded.
|
||||
"""
|
||||
return _ldns.ldns_buffer_reserve(self, amount)
|
||||
#parameters: ldns_buffer *, size_t,
|
||||
#retvals: bool
|
||||
|
||||
def rewind(self):
|
||||
"""make the buffer ready for re-reading the data.
|
||||
"""
|
||||
Make the buffer ready for re-reading the data.
|
||||
|
||||
The buffer's position is reset to 0.
|
||||
"""
|
||||
@ -378,188 +499,228 @@ void _ldns_buffer_free (ldns_buffer* b) {
|
||||
#parameters: ldns_buffer *,
|
||||
#retvals:
|
||||
|
||||
def set_capacity(self,capacity):
|
||||
"""changes the buffer's capacity.
|
||||
|
||||
The data is reallocated so any pointers to the data may become invalid. The buffer's limit is set to the buffer's new capacity.
|
||||
|
||||
:param capacity:
|
||||
the capacity to use
|
||||
:returns: (bool) whether this failed or succeeded
|
||||
def set_capacity(self, capacity):
|
||||
"""
|
||||
return _ldns.ldns_buffer_set_capacity(self,capacity)
|
||||
#parameters: ldns_buffer *,size_t,
|
||||
Changes the buffer's capacity.
|
||||
|
||||
The data is reallocated so any pointers to the data may become
|
||||
invalid. The buffer's limit is set to the buffer's new capacity.
|
||||
|
||||
:param capacity: The capacity to use.
|
||||
:type capacity: positive integer
|
||||
:throws TypeError: When `capacity` of non-integer type.
|
||||
:return: (bool) whether this failed or succeeded
|
||||
"""
|
||||
return _ldns.ldns_buffer_set_capacity(self, capacity)
|
||||
#parameters: ldns_buffer *, size_t,
|
||||
#retvals: bool
|
||||
|
||||
def set_limit(self,limit):
|
||||
"""changes the buffer's limit.
|
||||
|
||||
If the buffer's position is greater than the new limit the position is set to the limit.
|
||||
|
||||
:param limit:
|
||||
the new limit
|
||||
def set_limit(self, limit):
|
||||
"""
|
||||
_ldns.ldns_buffer_set_limit(self,limit)
|
||||
#parameters: ldns_buffer *,size_t,
|
||||
Changes the buffer's limit.
|
||||
|
||||
If the buffer's position is greater than the new limit
|
||||
then the position is set to the limit.
|
||||
|
||||
:param limit: The new limit.
|
||||
:type limit: positive integer
|
||||
:throws TypeError: When `limit` of non-integer type.
|
||||
"""
|
||||
_ldns.ldns_buffer_set_limit(self, limit)
|
||||
#parameters: ldns_buffer *, size_t,
|
||||
#retvals:
|
||||
|
||||
def set_position(self,mark):
|
||||
"""sets the buffer's position to MARK.
|
||||
"""
|
||||
Sets the buffer's position to `mark`.
|
||||
|
||||
The position must be less than or equal to the buffer's limit.
|
||||
|
||||
:param mark:
|
||||
the mark to use
|
||||
:param mark: The mark to use.
|
||||
:type mark: positive integer
|
||||
:throws TypeError: When `mark` of non-integer type.
|
||||
"""
|
||||
_ldns.ldns_buffer_set_position(self,mark)
|
||||
#parameters: ldns_buffer *,size_t,
|
||||
#retvals:
|
||||
|
||||
def skip(self,count):
|
||||
"""changes the buffer's position by COUNT bytes.
|
||||
|
||||
The position must not be moved behind the buffer's limit or before the beginning of the buffer.
|
||||
|
||||
:param count:
|
||||
the count to use
|
||||
def skip(self, count):
|
||||
"""
|
||||
_ldns.ldns_buffer_skip(self,count)
|
||||
#parameters: ldns_buffer *,ssize_t,
|
||||
Changes the buffer's position by `count` bytes.
|
||||
|
||||
The position must not be moved behind the buffer's limit or
|
||||
before the beginning of the buffer.
|
||||
|
||||
:param count: The count to use.
|
||||
:type count: integer
|
||||
:throws TypeError: When `count` of non-integer type.
|
||||
"""
|
||||
_ldns.ldns_buffer_skip(self, count)
|
||||
#parameters: ldns_buffer *, ssize_t,
|
||||
#retvals:
|
||||
|
||||
def status(self):
|
||||
"""returns the status of the buffer
|
||||
"""
|
||||
Returns the status of the buffer.
|
||||
|
||||
:returns: (ldns_status) the status
|
||||
:return: (ldns_status) The status.
|
||||
"""
|
||||
return _ldns.ldns_buffer_status(self)
|
||||
#parameters: ldns_buffer *,
|
||||
#retvals: ldns_status
|
||||
|
||||
def status_ok(self):
|
||||
"""returns true if the status of the buffer is LDNS_STATUS_OK, false otherwise
|
||||
"""
|
||||
Returns True if the status of the buffer is LDNS_STATUS_OK,
|
||||
False otherwise.
|
||||
|
||||
:returns: (bool) true or false
|
||||
:return: (bool) True or False.
|
||||
"""
|
||||
return _ldns.ldns_buffer_status_ok(self)
|
||||
#parameters: ldns_buffer *,
|
||||
#retvals: bool
|
||||
|
||||
def write(self,data,count):
|
||||
"""writes count bytes of data to the current position of the buffer
|
||||
|
||||
:param data:
|
||||
the data to write
|
||||
:param count:
|
||||
the lenght of the data to write
|
||||
def write(self, data, count):
|
||||
"""
|
||||
_ldns.ldns_buffer_write(self,data,count)
|
||||
#parameters: ldns_buffer *,const void *,size_t,
|
||||
Writes count bytes of data to the current position of
|
||||
the buffer.
|
||||
|
||||
:param data: The data to write.
|
||||
:type data: void \*
|
||||
:param count: The length of the data to write.
|
||||
:type count: size_t
|
||||
"""
|
||||
_ldns.ldns_buffer_write(self, data, count)
|
||||
#parameters: ldns_buffer *, const void *, size_t,
|
||||
#retvals:
|
||||
|
||||
def write_at(self,at,data,count):
|
||||
"""writes the given data to the buffer at the specified position
|
||||
|
||||
:param at:
|
||||
the position (in number of bytes) to write the data at
|
||||
:param data:
|
||||
pointer to the data to write to the buffer
|
||||
:param count:
|
||||
the number of bytes of data to write
|
||||
def write_at(self, at, data, count):
|
||||
"""
|
||||
_ldns.ldns_buffer_write_at(self,at,data,count)
|
||||
#parameters: ldns_buffer *,size_t,const void *,size_t,
|
||||
Writes the given data to the buffer at the specified position
|
||||
by `at`.
|
||||
|
||||
:param at: The position (in number of bytes) to write the
|
||||
data at.
|
||||
:param data: Pointer to the data to write to the buffer.
|
||||
:param count: The number of bytes of data to write.
|
||||
"""
|
||||
_ldns.ldns_buffer_write_at(self, at, data, count)
|
||||
#parameters: ldns_buffer *, size_t, const void *, size_t,
|
||||
#retvals:
|
||||
|
||||
def write_string(self,str):
|
||||
"""copies the given (null-delimited) string to the current position at the buffer
|
||||
|
||||
:param str:
|
||||
the string to write
|
||||
def write_string(self, string):
|
||||
"""
|
||||
_ldns.ldns_buffer_write_string(self,str)
|
||||
Copies the given (null-delimited) string to the current
|
||||
position into the buffer.
|
||||
|
||||
:param string: The string to write.
|
||||
:type string: string
|
||||
:throws TypeError: When `string` not a string.
|
||||
"""
|
||||
_ldns.ldns_buffer_write_string(self,string)
|
||||
#parameters: ldns_buffer *,const char *,
|
||||
#retvals:
|
||||
|
||||
def write_string_at(self,at,str):
|
||||
"""copies the given (null-delimited) string to the specified position at the buffer
|
||||
|
||||
:param at:
|
||||
the position in the buffer
|
||||
:param str:
|
||||
the string to write
|
||||
def write_string_at(self, at, string):
|
||||
"""
|
||||
_ldns.ldns_buffer_write_string_at(self,at,str)
|
||||
#parameters: ldns_buffer *,size_t,const char *,
|
||||
Copies the given (null-delimited) string to the specified
|
||||
position `at` into the buffer.
|
||||
|
||||
:param at: The position in the buffer.
|
||||
:type at: positive integer
|
||||
:param string: The string to write.
|
||||
:type string: string
|
||||
:throws TypeError: When types mismatch.
|
||||
"""
|
||||
_ldns.ldns_buffer_write_string_at(self, at, string)
|
||||
#parameters: ldns_buffer *, size_t, const char *,
|
||||
#retvals:
|
||||
|
||||
def write_u16(self,data):
|
||||
"""writes the given 2 byte integer at the current position in the buffer
|
||||
def write_u16(self, data):
|
||||
"""Writes the given 2 byte integer at the current
|
||||
position in the buffer.
|
||||
|
||||
:param data:
|
||||
the 16 bits to write
|
||||
:param data: The word to write.
|
||||
:type data: uint16_t
|
||||
:throws TypeError: When `data` of non-integer type.
|
||||
"""
|
||||
_ldns.ldns_buffer_write_u16(self,data)
|
||||
#parameters: ldns_buffer *,uint16_t,
|
||||
_ldns.ldns_buffer_write_u16(self, data)
|
||||
#parameters: ldns_buffer *, uint16_t,
|
||||
#retvals:
|
||||
|
||||
def write_u16_at(self,at,data):
|
||||
"""writes the given 2 byte integer at the given position in the buffer
|
||||
def write_u16_at(self, at, data):
|
||||
"""
|
||||
Writes the given 2 byte integer at the given position
|
||||
in the buffer.
|
||||
|
||||
:param at:
|
||||
the position in the buffer
|
||||
:param data:
|
||||
the 16 bits to write
|
||||
:param at: The position in the buffer.
|
||||
:type at: positive integer
|
||||
:param data: The word to write.
|
||||
:type data: uint16_t
|
||||
:throws TypeError: When `at` or `data` of non-integer type.
|
||||
"""
|
||||
_ldns.ldns_buffer_write_u16_at(self,at,data)
|
||||
#parameters: ldns_buffer *,size_t,uint16_t,
|
||||
#retvals:
|
||||
|
||||
def write_u32(self,data):
|
||||
"""writes the given 4 byte integer at the current position in the buffer
|
||||
|
||||
:param data:
|
||||
the 32 bits to write
|
||||
def write_u32(self, data):
|
||||
"""
|
||||
_ldns.ldns_buffer_write_u32(self,data)
|
||||
#parameters: ldns_buffer *,uint32_t,
|
||||
Writes the given 4 byte integer at the current position
|
||||
in the buffer.
|
||||
|
||||
:param data: The double-word to write.
|
||||
:type data: uint32_t
|
||||
:throws TypeError: When `data` of non-integer type.
|
||||
"""
|
||||
_ldns.ldns_buffer_write_u32(self, data)
|
||||
#parameters: ldns_buffer *, uint32_t,
|
||||
#retvals:
|
||||
|
||||
def write_u32_at(self,at,data):
|
||||
"""writes the given 4 byte integer at the given position in the buffer
|
||||
|
||||
:param at:
|
||||
the position in the buffer
|
||||
:param data:
|
||||
the 32 bits to write
|
||||
def write_u32_at(self, at, data):
|
||||
"""
|
||||
_ldns.ldns_buffer_write_u32_at(self,at,data)
|
||||
Writes the given 4 byte integer at the given position
|
||||
in the buffer.
|
||||
|
||||
:param at: The position in the buffer.
|
||||
:type at: positive integer
|
||||
:param data: The double-word to write.
|
||||
:type data: uint32_t
|
||||
:throws TypeError: When `at` or `data` of non-integer type.
|
||||
"""
|
||||
_ldns.ldns_buffer_write_u32_at(self, at, data)
|
||||
#parameters: ldns_buffer *,size_t,uint32_t,
|
||||
#retvals:
|
||||
|
||||
def write_u8(self,data):
|
||||
"""writes the given byte of data at the current position in the buffer
|
||||
|
||||
:param data:
|
||||
the 8 bits to write
|
||||
def write_u8(self, data):
|
||||
"""
|
||||
_ldns.ldns_buffer_write_u8(self,data)
|
||||
#parameters: ldns_buffer *,uint8_t,
|
||||
Writes the given byte of data at the current position
|
||||
in the buffer.
|
||||
|
||||
:param data: The byte to write.
|
||||
:type data: uint8_t
|
||||
:throws TypeError: When `data` of non-integer type.
|
||||
"""
|
||||
_ldns.ldns_buffer_write_u8(self, data)
|
||||
#parameters: ldns_buffer *, uint8_t,
|
||||
#retvals:
|
||||
|
||||
def write_u8_at(self,at,data):
|
||||
"""writes the given byte of data at the given position in the buffer
|
||||
"""
|
||||
Writes the given byte of data at the given position
|
||||
in the buffer.
|
||||
|
||||
:param at:
|
||||
the position in the buffer
|
||||
:param data:
|
||||
the 8 bits to write
|
||||
:param at: The position in the buffer.
|
||||
:type at: positive integer
|
||||
:param data: The byte to write.
|
||||
:type data: uint8_t
|
||||
:throws TypeError: When `at` or `data` of non-integer type.
|
||||
"""
|
||||
_ldns.ldns_buffer_write_u8_at(self,at,data)
|
||||
#parameters: ldns_buffer *,size_t,uint8_t,
|
||||
#retvals:
|
||||
|
||||
#_LDNS_BUFFER_METHODS#
|
||||
%}
|
||||
#
|
||||
# _LDNS_BUFFER_METHODS
|
||||
#
|
||||
%}
|
||||
}
|
||||
|
||||
|
@ -14,8 +14,8 @@
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* * Neither the name of the organization nor the names of its
|
||||
* contributors may be used to endorse or promote products derived from this
|
||||
* software without specific prior written permission.
|
||||
* contributors may be used to endorse or promote products derived from
|
||||
* this software without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
||||
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
@ -28,169 +28,598 @@
|
||||
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
******************************************************************************/
|
||||
%pythoncode %{
|
||||
class ldns_dname(ldns_rdf):
|
||||
"""Domain name
|
||||
*****************************************************************************/
|
||||
|
||||
This class contains methods to read and manipulate domain names.
|
||||
Domain names are stored in ldns_rdf structures, with the type LDNS_RDF_TYPE_DNAME
|
||||
|
||||
/* ========================================================================= */
|
||||
/* SWIG setting and definitions. */
|
||||
/* ========================================================================= */
|
||||
|
||||
/*
|
||||
* Not here (with the exception of functions defined in this C code sction),
|
||||
* must be set in ldns_rdf.i.
|
||||
*/
|
||||
|
||||
|
||||
/* ========================================================================= */
|
||||
/* Debugging related code. */
|
||||
/* ========================================================================= */
|
||||
|
||||
/*
|
||||
* Not here (with the exception of functions defined in this C code sction),
|
||||
* must be set in ldns_rdf.i.
|
||||
*/
|
||||
|
||||
|
||||
/* ========================================================================= */
|
||||
/* Added C code. */
|
||||
/* ========================================================================= */
|
||||
|
||||
/* None */
|
||||
|
||||
|
||||
/* ========================================================================= */
|
||||
/* Encapsulating Python code. */
|
||||
/* ========================================================================= */
|
||||
|
||||
%pythoncode
|
||||
%{
|
||||
class ldns_dname(ldns_rdf):
|
||||
"""
|
||||
Domain name.
|
||||
|
||||
This class contains methods to read and manipulate domain name drfs.
|
||||
Domain names are stored in :class:`ldns_rdf` structures,
|
||||
with the type LDNS_RDF_TYPE_DNAME. This class encapsulates such
|
||||
rdfs.
|
||||
|
||||
**Usage**
|
||||
|
||||
>>> import ldns
|
||||
>>> resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
|
||||
>>> dn1 = ldns.ldns_dname("test.nic.cz")
|
||||
>>> print dn1
|
||||
test.nic.cz.
|
||||
>>> dn2 = ldns.ldns_dname("nic.cz")
|
||||
>>> if dn2.is_subdomain(dn1): print dn2,"is subdomain of",dn1
|
||||
>>> if dn1.is_subdomain(dn2): print dn1,"is subdomain of",dn2
|
||||
test.nic.cz. is subdomain of nic.cz.
|
||||
>>> import ldns
|
||||
>>> dn1 = ldns.ldns_dname("test.nic.cz")
|
||||
>>> print dn1
|
||||
test.nic.cz.
|
||||
>>> dn2 = ldns.ldns_dname("nic.cz")
|
||||
>>> if dn2.is_subdomain(dn1): print dn2, "is sub-domain of", dn1
|
||||
>>> if dn1.is_subdomain(dn2): print dn1, "is sub-domain of", dn2
|
||||
test.nic.cz. is sub-domain of nic.cz.
|
||||
|
||||
The following two examples show the creation of :class:`ldns_dname`
|
||||
from :class:`ldns_rdf`. The first shows the creation of
|
||||
:class:`ldns_dname` instance which is independent of the original
|
||||
`rdf`.
|
||||
|
||||
|
||||
>>> import ldns
|
||||
>>> rdf = ldns.ldns_rdf.new_frm_str("a.ns.nic.cz", ldns.LDNS_RDF_TYPE_DNAME)
|
||||
>>> dn = ldns.ldns_dname(rdf)
|
||||
>>> print dn
|
||||
a.ns.nic.cz.
|
||||
|
||||
The latter shows the wrapping of a :class:`ldns_rdf` onto
|
||||
a :class:`ldns_dname` without the creation of a copy.
|
||||
|
||||
>>> import ldns
|
||||
>>> dn = ldns.ldns_dname(ldns.ldns_rdf.new_frm_str("a.ns.nic.cz", ldns.LDNS_RDF_TYPE_DNAME), clone=False)
|
||||
>>> print dn
|
||||
a.ns.nic.cz.
|
||||
"""
|
||||
def __init__(self, str):
|
||||
"""Creates a new dname rdf from a string.
|
||||
|
||||
:parameter str: str string to use
|
||||
def __init__(self, initialiser, clone=True):
|
||||
"""
|
||||
self.this = _ldns.ldns_dname_new_frm_str(str)
|
||||
Creates a new dname rdf from a string or :class:`ldns_rdf`.
|
||||
|
||||
:param initialiser: string or :class:`ldns_rdf`
|
||||
:type initialiser: string or :class:`ldns_rdf` containing
|
||||
a dname
|
||||
:param clone: Whether to clone or directly grab the parameter.
|
||||
:type clone: bool
|
||||
:throws TypeError: When `initialiser` of invalid type.
|
||||
"""
|
||||
if isinstance(initialiser, ldns_rdf) and \
|
||||
(initialiser.get_type() == _ldns.LDNS_RDF_TYPE_DNAME):
|
||||
if clone == True:
|
||||
self.this = _ldns.ldns_rdf_clone(initialiser)
|
||||
else:
|
||||
self.this = initialiser
|
||||
else:
|
||||
self.this = _ldns.ldns_dname_new_frm_str(initialiser)
|
||||
|
||||
#
|
||||
# LDNS_DNAME_CONSTRUCTORS_
|
||||
#
|
||||
|
||||
@staticmethod
|
||||
def new_frm_str(str):
|
||||
"""Creates a new dname rdf instance from a string.
|
||||
|
||||
This static method is equivalent to using of default class constructor.
|
||||
|
||||
:parameter str: str string to use
|
||||
def new_frm_str(string):
|
||||
"""
|
||||
return ldns_dname(str)
|
||||
Creates a new dname rdf instance from a string.
|
||||
|
||||
This static method is equivalent to using default
|
||||
:class:`ldns_dname` constructor.
|
||||
|
||||
:param string: String to use.
|
||||
:type string: string
|
||||
:throws TypeError: When `string` not a string.
|
||||
:return: (:class:`ldns_dname`) dname rdf.
|
||||
"""
|
||||
return ldns_dname(string)
|
||||
|
||||
@staticmethod
|
||||
def new_frm_rdf(rdf, clone=True):
|
||||
"""
|
||||
Creates a new dname rdf instance from a dname :class:`ldns_rdf`.
|
||||
|
||||
This static method is equivalent to using the default
|
||||
:class:`ldns_dname` constructor.
|
||||
|
||||
:param rdf: A dname :class:`ldns_rdf`.
|
||||
:type rdf: :class:`ldns_rdf`
|
||||
:throws TypeError: When `rdf` of inappropriate type.
|
||||
:param clone: Whether to create a clone or to wrap present
|
||||
instance.
|
||||
:type clone: bool
|
||||
:return: (:class:`ldns_dname`) dname rdf.
|
||||
"""
|
||||
return ldns_dname(rdf, clone=clone)
|
||||
|
||||
#
|
||||
# _LDNS_DNAME_CONSTRUCTORS
|
||||
#
|
||||
|
||||
def write_to_buffer(self, buffer):
|
||||
"""
|
||||
Copies the dname data to the buffer in wire format.
|
||||
|
||||
:param buffer: Buffer to append the result to.
|
||||
:type param: :class:`ldns_buffer`
|
||||
:throws TypeError: When `buffer` of non-:class:`ldns_buffer`
|
||||
type.
|
||||
:return: (ldns_status) ldns_status
|
||||
"""
|
||||
return _ldns.ldns_dname2buffer_wire(buffer, self)
|
||||
#parameters: ldns_buffer *, const ldns_rdf *,
|
||||
#retvals: ldns_status
|
||||
|
||||
|
||||
#
|
||||
# LDNS_DNAME_METHODS_
|
||||
#
|
||||
|
||||
def absolute(self):
|
||||
"""Checks whether the given dname string is absolute (i.e. ends with a '.')
|
||||
|
||||
:returns: (bool) True or False
|
||||
"""
|
||||
return self.endswith(".")
|
||||
Checks whether the given dname string is absolute (i.e.,
|
||||
ends with a '.').
|
||||
|
||||
:return: (bool) True or False
|
||||
"""
|
||||
string = self.__str__()
|
||||
return _ldns.ldns_dname_str_absolute(string) != 0
|
||||
|
||||
def make_canonical(self):
|
||||
"""Put a dname into canonical fmt - ie. lowercase it
|
||||
"""
|
||||
Put a dname into canonical format (i.e., convert to lower case).
|
||||
"""
|
||||
_ldns.ldns_dname2canonical(self)
|
||||
|
||||
def __cmp__(self,other):
|
||||
"""Compares the two dname rdf's according to the algorithm for ordering in RFC4034 Section 6.
|
||||
|
||||
:param other:
|
||||
the second dname rdf to compare
|
||||
:returns: (int) -1 if dname comes before other, 1 if dname comes after other, and 0 if they are equal.
|
||||
def __cmp__(self, other):
|
||||
"""
|
||||
return _ldns.ldns_dname_compare(self,other)
|
||||
Compares two dname rdf according to the algorithm for
|
||||
ordering in RFC4034 Section 6.
|
||||
|
||||
:param other: The second dname rdf to compare.
|
||||
:type other: :class:`ldns_dname`
|
||||
:throws TypeError: When `other` of invalid type.
|
||||
:return: (int) -1, 0 or 1 if self comes before other,
|
||||
self is equal or self comes after other respectively.
|
||||
|
||||
def write_to_buffer(self,buffer):
|
||||
"""Copies the dname data to the buffer in wire format.
|
||||
|
||||
:param buffer: buffer to append the result to
|
||||
:returns: (ldns_status) ldns_status
|
||||
.. note::
|
||||
The type checking of parameter `other` is benevolent.
|
||||
It allows also to pass a dname :class:`ldns_rdf` object.
|
||||
This will probably change in future.
|
||||
"""
|
||||
return _ldns.ldns_dname2buffer_wire(buffer,self)
|
||||
#parameters: ldns_buffer *,const ldns_rdf *,
|
||||
#
|
||||
# The wrapped function generates asserts instead of setting
|
||||
# error status. They cannot be caught from Python so a check
|
||||
# is necessary.
|
||||
#
|
||||
if (not isinstance(other, ldns_dname)) and \
|
||||
isinstance(other, ldns_rdf) and \
|
||||
other.get_type() == _ldns.LDNS_RDF_TYPE_DNAME:
|
||||
warnings.warn("The ldns_dname.__cmp__() method will" +
|
||||
" drop the possibility to compare ldns_rdf." +
|
||||
" Convert arguments to ldns_dname.",
|
||||
PendingDeprecationWarning, stacklevel=2)
|
||||
if not isinstance(other, ldns_rdf):
|
||||
raise TypeError("Parameter must be derived from ldns_rdf.")
|
||||
if (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME):
|
||||
raise Exception("Operands must be ldns_dname.")
|
||||
return _ldns.ldns_dname_compare(self, other)
|
||||
|
||||
def __lt__(self, other):
|
||||
"""
|
||||
Compares two dname rdf according to the algorithm for
|
||||
ordering in RFC4034 Section 6.
|
||||
|
||||
:param other: The second dname rdf to compare.
|
||||
:type other: :class:`ldns_dname`
|
||||
:throws TypeError: When `other` of invalid type.
|
||||
:return: (bool) True when `self` is less than 'other'.
|
||||
|
||||
.. note::
|
||||
The type checking of parameter `other` is benevolent.
|
||||
It allows also to pass a dname :class:`ldns_rdf` object.
|
||||
This will probably change in future.
|
||||
"""
|
||||
#
|
||||
# The wrapped function generates asserts instead of setting
|
||||
# error status. They cannot be caught from Python so a check
|
||||
# is necessary.
|
||||
#
|
||||
if (not isinstance(other, ldns_dname)) and \
|
||||
isinstance(other, ldns_rdf) and \
|
||||
other.get_type() == _ldns.LDNS_RDF_TYPE_DNAME:
|
||||
warnings.warn("The ldns_dname.__lt__() method will" +
|
||||
" drop the possibility to compare ldns_rdf." +
|
||||
" Convert arguments to ldns_dname.",
|
||||
PendingDeprecationWarning, stacklevel=2)
|
||||
if not isinstance(other, ldns_rdf):
|
||||
raise TypeError("Parameter must be derived from ldns_rdf.")
|
||||
if (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME):
|
||||
raise Exception("Operands must be ldns_dname.")
|
||||
return _ldns.ldns_dname_compare(self, other) == -1
|
||||
|
||||
def __le__(self, other):
|
||||
"""
|
||||
Compares two dname rdf according to the algorithm for
|
||||
ordering in RFC4034 Section 6.
|
||||
|
||||
:param other: The second dname rdf to compare.
|
||||
:type other: :class:`ldns_dname`
|
||||
:throws TypeError: When `other` of invalid type.
|
||||
:return: (bool) True when `self` is less than or equal to
|
||||
'other'.
|
||||
|
||||
.. note::
|
||||
The type checking of parameter `other` is benevolent.
|
||||
It allows also to pass a dname :class:`ldns_rdf` object.
|
||||
This will probably change in future.
|
||||
"""
|
||||
#
|
||||
# The wrapped function generates asserts instead of setting
|
||||
# error status. They cannot be caught from Python so a check
|
||||
# is necessary.
|
||||
#
|
||||
if (not isinstance(other, ldns_dname)) and \
|
||||
isinstance(other, ldns_rdf) and \
|
||||
other.get_type() == _ldns.LDNS_RDF_TYPE_DNAME:
|
||||
warnings.warn("The ldns_dname.__le__() method will" +
|
||||
" drop the possibility to compare ldns_rdf." +
|
||||
" Convert arguments to ldns_dname.",
|
||||
PendingDeprecationWarning, stacklevel=2)
|
||||
if not isinstance(other, ldns_rdf):
|
||||
raise TypeError("Parameter must be derived from ldns_rdf.")
|
||||
if (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME):
|
||||
raise Exception("Operands must be ldns_dname.")
|
||||
return _ldns.ldns_dname_compare(self, other) != 1
|
||||
|
||||
def __eq__(self, other):
|
||||
"""
|
||||
Compares two dname rdf according to the algorithm for
|
||||
ordering in RFC4034 Section 6.
|
||||
|
||||
:param other: The second dname rdf to compare.
|
||||
:type other: :class:`ldns_dname`
|
||||
:throws TypeError: When `other` of invalid type.
|
||||
:return: (bool) True when `self` is equal to 'other'.
|
||||
|
||||
.. note::
|
||||
The type checking of parameter `other` is benevolent.
|
||||
It allows also to pass a dname :class:`ldns_rdf` object.
|
||||
This will probably change in future.
|
||||
"""
|
||||
#
|
||||
# The wrapped function generates asserts instead of setting
|
||||
# error status. They cannot be caught from Python so a check
|
||||
# is necessary.
|
||||
#
|
||||
if (not isinstance(other, ldns_dname)) and \
|
||||
isinstance(other, ldns_rdf) and \
|
||||
other.get_type() == _ldns.LDNS_RDF_TYPE_DNAME:
|
||||
warnings.warn("The ldns_dname.__eq__() method will" +
|
||||
" drop the possibility to compare ldns_rdf." +
|
||||
" Convert arguments to ldns_dname.",
|
||||
PendingDeprecationWarning, stacklevel=2)
|
||||
if not isinstance(other, ldns_rdf):
|
||||
raise TypeError("Parameter must be derived from ldns_rdf.")
|
||||
if (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME):
|
||||
raise Exception("Operands must be ldns_dname.")
|
||||
return _ldns.ldns_dname_compare(self, other) == 0
|
||||
|
||||
def __ne__(self, other):
|
||||
"""
|
||||
Compares two dname rdf according to the algorithm for
|
||||
ordering in RFC4034 Section 6.
|
||||
|
||||
:param other: The second dname rdf to compare.
|
||||
:type other: :class:`ldns_dname`
|
||||
:throws TypeError: When `other` of invalid type.
|
||||
:return: (bool) True when `self` is not equal to 'other'.
|
||||
|
||||
.. note::
|
||||
The type checking of parameter `other` is benevolent.
|
||||
It allows also to pass a dname :class:`ldns_rdf` object.
|
||||
This will probably change in future.
|
||||
"""
|
||||
#
|
||||
# The wrapped function generates asserts instead of setting
|
||||
# error status. They cannot be caught from Python so a check
|
||||
# is necessary.
|
||||
#
|
||||
if (not isinstance(other, ldns_dname)) and \
|
||||
isinstance(other, ldns_rdf) and \
|
||||
other.get_type() == _ldns.LDNS_RDF_TYPE_DNAME:
|
||||
warnings.warn("The ldns_dname.__ne__() method will" +
|
||||
" drop the possibility to compare ldns_rdf." +
|
||||
" Convert arguments to ldns_dname.",
|
||||
PendingDeprecationWarning, stacklevel=2)
|
||||
if not isinstance(other, ldns_rdf):
|
||||
raise TypeError("Parameter must be derived from ldns_rdf.")
|
||||
if (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME):
|
||||
raise Exception("Operands must be ldns_dname.")
|
||||
return _ldns.ldns_dname_compare(self, other) != 0
|
||||
|
||||
def __gt__(self, other):
|
||||
"""
|
||||
Compares two dname rdf according to the algorithm for
|
||||
ordering in RFC4034 Section 6.
|
||||
|
||||
:param other: The second dname rdf to compare.
|
||||
:type other: :class:`ldns_dname`
|
||||
:throws TypeError: When `other` of invalid type.
|
||||
:return: (bool) True when `self` is greater than 'other'.
|
||||
|
||||
.. note::
|
||||
The type checking of parameter `other` is benevolent.
|
||||
It allows also to pass a dname :class:`ldns_rdf` object.
|
||||
This will probably change in future.
|
||||
"""
|
||||
#
|
||||
# The wrapped function generates asserts instead of setting
|
||||
# error status. They cannot be caught from Python so a check
|
||||
# is necessary.
|
||||
#
|
||||
if (not isinstance(other, ldns_dname)) and \
|
||||
isinstance(other, ldns_rdf) and \
|
||||
other.get_type() == _ldns.LDNS_RDF_TYPE_DNAME:
|
||||
warnings.warn("The ldns_dname.__gt__() method will" +
|
||||
" drop the possibility to compare ldns_rdf." +
|
||||
" Convert arguments to ldns_dname.",
|
||||
PendingDeprecationWarning, stacklevel=2)
|
||||
if not isinstance(other, ldns_rdf):
|
||||
raise TypeError("Parameter must be derived from ldns_rdf.")
|
||||
if (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME):
|
||||
raise Exception("Operands must be ldns_dname.")
|
||||
return _ldns.ldns_dname_compare(self, other) == 1
|
||||
|
||||
def __ge__(self, other):
|
||||
"""
|
||||
Compares two dname rdf according to the algorithm for
|
||||
ordering in RFC4034 Section 6.
|
||||
|
||||
:param other: The second dname rdf to compare.
|
||||
:type other: :class:`ldns_dname`
|
||||
:throws TypeError: When `other` of invalid type.
|
||||
:return: (bool) True when `self` is greater than or equal to
|
||||
'other'.
|
||||
|
||||
.. note::
|
||||
The type checking of parameter `other` is benevolent.
|
||||
It allows also to pass a dname :class:`ldns_rdf` object.
|
||||
This will probably change in future.
|
||||
"""
|
||||
#
|
||||
# The wrapped function generates asserts instead of setting
|
||||
# error status. They cannot be caught from Python so a check
|
||||
# is necessary.
|
||||
#
|
||||
if (not isinstance(other, ldns_dname)) and \
|
||||
isinstance(other, ldns_rdf) and \
|
||||
other.get_type() == _ldns.LDNS_RDF_TYPE_DNAME:
|
||||
warnings.warn("The ldns_dname.__ge__() method will" +
|
||||
" drop the possibility to compare ldns_rdf." +
|
||||
" Convert arguments to ldns_dname.",
|
||||
PendingDeprecationWarning, stacklevel=2)
|
||||
if not isinstance(other, ldns_rdf):
|
||||
raise TypeError("Parameter must be derived from ldns_rdf.")
|
||||
if (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME):
|
||||
raise Exception("Operands must be ldns_dname.")
|
||||
return _ldns.ldns_dname_compare(self, other) != -1
|
||||
|
||||
def cat(self, rd2):
|
||||
"""
|
||||
Concatenates rd2 after this dname (`rd2` is copied,
|
||||
`this` dname is modified).
|
||||
|
||||
:param rd2: The right-hand side.
|
||||
:type rd2: :class:`ldns_dname`
|
||||
:throws TypeError: When `rd2` of invalid type.
|
||||
:return: (ldns_status) LDNS_STATUS_OK on success
|
||||
|
||||
.. note::
|
||||
The type checking of parameter `rd2` is benevolent.
|
||||
It allows also to pass a dname :class:`ldns_rdf` object.
|
||||
This will probably change in future.
|
||||
"""
|
||||
if (not isinstance(rd2, ldns_dname)) and \
|
||||
isinstance(rd2, ldns_rdf) and \
|
||||
rd2.get_type() == _ldns.LDNS_RDF_TYPE_DNAME:
|
||||
warnings.warn("The ldns_dname.cat() method will" +
|
||||
" drop the support of ldns_rdf." +
|
||||
" Convert arguments to ldns_dname.",
|
||||
PendingDeprecationWarning, stacklevel=2)
|
||||
return _ldns.ldns_dname_cat(self, rd2)
|
||||
#parameters: ldns_rdf *, ldns_rdf *,
|
||||
#retvals: ldns_status
|
||||
|
||||
#LDNS_DNAME_METHODS_#
|
||||
|
||||
def cat(self,rd2):
|
||||
"""concatenates rd2 after this dname (rd2 is copied, this dname is modified)
|
||||
|
||||
:param rd2:
|
||||
the rightside
|
||||
:returns: (ldns_status) LDNS_STATUS_OK on success
|
||||
def cat_clone(self, rd2):
|
||||
"""
|
||||
return _ldns.ldns_dname_cat(self,rd2)
|
||||
#parameters: ldns_rdf *,ldns_rdf *,
|
||||
#retvals: ldns_status
|
||||
|
||||
def cat_clone(self,rd2):
|
||||
"""concatenates two dnames together
|
||||
Concatenates two dnames together.
|
||||
|
||||
:param rd2:
|
||||
the rightside
|
||||
:returns: (ldns_rdf \*) a new rdf with leftside/rightside
|
||||
:param rd2: The right-hand side.
|
||||
:type rd2: :class:`ldns_dname`
|
||||
:throws TypeError: When `rd2` of invalid type.
|
||||
:return: (:class:`ldns_dname`) A new rdf with
|
||||
left-hand side + right-hand side content None when
|
||||
error.
|
||||
|
||||
.. note::
|
||||
The type checking of parameter `rd2` is benevolent.
|
||||
It allows also to pass a dname :class:`ldns_rdf` object.
|
||||
This will probably change in future.
|
||||
"""
|
||||
return _ldns.ldns_dname_cat_clone(self,rd2)
|
||||
#parameters: const ldns_rdf *,const ldns_rdf *,
|
||||
if (not isinstance(rd2, ldns_dname)) and \
|
||||
isinstance(rd2, ldns_rdf) and \
|
||||
rd2.get_type() == _ldns.LDNS_RDF_TYPE_DNAME:
|
||||
warnings.warn("The ldns_dname.cat_clone() method will" +
|
||||
" drop the support of ldns_rdf." +
|
||||
" Convert arguments to ldns_dname.",
|
||||
PendingDeprecationWarning, stacklevel=2)
|
||||
ret = _ldns.ldns_dname_cat_clone(self, rd2)
|
||||
if ret != None:
|
||||
ret = ldns_dname(ret, clone=False)
|
||||
return ret
|
||||
#parameters: const ldns_rdf *, const ldns_rdf *,
|
||||
#retvals: ldns_rdf *
|
||||
|
||||
def interval(self,middle,next):
|
||||
"""check if middle lays in the interval defined by prev and next prev <= middle < next.
|
||||
|
||||
This is usefull for nsec checking
|
||||
|
||||
:param middle:
|
||||
the dname to check
|
||||
:param next:
|
||||
the next dname return 0 on error or unknown, -1 when middle is in the interval, +1 when not
|
||||
:returns: (int)
|
||||
def interval(self, middle, next):
|
||||
"""
|
||||
return _ldns.ldns_dname_interval(self,middle,next)
|
||||
#parameters: const ldns_rdf *,const ldns_rdf *,const ldns_rdf *,
|
||||
Check whether `middle` lays in the interval defined by
|
||||
`this` and `next` (`this` <= `middle` < `next`).
|
||||
|
||||
This method is useful for nsec checking.
|
||||
|
||||
:param middle: The dname to check.
|
||||
:type middle: :class:`ldns_dname`
|
||||
:param next: The boundary.
|
||||
:type next: :class:`ldns_dname`
|
||||
:throws TypeError: When `middle` or `next` of
|
||||
non-:class:`ldns_rdf` type.
|
||||
:throws Exception: When non-dname rdfs compared.
|
||||
:return: (int) 0 on error or unknown,
|
||||
-1 when middle is in the interval, 1 when not.
|
||||
|
||||
.. note::
|
||||
The type checking of parameters is benevolent.
|
||||
It allows also to pass a dname :class:`ldns_rdf` object.
|
||||
This will probably change in future.
|
||||
"""
|
||||
#
|
||||
# The wrapped function generates asserts instead of setting
|
||||
# error status. They cannot be caught from Python so a check
|
||||
# is necessary.
|
||||
#
|
||||
if (not isinstance(middle, ldns_rdf)) or \
|
||||
(not isinstance(next, ldns_rdf)):
|
||||
raise TypeError("Parameters must be derived from ldns_dname.")
|
||||
if (self.get_type() != _ldns.LDNS_RDF_TYPE_DNAME) or \
|
||||
(middle.get_type() != _ldns.LDNS_RDF_TYPE_DNAME) or \
|
||||
(next.get_type() != _ldns.LDNS_RDF_TYPE_DNAME):
|
||||
raise Exception("All operands must be dname rdfs.")
|
||||
if (not isinstance(middle, ldns_dname)) or \
|
||||
(not isinstance(next, ldns_dname)):
|
||||
warnings.warn("The ldns_dname.interval() method will" +
|
||||
" drop the possibility to compare ldns_rdf." +
|
||||
" Convert arguments to ldns_dname.",
|
||||
PendingDeprecationWarning, stacklevel=2)
|
||||
return _ldns.ldns_dname_interval(self, middle, next)
|
||||
#parameters: const ldns_rdf *, const ldns_rdf *, const ldns_rdf *,
|
||||
#retvals: int
|
||||
|
||||
def is_subdomain(self,parent):
|
||||
"""Tests wether the name sub falls under parent (i.e. is a subdomain of parent).
|
||||
def is_subdomain(self, parent):
|
||||
"""
|
||||
Tests whether the name of the instance falls under
|
||||
`parent` (i.e., is a sub-domain of `parent`).
|
||||
|
||||
This function will return false if the given dnames are equal.
|
||||
|
||||
:param parent:
|
||||
(ldns_rdf) the parent's name
|
||||
:returns: (bool) true if sub falls under parent, otherwise false
|
||||
:param parent: The parent's name.
|
||||
:type parent: :class:`ldns_dname`
|
||||
:throws TypeError: When `parent` of non-:class:`ldns_rdf`
|
||||
or derived type.
|
||||
:return: (bool) True if `this` falls under `parent`, otherwise
|
||||
False.
|
||||
|
||||
.. note::
|
||||
The type checking of parameters is benevolent.
|
||||
It allows also to pass a dname :class:`ldns_rdf` object.
|
||||
This will probably change in future.
|
||||
"""
|
||||
return _ldns.ldns_dname_is_subdomain(self,parent)
|
||||
#parameters: const ldns_rdf *,const ldns_rdf *,
|
||||
if (not isinstance(parent, ldns_dname)) and \
|
||||
isinstance(parent, ldns_rdf) and \
|
||||
parent.get_type() == _ldns.LDNS_RDF_TYPE_DNAME:
|
||||
warnings.warn("The ldns_dname.is_subdomain() method will" +
|
||||
" drop the support of ldns_rdf." +
|
||||
" Convert arguments to ldns_dname.",
|
||||
PendingDeprecationWarning, stacklevel=2)
|
||||
return _ldns.ldns_dname_is_subdomain(self, parent)
|
||||
#parameters: const ldns_rdf *, const ldns_rdf *,
|
||||
#retvals: bool
|
||||
|
||||
def label(self,labelpos):
|
||||
"""look inside the rdf and if it is an LDNS_RDF_TYPE_DNAME try and retrieve a specific label.
|
||||
def label(self, labelpos):
|
||||
"""
|
||||
Look inside the rdf and retrieve a specific label.
|
||||
|
||||
The labels are numbered starting from 0 (left most).
|
||||
|
||||
:param labelpos:
|
||||
return the label with this number
|
||||
:returns: (ldns_rdf \*) a ldns_rdf* with the label as name or NULL on error
|
||||
|
||||
:param labelpos: Index of the label. (Labels are numbered
|
||||
0, which is the left most.)
|
||||
:type labelpos: integer
|
||||
:throws TypeError: When `labelpos` of non-integer type.
|
||||
:return: (:class:`ldns_dname`) A new rdf with the label
|
||||
as name or None on error.
|
||||
"""
|
||||
return _ldns.ldns_dname_label(self,labelpos)
|
||||
#parameters: const ldns_rdf *,uint8_t,
|
||||
ret = _ldns.ldns_dname_label(self, labelpos)
|
||||
if ret != None:
|
||||
ret = ldns_dname(ret, clone=False)
|
||||
return ret
|
||||
#parameters: const ldns_rdf *, uint8_t,
|
||||
#retvals: ldns_rdf *
|
||||
|
||||
def label_count(self):
|
||||
"""count the number of labels inside a LDNS_RDF_DNAME type rdf.
