d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Vendor import of BIND 9.3.1

Browse Source
This commit is contained in:
Doug Barton 2005-03-17 08:04:02 +00:00
parent 8e4912ed06
commit 6bc6438a36
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/vendor/bind9/dist/; revision=143731
123 changed files with 8352 additions and 1696 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

238
contrib/bind9/CHANGES
View File

@ -1,4 +1,238 @@
--- 9.3.1 released ---
1818. [bug] 'named-checkconf -z' triggered an INSIST. [RT #13599]
--- 9.3.1rc1 released ---
1812. [port] win32: IN6_IS_ADDR_UNSPECIFIED macro is incorrect.
[RT #13453]
1808. [bug] zone.c:notify_zone() contained a race condition,
zone->db could change underneath it. [RT #13511]
1806. [bug] The resolver returned the wrong result when a CNAME /
DNAME was encountered when fetching glue from a
secure namespace. [RT #13501]
1805. [bug] Pending status was not being cleared when DLV was
active. [RT #13501]
--- 9.3.1beta2 released ---
1800. [bug] Changes #1719 allowed a INSIST to be triggered.
[RT #13428]
--- 9.3.1beta1 released ---
1790. [cleanup] Move lib/dns/sec/dst up into lib/dns. This should
allow parallel make to succeed.
1789. [bug] Prerequisite test for tkey and dnssec could fail
with "configure --with-libtool".
1788. [bug] libbind9.la/libbind9.so needs to link against
libisccfg.la/libisccfg.so.
1787. [port] HPUX: both "cc" and "gcc" need -Wl,+vnocompatwarnings.
1786. [port] AIX: libt_api needs to be taught to look for
T_testlist in the main executable (--with-libtool).
[RT #13239]
1785. [bug] libbind9.la/libbind9.so needs to link against
libisc.la/libisc.so.
1784. [cleanup] "libtool -allow-undefined" is the default.
Leave hooks in configure to allow it to be set
if needed in the future.
1783. [cleanup] We only need one copy of libtool.m4, ltmain.sh in the
source tree.
1782. [port] OSX: --with-libtool + --enable-libbind broke on
__evOptMonoTime. [RT #13219]
1781. [port] FreeBSD 5.3: set PTHREAD_SCOPE_SYSTEM. [RT #12810]
1780. [bug] Update libtool to 1.5.10.
1779. [port] OSF 5.1: libtool didn't handle -pthread correctly.
1778. [port] HUX 11.11: fix broken IN6ADDR_ANY_INIT and
IN6ADDR_LOOPBACK_INIT macros.
1777. [port] OSF 5.1: fix broken IN6ADDR_ANY_INIT and
IN6ADDR_LOOPBACK_INIT macros.
1776. [port] Solaris 2.9: fix broken IN6ADDR_ANY_INIT and
IN6ADDR_LOOPBACK_INIT macros.
1775. [bug] Only compile getnetent_r.c when threaded. [RT #13205]
1774. [port] Aix: Silence compiler warnings / build failures.
[RT #13154]
1773. [bug] Fast retry on host / net unreachable. [RT #13153]
1770. [bug] named-checkconf failed to report missing a missing
file clause for rbt{64} master/hint zones. [RT#13009]
1769. [port] win32: change compiler flags /MTd ==> /MDd,
/MT ==> /MD.
1768. [bug] nsecnoexistnodata() could be called with a non-NSEC
rdataset. [RT #12907]
1767. [port] Builds on IPv6 platforms without IPv6 Advanced API
support for (struct in6_pktinfo) failed. [RT #13077]
1766. [bug] Update the master file timestamp on successful refresh
as well as the journal's timestamp. [RT# 13062]
1765. [bug] configure --with-openssl=auto failed. [RT #12937]
1764. [bug] dns_zone_replacedb failed to emit a error message
if there was no SOA record in the replacment db.
[RT #13016]
1762. [bug] isc_interfaceiter_create() could return ISC_R_SUCCESS
even when it failed. [RT #12995]
1761. [bug] 'rndc dumpdb' didn't report unassociated entries.
[RT #12971]
1760. [bug] Host / net unreachable was not penalising rtt
estimates. [RT #12970]
1759. [bug] Named failed to startup if the OS supported IPv6
but had no IPv6 interfaces configured. [RT #12942]
1754. [bug] We wern't always attempting to query the parent
server for the DS records at the zone cut.
[RT #12774]
1753. [bug] Don't serve a slave zone which has no NS records.
[RT #12894]
1752. [port] Move isc_app_start() to after ns_os_daemonise()
as some fork() implementations unblock the signals
that are blocked by isc_app_start(). [RT #12810]
1751. [bug] --enable-getifaddrs failed under linux. [RT #12867]
1750. [port] lib/bind/make/rules.in:subdirs was not bash friendly.
[RT #12864]
1749. [bug] 'check-names response ignore;' failed to ignore.