|
||||
"""
|
||||
Counts the number of labels.
|
||||
|
||||
:returns: (uint8_t) the number of labels
|
||||
:return: (uint8_t) the number of labels. Will return 0
|
||||
if not a dname.
|
||||
"""
|
||||
return _ldns.ldns_dname_label_count(self)
|
||||
#parameters: const ldns_rdf *,
|
||||
#retvals: uint8_t
|
||||
|
||||
def left_chop(self):
|
||||
"""chop one label off the left side of a dname.
|
||||
|
||||
so wwww.nlnetlabs.nl, becomes nlnetlabs.nl
|
||||
|
||||
:returns: (ldns_rdf \*) the remaining dname
|
||||
"""
|
||||
return _ldns.ldns_dname_left_chop(self)
|
||||
Chop one label off the left side of a dname.
|
||||
|
||||
(e.g., wwww.nlnetlabs.nl, becomes nlnetlabs.nl)
|
||||
|
||||
:return: (:class:`ldns_dname`) The remaining dname or None
|
||||
when error.
|
||||
"""
|
||||
return ldns_dname(_ldns.ldns_dname_left_chop(self), clone=False)
|
||||
#parameters: const ldns_rdf *,
|
||||
#retvals: ldns_rdf *
|
||||
|
||||
def reverse(self):
|
||||
"""Returns a clone of the given dname with the labels reversed.
|
||||
|
||||
:returns: (ldns_rdf \*) clone of the dname with the labels reversed.
|
||||
"""
|
||||
return _ldns.ldns_dname_reverse(self)
|
||||
Returns a clone of the given dname with the labels reversed.
|
||||
|
||||
:return: (:class:`ldns_dname`) A clone of the dname with
|
||||
the labels reversed.
|
||||
"""
|
||||
return ldns_dname(_ldns.ldns_dname_reverse(self), clone=False)
|
||||
#parameters: const ldns_rdf *,
|
||||
#retvals: ldns_rdf *
|
||||
|
||||
#_LDNS_DNAME_METHODS#
|
||||
#
|
||||
# _LDNS_DNAME_METHODS
|
||||
#
|
||||
%}
|
||||
|
||||
|
@ -247,6 +247,29 @@ ldns_status ldns_dnssec_zone_sign_defcb(ldns_dnssec_zone *zone, ldns_rr_list *ne
|
||||
|
||||
return ldns_dnssec_zone_sign(zone, new_rrs, key_list, ldns_dnssec_default_replace_signatures, NULL);
|
||||
}
|
||||
|
||||
ldns_status ldns_dnssec_zone_add_rr_(ldns_dnssec_zone *zone, ldns_rr *rr)
|
||||
{
|
||||
ldns_rr *new_rr;
|
||||
ldns_status status;
|
||||
|
||||
new_rr = ldns_rr_clone(rr);
|
||||
|
||||
/*
|
||||
* A clone of the RR is created to be stored in the DNSSEC zone.
|
||||
* The Python engine frees a RR object as soon it's reference count
|
||||
* reaches zero. The code must avoid double freeing or accessing of freed
|
||||
* memory.
|
||||
*/
|
||||
|
||||
status = ldns_dnssec_zone_add_rr(zone, new_rr);
|
||||
|
||||
if (status != LDNS_STATUS_OK) {
|
||||
ldns_rr_free(new_rr);
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
%}
|
||||
|
||||
%extend ldns_dnssec_zone {
|
||||
@ -413,7 +436,7 @@ ldns_status ldns_dnssec_zone_sign_defcb(ldns_dnssec_zone *zone, ldns_rr_list *ne
|
||||
The RR to add
|
||||
:returns: (ldns_status) LDNS_STATUS_OK on success, an error code otherwise
|
||||
"""
|
||||
return _ldns.ldns_dnssec_zone_add_rr(self,rr)
|
||||
return _ldns.ldns_dnssec_zone_add_rr_(self,rr)
|
||||
#parameters: ldns_dnssec_zone *,ldns_rr *,
|
||||
#retvals: ldns_status
|
||||
|
||||
|
@ -217,7 +217,7 @@ This simple example instances a resolver in order to resolve NS for nic.cz.
|
||||
|
||||
def opcode2str(self):
|
||||
"""Converts a packet opcode to its mnemonic and returns that as an allocated null-terminated string."""
|
||||
return _ldns.ldns_pkt_opcode2str(sefl.get_opcode())
|
||||
return _ldns.ldns_pkt_opcode2str(self.get_opcode())
|
||||
|
||||
def rcode2str(self):
|
||||
"""Converts a packet rcode to its mnemonic and returns that as an allocated null-terminated string."""
|
||||
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
742
dane.c
Normal file
742
dane.c
Normal file
@ -0,0 +1,742 @@
|
||||
/*
|
||||
* Verify or create TLS authentication with DANE (RFC6698)
|
||||
*
|
||||
* (c) NLnetLabs 2012
|
||||
*
|
||||
* See the file LICENSE for the license.
|
||||
*
|
||||
*/
|
||||
|
||||
#include <ldns/config.h>
|
||||
|
||||
#include <ldns/ldns.h>
|
||||
#include <ldns/dane.h>
|
||||
|
||||
#include <unistd.h>
|
||||
#include <stdlib.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netdb.h>
|
||||
|
||||
#ifdef HAVE_SSL
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/x509v3.h>
|
||||
#endif
|
||||
|
||||
ldns_status
|
||||
ldns_dane_create_tlsa_owner(ldns_rdf** tlsa_owner, const ldns_rdf* name,
|
||||
uint16_t port, ldns_dane_transport transport)
|
||||
{
|
||||
char buf[LDNS_MAX_DOMAINLEN];
|
||||
size_t s;
|
||||
|
||||
assert(tlsa_owner != NULL);
|
||||
assert(name != NULL);
|
||||
assert(ldns_rdf_get_type(name) == LDNS_RDF_TYPE_DNAME);
|
||||
|
||||
s = (size_t)snprintf(buf, LDNS_MAX_DOMAINLEN, "X_%d", (int)port);
|
||||
buf[0] = (char)(s - 1);
|
||||
|
||||
switch(transport) {
|
||||
case LDNS_DANE_TRANSPORT_TCP:
|
||||
s += snprintf(buf + s, LDNS_MAX_DOMAINLEN - s, "\004_tcp");
|
||||
break;
|
||||
|
||||
case LDNS_DANE_TRANSPORT_UDP:
|
||||
s += snprintf(buf + s, LDNS_MAX_DOMAINLEN - s, "\004_udp");
|
||||
break;
|
||||
|
||||
case LDNS_DANE_TRANSPORT_SCTP:
|
||||
s += snprintf(buf + s, LDNS_MAX_DOMAINLEN - s, "\005_sctp");
|
||||
break;
|
||||
|
||||
default:
|
||||
return LDNS_STATUS_DANE_UNKNOWN_TRANSPORT;
|
||||
}
|
||||
if (s + ldns_rdf_size(name) > LDNS_MAX_DOMAINLEN) {
|
||||
return LDNS_STATUS_DOMAINNAME_OVERFLOW;
|
||||
}
|
||||
memcpy(buf + s, ldns_rdf_data(name), ldns_rdf_size(name));
|
||||
*tlsa_owner = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_DNAME,
|
||||
s + ldns_rdf_size(name), buf);
|
||||
if (*tlsa_owner == NULL) {
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
return LDNS_STATUS_OK;
|
||||
}
|
||||
|
||||
|
||||
#ifdef HAVE_SSL
|
||||
ldns_status
|
||||
ldns_dane_cert2rdf(ldns_rdf** rdf, X509* cert,
|
||||
ldns_tlsa_selector selector,
|
||||
ldns_tlsa_matching_type matching_type)
|
||||
{
|
||||
unsigned char* buf = NULL;
|
||||
size_t len;
|
||||
|
||||
X509_PUBKEY* xpubkey;
|
||||
EVP_PKEY* epubkey;
|
||||
|
||||
unsigned char* digest;
|
||||
|
||||
assert(rdf != NULL);
|
||||
assert(cert != NULL);
|
||||
|
||||
switch(selector) {
|
||||
case LDNS_TLSA_SELECTOR_FULL_CERTIFICATE:
|
||||
|
||||
len = (size_t)i2d_X509(cert, &buf);
|
||||
break;
|
||||
|
||||
case LDNS_TLSA_SELECTOR_SUBJECTPUBLICKEYINFO:
|
||||
|
||||
#ifndef S_SPLINT_S
|
||||
xpubkey = X509_get_X509_PUBKEY(cert);
|
||||
#endif
|
||||
if (! xpubkey) {
|
||||
return LDNS_STATUS_SSL_ERR;
|
||||
}
|
||||
epubkey = X509_PUBKEY_get(xpubkey);
|
||||
if (! epubkey) {
|
||||
return LDNS_STATUS_SSL_ERR;
|
||||
}
|
||||
len = (size_t)i2d_PUBKEY(epubkey, &buf);
|
||||
break;
|
||||
|
||||
default:
|
||||
return LDNS_STATUS_DANE_UNKNOWN_SELECTOR;
|
||||
}
|
||||
|
||||
switch(matching_type) {
|
||||
case LDNS_TLSA_MATCHING_TYPE_NO_HASH_USED:
|
||||
|
||||
*rdf = ldns_rdf_new(LDNS_RDF_TYPE_HEX, len, buf);
|
||||
|
||||
return *rdf ? LDNS_STATUS_OK : LDNS_STATUS_MEM_ERR;
|
||||
break;
|
||||
|
||||
case LDNS_TLSA_MATCHING_TYPE_SHA256:
|
||||
|
||||
digest = LDNS_XMALLOC(unsigned char, SHA256_DIGEST_LENGTH);
|
||||
if (digest == NULL) {
|
||||
LDNS_FREE(buf);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
(void) ldns_sha256(buf, (unsigned int)len, digest);
|
||||
*rdf = ldns_rdf_new(LDNS_RDF_TYPE_HEX, SHA256_DIGEST_LENGTH,
|
||||
digest);
|
||||
LDNS_FREE(buf);
|
||||
|
||||
return *rdf ? LDNS_STATUS_OK : LDNS_STATUS_MEM_ERR;
|
||||
break;
|
||||
|
||||
case LDNS_TLSA_MATCHING_TYPE_SHA512:
|
||||
|
||||
digest = LDNS_XMALLOC(unsigned char, SHA512_DIGEST_LENGTH);
|
||||
if (digest == NULL) {
|
||||
LDNS_FREE(buf);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
(void) ldns_sha512(buf, (unsigned int)len, digest);
|
||||
*rdf = ldns_rdf_new(LDNS_RDF_TYPE_HEX, SHA512_DIGEST_LENGTH,
|
||||
digest);
|
||||
LDNS_FREE(buf);
|
||||
|
||||
return *rdf ? LDNS_STATUS_OK : LDNS_STATUS_MEM_ERR;
|
||||
break;
|
||||
|
||||
default:
|
||||
LDNS_FREE(buf);
|
||||
return LDNS_STATUS_DANE_UNKNOWN_MATCHING_TYPE;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/* Ordinary PKIX validation of cert (with extra_certs to help)
|
||||
* against the CA's in store
|
||||
*/
|
||||
static ldns_status
|
||||
ldns_dane_pkix_validate(X509* cert, STACK_OF(X509)* extra_certs,
|
||||
X509_STORE* store)
|
||||
{
|
||||
X509_STORE_CTX* vrfy_ctx;
|
||||
ldns_status s;
|
||||
|
||||
if (! store) {
|
||||
return LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE;
|
||||
}
|
||||
vrfy_ctx = X509_STORE_CTX_new();
|
||||
if (! vrfy_ctx) {
|
||||
|
||||
return LDNS_STATUS_SSL_ERR;
|
||||
|
||||
} else if (X509_STORE_CTX_init(vrfy_ctx, store,
|
||||
cert, extra_certs) != 1) {
|
||||
s = LDNS_STATUS_SSL_ERR;
|
||||
|
||||
} else if (X509_verify_cert(vrfy_ctx) == 1) {
|
||||
|
||||
s = LDNS_STATUS_OK;
|
||||
|
||||
} else {
|
||||
s = LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE;
|
||||
}
|
||||
X509_STORE_CTX_free(vrfy_ctx);
|
||||
return s;
|
||||
}
|
||||
|
||||
|
||||
/* Orinary PKIX validation of cert (with extra_certs to help)
|
||||
* against the CA's in store, but also return the validation chain.
|
||||
*/
|
||||
static ldns_status
|
||||
ldns_dane_pkix_validate_and_get_chain(STACK_OF(X509)** chain, X509* cert,
|
||||
STACK_OF(X509)* extra_certs, X509_STORE* store)
|
||||
{
|
||||
ldns_status s;
|
||||
X509_STORE* empty_store = NULL;
|
||||
X509_STORE_CTX* vrfy_ctx;
|
||||
|
||||
assert(chain != NULL);
|
||||
|
||||
if (! store) {
|
||||
store = empty_store = X509_STORE_new();
|
||||
}
|
||||
s = LDNS_STATUS_SSL_ERR;
|
||||
vrfy_ctx = X509_STORE_CTX_new();
|
||||
if (! vrfy_ctx) {
|
||||
|
||||
goto exit_free_empty_store;
|
||||
|
||||
} else if (X509_STORE_CTX_init(vrfy_ctx, store,
|
||||
cert, extra_certs) != 1) {
|
||||
goto exit_free_vrfy_ctx;
|
||||
|
||||
} else if (X509_verify_cert(vrfy_ctx) == 1) {
|
||||
|
||||
s = LDNS_STATUS_OK;
|
||||
|
||||
} else {
|
||||
s = LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE;
|
||||
}
|
||||
*chain = X509_STORE_CTX_get1_chain(vrfy_ctx);
|
||||
if (! *chain) {
|
||||
s = LDNS_STATUS_SSL_ERR;
|
||||
}
|
||||
|
||||
exit_free_vrfy_ctx:
|
||||
X509_STORE_CTX_free(vrfy_ctx);
|
||||
|
||||
exit_free_empty_store:
|
||||
if (empty_store) {
|
||||
X509_STORE_free(empty_store);
|
||||
}
|
||||
return s;
|
||||
}
|
||||
|
||||
|
||||
/* Return the validation chain that can be build out of cert, with extra_certs.
|
||||
*/
|
||||
static ldns_status
|
||||
ldns_dane_pkix_get_chain(STACK_OF(X509)** chain,
|
||||
X509* cert, STACK_OF(X509)* extra_certs)
|
||||
{
|
||||
ldns_status s;
|
||||
X509_STORE* empty_store = NULL;
|
||||
X509_STORE_CTX* vrfy_ctx;
|
||||
|
||||
assert(chain != NULL);
|
||||
|
||||
empty_store = X509_STORE_new();
|
||||
s = LDNS_STATUS_SSL_ERR;
|
||||
vrfy_ctx = X509_STORE_CTX_new();
|
||||
if (! vrfy_ctx) {
|
||||
|
||||
goto exit_free_empty_store;
|
||||
|
||||
} else if (X509_STORE_CTX_init(vrfy_ctx, empty_store,
|
||||
cert, extra_certs) != 1) {
|
||||
goto exit_free_vrfy_ctx;
|
||||
}
|
||||
(void) X509_verify_cert(vrfy_ctx);
|
||||
*chain = X509_STORE_CTX_get1_chain(vrfy_ctx);
|
||||
if (! *chain) {
|
||||
s = LDNS_STATUS_SSL_ERR;
|
||||
} else {
|
||||
s = LDNS_STATUS_OK;
|
||||
}
|
||||
exit_free_vrfy_ctx:
|
||||
X509_STORE_CTX_free(vrfy_ctx);
|
||||
|
||||
exit_free_empty_store:
|
||||
X509_STORE_free(empty_store);
|
||||
return s;
|
||||
}
|
||||
|
||||
|
||||
/* Pop n+1 certs and return the last popped.
|
||||
*/
|
||||
static ldns_status
|
||||
ldns_dane_get_nth_cert_from_validation_chain(
|
||||
X509** cert, STACK_OF(X509)* chain, int n, bool ca)
|
||||
{
|
||||
if (n >= sk_X509_num(chain) || n < 0) {
|
||||
return LDNS_STATUS_DANE_OFFSET_OUT_OF_RANGE;
|
||||
}
|
||||
*cert = sk_X509_pop(chain);
|
||||
while (n-- > 0) {
|
||||
X509_free(*cert);
|
||||
*cert = sk_X509_pop(chain);
|
||||
}
|
||||
if (ca && ! X509_check_ca(*cert)) {
|
||||
return LDNS_STATUS_DANE_NON_CA_CERTIFICATE;
|
||||
}
|
||||
return LDNS_STATUS_OK;
|
||||
}
|
||||
|
||||
|
||||
/* Create validation chain with cert and extra_certs and returns the last
|
||||
* self-signed (if present).
|
||||
*/
|
||||
static ldns_status
|
||||
ldns_dane_pkix_get_last_self_signed(X509** out_cert,
|
||||
X509* cert, STACK_OF(X509)* extra_certs)
|
||||
{
|
||||
ldns_status s;
|
||||
X509_STORE* empty_store = NULL;
|
||||
X509_STORE_CTX* vrfy_ctx;
|
||||
|
||||
assert(out_cert != NULL);
|
||||
|
||||
empty_store = X509_STORE_new();
|
||||
s = LDNS_STATUS_SSL_ERR;
|
||||
vrfy_ctx = X509_STORE_CTX_new();
|
||||
if (! vrfy_ctx) {
|
||||
goto exit_free_empty_store;
|
||||
|
||||
} else if (X509_STORE_CTX_init(vrfy_ctx, empty_store,
|
||||
cert, extra_certs) != 1) {
|
||||
goto exit_free_vrfy_ctx;
|
||||
|
||||
}
|
||||
(void) X509_verify_cert(vrfy_ctx);
|
||||
if (vrfy_ctx->error == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN ||
|
||||
vrfy_ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT){
|
||||
|
||||
*out_cert = X509_STORE_CTX_get_current_cert( vrfy_ctx);
|
||||
s = LDNS_STATUS_OK;
|
||||
} else {
|
||||
s = LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR;
|
||||
}
|
||||
exit_free_vrfy_ctx:
|
||||
X509_STORE_CTX_free(vrfy_ctx);
|
||||
|
||||
exit_free_empty_store:
|
||||
X509_STORE_free(empty_store);
|
||||
return s;
|
||||
}
|
||||
|
||||
|
||||
ldns_status
|
||||
ldns_dane_select_certificate(X509** selected_cert,
|
||||
X509* cert, STACK_OF(X509)* extra_certs,
|
||||
X509_STORE* pkix_validation_store,
|
||||
ldns_tlsa_certificate_usage cert_usage, int offset)
|
||||
{
|
||||
ldns_status s;
|
||||
STACK_OF(X509)* pkix_validation_chain = NULL;
|
||||
|
||||
assert(selected_cert != NULL);
|
||||
assert(cert != NULL);
|
||||
|
||||
/* With PKIX validation explicitely turned off (pkix_validation_store
|
||||
* == NULL), treat the "CA constraint" and "Service certificate
|
||||
* constraint" the same as "Trust anchor assertion" and "Domain issued
|
||||
* certificate" respectively.
|
||||
*/
|
||||
if (pkix_validation_store == NULL) {
|
||||
switch (cert_usage) {
|
||||
|
||||
case LDNS_TLSA_USAGE_CA_CONSTRAINT:
|
||||
|
||||
cert_usage = LDNS_TLSA_USAGE_TRUST_ANCHOR_ASSERTION;
|
||||
break;
|
||||
|
||||
case LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT:
|
||||
|
||||
cert_usage = LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE;
|
||||
break;
|
||||
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
/* Now what to do with each Certificate usage...
|
||||
*/
|
||||
switch (cert_usage) {
|
||||
|
||||
case LDNS_TLSA_USAGE_CA_CONSTRAINT:
|
||||
|
||||
s = ldns_dane_pkix_validate_and_get_chain(
|
||||
&pkix_validation_chain,
|
||||
cert, extra_certs,
|
||||
pkix_validation_store);
|
||||
if (! pkix_validation_chain) {
|
||||
return s;
|
||||
}
|
||||
if (s == LDNS_STATUS_OK) {
|
||||
if (offset == -1) {
|
||||
offset = 0;
|
||||
}
|
||||
s = ldns_dane_get_nth_cert_from_validation_chain(
|
||||
selected_cert, pkix_validation_chain,
|
||||
offset, true);
|
||||
}
|
||||
sk_X509_pop_free(pkix_validation_chain, X509_free);
|
||||
return s;
|
||||
break;
|
||||
|
||||
|
||||
case LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT:
|
||||
|
||||
*selected_cert = cert;
|
||||
return ldns_dane_pkix_validate(cert, extra_certs,
|
||||
pkix_validation_store);
|
||||
break;
|
||||
|
||||
|
||||
case LDNS_TLSA_USAGE_TRUST_ANCHOR_ASSERTION:
|
||||
|
||||
if (offset == -1) {
|
||||
s = ldns_dane_pkix_get_last_self_signed(
|
||||
selected_cert, cert, extra_certs);
|
||||
return s;
|
||||
} else {
|
||||
s = ldns_dane_pkix_get_chain(
|
||||
&pkix_validation_chain,
|
||||
cert, extra_certs);
|
||||
if (s == LDNS_STATUS_OK) {
|
||||
s =
|
||||
ldns_dane_get_nth_cert_from_validation_chain(
|
||||
selected_cert, pkix_validation_chain,
|
||||
offset, false);
|
||||
} else if (! pkix_validation_chain) {
|
||||
return s;
|
||||
}
|
||||
sk_X509_pop_free(pkix_validation_chain, X509_free);
|
||||
return s;
|
||||
}
|
||||
break;
|
||||
|
||||
|
||||
case LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE:
|
||||
|
||||
*selected_cert = cert;
|
||||
return LDNS_STATUS_OK;
|
||||
break;
|
||||
|
||||
default:
|
||||
return LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
ldns_status
|
||||
ldns_dane_create_tlsa_rr(ldns_rr** tlsa,
|
||||
ldns_tlsa_certificate_usage certificate_usage,
|
||||
ldns_tlsa_selector selector,
|
||||
ldns_tlsa_matching_type matching_type,
|
||||
X509* cert)
|
||||
{
|
||||
ldns_rdf* rdf;
|
||||
ldns_status s;
|
||||
|
||||
assert(tlsa != NULL);
|
||||
assert(cert != NULL);
|
||||
|
||||
/* create rr */
|
||||
*tlsa = ldns_rr_new_frm_type(LDNS_RR_TYPE_TLSA);
|
||||
if (*tlsa == NULL) {
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
|
||||
rdf = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8,
|
||||
(uint8_t)certificate_usage);
|
||||
if (rdf == NULL) {
|
||||
goto memerror;
|
||||
}
|
||||
(void) ldns_rr_set_rdf(*tlsa, rdf, 0);
|
||||
|
||||
rdf = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, (uint8_t)selector);
|
||||
if (rdf == NULL) {
|
||||
goto memerror;
|
||||
}
|
||||
(void) ldns_rr_set_rdf(*tlsa, rdf, 1);
|
||||
|
||||
rdf = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, (uint8_t)matching_type);
|
||||
if (rdf == NULL) {
|
||||
goto memerror;
|
||||
}
|
||||
(void) ldns_rr_set_rdf(*tlsa, rdf, 2);
|
||||
|
||||
s = ldns_dane_cert2rdf(&rdf, cert, selector, matching_type);
|
||||
if (s == LDNS_STATUS_OK) {
|
||||
(void) ldns_rr_set_rdf(*tlsa, rdf, 3);
|
||||
return LDNS_STATUS_OK;
|
||||
}
|
||||
ldns_rr_free(*tlsa);
|
||||
*tlsa = NULL;
|
||||
return s;
|
||||
|
||||
memerror:
|
||||
ldns_rr_free(*tlsa);
|
||||
*tlsa = NULL;
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
|
||||
|
||||
/* Return tlsas that actually are TLSA resource records with known values
|
||||
* for the Certificate usage, Selector and Matching type rdata fields.
|
||||
*/
|
||||
static ldns_rr_list*
|
||||
ldns_dane_filter_unusable_records(const ldns_rr_list* tlsas)
|
||||
{
|
||||
size_t i;
|
||||
ldns_rr_list* r = ldns_rr_list_new();
|
||||
ldns_rr* tlsa_rr;
|
||||
|
||||
if (! r) {
|
||||
return NULL;
|
||||
}
|
||||
for (i = 0; i < ldns_rr_list_rr_count(tlsas); i++) {
|
||||
tlsa_rr = ldns_rr_list_rr(tlsas, i);
|
||||
if (ldns_rr_get_type(tlsa_rr) == LDNS_RR_TYPE_TLSA &&
|
||||
ldns_rr_rd_count(tlsa_rr) == 4 &&
|
||||
ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 0)) <= 3 &&
|
||||
ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 1)) <= 1 &&
|
||||
ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 2)) <= 2) {
|
||||
|
||||
if (! ldns_rr_list_push_rr(r, tlsa_rr)) {
|
||||
ldns_rr_list_free(r);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
return r;
|
||||
}
|
||||
|
||||
|
||||
/* Return whether cert/selector/matching_type matches data.
|
||||
*/
|
||||
static ldns_status
|
||||
ldns_dane_match_cert_with_data(X509* cert, ldns_tlsa_selector selector,
|
||||
ldns_tlsa_matching_type matching_type, ldns_rdf* data)
|
||||
{
|
||||
ldns_status s;
|
||||
ldns_rdf* match_data;
|
||||
|
||||
s = ldns_dane_cert2rdf(&match_data, cert, selector, matching_type);
|
||||
if (s == LDNS_STATUS_OK) {
|
||||
if (ldns_rdf_compare(data, match_data) != 0) {
|
||||
s = LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH;
|
||||
}
|
||||
ldns_rdf_free(match_data);
|
||||
}
|
||||
return s;
|
||||
}
|
||||
|
||||
|
||||
/* Return whether any certificate from the chain with selector/matching_type
|
||||
* matches data.
|
||||
* ca should be true if the certificate has to be a CA certificate too.
|
||||
*/
|
||||
static ldns_status
|
||||
ldns_dane_match_any_cert_with_data(STACK_OF(X509)* chain,
|
||||
ldns_tlsa_selector selector,
|
||||
ldns_tlsa_matching_type matching_type,
|
||||
ldns_rdf* data, bool ca)
|
||||
{
|
||||
ldns_status s = LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH;
|
||||
size_t n, i;
|
||||
X509* cert;
|
||||
|
||||
n = (size_t)sk_X509_num(chain);
|
||||
for (i = 0; i < n; i++) {
|
||||
cert = sk_X509_pop(chain);
|
||||
if (! cert) {
|
||||
s = LDNS_STATUS_SSL_ERR;
|
||||
break;
|
||||
}
|
||||
s = ldns_dane_match_cert_with_data(cert,
|
||||
selector, matching_type, data);
|
||||
if (ca && s == LDNS_STATUS_OK && ! X509_check_ca(cert)) {
|
||||
s = LDNS_STATUS_DANE_NON_CA_CERTIFICATE;
|
||||
}
|
||||
X509_free(cert);
|
||||
if (s != LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH) {
|
||||
break;
|
||||
}
|
||||
/* when s == LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH,
|
||||
* try to match the next certificate
|
||||
*/
|
||||
}
|
||||
return s;
|
||||
}
|
||||
|
||||
|
||||
ldns_status
|
||||
ldns_dane_verify_rr(const ldns_rr* tlsa_rr,
|
||||
X509* cert, STACK_OF(X509)* extra_certs,
|
||||
X509_STORE* pkix_validation_store)
|
||||
{
|
||||
ldns_status s;
|
||||
|
||||
STACK_OF(X509)* pkix_validation_chain = NULL;
|
||||
|
||||
ldns_tlsa_certificate_usage cert_usage;
|
||||
ldns_tlsa_selector selector;
|
||||
ldns_tlsa_matching_type matching_type;
|
||||
ldns_rdf* data;
|
||||
|
||||
if (! tlsa_rr) {
|
||||
/* No TLSA, so regular PKIX validation
|
||||
*/
|
||||
return ldns_dane_pkix_validate(cert, extra_certs,
|
||||
pkix_validation_store);
|
||||
}
|
||||
cert_usage = ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 0));
|
||||
selector = ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 1));
|
||||
matching_type = ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 2));
|
||||
data = ldns_rr_rdf(tlsa_rr, 3) ;
|
||||
|
||||
switch (cert_usage) {
|
||||
case LDNS_TLSA_USAGE_CA_CONSTRAINT:
|
||||
s = ldns_dane_pkix_validate_and_get_chain(
|
||||
&pkix_validation_chain,
|
||||
cert, extra_certs,
|
||||
pkix_validation_store);
|
||||
if (! pkix_validation_chain) {
|
||||
return s;
|
||||
}
|
||||
if (s == LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE) {
|
||||
/*
|
||||
* NO PKIX validation. We still try to match *any*
|
||||
* certificate from the chain, so we return
|
||||
* TLSA errors over PKIX errors.
|
||||
*
|
||||
* i.e. When the TLSA matches no certificate, we return
|
||||
* TLSA_DID_NOT_MATCH and not PKIX_DID_NOT_VALIDATE
|
||||
*/
|
||||
s = ldns_dane_match_any_cert_with_data(
|
||||
pkix_validation_chain,
|
||||
selector, matching_type, data, true);
|
||||
|
||||
if (s == LDNS_STATUS_OK) {
|
||||
/* A TLSA record did match a cert from the
|
||||
* chain, thus the error is failed PKIX
|
||||
* validation.
|
||||
*/
|
||||
s = LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE;
|
||||
}
|
||||
|
||||
} else if (s == LDNS_STATUS_OK) {
|
||||
/* PKIX validated, does the TLSA match too? */
|
||||
|
||||
s = ldns_dane_match_any_cert_with_data(
|
||||
pkix_validation_chain,
|
||||
selector, matching_type, data, true);
|
||||
}
|
||||
sk_X509_pop_free(pkix_validation_chain, X509_free);
|
||||
return s;
|
||||
break;
|
||||
|
||||
case LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT:
|
||||
s = ldns_dane_match_cert_with_data(cert,
|
||||
selector, matching_type, data);
|
||||
|
||||
if (s == LDNS_STATUS_OK) {
|
||||
return ldns_dane_pkix_validate(cert, extra_certs,
|
||||
pkix_validation_store);
|
||||
}
|
||||
return s;
|
||||
break;
|
||||
|
||||
case LDNS_TLSA_USAGE_TRUST_ANCHOR_ASSERTION:
|
||||
s = ldns_dane_pkix_get_chain(&pkix_validation_chain,
|
||||
cert, extra_certs);
|
||||
|
||||
if (s == LDNS_STATUS_OK) {
|
||||
s = ldns_dane_match_any_cert_with_data(
|
||||
pkix_validation_chain,
|
||||
selector, matching_type, data, false);
|
||||
|
||||
} else if (! pkix_validation_chain) {
|
||||
return s;
|
||||
}
|
||||
sk_X509_pop_free(pkix_validation_chain, X509_free);
|
||||
return s;
|
||||
break;
|
||||
|
||||
case LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE:
|
||||
return ldns_dane_match_cert_with_data(cert,
|
||||
selector, matching_type, data);
|
||||
break;
|
||||
|
||||
default:
|
||||
break;
|
||||
}
|
||||
return LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE;
|
||||
}
|
||||
|
||||
|
||||
ldns_status
|
||||
ldns_dane_verify(ldns_rr_list* tlsas,
|
||||
X509* cert, STACK_OF(X509)* extra_certs,
|
||||
X509_STORE* pkix_validation_store)
|
||||
{
|
||||
size_t i;
|
||||
ldns_rr* tlsa_rr;
|
||||
ldns_status s = LDNS_STATUS_OK, ps;
|
||||
|
||||
assert(cert != NULL);
|
||||
|
||||
if (tlsas && ldns_rr_list_rr_count(tlsas) > 0) {
|
||||
tlsas = ldns_dane_filter_unusable_records(tlsas);
|
||||
if (! tlsas) {
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
}
|
||||
if (! tlsas || ldns_rr_list_rr_count(tlsas) == 0) {
|
||||
/* No TLSA's, so regular PKIX validation
|
||||
*/
|
||||
return ldns_dane_pkix_validate(cert, extra_certs,
|
||||
pkix_validation_store);
|
||||
} else {
|
||||
for (i = 0; i < ldns_rr_list_rr_count(tlsas); i++) {
|
||||
tlsa_rr = ldns_rr_list_rr(tlsas, i);
|
||||
ps = s;
|
||||
s = ldns_dane_verify_rr(tlsa_rr, cert, extra_certs,
|
||||
pkix_validation_store);
|
||||
|
||||
if (s != LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH &&
|
||||
s != LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE) {
|
||||
|
||||
/* which would be LDNS_STATUS_OK (match)
|
||||
* or some fatal error preventing use from
|
||||
* trying the next TLSA record.
|
||||
*/
|
||||
break;
|
||||
}
|
||||
s = (s > ps ? s : ps); /* prefer PKIX_DID_NOT_VALIDATE
|
||||
* over TLSA_DID_NOT_MATCH
|
||||
*/
|
||||
}
|
||||
ldns_rr_list_free(tlsas);
|
||||
}
|
||||
return s;
|
||||
}
|
||||
#endif /* HAVE_SSL */
|
91
dname.c
91
dname.c
@ -30,6 +30,24 @@
|
||||
#include <arpa/inet.h>
|
||||
#endif
|
||||
|
||||
/* Returns whether the last label in the name is a root label (a empty label).
|
||||
* Note that it is not enough to just test the last character to be 0,
|
||||
* because it may be part of the last label itself.
|
||||
*/
|
||||
static bool
|
||||
ldns_dname_last_label_is_root_label(const ldns_rdf* dname)
|
||||
{
|
||||
size_t src_pos;
|
||||
size_t len = 0;
|
||||
|
||||
for (src_pos = 0; src_pos < ldns_rdf_size(dname); src_pos += len + 1) {
|
||||
len = ldns_rdf_data(dname)[src_pos];
|
||||
}
|
||||
assert(src_pos == ldns_rdf_size(dname));
|
||||
|
||||
return src_pos > 0 && len == 0;
|
||||
}
|
||||
|
||||
ldns_rdf *
|
||||
ldns_dname_cat_clone(const ldns_rdf *rd1, const ldns_rdf *rd2)
|
||||
{
|
||||
@ -47,7 +65,7 @@ ldns_dname_cat_clone(const ldns_rdf *rd1, const ldns_rdf *rd2)
|
||||
* rd, by reducing the size with 1
|
||||
*/
|
||||
left_size = ldns_rdf_size(rd1);
|
||||
if (left_size > 0 &&ldns_rdf_data(rd1)[left_size - 1] == 0) {
|
||||
if (ldns_dname_last_label_is_root_label(rd1)) {
|
||||
left_size--;
|
||||
}
|
||||
|
||||
@ -84,7 +102,7 @@ ldns_dname_cat(ldns_rdf *rd1, ldns_rdf *rd2)
|
||||
* rd, by reducing the size with 1
|
||||
*/
|
||||
left_size = ldns_rdf_size(rd1);
|
||||
if (left_size > 0 &&ldns_rdf_data(rd1)[left_size - 1] == 0) {
|
||||
if (ldns_dname_last_label_is_root_label(rd1)) {
|
||||
left_size--;
|
||||
}
|
||||
|
||||
@ -102,36 +120,39 @@ ldns_dname_cat(ldns_rdf *rd1, ldns_rdf *rd2)
|
||||
return LDNS_STATUS_OK;
|
||||
}
|
||||
|
||||
ldns_rdf *
|
||||
ldns_dname_reverse(const ldns_rdf *d)
|
||||
ldns_rdf*
|
||||
ldns_dname_reverse(const ldns_rdf *dname)
|
||||
{
|
||||
ldns_rdf *new;
|
||||
ldns_rdf *tmp;
|
||||
ldns_rdf *d_tmp;
|
||||
ldns_status status;
|
||||
size_t rd_size;
|
||||
uint8_t* buf;
|
||||
ldns_rdf* new;
|
||||
size_t src_pos;
|
||||
size_t len ;
|
||||
|
||||
d_tmp = ldns_rdf_clone(d);
|
||||
|
||||
new = ldns_dname_new_frm_str(".");
|
||||
if(!new)
|
||||
return NULL;
|
||||
|
||||
while(ldns_dname_label_count(d_tmp) > 0) {
|
||||
tmp = ldns_dname_label(d_tmp, 0);
|
||||
status = ldns_dname_cat(tmp, new);
|
||||
if(status != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(new);
|
||||
ldns_rdf_deep_free(d_tmp);
|
||||
return NULL;
|
||||
}
|
||||
ldns_rdf_deep_free(new);
|
||||
new = tmp;
|
||||
tmp = ldns_dname_left_chop(d_tmp);
|
||||
ldns_rdf_deep_free(d_tmp);
|
||||
d_tmp = tmp;
|
||||
assert(ldns_rdf_get_type(dname) == LDNS_RDF_TYPE_DNAME);
|
||||
|
||||
rd_size = ldns_rdf_size(dname);
|
||||
buf = LDNS_XMALLOC(uint8_t, rd_size);
|
||||
if (! buf) {
|
||||
return NULL;
|
||||
}
|
||||
new = ldns_rdf_new(LDNS_RDF_TYPE_DNAME, rd_size, buf);
|
||||
if (! new) {
|
||||
LDNS_FREE(buf);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* If dname ends in a root label, the reverse should too.
|
||||
*/
|
||||
if (ldns_dname_last_label_is_root_label(dname)) {
|
||||
buf[rd_size - 1] = 0;
|
||||
rd_size -= 1;
|
||||
}
|
||||
for (src_pos = 0; src_pos < rd_size; src_pos += len + 1) {
|
||||
len = ldns_rdf_data(dname)[src_pos];
|
||||
memcpy(&buf[rd_size - src_pos - len - 1],
|
||||
&ldns_rdf_data(dname)[src_pos], len + 1);
|
||||
}
|
||||
ldns_rdf_deep_free(d_tmp);
|
||||
|
||||
return new;
|
||||
}
|
||||
|
||||
@ -519,6 +540,18 @@ ldns_dname_str_absolute(const char *dname_str)
|
||||
return 0;
|
||||
}
|
||||
|
||||
bool
|
||||
ldns_dname_absolute(const ldns_rdf *rdf)
|
||||
{
|
||||
char *str = ldns_rdf2str(rdf);
|
||||
if (str) {
|
||||
bool r = ldns_dname_str_absolute(str);
|
||||
LDNS_FREE(str);
|
||||
return r;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
ldns_rdf *
|
||||
ldns_dname_label(const ldns_rdf *rdf, uint8_t labelpos)
|
||||
{
|
||||
|
43
dnssec.c
43
dnssec.c
@ -743,7 +743,6 @@ ldns_dnssec_create_nsec_bitmap(ldns_rr_type rr_type_list[],
|
||||
memcpy(data + cur_data_size + 2, cur_data, cur_window_max+1);
|
||||
cur_data_size += cur_window_max + 3;
|
||||
}
|
||||
|
||||
bitmap_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_NSEC,
|
||||
cur_data_size,
|
||||
data);
|
||||
@ -1154,12 +1153,15 @@ ldns_create_nsec3(ldns_rdf *cur_owner,
|
||||
salt_length,
|
||||
salt);
|
||||
status = ldns_dname_cat(hashed_owner, cur_zone);
|
||||
if(status != LDNS_STATUS_OK)
|
||||
if(status != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(hashed_owner);
|
||||
return NULL;
|
||||
|
||||
}
|
||||
nsec = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3);
|
||||
if(!nsec)
|
||||
if(!nsec) {
|
||||
ldns_rdf_deep_free(hashed_owner);
|
||||
return NULL;
|
||||
}
|
||||
ldns_rr_set_type(nsec, LDNS_RR_TYPE_NSEC3);
|
||||
ldns_rr_set_owner(nsec, hashed_owner);
|
||||
|
||||
@ -1443,8 +1445,9 @@ ldns_pkt_verify_time(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o,
|
||||
sigs = s;
|
||||
} else {
|
||||
/* otherwise get them from the packet */
|
||||
sigs = ldns_pkt_rr_list_by_name_and_type(p, o, LDNS_RR_TYPE_RRSIG,
|
||||
LDNS_SECTION_ANY_NOQUESTION);
|
||||
sigs = ldns_pkt_rr_list_by_name_and_type(p, o,
|
||||
LDNS_RR_TYPE_RRSIG,
|
||||
LDNS_SECTION_ANY_NOQUESTION);
|
||||
if (!sigs) {
|
||||
/* no sigs */
|
||||
return LDNS_STATUS_ERR;
|
||||
@ -1457,24 +1460,26 @@ ldns_pkt_verify_time(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o,
|
||||
*/
|
||||
t_netorder = htons(t); /* rdf are in network order! */
|
||||
/* a type identifier is a 16-bit number, so the size is 2 bytes */
|
||||
rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE,
|
||||
2,
|
||||
&t_netorder);
|
||||
rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, 2, &t_netorder);
|
||||
|
||||
sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0);
|
||||
ldns_rdf_free(rdf_t);
|
||||
if (! sigs_covered) {
|
||||
if (! s) {
|
||||
ldns_rr_list_deep_free(sigs);
|
||||
}
|
||||
return LDNS_STATUS_ERR;
|
||||
}
|
||||
ldns_rr_list_deep_free(sigs_covered);
|
||||
|
||||
rrset = ldns_pkt_rr_list_by_name_and_type(p,
|
||||
o,
|
||||
t,
|
||||
LDNS_SECTION_ANY_NOQUESTION);
|
||||
|
||||
rrset = ldns_pkt_rr_list_by_name_and_type(p, o, t,
|
||||
LDNS_SECTION_ANY_NOQUESTION);
|
||||
if (!rrset) {
|
||||
if (! s) {
|
||||
ldns_rr_list_deep_free(sigs);
|
||||
}
|
||||
return LDNS_STATUS_ERR;
|
||||
}
|
||||
|
||||
if (!sigs_covered) {
|
||||
return LDNS_STATUS_ERR;
|
||||
}
|
||||
|
||||
return ldns_verify_time(rrset, sigs, k, check_time, good_keys);
|
||||
}
|
||||
|
||||
|
@ -260,6 +260,8 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys)
|
||||
ldns_buffer_free(sign_buf);
|
||||
/* ERROR */
|
||||
ldns_rr_list_deep_free(rrset_clone);
|
||||
ldns_rr_free(current_sig);
|
||||
ldns_rr_list_deep_free(signatures);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -268,6 +270,8 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys)
|
||||
!= LDNS_STATUS_OK) {
|
||||
ldns_buffer_free(sign_buf);
|
||||
ldns_rr_list_deep_free(rrset_clone);
|
||||
ldns_rr_free(current_sig);
|
||||
ldns_rr_list_deep_free(signatures);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -276,6 +280,8 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys)
|
||||
if (!b64rdf) {
|
||||
/* signing went wrong */
|
||||
ldns_rr_list_deep_free(rrset_clone);
|
||||
ldns_rr_free(current_sig);
|
||||
ldns_rr_list_deep_free(signatures);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -481,10 +487,7 @@ ldns_sign_public_rsasha1(ldns_buffer *to_sign, RSA *key)
|
||||
(unsigned char*)ldns_buffer_begin(b64sig),
|
||||
&siglen, key);
|
||||
if (result != 1) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (result != 1) {
|
||||
ldns_buffer_free(b64sig);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -859,16 +862,14 @@ ldns_dnssec_zone_create_nsec3s_mkmap(ldns_dnssec_zone *zone,
|
||||
ldns_rbtree_next(current_name_node));
|
||||
}
|
||||
if (result != LDNS_STATUS_OK) {
|
||||
ldns_rr_list_free(nsec3_list);
|
||||
return result;
|
||||
}
|
||||
|
||||
ldns_rr_list_sort_nsec3(nsec3_list);
|
||||
result = ldns_dnssec_chain_nsec3_list(nsec3_list);
|
||||
if (result != LDNS_STATUS_OK) {
|
||||
return result;
|
||||
}
|
||||
|
||||
ldns_rr_list_free(nsec3_list);
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
@ -1023,9 +1024,9 @@ ldns_key_list_filter_for_non_dnskey(ldns_key_list *key_list)
|
||||
}
|
||||
|
||||
ldns_status
|
||||
ldns_dnssec_zone_create_rrsigs_flg( ATTR_UNUSED(ldns_dnssec_zone *zone)
|
||||
, ATTR_UNUSED(ldns_rr_list *new_rrs)
|
||||
, ATTR_UNUSED(ldns_key_list *key_list)
|
||||
ldns_dnssec_zone_create_rrsigs_flg( ldns_dnssec_zone *zone
|
||||
, ldns_rr_list *new_rrs
|
||||
, ldns_key_list *key_list
|
||||
, int (*func)(ldns_rr *, void*)
|
||||
, void *arg
|
||||
, int flags
|
||||
@ -1112,9 +1113,11 @@ ldns_dnssec_zone_create_rrsigs_flg( ATTR_UNUSED(ldns_dnssec_zone *zone)
|
||||
cur_rrset->signatures = ldns_dnssec_rrs_new();
|
||||
cur_rrset->signatures->rr =
|
||||
ldns_rr_list_rr(siglist, i);
|
||||
}
|
||||
if (new_rrs) {
|
||||
ldns_rr_list_push_rr(new_rrs,
|
||||
ldns_rr_list_rr(siglist,
|
||||
i));
|
||||
ldns_rr_list_rr(siglist,
|
||||
i));
|
||||
}
|
||||
}
|
||||
ldns_rr_list_free(siglist);
|
||||
@ -1146,8 +1149,10 @@ ldns_dnssec_zone_create_rrsigs_flg( ATTR_UNUSED(ldns_dnssec_zone *zone)
|
||||
cur_name->nsec_signatures = ldns_dnssec_rrs_new();
|
||||
cur_name->nsec_signatures->rr =
|
||||
ldns_rr_list_rr(siglist, i);
|
||||
}
|
||||
if (new_rrs) {
|
||||
ldns_rr_list_push_rr(new_rrs,
|
||||
ldns_rr_list_rr(siglist, i));
|
||||
ldns_rr_list_rr(siglist, i));
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -285,9 +285,11 @@ ldns_dnssec_build_data_chain(ldns_resolver *res,
|
||||
ldns_rr_class c = 0;
|
||||
|
||||
bool other_rrset = false;
|
||||
|
||||
|
||||
ldns_dnssec_data_chain *new_chain = ldns_dnssec_data_chain_new();
|
||||
|
||||
assert(pkt != NULL);
|
||||
|
||||
if (!ldns_dnssec_pkt_has_rrsigs(pkt)) {
|
||||
/* hmm. no dnssec data in the packet. go up to try and deny
|
||||
* DS? */
|
||||
@ -402,15 +404,16 @@ ldns_dnssec_build_data_chain(ldns_resolver *res,
|
||||
if (signatures && ldns_rr_list_rr_count(signatures) > 0) {
|
||||
key_name = ldns_rr_rdf(ldns_rr_list_rr(signatures, 0), 7);
|
||||
}
|
||||
|
||||
if (!key_name) {
|
||||
if (signatures) {
|
||||
ldns_rr_list_deep_free(signatures);
|
||||
}
|
||||
return ldns_dnssec_build_data_chain_nokeyname(res,
|
||||
qflags,
|
||||
orig_rr,
|
||||
rrset,
|
||||
new_chain);
|
||||
}
|
||||
|
||||
if (type != LDNS_RR_TYPE_DNSKEY) {
|
||||
ldns_dnssec_build_data_chain_dnskey(res,
|
||||
qflags,
|
||||
@ -419,7 +422,7 @@ ldns_dnssec_build_data_chain(ldns_resolver *res,
|
||||
new_chain,
|
||||
key_name,
|
||||
c
|
||||
);
|
||||
);
|
||||
} else {
|
||||
ldns_dnssec_build_data_chain_other(res,
|
||||
qflags,
|
||||
@ -427,13 +430,11 @@ ldns_dnssec_build_data_chain(ldns_resolver *res,
|
||||
key_name,
|
||||
c,
|
||||
dss
|
||||
|
||||
);
|
||||
);
|
||||
}
|
||||
if (signatures) {
|
||||
ldns_rr_list_deep_free(signatures);
|
||||
}
|
||||
|
||||
return new_chain;
|
||||
}
|
||||
|
||||
@ -826,10 +827,7 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time(
|
||||
/* might contain different names!
|
||||
sort and split */
|
||||
ldns_rr_list_sort(cur_rrset);
|
||||
if (tmp_rrset && tmp_rrset != cur_rrset) {
|
||||
ldns_rr_list_deep_free(tmp_rrset);
|
||||
tmp_rrset = NULL;
|
||||
}
|
||||
assert(tmp_rrset == cur_rrset);
|
||||
tmp_rrset = ldns_rr_list_pop_rrset(cur_rrset);
|
||||
|
||||
/* with nsecs, this might be the wrong one */
|
||||
@ -849,6 +847,12 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time(
|
||||
cur_sig_rr,
|
||||
cur_parent_rr,
|
||||
check_time);
|
||||
if (tmp_rrset && tmp_rrset != cur_rrset
|
||||
) {
|
||||
ldns_rr_list_deep_free(
|
||||
tmp_rrset);
|
||||
tmp_rrset = NULL;
|
||||
}
|
||||
/* avoid dupes */
|
||||
for (i = 0; i < new_tree->parent_count; i++) {
|
||||
if (cur_parent_rr == new_tree->parents[i]->rr) {
|
||||
@ -870,9 +874,6 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time(
|
||||
}
|
||||
}
|
||||
done:
|
||||
if (tmp_rrset && tmp_rrset != cur_rrset) {
|
||||
ldns_rr_list_deep_free(tmp_rrset);
|
||||
}
|
||||
ldns_rr_list_deep_free(cur_rrset);
|
||||
}
|
||||
|
||||
@ -1077,7 +1078,8 @@ ldns_dnssec_trust_tree_contains_keys(ldns_dnssec_trust_tree *tree,
|
||||
if (tree->parent_status[i] != LDNS_STATUS_OK) {
|
||||
result = tree->parent_status[i];
|
||||
} else {
|
||||
if (ldns_rr_get_type(tree->rr)
|
||||
if (tree->rr &&
|
||||
ldns_rr_get_type(tree->rr)
|
||||
== LDNS_RR_TYPE_NSEC &&
|
||||
parent_result == LDNS_STATUS_OK
|
||||
) {
|
||||
@ -1210,8 +1212,8 @@ ldns_fetch_valid_domain_keys_time(const ldns_resolver *res,
|
||||
*status = LDNS_STATUS_CRYPTO_NO_TRUSTED_DNSKEY;
|
||||
|
||||
parent_domain = ldns_dname_left_chop(domain);
|
||||
while (ldns_rdf_size(parent_domain) > 0) {
|
||||
/* Fail if we are at the root */
|
||||
while (parent_domain && /* Fail if we are at the root*/
|
||||
ldns_rdf_size(parent_domain) > 0) {
|
||||
|
||||
if ((parent_keys =
|
||||
ldns_fetch_valid_domain_keys_time(res,
|
||||
@ -1247,7 +1249,9 @@ ldns_fetch_valid_domain_keys_time(const ldns_resolver *res,
|
||||
ldns_rdf_deep_free(prev_parent_domain);
|
||||
}
|
||||
}
|
||||
ldns_rdf_deep_free(parent_domain);
|
||||
if (parent_domain) {
|
||||
ldns_rdf_deep_free(parent_domain);
|
||||
}
|
||||
}
|
||||
}
|
||||
return trusted_keys;
|
||||
@ -1519,12 +1523,11 @@ ldns_dnssec_verify_denial(ldns_rr *rr,
|
||||
rr_name = ldns_rr_owner(rr);
|
||||
chopped_dname = ldns_dname_left_chop(rr_name);
|
||||
result = ldns_dname_cat(wildcard_name, chopped_dname);
|
||||
ldns_rdf_deep_free(chopped_dname);
|
||||
if (result != LDNS_STATUS_OK) {
|
||||
return result;
|
||||
}
|
||||
|
||||
ldns_rdf_deep_free(chopped_dname);
|
||||
|
||||
for (i = 0; i < ldns_rr_list_rr_count(nsecs); i++) {
|
||||
cur_nsec = ldns_rr_list_rr(nsecs, i);
|
||||
if (ldns_dname_compare(rr_name, ldns_rr_owner(cur_nsec)) == 0) {
|
||||
@ -1576,7 +1579,6 @@ ldns_dnssec_verify_denial(ldns_rr *rr,
|
||||
return LDNS_STATUS_OK;
|
||||
}
|
||||
|
||||
#ifdef HAVE_SSL
|
||||
ldns_status
|
||||
ldns_dnssec_verify_denial_nsec3_match( ldns_rr *rr
|
||||
, ldns_rr_list *nsecs
|
||||
@ -1612,7 +1614,7 @@ ldns_dnssec_verify_denial_nsec3_match( ldns_rr *rr
|
||||
ldns_rr_get_type(rr),
|
||||
nsecs);
|
||||
if(!closest_encloser) {
|
||||
result = LDNS_STATUS_NSEC3_ERR;
|
||||
result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED;
|
||||
goto done;
|
||||
}
|
||||
|
||||
@ -1636,16 +1638,14 @@ ldns_dnssec_verify_denial_nsec3_match( ldns_rr *rr
|
||||
ldns_rdf_deep_free(hashed_wildcard_name);
|
||||
}
|
||||
|
||||
if (! wildcard_covered) {
|
||||
result = LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED;
|
||||
} else {
|
||||
result = LDNS_STATUS_OK;
|
||||
}
|
||||
ldns_rdf_deep_free(closest_encloser);
|
||||
ldns_rdf_deep_free(wildcard);
|
||||
|
||||
if (!wildcard_covered) {
|
||||
result = LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED;
|
||||
} else if (closest_encloser && wildcard_covered) {
|
||||
result = LDNS_STATUS_OK;
|
||||
} else {
|
||||
result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED;
|
||||
}
|
||||
} else if (packet_nodata && packet_qtype != LDNS_RR_TYPE_DS) {
|
||||
/* section 8.5 */
|
||||
hashed_name = ldns_nsec3_hash_name_frm_nsec3(
|
||||
@ -1819,9 +1819,6 @@ ldns_dnssec_verify_denial_nsec3(ldns_rr *rr,
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
#endif /* HAVE_SSL */
|
||||
|
||||
#ifdef USE_GOST
|
||||
EVP_PKEY*
|
||||
ldns_gost2pkey_raw(unsigned char* key, size_t keylen)
|
||||
|
@ -708,6 +708,7 @@ ldns_dnssec_zone_new_frm_fp_l(ldns_dnssec_zone** z, FILE* fp, ldns_rdf* origin,
|
||||
case LDNS_STATUS_SYNTAX_EMPTY: /* empty line was seen */
|
||||
case LDNS_STATUS_SYNTAX_TTL: /* the ttl was set*/
|
||||
case LDNS_STATUS_SYNTAX_ORIGIN: /* the origin was set*/
|
||||
status = LDNS_STATUS_OK;
|
||||
break;
|
||||
|
||||
case LDNS_STATUS_SYNTAX_INCLUDE:/* $include not implemented */
|
||||
@ -721,38 +722,42 @@ ldns_dnssec_zone_new_frm_fp_l(ldns_dnssec_zone** z, FILE* fp, ldns_rdf* origin,
|
||||
|
||||
if (ldns_rr_list_rr_count(todo_nsec3s) > 0) {
|
||||
(void) ldns_dnssec_zone_add_empty_nonterminals(newzone);
|
||||
for (i = 0; i < ldns_rr_list_rr_count(todo_nsec3s); i++) {
|
||||
for (i = 0; status == LDNS_STATUS_OK &&
|
||||
i < ldns_rr_list_rr_count(todo_nsec3s); i++) {
|
||||
cur_rr = ldns_rr_list_rr(todo_nsec3s, i);
|
||||
status = ldns_dnssec_zone_add_rr(newzone, cur_rr);
|
||||
}
|
||||
for (i = 0; i < ldns_rr_list_rr_count(todo_nsec3_rrsigs); i++){
|
||||
for (i = 0; status == LDNS_STATUS_OK &&
|
||||
i < ldns_rr_list_rr_count(todo_nsec3_rrsigs);
|
||||
i++){
|
||||
cur_rr = ldns_rr_list_rr(todo_nsec3_rrsigs, i);
|
||||
status = ldns_dnssec_zone_add_rr(newzone, cur_rr);
|
||||
}
|
||||
} else if (ldns_rr_list_rr_count(todo_nsec3_rrsigs) > 0) {
|
||||
for (i = 0; i < ldns_rr_list_rr_count(todo_nsec3_rrsigs); i++){
|
||||
for (i = 0; status == LDNS_STATUS_OK &&
|
||||
i < ldns_rr_list_rr_count(todo_nsec3_rrsigs);
|
||||
i++){
|
||||
cur_rr = ldns_rr_list_rr(todo_nsec3_rrsigs, i);
|
||||
status = ldns_dnssec_zone_add_rr(newzone, cur_rr);
|
||||
}
|
||||
}
|
||||
|
||||
ldns_rr_list_free(todo_nsec3_rrsigs);
|
||||
ldns_rr_list_free(todo_nsec3s);
|
||||
|
||||
if (z) {
|
||||
*z = newzone;
|
||||
newzone = NULL;
|
||||
} else {
|
||||
ldns_dnssec_zone_free(newzone);
|
||||
}
|
||||
|
||||
return LDNS_STATUS_OK;
|
||||
|
||||
error:
|
||||
#ifdef FASTER_DNSSEC_ZONE_NEW_FRM_FP
|
||||
if (zone) {
|
||||
ldns_zone_free(zone);
|
||||
}
|
||||
#endif
|
||||
ldns_rr_list_free(todo_nsec3_rrsigs);
|
||||
ldns_rr_list_free(todo_nsec3s);
|
||||
|
||||
if (my_origin) {
|
||||
ldns_rdf_deep_free(my_origin);
|
||||
}
|
||||
@ -822,7 +827,6 @@ ldns_dname_compare_v(const void *a, const void *b) {
|
||||
return ldns_dname_compare((ldns_rdf *)a, (ldns_rdf *)b);
|
||||
}
|
||||
|
||||
#ifdef HAVE_SSL
|
||||
ldns_rbnode_t *
|
||||
ldns_dnssec_zone_find_nsec3_original(ldns_dnssec_zone *zone,
|
||||
ldns_rr *rr) {
|
||||
@ -912,7 +916,6 @@ ldns_dnssec_zone_add_rr(ldns_dnssec_zone *zone, ldns_rr *rr)
|
||||
|
||||
return result;
|
||||
}
|
||||
#endif /* HAVE_SSL */
|
||||
|
||||
void
|
||||
ldns_dnssec_zone_names_print_fmt(FILE *out, const ldns_output_format *fmt,
|
||||
@ -1009,7 +1012,9 @@ ldns_dnssec_zone_add_empty_nonterminals(ldns_dnssec_zone *zone)
|
||||
if (next_node == LDNS_RBTREE_NULL) {
|
||||
next_node = ldns_rbtree_first(zone->names);
|
||||
}
|
||||
|
||||
if (! cur_node->data || ! next_node->data) {
|
||||
return LDNS_STATUS_ERR;
|
||||
}
|
||||
cur_name = ((ldns_dnssec_name *)cur_node->data)->name;
|
||||
next_name = ((ldns_dnssec_name *)next_node->data)->name;
|
||||
cur_label_count = ldns_dname_label_count(cur_name);
|
||||
|
@ -87,7 +87,7 @@ if (defined $options{'m'}) {
|
||||
|
||||
# 0 - somewhere in the file
|
||||
# 1 - in a doxygen par
|
||||
# 2 - after doxygen, except funcion
|
||||
# 2 - after doxygen, expect function
|
||||
|
||||
# create our pwd
|
||||
mkdir "doc";
|
||||
@ -126,7 +126,14 @@ while($i < $max) {
|
||||
}
|
||||
if ($cur_line =~ /\*\// and $state == 1) {
|
||||
#print "END Comment seen!\n";
|
||||
$state = 2;
|
||||
if ($description =~ /^\\\\file/mg) {
|
||||
# Doxygen text for the file, do not expect
|
||||
# a function coming.
|
||||
#
|
||||
$state = 0;
|
||||
} else {
|
||||
$state = 2;
|
||||
}
|
||||
$i++;
|
||||
next;
|
||||
}
|
||||
@ -184,6 +191,14 @@ while($i < $max) {
|
||||
$description =~ s/\\param\[out\][ \t]*([\*\w]+)[ \t]+/.br\n\\fB$1\\fR: /g;
|
||||
$description =~ s/\\return[ \t]*/.br\nReturns /g;
|
||||
|
||||
# Delete leading spaces to prevent manpages to be ascii format-
|
||||
# ted and enable justification of text.
|
||||
#
|
||||
$description =~ s/^[ \t]*//mg;
|
||||
|
||||
# Prevent hyphening of all caps and underscore words
|
||||
$description =~ s/\b([A-Z_]+)\b/\\%$1/g;
|
||||
|
||||
$description{$key} = $description;
|
||||
$api{$key} = $api;
|
||||
$return{$key} = $return;
|
||||
|
@ -39,6 +39,11 @@ ldns_dname_compare, ldns_dname_interval | ldns_dname_is_subdomain | ldns_dname
|
||||
ldns_dname | ldns_dname_left_chop, ldns_dname_label_count, ldns_dname2canonical, ldns_dname_cat, ldns_dname_cat_clone, ldns_dname_new, ldns_dname_new_frm_str, ldns_dname_new_frm_data, ldns_dname_is_subdomain, ldns_dname_str_absolute, ldns_dname_label, ldns_dname_compare, ldns_dname_interval
|
||||
### /dname.h
|
||||
|
||||
### dane.h
|
||||
ldns_dane_create_tlsa_owner, ldns_dane_cert2rdf, ldns_dane_select_certificate, ldns_dane_create_tlsa_rr | ldns_dane_verify, ldns_dane_verify_rr
|
||||
ldns_dane_verify, ldns_dane_verify_rr | ldns_dane_create_tlsa_owner, ldns_dane_cert2rdf, ldns_dane_select_certificate, ldns_dane_create_tlsa_rr
|
||||
### /dane.h
|
||||
|
||||
### rdata.h
|
||||
ldns_rdf, ldns_rdf_type | ldns_rdf_set_size, ldns_rdf_set_type, ldns_rdf_set_data, ldns_rdf_size, ldns_rdf_get_type, ldns_rdf_data, ldns_rdf_compare, ldns_rdf_new, ldns_rdf_clone, ldns_rdf_new_frm_data, ldns_rdf_new_frm_str, ldns_rdf_new_frm_fp, ldns_rdf_free, ldns_rdf_deep_free, ldns_rdf_print, ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32, ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage, ldns_rdf2native_time_t, ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32, ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage, ldns_rdf2native_time_t, ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32, ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage, ldns_rdf2native_time_t
|
||||
ldns_rdf_set_size, ldns_rdf_set_type, ldns_rdf_set_data | ldns_rdf
|
||||
|
@ -9,6 +9,7 @@ exec_prefix = @exec_prefix@
|
||||
bindir = @bindir@
|
||||
mandir = @mandir@
|
||||
includedir = @includedir@
|
||||
datarootdir = @datarootdir@
|
||||
|
||||
CC = @CC@
|
||||
CFLAGS = -I. @CFLAGS@
|
||||
@ -77,7 +78,6 @@ docclean:
|
||||
|
||||
distclean: clean docclean
|
||||
rm -f config.h
|
||||
rm -f drill.h
|
||||
|
||||
realclean: clean docclean
|
||||
rm -f tags
|
||||
@ -88,9 +88,9 @@ realclean: clean docclean
|
||||
rm -rf autom4te.cache
|
||||
rm -f config.h
|
||||
rm -f config.h.in
|
||||
rm -f drill.h
|
||||
rm -f configure
|
||||
rm -f Makefile
|
||||
rm -f drill.1
|
||||
rm -f aclocal.m4
|
||||
|
||||
doc:
|
||||
@ -99,7 +99,7 @@ doc:
|
||||
install: all
|
||||
$(INSTALL) -d $(DESTDIR)$(bindir)
|
||||
$(INSTALL) drill $(DESTDIR)$(bindir)/drill
|
||||
$(INSTALL) -m 644 $(srcdir)/drill.1 $(DESTDIR)$(mandir)/man1/drill.1
|
||||
$(INSTALL) -m 644 drill.1 $(DESTDIR)$(mandir)/man1/drill.1
|
||||
|
||||
uninstall:
|
||||
@echo
|
||||
@ -116,4 +116,4 @@ lint:
|
||||
done
|
||||
|
||||
confclean: clean
|
||||
rm -rf config.log config.status config.h Makefile
|
||||
rm -rf config.log config.status config.h Makefile drill.1
|
||||
|
@ -45,7 +45,15 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
|
||||
p = ldns_pkt_new();
|
||||
res = ldns_resolver_new();
|
||||
|
||||
if (!p || !res) {
|
||||
if (!p) {
|
||||
if (res) {
|
||||
ldns_resolver_free(res);
|
||||
}
|
||||
error("Memory allocation failed");
|
||||
return NULL;
|
||||
}
|
||||
if (!res) {
|
||||
ldns_pkt_free(p);
|
||||
error("Memory allocation failed");
|
||||
return NULL;
|
||||
}
|
||||
@ -73,6 +81,8 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
|
||||
if (status != LDNS_STATUS_OK) {
|
||||
fprintf(stderr, "Error adding root servers to resolver: %s\n", ldns_get_errorstr_by_id(status));
|
||||
ldns_rr_list_print(stdout, global_dns_root);
|
||||
ldns_resolver_free(res);
|
||||
ldns_pkt_free(p);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -118,7 +128,7 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
|
||||
drill_pkt_print_footer(stdout, local_res, p);
|
||||
|
||||
/* remove the old nameserver from the resolver */
|
||||
while((pop = ldns_resolver_pop_nameserver(res))) { /* do it */ }
|
||||
while(ldns_resolver_pop_nameserver(res)) { /* do it */ }
|
||||
|
||||
/* also check for new_nss emptyness */
|
||||
|
||||
|
@ -111,6 +111,9 @@
|
||||
/* Define to 1 if you have the <ws2tcpip.h> header file. */
|
||||
#undef HAVE_WS2TCPIP_H
|
||||
|
||||
/* Default trust anchor file */
|
||||
#undef LDNS_TRUST_ANCHOR_FILE
|
||||
|
||||
/* Define to the address where bug reports for this package should be sent. */
|
||||
#undef PACKAGE_BUGREPORT
|
||||
|
||||
|
58
drill/configure
vendored
58
drill/configure
vendored
@ -1,6 +1,6 @@
|
||||
#! /bin/sh
|
||||
# Guess values for system-dependent variables and create Makefiles.
|
||||
# Generated by GNU Autoconf 2.68 for ldns 1.6.13.
|
||||
# Generated by GNU Autoconf 2.68 for ldns 1.6.16.
|
||||
#
|
||||
# Report bugs to <libdns@nlnetlabs.nl>.
|
||||
#
|
||||
@ -560,8 +560,8 @@ MAKEFLAGS=
|
||||
# Identity of this package.
|
||||
PACKAGE_NAME='ldns'
|
||||
PACKAGE_TARNAME='libdns'
|
||||
PACKAGE_VERSION='1.6.13'
|
||||
PACKAGE_STRING='ldns 1.6.13'
|
||||
PACKAGE_VERSION='1.6.16'
|
||||
PACKAGE_STRING='ldns 1.6.16'
|
||||
PACKAGE_BUGREPORT='libdns@nlnetlabs.nl'
|
||||
PACKAGE_URL=''
|
||||
|
||||
@ -604,6 +604,7 @@ ac_includes_default="\
|
||||
|
||||
ac_subst_vars='LTLIBOBJS
|
||||
LIBOBJS
|
||||
LDNS_TRUST_ANCHOR_FILE
|
||||
LDNSDIR
|
||||
LIBS_STC
|
||||
RUNTIME_PATH
|
||||
@ -664,6 +665,7 @@ enable_option_checking
|
||||
enable_rpath
|
||||
with_ssl
|
||||
with_ldns
|
||||
with_trust_anchor
|
||||
'
|
||||
ac_precious_vars='build_alias
|
||||
host_alias
|
||||
@ -1216,7 +1218,7 @@ if test "$ac_init_help" = "long"; then
|
||||
# Omit some internal or obsolete options to make the list less imposing.
|
||||
# This message is too long to be a string in the A/UX 3.1 sh.
|
||||
cat <<_ACEOF
|
||||
\`configure' configures ldns 1.6.13 to adapt to many kinds of systems.
|
||||
\`configure' configures ldns 1.6.16 to adapt to many kinds of systems.
|
||||
|
||||
Usage: $0 [OPTION]... [VAR=VALUE]...
|
||||
|
||||
@ -1277,7 +1279,7 @@ fi
|
||||
|
||||
if test -n "$ac_init_help"; then
|
||||
case $ac_init_help in
|
||||
short | recursive ) echo "Configuration of ldns 1.6.13:";;
|
||||
short | recursive ) echo "Configuration of ldns 1.6.16:";;
|
||||
esac
|
||||
cat <<\_ACEOF
|
||||
|
||||
@ -1296,6 +1298,9 @@ Optional Packages:
|
||||
--with-ldns=PATH specify prefix of path of ldns library to use
|
||||
|
||||
|
||||
--with-trust-anchor=KEYFILE
|
||||
Default location of the trust anchor file.
|
||||
[default=SYSCONFDIR/unbound/root.key]
|
||||
|
||||
Some influential environment variables:
|
||||
CC C compiler command
|
||||
@ -1373,7 +1378,7 @@ fi
|
||||
test -n "$ac_init_help" && exit $ac_status
|
||||
if $ac_init_version; then
|
||||
cat <<\_ACEOF
|
||||
ldns configure 1.6.13
|
||||
ldns configure 1.6.16
|
||||
generated by GNU Autoconf 2.68
|
||||
|
||||
Copyright (C) 2010 Free Software Foundation, Inc.
|
||||
@ -1796,7 +1801,7 @@ cat >config.log <<_ACEOF
|
||||
This file contains any messages produced by compilers while
|
||||
running configure, to aid debugging if configure makes a mistake.
|
||||
|
||||
It was created by ldns $as_me 1.6.13, which was
|
||||
It was created by ldns $as_me 1.6.16, which was
|
||||
generated by GNU Autoconf 2.68. Invocation command line was
|
||||
|
||||
$ $0 $@
|
||||
@ -5379,7 +5384,6 @@ else
|
||||
|
||||
as_fn_error $? "Can't find ldns library" "$LINENO" 5
|
||||
|
||||
|
||||
fi
|
||||
|
||||
fi
|
||||
@ -5387,8 +5391,39 @@ fi
|
||||
|
||||
|
||||
|
||||
# Check whether --with-trust-anchor was given.
|
||||
if test "${with_trust_anchor+set}" = set; then :
|
||||
withval=$with_trust_anchor;
|
||||
LDNS_TRUST_ANCHOR_FILE="$withval"
|
||||
|
||||
ac_config_files="$ac_config_files Makefile"
|
||||
else
|
||||
|
||||
if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then
|
||||
if test "x$sysconfdir" = 'x${prefix}/etc' ; then
|
||||
if test "x$prefix" = 'xNONE' ; then
|
||||
LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key"
|
||||
else
|
||||
LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key"
|
||||
fi
|
||||
else
|
||||
LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key"
|
||||
fi
|
||||
fi
|
||||
|
||||
fi
|
||||
|
||||
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
#define LDNS_TRUST_ANCHOR_FILE "$LDNS_TRUST_ANCHOR_FILE"
|
||||
_ACEOF
|
||||
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&5
|
||||
$as_echo "$as_me: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&6;}
|
||||
|
||||
|
||||
|
||||
ac_config_files="$ac_config_files Makefile drill.1"
|
||||
|
||||
ac_config_headers="$ac_config_headers config.h"
|
||||
|
||||
@ -5910,7 +5945,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
|
||||
# report actual input values of CONFIG_FILES etc. instead of their
|
||||
# values after options handling.
|
||||
ac_log="
|
||||
This file was extended by ldns $as_me 1.6.13, which was
|
||||
This file was extended by ldns $as_me 1.6.16, which was
|
||||
generated by GNU Autoconf 2.68. Invocation command line was
|
||||
|
||||
CONFIG_FILES = $CONFIG_FILES
|
||||
@ -5972,7 +6007,7 @@ _ACEOF
|
||||
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
|
||||
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
|
||||
ac_cs_version="\\
|
||||
ldns config.status 1.6.13
|
||||
ldns config.status 1.6.16
|
||||
configured by $0, generated by GNU Autoconf 2.68,
|
||||
with options \\"\$ac_cs_config\\"
|
||||
|
||||
@ -6094,6 +6129,7 @@ for ac_config_target in $ac_config_targets
|
||||
do
|
||||
case $ac_config_target in
|
||||
"Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
|
||||
"drill.1") CONFIG_FILES="$CONFIG_FILES drill.1" ;;
|
||||
"config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
|
||||
|
||||
*) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
|
||||
|
@ -2,7 +2,7 @@
|
||||
# Process this file with autoconf to produce a configure script.
|
||||
|
||||
AC_PREREQ(2.56)
|
||||
AC_INIT(ldns, 1.6.13, libdns@nlnetlabs.nl,libdns)
|
||||
AC_INIT(ldns, 1.6.16, libdns@nlnetlabs.nl,libdns)
|
||||
AC_CONFIG_SRCDIR([drill.c])
|
||||
sinclude(../acx_nlnetlabs.m4)
|
||||
|
||||
@ -170,13 +170,33 @@ if test -f $ldns_dev_dir/ldns/util.h && \
|
||||
else
|
||||
AC_MSG_RESULT([no])
|
||||
AC_CHECK_LIB(ldns, ldns_rr_new, , [
|
||||
AC_MSG_ERROR([Can't find ldns library])
|
||||
AC_MSG_ERROR([Can't find ldns library])dnl '
|
||||
]
|
||||
)
|
||||
fi
|
||||
|
||||
AC_SUBST(LDNSDIR)
|
||||
|
||||
AC_ARG_WITH(trust-anchor, AC_HELP_STRING([--with-trust-anchor=KEYFILE],
|
||||
[Default location of the trust anchor file. [default=SYSCONFDIR/unbound/root.key]]), [
|
||||
LDNS_TRUST_ANCHOR_FILE="$withval"
|
||||
],[
|
||||
if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then
|
||||
if test "x$sysconfdir" = 'x${prefix}/etc' ; then
|
||||
if test "x$prefix" = 'xNONE' ; then
|
||||
LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key"
|
||||
else
|
||||
LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key"
|
||||
fi
|
||||
else
|
||||
LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key"
|
||||
fi
|
||||
fi
|
||||
])
|
||||
AC_DEFINE_UNQUOTED([LDNS_TRUST_ANCHOR_FILE], ["$LDNS_TRUST_ANCHOR_FILE"], [Default trust anchor file])
|
||||
AC_SUBST(LDNS_TRUST_ANCHOR_FILE)
|
||||
AC_MSG_NOTICE([Default trust anchor: $LDNS_TRUST_ANCHOR_FILE])
|
||||
|
||||
AH_BOTTOM([
|
||||
|
||||
#include <stdio.h>
|
||||
@ -254,6 +274,6 @@ extern int optind, opterr;
|
||||
#endif
|
||||
])
|
||||
|
||||
AC_CONFIG_FILES([Makefile])
|
||||
AC_CONFIG_FILES([Makefile drill.1])
|
||||
AC_CONFIG_HEADER([config.h])
|
||||
AC_OUTPUT
|
||||
|
107
drill/dnssec.c
107
drill/dnssec.c
@ -22,12 +22,10 @@ get_rr(ldns_resolver *res, ldns_rdf *zname, ldns_rr_type t, ldns_rr_class c)
|
||||
p = ldns_pkt_new();
|
||||
found = NULL;
|
||||
|
||||
if (ldns_resolver_send(&p, res, zname, t, c, 0) != LDNS_STATUS_OK) {
|
||||
/* oops */
|
||||
return NULL;
|
||||
} else {
|
||||
if (ldns_resolver_send(&p, res, zname, t, c, 0) == LDNS_STATUS_OK) {
|
||||
found = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_ANY_NOQUESTION);
|
||||
}
|
||||
ldns_pkt_free(p);
|
||||
return found;
|
||||
}
|
||||
|
||||
@ -36,6 +34,7 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p)
|
||||
{
|
||||
ldns_rr_list *new_nss;
|
||||
ldns_rr_list *hostnames;
|
||||
char *answerfrom_str;
|
||||
|
||||
if (verbosity < 5) {
|
||||
return;
|
||||
@ -46,8 +45,7 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p)
|
||||
new_nss = ldns_pkt_rr_list_by_type(p,
|
||||
LDNS_RR_TYPE_NS, LDNS_SECTION_ANSWER);
|
||||
ldns_rr_list_print(fd, new_nss);
|
||||
|
||||
/* new_nss can be empty.... */
|
||||
ldns_rr_list_deep_free(new_nss);
|
||||
|
||||
fprintf(fd, ";; Received %d bytes from %s#%d(",
|
||||
(int) ldns_pkt_size(p),
|
||||
@ -59,7 +57,11 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p)
|
||||
ldns_rr_rdf(ldns_rr_list_rr(hostnames, 0), 0));
|
||||
ldns_rr_list_deep_free(hostnames);
|
||||
} else {
|
||||
fprintf(fd, "%s", ldns_rdf2str(ldns_pkt_answerfrom(p)));
|
||||
answerfrom_str = ldns_rdf2str(ldns_pkt_answerfrom(p));
|
||||
if (answerfrom_str) {
|
||||
fprintf(fd, "%s", answerfrom_str);
|
||||
LDNS_FREE(answerfrom_str);
|
||||
}
|
||||
}
|
||||
fprintf(fd, ") in %u ms\n\n", (unsigned int)ldns_pkt_querytime(p));
|
||||
}
|
||||
@ -68,6 +70,7 @@ void
|
||||
drill_pkt_print_footer(FILE *fd, ldns_resolver *r, ldns_pkt *p)
|
||||
{
|
||||
ldns_rr_list *hostnames;
|
||||
char *answerfrom_str;
|
||||
|
||||
if (verbosity < 5) {
|
||||
return;
|
||||
@ -85,7 +88,11 @@ drill_pkt_print_footer(FILE *fd, ldns_resolver *r, ldns_pkt *p)
|
||||
ldns_rr_rdf(ldns_rr_list_rr(hostnames, 0), 0));
|
||||
ldns_rr_list_deep_free(hostnames);
|
||||
} else {
|
||||
fprintf(fd, "%s", ldns_rdf2str(ldns_pkt_answerfrom(p)));
|
||||
answerfrom_str = ldns_rdf2str(ldns_pkt_answerfrom(p));
|
||||
if (answerfrom_str) {
|
||||
fprintf(fd, "%s", answerfrom_str);
|
||||
LDNS_FREE(answerfrom_str);
|
||||
}
|
||||
}
|
||||
fprintf(fd, ") in %u ms\n\n", (unsigned int)ldns_pkt_querytime(p));
|
||||
}
|
||||
@ -98,7 +105,6 @@ get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t,
|
||||
ldns_rr_list **rrlist, ldns_rr_list **sig)
|
||||
{
|
||||
ldns_pkt_type pt = LDNS_PACKET_UNKNOWN;
|
||||
ldns_rr_list *rr = NULL;
|
||||
ldns_rr_list *sigs = NULL;
|
||||
size_t i;
|
||||
|
||||
@ -111,36 +117,52 @@ get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t,
|
||||
|
||||
pt = ldns_pkt_reply_type(p);
|
||||
if (name) {
|
||||
rr = ldns_pkt_rr_list_by_name_and_type(p, name, t, LDNS_SECTION_ANSWER);
|
||||
if (!rr) {
|
||||
rr = ldns_pkt_rr_list_by_name_and_type(p, name, t, LDNS_SECTION_AUTHORITY);
|
||||
if (rrlist) {
|
||||
*rrlist = ldns_pkt_rr_list_by_name_and_type(p, name, t,
|
||||
LDNS_SECTION_ANSWER);
|
||||
if (!*rrlist) {
|
||||
*rrlist = ldns_pkt_rr_list_by_name_and_type(
|
||||
p, name, t,
|
||||
LDNS_SECTION_AUTHORITY);
|
||||
}
|
||||
}
|
||||
sigs = ldns_pkt_rr_list_by_name_and_type(p, name, LDNS_RR_TYPE_RRSIG,
|
||||
LDNS_SECTION_ANSWER);
|
||||
if (!sigs) {
|
||||
sigs = ldns_pkt_rr_list_by_name_and_type(p, name, LDNS_RR_TYPE_RRSIG,
|
||||
LDNS_SECTION_AUTHORITY);
|
||||
if (sig) {
|
||||
sigs = ldns_pkt_rr_list_by_name_and_type(p, name,
|
||||
LDNS_RR_TYPE_RRSIG,
|
||||
LDNS_SECTION_ANSWER);
|
||||
if (!sigs) {
|
||||
sigs = ldns_pkt_rr_list_by_name_and_type(
|
||||
p, name, LDNS_RR_TYPE_RRSIG,
|
||||
LDNS_SECTION_AUTHORITY);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
/* A DS-referral - get the DS records if they are there */
|
||||
rr = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_AUTHORITY);
|
||||
sigs = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_RRSIG,
|
||||
LDNS_SECTION_AUTHORITY);
|
||||
/* A DS-referral - get the DS records if they are there */
|
||||
if (rrlist) {
|
||||
*rrlist = ldns_pkt_rr_list_by_type(
|
||||
p, t, LDNS_SECTION_AUTHORITY);
|
||||
}
|
||||
if (sig) {
|
||||
sigs = ldns_pkt_rr_list_by_type(p,
|
||||
LDNS_RR_TYPE_RRSIG,
|
||||
LDNS_SECTION_AUTHORITY);
|
||||
}
|
||||
}
|
||||
if (sig) {
|
||||
*sig = ldns_rr_list_new();
|
||||
for (i = 0; i < ldns_rr_list_rr_count(sigs); i++) {
|
||||
/* only add the sigs that cover this type */
|
||||
if (ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(ldns_rr_list_rr(sigs, i))) ==
|
||||
t) {
|
||||
ldns_rr_list_push_rr(*sig, ldns_rr_clone(ldns_rr_list_rr(sigs, i)));
|
||||
if (t == ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(
|
||||
ldns_rr_list_rr(sigs, i)))) {
|
||||
|
||||
ldns_rr_list_push_rr(*sig,
|
||||
ldns_rr_clone(
|
||||
ldns_rr_list_rr(
|
||||
sigs, i)));
|
||||
}
|
||||
}
|
||||
}
|
||||
ldns_rr_list_deep_free(sigs);
|
||||
if (rrlist) {
|
||||
*rrlist = rr;
|
||||
}
|
||||
|
||||
if (pt == LDNS_PACKET_NXDOMAIN || pt == LDNS_PACKET_NODATA) {
|
||||
return pt;
|
||||
@ -153,6 +175,7 @@ get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t,
|
||||
ldns_status
|
||||
ldns_verify_denial(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_list **nsec_rrs, ldns_rr_list **nsec_rr_sigs)
|
||||
{
|
||||
#ifdef HAVE_SSL
|
||||
uint16_t nsec_i;
|
||||
|
||||
ldns_rr_list *nsecs;
|
||||
@ -216,12 +239,28 @@ ldns_verify_denial(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_lis
|
||||
ldns_rr_list* sigs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANY_NOQUESTION);
|
||||
ldns_rr* q = ldns_rr_new();
|
||||
ldns_rr* match = NULL;
|
||||
if(!sigs) return LDNS_STATUS_MEM_ERR;
|
||||
if(!q) return LDNS_STATUS_MEM_ERR;
|
||||
|
||||
if(!sigs) {
|
||||
if (q) {
|
||||
ldns_rr_free(q);
|
||||
}
|
||||
ldns_rr_list_deep_free(nsecs);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
if(!q) {
|
||||
ldns_rr_list_deep_free(nsecs);
|
||||
ldns_rr_list_deep_free(sigs);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
ldns_rr_set_question(q, 1);
|
||||
ldns_rr_set_ttl(q, 0);
|
||||
ldns_rr_set_owner(q, ldns_rdf_clone(name));
|
||||
if(!ldns_rr_owner(q)) return LDNS_STATUS_MEM_ERR;
|
||||
if(!ldns_rr_owner(q)) {
|
||||
ldns_rr_free(q);
|
||||
ldns_rr_list_deep_free(sigs);
|
||||
ldns_rr_list_deep_free(nsecs);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
ldns_rr_set_type(q, type);
|
||||
|
||||
/* result = ldns_dnssec_verify_denial_nsec3(q, nsecs, sigs, ldns_pkt_get_rcode(pkt), type, ldns_pkt_ancount(pkt) == 0); */
|
||||
@ -234,6 +273,14 @@ ldns_verify_denial(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_lis
|
||||
ldns_rr_list_deep_free(sigs);
|
||||
}
|
||||
return result;
|
||||
#else
|
||||
(void)pkt;
|
||||
(void)name;
|
||||
(void)type;
|
||||
(void)nsec_rrs;
|
||||
(void)nsec_rr_sigs;
|
||||
return LDNS_STATUS_ERR;
|
||||
#endif /* HAVE_SSL */
|
||||
}
|
||||
|
||||
/* NSEC3 draft -07 */
|
||||
|
@ -161,6 +161,11 @@ given \fBdrill\fR tries to validate the current answer with this
|
||||
key. No chasing is done. When \fBdrill\fR is doing a secure trace, this
|
||||
key will be used as trust anchor. Can contain a DNSKEY or a DS record.
|
||||
|
||||
Alternatively, when DNSSEC enabled tracing (\fB-TD\fR) or signature
|
||||
chasing (\fB-S\fR), if \fB-k\fR is not specified, and a default trust anchor
|
||||
(@LDNS_TRUST_ANCHOR_FILE@) exists and contains a valid DNSKEY or DS record,
|
||||
it will be used as the trust anchor.
|
||||
|
||||
.TP
|
||||
\fB\-o \fImnemonic\fR
|
||||
Use this option to set or unset specific header bits. A bit is
|
||||
@ -212,6 +217,13 @@ specify named base64 tsig key, and optional an algorithm (defaults to hmac-md5.s
|
||||
\fB\-z \fR
|
||||
don't randomize the nameserver list before sending queries.
|
||||
|
||||
.SH "FILES"
|
||||
.TP
|
||||
@LDNS_TRUST_ANCHOR_FILE@
|
||||
The file from which trusted keys are loaded when no \fB-k\fR option is given.
|
||||
.SH "SEE ALSO"
|
||||
.LP
|
||||
unbound-anchor(8)
|
||||
|
||||
.SH AUTHOR
|
||||
Jelte Jansen and Miek Gieben. Both of NLnet Labs.