[RT #12866]
1747. [bug] BIND 8 compatability: named/named-checkconf failed
to parse "host-statistics-max" in named.conf.
1745. [bug] Dig/host/nslookup accept replies from link locals
regardless of scope if no scope was specified when
query was sent. [RT #12745]
1744. [bug] If tuple2msgname() failed to convert a tuple to
a name a REQUIRE could be triggered. [RT #12796]
1743. [bug] If isc_taskmgr_create() was not able to create the
requested number of worker threads then destruction
of the manager would trigger an INSIST() failure.
[RT #12790]
1742. [bug] Deleting all records at a node then adding a
previously existing record, in a single UPDATE
transaction, failed to leave / regenerate the
associated RRSIG records. [RT #12788]
1741. [bug] Deleting all records at a node in a secure zone
using a update-policy grant failed. [RT #12787]
1740. [bug] Replace rbt's hash algorithm as it performed badly
with certain zones. [RT #12729]
NOTE: a hash context now needs to be established
via isc_hash_create() if the application was not
already doing this.
1739. [bug] dns_rbt_deletetree() could incorrectly return
ISC_R_QUOTA. [RT #12695]
1738. [bug] Enable overrun checking by default. [RT #12695]
1737. [bug] named failed if more than 16 masters were specified.
[RT #12627]
1736. [bug] dst_key_fromnamedfile() could fail to read a
public key. [RT #12687]
1735. [bug] 'dig +sigtrace' could die with a REQUIRE failure.
[RE #12688]
1734. [cleanup] 'rndc-confgen -a -t' remove extra '/' in path.
[RT #12588]
1733. [bug] Return non-zero exit status on initial load failure.
[RT #12658]
1732. [bug] 'rrset-order name "*"' wasn't being applied to ".".
[RT #12467]
1731. [port] darwin: relax version test in ifconfig.sh.
[RT #12581]
1730. [port] Determine the length type used by the socket API.
[RT #12581]
1728. [doc] Update check-names documentation.
1727. [bug] named-checkzone: check-names support didn't match
documentation.
1726. [port] aix5: add support for aix5.
1725. [port] linux: update error message on interaction of threads,
capabilities and setuid support (named -u). [RT #12541]
1724. [bug] Look for DNSKEY records with "dig +sigtrace".
[RT #12557]
1723. [cleanup] Silence compiler warnings from t_tasks.c. [RT #12493]
1722. [bug] Don't commit the journal on malformed ixfr streams.
[RT #12519]
1721. [bug] Error message from the journal processing were not
always identifing the relevent journal. [RT #12519]
1720. [bug] 'dig +chase' did not terminate on a RFC 2308 Type 1
negative response. [RT #12506]
1719. [bug] named was not correctly caching a RFC 2308 Type 1
negative response. [RT #12506]
1718. [bug] nsupdate was not handling RFC 2308 Type 3 negative
responses when looking for the zone / master server.
[RT #12506]
1717. [port] solaris: ifconfig.sh did not support Solaris 10.
"ifconfig.sh down" didn't work for Solaris 9.
1716. [doc] named.conf(5) was being installed in the wrong
location. [RT# 12441]
1714. [bug] dig/host/nslookup were only trying the first
address when a nameserver was specified by name.
[RT #12286]
1713. [port] linux: extend capset failure message to say:
please ensure that the capset kernel module is
loaded. see insmod(8)
1712. [bug] Missing FULLCHECK for "trusted-key" in dig.
--- 9.3.0 released ---
1711. [func] 'rndc unfreeze' has been deprecated by 'rndc thaw'.
@ -299,6 +533,10 @@
1609. [func] dig now has support to chase DNSSEC signature chains.
Requires -DDIG_SIGCHASE=1 to be set in STD_CDEFINES.
DNSSEC validation code in dig coded by Olivier Courtay
(olivier.courtay@irisa.fr) for the IDsA project
(http://idsa.irisa.fr).
1608. [func] dig and host now accept -4/-6 to select IP transport
to use when making queries.

4
contrib/bind9/COPYRIGHT
View File

@ -1,4 +1,4 @@
Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
Copyright (C) 1996-2003 Internet Software Consortium.
Permission to use, copy, modify, and distribute this software for any
@ -13,7 +13,7 @@ LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
$Id: COPYRIGHT,v 1.6.2.2.8.2 2004/03/08 04:04:12 marka Exp $
$Id: COPYRIGHT,v 1.6.2.2.8.3 2005/01/10 23:51:37 marka Exp $
Portions Copyright (C) 1996-2001 Nominum, Inc.