|
@ -47,19 +47,25 @@ usage(FILE *stream, const char *progname)
|
||||
fprintf(stream, "\t-6\t\tstay on ip6\n");
|
||||
fprintf(stream, "\t-a\t\tfallback to EDNS0 and TCP if the answer is truncated\n");
|
||||
fprintf(stream, "\t-b <bufsize>\tuse <bufsize> as the buffer size (defaults to 512 b)\n");
|
||||
fprintf(stream, "\t-c <file>\t\tuse file for rescursive nameserver configuration (/etc/resolv.conf)\n");
|
||||
fprintf(stream, "\t-k <file>\tspecify a file that contains a trusted DNSSEC key (DNSKEY|DS) [**]\n");
|
||||
fprintf(stream, "\t\t\tused to verify any signatures in the current answer\n");
|
||||
fprintf(stream, "\t-o <mnemonic>\tset flags to: [QR|qr][AA|aa][TC|tc][RD|rd][CD|cd][RA|ra][AD|ad]\n");
|
||||
fprintf(stream, "\t-c <file>\tuse file for rescursive nameserver configuration"
|
||||
"\n\t\t\t(/etc/resolv.conf)\n");
|
||||
fprintf(stream, "\t-k <file>\tspecify a file that contains a trusted DNSSEC key [**]\n");
|
||||
fprintf(stream, "\t\t\tUsed to verify any signatures in the current answer.\n");
|
||||
fprintf(stream, "\t\t\tWhen DNSSEC enabled tracing (-TD) or signature\n"
|
||||
"\t\t\tchasing (-S) and no key files are given, keys are read\n"
|
||||
"\t\t\tfrom: %s\n",
|
||||
LDNS_TRUST_ANCHOR_FILE);
|
||||
fprintf(stream, "\t-o <mnemonic>\tset flags to:"
|
||||
"\n\t\t\t[QR|qr][AA|aa][TC|tc][RD|rd][CD|cd][RA|ra][AD|ad]\n");
|
||||
fprintf(stream, "\t\t\tlowercase: unset bit, uppercase: set bit\n");
|
||||
fprintf(stream, "\t-p <port>\tuse <port> as remote port number\n");
|
||||
fprintf(stream, "\t-s\t\tshow the DS RR for each key in a packet\n");
|
||||
fprintf(stream, "\t-u\t\tsend the query with udp (the default)\n");
|
||||
fprintf(stream, "\t-x\t\tdo a reverse lookup\n");
|
||||
fprintf(stream, "\twhen doing a secure trace:\n");
|
||||
fprintf(stream, "\t-r <file>\t\tuse file as root servers hint file\n");
|
||||
fprintf(stream, "\t-r <file>\tuse file as root servers hint file\n");
|
||||
fprintf(stream, "\t-t\t\tsend the query with tcp (connected)\n");
|
||||
fprintf(stream, "\t-d <domain>\t\tuse domain as the start point for the trace\n");
|
||||
fprintf(stream, "\t-d <domain>\tuse domain as the start point for the trace\n");
|
||||
fprintf(stream, "\t-y <name:key[:algo]>\tspecify named base64 tsig key, and optional an\n\t\t\talgorithm (defaults to hmac-md5.sig-alg.reg.int)\n");
|
||||
fprintf(stream, "\t-z\t\tdon't randomize the nameservers before use\n");
|
||||
fprintf(stream, "\n [*] = enables/implies DNSSEC\n");
|
||||
@ -272,7 +278,8 @@ main(int argc, char *argv[])
|
||||
qusevc = true;
|
||||
break;
|
||||
case 'k':
|
||||
status = read_key_file(optarg, key_list);
|
||||
status = read_key_file(optarg,
|
||||
key_list, false);
|
||||
if (status != LDNS_STATUS_OK) {
|
||||
error("Could not parse the key file %s: %s", optarg, ldns_get_errorstr_by_id(status));
|
||||
}
|
||||
@ -397,6 +404,15 @@ main(int argc, char *argv[])
|
||||
argc -= optind;
|
||||
argv += optind;
|
||||
|
||||
if ((PURPOSE == DRILL_CHASE || (PURPOSE == DRILL_TRACE && qdnssec)) &&
|
||||
ldns_rr_list_rr_count(key_list) == 0) {
|
||||
|
||||
(void) read_key_file(LDNS_TRUST_ANCHOR_FILE, key_list, true);
|
||||
}
|
||||
if (ldns_rr_list_rr_count(key_list) > 0) {
|
||||
printf(";; Number of trusted keys: %d\n",
|
||||
(int) ldns_rr_list_rr_count(key_list));
|
||||
}
|
||||
/* do a secure trace when requested */
|
||||
if (PURPOSE == DRILL_TRACE && qdnssec) {
|
||||
#ifdef HAVE_SSL
|
||||
|
@ -85,7 +85,6 @@ ldns_status ldns_verify_denial(ldns_pkt *pkt,
|
||||
ldns_rr_list **nsec_rrs,
|
||||
ldns_rr_list **nsec_rr_sigs);
|
||||
|
||||
ldns_status read_key_file(const char *filename, ldns_rr_list *key_list);
|
||||
ldns_pkt *read_hex_pkt(char *filename);
|
||||
ldns_buffer *read_hex_buffer(char *filename);
|
||||
void init_root(void);
|
||||
|
@ -13,14 +13,14 @@
|
||||
|
||||
#include <errno.h>
|
||||
|
||||
static size_t
|
||||
static int
|
||||
read_line(FILE *input, char *line, size_t len)
|
||||
{
|
||||
size_t i;
|
||||
int i;
|
||||
|
||||
char c;
|
||||
for (i = 0; i < len-1; i++) {
|
||||
c = getc(input);
|
||||
for (i = 0; i < (int)len-1; i++) {
|
||||
c = (char)getc(input);
|
||||
if (c == EOF) {
|
||||
return -1;
|
||||
} else if (c != '\n') {
|
||||
@ -35,20 +35,22 @@ read_line(FILE *input, char *line, size_t len)
|
||||
|
||||
/* key_list must be initialized with ldns_rr_list_new() */
|
||||
ldns_status
|
||||
read_key_file(const char *filename, ldns_rr_list *key_list)
|
||||
read_key_file(const char *filename, ldns_rr_list *key_list, bool silently)
|
||||
{
|
||||
int line_len = 0;
|
||||
int line_nr = 0;
|
||||
int key_count = 0;
|
||||
char line[LDNS_MAX_PACKETLEN];
|
||||
char line[LDNS_MAX_LINELEN];
|
||||
ldns_status status;
|
||||
FILE *input_file;
|
||||
ldns_rr *rr;
|
||||
|
||||
input_file = fopen(filename, "r");
|
||||
if (!input_file) {
|
||||
fprintf(stderr, "Error opening %s: %s\n",
|
||||
filename, strerror(errno));
|
||||
if (! silently) {
|
||||
fprintf(stderr, "Error opening %s: %s\n",
|
||||
filename, strerror(errno));
|
||||
}
|
||||
return LDNS_STATUS_ERR;
|
||||
}
|
||||
while (line_len >= 0) {
|
||||
@ -57,10 +59,13 @@ read_key_file(const char *filename, ldns_rr_list *key_list)
|
||||
if (line_len > 0 && line[0] != ';') {
|
||||
status = ldns_rr_new_frm_str(&rr, line, 0, NULL, NULL);
|
||||
if (status != LDNS_STATUS_OK) {
|
||||
fprintf(stderr,
|
||||
"Error parsing DNSKEY RR in line %d: %s\n",
|
||||
line_nr,
|
||||
ldns_get_errorstr_by_id(status));
|
||||
if (! silently) {
|
||||
fprintf(stderr,
|
||||
"Error parsing DNSKEY RR "
|
||||
"in line %d: %s\n", line_nr,
|
||||
ldns_get_errorstr_by_id(status)
|
||||
);
|
||||
}
|
||||
} else if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_DNSKEY ||
|
||||
ldns_rr_get_type(rr) == LDNS_RR_TYPE_DS) {
|
||||
ldns_rr_list_push_rr(key_list, rr);
|
||||
@ -70,7 +75,7 @@ read_key_file(const char *filename, ldns_rr_list *key_list)
|
||||
}
|
||||
}
|
||||
}
|
||||
printf(";; Number of trusted keys: %d\n", key_count);
|
||||
fclose(input_file);
|
||||
if (key_count > 0) {
|
||||
return LDNS_STATUS_OK;
|
||||
} else {
|
||||
@ -132,6 +137,7 @@ print_ds_of_keys(ldns_pkt *p)
|
||||
ds = ldns_key_rr2ds(ldns_rr_list_rr(keys, i), LDNS_SHA256);
|
||||
local_print_ds(stdout, "; sha256: ", ds);
|
||||
}
|
||||
ldns_rr_list_deep_free(keys);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -12,6 +12,13 @@
|
||||
#define _DRILL_UTIL_H_
|
||||
#include <ldns/ldns.h>
|
||||
|
||||
|
||||
/**
|
||||
* Read keys from filename and append to key_list.
|
||||
*/
|
||||
ldns_status read_key_file(const char *filename, ldns_rr_list *key_list,
|
||||
bool silently);
|
||||
|
||||
/**
|
||||
* return a address rdf, either A or AAAA
|
||||
* NULL if anything goes wrong
|
||||
|
@ -231,7 +231,8 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
|
||||
if (status != LDNS_STATUS_OK) {
|
||||
printf("ERRRRR: %s\n", ldns_get_errorstr_by_id(status));
|
||||
ldns_rr_list_print(stdout, global_dns_root);
|
||||
return status;
|
||||
result = status;
|
||||
goto done;
|
||||
}
|
||||
labels_count = ldns_dname_label_count(name);
|
||||
if (start_name) {
|
||||
@ -392,7 +393,6 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
|
||||
printf(";; There is an empty non-terminal here, continue\n");
|
||||
continue;
|
||||
}
|
||||
goto done;
|
||||
}
|
||||
|
||||
if (ldns_resolver_nameserver_count(res) == 0) {
|
||||
|
26
drill/work.c
26
drill/work.c
@ -122,11 +122,6 @@ packetbuffromfile(char *filename, uint8_t *wire)
|
||||
hexbuf[hexbufpos] = (uint8_t) c;
|
||||
hexbufpos++;
|
||||
break;
|
||||
default:
|
||||
warning("unknown state while reading %s", filename);
|
||||
xfree(hexbuf);
|
||||
return 0;
|
||||
break;
|
||||
}
|
||||
c = fgetc(fp);
|
||||
}
|
||||
@ -178,20 +173,7 @@ read_hex_buffer(char *filename)
|
||||
size_t wiresize;
|
||||
ldns_buffer *result_buffer = NULL;
|
||||
|
||||
FILE *fp = NULL;
|
||||
|
||||
if (strncmp(filename, "-", 2) != 0) {
|
||||
fp = fopen(filename, "r");
|
||||
} else {
|
||||
fp = stdin;
|
||||
}
|
||||
|
||||
if (fp == NULL) {
|
||||
perror("");
|
||||
warning("Unable to open %s", filename);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
||||
wire = xmalloc(LDNS_MAX_PACKETLEN);
|
||||
|
||||
wiresize = packetbuffromfile(filename, wire);
|
||||
@ -199,8 +181,8 @@ read_hex_buffer(char *filename)
|
||||
result_buffer = LDNS_MALLOC(ldns_buffer);
|
||||
ldns_buffer_new_frm_data(result_buffer, wire, wiresize);
|
||||
ldns_buffer_set_position(result_buffer, ldns_buffer_capacity(result_buffer));
|
||||
|
||||
xfree(wire);
|
||||
|
||||
return result_buffer;
|
||||
}
|
||||
|
||||
@ -236,7 +218,7 @@ read_hex_pkt(char *filename)
|
||||
void
|
||||
dump_hex(const ldns_pkt *pkt, const char *filename)
|
||||
{
|
||||
uint8_t *wire;
|
||||
uint8_t *wire = NULL;
|
||||
size_t size, i;
|
||||
FILE *fp;
|
||||
ldns_status status;
|
||||
@ -252,6 +234,7 @@ dump_hex(const ldns_pkt *pkt, const char *filename)
|
||||
|
||||
if (status != LDNS_STATUS_OK) {
|
||||
error("Unable to convert packet: error code %u", status);
|
||||
LDNS_FREE(wire);
|
||||
return;
|
||||
}
|
||||
|
||||
@ -273,4 +256,5 @@ dump_hex(const ldns_pkt *pkt, const char *filename)
|
||||
}
|
||||
fprintf(fp, "\n");
|
||||
fclose(fp);
|
||||
LDNS_FREE(wire);
|
||||
}
|
||||
|
29
error.c
29
error.c
@ -95,6 +95,35 @@ ldns_lookup_table ldns_error_str[] = {
|
||||
"DNSSEC signature will expire too soon" },
|
||||
{ LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN,
|
||||
"DNSSEC signature not incepted long enough" },
|
||||
{ LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE,
|
||||
"Unknown TLSA Certificate Usage" },
|
||||
{ LDNS_STATUS_DANE_UNKNOWN_SELECTOR, "Unknown TLSA Selector" },
|
||||
{ LDNS_STATUS_DANE_UNKNOWN_MATCHING_TYPE,
|
||||
"Unknown TLSA Matching Type" },
|
||||
{ LDNS_STATUS_DANE_UNKNOWN_PROTOCOL,
|
||||
"Unknown protocol. Only IPv4 and IPv6 are understood" },
|
||||
{ LDNS_STATUS_DANE_UNKNOWN_TRANSPORT,
|
||||
"Unknown transport. Should be one of {tcp, udp, sctp}" },
|
||||
{ LDNS_STATUS_DANE_MISSING_EXTRA_CERTS, /* Trust anchor assertion */
|
||||
"More than one certificate should be provided" },
|
||||
{ LDNS_STATUS_DANE_EXTRA_CERTS_NOT_USED, /* Trust anchor assertion */
|
||||
"Non of the extra certificates is used to sign the first" },
|
||||
{ LDNS_STATUS_DANE_OFFSET_OUT_OF_RANGE, /* Trust anchor assertion */
|
||||
"The offset was out of range" },
|
||||
{ LDNS_STATUS_DANE_INSECURE, /* Unused by library */
|
||||
"The queried resource records were insecure" },
|
||||
{ LDNS_STATUS_DANE_BOGUS, /* Unused by library */
|
||||
"The queried resource records were bogus" },
|
||||
{ LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH,
|
||||
"The TLSA record(s) "
|
||||
"did not match with the server certificate (chain)" },
|
||||
{ LDNS_STATUS_DANE_NON_CA_CERTIFICATE,
|
||||
"The certificate was not a CA certificate" },
|
||||
{ LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE,
|
||||
"Could not PKIX validate" },
|
||||
{ LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR,
|
||||
"The validation path "
|
||||
"did not end in a self-signed certificate" },
|
||||
{ 0, NULL }
|
||||
};
|
||||
|
||||
|
@ -9,6 +9,7 @@ exec_prefix = @exec_prefix@
|
||||
bindir = @bindir@
|
||||
mandir = @mandir@
|
||||
libtool = @libtool@
|
||||
datarootdir = @datarootdir@
|
||||
|
||||
CC = @CC@
|
||||
CFLAGS = -I. -I${srcdir} @CFLAGS@
|
||||
@ -18,6 +19,7 @@ LIBNSL_LIBS = @LIBNSL_LIBS@
|
||||
LIBSSL_CPPFLAGS = @LIBSSL_CPPFLAGS@
|
||||
LIBSSL_LDFLAGS = @LIBSSL_LDFLAGS@
|
||||
LIBSSL_LIBS = @LIBSSL_LIBS@
|
||||
LIBSSL_SSL_LIBS = @LIBSSL_SSL_LIBS@
|
||||
LIBS = @LIBS@
|
||||
RUNTIME_PATH = @RUNTIME_PATH@
|
||||
LDNSDIR = @LDNSDIR@
|
||||
@ -70,7 +72,8 @@ MAIN_SOURCES = ldns-read-zone.c \
|
||||
MAIN_SSL_SOURCES = ldns-signzone.c \
|
||||
ldns-verify-zone.c \
|
||||
ldns-revoke.c \
|
||||
ldns-nsec3-hash.c
|
||||
ldns-nsec3-hash.c \
|
||||
ldns-dane.c
|
||||
|
||||
OTHER_SOURCES = ldns-testpkts.c
|
||||
|
||||
@ -104,6 +107,18 @@ ldnsd.stc: ldnsd.o
|
||||
$(LINK_STATIC) $(LIBNSL_LDFLAGS) -o $@ $^ ; \
|
||||
fi
|
||||
|
||||
ldns-dane.prg-ssl: ldns-dane.o
|
||||
@if test ! -f $(@:.prg-ssl=) -o $< -nt $(@:.prg-ssl=); then \
|
||||
echo $(LINK) $(LIBNSL_LIBS) $(LIBSSL_LDFLAGS) $(LIBSSL_SSL_LIBS) -o $(@:.prg-ssl=) $^ ; \
|
||||
$(LINK) $(LIBNSL_LIBS) $(LIBSSL_LDFLAGS) $(LIBSSL_SSL_LIBS) -o $(@:.prg-ssl=) $^ ; \
|
||||
fi
|
||||
|
||||
ldns-dane.stc-ssl: ldns-dane.o
|
||||
@if test ! -f $@ -o $< -nt $@; then \
|
||||
echo $(LINK_STATIC) $(LIBNSL_LIBS) $(LIBSSL_LDFLAGS) $(LIBSSL_SSL_LIBS) -o $@ $^ ; \
|
||||
$(LINK_STATIC) $(LIBNSL_LIBS) $(LIBSSL_LDFLAGS) $(LIBSSL_SSL_LIBS) -o $@ $^ ; \
|
||||
fi
|
||||
|
||||
%.prg-ssl: %.o
|
||||
@if test ! -f $(@:.prg-ssl=) -o $< -nt $(@:.prg-ssl=); then \
|
||||
echo $(LINK) $(LIBNSL_LIBS) $(LIBSSL_LDFLAGS) $(LIBSSL_LIBS) -o $(@:.prg-ssl=) $^ ; \
|
||||
@ -142,11 +157,12 @@ clean:
|
||||
|
||||
realclean: clean
|
||||
rm -rf autom4te.cache/
|
||||
rm -f config.log config.status aclocal.m4 config.h.in configure Makefile
|
||||
rm -f config.h
|
||||
rm -f config.log config.status aclocal.m4 config.h.in configure
|
||||
rm -f config.h ldns-dane.1 ldns-verify-zone.1 Makefile
|
||||
|
||||
confclean: clean
|
||||
rm -rf config.log config.status config.h Makefile
|
||||
rm -rf config.log config.status
|
||||
rm -f config.h ldns-dane.1 ldns-verify-zone.1 Makefile
|
||||
|
||||
install: $(PROGRAMS) $(SSL_PROGRAMS)
|
||||
$(INSTALL) -d -m 755 $(DESTDIR)$(bindir)
|
||||
@ -154,7 +170,10 @@ install: $(PROGRAMS) $(SSL_PROGRAMS)
|
||||
$(INSTALL) -d -m 755 $(DESTDIR)$(mandir)/man1
|
||||
for i in $(PROGRAMS) $(SSL_PROGRAMS); do \
|
||||
$(libtool) --tag=CC --mode=install ${INSTALL} -c $$i $(DESTDIR)$(bindir) ; \
|
||||
$(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \
|
||||
if test -f $$i.1 ; \
|
||||
then $(INSTALL) -c -m 644 $$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \
|
||||
else $(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \
|
||||
fi ; \
|
||||
done
|
||||
exit 0
|
||||
|
||||
@ -164,11 +183,17 @@ install-static: all-static
|
||||
$(INSTALL) -d -m 755 $(DESTDIR)$(mandir)/man1
|
||||
for i in $(PROGRAMS); do \
|
||||
$(libtool) --tag=CC --mode=install ${INSTALL} -c $$i.stc $(DESTDIR)$(bindir) ; \
|
||||
$(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \
|
||||
if test -f $$i.1 ; \
|
||||
then $(INSTALL) -c -m 644 $$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \
|
||||
else $(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \
|
||||
fi ; \
|
||||
done
|
||||
for i in $(SSL_PROGRAMS); do \
|
||||
$(libtool) --tag=CC --mode=install ${INSTALL} -c $$i.stc-ssl $(DESTDIR)$(bindir) ; \
|
||||
$(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \
|
||||
if test -f $$i.1 ; \
|
||||
then $(INSTALL) -c -m 644 $$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \
|
||||
else $(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \
|
||||
fi ; \
|
||||
done
|
||||
exit 0
|
||||
|
||||
|
@ -9,6 +9,12 @@
|
||||
/* Define to 1 if you have the <ctype.h> header file. */
|
||||
#undef HAVE_CTYPE_H
|
||||
|
||||
/* Is a CAFILE given at configure time */
|
||||
#undef HAVE_DANE_CA_FILE
|
||||
|
||||
/* Is a CAPATH given at configure time */
|
||||
#undef HAVE_DANE_CA_PATH
|
||||
|
||||
/* Define to 1 if you have the declaration of `in6addr_any', and to 0 if you
|
||||
don't. */
|
||||
#undef HAVE_DECL_IN6ADDR_ANY
|
||||
@ -151,6 +157,15 @@
|
||||
/* Define to 1 if you have the <ws2tcpip.h> header file. */
|
||||
#undef HAVE_WS2TCPIP_H
|
||||
|
||||
/* Is a CAFILE given at configure time */
|
||||
#undef LDNS_DANE_CA_FILE
|
||||
|
||||
/* Is a CAPATH given at configure time */
|
||||
#undef LDNS_DANE_CA_PATH
|
||||
|
||||
/* Default trust anchor file */
|
||||
#undef LDNS_TRUST_ANCHOR_FILE
|
||||
|
||||
/* Define to the address where bug reports for this package should be sent. */
|
||||
#undef PACKAGE_BUGREPORT
|
||||
|
||||
|
123
examples/configure
vendored
123
examples/configure
vendored
@ -1,6 +1,6 @@
|
||||
#! /bin/sh
|
||||
# Guess values for system-dependent variables and create Makefiles.
|
||||
# Generated by GNU Autoconf 2.68 for ldns 1.6.13.
|
||||
# Generated by GNU Autoconf 2.68 for ldns 1.6.16.
|
||||
#
|
||||
# Report bugs to <libdns@nlnetlabs.nl>.
|
||||
#
|
||||
@ -560,8 +560,8 @@ MAKEFLAGS=
|
||||
# Identity of this package.
|
||||
PACKAGE_NAME='ldns'
|
||||
PACKAGE_TARNAME='libdns'
|
||||
PACKAGE_VERSION='1.6.13'
|
||||
PACKAGE_STRING='ldns 1.6.13'
|
||||
PACKAGE_VERSION='1.6.16'
|
||||
PACKAGE_STRING='ldns 1.6.16'
|
||||
PACKAGE_BUGREPORT='libdns@nlnetlabs.nl'
|
||||
PACKAGE_URL=''
|
||||
|
||||
@ -604,7 +604,11 @@ ac_includes_default="\
|
||||
|
||||
ac_subst_vars='LTLIBOBJS
|
||||
LIBOBJS
|
||||
DEFAULT_CAPATH
|
||||
DEFAULT_CAFILE
|
||||
LDNS_TRUST_ANCHOR_FILE
|
||||
LDNSDIR
|
||||
LIBSSL_SSL_LIBS
|
||||
LIBSSL_LIBS
|
||||
LIBSSL_LDFLAGS
|
||||
LIBSSL_CPPFLAGS
|
||||
@ -670,6 +674,9 @@ enable_sha2
|
||||
enable_gost
|
||||
enable_ecdsa
|
||||
with_ldns
|
||||
with_trust_anchor
|
||||
with_ca_file
|
||||
with_ca_path
|
||||
'
|
||||
ac_precious_vars='build_alias
|
||||
host_alias
|
||||
@ -1222,7 +1229,7 @@ if test "$ac_init_help" = "long"; then
|
||||
# Omit some internal or obsolete options to make the list less imposing.
|
||||
# This message is too long to be a string in the A/UX 3.1 sh.
|
||||
cat <<_ACEOF
|
||||
\`configure' configures ldns 1.6.13 to adapt to many kinds of systems.
|
||||
\`configure' configures ldns 1.6.16 to adapt to many kinds of systems.
|
||||
|
||||
Usage: $0 [OPTION]... [VAR=VALUE]...
|
||||
|
||||
@ -1283,7 +1290,7 @@ fi
|
||||
|
||||
if test -n "$ac_init_help"; then
|
||||
case $ac_init_help in
|
||||
short | recursive ) echo "Configuration of ldns 1.6.13:";;
|
||||
short | recursive ) echo "Configuration of ldns 1.6.16:";;
|
||||
esac
|
||||
cat <<\_ACEOF
|
||||
|
||||
@ -1305,6 +1312,12 @@ Optional Packages:
|
||||
--with-ldns=PATH specify prefix of path of ldns library to use
|
||||
|
||||
|
||||
--with-trust-anchor=KEYFILE
|
||||
Default location of the trust anchor file for drill
|
||||
and ldns-dane. [default=SYSCONFDIR/unbound/root.key]
|
||||
--with-ca-file=CAFILE File containing CA certificates for ldns-dane
|
||||
--with-ca-path=CAPATH Directory containing CA certificate files for
|
||||
ldns-dane
|
||||
|
||||
Some influential environment variables:
|
||||
CC C compiler command
|
||||
@ -1382,7 +1395,7 @@ fi
|
||||
test -n "$ac_init_help" && exit $ac_status
|
||||
if $ac_init_version; then
|
||||
cat <<\_ACEOF
|
||||
ldns configure 1.6.13
|
||||
ldns configure 1.6.16
|
||||
generated by GNU Autoconf 2.68
|
||||
|
||||
Copyright (C) 2010 Free Software Foundation, Inc.
|
||||
@ -1851,7 +1864,7 @@ cat >config.log <<_ACEOF
|
||||
This file contains any messages produced by compilers while
|
||||
running configure, to aid debugging if configure makes a mistake.
|
||||
|
||||
It was created by ldns $as_me 1.6.13, which was
|
||||
It was created by ldns $as_me 1.6.16, which was
|
||||
generated by GNU Autoconf 2.68. Invocation command line was
|
||||
|
||||
$ $0 $@
|
||||
@ -5258,7 +5271,10 @@ done
|
||||
|
||||
|
||||
|
||||
if test "x$HAVE_SSL" = "xyes"; then
|
||||
LIBSSL_SSL_LIBS="$LIBSSL_LIBS -lssl"
|
||||
|
||||
fi
|
||||
CPPFLAGS="$tmp_CPPFLAGS"
|
||||
LDFLAGS="$tmp_LDFLAGS"
|
||||
LIBS="$tmp_LIBS"
|
||||
@ -5858,7 +5874,6 @@ else
|
||||
|
||||
as_fn_error $? "Can't find ldns library" "$LINENO" 5
|
||||
|
||||
|
||||
fi
|
||||
|
||||
fi
|
||||
@ -5866,9 +5881,93 @@ fi
|
||||
|
||||
|
||||
|
||||
# Check whether --with-trust-anchor was given.
|
||||
if test "${with_trust_anchor+set}" = set; then :
|
||||
withval=$with_trust_anchor;
|
||||
LDNS_TRUST_ANCHOR_FILE="$withval"
|
||||
|
||||
else
|
||||
|
||||
if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then
|
||||
if test "x$sysconfdir" = 'x${prefix}/etc' ; then
|
||||
if test "x$prefix" = 'xNONE' ; then
|
||||
LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key"
|
||||
else
|
||||
LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key"
|
||||
fi
|
||||
else
|
||||
LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key"
|
||||
fi
|
||||
fi
|
||||
|
||||
fi
|
||||
|
||||
|
||||
ac_config_files="$ac_config_files Makefile"
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
#define LDNS_TRUST_ANCHOR_FILE "$LDNS_TRUST_ANCHOR_FILE"
|
||||
_ACEOF
|
||||
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&5
|
||||
$as_echo "$as_me: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&6;}
|
||||
|
||||
|
||||
# Check whether --with-ca-file was given.
|
||||
if test "${with_ca_file+set}" = set; then :
|
||||
withval=$with_ca_file;
|
||||
|
||||
$as_echo "#define HAVE_DANE_CA_FILE 1" >>confdefs.h
|
||||
|
||||
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
#define LDNS_DANE_CA_FILE "$withval"
|
||||
_ACEOF
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: Using CAfile: $withval" >&5
|
||||
$as_echo "$as_me: Using CAfile: $withval" >&6;}
|
||||
DEFAULT_CAFILE="Default is $withval"
|
||||
|
||||
|
||||
else
|
||||
|
||||
|
||||
$as_echo "#define HAVE_DANE_CA_FILE 0" >>confdefs.h
|
||||
|
||||
|
||||
|
||||
fi
|
||||
|
||||
|
||||
|
||||
# Check whether --with-ca-path was given.
|
||||
if test "${with_ca_path+set}" = set; then :
|
||||
withval=$with_ca_path;
|
||||
|
||||
$as_echo "#define HAVE_DANE_CA_PATH 1" >>confdefs.h
|
||||
|
||||
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
#define LDNS_DANE_CA_PATH "$withval"
|
||||
_ACEOF
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: Using CApath: $withval" >&5
|
||||
$as_echo "$as_me: Using CApath: $withval" >&6;}
|
||||
DEFAULT_CAPATH="Default is $withval"
|
||||
|
||||
|
||||
else
|
||||
|
||||
|
||||
$as_echo "#define HAVE_DANE_CA_PATH 0" >>confdefs.h
|
||||
|
||||
|
||||
|
||||
fi
|
||||
|
||||
|
||||
|
||||
|
||||
ac_config_files="$ac_config_files Makefile ldns-dane.1 ldns-verify-zone.1"
|
||||
|
||||
ac_config_headers="$ac_config_headers config.h"
|
||||
|
||||
@ -6390,7 +6489,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
|
||||
# report actual input values of CONFIG_FILES etc. instead of their
|
||||
# values after options handling.
|
||||
ac_log="
|
||||
This file was extended by ldns $as_me 1.6.13, which was
|
||||
This file was extended by ldns $as_me 1.6.16, which was
|
||||
generated by GNU Autoconf 2.68. Invocation command line was
|
||||
|
||||
CONFIG_FILES = $CONFIG_FILES
|
||||
@ -6452,7 +6551,7 @@ _ACEOF
|
||||
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
|
||||
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
|
||||
ac_cs_version="\\
|
||||
ldns config.status 1.6.13
|
||||
ldns config.status 1.6.16
|
||||
configured by $0, generated by GNU Autoconf 2.68,
|
||||
with options \\"\$ac_cs_config\\"
|
||||
|
||||
@ -6574,6 +6673,8 @@ for ac_config_target in $ac_config_targets
|
||||
do
|
||||
case $ac_config_target in
|
||||
"Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
|
||||
"ldns-dane.1") CONFIG_FILES="$CONFIG_FILES ldns-dane.1" ;;
|
||||
"ldns-verify-zone.1") CONFIG_FILES="$CONFIG_FILES ldns-verify-zone.1" ;;
|
||||
"config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
|
||||
|
||||
*) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
|
||||
|
@ -2,7 +2,7 @@
|
||||
# Process this file with autoconf to produce a configure script.
|
||||
|
||||
AC_PREREQ(2.56)
|
||||
AC_INIT(ldns, 1.6.13, libdns@nlnetlabs.nl,libdns)
|
||||
AC_INIT(ldns, 1.6.16, libdns@nlnetlabs.nl,libdns)
|
||||
AC_CONFIG_SRCDIR([ldns-read-zone.c])
|
||||
sinclude(../acx_nlnetlabs.m4)
|
||||
|
||||
@ -136,7 +136,9 @@ ACX_WITH_SSL_OPTIONAL
|
||||
AC_SUBST(LIBSSL_CPPFLAGS)
|
||||
AC_SUBST(LIBSSL_LDFLAGS)
|
||||
AC_SUBST(LIBSSL_LIBS)
|
||||
|
||||
if test "x$HAVE_SSL" = "xyes"; then
|
||||
AC_SUBST(LIBSSL_SSL_LIBS, ["$LIBSSL_LIBS -lssl"])
|
||||
fi
|
||||
CPPFLAGS="$tmp_CPPFLAGS"
|
||||
LDFLAGS="$tmp_LDFLAGS"
|
||||
LIBS="$tmp_LIBS"
|
||||
@ -313,13 +315,51 @@ if test -f $ldns_dev_dir/ldns/util.h && \
|
||||
else
|
||||
AC_MSG_RESULT([no])
|
||||
AC_CHECK_LIB(ldns, ldns_rr_new,, [
|
||||
AC_MSG_ERROR([Can't find ldns library])
|
||||
AC_MSG_ERROR([Can't find ldns library])dnl'
|
||||
]
|
||||
)
|
||||
fi
|
||||
|
||||
AC_SUBST(LDNSDIR)
|
||||
|
||||
AC_ARG_WITH(trust-anchor, AC_HELP_STRING([--with-trust-anchor=KEYFILE], [Default location of the trust anchor file for drill and ldns-dane. [default=SYSCONFDIR/unbound/root.key]]), [
|
||||
LDNS_TRUST_ANCHOR_FILE="$withval"
|
||||
],[
|
||||
if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then
|
||||
if test "x$sysconfdir" = 'x${prefix}/etc' ; then
|
||||
if test "x$prefix" = 'xNONE' ; then
|
||||
LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key"
|
||||
else
|
||||
LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key"
|
||||
fi
|
||||
else
|
||||
LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key"
|
||||
fi
|
||||
fi
|
||||
])
|
||||
AC_DEFINE_UNQUOTED([LDNS_TRUST_ANCHOR_FILE], ["$LDNS_TRUST_ANCHOR_FILE"], [Default trust anchor file])
|
||||
AC_SUBST(LDNS_TRUST_ANCHOR_FILE)
|
||||
AC_MSG_NOTICE([Default trust anchor: $LDNS_TRUST_ANCHOR_FILE])
|
||||
|
||||
AC_ARG_WITH(ca-file, AC_HELP_STRING([--with-ca-file=CAFILE], [File containing CA certificates for ldns-dane]), [
|
||||
AC_DEFINE([HAVE_DANE_CA_FILE], [1], [Is a CAFILE given at configure time])
|
||||
AC_DEFINE_UNQUOTED([LDNS_DANE_CA_FILE], ["$withval"], [Is a CAFILE given at configure time])
|
||||
AC_MSG_NOTICE([Using CAfile: $withval])
|
||||
AC_SUBST(DEFAULT_CAFILE, ["Default is $withval"])
|
||||
],[
|
||||
AC_DEFINE([HAVE_DANE_CA_FILE], [0], [Is a CAFILE given at configure time])
|
||||
AC_SUBST(DEFAULT_CAFILE, [])
|
||||
])
|
||||
|
||||
AC_ARG_WITH(ca-path, AC_HELP_STRING([--with-ca-path=CAPATH], [Directory containing CA certificate files for ldns-dane]), [
|
||||
AC_DEFINE([HAVE_DANE_CA_PATH], [1], [Is a CAPATH given at configure time])
|
||||
AC_DEFINE_UNQUOTED([LDNS_DANE_CA_PATH], ["$withval"], [Is a CAPATH given at configure time])
|
||||
AC_MSG_NOTICE([Using CApath: $withval])
|
||||
AC_SUBST(DEFAULT_CAPATH, ["Default is $withval"])
|
||||
],[
|
||||
AC_DEFINE([HAVE_DANE_CA_PATH], [0], [Is a CAPATH given at configure time])
|
||||
AC_SUBST(DEFAULT_CAPATH, [])
|
||||
])
|
||||
|
||||
AH_BOTTOM([
|
||||
|
||||
@ -416,6 +456,6 @@ extern int optind, opterr;
|
||||
#endif
|
||||
])
|
||||
|
||||
AC_CONFIG_FILES([Makefile])
|
||||
AC_CONFIG_FILES([Makefile ldns-dane.1 ldns-verify-zone.1])
|
||||
AC_CONFIG_HEADER([config.h])
|
||||
AC_OUTPUT
|
||||
|
179
examples/ldns-dane.1.in
Normal file
179
examples/ldns-dane.1.in
Normal file
@ -0,0 +1,179 @@
|
||||
.TH ldns-dane 1 "17 September 2012"
|
||||
.SH NAME
|
||||
ldns-dane \- verify or create TLS authentication with DANE (RFC6698)
|
||||
.SH SYNOPSIS
|
||||
.PD 0
|
||||
.B ldns-dane
|
||||
.IR [OPTIONS]
|
||||
.IR verify
|
||||
.IR name
|
||||
.IR port
|
||||
.PP
|
||||
.B ldns-dane
|
||||
.IR [OPTIONS]
|
||||
.IR -t
|
||||
.IR tlsafile
|
||||
.IR verify
|
||||
|
||||
.B ldns-dane
|
||||
.IR [OPTIONS]
|
||||
.IR name
|
||||
.IR port
|
||||
.IR create
|
||||
.PP
|
||||
[
|
||||
.IR Certificate-usage
|
||||
[
|
||||
.IR Selector
|
||||
[
|
||||
.IR Matching-type
|
||||
] ] ]
|
||||
|
||||
.B ldns-dane
|
||||
.IR -h
|
||||
.PP
|
||||
.B ldns-dane
|
||||
.IR -v
|
||||
.PD 1
|
||||
|
||||
.SH DESCRIPTION
|
||||
|
||||
In the first form:
|
||||
A TLS connection to \fIname\fR:\fIport\fR is established.
|
||||
The TLSA resource record(s) for \fIname\fR are used to authenticate
|
||||
the connection.
|
||||
|
||||
In the second form:
|
||||
The TLSA record(s) are read from \fItlsafile\fR and used to authenticate
|
||||
the TLS service they reference.
|
||||
|
||||
In the third form:
|
||||
A TLS connection to \fIname\fR:\fIport\fR is established and used to
|
||||
create the TLSA resource record(s) that would authenticate the connection.
|
||||
The parameters for TLSA rr creation are:
|
||||
|
||||
.PD 0
|
||||
.I Certificate-usage\fR:
|
||||
.RS
|
||||
.IP 0
|
||||
CA constraint
|
||||
.IP 1
|
||||
Service certificate constraint
|
||||
.IP 2
|
||||
Trust anchor assertion
|
||||
.IP 3
|
||||
Domain-issued certificate (default)
|
||||
.RE
|
||||
|
||||
.I Selector\fR:
|
||||
.RS
|
||||
.IP 0
|
||||
Full certificate (default)
|
||||
.IP 1
|
||||
SubjectPublicKeyInfo
|
||||
.RE
|
||||
|
||||
.I Matching-type\fR:
|
||||
.RS
|
||||
.IP 0
|
||||
No hash used
|
||||
.IP 1
|
||||
SHA-256 (default)
|
||||
.IP 2
|
||||
SHA-512
|
||||
.RE
|
||||
.PD 1
|
||||
|
||||
In stead of numbers the first few letters of the value may be used.
|
||||
Except for the hash algorithm name, where the full name must be specified.
|
||||
|
||||
.SH OPTIONS
|
||||
.IP -4
|
||||
TLS connect IPv4 only
|
||||
.IP -6
|
||||
TLS connect IPv6 only
|
||||
.IP "-a \fIaddress\fR"
|
||||
Don't try to resolve \fIname\fR, but connect to \fIaddress\fR instead.
|
||||
|
||||
This option may be given more than once.
|
||||
.IP -b
|
||||
print "\fIname\fR\. TYPE52 \\# \fIsize\fR \fIhexdata\fR" form instead
|
||||
of TLSA presentation format.
|
||||
.IP "-c \fIcertfile\fR"
|
||||
Do not TLS connect to \fIname\fR:\fIport\fR, but authenticate (or make
|
||||
TLSA records) for the certificate (chain) in \fIcertfile\fR instead.
|
||||
.IP -d
|
||||
Assume DNSSEC validity even when the TLSA records were acquired insecure
|
||||
or were bogus.
|
||||
.IP "-f \fICAfile\fR"
|
||||
Use CAfile to validate. @DEFAULT_CAFILE@
|
||||
.IP -h
|
||||
Print short usage help
|
||||
.IP -i
|
||||
Interact after connecting.
|
||||
.IP "-k \fIkeyfile\fR"
|
||||
Specify a file that contains a trusted DNSKEY or DS rr.
|
||||
Key(s) are used when chasing signatures (i.e. \fI-S\fR is given).
|
||||
|
||||
This option may be given more than once.
|
||||
|
||||
Alternatively, if \fB-k\fR is not specified, and a default trust anchor
|
||||
(@LDNS_TRUST_ANCHOR_FILE@) exists and contains a valid DNSKEY or DS record,
|
||||
it will be used as the trust anchor.
|
||||
.IP -n
|
||||
Do \fBnot\fR verify server name in certificate.
|
||||
.IP "-o \fIoffset\fR"
|
||||
When creating a "Trust anchor assertion" TLSA resource record,
|
||||
select the \fIoffset\fRth certificate offset from the end
|
||||
of the validation chain. 0 means the last certificate, 1 the one but last,
|
||||
2 the second but last, etc.
|
||||
|
||||
When \fIoffset\fR is -1 (the default), the last certificate
|
||||
is used (like with 0) that MUST be self-signed. This can help to make
|
||||
sure that the intended (self signed) trust anchor is actually present
|
||||
in the server certificate chain (which is a DANE requirement).
|
||||
.IP "-p \fICApath\fR"
|
||||
Use certificates in the \fICApath\fR directory to validate. @DEFAULT_CAPATH@
|
||||
.IP -s
|
||||
When creating TLSA resource records with the "CA Constraint" and the
|
||||
"Service Certificate Constraint" certificate usage, do not validate and
|
||||
assume PKIX is valid.
|
||||
|
||||
For "CA Constraint" this means that verification should end with a
|
||||
self-signed certificate.
|
||||
.IP -S
|
||||
Chase signature(s) to a known key.
|
||||
|
||||
Without this option, the local network is trusted to provide
|
||||
a DNSSEC resolver (i.e. AD bit is checked).
|
||||
.IP "-t \fItlsafile\fR"
|
||||
Read TLSA record(s) from \fItlsafile\fR. When \fIname\fR and \fIport\fR
|
||||
are also given, only TLSA records that match the \fIname\fR, \fIport\fR and
|
||||
\fItransport\fR are used. Otherwise the owner name of the TLSA record(s)
|
||||
will be used to determine \fIname\fR, \fIport\fR and \fItransport\fR.
|
||||
.IP -u
|
||||
Use UDP transport instead of TCP.
|
||||
.IP -v
|
||||
Show version and exit.
|
||||
|
||||
.SH "FILES"
|
||||
.TP
|
||||
@LDNS_TRUST_ANCHOR_FILE@
|
||||
The file from which trusted keys are loaded for signature chasing,
|
||||
when no \fB-k\fR option is given.
|
||||
|
||||
.SH "SEE ALSO"
|
||||
.LP
|
||||
unbound-anchor(8)
|
||||
|
||||
.SH AUTHOR
|
||||
Written by the ldns team as an example for ldns usage.
|
||||
|
||||
.SH REPORTING BUGS
|
||||
Report bugs to \fIldns-team@nlnetlabs.nl\fR.
|
||||
|
||||
.SH COPYRIGHT
|
||||
Copyright (C) 2012 NLnet Labs. This is free software. There is NO
|
||||
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
||||
PURPOSE.
|
||||
|
1722
examples/ldns-dane.c
Normal file
1722
examples/ldns-dane.c
Normal file
File diff suppressed because it is too large
Load Diff
@ -133,7 +133,7 @@ main(int argc, char **argv) {
|
||||
break;
|
||||
case 'p':
|
||||
dsperc = atoi(optarg);
|
||||
if (dsperc <= 0 || dsperc > 100) {
|
||||
if (dsperc < 0 || dsperc > 100) {
|
||||
fprintf(stderr, "error: percentage of signed delegations must be between [0-100].\n");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
@ -649,13 +649,26 @@ main(int argc, char *argv[])
|
||||
fprintf(stderr, "Warning: Unable to create stub resolver from /etc/resolv.conf:\n");
|
||||
fprintf(stderr, "%s\n", ldns_get_errorstr_by_id(status));
|
||||
fprintf(stderr, "defaulting to nameserver at 127.0.0.1 for separate nameserver name lookups\n");
|
||||
res = ldns_resolver_new();
|
||||
ns = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_A, "127.0.0.1");
|
||||
status = ldns_resolver_push_nameserver(res, ns);
|
||||
if (status != LDNS_STATUS_OK) {
|
||||
fprintf(stderr, "Unable to create stub resolver: %s\n", ldns_get_errorstr_by_id(status));
|
||||
do {
|
||||
res = ldns_resolver_new();
|
||||
if (res) {
|
||||
ns = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_A,
|
||||
"127.0.0.1");
|
||||
if (ns) {
|
||||
status = ldns_resolver_push_nameserver(
|
||||
res, ns);
|
||||
if (status == LDNS_STATUS_OK) {
|
||||
break;
|
||||
}
|
||||
ldns_rdf_deep_free(ns);
|
||||
}
|
||||
ldns_resolver_free(res);
|
||||
}
|
||||
fprintf(stderr, "Unable to create stub resolver: %s\n",
|
||||
ldns_get_errorstr_by_id(status));
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
} while (false);
|
||||
ldns_rdf_deep_free(ns);
|
||||
}
|
||||
|
||||
|
@ -14,7 +14,13 @@ will create 3 files; a .key file with the public DNSKEY, a .private
|
||||
file with the private keydata and a .ds with the DS record of the
|
||||
DNSKEY record.
|
||||
|
||||
It prints out the basename for these files: K<name>+<alg>+<id>
|
||||
\fBldns-keygen\fR can also be used to create symmetric keys (for TSIG) by
|
||||
selecting the appropriate algorithm: \%\fIhmac-md5.sig-alg.reg.int\fR,
|
||||
\%\fIhmac-sha1\fR or \%\fIhmac-sha256\fR.
|
||||
In that case no DS record will be created and no .ds file.
|
||||
|
||||
\fBldns-keygen\fR prints the basename for the key files:
|
||||
K<name>+<alg>+<id>
|
||||
|
||||
.SH OPTIONS
|
||||
.TP
|
||||
|
@ -204,6 +204,11 @@ main(int argc, char **argv)
|
||||
tsig_cred.algorithm = (char*)"hmac-md5.sig-alg.reg.int.";
|
||||
tsig_cred.keyname = optarg;
|
||||
tsig_cred.keydata = strchr(optarg, ':');
|
||||
if (tsig_cred.keydata == NULL) {
|
||||
printf("TSIG argument is not in form "
|
||||
"key:data: %s\n", optarg);
|
||||
exit(1);
|
||||
}
|
||||
*tsig_cred.keydata = '\0';
|
||||
tsig_cred.keydata++;
|
||||
printf("Sign with %s : %s\n", tsig_cred.keyname,
|
||||
@ -250,7 +255,7 @@ main(int argc, char **argv)
|
||||
ldns_pkt_set_opcode(notify, LDNS_PACKET_NOTIFY);
|
||||
ldns_pkt_push_rr(notify, LDNS_SECTION_QUESTION, question);
|
||||
ldns_pkt_set_aa(notify, true);
|
||||
ldns_pkt_set_id(notify, random()&0xffff);
|
||||
ldns_pkt_set_random_id(notify);
|
||||
if(include_soa) {
|
||||
char buf[10240];
|
||||
ldns_rr *soa_rr=NULL;
|
||||
|
@ -21,6 +21,12 @@ Only print DNSSEC data from the zone. This option skips every record
|
||||
that is not of type NSEC, NSEC3, RRSIG or DNSKEY. DS records are not
|
||||
printed.
|
||||
|
||||
.TP
|
||||
\fB-0\fR
|
||||
Print a (null) for the RRSIG inception, expiry and key data. This option
|
||||
can be used when comparing different signing systems that use the same
|
||||
DNSKEYs for signing but would have a slightly different timings/jitter.
|
||||
|
||||
.TP
|
||||
\fB-h\fR
|
||||
Show usage and exit
|
||||
@ -29,6 +35,11 @@ Show usage and exit
|
||||
\fB-n\fR
|
||||
Do not print the SOA record
|
||||
|
||||
.TP
|
||||
\fB-p\fR
|
||||
Pad the SOA serial number with spaces so the number and the spaces together
|
||||
take ten characters. This is useful for in file serial number increments.
|
||||
|
||||
.TP
|
||||
\fB-s\fR
|
||||
Strip DNSSEC data from the zone. This option skips every record
|
||||
|
@ -33,14 +33,23 @@ main(int argc, char **argv)
|
||||
ldns_rr_list *stripped_list;
|
||||
ldns_rr *cur_rr;
|
||||
ldns_rr_type cur_rr_type;
|
||||
const ldns_output_format *fmt = NULL;
|
||||
ldns_output_format fmt = {
|
||||
ldns_output_format_default->flags,
|
||||
ldns_output_format_default->data
|
||||
};
|
||||
ldns_soa_serial_increment_func_t soa_serial_increment_func = NULL;
|
||||
int soa_serial_increment_func_data = 0;
|
||||
|
||||
while ((c = getopt(argc, argv, "bcdhnsvzS:")) != -1) {
|
||||
while ((c = getopt(argc, argv, "0bcdhnpsvzS:")) != -1) {
|
||||
switch(c) {
|
||||
case 'b':
|
||||
fmt = ldns_output_format_bubblebabble;
|
||||
fmt.flags |=
|
||||
( LDNS_COMMENT_BUBBLEBABBLE |
|
||||
LDNS_COMMENT_FLAGS );
|
||||
break;
|
||||
case '0':
|
||||
fmt.flags |= LDNS_FMT_ZEROIZE_RRSIGS;
|
||||
break;
|
||||
case 'c':
|
||||
canonicalize = true;
|
||||
break;
|
||||
@ -51,14 +60,17 @@ main(int argc, char **argv)
|
||||
}
|
||||
break;
|
||||
case 'h':
|
||||
printf("Usage: %s [-c] [-v] [-z] <zonefile>\n", argv[0]);
|
||||
printf("Usage: %s [OPTIONS] <zonefile>\n", argv[0]);
|
||||
printf("\tReads the zonefile and prints it.\n");
|
||||
printf("\tThe RR count of the zone is printed to stderr.\n");
|
||||
printf("\t-b include bubblebabble of DS's.\n");
|
||||
printf("\t-0 zeroize timestamps and signature in RRSIG records.\n");
|
||||
printf("\t-c canonicalize all rrs in the zone.\n");
|
||||
printf("\t-d only show DNSSEC data from the zone\n");
|
||||
printf("\t-h show this text\n");
|
||||
printf("\t-n do not print the SOA record\n");
|
||||
printf("\t-p prepend SOA serial with spaces so"
|
||||
" it takes exactly ten characters.\n");
|
||||
printf("\t-s strip DNSSEC data from the zone\n");
|
||||
printf("\t-S [[+|-]<number> | YYYYMMDDxx | "
|
||||
" unixtime ]\n"
|
||||
@ -80,6 +92,9 @@ main(int argc, char **argv)
|
||||
case 'n':
|
||||
print_soa = false;
|
||||
break;
|
||||
case 'p':
|
||||
fmt.flags |= LDNS_FMT_PAD_SOA_SERIAL;
|
||||
break;
|
||||
case 's':
|
||||
strip = true;
|
||||
if (only_dnssec) {
|
||||
@ -141,6 +156,15 @@ main(int argc, char **argv)
|
||||
|
||||
s = ldns_zone_new_frm_fp_l(&z, fp, NULL, 0, LDNS_RR_CLASS_IN, &line_nr);
|
||||
|
||||
fclose(fp);
|
||||
if (s != LDNS_STATUS_OK) {
|
||||
fprintf(stderr, "%s at %d\n",
|
||||
ldns_get_errorstr_by_id(s),
|
||||
line_nr);
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
|
||||
if (strip) {
|
||||
stripped_list = ldns_rr_list_new();
|
||||
while ((cur_rr = ldns_rr_list_pop_rr(ldns_zone_rrs(z)))) {
|
||||
@ -176,37 +200,29 @@ main(int argc, char **argv)
|
||||
ldns_zone_set_rrs(z, stripped_list);
|
||||
}
|
||||
|
||||
if (s == LDNS_STATUS_OK) {
|
||||
if (canonicalize) {
|
||||
ldns_rr2canonical(ldns_zone_soa(z));
|
||||
for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z)); i++) {
|
||||
ldns_rr2canonical(ldns_rr_list_rr(ldns_zone_rrs(z), i));
|
||||
}
|
||||
if (canonicalize) {
|
||||
ldns_rr2canonical(ldns_zone_soa(z));
|
||||
for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z)); i++) {
|
||||
ldns_rr2canonical(ldns_rr_list_rr(ldns_zone_rrs(z), i));
|
||||
}
|
||||
if (sort) {
|
||||
ldns_zone_sort(z);
|
||||
}
|
||||
|
||||
if (print_soa && ldns_zone_soa(z)) {
|
||||
if (soa_serial_increment_func) {
|
||||
ldns_rr_soa_increment_func_int(
|
||||
ldns_zone_soa(z)
|
||||
, soa_serial_increment_func
|
||||
, soa_serial_increment_func_data
|
||||
);
|
||||
}
|
||||
ldns_rr_print_fmt(stdout, fmt, ldns_zone_soa(z));
|
||||
}
|
||||
ldns_rr_list_print_fmt(stdout, fmt, ldns_zone_rrs(z));
|
||||
|
||||
ldns_zone_deep_free(z);
|
||||
} else {
|
||||
fprintf(stderr, "%s at %d\n",
|
||||
ldns_get_errorstr_by_id(s),
|
||||
line_nr);
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
fclose(fp);
|
||||
if (sort) {
|
||||
ldns_zone_sort(z);
|
||||
}
|
||||
|
||||
if (print_soa && ldns_zone_soa(z)) {
|
||||
if (soa_serial_increment_func) {
|
||||
ldns_rr_soa_increment_func_int(
|
||||
ldns_zone_soa(z)
|
||||
, soa_serial_increment_func
|
||||
, soa_serial_increment_func_data
|
||||
);
|
||||
}
|
||||
ldns_rr_print_fmt(stdout, &fmt, ldns_zone_soa(z));
|
||||
}
|
||||
ldns_rr_list_print_fmt(stdout, &fmt, ldns_zone_rrs(z));
|
||||
|
||||
ldns_zone_deep_free(z);
|
||||
|
||||
exit(EXIT_SUCCESS);
|
||||
}
|
||||
|
@ -411,14 +411,16 @@ main(int argc, char *argv[])
|
||||
tm.tm_year -= 1900;
|
||||
tm.tm_mon--;
|
||||
check_tm(tm);
|
||||
expiration = (uint32_t) mktime_from_utc(&tm);
|
||||
expiration =
|
||||
(uint32_t) ldns_mktime_from_utc(&tm);
|
||||
} else if (strlen(optarg) == 14 &&
|
||||
sscanf(optarg, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec)
|
||||
) {
|
||||
tm.tm_year -= 1900;
|
||||
tm.tm_mon--;
|
||||
check_tm(tm);
|
||||
expiration = (uint32_t) mktime_from_utc(&tm);
|
||||
expiration =
|
||||
(uint32_t) ldns_mktime_from_utc(&tm);
|
||||
} else {
|
||||
expiration = (uint32_t) atol(optarg);
|
||||
}
|
||||
@ -436,14 +438,16 @@ main(int argc, char *argv[])
|
||||
tm.tm_year -= 1900;
|
||||
tm.tm_mon--;
|
||||
check_tm(tm);
|
||||
inception = (uint32_t) mktime_from_utc(&tm);
|
||||
inception =
|
||||
(uint32_t) ldns_mktime_from_utc(&tm);
|
||||
} else if (strlen(optarg) == 14 &&
|
||||
sscanf(optarg, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec)
|
||||
) {
|
||||
tm.tm_year -= 1900;
|
||||
tm.tm_mon--;
|
||||
check_tm(tm);
|
||||
inception = (uint32_t) mktime_from_utc(&tm);
|
||||
inception =
|
||||
(uint32_t) ldns_mktime_from_utc(&tm);
|
||||
} else {
|
||||
inception = (uint32_t) atol(optarg);
|
||||
}
|
||||
@ -509,13 +513,6 @@ main(int argc, char *argv[])
|
||||
|
||||
printf("Engine key id: %s, algo %d\n", eng_key_id, eng_key_algo);
|
||||
|
||||
if (expiration != 0) {
|
||||
ldns_key_set_expiration(key, expiration);
|
||||
}
|
||||
if (inception != 0) {
|
||||
ldns_key_set_inception(key, inception);
|
||||
}
|
||||
|
||||
s = ldns_key_new_frm_engine(&key, engine, eng_key_id, eng_key_algo);
|
||||
if (s == LDNS_STATUS_OK) {
|
||||
/* must be dnssec key */
|
||||
@ -540,6 +537,14 @@ main(int argc, char *argv[])
|
||||
fprintf(stderr, "Warning, key not suitable for signing, ignoring key with algorithm %u\n", ldns_key_algorithm(key));
|
||||
break;
|
||||
}
|
||||
if (expiration != 0) {
|
||||
ldns_key_set_expiration(key,
|
||||
expiration);
|
||||
}
|
||||
if (inception != 0) {
|
||||
ldns_key_set_inception(key,
|
||||
inception);
|
||||
}
|
||||
} else {
|
||||
printf("Error reading key '%s' from engine: %s\n", eng_key_id, ldns_get_errorstr_by_id(s));
|
||||
#ifdef HAVE_SSL
|
||||
@ -674,10 +679,6 @@ main(int argc, char *argv[])
|
||||
}
|
||||
}
|
||||
|
||||
if (!origin) {
|
||||
origin = ldns_rr_owner(orig_soa);
|
||||
}
|
||||
|
||||
/* read the ZSKs */
|
||||
argi = 1;
|
||||
while (argi < argc) {
|
||||
|
@ -15,6 +15,18 @@
|
||||
/** print error details */
|
||||
static int verb = 1;
|
||||
|
||||
struct sockaddr_in6* cast_sockaddr_storage2sockaddr_in6(
|
||||
struct sockaddr_storage* s)
|
||||
{
|
||||
return (struct sockaddr_in6*)s;
|
||||
}
|
||||
|
||||
struct sockaddr_in* cast_sockaddr_storage2sockaddr_in(
|
||||
struct sockaddr_storage* s)
|
||||
{
|
||||
return (struct sockaddr_in*)s;
|
||||
}
|
||||
|
||||
/** parse IP address */
|
||||
static int
|
||||
convert_addr(char* str, int p, struct sockaddr_storage* addr, socklen_t* len)
|
||||
@ -22,8 +34,10 @@ convert_addr(char* str, int p, struct sockaddr_storage* addr, socklen_t* len)
|
||||
#ifdef AF_INET6
|
||||
if(strchr(str, ':')) {
|
||||
*len = (socklen_t)sizeof(struct sockaddr_in6);
|
||||
((struct sockaddr_in6*)addr)->sin6_family = AF_INET6;
|
||||
((struct sockaddr_in6*)addr)->sin6_port = htons((uint16_t)p);
|
||||
cast_sockaddr_storage2sockaddr_in6(addr)->sin6_family =
|
||||
AF_INET6;
|
||||
cast_sockaddr_storage2sockaddr_in6(addr)->sin6_port =
|
||||
htons((uint16_t)p);
|
||||
if(inet_pton(AF_INET6, str,
|
||||
&((struct sockaddr_in6*)addr)->sin6_addr) == 1)
|
||||
return 1;
|
||||
@ -31,9 +45,11 @@ convert_addr(char* str, int p, struct sockaddr_storage* addr, socklen_t* len)
|
||||
#endif
|
||||
*len = (socklen_t)sizeof(struct sockaddr_in);
|
||||
#ifndef S_SPLINT_S
|
||||
((struct sockaddr_in*)addr)->sin_family = AF_INET;
|
||||
cast_sockaddr_storage2sockaddr_in(addr)->sin_family =
|
||||
AF_INET;
|
||||
#endif
|
||||
((struct sockaddr_in*)addr)->sin_port = htons((uint16_t)p);
|
||||
cast_sockaddr_storage2sockaddr_in(addr)->sin_port =
|
||||
htons((uint16_t)p);
|
||||
if(inet_pton(AF_INET, str,
|
||||
&((struct sockaddr_in*)addr)->sin_addr) == 1)
|
||||
return 1;
|
||||
|
@ -492,7 +492,7 @@ main(int argc, char **argv)
|
||||
|
||||
datafile = argv[0];
|
||||
log_msg("Reading datafile %s\n", datafile);
|
||||
entries = read_datafile(datafile);
|
||||
entries = read_datafile(datafile, 0);
|
||||
|
||||
#ifdef USE_WINSOCK
|
||||
if(WSAStartup(MAKEWORD(2,2), &wsa_data) != 0)
|
||||
|
@ -323,7 +323,7 @@ data_buffer2wire(ldns_buffer *data_buffer)
|
||||
uint8_t *hexbuf;
|
||||
int hexbufpos = 0;
|
||||
size_t wirelen;
|
||||
uint8_t *data_wire = (uint8_t *) ldns_buffer_export(data_buffer);
|
||||
uint8_t *data_wire = (uint8_t *) ldns_buffer_begin(data_buffer);
|
||||
uint8_t *wire = LDNS_XMALLOC(uint8_t, LDNS_MAX_PACKETLEN);
|
||||
|
||||
hexbuf = LDNS_XMALLOC(uint8_t, LDNS_MAX_PACKETLEN);
|
||||
@ -340,6 +340,12 @@ data_buffer2wire(ldns_buffer *data_buffer)
|
||||
(c >= 'a' && c <= 'f') ||
|
||||
(c >= 'A' && c <= 'F') )
|
||||
{
|
||||
if (hexbufpos >= LDNS_MAX_PACKETLEN) {
|
||||
error("buffer overflow");
|
||||
LDNS_FREE(hexbuf);
|
||||
return 0;
|
||||
|
||||
}
|
||||
hexbuf[hexbufpos] = (uint8_t) c;
|
||||
hexbufpos++;
|
||||
} else if (c == ';') {
|
||||
@ -354,14 +360,14 @@ data_buffer2wire(ldns_buffer *data_buffer)
|
||||
}
|
||||
break;
|
||||
case 2:
|
||||
if (hexbufpos >= LDNS_MAX_PACKETLEN) {
|
||||
error("buffer overflow");
|
||||
LDNS_FREE(hexbuf);
|
||||
return 0;
|
||||
}
|
||||
hexbuf[hexbufpos] = (uint8_t) c;
|
||||
hexbufpos++;
|
||||
break;
|
||||
default:
|
||||
error("unknown state while reading");
|
||||
LDNS_FREE(hexbuf);
|
||||
return 0;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
@ -371,6 +377,11 @@ data_buffer2wire(ldns_buffer *data_buffer)
|
||||
|
||||
/* lenient mode: length must be multiple of 2 */
|
||||
if (hexbufpos % 2 != 0) {
|
||||
if (hexbufpos >= LDNS_MAX_PACKETLEN) {
|
||||
error("buffer overflow");
|
||||
LDNS_FREE(hexbuf);
|
||||
return 0;
|
||||
}
|
||||
hexbuf[hexbufpos] = (uint8_t) '0';
|
||||
hexbufpos++;
|
||||
}
|
||||
@ -415,7 +426,7 @@ get_origin(const char* name, int lineno, ldns_rdf** origin, char* parse)
|
||||
/* Reads one entry from file. Returns entry or NULL on error. */
|
||||
struct entry*
|
||||
read_entry(FILE* in, const char* name, int *lineno, uint32_t* default_ttl,
|
||||
ldns_rdf** origin, ldns_rdf** prev_rr)
|
||||
ldns_rdf** origin, ldns_rdf** prev_rr, int skip_whitespace)
|
||||
{
|
||||
struct entry* current = NULL;
|
||||
char line[MAX_LINE];
|
||||
@ -485,7 +496,10 @@ read_entry(FILE* in, const char* name, int *lineno, uint32_t* default_ttl,
|
||||
reading_hex = false;
|
||||
cur_reply->reply_from_hex = data_buffer2wire(hex_data_buffer);
|
||||
ldns_buffer_free(hex_data_buffer);
|
||||
hex_data_buffer = NULL;
|
||||
} else if(str_keyword(&parse, "ENTRY_END")) {
|
||||
if (hex_data_buffer)
|
||||
ldns_buffer_free(hex_data_buffer);
|
||||
return current;
|
||||
} else if(reading_hex) {
|
||||
ldns_buffer_printf(hex_data_buffer, line);
|
||||
@ -493,14 +507,17 @@ read_entry(FILE* in, const char* name, int *lineno, uint32_t* default_ttl,
|
||||
/* it must be a RR, parse and add to packet. */
|
||||
ldns_rr* n = NULL;
|
||||
ldns_status status;
|
||||
char* rrstr = line;
|
||||
if (skip_whitespace)
|
||||
rrstr = parse;
|
||||
if(add_section == LDNS_SECTION_QUESTION)
|
||||
status = ldns_rr_new_question_frm_str(
|
||||
&n, parse, *origin, prev_rr);
|
||||
else status = ldns_rr_new_frm_str(&n, parse,
|
||||
&n, rrstr, *origin, prev_rr);
|
||||
else status = ldns_rr_new_frm_str(&n, rrstr,
|
||||
*default_ttl, *origin, prev_rr);
|
||||
if(status != LDNS_STATUS_OK)
|
||||
error("%s line %d:\n\t%s: %s", name, *lineno,
|
||||
ldns_get_errorstr_by_id(status), parse);
|
||||
ldns_get_errorstr_by_id(status), rrstr);
|
||||
ldns_pkt_push_rr(cur_reply->reply, add_section, n);
|
||||
}
|
||||
|
||||
@ -518,7 +535,7 @@ read_entry(FILE* in, const char* name, int *lineno, uint32_t* default_ttl,
|
||||
|
||||
/* reads the canned reply file and returns a list of structs */
|
||||
struct entry*
|
||||
read_datafile(const char* name)
|
||||
read_datafile(const char* name, int skip_whitespace)
|
||||
{
|
||||
struct entry* list = NULL;
|
||||
struct entry* last = NULL;
|
||||
@ -535,7 +552,7 @@ read_datafile(const char* name)
|
||||
}
|
||||
|
||||
while((current = read_entry(in, name, &lineno, &default_ttl,
|
||||
&origin, &prev_rr)))
|
||||
&origin, &prev_rr, skip_whitespace)))
|
||||
{
|
||||
if(last)
|
||||
last->next = current;
|
||||
@ -815,7 +832,7 @@ handle_query(uint8_t* inbuf, ssize_t inlen, struct entry* entries, int* count,
|
||||
/* still try to adjust ID */
|
||||
answer_size = ldns_buffer_capacity(p->reply_from_hex);
|
||||
outbuf = LDNS_XMALLOC(uint8_t, answer_size);
|
||||
memcpy(outbuf, ldns_buffer_export(p->reply_from_hex), answer_size);
|
||||
memcpy(outbuf, ldns_buffer_begin(p->reply_from_hex), answer_size);
|
||||
if(entry->copy_id) {
|
||||
ldns_write_uint16(outbuf,
|
||||
ldns_pkt_id(query_pkt));
|
||||
|
@ -197,8 +197,9 @@ struct entry {
|
||||
/**
|
||||
* reads the canned reply file and returns a list of structs
|
||||
* does an exit on error.
|
||||
* @param skip_withespace: skip leftside whitespace.
|
||||
*/
|
||||
struct entry* read_datafile(const char* name);
|
||||
struct entry* read_datafile(const char* name, int skip_whitespace);
|
||||
|
||||
/**
|
||||
* Delete linked list of entries.
|
||||
@ -217,10 +218,12 @@ void delete_entry(struct entry* list);
|
||||
* later it stores the $ORIGIN value last seen. Often &NULL or the zone
|
||||
* name on first call.
|
||||
* @param prev_rr: previous rr name for correcter parsing. &NULL on first call.
|
||||
* @param skip_whitespace: skip leftside whitespace.
|
||||
* @return: The entry read (malloced) or NULL if no entry could be read.
|
||||
*/
|
||||
struct entry* read_entry(FILE* in, const char* name, int *lineno,
|
||||
uint32_t* default_ttl, ldns_rdf** origin, ldns_rdf** prev_rr);
|
||||
uint32_t* default_ttl, ldns_rdf** origin, ldns_rdf** prev_rr,
|
||||
int skip_whitespace);
|
||||
|
||||
/**
|
||||
* finds entry in list, or returns NULL.
|
||||
|
@ -19,7 +19,7 @@ ldns_update_resolver_new(const char *fqdn, const char *zone,
|
||||
ldns_resolver *r1, *r2;
|
||||
ldns_pkt *query = NULL, *resp;
|
||||
ldns_rr_list *nslist, *iplist;
|
||||
ldns_rdf *soa_zone, *soa_mname, *ns_name;
|
||||
ldns_rdf *soa_zone, *soa_mname = NULL, *ns_name;
|
||||
size_t i;
|
||||
ldns_status s;
|
||||
|
||||
@ -96,6 +96,7 @@ ldns_update_resolver_new(const char *fqdn, const char *zone,
|
||||
/* Match */
|
||||
iplist = ldns_get_rr_list_addr_by_name(r1, ns_name, class, 0);
|
||||
(void) ldns_resolver_push_nameserver_rr_list(r2, iplist);
|
||||
ldns_rr_list_deep_free(iplist);
|
||||
break;
|
||||
}
|
||||
}
|
||||
@ -109,12 +110,15 @@ ldns_update_resolver_new(const char *fqdn, const char *zone,
|
||||
/* No match, add it now. */
|
||||
iplist = ldns_get_rr_list_addr_by_name(r1, ns_name, class, 0);
|
||||
(void) ldns_resolver_push_nameserver_rr_list(r2, iplist);
|
||||
ldns_rr_list_deep_free(iplist);
|
||||
}
|
||||
}
|
||||
|
||||
ldns_resolver_set_random(r2, false);
|
||||
ldns_pkt_free(resp);
|
||||
ldns_resolver_deep_free(r1);
|
||||
if (soa_mname)
|
||||
ldns_rdf_deep_free(soa_mname);
|
||||
return r2;
|
||||
|
||||
bad:
|
||||
@ -126,6 +130,8 @@ ldns_update_resolver_new(const char *fqdn, const char *zone,
|
||||
ldns_pkt_free(query);
|
||||
if (resp)
|
||||
ldns_pkt_free(resp);
|
||||
if (soa_mname)
|
||||
ldns_rdf_deep_free(soa_mname);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -138,7 +144,7 @@ ldns_update_send_simple_addr(const char *fqdn, const char *zone,
|
||||
ldns_pkt *u_pkt = NULL, *r_pkt;
|
||||
ldns_rr_list *up_rrlist;
|
||||
ldns_rr *up_rr;
|
||||
ldns_rdf *zone_rdf;
|
||||
ldns_rdf *zone_rdf = NULL;
|
||||
char *rrstr;
|
||||
uint32_t rrstrlen, status = LDNS_STATUS_OK;
|
||||
|
||||
@ -231,6 +237,8 @@ ldns_update_send_simple_addr(const char *fqdn, const char *zone,
|
||||
ldns_resolver_deep_free(res);
|
||||
if (u_pkt)
|
||||
ldns_pkt_free(u_pkt);
|
||||
if (zone_rdf)
|
||||
ldns_rdf_deep_free(zone_rdf);
|
||||
return LDNS_STATUS_ERR;
|
||||
}
|
||||
|
||||
@ -302,8 +310,10 @@ main(int argc, char **argv)
|
||||
|
||||
printf(";; trying UPDATE with FQDN \"%s\" and IP \"%s\"\n",
|
||||
fqdn, ipaddr ? ipaddr : "<none>");
|
||||
printf(";; tsig: \"%s\" \"%s\" \"%s\"\n", tsig_cr.keyname,
|
||||
tsig_cr.algorithm, tsig_cr.keydata);
|
||||
if (argc == 6 || argc == 7) {
|
||||
printf(";; tsig: \"%s\" \"%s\" \"%s\"\n", tsig_cr.keyname,
|
||||
tsig_cr.algorithm, tsig_cr.keydata);
|
||||
}
|
||||
|
||||
ret = ldns_update_send_simple_addr(fqdn, zone, ipaddr, port, defttl, tsig_cred);
|
||||
exit(ret);
|
||||
|
@ -37,6 +37,9 @@ Default signatures should just be valid now.
|
||||
A file that contains a trusted DNSKEY or DS rr.
|
||||
This option may be given more than once.
|
||||
|
||||
Alternatively, if \fB-k\fR is not specified, and a default trust anchor
|
||||
(@LDNS_TRUST_ANCHOR_FILE@) exists and contains a valid DNSKEY or DS record,
|
||||
it will be used as the trust anchor.
|
||||
.TP
|
||||
\fB-p\fR \fI[0-100]\fR
|
||||
Only check this percentage of the zone.
|
||||
@ -77,6 +80,16 @@ P[n]Y[n]M[n]DT[n]H[n]M[n]S
|
||||
.LP
|
||||
If no file is given standard input is read.
|
||||
|
||||
.SH "FILES"
|
||||
.TP
|
||||
@LDNS_TRUST_ANCHOR_FILE@
|
||||
The file from which trusted keys are loaded for signature chasing,
|
||||
when no \fB-k\fR option is given.
|
||||
|
||||
.SH "SEE ALSO"
|
||||
.LP
|
||||
unbound-anchor(8)
|
||||
|
||||
.SH AUTHOR
|
||||
Written by the ldns team as an example for ldns usage.
|
||||
|
@ -66,10 +66,6 @@ read_key_file(const char *filename, ldns_rr_list *keys)
|
||||
int line_nr;
|
||||
|
||||
if (!(fp = fopen(filename, "r"))) {
|
||||
if (verbosity > 0) {
|
||||
fprintf(myerr, "Error opening %s: %s\n", filename,
|
||||
strerror(errno));
|
||||
}
|
||||
return LDNS_STATUS_FILE_ERR;
|
||||
}
|
||||
while (!feof(fp)) {
|
||||
@ -92,6 +88,7 @@ read_key_file(const char *filename, ldns_rr_list *keys)
|
||||
else
|
||||
break;
|
||||
}
|
||||
fclose(fp);
|
||||
return status;
|
||||
}
|
||||
|
||||
@ -308,6 +305,10 @@ verify_next_hashed_name(ldns_dnssec_zone* zone, ldns_dnssec_name *name)
|
||||
if (!cur_next_name) {
|
||||
cur_next_name = cur_first_name;
|
||||
}
|
||||
assert(cur_next_name != NULL);
|
||||
/* Because this function is called on nsec occurrence,
|
||||
* there must be a cur_next_name!
|
||||
*/
|
||||
|
||||
next_owner_str = ldns_rdf2str(ldns_nsec3_next_owner(name->nsec));
|
||||
next_owner_dname = ldns_dname_new_frm_str(next_owner_str);
|
||||
@ -749,7 +750,8 @@ main(int argc, char **argv)
|
||||
"now)\n");
|
||||
printf("\t-k <file>\tspecify a file that contains a "
|
||||
"trusted DNSKEY or DS rr.\n\t\t\t"
|
||||
"This option may be given more than once.\n");
|
||||
"This option may be given more than once.\n"
|
||||
"\t\t\tDefault is %s", LDNS_TRUST_ANCHOR_FILE);
|
||||
printf("\t-p [0-100]\tonly checks this percentage of "
|
||||
"the zone.\n\t\t\tDefaults to 100\n");
|
||||
printf("\t-S\t\tchase signature(s) to a known key. "
|
||||
@ -794,6 +796,13 @@ main(int argc, char **argv)
|
||||
break;
|
||||
case 'k':
|
||||
s = read_key_file(optarg, keys);
|
||||
if (s == LDNS_STATUS_FILE_ERR) {
|
||||
if (verbosity > 0) {
|
||||
fprintf(myerr,
|
||||
"Error opening %s: %s\n",
|
||||
optarg, strerror(errno));
|
||||
}
|
||||
}
|
||||
if (s != LDNS_STATUS_OK) {
|
||||
if (verbosity > 0) {
|
||||
fprintf(myerr,
|
||||
@ -838,7 +847,7 @@ main(int argc, char **argv)
|
||||
|
||||
tm.tm_year -= 1900;
|
||||
tm.tm_mon--;
|
||||
check_time = mktime_from_utc(&tm);
|
||||
check_time = ldns_mktime_from_utc(&tm);
|
||||
}
|
||||
else {
|
||||
check_time += atoi(optarg);
|
||||
@ -855,11 +864,16 @@ main(int argc, char **argv)
|
||||
}
|
||||
}
|
||||
if (do_sigchase && nkeys == 0) {
|
||||
if (verbosity > 0) {
|
||||
fprintf(myerr,
|
||||
"Unable to chase signature without keys.\n");
|
||||
(void) read_key_file(LDNS_TRUST_ANCHOR_FILE, keys);
|
||||
nkeys = ldns_rr_list_rr_count(keys);
|
||||
|
||||
if (nkeys == 0) {
|
||||
if (verbosity > 0) {
|
||||
fprintf(myerr, "Unable to chase "
|
||||
"signature without keys.\n");
|
||||
}
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
argc -= optind;
|
||||
|
@ -63,6 +63,7 @@ open_keyfiles(char **files, uint16_t filec)
|
||||
}
|
||||
if (ldns_rr_new_frm_fp(&k, kfp, NULL, NULL, NULL) != LDNS_STATUS_OK) {
|
||||
fprintf(stderr, "Error parsing the key file %s: %s\n", files[i], strerror(errno));
|
||||
ldns_rr_list_deep_free(pubkeys);
|
||||
return NULL;
|
||||
}
|
||||
fclose(kfp);
|
||||
|
1
higher.c
1
higher.c
@ -126,6 +126,7 @@ ldns_get_rr_list_name_by_addr(ldns_resolver *res, ldns_rdf *addr, ldns_rr_class
|
||||
|
||||
/* add the RD flags, because we want an answer */
|
||||
pkt = ldns_resolver_query(res, name, LDNS_RR_TYPE_PTR, c, flags | LDNS_RD);
|
||||
ldns_rdf_deep_free(name);
|
||||
if (pkt) {
|
||||
/* extract the data we need */
|
||||
names = ldns_pkt_rr_list_by_type(pkt,
|
||||
|
112
host2str.c
112
host2str.c
@ -123,6 +123,7 @@ const ldns_output_format *ldns_output_format_onlykeyids
|
||||
= &ldns_output_format_onlykeyids_record;
|
||||
const ldns_output_format *ldns_output_format_default
|
||||
= &ldns_output_format_onlykeyids_record;
|
||||
|
||||
const ldns_output_format ldns_output_format_bubblebabble_record = {
|
||||
LDNS_COMMENT_KEY | LDNS_COMMENT_BUBBLEBABBLE | LDNS_COMMENT_FLAGS, NULL
|
||||
};
|
||||
@ -195,7 +196,7 @@ ldns_pkt_opcode2str(ldns_pkt_opcode opcode)
|
||||
|
||||
str = NULL;
|
||||
if (ldns_pkt_opcode2buffer_str(buf, opcode) == LDNS_STATUS_OK) {
|
||||
str = ldns_buffer2str(buf);
|
||||
str = ldns_buffer_export2str(buf);
|
||||
}
|
||||
|
||||
ldns_buffer_free(buf);
|
||||
@ -215,7 +216,7 @@ ldns_pkt_rcode2str(ldns_pkt_rcode rcode)
|
||||
|
||||
str = NULL;
|
||||
if (ldns_pkt_rcode2buffer_str(buf, rcode) == LDNS_STATUS_OK) {
|
||||
str = ldns_buffer2str(buf);
|
||||
str = ldns_buffer_export2str(buf);
|
||||
}
|
||||
|
||||
ldns_buffer_free(buf);
|
||||
@ -236,7 +237,7 @@ ldns_pkt_algorithm2str(ldns_algorithm algorithm)
|
||||
str = NULL;
|
||||
if (ldns_algorithm2buffer_str(buf, algorithm)
|
||||
== LDNS_STATUS_OK) {
|
||||
str = ldns_buffer2str(buf);
|
||||
str = ldns_buffer_export2str(buf);
|
||||
}
|
||||
|
||||
ldns_buffer_free(buf);
|
||||
@ -257,7 +258,7 @@ ldns_pkt_cert_algorithm2str(ldns_cert_algorithm cert_algorithm)
|
||||
str = NULL;
|
||||
if (ldns_cert_algorithm2buffer_str(buf, cert_algorithm)
|
||||
== LDNS_STATUS_OK) {
|
||||
str = ldns_buffer2str(buf);
|
||||
str = ldns_buffer_export2str(buf);
|
||||
}
|
||||
|
||||
ldns_buffer_free(buf);
|
||||
@ -567,7 +568,7 @@ ldns_rr_type2str(const ldns_rr_type type)
|
||||
|
||||
str = NULL;
|
||||
if (ldns_rr_type2buffer_str(buf, type) == LDNS_STATUS_OK) {
|
||||
str = ldns_buffer2str(buf);
|
||||
str = ldns_buffer_export2str(buf);
|
||||
}
|
||||
|
||||
ldns_buffer_free(buf);
|
||||
@ -603,7 +604,7 @@ ldns_rr_class2str(const ldns_rr_class klass)
|
||||
|
||||
str = NULL;
|
||||
if (ldns_rr_class2buffer_str(buf, klass) == LDNS_STATUS_OK) {
|
||||
str = ldns_buffer2str(buf);
|
||||
str = ldns_buffer_export2str(buf);
|
||||
}
|
||||
ldns_buffer_free(buf);
|
||||
return str;
|
||||
@ -1149,8 +1150,9 @@ ldns_rdf2buffer_str(ldns_buffer *buffer, const ldns_rdf *rdf)
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
/** This will write mangled RRs */
|
||||
ldns_buffer_printf(buffer, "(null) ");
|
||||
res = ldns_buffer_status(buffer);
|
||||
res = LDNS_STATUS_ERR;
|
||||
}
|
||||
return res;
|
||||
}
|
||||
@ -1230,7 +1232,33 @@ ldns_rr2buffer_str_fmt(ldns_buffer *output,
|
||||
|
||||
for (i = 0; i < ldns_rr_rd_count(rr); i++) {
|
||||
/* ldns_rdf2buffer_str handles NULL input fine! */
|
||||
status = ldns_rdf2buffer_str(output, ldns_rr_rdf(rr, i));
|
||||
if ((fmt->flags & LDNS_FMT_ZEROIZE_RRSIGS) &&
|
||||
(ldns_rr_get_type(rr) == LDNS_RR_TYPE_RRSIG) &&
|
||||
((/* inception */ i == 4 &&
|
||||
ldns_rdf_get_type(ldns_rr_rdf(rr, 4)) ==
|
||||
LDNS_RDF_TYPE_TIME) ||
|
||||
(/* expiration */ i == 5 &&
|
||||
ldns_rdf_get_type(ldns_rr_rdf(rr, 5)) ==
|
||||
LDNS_RDF_TYPE_TIME) ||
|
||||
(/* signature */ i == 8 &&
|
||||
ldns_rdf_get_type(ldns_rr_rdf(rr, 8)) ==
|
||||
LDNS_RDF_TYPE_B64))) {
|
||||
|
||||
ldns_buffer_printf(output, "(null)");
|
||||
status = ldns_buffer_status(output);
|
||||
} else if ((fmt->flags & LDNS_FMT_PAD_SOA_SERIAL) &&
|
||||
(ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) &&
|
||||
/* serial */ i == 2 &&
|
||||
ldns_rdf_get_type(ldns_rr_rdf(rr, 2)) ==
|
||||
LDNS_RDF_TYPE_INT32) {
|
||||
ldns_buffer_printf(output, "%10lu",
|
||||
(unsigned long) ldns_read_uint32(
|
||||
ldns_rdf_data(ldns_rr_rdf(rr, 2))));
|
||||
status = ldns_buffer_status(output);
|
||||
} else {
|
||||
status = ldns_rdf2buffer_str(output,
|
||||
ldns_rr_rdf(rr, i));
|
||||
}
|
||||
if(status != LDNS_STATUS_OK)
|
||||
return status;
|
||||
if (i < ldns_rr_rd_count(rr) - 1) {
|
||||
@ -1633,12 +1661,12 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
{
|
||||
ldns_status status = LDNS_STATUS_OK;
|
||||
unsigned char *bignum;
|
||||
#ifndef S_SPLINT_S
|
||||
uint16_t i;
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_SSL
|
||||
# ifndef S_SPLINT_S
|
||||
uint16_t i;
|
||||
# endif
|
||||
/* not used when ssl is not defined */
|
||||
/*@unused@*/
|
||||
ldns_rdf *b64_bignum = NULL;
|
||||
|
||||
RSA *rsa;
|
||||
@ -1716,6 +1744,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
|
||||
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
goto error;
|
||||
}
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
@ -1727,6 +1756,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
|
||||
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
goto error;
|
||||
}
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
@ -1740,6 +1770,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
|
||||
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
goto error;
|
||||
}
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
@ -1756,6 +1787,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
|
||||
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
goto error;
|
||||
}
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
@ -1772,6 +1804,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
|
||||
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
goto error;
|
||||
}
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
@ -1788,6 +1821,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
|
||||
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
goto error;
|
||||
}
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
@ -1804,6 +1838,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
|
||||
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
goto error;
|
||||
}
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
@ -1820,6 +1855,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
|
||||
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
goto error;
|
||||
}
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
@ -1853,6 +1889,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
|
||||
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
goto error;
|
||||
}
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
@ -1869,6 +1906,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
|
||||
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
goto error;
|
||||
}
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
@ -1885,6 +1923,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
|
||||
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
goto error;
|
||||
}
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
@ -1901,6 +1940,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
|
||||
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
goto error;
|
||||
}
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
@ -1917,6 +1957,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
|
||||
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
goto error;
|
||||
}
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
@ -1960,6 +2001,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
|
||||
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
goto error;
|
||||
}
|
||||
ldns_rdf_deep_free(b64_bignum);
|
||||
@ -1993,9 +2035,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
#endif /* HAVE_SSL */
|
||||
} else {
|
||||
#ifdef HAVE_SSL
|
||||
LDNS_FREE(b64_bignum);
|
||||
#endif
|
||||
LDNS_FREE(bignum);
|
||||
return ldns_buffer_status(output);
|
||||
}
|
||||
@ -2012,12 +2051,11 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
|
||||
}
|
||||
|
||||
/*
|
||||
* Zero terminate the buffer and fix it to the size of the string.
|
||||
* Zero terminate the buffer and copy data.
|
||||
*/
|
||||
char *
|
||||
ldns_buffer2str(ldns_buffer *buffer)
|
||||
{
|
||||
char *tmp_str;
|
||||
char *str;
|
||||
|
||||
/* check if buffer ends with \0, if not, and
|
||||
@ -2032,16 +2070,30 @@ ldns_buffer2str(ldns_buffer *buffer)
|
||||
}
|
||||
}
|
||||
|
||||
tmp_str = ldns_buffer_export(buffer);
|
||||
str = LDNS_XMALLOC(char, strlen(tmp_str) + 1);
|
||||
str = strdup((const char *)ldns_buffer_begin(buffer));
|
||||
if(!str) {
|
||||
return NULL;
|
||||
}
|
||||
memcpy(str, tmp_str, strlen(tmp_str) + 1);
|
||||
|
||||
return str;
|
||||
}
|
||||
|
||||
/*
|
||||
* Zero terminate the buffer and export data.
|
||||
*/
|
||||
char *
|
||||
ldns_buffer_export2str(ldns_buffer *buffer)
|
||||
{
|
||||
/* Append '\0' as string terminator */
|
||||
if (! ldns_buffer_reserve(buffer, 1)) {
|
||||
return NULL;
|
||||
}
|
||||
ldns_buffer_write_u8(buffer, 0);
|
||||
|
||||
/* reallocate memory to the size of the string and export */
|
||||
ldns_buffer_set_capacity(buffer, ldns_buffer_position(buffer));
|
||||
return ldns_buffer_export(buffer);
|
||||
}
|
||||
|
||||
char *
|
||||
ldns_rdf2str(const ldns_rdf *rdf)
|
||||
{
|
||||
@ -2053,7 +2105,7 @@ ldns_rdf2str(const ldns_rdf *rdf)
|
||||
}
|
||||
if (ldns_rdf2buffer_str(tmp_buffer, rdf) == LDNS_STATUS_OK) {
|
||||
/* export and return string, destroy rest */
|
||||
result = ldns_buffer2str(tmp_buffer);
|
||||
result = ldns_buffer_export2str(tmp_buffer);
|
||||
}
|
||||
ldns_buffer_free(tmp_buffer);
|
||||
return result;
|
||||
@ -2071,7 +2123,7 @@ ldns_rr2str_fmt(const ldns_output_format *fmt, const ldns_rr *rr)
|
||||
if (ldns_rr2buffer_str_fmt(tmp_buffer, fmt, rr)
|
||||
== LDNS_STATUS_OK) {
|
||||
/* export and return string, destroy rest */
|
||||
result = ldns_buffer2str(tmp_buffer);
|
||||
result = ldns_buffer_export2str(tmp_buffer);
|
||||
}
|
||||
ldns_buffer_free(tmp_buffer);
|
||||
return result;
|
||||
@ -2095,7 +2147,7 @@ ldns_pkt2str_fmt(const ldns_output_format *fmt, const ldns_pkt *pkt)
|
||||
if (ldns_pkt2buffer_str_fmt(tmp_buffer, fmt, pkt)
|
||||
== LDNS_STATUS_OK) {
|
||||
/* export and return string, destroy rest */
|
||||
result = ldns_buffer2str(tmp_buffer);
|
||||
result = ldns_buffer_export2str(tmp_buffer);
|
||||
}
|
||||
|
||||
ldns_buffer_free(tmp_buffer);
|
||||
@ -2119,7 +2171,7 @@ ldns_key2str(const ldns_key *k)
|
||||
}
|
||||
if (ldns_key2buffer_str(tmp_buffer, k) == LDNS_STATUS_OK) {
|
||||
/* export and return string, destroy rest */
|
||||
result = ldns_buffer2str(tmp_buffer);
|
||||
result = ldns_buffer_export2str(tmp_buffer);
|
||||
}
|
||||
ldns_buffer_free(tmp_buffer);
|
||||
return result;
|
||||
@ -2149,7 +2201,7 @@ ldns_rr_list2str_fmt(const ldns_output_format *fmt, const ldns_rr_list *list)
|
||||
}
|
||||
|
||||
/* export and return string, destroy rest */
|
||||
result = ldns_buffer2str(tmp_buffer);
|
||||
result = ldns_buffer_export2str(tmp_buffer);
|
||||
ldns_buffer_free(tmp_buffer);
|
||||
return result;
|
||||
}
|
||||
@ -2167,20 +2219,20 @@ ldns_rdf_print(FILE *output, const ldns_rdf *rdf)
|
||||
if (str) {
|
||||
fprintf(output, "%s", str);
|
||||
} else {
|
||||
fprintf(output, "Unable to convert rdf to string\n");
|
||||
fprintf(output, ";Unable to convert rdf to string\n");
|
||||
}
|
||||
LDNS_FREE(str);
|
||||
}
|
||||
|
||||
void
|
||||
ldns_rr_print_fmt(FILE *output,
|
||||
ldns_rr_print_fmt(FILE *output,
|
||||
const ldns_output_format *fmt, const ldns_rr *rr)
|
||||
{
|
||||
char *str = ldns_rr2str_fmt(fmt, rr);
|
||||
if (str) {
|
||||
fprintf(output, "%s", str);
|
||||
} else {
|
||||
fprintf(output, "Unable to convert rr to string\n");
|
||||
fprintf(output, ";Unable to convert rr to string\n");
|
||||
}
|
||||
LDNS_FREE(str);
|
||||
}
|
||||
@ -2199,7 +2251,7 @@ ldns_pkt_print_fmt(FILE *output,
|
||||
if (str) {
|
||||
fprintf(output, "%s", str);
|
||||
} else {
|
||||
fprintf(output, "Unable to convert packet to string\n");
|
||||
fprintf(output, ";Unable to convert packet to string\n");
|
||||
}
|
||||
LDNS_FREE(str);
|
||||
}
|
||||
|
48
host2wire.c
48
host2wire.c
@ -341,7 +341,6 @@ ldns_status
|
||||
ldns_rdf2wire(uint8_t **dest, const ldns_rdf *rdf, size_t *result_size)
|
||||
{
|
||||
ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
|
||||
uint8_t *result = NULL;
|
||||
ldns_status status;
|
||||
*result_size = 0;
|
||||
*dest = NULL;
|
||||
@ -350,21 +349,8 @@ ldns_rdf2wire(uint8_t **dest, const ldns_rdf *rdf, size_t *result_size)
|
||||
status = ldns_rdf2buffer_wire(buffer, rdf);
|
||||
if (status == LDNS_STATUS_OK) {
|
||||
*result_size = ldns_buffer_position(buffer);
|
||||
result = (uint8_t *) ldns_buffer_export(buffer);
|
||||
} else {
|
||||
ldns_buffer_free(buffer);
|
||||
return status;
|
||||
*dest = (uint8_t *) ldns_buffer_export(buffer);
|
||||
}
|
||||
|
||||
if (result) {
|
||||
*dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer));
|
||||
if(!*dest) {
|
||||
ldns_buffer_free(buffer);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
memcpy(*dest, result, ldns_buffer_position(buffer));
|
||||
}
|
||||
|
||||
ldns_buffer_free(buffer);
|
||||
return status;
|
||||
}
|
||||
@ -373,7 +359,6 @@ ldns_status
|
||||
ldns_rr2wire(uint8_t **dest, const ldns_rr *rr, int section, size_t *result_size)
|
||||
{
|
||||
ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
|
||||
uint8_t *result = NULL;
|
||||
ldns_status status;
|
||||
*result_size = 0;
|
||||
*dest = NULL;
|
||||
@ -382,21 +367,8 @@ ldns_rr2wire(uint8_t **dest, const ldns_rr *rr, int section, size_t *result_size
|
||||
status = ldns_rr2buffer_wire(buffer, rr, section);
|
||||
if (status == LDNS_STATUS_OK) {
|
||||
*result_size = ldns_buffer_position(buffer);
|
||||
result = (uint8_t *) ldns_buffer_export(buffer);
|
||||
} else {
|
||||
ldns_buffer_free(buffer);
|
||||
return status;
|
||||
*dest = (uint8_t *) ldns_buffer_export(buffer);
|
||||
}
|
||||
|
||||
if (result) {
|
||||
*dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer));
|
||||
if(!*dest) {
|
||||
ldns_buffer_free(buffer);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
memcpy(*dest, result, ldns_buffer_position(buffer));
|
||||
}
|
||||
|
||||
ldns_buffer_free(buffer);
|
||||
return status;
|
||||
}
|
||||
@ -405,7 +377,6 @@ ldns_status
|
||||
ldns_pkt2wire(uint8_t **dest, const ldns_pkt *packet, size_t *result_size)
|
||||
{
|
||||
ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
|
||||
uint8_t *result = NULL;
|
||||
ldns_status status;
|
||||
*result_size = 0;
|
||||
*dest = NULL;
|
||||
@ -414,21 +385,8 @@ ldns_pkt2wire(uint8_t **dest, const ldns_pkt *packet, size_t *result_size)
|
||||
status = ldns_pkt2buffer_wire(buffer, packet);
|
||||
if (status == LDNS_STATUS_OK) {
|
||||
*result_size = ldns_buffer_position(buffer);
|
||||
result = (uint8_t *) ldns_buffer_export(buffer);
|
||||
} else {
|
||||
ldns_buffer_free(buffer);
|
||||
return status;
|
||||
*dest = (uint8_t *) ldns_buffer_export(buffer);
|
||||
}
|
||||
|
||||
if (result) {
|
||||
*dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer));
|
||||
if(!*dest) {
|
||||
ldns_buffer_free(buffer);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
memcpy(*dest, result, ldns_buffer_position(buffer));
|
||||
}
|
||||
|
||||
ldns_buffer_free(buffer);
|
||||
return status;
|
||||
}
|
||||
|
50
keys.c
50
keys.c
@ -431,8 +431,7 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr)
|
||||
ldns_key_free(k);
|
||||
return LDNS_STATUS_ERR;
|
||||
}
|
||||
ldns_key_set_rsa_key(k, rsa);
|
||||
RSA_free(rsa);
|
||||
ldns_key_assign_rsa_key(k, rsa);
|
||||
#endif /* HAVE_SSL */
|
||||
break;
|
||||
case LDNS_SIGN_DSA:
|
||||
@ -444,8 +443,7 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr)
|
||||
ldns_key_free(k);
|
||||
return LDNS_STATUS_ERR;
|
||||
}
|
||||
ldns_key_set_dsa_key(k, dsa);
|
||||
DSA_free(dsa);
|
||||
ldns_key_assign_dsa_key(k, dsa);
|
||||
#endif /* HAVE_SSL */
|
||||
break;
|
||||
case LDNS_SIGN_HMACMD5:
|
||||
@ -505,6 +503,7 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr)
|
||||
*key = k;
|
||||
return LDNS_STATUS_OK;
|
||||
}
|
||||
ldns_key_free(k);
|
||||
return LDNS_STATUS_ERR;
|
||||
}
|
||||
|
||||
@ -751,28 +750,21 @@ ldns_key_new_frm_fp_hmac_l( FILE *f
|
||||
, size_t *hmac_size
|
||||
)
|
||||
{
|
||||
size_t i;
|
||||
char *d;
|
||||
unsigned char *buf;
|
||||
|
||||
d = LDNS_XMALLOC(char, LDNS_MAX_LINELEN);
|
||||
buf = LDNS_XMALLOC(unsigned char, LDNS_MAX_LINELEN);
|
||||
if(!d || !buf) {
|
||||
goto error;
|
||||
}
|
||||
size_t i, bufsz;
|
||||
char d[LDNS_MAX_LINELEN];
|
||||
unsigned char *buf = NULL;
|
||||
|
||||
if (ldns_fget_keyword_data_l(f, "Key", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
|
||||
goto error;
|
||||
}
|
||||
i = (size_t) ldns_b64_pton((const char*)d,
|
||||
buf,
|
||||
ldns_b64_ntop_calculate_size(strlen(d)));
|
||||
bufsz = ldns_b64_ntop_calculate_size(strlen(d));
|
||||
buf = LDNS_XMALLOC(unsigned char, bufsz);
|
||||
i = (size_t) ldns_b64_pton((const char*)d, buf, bufsz);
|
||||
|
||||
*hmac_size = i;
|
||||
return buf;
|
||||
|
||||
error:
|
||||
LDNS_FREE(d);
|
||||
LDNS_FREE(buf);
|
||||
*hmac_size = 0;
|
||||
return NULL;
|
||||
@ -850,6 +842,7 @@ ldns_key_new_frm_algorithm(ldns_signing_algorithm alg, uint16_t size)
|
||||
return NULL;
|
||||
}
|
||||
ldns_key_set_rsa_key(k, r);
|
||||
RSA_free(r);
|
||||
#endif /* HAVE_SSL */
|
||||
break;
|
||||
case LDNS_SIGN_DSA:
|
||||
@ -865,6 +858,7 @@ ldns_key_new_frm_algorithm(ldns_signing_algorithm alg, uint16_t size)
|
||||
return NULL;
|
||||
}
|
||||
ldns_key_set_dsa_key(k, d);
|
||||
DSA_free(d);
|
||||
#endif /* HAVE_SSL */
|
||||
break;
|
||||
case LDNS_SIGN_HMACMD5:
|
||||
@ -1005,6 +999,22 @@ ldns_key_set_dsa_key(ldns_key *k, DSA *d)
|
||||
EVP_PKEY_set1_DSA(key, d);
|
||||
k->_key.key = key;
|
||||
}
|
||||
|
||||
void
|
||||
ldns_key_assign_rsa_key(ldns_key *k, RSA *r)
|
||||
{
|
||||
EVP_PKEY *key = EVP_PKEY_new();
|
||||
EVP_PKEY_assign_RSA(key, r);
|
||||
k->_key.key = key;
|
||||
}
|
||||
|
||||
void
|
||||
ldns_key_assign_dsa_key(ldns_key *k, DSA *d)
|
||||
{
|
||||
EVP_PKEY *key = EVP_PKEY_new();
|
||||
EVP_PKEY_assign_DSA(key, d);
|
||||
k->_key.key = key;
|
||||
}
|
||||
#endif /* splint */
|
||||
#endif /* HAVE_SSL */
|
||||
|
||||
@ -1302,7 +1312,7 @@ ldns_key_dsa2bin(unsigned char *data, DSA *k, uint16_t *size)
|
||||
}
|
||||
|
||||
/* See RFC2536 */
|
||||
*size = (uint16_t)BN_num_bytes(k->g);
|
||||
*size = (uint16_t)BN_num_bytes(k->p);
|
||||
T = (*size - 64) / 8;
|
||||
memcpy(data, &T, 1);
|
||||
|
||||
@ -1365,10 +1375,10 @@ ldns_key2rr(const ldns_key *k)
|
||||
#endif
|
||||
int internal_data = 0;
|
||||
|
||||
pubkey = ldns_rr_new();
|
||||
if (!k) {
|
||||
return NULL;
|
||||
}
|
||||
pubkey = ldns_rr_new();
|
||||
|
||||
switch (ldns_key_algorithm(k)) {
|
||||
case LDNS_SIGN_HMACMD5:
|
||||
@ -1638,7 +1648,7 @@ ldns_key_get_file_base_name(ldns_key *key)
|
||||
"+%03u+%05u",
|
||||
ldns_key_algorithm(key),
|
||||
ldns_key_keytag(key));
|
||||
file_base_name = strdup(ldns_buffer_export(buffer));
|
||||
file_base_name = ldns_buffer_export(buffer);
|
||||
ldns_buffer_free(buffer);
|
||||
return file_base_name;
|
||||
}
|
||||
|
@ -630,8 +630,9 @@ void ldns_buffer_free(ldns_buffer *buffer);
|
||||
void *ldns_buffer_export(ldns_buffer *buffer);
|
||||
|
||||
/**
|
||||
* Copy contents of the other buffer to this buffer. Silently truncated
|
||||
* if this buffer is too small.
|
||||
* Copy contents of the from buffer to the result buffer and then flips
|
||||
* the result buffer. Data will be silently truncated if the result buffer is
|
||||
* too small.
|
||||
* \param[out] *result resulting buffer which is copied to.
|
||||
* \param[in] *from what to copy to result.
|
||||
*/
|
||||
|
@ -23,6 +23,7 @@
|
||||
#define LDNS_BUILD_CONFIG_HAVE_INTTYPES_H @ldns_build_config_have_inttypes_h@
|
||||
#define LDNS_BUILD_CONFIG_HAVE_ATTR_FORMAT @ldns_build_config_have_attr_format@
|
||||
#define LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED @ldns_build_config_have_attr_unused@
|
||||
#define LDNS_BUILD_CONFIG_HAVE_SOCKLEN_T @ldns_build_config_have_socklen_t@
|
||||
|
||||
/*
|
||||
* HAVE_STDBOOL_H is not available when distributed as a library, but no build
|
||||
@ -65,4 +66,8 @@ typedef bool _Bool;
|
||||
#define ATTR_UNUSED(x) x
|
||||
#endif /* !LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED */
|
||||
|
||||
#if !LDNS_BUILD_CONFIG_HAVE_SOCKLEN_T
|
||||
typedef int socklen_t;
|
||||
#endif
|
||||
|
||||
#endif /* LDNS_COMMON_H */
|
||||
|
@ -33,6 +33,12 @@
|
||||
/* Define to 1 if you have the `ctime_r' function. */
|
||||
#undef HAVE_CTIME_R
|
||||
|
||||
/* Is a CAFILE given at configure time */
|
||||
#undef HAVE_DANE_CA_FILE
|
||||
|
||||
/* Is a CAPATH given at configure time */
|
||||
#undef HAVE_DANE_CA_PATH
|
||||
|
||||
/* Define to 1 if you have the declaration of `NID_secp384r1', and to 0 if you
|
||||
don't. */
|
||||
#undef HAVE_DECL_NID_SECP384R1
|
||||
@ -250,6 +256,15 @@
|
||||
/* Define to 1 if the system has the type `_Bool'. */
|
||||
#undef HAVE__BOOL
|
||||
|
||||
/* Is a CAFILE given at configure time */
|
||||
#undef LDNS_DANE_CA_FILE
|
||||
|
||||
/* Is a CAPATH given at configure time */
|
||||
#undef LDNS_DANE_CA_PATH
|
||||
|
||||
/* Default trust anchor file */
|
||||
#undef LDNS_TRUST_ANCHOR_FILE
|
||||
|
||||
/* Define to the sub-directory in which libtool stores uninstalled libraries.
|
||||
*/
|
||||
#undef LT_OBJDIR
|
||||
|
244
ldns/dane.h
Normal file
244
ldns/dane.h
Normal file
@ -0,0 +1,244 @@
|
||||
/*
|
||||
* dane.h -- defines for the DNS-Based Authentication of Named Entities (DANE)
|
||||
* Transport Layer Security (TLS) Protocol: TLSA
|
||||
*
|
||||
* Copyright (c) 2012, NLnet Labs. All rights reserved.
|
||||
*
|
||||
* See LICENSE for the license.
|
||||
*
|
||||
*/
|
||||
|
||||
/**
|
||||
* \file
|
||||
*
|
||||
* This module contains base functions for creating and verifying TLSA RR's
|
||||
* with PKIX certificates, certificate chains and validation stores.
|
||||
* (See RFC6394 and RFC6698).
|
||||
*
|
||||
* Since those functions heavily rely op cryptographic operations,
|
||||
* this module is dependent on openssl.
|
||||
*/
|
||||
|
||||
|
||||
#ifndef LDNS_DANE_H
|
||||
#define LDNS_DANE_H
|
||||
|
||||
#include <ldns/common.h>
|
||||
#include <ldns/rdata.h>
|
||||
#include <ldns/rr.h>
|
||||
#if LDNS_BUILD_CONFIG_HAVE_SSL
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/err.h>
|
||||
#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* The different "Certificate usage" rdata field values for a TLSA RR.
|
||||
*/
|
||||
enum ldns_enum_tlsa_certificate_usage
|
||||
{
|
||||
/** CA constraint */
|
||||
LDNS_TLSA_USAGE_CA_CONSTRAINT = 0,
|
||||
/** Sevice certificate constraint */
|
||||
LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT = 1,
|
||||
/** Trust anchor assertion */
|
||||
LDNS_TLSA_USAGE_TRUST_ANCHOR_ASSERTION = 2,
|
||||
/** Domain issued certificate */
|
||||
LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE = 3
|
||||
};
|
||||
typedef enum ldns_enum_tlsa_certificate_usage ldns_tlsa_certificate_usage;
|
||||
|
||||
/**
|
||||
* The different "Selector" rdata field values for a TLSA RR.
|
||||
*/
|
||||
enum ldns_enum_tlsa_selector
|
||||
{
|
||||
/**
|
||||
* Full certificate: the Certificate binary structure
|
||||
* as defined in [RFC5280]
|
||||
*/
|
||||
LDNS_TLSA_SELECTOR_FULL_CERTIFICATE = 0,
|
||||
|
||||
/**
|
||||
* SubjectPublicKeyInfo: DER-encoded binary structure
|
||||
* as defined in [RFC5280]
|
||||
*/
|
||||
LDNS_TLSA_SELECTOR_SUBJECTPUBLICKEYINFO = 1
|
||||
};
|
||||
typedef enum ldns_enum_tlsa_selector ldns_tlsa_selector;
|
||||
|
||||
/**
|
||||
* The different "Matching type" rdata field values for a TLSA RR.
|
||||
*/
|
||||
enum ldns_enum_tlsa_matching_type
|
||||
{
|
||||
/** Exact match on selected content */
|
||||
LDNS_TLSA_MATCHING_TYPE_NO_HASH_USED = 0,
|
||||
/** SHA-256 hash of selected content [RFC6234] */
|
||||
LDNS_TLSA_MATCHING_TYPE_SHA256 = 1,
|
||||
/** SHA-512 hash of selected content [RFC6234] */
|
||||
LDNS_TLSA_MATCHING_TYPE_SHA512 = 2
|
||||
};
|
||||
typedef enum ldns_enum_tlsa_matching_type ldns_tlsa_matching_type;
|
||||
|
||||
/**
|
||||
* Known transports to use with TLSA owner names.
|
||||
*/
|
||||
enum ldns_enum_dane_transport
|
||||
{
|
||||
/** TCP */
|
||||
LDNS_DANE_TRANSPORT_TCP = 0,
|
||||
/** UDP */
|
||||
LDNS_DANE_TRANSPORT_UDP = 1,
|
||||
/** SCTP */
|
||||
LDNS_DANE_TRANSPORT_SCTP = 2
|
||||
};
|
||||
typedef enum ldns_enum_dane_transport ldns_dane_transport;
|
||||
|
||||
|
||||
/**
|
||||
* Creates a dname consisting of the given name, prefixed by the service port
|
||||
* and type of transport: _<EM>port</EM>._<EM>transport</EM>.<EM>name</EM>.
|
||||
*
|
||||
* \param[out] tlsa_owner The created dname.
|
||||
* \param[in] name The dname that should be prefixed.
|
||||
* \param[in] port The service port number for wich the name should be created.
|
||||
* \param[in] transport The transport for wich the name should be created.
|
||||
* \return LDNS_STATUS_OK on success or an error code otherwise.
|
||||
*/
|
||||
ldns_status ldns_dane_create_tlsa_owner(ldns_rdf** tlsa_owner,
|
||||
const ldns_rdf* name, uint16_t port,
|
||||
ldns_dane_transport transport);
|
||||
|
||||
|
||||
#if LDNS_BUILD_CONFIG_HAVE_SSL
|
||||
/**
|
||||
* Creates a LDNS_RDF_TYPE_HEX type rdf based on the binary data choosen by
|
||||
* the selector and encoded using matching_type.
|
||||
*
|
||||
* \param[out] rdf The created created rdf of type LDNS_RDF_TYPE_HEX.
|
||||
* \param[in] cert The certificate from which the data is selected
|
||||
* \param[in] selector The full certificate or the public key
|
||||
* \param[in] matching_type The full data or the SHA256 or SHA512 hash
|
||||
* of the selected data
|
||||
* \return LDNS_STATUS_OK on success or an error code otherwise.
|
||||
*/
|
||||
ldns_status ldns_dane_cert2rdf(ldns_rdf** rdf, X509* cert,
|
||||
ldns_tlsa_selector selector,
|
||||
ldns_tlsa_matching_type matching_type);
|
||||
|
||||
|
||||
/**
|
||||
* Selects the certificate from cert, extra_certs or the pkix_validation_store
|
||||
* based on the value of cert_usage and index.
|
||||
*
|
||||
* \param[out] selected_cert The selected cert.
|
||||
* \param[in] cert The certificate to validate (or not)
|
||||
* \param[in] extra_certs Intermediate certificates that might be necessary
|
||||
* during validation. May be NULL, except when the certificate
|
||||
* usage is "Trust Anchor Assertion" because the trust anchor has
|
||||
* to be provided.(otherwise choose a "Domain issued certificate!"
|
||||
* \param[in] pkix_validation_store Used when the certificate usage is
|
||||
* "CA constraint" or "Service Certificate Constraint" to
|
||||
* validate the certificate and, in case of "CA constraint",
|
||||
* select the CA.
|
||||
* When pkix_validation_store is NULL, validation is explicitely
|
||||
* turned off and the behaviour is then the same as for "Trust
|
||||
* anchor assertion" and "Domain issued certificate" respectively.
|
||||
* \param[in] cert_usage Which certificate to use and how to validate.
|
||||
* \param[in] index Used to select the trust anchor when certificate usage
|
||||
* is "Trust Anchor Assertion". 0 is the last certificate in the
|
||||
* validation chain. 1 the one but last, etc. When index is -1,
|
||||
* the last certificate is used that MUST be self-signed.
|
||||
* This can help to make sure that the intended (self signed)
|
||||
* trust anchor is actually present in extra_certs (which is a
|
||||
* DANE requirement).
|
||||
*
|
||||
* \return LDNS_STATUS_OK on success or an error code otherwise.
|
||||
*/
|
||||
ldns_status ldns_dane_select_certificate(X509** selected_cert,
|
||||
X509* cert, STACK_OF(X509)* extra_certs,
|
||||
X509_STORE* pkix_validation_store,
|
||||
ldns_tlsa_certificate_usage cert_usage, int index);
|
||||
|
||||
/**
|
||||
* Creates a TLSA resource record from the certificate.
|
||||
* No PKIX validation is performed! The given certificate is used as data
|
||||
* regardless the value of certificate_usage.
|
||||
*
|
||||
* \param[out] tlsa The created TLSA resource record.
|
||||
* \param[in] certificate_usage The value for the Certificate Usage field
|
||||
* \param[in] selector The value for the Selector field
|
||||
* \param[in] matching_type The value for the Matching Type field
|
||||
* \param[in] cert The certificate which data will be represented
|
||||
*
|
||||
* \return LDNS_STATUS_OK on success or an error code otherwise.
|
||||
*/
|
||||
ldns_status ldns_dane_create_tlsa_rr(ldns_rr** tlsa,
|
||||
ldns_tlsa_certificate_usage certificate_usage,
|
||||
ldns_tlsa_selector selector,
|
||||
ldns_tlsa_matching_type matching_type,
|
||||
X509* cert);
|
||||
|
||||
/**
|
||||
* Verify if the given TLSA resource record matches the given certificate.
|
||||
* Reporting on a TLSA rr mismatch (LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH)
|
||||
* is preferred over PKIX failure (LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE).
|
||||
* So when PKIX validation is required by the TLSA Certificate usage,
|
||||
* but the TLSA data does not match, LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH
|
||||
* is returned whether the PKIX validated or not.
|
||||
*
|
||||
* \param[in] tlsa_rr The resource record that specifies what and how to
|
||||
* match the certificate. With tlsa_rr == NULL, regular PKIX
|
||||
* validation is performed.
|
||||
* \param[in] cert The certificate to match (and validate)
|
||||
* \param[in] extra_certs Intermediate certificates that might be necessary
|
||||
* creating the validation chain.
|
||||
* \param[in] pkix_validation_store Used when the certificate usage is
|
||||
* "CA constraint" or "Service Certificate Constraint" to
|
||||
* validate the certificate.
|
||||
*
|
||||
* \return LDNS_STATUS_OK on success,
|
||||
* LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH on TLSA data mismatch,
|
||||
* LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE when TLSA matched,
|
||||
* but the PKIX validation failed, or other ldns_status errors.
|
||||
*/
|
||||
ldns_status ldns_dane_verify_rr(const ldns_rr* tlsa_rr,
|
||||
X509* cert, STACK_OF(X509)* extra_certs,
|
||||
X509_STORE* pkix_validation_store);
|
||||
|
||||
/**
|
||||
* Verify if any of the given TLSA resource records matches the given
|
||||
* certificate.
|
||||
*
|
||||
* \param[in] tlsas The resource records that specify what and how to
|
||||
* match the certificate. One must match for this function
|
||||
* to succeed. With tlsas == NULL or the number of TLSA records
|
||||
* in tlsas == 0, regular PKIX validation is performed.
|
||||
* \param[in] cert The certificate to match (and validate)
|
||||
* \param[in] extra_certs Intermediate certificates that might be necessary
|
||||
* creating the validation chain.
|
||||
* \param[in] pkix_validation_store Used when the certificate usage is
|
||||
* "CA constraint" or "Service Certificate Constraint" to
|
||||
* validate the certificate.
|
||||
*
|
||||
* \return LDNS_STATUS_OK on success,
|
||||
* LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE when one of the TLSA's
|
||||
* matched but the PKIX validation failed,
|
||||
* LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH when none of the TLSA's matched,
|
||||
* or other ldns_status errors.
|
||||
*/
|
||||
ldns_status ldns_dane_verify(ldns_rr_list* tlsas,
|
||||
X509* cert, STACK_OF(X509)* extra_certs,
|
||||
X509_STORE* pkix_validation_store);
|
||||
#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* LDNS_DANE_H */
|
||||
|
@ -111,6 +111,7 @@ ldns_rdf *ldns_dname_new_frm_str(const char *str);
|
||||
* Create a new dname rdf from a string
|
||||
* \param[in] s the size of the new dname
|
||||
* \param[in] *data pointer to the actual data
|
||||
*
|
||||
* \return ldns_rdf*
|
||||
*/
|
||||
ldns_rdf *ldns_dname_new(uint16_t s, void *data);
|
||||
@ -119,6 +120,7 @@ ldns_rdf *ldns_dname_new(uint16_t s, void *data);
|
||||
* Create a new dname rdf from data (the data is copied)
|
||||
* \param[in] size the size of the data
|
||||
* \param[in] *data pointer to the actual data
|
||||
*
|
||||
* \return ldns_rdf*
|
||||
*/
|
||||
ldns_rdf *ldns_dname_new_frm_data(uint16_t size, const void *data);
|
||||
@ -177,6 +179,13 @@ int ldns_dname_interval(const ldns_rdf *prev, const ldns_rdf *middle, const ldns
|
||||
*/
|
||||
bool ldns_dname_str_absolute(const char *dname_str);
|
||||
|
||||
/**
|
||||
* Checks whether the given dname is absolute (i.e. ends with a '.')
|
||||
* \param[in] *dname a rdf representing the dname
|
||||
* \return true or false
|
||||
*/
|
||||
bool ldns_dname_absolute(const ldns_rdf *dname);
|
||||
|
||||
/**
|
||||
* look inside the rdf and if it is an LDNS_RDF_TYPE_DNAME
|
||||
* try and retrieve a specific label. The labels are numbered
|
||||
|
@ -198,6 +198,7 @@ RSA *ldns_key_buf2rsa_raw(unsigned char* key, size_t len);
|
||||
*
|
||||
* \param[in] *key the key to convert
|
||||
* \param[in] h the hash to use LDNS_SHA1/LDNS_SHA256
|
||||
*
|
||||
* \return ldns_rr* a new rr pointer to a DS
|
||||
*/
|
||||
ldns_rr *ldns_key_rr2ds(const ldns_rr *key, ldns_hash h);
|
||||
|
@ -367,6 +367,7 @@ void ldns_dnssec_derive_trust_tree_no_sig_time(
|
||||
*
|
||||
* \param *tree The trust tree so search
|
||||
* \param *keys A ldns_rr_list of DNSKEY and DS rrs to look for
|
||||
*
|
||||
* \return LDNS_STATUS_OK if there is a trusted path to one of
|
||||
* the keys, or the *first* error encountered
|
||||
* if there were no paths
|
||||
|
@ -8,7 +8,6 @@
|
||||
#ifndef LDNS_DNSSEC_ZONE_H
|
||||
#define LDNS_DNSSEC_ZONE_H
|
||||
|
||||
#include <ldns/ldns.h>
|
||||
#include <ldns/rbtree.h>
|
||||
#include <ldns/host2str.h>
|
||||
|
||||
|
17
ldns/error.h
17
ldns/error.h
@ -102,7 +102,22 @@ enum ldns_enum_status {
|
||||
LDNS_STATUS_MISSING_RDATA_FIELDS_RRSIG,
|
||||
LDNS_STATUS_MISSING_RDATA_FIELDS_KEY,
|
||||
LDNS_STATUS_CRYPTO_SIG_EXPIRED_WITHIN_MARGIN,
|
||||
LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN
|
||||
LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN,
|
||||
LDNS_STATUS_DANE_STATUS_MESSAGES,
|
||||
LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE,
|
||||
LDNS_STATUS_DANE_UNKNOWN_SELECTOR,
|
||||
LDNS_STATUS_DANE_UNKNOWN_MATCHING_TYPE,
|
||||
LDNS_STATUS_DANE_UNKNOWN_PROTOCOL,
|
||||
LDNS_STATUS_DANE_UNKNOWN_TRANSPORT,
|
||||
LDNS_STATUS_DANE_MISSING_EXTRA_CERTS,
|
||||
LDNS_STATUS_DANE_EXTRA_CERTS_NOT_USED,
|
||||
LDNS_STATUS_DANE_OFFSET_OUT_OF_RANGE,
|
||||
LDNS_STATUS_DANE_INSECURE,
|
||||
LDNS_STATUS_DANE_BOGUS,
|
||||
LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH,
|
||||
LDNS_STATUS_DANE_NON_CA_CERTIFICATE,
|
||||
LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE,
|
||||
LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR
|
||||
};
|
||||
typedef enum ldns_enum_status ldns_status;
|
||||
|
||||
|
@ -64,6 +64,8 @@ extern "C" {
|
||||
#define LDNS_COMMENT_LAYOUT 0x0080
|
||||
/** Also comment KEY_ID with RRSIGS **/
|
||||
#define LDNS_COMMENT_RRSIGS 0x0100
|
||||
#define LDNS_FMT_ZEROIZE_RRSIGS 0x0200
|
||||
#define LDNS_FMT_PAD_SOA_SERIAL 0x0400
|
||||
|
||||
/**
|
||||
* Output format specifier
|
||||
@ -601,14 +603,26 @@ char *ldns_rr_list2str_fmt(
|
||||
const ldns_output_format *fmt, const ldns_rr_list *rr_list);
|
||||
|
||||
/**
|
||||
* Returns the data in the buffer as a null terminated char * string
|
||||
* Buffer data must be char * type, and must be freed by the caller
|
||||
* Returns a copy of the data in the buffer as a null terminated
|
||||
* char * string. The returned string must be freed by the caller.
|
||||
* The buffer must be in write modus and may thus not have been flipped.
|
||||
*
|
||||
* \param[in] buffer buffer containing char * data
|
||||
* \return null terminated char * data, or NULL on error
|
||||
*/
|
||||
char *ldns_buffer2str(ldns_buffer *buffer);
|
||||
|
||||
/**
|
||||
* Exports and returns the data in the buffer as a null terminated
|
||||
* char * string. The returned string must be freed by the caller.
|
||||
* The buffer must be in write modus and may thus not have been flipped.
|
||||
* The buffer is fixed after this function returns.
|
||||
*
|
||||
* \param[in] buffer buffer containing char * data
|
||||
* \return null terminated char * data, or NULL on error
|
||||
*/
|
||||
char *ldns_buffer_export2str(ldns_buffer *buffer);
|
||||
|
||||
/**
|
||||
* Prints the data in the rdata field to the given file stream
|
||||
* (in presentation format)
|
||||
|
22
ldns/keys.h
22
ldns/keys.h
@ -25,7 +25,6 @@
|
||||
#if LDNS_BUILD_CONFIG_HAVE_SSL
|
||||
#include <openssl/ssl.h>
|
||||
#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
|
||||
#include <ldns/dnssec.h>
|
||||
#include <ldns/util.h>
|
||||
#include <errno.h>
|
||||
|
||||
@ -299,18 +298,37 @@ void ldns_key_set_algorithm(ldns_key *k, ldns_signing_algorithm l);
|
||||
void ldns_key_set_evp_key(ldns_key *k, EVP_PKEY *e);
|
||||
|
||||
/**
|
||||
* Set the key's rsa data
|
||||
* Set the key's rsa data.
|
||||
* The rsa data should be freed by the user.
|
||||
* \param[in] k the key
|
||||
* \param[in] r the rsa data
|
||||
*/
|
||||
void ldns_key_set_rsa_key(ldns_key *k, RSA *r);
|
||||
|
||||
/**
|
||||
* Set the key's dsa data
|
||||
* The dsa data should be freed by the user.
|
||||
* \param[in] k the key
|
||||
* \param[in] d the dsa data
|
||||
*/
|
||||
void ldns_key_set_dsa_key(ldns_key *k, DSA *d);
|
||||
|
||||
/**
|
||||
* Assign the key's rsa data
|
||||
* The rsa data will be freed automatically when the key is freed.
|
||||
* \param[in] k the key
|
||||
* \param[in] r the rsa data
|
||||
*/
|
||||
void ldns_key_assign_rsa_key(ldns_key *k, RSA *r);
|
||||
|
||||
/**
|
||||
* Assign the key's dsa data
|
||||
* The dsa data will be freed automatically when the key is freed.
|
||||
* \param[in] k the key
|
||||
* \param[in] d the dsa data
|
||||
*/
|
||||
void ldns_key_assign_dsa_key(ldns_key *k, DSA *d);
|
||||
|
||||
/**
|
||||
* Get the PKEY id for GOST, loads GOST into openssl as a side effect.
|
||||
* Only available if GOST is compiled into the library and openssl.
|
||||
|
@ -95,6 +95,7 @@ Or you can just use the menu above to browse through the API docs.
|
||||
#include <ldns/util.h>
|
||||
#include <ldns/buffer.h>
|
||||
#include <ldns/common.h>
|
||||
#include <ldns/dane.h>
|
||||
#include <ldns/dname.h>
|
||||
#include <ldns/dnssec.h>
|
||||
#include <ldns/dnssec_verify.h>
|
||||
|
@ -194,6 +194,7 @@ ldns_rdf_type ldns_rdf_get_type(const ldns_rdf *rd);
|
||||
/**
|
||||
* returns the data of the rdf.
|
||||
* \param[in] *rd the rdf to read from
|
||||
*
|
||||
* \return uint8_t* pointer to the rdf's data
|
||||
*/
|
||||
uint8_t *ldns_rdf_data(const ldns_rdf *rd);
|
||||
@ -303,6 +304,7 @@ ldns_rdf *ldns_native2rdf_int32(ldns_rdf_type type, uint32_t value);
|
||||
* The memory is copied, and an LDNS_RDF_TYPE_INT16DATA is returned
|
||||
* \param[in] size the size of the data
|
||||
* \param[in] *data pointer to the actual data
|
||||
*
|
||||
* \return ldns_rd* the rdf with the data
|
||||
*/
|
||||
ldns_rdf *ldns_native2rdf_int16_data(size_t size, uint8_t *data);
|
||||
|
@ -578,6 +578,7 @@ ldns_status ldns_resolver_push_nameserver_rr_list(ldns_resolver *r, ldns_rr_list
|
||||
* \param[in] t query for this type (may be 0, defaults to A)
|
||||
* \param[in] c query for this class (may be 0, default to IN)
|
||||
* \param[in] flags the query flags
|
||||
*
|
||||
* \return ldns_pkt* a packet with the reply from the nameserver
|
||||
*/
|
||||
ldns_pkt* ldns_resolver_search(const ldns_resolver *r, const ldns_rdf *rdf, ldns_rr_type t, ldns_rr_class c, uint16_t flags);
|
||||
@ -590,6 +591,7 @@ ldns_pkt* ldns_resolver_search(const ldns_resolver *r, const ldns_rdf *rdf, ldns
|
||||
* \param[in] t query for this type (may be 0, defaults to A)
|
||||
* \param[in] c query for this class (may be 0, default to IN)
|
||||
* \param[in] f the query flags
|
||||
*
|
||||
* \return ldns_pkt* a packet with the reply from the nameserver
|
||||
*/
|
||||
ldns_status ldns_resolver_prepare_query_pkt(ldns_pkt **q, ldns_resolver *r, const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t f);
|
||||
@ -602,6 +604,7 @@ ldns_status ldns_resolver_prepare_query_pkt(ldns_pkt **q, ldns_resolver *r, cons
|
||||
* \param[in] t query for this type (may be 0, defaults to A)
|
||||
* \param[in] c query for this class (may be 0, default to IN)
|
||||
* \param[in] flags the query flags
|
||||
*
|
||||
* \return ldns_pkt* a packet with the reply from the nameserver
|
||||
*/
|
||||
ldns_status ldns_resolver_send(ldns_pkt **answer, ldns_resolver *r, const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t flags);
|
||||
@ -621,6 +624,7 @@ ldns_status ldns_resolver_send_pkt(ldns_pkt **answer, ldns_resolver *r, ldns_pkt
|
||||
* \param[in] *t query for this type (may be 0, defaults to A)
|
||||
* \param[in] *c query for this class (may be 0, default to IN)
|
||||
* \param[in] flags the query flags
|
||||
*
|
||||
* \return ldns_pkt* a packet with the reply from the nameserver
|
||||
* if _defnames is true the default domain will be added
|
||||
*/
|
||||
|
@ -37,7 +37,7 @@ extern "C" {
|
||||
#define LDNS_RR_OVERHEAD 10
|
||||
|
||||
/* The first fields are 'common' and can be referenced instantly */
|
||||
#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON 52
|
||||
#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON 53
|
||||
|
||||
|
||||
|
||||
@ -179,6 +179,8 @@ enum ldns_enum_rr_type
|
||||
LDNS_RR_TYPE_NSEC3 = 50, /* RFC 5155 */
|
||||
LDNS_RR_TYPE_NSEC3PARAM = 51, /* RFC 5155 */
|
||||
LDNS_RR_TYPE_NSEC3PARAMS = 51,
|
||||
/** draft-ietf-dane-protocol */
|
||||
LDNS_RR_TYPE_TLSA = 52,
|
||||
|
||||
/** draft-ietf-dnsop-trust-history */
|
||||
LDNS_RR_TYPE_TALINK = 58,
|
||||
|
@ -268,6 +268,8 @@ const char * ldns_version(void);
|
||||
* \param[in] tm a struct tm* with the date
|
||||
* \return the seconds since epoch
|
||||
*/
|
||||
time_t ldns_mktime_from_utc(const struct tm *tm);
|
||||
|
||||
time_t mktime_from_utc(const struct tm *tm);
|
||||
|
||||
/**
|
||||
|
783
ldns_symbols.def
783
ldns_symbols.def
@ -1,783 +0,0 @@
|
||||
ldns_algorithm2buffer_str
|
||||
ldns_algorithms
|
||||
ldns_axfr_complete
|
||||
ldns_axfr_last_pkt
|
||||
ldns_axfr_next
|
||||
ldns_axfr_start
|
||||
ldns_b32_ntop
|
||||
ldns_b32_ntop_ar
|
||||
ldns_b32_ntop_extended_hex
|
||||
ldns_b32_pton
|
||||
ldns_b32_pton_ar
|
||||
ldns_b32_pton_extended_hex
|
||||
ldns_b64_ntop
|
||||
ldns_b64_pton
|
||||
ldns_bgetc
|
||||
ldns_bget_keyword_data
|
||||
ldns_bget_token
|
||||
ldns_bskipc
|
||||
ldns_bskipcs
|
||||
ldns_bubblebabble
|
||||
ldns_buffer2pkt_wire
|
||||
ldns_buffer2str
|
||||
ldns_buffer_copy
|
||||
ldns_buffer_export
|
||||
ldns_buffer_free
|
||||
ldns_buffer_new
|
||||
ldns_buffer_new_frm_data
|
||||
ldns_buffer_printf
|
||||
ldns_buffer_reserve
|
||||
ldns_buffer_set_capacity
|
||||
ldns_calc_keytag
|
||||
ldns_calc_keytag_raw
|
||||
ldns_cert_algorithm2buffer_str
|
||||
ldns_cert_algorithms
|
||||
ldns_convert_dsa_rrsig_asn12rdf
|
||||
ldns_convert_dsa_rrsig_rdf2asn1
|
||||
ldns_convert_ecdsa_rrsig_asn12rdf
|
||||
ldns_convert_ecdsa_rrsig_rdf2asn1
|
||||
ldns_create_empty_rrsig
|
||||
ldns_create_nsec
|
||||
ldns_create_nsec3
|
||||
ldns_digest_evp
|
||||
ldns_directive_types
|
||||
ldns_dname2buffer_wire
|
||||
ldns_dname2canonical
|
||||
ldns_dname_cat
|
||||
ldns_dname_cat_clone
|
||||
ldns_dname_clone_from
|
||||
ldns_dname_compare
|
||||
ldns_dname_compare_v
|
||||
ldns_dname_interval
|
||||
ldns_dname_is_subdomain
|
||||
ldns_dname_is_wildcard
|
||||
ldns_dname_label
|
||||
ldns_dname_label_count
|
||||
ldns_dname_left_chop
|
||||
ldns_dname_match_wildcard
|
||||
ldns_dname_new
|
||||
ldns_dname_new_frm_data
|
||||
ldns_dname_new_frm_str
|
||||
ldns_dname_reverse
|
||||
ldns_dname_str_absolute
|
||||
ldns_dnssec_build_data_chain
|
||||
ldns_dnssec_build_data_chain_nokeyname
|
||||
ldns_dnssec_chain_nsec3_list
|
||||
ldns_dnssec_create_nsec
|
||||
ldns_dnssec_create_nsec3
|
||||
ldns_dnssec_create_nsec_bitmap
|
||||
ldns_dnssec_data_chain_deep_free
|
||||
ldns_dnssec_data_chain_free
|
||||
ldns_dnssec_data_chain_new
|
||||
ldns_dnssec_data_chain_print
|
||||
ldns_dnssec_data_chain_print_fmt
|
||||
ldns_dnssec_default_add_to_signatures
|
||||
ldns_dnssec_default_delete_signatures
|
||||
ldns_dnssec_default_leave_signatures
|
||||
ldns_dnssec_default_replace_signatures
|
||||
ldns_dnssec_derive_trust_tree
|
||||
ldns_dnssec_derive_trust_tree_dnskey_rrset
|
||||
ldns_dnssec_derive_trust_tree_dnskey_rrset_time
|
||||
ldns_dnssec_derive_trust_tree_ds_rrset
|
||||
ldns_dnssec_derive_trust_tree_ds_rrset_time
|
||||
ldns_dnssec_derive_trust_tree_normal_rrset
|
||||
ldns_dnssec_derive_trust_tree_normal_rrset_time
|
||||
ldns_dnssec_derive_trust_tree_no_sig
|
||||
ldns_dnssec_derive_trust_tree_no_sig_time
|
||||
ldns_dnssec_derive_trust_tree_time
|
||||
ldns_dnssec_get_dnskey_for_rrsig
|
||||
ldns_dnssec_get_rrsig_for_name_and_type
|
||||
ldns_dnssec_name_add_rr
|
||||
ldns_dnssec_name_cmp
|
||||
ldns_dnssec_name_deep_free
|
||||
ldns_dnssec_name_find_rrset
|
||||
ldns_dnssec_name_free
|
||||
ldns_dnssec_name_is_glue
|
||||
ldns_dnssec_name_name
|
||||
ldns_dnssec_name_new
|
||||
ldns_dnssec_name_new_frm_rr
|
||||
ldns_dnssec_name_node_deep_free
|
||||
ldns_dnssec_name_node_free
|
||||
ldns_dnssec_name_node_next_nonglue
|
||||
ldns_dnssec_name_nsec
|
||||
ldns_dnssec_name_print
|
||||
ldns_dnssec_name_print_fmt
|
||||
ldns_dnssec_name_print_soa
|
||||
ldns_dnssec_name_print_soa_fmt
|
||||
ldns_dnssec_name_set_name
|
||||
ldns_dnssec_name_set_nsec
|
||||
ldns_dnssec_nsec3_closest_encloser
|
||||
ldns_dnssec_pkt_get_rrsigs_for_name_and_type
|
||||
ldns_dnssec_pkt_get_rrsigs_for_type
|
||||
ldns_dnssec_pkt_has_rrsigs
|
||||
ldns_dnssec_remove_signatures
|
||||
ldns_dnssec_rrs_add_rr
|
||||
ldns_dnssec_rrs_deep_free
|
||||
ldns_dnssec_rrsets_add_rr
|
||||
ldns_dnssec_rrsets_contains_type
|
||||
ldns_dnssec_rrsets_deep_free
|
||||
ldns_dnssec_rrsets_free
|
||||
ldns_dnssec_rrsets_new
|
||||
ldns_dnssec_rrsets_new_frm_rr
|
||||
ldns_dnssec_rrsets_print
|
||||
ldns_dnssec_rrsets_print_fmt
|
||||
ldns_dnssec_rrsets_print_soa
|
||||
ldns_dnssec_rrsets_print_soa_fmt
|
||||
ldns_dnssec_rrsets_set_type
|
||||
ldns_dnssec_rrsets_type
|
||||
ldns_dnssec_rrs_free
|
||||
ldns_dnssec_rrs_new
|
||||
ldns_dnssec_rrs_print
|
||||
ldns_dnssec_rrs_print_fmt
|
||||
ldns_dnssec_trust_tree_add_parent
|
||||
ldns_dnssec_trust_tree_contains_keys
|
||||
ldns_dnssec_trust_tree_depth
|
||||
ldns_dnssec_trust_tree_free
|
||||
ldns_dnssec_trust_tree_new
|
||||
ldns_dnssec_trust_tree_print
|
||||
ldns_dnssec_trust_tree_print_fmt
|
||||
ldns_dnssec_trust_tree_print_sm
|
||||
ldns_dnssec_trust_tree_print_sm_fmt
|
||||
ldns_dnssec_verify_denial
|
||||
ldns_dnssec_verify_denial_nsec3
|
||||
ldns_dnssec_zone_add_empty_nonterminals
|
||||
ldns_dnssec_zone_add_rr
|
||||
ldns_dnssec_zone_create_nsec3s
|
||||
ldns_dnssec_zone_create_nsecs
|
||||
ldns_dnssec_zone_create_rrsigs
|
||||
ldns_dnssec_zone_create_rrsigs_flg
|
||||
ldns_dnssec_zone_deep_free
|
||||
ldns_dnssec_zone_find_nsec3_original
|
||||
ldns_dnssec_zone_find_rrset
|
||||
ldns_dnssec_zone_free
|
||||
ldns_dnssec_zone_is_nsec3_optout
|
||||
ldns_dnssec_zone_mark_and_get_glue
|
||||
ldns_dnssec_zone_mark_glue
|
||||
ldns_dnssec_zone_names_print
|
||||
ldns_dnssec_zone_names_print_fmt
|
||||
ldns_dnssec_zone_new
|
||||
ldns_dnssec_zone_new_frm_fp
|
||||
ldns_dnssec_zone_new_frm_fp_l
|
||||
ldns_dnssec_zone_print
|
||||
ldns_dnssec_zone_print_fmt
|
||||
ldns_dnssec_zone_sign
|
||||
ldns_dnssec_zone_sign_flg
|
||||
ldns_dnssec_zone_sign_nsec3
|
||||
ldns_dnssec_zone_sign_nsec3_flg
|
||||
ldns_dnssec_zone_sign_nsec3_flg_mkmap
|
||||
ldns_ecdsa2pkey_raw
|
||||
ldns_edns_flags
|
||||
ldns_error_str
|
||||
ldns_fetch_valid_domain_keys
|
||||
ldns_fetch_valid_domain_keys_time
|
||||
ldns_fget_keyword_data
|
||||
ldns_fget_keyword_data_l
|
||||
ldns_fget_token
|
||||
ldns_fget_token_l
|
||||
ldns_fskipc
|
||||
ldns_fskipcs
|
||||
ldns_fskipcs_l
|
||||
ldns_getaddrinfo
|
||||
ldns_get_bit
|
||||
ldns_get_bit_r
|
||||
ldns_get_errorstr_by_id
|
||||
ldns_get_random
|
||||
ldns_get_rr_class_by_name
|
||||
ldns_get_rr_list_addr_by_name
|
||||
ldns_get_rr_list_hosts_frm_file
|
||||
ldns_get_rr_list_hosts_frm_fp
|
||||
ldns_get_rr_list_hosts_frm_fp_l
|
||||
ldns_get_rr_list_name_by_addr
|
||||
ldns_get_rr_type_by_name
|
||||
ldns_get_signing_algorithm_by_name
|
||||
ldns_gost2pkey_raw
|
||||
ldns_hexdigit_to_int
|
||||
ldns_hexstring_to_data
|
||||
ldns_init_random
|
||||
ldns_int_to_hexdigit
|
||||
ldns_is_rrset
|
||||
ldns_key2buffer_str
|
||||
ldns_key2rr
|
||||
ldns_key2str
|
||||
ldns_key_algorithm
|
||||
ldns_key_algo_supported
|
||||
ldns_key_buf2dsa
|
||||
ldns_key_buf2dsa_raw
|
||||
ldns_key_buf2rsa
|
||||
ldns_key_buf2rsa_raw
|
||||
ldns_key_deep_free
|
||||
ldns_key_dsa_key
|
||||
ldns_key_evp_key
|
||||
ldns_key_EVP_load_gost_id
|
||||
ldns_key_EVP_unload_gost
|
||||
ldns_key_expiration
|
||||
ldns_key_external_key
|
||||
ldns_key_flags
|
||||
ldns_key_free
|
||||
ldns_key_get_file_base_name
|
||||
ldns_key_hmac_key
|
||||
ldns_key_hmac_size
|
||||
ldns_key_inception
|
||||
ldns_key_keytag
|
||||
ldns_key_list_free
|
||||
ldns_key_list_key
|
||||
ldns_key_list_key_count
|
||||
ldns_key_list_new
|
||||
ldns_key_list_pop_key
|
||||
ldns_key_list_push_key
|
||||
ldns_key_list_set_key_count
|
||||
ldns_key_list_set_use
|
||||
ldns_key_new
|
||||
ldns_key_new_frm_algorithm
|
||||
ldns_key_new_frm_engine
|
||||
ldns_key_new_frm_fp
|
||||
ldns_key_new_frm_fp_dsa
|
||||
ldns_key_new_frm_fp_dsa_l
|
||||
ldns_key_new_frm_fp_hmac
|
||||
ldns_key_new_frm_fp_hmac_l
|
||||
ldns_key_new_frm_fp_l
|
||||
ldns_key_new_frm_fp_rsa
|
||||
ldns_key_new_frm_fp_rsa_l
|
||||
ldns_key_origttl
|
||||
ldns_key_print
|
||||
ldns_key_pubkey_owner
|
||||
ldns_key_rr2ds
|
||||
ldns_key_rsa_key
|
||||
ldns_key_set_algorithm
|
||||
ldns_key_set_dsa_key
|
||||
ldns_key_set_evp_key
|
||||
ldns_key_set_expiration
|
||||
ldns_key_set_external_key
|
||||
ldns_key_set_flags
|
||||
ldns_key_set_hmac_key
|
||||
ldns_key_set_hmac_size
|
||||
ldns_key_set_inception
|
||||
ldns_key_set_keytag
|
||||
ldns_key_set_origttl
|
||||
ldns_key_set_pubkey_owner
|
||||
ldns_key_set_rsa_key
|
||||
ldns_key_set_use
|
||||
ldns_key_use
|
||||
ldns_lookup_by_id
|
||||
ldns_lookup_by_name
|
||||
ldns_native2rdf_int16
|
||||
ldns_native2rdf_int16_data
|
||||
ldns_native2rdf_int32
|
||||
ldns_native2rdf_int8
|
||||
ldns_nsec3_add_param_rdfs
|
||||
ldns_nsec3_algorithm
|
||||
ldns_nsec3_bitmap
|
||||
ldns_nsec3_flags
|
||||
ldns_nsec3_hash_name
|
||||
ldns_nsec3_hash_name_frm_nsec3
|
||||
ldns_nsec3_iterations
|
||||
ldns_nsec3_next_owner
|
||||
ldns_nsec3_optout
|
||||
ldns_nsec3_salt
|
||||
ldns_nsec3_salt_data
|
||||
ldns_nsec3_salt_length
|
||||
ldns_nsec_bitmap_covers_type
|
||||
ldns_nsec_covers_name
|
||||
ldns_nsec_get_bitmap
|
||||
ldns_nsec_type_check
|
||||
ldns_octet
|
||||
ldns_opcodes
|
||||
ldns_pkt2buffer_str
|
||||
ldns_pkt2buffer_str_fmt
|
||||
ldns_pkt2buffer_wire
|
||||
ldns_pkt2str
|
||||
ldns_pkt2str_fmt
|
||||
ldns_pkt2wire
|
||||
ldns_pkt_aa
|
||||
ldns_pkt_ad
|
||||
ldns_pkt_additional
|
||||
ldns_pkt_algorithm2str
|
||||
ldns_pkt_all
|
||||
ldns_pkt_all_noquestion
|
||||
ldns_pkt_ancount
|
||||
ldns_pkt_answer
|
||||
ldns_pkt_answerfrom
|
||||
ldns_pkt_arcount
|
||||
ldns_pkt_authority
|
||||
ldns_pkt_cd
|
||||
ldns_pkt_cert_algorithm2str
|
||||
ldns_pkt_clone
|
||||
ldns_pkt_edns
|
||||
ldns_pkt_edns_data
|
||||
ldns_pkt_edns_do
|
||||
ldns_pkt_edns_extended_rcode
|
||||
ldns_pkt_edns_udp_size
|
||||
ldns_pkt_edns_version
|
||||
ldns_pkt_edns_z
|
||||
ldns_pkt_empty
|
||||
ldns_pkt_free
|
||||
ldns_pkt_get_opcode
|
||||
ldns_pkt_get_rcode
|
||||
ldns_pkt_get_section_clone
|
||||
ldns_pktheader2buffer_str
|
||||
ldns_pkt_id
|
||||
ldns_pkt_new
|
||||
ldns_pkt_nscount
|
||||
ldns_pkt_opcode2buffer_str
|
||||
ldns_pkt_opcode2str
|
||||
ldns_pkt_print
|
||||
ldns_pkt_print_fmt
|
||||
ldns_pkt_push_rr
|
||||
ldns_pkt_push_rr_list
|
||||
ldns_pkt_qdcount
|
||||
ldns_pkt_qr
|
||||
ldns_pkt_query_new
|
||||
ldns_pkt_query_new_frm_str
|
||||
ldns_pkt_querytime
|
||||
ldns_pkt_question
|
||||
ldns_pkt_ra
|
||||
ldns_pkt_rcode2buffer_str
|
||||
ldns_pkt_rcode2str
|
||||
ldns_pkt_rd
|
||||
ldns_pkt_reply_type
|
||||
ldns_pkt_rr
|
||||
ldns_pkt_rr_list_by_name
|
||||
ldns_pkt_rr_list_by_name_and_type
|
||||
ldns_pkt_rr_list_by_type
|
||||
ldns_pkt_safe_push_rr
|
||||
ldns_pkt_safe_push_rr_list
|
||||
ldns_pkt_section_count
|
||||
ldns_pkt_set_aa
|
||||
ldns_pkt_set_ad
|
||||
ldns_pkt_set_additional
|
||||
ldns_pkt_set_ancount
|
||||
ldns_pkt_set_answer
|
||||
ldns_pkt_set_answerfrom
|
||||
ldns_pkt_set_arcount
|
||||
ldns_pkt_set_authority
|
||||
ldns_pkt_set_cd
|
||||
ldns_pkt_set_edns_data
|
||||
ldns_pkt_set_edns_do
|
||||
ldns_pkt_set_edns_extended_rcode
|
||||
ldns_pkt_set_edns_udp_size
|
||||
ldns_pkt_set_edns_version
|
||||
ldns_pkt_set_edns_z
|
||||
ldns_pkt_set_flags
|
||||
ldns_pkt_set_id
|
||||
ldns_pkt_set_nscount
|
||||
ldns_pkt_set_opcode
|
||||
ldns_pkt_set_qdcount
|
||||
ldns_pkt_set_qr
|
||||
ldns_pkt_set_querytime
|
||||
ldns_pkt_set_question
|
||||
ldns_pkt_set_ra
|
||||
ldns_pkt_set_random_id
|
||||
ldns_pkt_set_rcode
|
||||
ldns_pkt_set_rd
|
||||
ldns_pkt_set_section_count
|
||||
ldns_pkt_set_size
|
||||
ldns_pkt_set_tc
|
||||
ldns_pkt_set_timestamp
|
||||
ldns_pkt_set_tsig
|
||||
ldns_pkt_size
|
||||
ldns_pkt_tc
|
||||
ldns_pkt_timestamp
|
||||
ldns_pkt_tsig
|
||||
ldns_pkt_tsig_sign
|
||||
ldns_pkt_tsig_sign_next
|
||||
ldns_pkt_tsig_verify
|
||||
ldns_pkt_tsig_verify_next
|
||||
ldns_pkt_verify
|
||||
ldns_pkt_verify_time
|
||||
ldns_print_rr_rdf
|
||||
ldns_rbtree_create
|
||||
ldns_rbtree_delete
|
||||
ldns_rbtree_find_less_equal
|
||||
ldns_rbtree_first
|
||||
ldns_rbtree_free
|
||||
ldns_rbtree_init
|
||||
ldns_rbtree_insert
|
||||
ldns_rbtree_insert_vref
|
||||
ldns_rbtree_join
|
||||
ldns_rbtree_last
|
||||
ldns_rbtree_next
|
||||
ldns_rbtree_null_node
|
||||
ldns_rbtree_previous
|
||||
ldns_rbtree_search
|
||||
ldns_rbtree_split
|
||||
ldns_rcodes
|
||||
ldns_rdf2buffer_str
|
||||
ldns_rdf2buffer_str_a
|
||||
ldns_rdf2buffer_str_aaaa
|
||||
ldns_rdf2buffer_str_alg
|
||||
ldns_rdf2buffer_str_apl
|
||||
ldns_rdf2buffer_str_b32_ext
|
||||
ldns_rdf2buffer_str_b64
|
||||
ldns_rdf2buffer_str_cert_alg
|
||||
ldns_rdf2buffer_str_class
|
||||
ldns_rdf2buffer_str_dname
|
||||
ldns_rdf2buffer_str_hex
|
||||
ldns_rdf2buffer_str_int16
|
||||
ldns_rdf2buffer_str_int16_data
|
||||
ldns_rdf2buffer_str_int32
|
||||
ldns_rdf2buffer_str_int8
|
||||
ldns_rdf2buffer_str_ipseckey
|
||||
ldns_rdf2buffer_str_loc
|
||||
ldns_rdf2buffer_str_nsap
|
||||
ldns_rdf2buffer_str_nsec
|
||||
ldns_rdf2buffer_str_nsec3_salt
|
||||
ldns_rdf2buffer_str_period
|
||||
ldns_rdf2buffer_str_str
|
||||
ldns_rdf2buffer_str_time
|
||||
ldns_rdf2buffer_str_tsig
|
||||
ldns_rdf2buffer_str_tsigtime
|
||||
ldns_rdf2buffer_str_type
|
||||
ldns_rdf2buffer_str_unknown
|
||||
ldns_rdf2buffer_str_wks
|
||||
ldns_rdf2buffer_wire
|
||||
ldns_rdf2buffer_wire_canonical
|
||||
ldns_rdf2native_int16
|
||||
ldns_rdf2native_int32
|
||||
ldns_rdf2native_int8
|
||||
ldns_rdf2native_sockaddr_storage
|
||||
ldns_rdf2native_time_t
|
||||
ldns_rdf2rr_type
|
||||
ldns_rdf2str
|
||||
ldns_rdf2wire
|
||||
ldns_rdf_address_reverse
|
||||
ldns_rdf_clone
|
||||
ldns_rdf_compare
|
||||
ldns_rdf_data
|
||||
ldns_rdf_deep_free
|
||||
ldns_rdf_free
|
||||
ldns_rdf_get_type
|
||||
ldns_rdf_new
|
||||
ldns_rdf_new_frm_data
|
||||
ldns_rdf_new_frm_fp
|
||||
ldns_rdf_new_frm_fp_l
|
||||
ldns_rdf_new_frm_str
|
||||
ldns_rdf_print
|
||||
ldns_rdf_set_data
|
||||
ldns_rdf_set_size
|
||||
ldns_rdf_set_type
|
||||
ldns_rdf_size
|
||||
ldns_read_anchor_file
|
||||
ldns_resolver_debug
|
||||
ldns_resolver_dec_nameserver_count
|
||||
ldns_resolver_deep_free
|
||||
ldns_resolver_defnames
|
||||
ldns_resolver_dnsrch
|
||||
ldns_resolver_dnssec
|
||||
ldns_resolver_dnssec_anchors
|
||||
ldns_resolver_dnssec_cd
|
||||
ldns_resolver_domain
|
||||
ldns_resolver_edns_udp_size
|
||||
ldns_resolver_fail
|
||||
ldns_resolver_fallback
|
||||
ldns_resolver_free
|
||||
ldns_resolver_igntc
|
||||
ldns_resolver_incr_nameserver_count
|
||||
ldns_resolver_ip6
|
||||
ldns_resolver_nameserver_count
|
||||
ldns_resolver_nameserver_rtt
|
||||
ldns_resolver_nameservers
|
||||
ldns_resolver_nameservers_randomize
|
||||
ldns_resolver_new
|
||||
ldns_resolver_new_frm_file
|
||||
ldns_resolver_new_frm_fp
|
||||
ldns_resolver_new_frm_fp_l
|
||||
ldns_resolver_pop_nameserver
|
||||
ldns_resolver_port
|
||||
ldns_resolver_prepare_query_pkt
|
||||
ldns_resolver_print
|
||||
ldns_resolver_print_fmt
|
||||
ldns_resolver_push_dnssec_anchor
|
||||
ldns_resolver_push_nameserver
|
||||
ldns_resolver_push_nameserver_rr
|
||||
ldns_resolver_push_nameserver_rr_list
|
||||
ldns_resolver_push_searchlist
|
||||
ldns_resolver_query
|
||||
ldns_resolver_random
|
||||
ldns_resolver_recursive
|
||||
ldns_resolver_retrans
|
||||
ldns_resolver_retry
|
||||
ldns_resolver_rtt
|
||||
ldns_resolver_search
|
||||
ldns_resolver_searchlist
|
||||
ldns_resolver_searchlist_count
|
||||
ldns_resolver_send
|
||||
ldns_resolver_send_pkt
|
||||
ldns_resolver_set_debug
|
||||
ldns_resolver_set_defnames
|
||||
ldns_resolver_set_dnsrch
|
||||
ldns_resolver_set_dnssec
|
||||
ldns_resolver_set_dnssec_anchors
|
||||
ldns_resolver_set_dnssec_cd
|
||||
ldns_resolver_set_domain
|
||||
ldns_resolver_set_edns_udp_size
|
||||
ldns_resolver_set_fail
|
||||
ldns_resolver_set_fallback
|
||||
ldns_resolver_set_igntc
|
||||
ldns_resolver_set_ip6
|
||||
ldns_resolver_set_nameserver_count
|
||||
ldns_resolver_set_nameserver_rtt
|
||||
ldns_resolver_set_nameservers
|
||||
ldns_resolver_set_port
|
||||
ldns_resolver_set_random
|
||||
ldns_resolver_set_recursive
|
||||
ldns_resolver_set_retrans
|
||||
ldns_resolver_set_retry
|
||||
ldns_resolver_set_rtt
|
||||
ldns_resolver_set_searchlist_count
|
||||
ldns_resolver_set_timeout
|
||||
ldns_resolver_set_tsig_algorithm
|
||||
ldns_resolver_set_tsig_keydata
|
||||
ldns_resolver_set_tsig_keyname
|
||||
ldns_resolver_set_usevc
|
||||
ldns_resolver_timeout
|
||||
ldns_resolver_trusted_key
|
||||
ldns_resolver_tsig_algorithm
|
||||
ldns_resolver_tsig_keydata
|
||||
ldns_resolver_tsig_keyname
|
||||
ldns_resolver_usevc
|
||||
ldns_rr2buffer_str
|
||||
ldns_rr2buffer_str_fmt
|
||||
ldns_rr2buffer_wire
|
||||
ldns_rr2buffer_wire_canonical
|
||||
ldns_rr2canonical
|
||||
ldns_rr2str
|
||||
ldns_rr2str_fmt
|
||||
ldns_rr2wire
|
||||
ldns_rr_a_address
|
||||
ldns_rr_a_set_address
|
||||
ldns_rr_class2buffer_str
|
||||
ldns_rr_class2str
|
||||
ldns_rr_classes
|
||||
ldns_rr_clone
|
||||
ldns_rr_compare
|
||||
ldns_rr_compare_ds
|
||||
ldns_rr_compare_no_rdata
|
||||
ldns_rr_compare_wire
|
||||
ldns_rr_descript
|
||||
ldns_rr_descriptor_field_type
|
||||
ldns_rr_descriptor_maximum
|
||||
ldns_rr_descriptor_minimum
|
||||
ldns_rr_dnskey_algorithm
|
||||
ldns_rr_dnskey_flags
|
||||
ldns_rr_dnskey_key
|
||||
ldns_rr_dnskey_key_size
|
||||
ldns_rr_dnskey_key_size_raw
|
||||
ldns_rr_dnskey_protocol
|
||||
ldns_rr_dnskey_set_algorithm
|
||||
ldns_rr_dnskey_set_flags
|
||||
ldns_rr_dnskey_set_key
|
||||
ldns_rr_dnskey_set_protocol
|
||||
ldns_rr_free
|
||||
ldns_rr_get_class
|
||||
ldns_rr_get_type
|
||||
ldns_rr_label_count
|
||||
ldns_rr_list2buffer_str
|
||||
ldns_rr_list2buffer_str_fmt
|
||||
ldns_rr_list2buffer_wire
|
||||
ldns_rr_list2canonical
|
||||
ldns_rr_list2str
|
||||
ldns_rr_list2str_fmt
|
||||
ldns_rr_list_cat
|
||||
ldns_rr_list_cat_clone
|
||||
ldns_rr_list_clone
|
||||
ldns_rr_list_compare
|
||||
ldns_rr_list_contains_rr
|
||||
ldns_rr_list_deep_free
|
||||
ldns_rr_list_free
|
||||
ldns_rr_list_new
|
||||
ldns_rr_list_owner
|
||||
ldns_rr_list_pop_rr
|
||||
ldns_rr_list_pop_rr_list
|
||||
ldns_rr_list_pop_rrset
|
||||
ldns_rr_list_print
|
||||
ldns_rr_list_print_fmt
|
||||
ldns_rr_list_push_rr
|
||||
ldns_rr_list_push_rr_list
|
||||
ldns_rr_list_rr
|
||||
ldns_rr_list_rr_count
|
||||
ldns_rr_list_set_rr
|
||||
ldns_rr_list_set_rr_count
|
||||
ldns_rr_list_sort
|
||||
ldns_rr_list_sort_nsec3
|
||||
ldns_rr_list_subtype_by_rdf
|
||||
ldns_rr_list_type
|
||||
ldns_rr_mx_exchange
|
||||
ldns_rr_mx_preference
|
||||
ldns_rr_new
|
||||
ldns_rr_new_frm_fp
|
||||
ldns_rr_new_frm_fp_l
|
||||
ldns_rr_new_frm_str
|
||||
ldns_rr_new_frm_type
|
||||
ldns_rr_new_question_frm_str
|
||||
ldns_rr_ns_nsdname
|
||||
ldns_rr_owner
|
||||
ldns_rr_pop_rdf
|
||||
ldns_rr_print
|
||||
ldns_rr_print_fmt
|
||||
ldns_rr_push_rdf
|
||||
ldns_rr_rdata2buffer_wire
|
||||
ldns_rr_rd_count
|
||||
ldns_rr_rdf
|
||||
ldns_rr_rrsig_algorithm
|
||||
ldns_rr_rrsig_expiration
|
||||
ldns_rr_rrsig_inception
|
||||
ldns_rr_rrsig_keytag
|
||||
ldns_rr_rrsig_labels
|
||||
ldns_rr_rrsig_origttl
|
||||
ldns_rr_rrsig_set_algorithm
|
||||
ldns_rr_rrsig_set_expiration
|
||||
ldns_rr_rrsig_set_inception
|
||||
ldns_rr_rrsig_set_keytag
|
||||
ldns_rr_rrsig_set_labels
|
||||
ldns_rr_rrsig_set_origttl
|
||||
ldns_rr_rrsig_set_sig
|
||||
ldns_rr_rrsig_set_signame
|
||||
ldns_rr_rrsig_set_typecovered
|
||||
ldns_rr_rrsig_sig
|
||||
ldns_rr_rrsig_signame
|
||||
ldns_rr_rrsig_typecovered
|
||||
ldns_rr_set_class
|
||||
ldns_rr_set_owner
|
||||
ldns_rr_set_pop_rr
|
||||
ldns_rr_set_push_rr
|
||||
ldns_rr_set_rd_count
|
||||
ldns_rr_set_rdf
|
||||
ldns_rr_set_ttl
|
||||
ldns_rr_set_type
|
||||
ldns_rr_soa_increment
|
||||
ldns_rr_soa_increment_func
|
||||
ldns_rr_soa_increment_func_data
|
||||
ldns_rr_soa_increment_func_int
|
||||
ldns_rrsig2buffer_wire
|
||||
ldns_rr_ttl
|
||||
ldns_rr_type2buffer_str
|
||||
ldns_rr_type2str
|
||||
ldns_rr_uncompressed_size
|
||||
ldns_send
|
||||
ldns_send_buffer
|
||||
ldns_serial_arithmitics_gmtime_r
|
||||
ldns_set_bit
|
||||
ldns_sha1
|
||||
ldns_sha1_final
|
||||
ldns_sha1_init
|
||||
ldns_sha1_transform
|
||||
ldns_sha1_update
|
||||
ldns_signing_algorithms
|
||||
ldns_sign_public
|
||||
ldns_sign_public_buffer
|
||||
ldns_sign_public_dsa
|
||||
ldns_sign_public_evp
|
||||
ldns_sign_public_rsamd5
|
||||
ldns_sign_public_rsasha1
|
||||
ldns_soa_serial_datecounter
|
||||
ldns_soa_serial_identity
|
||||
ldns_soa_serial_increment
|
||||
ldns_soa_serial_increment_by
|
||||
ldns_soa_serial_unixtime
|
||||
ldns_sockaddr_storage2rdf
|
||||
ldns_str2period
|
||||
ldns_str2rdf_a
|
||||
ldns_str2rdf_aaaa
|
||||
ldns_str2rdf_alg
|
||||
ldns_str2rdf_apl
|
||||
ldns_str2rdf_b32_ext
|
||||
ldns_str2rdf_b64
|
||||
ldns_str2rdf_cert_alg
|
||||
ldns_str2rdf_class
|
||||
ldns_str2rdf_dname
|
||||
ldns_str2rdf_hex
|
||||
ldns_str2rdf_int16
|
||||
ldns_str2rdf_int32
|
||||
ldns_str2rdf_int8
|
||||
ldns_str2rdf_loc
|
||||
ldns_str2rdf_nsap
|
||||
ldns_str2rdf_nsec
|
||||
ldns_str2rdf_nsec3_salt
|
||||
ldns_str2rdf_period
|
||||
ldns_str2rdf_service
|
||||
ldns_str2rdf_str
|
||||
ldns_str2rdf_time
|
||||
ldns_str2rdf_tsig
|
||||
ldns_str2rdf_type
|
||||
ldns_str2rdf_unknown
|
||||
ldns_str2rdf_wks
|
||||
ldns_tcp_bgsend
|
||||
ldns_tcp_connect
|
||||
ldns_tcp_read_wire
|
||||
ldns_tcp_read_wire_timeout
|
||||
ldns_tcp_send
|
||||
ldns_tcp_send_query
|
||||
ldns_traverse_postorder
|
||||
ldns_tsig_algorithm
|
||||
ldns_tsig_keydata
|
||||
ldns_tsig_keydata_clone
|
||||
ldns_tsig_keyname
|
||||
ldns_tsig_keyname_clone
|
||||
ldns_tsig_prepare_pkt_wire
|
||||
ldns_udp_bgsend
|
||||
ldns_udp_connect
|
||||
ldns_udp_read_wire
|
||||
ldns_udp_send
|
||||
ldns_udp_send_query
|
||||
ldns_update_ad
|
||||
ldns_update_pkt_new
|
||||
ldns_update_pkt_tsig_add
|
||||
ldns_update_prcount
|
||||
ldns_update_set_adcount
|
||||
ldns_update_set_prcount
|
||||
ldns_update_set_upcount
|
||||
ldns_update_set_zo
|
||||
ldns_update_soa_mname
|
||||
ldns_update_soa_zone_mname
|
||||
ldns_update_upcount
|
||||
ldns_update_zocount
|
||||
ldns_validate_domain_dnskey
|
||||
ldns_validate_domain_dnskey_time
|
||||
ldns_validate_domain_ds
|
||||
ldns_validate_domain_ds_time
|
||||
ldns_verify
|
||||
ldns_verify_notime
|
||||
ldns_verify_rrsig
|
||||
ldns_verify_rrsig_buffers
|
||||
ldns_verify_rrsig_buffers_raw
|
||||
ldns_verify_rrsig_dsa
|
||||
ldns_verify_rrsig_dsa_raw
|
||||
ldns_verify_rrsig_evp
|
||||
ldns_verify_rrsig_evp_raw
|
||||
ldns_verify_rrsig_keylist
|
||||
ldns_verify_rrsig_keylist_notime
|
||||
ldns_verify_rrsig_keylist_time
|
||||
ldns_verify_rrsig_rsamd5
|
||||
ldns_verify_rrsig_rsamd5_raw
|
||||
ldns_verify_rrsig_rsasha1
|
||||
ldns_verify_rrsig_rsasha1_raw
|
||||
ldns_verify_rrsig_rsasha256_raw
|
||||
ldns_verify_rrsig_rsasha512_raw
|
||||
ldns_verify_rrsig_time
|
||||
ldns_verify_time
|
||||
ldns_verify_trusted
|
||||
ldns_verify_trusted_time
|
||||
ldns_version
|
||||
ldns_wire2dname
|
||||
ldns_wire2pkt
|
||||
ldns_wire2rdf
|
||||
ldns_wire2rr
|
||||
ldns_zone_deep_free
|
||||
ldns_zone_free
|
||||
ldns_zone_glue_rr_list
|
||||
ldns_zone_new
|
||||
ldns_zone_new_frm_fp
|
||||
ldns_zone_new_frm_fp_l
|
||||
ldns_zone_print
|
||||
ldns_zone_print_fmt
|
||||
ldns_zone_push_rr
|
||||
ldns_zone_push_rr_list
|
||||
ldns_zone_rr_count
|
||||
ldns_zone_rrs
|
||||
ldns_zone_set_rrs
|
||||
ldns_zone_set_soa
|
||||
ldns_zone_sign
|
||||
ldns_zone_sign_nsec3
|
||||
ldns_zone_soa
|
||||
ldns_zone_sort
|
||||
ldns_zone_strip_glue_rrs
|
189
libdns.doxygen
189
libdns.doxygen
@ -1,4 +1,4 @@
|
||||
# Doxyfile 1.7.3
|
||||
# Doxyfile 1.7.6.1
|
||||
|
||||
# This file describes the settings to be used by the documentation system
|
||||
# doxygen (www.doxygen.org) for a project.
|
||||
@ -22,8 +22,9 @@
|
||||
|
||||
DOXYFILE_ENCODING = UTF-8
|
||||
|
||||
# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
|
||||
# by quotes) that should identify the project.
|
||||
# The PROJECT_NAME tag is a single word (or sequence of words) that should
|
||||
# identify the project. Note that if you do not use Doxywizard you need
|
||||
# to put quotes around the project name if it contains spaces.
|
||||
|
||||
PROJECT_NAME = ldns
|
||||
|
||||
@ -33,7 +34,9 @@ PROJECT_NAME = ldns
|
||||
|
||||
PROJECT_NUMBER = 1.6.7
|
||||
|
||||
# Using the PROJECT_BRIEF tag one can provide an optional one line description for a project that appears at the top of each page and should give viewer a quick idea about the purpose of the project. Keep the description short.
|
||||
# Using the PROJECT_BRIEF tag one can provide an optional one line description
|
||||
# for a project that appears at the top of each page and should give viewer
|
||||
# a quick idea about the purpose of the project. Keep the description short.
|
||||
|
||||
PROJECT_BRIEF =
|
||||
|
||||
@ -192,6 +195,13 @@ TAB_SIZE = 8
|
||||
|
||||
ALIASES =
|
||||
|
||||
# This tag can be used to specify a number of word-keyword mappings (TCL only).
|
||||
# A mapping has the form "name=value". For example adding
|
||||
# "class=itcl::class" will allow you to use the command class in the
|
||||
# itcl::class meaning.
|
||||
|
||||
TCL_SUBST =
|
||||
|
||||
# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C
|
||||
# sources only. Doxygen will then generate output that is more tailored for C.
|
||||
# For instance, some of the names that are used will be different. The list
|
||||
@ -274,6 +284,22 @@ DISTRIBUTE_GROUP_DOC = NO
|
||||
|
||||
SUBGROUPING = YES
|
||||
|
||||
# When the INLINE_GROUPED_CLASSES tag is set to YES, classes, structs and
|
||||
# unions are shown inside the group in which they are included (e.g. using
|
||||
# @ingroup) instead of on a separate page (for HTML and Man pages) or
|
||||
# section (for LaTeX and RTF).
|
||||
|
||||
INLINE_GROUPED_CLASSES = NO
|
||||
|
||||
# When the INLINE_SIMPLE_STRUCTS tag is set to YES, structs, classes, and
|
||||
# unions with only public data fields will be shown inline in the documentation
|
||||
# of the scope in which they are defined (i.e. file, namespace, or group
|
||||
# documentation), provided this scope is documented. If set to NO (the default),
|
||||
# structs, classes, and unions are shown on a separate page (for HTML and Man
|
||||
# pages) or section (for LaTeX and RTF).
|
||||
|
||||
INLINE_SIMPLE_STRUCTS = NO
|
||||
|
||||
# When TYPEDEF_HIDES_STRUCT is enabled, a typedef of a struct, union, or enum
|
||||
# is documented as struct, union, or enum with the name of the typedef. So
|
||||
# typedef struct TypeS {} TypeT, will appear in the documentation as a struct
|
||||
@ -296,10 +322,21 @@ TYPEDEF_HIDES_STRUCT = NO
|
||||
# a logarithmic scale so increasing the size by one will roughly double the
|
||||
# memory usage. The cache size is given by this formula:
|
||||
# 2^(16+SYMBOL_CACHE_SIZE). The valid range is 0..9, the default is 0,
|
||||
# corresponding to a cache size of 2^16 = 65536 symbols
|
||||
# corresponding to a cache size of 2^16 = 65536 symbols.
|
||||
|
||||
SYMBOL_CACHE_SIZE = 0
|
||||
|
||||
# Similar to the SYMBOL_CACHE_SIZE the size of the symbol lookup cache can be
|
||||
# set using LOOKUP_CACHE_SIZE. This cache is used to resolve symbols given
|
||||
# their name and scope. Since this can be an expensive process and often the
|
||||
# same symbol appear multiple times in the code, doxygen keeps a cache of
|
||||
# pre-resolved symbols. If the cache is too small doxygen will become slower.
|
||||
# If the cache is too large, memory is wasted. The cache size is given by this
|
||||
# formula: 2^(16+LOOKUP_CACHE_SIZE). The valid range is 0..9, the default is 0,
|
||||
# corresponding to a cache size of 2^16 = 65536 symbols.
|
||||
|
||||
LOOKUP_CACHE_SIZE = 0
|
||||
|
||||
#---------------------------------------------------------------------------
|
||||
# Build related configuration options
|
||||
#---------------------------------------------------------------------------
|
||||
@ -449,8 +486,11 @@ SORT_GROUP_NAMES = NO
|
||||
|
||||
SORT_BY_SCOPE_NAME = NO
|
||||
|
||||
# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to do proper type resolution of all parameters of a function it will reject a
|
||||
# match between the prototype and the implementation of a member function even if there is only one candidate or it is obvious which candidate to choose by doing a simple string match. By disabling STRICT_PROTO_MATCHING doxygen
|
||||
# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to
|
||||
# do proper type resolution of all parameters of a function it will reject a
|
||||
# match between the prototype and the implementation of a member function even
|
||||
# if there is only one candidate or it is obvious which candidate to choose
|
||||
# by doing a simple string match. By disabling STRICT_PROTO_MATCHING doxygen
|
||||
# will still accept a match between prototype and implementation in such cases.
|
||||
|
||||
STRICT_PROTO_MATCHING = NO
|
||||
@ -538,6 +578,16 @@ FILE_VERSION_FILTER =
|
||||
|
||||
LAYOUT_FILE =
|
||||
|
||||
# The CITE_BIB_FILES tag can be used to specify one or more bib files
|
||||
# containing the references data. This must be a list of .bib files. The
|
||||
# .bib extension is automatically appended if omitted. Using this command
|
||||
# requires the bibtex tool to be installed. See also
|
||||
# http://en.wikipedia.org/wiki/BibTeX for more info. For LaTeX the style
|
||||
# of the bibliography can be controlled using LATEX_BIB_STYLE. To use this
|
||||
# feature you need bibtex and perl available in the search path.
|
||||
|
||||
CITE_BIB_FILES =
|
||||
|
||||
#---------------------------------------------------------------------------
|
||||
# configuration options related to warning and progress messages
|
||||
#---------------------------------------------------------------------------
|
||||
@ -629,13 +679,15 @@ FILE_PATTERNS =
|
||||
|
||||
RECURSIVE = NO
|
||||
|
||||
# The EXCLUDE tag can be used to specify files and/or directories that should
|
||||
# The EXCLUDE tag can be used to specify files and/or directories that should be
|
||||
# excluded from the INPUT source files. This way you can easily exclude a
|
||||
# subdirectory from a directory tree whose root is specified with the INPUT tag.
|
||||
# Note that relative paths are relative to the directory from which doxygen is
|
||||
# run.
|
||||
|
||||
EXCLUDE =
|
||||
|
||||
# The EXCLUDE_SYMLINKS tag can be used select whether or not files or
|
||||
# The EXCLUDE_SYMLINKS tag can be used to select whether or not files or
|
||||
# directories that are symbolic links (a Unix file system feature) are excluded
|
||||
# from the input.
|
||||
|
||||
@ -821,7 +873,14 @@ HTML_FILE_EXTENSION = .html
|
||||
|
||||
# The HTML_HEADER tag can be used to specify a personal HTML header for
|
||||
# each generated HTML page. If it is left blank doxygen will generate a
|
||||
# standard header.
|
||||
# standard header. Note that when using a custom header you are responsible
|
||||
# for the proper inclusion of any scripts and style sheets that doxygen
|
||||
# needs, which is dependent on the configuration options used.
|
||||
# It is advised to generate a default header using "doxygen -w html
|
||||
# header.html footer.html stylesheet.css YourConfigFile" and then modify
|
||||
# that header. Note that the header is subject to change so you typically
|
||||
# have to redo this when upgrading to a newer version of doxygen or when
|
||||
# changing the value of configuration settings such as GENERATE_TREEVIEW!
|
||||
|
||||
HTML_HEADER = doc/header.html
|
||||
|
||||
@ -836,12 +895,21 @@ HTML_FOOTER =
|
||||
# fine-tune the look of the HTML output. If the tag is left blank doxygen
|
||||
# will generate a default style sheet. Note that doxygen will try to copy
|
||||
# the style sheet file to the HTML output directory, so don't put your own
|
||||
# stylesheet in the HTML output directory as well, or it will be erased!
|
||||
# style sheet in the HTML output directory as well, or it will be erased!
|
||||
|
||||
HTML_STYLESHEET =
|
||||
|
||||
# The HTML_EXTRA_FILES tag can be used to specify one or more extra images or
|
||||
# other source files which should be copied to the HTML output directory. Note
|
||||
# that these files will be copied to the base HTML output directory. Use the
|
||||
# $relpath$ marker in the HTML_HEADER and/or HTML_FOOTER files to load these
|
||||
# files. In the HTML_STYLESHEET file, use the file name only. Also note that
|
||||
# the files will be copied as-is; there are no commands or markers available.
|
||||
|
||||
HTML_EXTRA_FILES =
|
||||
|
||||
# The HTML_COLORSTYLE_HUE tag controls the color of the HTML output.
|
||||
# Doxygen will adjust the colors in the stylesheet and background images
|
||||
# Doxygen will adjust the colors in the style sheet and background images
|
||||
# according to this color. Hue is specified as an angle on a colorwheel,
|
||||
# see http://en.wikipedia.org/wiki/Hue for more information.
|
||||
# For instance the value 0 represents red, 60 is yellow, 120 is green,
|
||||
@ -871,12 +939,6 @@ HTML_COLORSTYLE_GAMMA = 80
|
||||
|
||||
HTML_TIMESTAMP = YES
|
||||
|
||||
# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes,
|
||||
# files or namespaces will be aligned in HTML using tables. If set to
|
||||
# NO a bullet list will be used.
|
||||
|
||||
HTML_ALIGN_MEMBERS = YES
|
||||
|
||||
# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML
|
||||
# documentation will contain sections that can be hidden and shown after the
|
||||
# page has loaded. For this to work a browser that supports
|
||||
@ -1036,18 +1098,14 @@ GENERATE_ECLIPSEHELP = NO
|
||||
|
||||
ECLIPSE_DOC_ID = org.doxygen.Project
|
||||
|
||||
# The DISABLE_INDEX tag can be used to turn on/off the condensed index at
|
||||
# top of each HTML page. The value NO (the default) enables the index and
|
||||
# the value YES disables it.
|
||||
# The DISABLE_INDEX tag can be used to turn on/off the condensed index (tabs)
|
||||
# at top of each HTML page. The value NO (the default) enables the index and
|
||||
# the value YES disables it. Since the tabs have the same information as the
|
||||
# navigation tree you can set this option to NO if you already set
|
||||
# GENERATE_TREEVIEW to YES.
|
||||
|
||||
DISABLE_INDEX = NO
|
||||
|
||||
# This tag can be used to set the number of enum values (range [0,1..20])
|
||||
# that doxygen will group on one line in the generated HTML documentation.
|
||||
# Note that a value of 0 will completely suppress the enum values from appearing in the overview section.
|
||||
|
||||
ENUM_VALUES_PER_LINE = 4
|
||||
|
||||
# The GENERATE_TREEVIEW tag is used to specify whether a tree-like index
|
||||
# structure should be generated to display hierarchical information.
|
||||
# If the tag value is set to YES, a side panel will be generated
|
||||
@ -1055,13 +1113,17 @@ ENUM_VALUES_PER_LINE = 4
|
||||
# is generated for HTML Help). For this to work a browser that supports
|
||||
# JavaScript, DHTML, CSS and frames is required (i.e. any modern browser).
|
||||
# Windows users are probably better off using the HTML help feature.
|
||||
# Since the tree basically has the same information as the tab index you
|
||||
# could consider to set DISABLE_INDEX to NO when enabling this option.
|
||||
|
||||
GENERATE_TREEVIEW = NO
|
||||
|
||||
# By enabling USE_INLINE_TREES, doxygen will generate the Groups, Directories,
|
||||
# and Class Hierarchy pages using a tree view instead of an ordered list.
|
||||
# The ENUM_VALUES_PER_LINE tag can be used to set the number of enum values
|
||||
# (range [0,1..20]) that doxygen will group on one line in the generated HTML
|
||||
# documentation. Note that a value of 0 will completely suppress the enum
|
||||
# values from appearing in the overview section.
|
||||
|
||||
USE_INLINE_TREES = NO
|
||||
ENUM_VALUES_PER_LINE = 4
|
||||
|
||||
# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be
|
||||
# used to set the initial width (in pixels) of the frame in which the tree
|
||||
@ -1103,12 +1165,18 @@ USE_MATHJAX = NO
|
||||
# HTML output directory using the MATHJAX_RELPATH option. The destination
|
||||
# directory should contain the MathJax.js script. For instance, if the mathjax
|
||||
# directory is located at the same level as the HTML output directory, then
|
||||
# MATHJAX_RELPATH should be ../mathjax. The default value points to the mathjax.org site, so you can quickly see the result without installing
|
||||
# MATHJAX_RELPATH should be ../mathjax. The default value points to the
|
||||
# mathjax.org site, so you can quickly see the result without installing
|
||||
# MathJax, but it is strongly recommended to install a local copy of MathJax
|
||||
# before deployment.
|
||||
|
||||
MATHJAX_RELPATH = http://www.mathjax.org/mathjax
|
||||
|
||||
# The MATHJAX_EXTENSIONS tag can be used to specify one or MathJax extension
|
||||
# names that should be enabled during MathJax rendering.
|
||||
|
||||
MATHJAX_EXTENSIONS =
|
||||
|
||||
# When the SEARCHENGINE tag is enabled doxygen will generate a search box
|
||||
# for the HTML output. The underlying search engine uses javascript
|
||||
# and DHTML and should work on any modern browser. Note that when using
|
||||
@ -1182,6 +1250,13 @@ EXTRA_PACKAGES =
|
||||
|
||||
LATEX_HEADER =
|
||||
|
||||
# The LATEX_FOOTER tag can be used to specify a personal LaTeX footer for
|
||||
# the generated latex document. The footer should contain everything after
|
||||
# the last chapter. If it is left blank doxygen will generate a
|
||||
# standard footer. Notice: only use this tag if you know what you are doing!
|
||||
|
||||
LATEX_FOOTER =
|
||||
|
||||
# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated
|
||||
# is prepared for conversion to pdf (using ps2pdf). The pdf file will
|
||||
# contain links (just like the HTML output) instead of page references
|
||||
@ -1215,6 +1290,12 @@ LATEX_HIDE_INDICES = NO
|
||||
|
||||
LATEX_SOURCE_CODE = NO
|
||||
|
||||
# The LATEX_BIB_STYLE tag can be used to specify the style to use for the
|
||||
# bibliography, e.g. plainnat, or ieeetr. The default style is "plain". See
|
||||
# http://en.wikipedia.org/wiki/BibTeX for more info.
|
||||
|
||||
LATEX_BIB_STYLE = plain
|
||||
|
||||
#---------------------------------------------------------------------------
|
||||
# configuration options related to the RTF output
|
||||
#---------------------------------------------------------------------------
|
||||
@ -1246,7 +1327,7 @@ COMPACT_RTF = NO
|
||||
|
||||
RTF_HYPERLINKS = NO
|
||||
|
||||
# Load stylesheet definitions from file. Syntax is similar to doxygen's
|
||||
# Load style sheet definitions from file. Syntax is similar to doxygen's
|
||||
# config file, i.e. a series of assignments. You only have to provide
|
||||
# replacements, missing definitions are set to their default value.
|
||||
|
||||
@ -1391,7 +1472,7 @@ MACRO_EXPANSION = YES
|
||||
EXPAND_ONLY_PREDEF = NO
|
||||
|
||||
# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files
|
||||
# in the INCLUDE_PATH (see below) will be search if a #include is found.
|
||||
# pointed to by INCLUDE_PATH will be searched when a #include is found.
|
||||
|
||||
SEARCH_INCLUDES = YES
|
||||
|
||||
@ -1399,7 +1480,7 @@ SEARCH_INCLUDES = YES
|
||||
# contain include files that are not input files but should be processed by
|
||||
# the preprocessor.
|
||||
|
||||
INCLUDE_PATH =
|
||||
INCLUDE_PATH = .
|
||||
|
||||
# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard
|
||||
# patterns (like *.h and *.hpp) to filter out the header-files in the
|
||||
@ -1421,7 +1502,8 @@ PREDEFINED = HAVE_SSL
|
||||
# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then
|
||||
# this tag can be used to specify a list of macro names that should be expanded.
|
||||
# The macro definition that is found in the sources will be used.
|
||||
# Use the PREDEFINED tag if you want to use a different macro definition that overrules the definition found in the source code.
|
||||
# Use the PREDEFINED tag if you want to use a different macro definition that
|
||||
# overrules the definition found in the source code.
|
||||
|
||||
EXPAND_AS_DEFINED =
|
||||
|
||||
@ -1519,13 +1601,12 @@ HAVE_DOT = NO
|
||||
|
||||
DOT_NUM_THREADS = 0
|
||||
|
||||
# By default doxygen will write a font called Helvetica to the output
|
||||
# directory and reference it in all dot files that doxygen generates.
|
||||
# When you want a differently looking font you can specify the font name
|
||||
# using DOT_FONTNAME. You need to make sure dot is able to find the font,
|
||||
# which can be done by putting it in a standard location or by setting the
|
||||
# DOTFONTPATH environment variable or by setting DOT_FONTPATH to the directory
|
||||
# containing the font.
|
||||
# By default doxygen will use the Helvetica font for all dot files that
|
||||
# doxygen generates. When you want a differently looking font you can specify
|
||||
# the font name using DOT_FONTNAME. You need to make sure dot is able to find
|
||||
# the font, which can be done by putting it in a standard location or by setting
|
||||
# the DOTFONTPATH environment variable or by setting DOT_FONTPATH to the
|
||||
# directory containing the font.
|
||||
|
||||
DOT_FONTNAME = Helvetica
|
||||
|
||||
@ -1534,17 +1615,16 @@ DOT_FONTNAME = Helvetica
|
||||
|
||||
DOT_FONTSIZE = 10
|
||||
|
||||
# By default doxygen will tell dot to use the output directory to look for the
|
||||
# FreeSans.ttf font (which doxygen will put there itself). If you specify a
|
||||
# different font using DOT_FONTNAME you can set the path where dot
|
||||
# can find it using this tag.
|
||||
# By default doxygen will tell dot to use the Helvetica font.
|
||||
# If you specify a different font using DOT_FONTNAME you can use DOT_FONTPATH to
|
||||
# set the path where dot can find it.
|
||||
|
||||
DOT_FONTPATH =
|
||||
|
||||
# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen
|
||||
# will generate a graph for each documented class showing the direct and
|
||||
# indirect inheritance relations. Setting this tag to YES will force the
|
||||
# the CLASS_DIAGRAMS tag to NO.
|
||||
# CLASS_DIAGRAMS tag to NO.
|
||||
|
||||
CLASS_GRAPH = YES
|
||||
|
||||
@ -1614,11 +1694,22 @@ GRAPHICAL_HIERARCHY = YES
|
||||
DIRECTORY_GRAPH = YES
|
||||
|
||||
# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
|
||||
# generated by dot. Possible values are png, svg, gif or svg.
|
||||
# If left blank png will be used.
|
||||
# generated by dot. Possible values are svg, png, jpg, or gif.
|
||||
# If left blank png will be used. If you choose svg you need to set
|
||||
# HTML_FILE_EXTENSION to xhtml in order to make the SVG files
|
||||
# visible in IE 9+ (other browsers do not have this requirement).
|
||||
|
||||
DOT_IMAGE_FORMAT = png
|
||||
|
||||
# If DOT_IMAGE_FORMAT is set to svg, then this option can be set to YES to
|
||||
# enable generation of interactive SVG images that allow zooming and panning.
|
||||
# Note that this requires a modern browser other than Internet Explorer.
|
||||
# Tested and working are Firefox, Chrome, Safari, and Opera. For IE 9+ you
|
||||
# need to set HTML_FILE_EXTENSION to xhtml in order to make the SVG files
|
||||
# visible. Older versions of IE do not have SVG support.
|
||||
|
||||
INTERACTIVE_SVG = NO
|
||||
|
||||
# The tag DOT_PATH can be used to specify the path where the dot tool can be
|
||||
# found. If left blank, it is assumed the dot tool can be found in the path.
|
||||
|
||||
|
17
net.c
17
net.c
@ -110,12 +110,14 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf
|
||||
if ((ns->ss_family == AF_INET) &&
|
||||
(ldns_resolver_ip6(r) == LDNS_RESOLV_INET6)) {
|
||||
/* not reachable */
|
||||
LDNS_FREE(ns);
|
||||
continue;
|
||||
}
|
||||
|
||||
if ((ns->ss_family == AF_INET6) &&
|
||||
(ldns_resolver_ip6(r) == LDNS_RESOLV_INET)) {
|
||||
/* not reachable */
|
||||
LDNS_FREE(ns);
|
||||
continue;
|
||||
}
|
||||
#endif
|
||||
@ -182,7 +184,8 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf
|
||||
ldns_pkt_set_querytime(reply, (uint32_t)
|
||||
((tv_e.tv_sec - tv_s.tv_sec) * 1000) +
|
||||
(tv_e.tv_usec - tv_s.tv_usec) / 1000);
|
||||
ldns_pkt_set_answerfrom(reply, ns_array[i]);
|
||||
ldns_pkt_set_answerfrom(reply,
|
||||
ldns_rdf_clone(ns_array[i]));
|
||||
ldns_pkt_set_timestamp(reply, tv_s);
|
||||
ldns_pkt_set_size(reply, reply_size);
|
||||
break;
|
||||
@ -203,7 +206,7 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf
|
||||
return LDNS_STATUS_RES_NO_NS;
|
||||
}
|
||||
#ifdef HAVE_SSL
|
||||
if (tsig_mac && reply_bytes) {
|
||||
if (tsig_mac && reply && reply_bytes) {
|
||||
if (!ldns_pkt_tsig_verify(reply,
|
||||
reply_bytes,
|
||||
reply_size,
|
||||
@ -470,7 +473,7 @@ ldns_tcp_send_query(ldns_buffer *qbin, int sockfd,
|
||||
sendbuf = LDNS_XMALLOC(uint8_t, ldns_buffer_position(qbin) + 2);
|
||||
if(!sendbuf) return 0;
|
||||
ldns_write_uint16(sendbuf, ldns_buffer_position(qbin));
|
||||
memcpy(sendbuf + 2, ldns_buffer_export(qbin), ldns_buffer_position(qbin));
|
||||
memcpy(sendbuf + 2, ldns_buffer_begin(qbin), ldns_buffer_position(qbin));
|
||||
|
||||
bytes = sendto(sockfd, (void*)sendbuf,
|
||||
ldns_buffer_position(qbin) + 2, 0, (struct sockaddr *)to, tolen);
|
||||
@ -669,7 +672,7 @@ ldns_tcp_send(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storag
|
||||
}
|
||||
|
||||
/* resize accordingly */
|
||||
*result = (uint8_t*)LDNS_XREALLOC(answer, uint8_t *, (size_t)*answer_size);
|
||||
*result = LDNS_XREALLOC(answer, uint8_t, (size_t)*answer_size);
|
||||
if(!*result) {
|
||||
LDNS_FREE(answer);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
@ -807,6 +810,9 @@ ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class class)
|
||||
ns_i < ldns_resolver_nameserver_count(resolver) &&
|
||||
resolver->_socket == 0;
|
||||
ns_i++) {
|
||||
if (ns != NULL) {
|
||||
LDNS_FREE(ns);
|
||||
}
|
||||
ns = ldns_rdf2native_sockaddr_storage(
|
||||
resolver->_nameservers[ns_i],
|
||||
ldns_resolver_port(resolver), &ns_len);
|
||||
@ -837,6 +843,9 @@ ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class class)
|
||||
#endif
|
||||
resolver->_socket = 0;
|
||||
|
||||
ldns_pkt_free(query);
|
||||
LDNS_FREE(ns);
|
||||
|
||||
return LDNS_STATUS_CRYPTO_TSIG_ERR;
|
||||
}
|
||||
}
|
||||
|
136
packet.c
136
packet.c
@ -255,7 +255,6 @@ ldns_pkt_rr_list_by_name(ldns_pkt *packet,
|
||||
ldns_pkt_section sec)
|
||||
{
|
||||
ldns_rr_list *rrs;
|
||||
ldns_rr_list *new;
|
||||
ldns_rr_list *ret;
|
||||
uint16_t i;
|
||||
|
||||
@ -264,7 +263,6 @@ ldns_pkt_rr_list_by_name(ldns_pkt *packet,
|
||||
}
|
||||
|
||||
rrs = ldns_pkt_get_section_clone(packet, sec);
|
||||
new = ldns_rr_list_new();
|
||||
ret = NULL;
|
||||
|
||||
for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
|
||||
@ -272,8 +270,10 @@ ldns_pkt_rr_list_by_name(ldns_pkt *packet,
|
||||
ldns_rr_list_rr(rrs, i)),
|
||||
ownername) == 0) {
|
||||
/* owner names match */
|
||||
ldns_rr_list_push_rr(new, ldns_rr_list_rr(rrs, i));
|
||||
ret = new;
|
||||
if (ret == NULL) {
|
||||
ret = ldns_rr_list_new();
|
||||
}
|
||||
ldns_rr_list_push_rr(ret, ldns_rr_list_rr(rrs, i));
|
||||
}
|
||||
}
|
||||
return ret;
|
||||
@ -649,19 +649,27 @@ ldns_pkt_push_rr(ldns_pkt *packet, ldns_pkt_section section, ldns_rr *rr)
|
||||
{
|
||||
switch(section) {
|
||||
case LDNS_SECTION_QUESTION:
|
||||
ldns_rr_list_push_rr(ldns_pkt_question(packet), rr);
|
||||
if (!ldns_rr_list_push_rr(ldns_pkt_question(packet), rr)) {
|
||||
return false;
|
||||
}
|
||||
ldns_pkt_set_qdcount(packet, ldns_pkt_qdcount(packet) + 1);
|
||||
break;
|
||||
case LDNS_SECTION_ANSWER:
|
||||
ldns_rr_list_push_rr(ldns_pkt_answer(packet), rr);
|
||||
if (!ldns_rr_list_push_rr(ldns_pkt_answer(packet), rr)) {
|
||||
return false;
|
||||
}
|
||||
ldns_pkt_set_ancount(packet, ldns_pkt_ancount(packet) + 1);
|
||||
break;
|
||||
case LDNS_SECTION_AUTHORITY:
|
||||
ldns_rr_list_push_rr(ldns_pkt_authority(packet), rr);
|
||||
if (!ldns_rr_list_push_rr(ldns_pkt_authority(packet), rr)) {
|
||||
return false;
|
||||
}
|
||||
ldns_pkt_set_nscount(packet, ldns_pkt_nscount(packet) + 1);
|
||||
break;
|
||||
case LDNS_SECTION_ADDITIONAL:
|
||||
ldns_rr_list_push_rr(ldns_pkt_additional(packet), rr);
|
||||
if (!ldns_rr_list_push_rr(ldns_pkt_additional(packet), rr)) {
|
||||
return false;
|
||||
}
|
||||
ldns_pkt_set_arcount(packet, ldns_pkt_arcount(packet) + 1);
|
||||
break;
|
||||
case LDNS_SECTION_ANY:
|
||||
@ -783,6 +791,7 @@ ldns_pkt_free(ldns_pkt *packet)
|
||||
ldns_rr_list_deep_free(packet->_additional);
|
||||
ldns_rr_free(packet->_tsig_rr);
|
||||
ldns_rdf_deep_free(packet->_edns_data);
|
||||
ldns_rdf_deep_free(packet->_answerfrom);
|
||||
LDNS_FREE(packet);
|
||||
}
|
||||
}
|
||||
@ -817,6 +826,86 @@ ldns_pkt_set_flags(ldns_pkt *packet, uint16_t flags)
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
static ldns_status
|
||||
ldns_pkt_add_authsoa(ldns_pkt* packet, ldns_rdf* rr_name, ldns_rr_class rr_class)
|
||||
{
|
||||
ldns_rr* soa_rr = ldns_rr_new();
|
||||
ldns_rdf *owner_rdf;
|
||||
ldns_rdf *mname_rdf;
|
||||
ldns_rdf *rname_rdf;
|
||||
ldns_rdf *serial_rdf;
|
||||
ldns_rdf *refresh_rdf;
|
||||
ldns_rdf *retry_rdf;
|
||||
ldns_rdf *expire_rdf;
|
||||
ldns_rdf *minimum_rdf;
|
||||
|
||||
if (!soa_rr) {
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
owner_rdf = ldns_rdf_clone(rr_name);
|
||||
if (!owner_rdf) {
|
||||
ldns_rr_free(soa_rr);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
|
||||
ldns_rr_set_owner(soa_rr, owner_rdf);
|
||||
ldns_rr_set_type(soa_rr, LDNS_RR_TYPE_SOA);
|
||||
ldns_rr_set_class(soa_rr, rr_class);
|
||||
ldns_rr_set_question(soa_rr, false);
|
||||
|
||||
if (ldns_str2rdf_dname(&mname_rdf, ".") != LDNS_STATUS_OK) {
|
||||
ldns_rr_free(soa_rr);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
} else {
|
||||
ldns_rr_push_rdf(soa_rr, mname_rdf);
|
||||
}
|
||||
if (ldns_str2rdf_dname(&rname_rdf, ".") != LDNS_STATUS_OK) {
|
||||
ldns_rr_free(soa_rr);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
} else {
|
||||
ldns_rr_push_rdf(soa_rr, rname_rdf);
|
||||
}
|
||||
serial_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0);
|
||||
if (!serial_rdf) {
|
||||
ldns_rr_free(soa_rr);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
} else {
|
||||
ldns_rr_push_rdf(soa_rr, serial_rdf);
|
||||
}
|
||||
refresh_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0);
|
||||
if (!refresh_rdf) {
|
||||
ldns_rr_free(soa_rr);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
} else {
|
||||
ldns_rr_push_rdf(soa_rr, refresh_rdf);
|
||||
}
|
||||
retry_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0);
|
||||
if (!retry_rdf) {
|
||||
ldns_rr_free(soa_rr);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
} else {
|
||||
ldns_rr_push_rdf(soa_rr, retry_rdf);
|
||||
}
|
||||
expire_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0);
|
||||
if (!expire_rdf) {
|
||||
ldns_rr_free(soa_rr);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
} else {
|
||||
ldns_rr_push_rdf(soa_rr, expire_rdf);
|
||||
}
|
||||
minimum_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0);
|
||||
if (!minimum_rdf) {
|
||||
ldns_rr_free(soa_rr);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
} else {
|
||||
ldns_rr_push_rdf(soa_rr, minimum_rdf);
|
||||
}
|
||||
ldns_pkt_push_rr(packet, LDNS_SECTION_AUTHORITY, soa_rr);
|
||||
return LDNS_STATUS_OK;
|
||||
}
|
||||
|
||||
|
||||
ldns_status
|
||||
ldns_pkt_query_new_frm_str(ldns_pkt **p, const char *name, ldns_rr_type rr_type,
|
||||
ldns_rr_class rr_class, uint16_t flags)
|
||||
@ -851,21 +940,29 @@ ldns_pkt_query_new_frm_str(ldns_pkt **p, const char *name, ldns_rr_type rr_type,
|
||||
ldns_rr_set_type(question_rr, rr_type);
|
||||
ldns_rr_set_class(question_rr, rr_class);
|
||||
ldns_rr_set_question(question_rr, true);
|
||||
|
||||
|
||||
ldns_pkt_push_rr(packet, LDNS_SECTION_QUESTION, question_rr);
|
||||
} else {
|
||||
ldns_rr_free(question_rr);
|
||||
ldns_pkt_free(packet);
|
||||
return LDNS_STATUS_ERR;
|
||||
}
|
||||
|
||||
|
||||
/** IXFR? */
|
||||
if (rr_type == LDNS_RR_TYPE_IXFR) {
|
||||
if (ldns_pkt_add_authsoa(packet, name_rdf, rr_class) != LDNS_STATUS_OK) {
|
||||
ldns_pkt_free(packet);
|
||||
return LDNS_STATUS_ERR;
|
||||
}
|
||||
}
|
||||
|
||||
packet->_tsig_rr = NULL;
|
||||
|
||||
ldns_pkt_set_answerfrom(packet, NULL);
|
||||
if (p) {
|
||||
*p = packet;
|
||||
return LDNS_STATUS_OK;
|
||||
} else {
|
||||
ldns_pkt_free(packet);
|
||||
return LDNS_STATUS_NULL;
|
||||
}
|
||||
}
|
||||
@ -888,6 +985,7 @@ ldns_pkt_query_new(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_cla
|
||||
|
||||
question_rr = ldns_rr_new();
|
||||
if (!question_rr) {
|
||||
ldns_pkt_free(packet);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -902,11 +1000,17 @@ ldns_pkt_query_new(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_cla
|
||||
ldns_rr_set_type(question_rr, rr_type);
|
||||
ldns_rr_set_class(question_rr, rr_class);
|
||||
ldns_rr_set_question(question_rr, true);
|
||||
|
||||
packet->_tsig_rr = NULL;
|
||||
|
||||
ldns_pkt_push_rr(packet, LDNS_SECTION_QUESTION, question_rr);
|
||||
|
||||
/** IXFR? */
|
||||
if (rr_type == LDNS_RR_TYPE_IXFR) {
|
||||
if (ldns_pkt_add_authsoa(packet, rr_name, rr_class) != LDNS_STATUS_OK) {
|
||||
ldns_pkt_free(packet);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
packet->_tsig_rr = NULL;
|
||||
return packet;
|
||||
}
|
||||
|
||||
@ -980,7 +1084,9 @@ ldns_pkt_clone(ldns_pkt *pkt)
|
||||
ldns_pkt_set_ancount(new_pkt, ldns_pkt_ancount(pkt));
|
||||
ldns_pkt_set_nscount(new_pkt, ldns_pkt_nscount(pkt));
|
||||
ldns_pkt_set_arcount(new_pkt, ldns_pkt_arcount(pkt));
|
||||
ldns_pkt_set_answerfrom(new_pkt, ldns_pkt_answerfrom(pkt));
|
||||
if (ldns_pkt_answerfrom(pkt))
|
||||
ldns_pkt_set_answerfrom(new_pkt,
|
||||
ldns_rdf_clone(ldns_pkt_answerfrom(pkt)));
|
||||
ldns_pkt_set_querytime(new_pkt, ldns_pkt_querytime(pkt));
|
||||
ldns_pkt_set_size(new_pkt, ldns_pkt_size(pkt));
|
||||
ldns_pkt_set_tsig(new_pkt, ldns_rr_clone(ldns_pkt_tsig(pkt)));
|
||||
|
4
parse.c
4
parse.c
@ -161,7 +161,7 @@ ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *li
|
||||
return (ssize_t)i;
|
||||
|
||||
tokenread:
|
||||
ldns_fskipcs_l(f, delim, line_nr);
|
||||
ldns_fskipcs_l(f, del, line_nr);
|
||||
*t = '\0';
|
||||
if (p != 0) {
|
||||
return -1;
|
||||
@ -331,7 +331,7 @@ ldns_bget_token(ldns_buffer *b, char *token, const char *delim, size_t limit)
|
||||
return (ssize_t)i;
|
||||
|
||||
tokenread:
|
||||
ldns_bskipcs(b, delim);
|
||||
ldns_bskipcs(b, del);
|
||||
*t = '\0';
|
||||
|
||||
if (p != 0) {
|
||||
|
59
resolver.c
59
resolver.c
@ -253,13 +253,20 @@ ldns_resolver_pop_nameserver(ldns_resolver *r)
|
||||
|
||||
pop = nameservers[ns_count - 1];
|
||||
|
||||
nameservers = LDNS_XREALLOC(nameservers, ldns_rdf *, (ns_count - 1));
|
||||
rtt = LDNS_XREALLOC(rtt, size_t, (ns_count - 1));
|
||||
if (ns_count == 1) {
|
||||
LDNS_FREE(nameservers);
|
||||
LDNS_FREE(rtt);
|
||||
|
||||
ldns_resolver_set_nameservers(r, NULL);
|
||||
ldns_resolver_set_rtt(r, NULL);
|
||||
} else {
|
||||
nameservers = LDNS_XREALLOC(nameservers, ldns_rdf *,
|
||||
(ns_count - 1));
|
||||
rtt = LDNS_XREALLOC(rtt, size_t, (ns_count - 1));
|
||||
|
||||
if(nameservers)
|
||||
ldns_resolver_set_nameservers(r, nameservers);
|
||||
if(rtt)
|
||||
ldns_resolver_set_rtt(r, rtt);
|
||||
}
|
||||
/* decr the count */
|
||||
ldns_resolver_dec_nameserver_count(r);
|
||||
return pop;
|
||||
@ -385,7 +392,9 @@ ldns_resolver_push_dnssec_anchor(ldns_resolver *r, ldns_rr *rr)
|
||||
{
|
||||
ldns_rr_list * trust_anchors;
|
||||
|
||||
if ((!rr) || (ldns_rr_get_type(rr) != LDNS_RR_TYPE_DNSKEY)) {
|
||||
if ((!rr) || (ldns_rr_get_type(rr) != LDNS_RR_TYPE_DNSKEY &&
|
||||
ldns_rr_get_type(rr) != LDNS_RR_TYPE_DS)) {
|
||||
|
||||
return LDNS_STATUS_ERR;
|
||||
}
|
||||
|
||||
@ -800,8 +809,7 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr)
|
||||
gtr -= bgtr;
|
||||
if(word[0] == '#') {
|
||||
expect = LDNS_RESOLV_KEYWORD;
|
||||
ldns_buffer_free(b);
|
||||
continue;
|
||||
break;
|
||||
}
|
||||
tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, word);
|
||||
if (!tmp) {
|
||||
@ -817,8 +825,10 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr)
|
||||
(size_t) gtr + 1);
|
||||
}
|
||||
ldns_buffer_free(b);
|
||||
gtr = 1;
|
||||
expect = LDNS_RESOLV_KEYWORD;
|
||||
if (expect != LDNS_RESOLV_KEYWORD) {
|
||||
gtr = 1;
|
||||
expect = LDNS_RESOLV_KEYWORD;
|
||||
}
|
||||
break;
|
||||
case LDNS_RESOLV_SORTLIST:
|
||||
gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr);
|
||||
@ -885,6 +895,7 @@ ldns_resolver_new_frm_file(ldns_resolver **res, const char *filename)
|
||||
*res = r;
|
||||
return LDNS_STATUS_OK;
|
||||
} else {
|
||||
ldns_resolver_free(r);
|
||||
return LDNS_STATUS_NULL;
|
||||
}
|
||||
}
|
||||
@ -947,15 +958,12 @@ ldns_resolver_search(const ldns_resolver *r,const ldns_rdf *name,
|
||||
ldns_rr_type t, ldns_rr_class c, uint16_t flags)
|
||||
{
|
||||
|
||||
char *str_dname;
|
||||
ldns_rdf *new_name;
|
||||
ldns_rdf **search_list;
|
||||
size_t i;
|
||||
ldns_pkt *p;
|
||||
|
||||
str_dname = ldns_rdf2str(name);
|
||||
|
||||
if (ldns_dname_str_absolute(str_dname)) {
|
||||
if (ldns_dname_absolute(name)) {
|
||||
/* query as-is */
|
||||
return ldns_resolver_query(r, name, t, c, flags);
|
||||
} else if (ldns_resolver_dnsrch(r)) {
|
||||
@ -1017,9 +1025,6 @@ ldns_resolver_query(const ldns_resolver *r, const ldns_rdf *name,
|
||||
|
||||
newname = ldns_dname_cat_clone((const ldns_rdf*)name, ldns_resolver_domain(r));
|
||||
if (!newname) {
|
||||
if (pkt) {
|
||||
ldns_pkt_free(pkt);
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -1212,9 +1217,11 @@ ldns_resolver_send(ldns_pkt **answer, ldns_resolver *r, const ldns_rdf *name,
|
||||
ldns_resolver_tsig_keydata(r),
|
||||
300, ldns_resolver_tsig_algorithm(r), NULL);
|
||||
if (status != LDNS_STATUS_OK) {
|
||||
ldns_pkt_free(query_pkt);
|
||||
return LDNS_STATUS_CRYPTO_TSIG_ERR;
|
||||
}
|
||||
#else
|
||||
ldns_pkt_free(query_pkt);
|
||||
return LDNS_STATUS_CRYPTO_TSIG_ERR;
|
||||
#endif /* HAVE_SSL */
|
||||
}
|
||||
@ -1294,7 +1301,14 @@ ldns_axfr_next(ldns_resolver *resolver)
|
||||
return NULL;
|
||||
} else if (ldns_pkt_get_rcode(resolver->_cur_axfr_pkt) != 0) {
|
||||
rcode = ldns_lookup_by_id(ldns_rcodes, (int) ldns_pkt_get_rcode(resolver->_cur_axfr_pkt));
|
||||
fprintf(stderr, "Error in AXFR: %s\n", rcode->name);
|
||||
if (rcode) {
|
||||
fprintf(stderr, "Error in AXFR: %s\n",
|
||||
rcode->name);
|
||||
} else {
|
||||
fprintf(stderr, "Error in AXFR: %d\n",
|
||||
(int) ldns_pkt_get_rcode(
|
||||
resolver->_cur_axfr_pkt));
|
||||
}
|
||||
|
||||
/* RoRi: we must now also close the socket, otherwise subsequent uses of the
|
||||
same resolver structure will fail because the link is still open or
|
||||
@ -1333,17 +1347,22 @@ void
|
||||
ldns_resolver_nameservers_randomize(ldns_resolver *r)
|
||||
{
|
||||
uint16_t i, j;
|
||||
ldns_rdf **ns, *tmp;
|
||||
ldns_rdf **ns, *tmpns;
|
||||
size_t *rtt, tmprtt;
|
||||
|
||||
/* should I check for ldns_resolver_random?? */
|
||||
assert(r != NULL);
|
||||
|
||||
ns = ldns_resolver_nameservers(r);
|
||||
rtt = ldns_resolver_rtt(r);
|
||||
for (i = 0; i < ldns_resolver_nameserver_count(r); i++) {
|
||||
j = ldns_get_random() % ldns_resolver_nameserver_count(r);
|
||||
tmp = ns[i];
|
||||
tmpns = ns[i];
|
||||
ns[i] = ns[j];
|
||||
ns[j] = tmp;
|
||||
ns[j] = tmpns;
|
||||
tmprtt = rtt[i];
|
||||
rtt[i] = rtt[j];
|
||||
rtt[j] = tmprtt;
|
||||
}
|
||||
ldns_resolver_set_nameservers(r, ns);
|
||||
}
|
||||
|
32
rr.c
32
rr.c
@ -119,7 +119,7 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str,
|
||||
char *type = NULL;
|
||||
char *rdata = NULL;
|
||||
char *rd = NULL;
|
||||
char *b64 = NULL;
|
||||
char * b64 = NULL;
|
||||
size_t rd_strlen;
|
||||
const char *delimiters;
|
||||
ssize_t c;
|
||||
@ -477,6 +477,7 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str,
|
||||
ldns_buffer_free(rr_buf);
|
||||
LDNS_FREE(rdata);
|
||||
ldns_rr_free(new);
|
||||
LDNS_FREE(hex_data);
|
||||
return s;
|
||||
}
|
||||
LDNS_FREE(hex_data);
|
||||
@ -600,6 +601,9 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str,
|
||||
|
||||
if (newrr) {
|
||||
*newrr = new;
|
||||
} else {
|
||||
/* Maybe the caller just wanted to see if it would parse? */
|
||||
ldns_rr_free(new);
|
||||
}
|
||||
return LDNS_STATUS_OK;
|
||||
|
||||
@ -724,8 +728,13 @@ ldns_rr_new_frm_fp_l(ldns_rr **newrr, FILE *fp, uint32_t *default_ttl, ldns_rdf
|
||||
}
|
||||
}
|
||||
LDNS_FREE(line);
|
||||
if (newrr && s == LDNS_STATUS_OK) {
|
||||
*newrr = rr;
|
||||
if (s == LDNS_STATUS_OK) {
|
||||
if (newrr) {
|
||||
*newrr = rr;
|
||||
} else {
|
||||
/* Just testing if it would parse? */
|
||||
ldns_rr_free(rr);
|
||||
}
|
||||
}
|
||||
return s;
|
||||
}
|
||||
@ -1156,7 +1165,8 @@ ldns_rr_list_pop_rr_list(ldns_rr_list *rr_list, size_t howmany)
|
||||
i--;
|
||||
}
|
||||
|
||||
if (i == howmany) {
|
||||
if (i == howmany) { /* so i <= 0 */
|
||||
ldns_rr_list_free(popped);
|
||||
return NULL;
|
||||
} else {
|
||||
return popped;
|
||||
@ -1480,6 +1490,7 @@ ldns_rr_list_sort(ldns_rr_list *unsorted)
|
||||
LDNS_FREE(sortables[i]);
|
||||
}
|
||||
/* no way to return error */
|
||||
LDNS_FREE(sortables);
|
||||
return;
|
||||
}
|
||||
sortables[i]->original_object = ldns_rr_list_rr(unsorted, i);
|
||||
@ -1941,6 +1952,12 @@ static const ldns_rdf_type type_tsig_wireformat[] = {
|
||||
LDNS_RDF_TYPE_INT16,
|
||||
LDNS_RDF_TYPE_INT16_DATA
|
||||
};
|
||||
static const ldns_rdf_type type_tlsa_wireformat[] = {
|
||||
LDNS_RDF_TYPE_INT8,
|
||||
LDNS_RDF_TYPE_INT8,
|
||||
LDNS_RDF_TYPE_INT8,
|
||||
LDNS_RDF_TYPE_HEX
|
||||
};
|
||||
/** \endcond */
|
||||
|
||||
/** \cond */
|
||||
@ -2048,13 +2065,14 @@ static ldns_rr_descriptor rdata_field_descriptors[] = {
|
||||
/* 48 */
|
||||
{LDNS_RR_TYPE_DNSKEY, "DNSKEY", 4, 4, type_dnskey_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
|
||||
/* 49 */
|
||||
{LDNS_RR_TYPE_DHCID, "DHCID", 1, 1, type_dhcid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
|
||||
{LDNS_RR_TYPE_DHCID, "DHCID", 1, 1, type_dhcid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
|
||||
/* 50 */
|
||||
{LDNS_RR_TYPE_NSEC3, "NSEC3", 5, 6, type_nsec3_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
|
||||
/* 51 */
|
||||
{LDNS_RR_TYPE_NSEC3PARAM, "NSEC3PARAM", 4, 4, type_nsec3param_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
|
||||
{LDNS_RR_TYPE_NSEC3PARAM, "NSEC3PARAM", 4, 4, type_nsec3param_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
|
||||
/* 52 */
|
||||
{LDNS_RR_TYPE_NULL, "TYPE52", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
|
||||
{LDNS_RR_TYPE_TLSA, "TLSA", 4, 4, type_tlsa_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
|
||||
|
||||
{LDNS_RR_TYPE_NULL, "TYPE53", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
|
||||
{LDNS_RR_TYPE_NULL, "TYPE54", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
|
||||
{LDNS_RR_TYPE_NULL, "TYPE55", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
|
||||
|
@ -96,7 +96,7 @@ ldns_str2rdf_time(ldns_rdf **rd, const char *time)
|
||||
goto bad_format;
|
||||
}
|
||||
|
||||
l = htonl(mktime_from_utc(&tm));
|
||||
l = htonl(ldns_mktime_from_utc(&tm));
|
||||
memcpy(r, &l, sizeof(uint32_t));
|
||||
*rd = ldns_rdf_new_frm_data(
|
||||
LDNS_RDF_TYPE_TIME, sizeof(uint32_t), r);
|
||||
@ -534,6 +534,7 @@ ldns_str2rdf_apl(ldns_rdf **rd, const char *str)
|
||||
|
||||
data = LDNS_XMALLOC(uint8_t, 4 + afdlength);
|
||||
if(!data) {
|
||||
LDNS_FREE(afdpart);
|
||||
LDNS_FREE(my_ip_str);
|
||||
return LDNS_STATUS_INVALID_STR;
|
||||
}
|
||||
@ -1104,8 +1105,6 @@ ldns_str2rdf_wks(ldns_rdf **rd, const char *str)
|
||||
data[0] = (uint8_t) proto->p_proto;
|
||||
} else if (proto_str) {
|
||||
data[0] = (uint8_t) atoi(proto_str);
|
||||
} else {
|
||||
data[0] = 0;
|
||||
}
|
||||
memcpy(data + 1, bitmap, (size_t) bm_len);
|
||||
|
||||
|
12
tsig.c
12
tsig.c
@ -179,10 +179,12 @@ ldns_tsig_mac_new(ldns_rdf **tsig_mac, uint8_t *pkt_wire, size_t pkt_wire_size,
|
||||
return LDNS_STATUS_NULL;
|
||||
}
|
||||
canonical_key_name_rdf = ldns_rdf_clone(key_name_rdf);
|
||||
if (canonical_key_name_rdf == NULL) {
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
canonical_algorithm_rdf = ldns_rdf_clone(algorithm_rdf);
|
||||
|
||||
if (canonical_key_name_rdf == NULL
|
||||
|| canonical_algorithm_rdf == NULL) {
|
||||
if (canonical_algorithm_rdf == NULL) {
|
||||
ldns_rdf_deep_free(canonical_key_name_rdf);
|
||||
return LDNS_STATUS_MEM_ERR;
|
||||
}
|
||||
/*
|
||||
@ -266,8 +268,8 @@ ldns_tsig_mac_new(ldns_rdf **tsig_mac, uint8_t *pkt_wire, size_t pkt_wire_size,
|
||||
LDNS_FREE(key_bytes);
|
||||
LDNS_FREE(algorithm_name);
|
||||
ldns_buffer_free(data_buffer);
|
||||
ldns_rdf_free(canonical_algorithm_rdf);
|
||||
ldns_rdf_free(canonical_key_name_rdf);
|
||||
ldns_rdf_deep_free(canonical_algorithm_rdf);
|
||||
ldns_rdf_deep_free(canonical_key_name_rdf);
|
||||
return status;
|
||||
}
|
||||
#endif /* HAVE_SSL */
|
||||
|
9
util.c
9
util.c
@ -227,7 +227,7 @@ leap_days(int y1, int y2)
|
||||
* Code adapted from Python 2.4.1 sources (Lib/calendar.py).
|
||||
*/
|
||||
time_t
|
||||
mktime_from_utc(const struct tm *tm)
|
||||
ldns_mktime_from_utc(const struct tm *tm)
|
||||
{
|
||||
int year = 1900 + tm->tm_year;
|
||||
time_t days = 365 * ((time_t) year - 1970) + leap_days(1970, year);
|
||||
@ -251,6 +251,12 @@ mktime_from_utc(const struct tm *tm)
|
||||
return seconds;
|
||||
}
|
||||
|
||||
time_t
|
||||
mktime_from_utc(const struct tm *tm)
|
||||
{
|
||||
return ldns_mktime_from_utc(tm);
|
||||
}
|
||||
|
||||
#if SIZEOF_TIME_T <= 4
|
||||
|
||||
static void
|
||||
@ -398,6 +404,7 @@ ldns_init_random(FILE *fd, unsigned int size)
|
||||
|
||||
if (read < size) {
|
||||
LDNS_FREE(seed);
|
||||
if (!fd) fclose(rand_f);
|
||||
return 1;
|
||||
} else {
|
||||
#ifdef HAVE_SSL
|
||||
|
Loading…
Reference in New Issue
Block a user