16
contrib/bind9/FAQ
View File

@ -452,3 +452,19 @@ A: This is usually a configuration error.
Q: I don't get RRSIG's returned when I use "dig +dnssec".
A: You need to ensure DNSSEC is enabled (dnssec-enable yes;).
Q: I get "Error 1067" when starting named under Windows.
A: This is the service manager saying that named exited. You need to
examine the Application log in the EventViewer to find out why.
Common causes are that you failed to create "named.conf" (usually
"C:\windows\dns\etc\named.conf") or failed to specify the directory
in named.conf.
options {
Directory "C:\windows\dns\etc";
};

8
contrib/bind9/README
View File

@ -43,6 +43,13 @@ BIND 9
Nominum, Inc.
BIND 9.3.1
BIND 9.3.1 is a maintenance release, containing fixes for
a number of bugs in 9.3.0.
libbind: corresponds to that from BIND 8.4.6-REL.
BIND 9.3.0
BIND 9.3.0 has a number of new features over 9.2,
@ -295,6 +302,7 @@ Building
* gcc-3.2.1 and gcc-3.1.1 is known to cause problems with solaris-x86.
* gcc prior to gcc-3.2.3 ultrasparc generates incorrect code at -02.
* gcc-3.3.5 powerpc generates incorrect code at -02.
A limited test suite can be run with "make test". Many of
the tests require you to configure a set of virtual IP addresses

10
contrib/bind9/acconfig.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: acconfig.h,v 1.35.2.4.2.8 2004/05/21 08:24:04 marka Exp $ */
/* $Id: acconfig.h,v 1.35.2.4.2.10 2004/12/04 06:50:02 marka Exp $ */
/***
*** This file is not to be included by any public header files, because
@ -134,8 +134,14 @@ int sigwait(const unsigned int *set, int *sig);
/* define if you have strerror in the C library. */
#undef HAVE_STRERROR
/* Define if you are running under Compaq TruCluster.. */
/* Define if you are running under Compaq TruCluster. */
#undef HAVE_TRUCLUSTER
/* Define if OpenSSL includes DSA support */
#undef HAVE_OPENSSL_DSA
/* Define to the length type used by the socket API (socklen_t, size_t, int). */
#undef ISC_SOCKADDR_LEN_T
/* Define if threads need PTHREAD_SCOPE_SYSTEM */
#undef NEED_PTHREAD_SCOPE_SYSTEM

7
contrib/bind9/bin/check/check-tool.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: check-tool.c,v 1.4.12.5 2004/03/08 04:04:13 marka Exp $ */
/* $Id: check-tool.c,v 1.4.12.7 2004/11/30 01:15:40 marka Exp $ */
#include <config.h>
@ -32,6 +32,7 @@
#include <isc/types.h>
#include <dns/fixedname.h>
#include <dns/log.h>
#include <dns/name.h>
#include <dns/rdataclass.h>
#include <dns/types.h>
@ -48,7 +49,9 @@ static const char *dbtype[] = { "rbt" };
int debug = 0;
isc_boolean_t nomerge = ISC_TRUE;
unsigned int zone_options = DNS_ZONEOPT_CHECKNS|DNS_ZONEOPT_MANYERRORS;
unsigned int zone_options = DNS_ZONEOPT_CHECKNS |
DNS_ZONEOPT_MANYERRORS |
DNS_ZONEOPT_CHECKNAMES;
isc_result_t
setup_logging(isc_mem_t *mctx, isc_log_t **logp) {

15
contrib/bind9/bin/check/named-checkconf.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: named-checkconf.c,v 1.12.12.7 2004/03/08 09:04:14 marka Exp $ */
/* $Id: named-checkconf.c,v 1.12.12.9 2005/03/03 06:33:38 marka Exp $ */
#include <config.h>
@ -25,6 +25,8 @@
#include <isc/commandline.h>
#include <isc/dir.h>
#include <isc/entropy.h>
#include <isc/hash.h>
#include <isc/log.h>
#include <isc/mem.h>
#include <isc/result.h>
@ -35,6 +37,7 @@
#include <bind9/check.h>
#include <dns/fixedname.h>
#include <dns/log.h>
#include <dns/result.h>
@ -203,6 +206,7 @@ main(int argc, char **argv) {
isc_mem_t *mctx = NULL;
isc_result_t result;
int exit_status = 0;
isc_entropy_t *ectx = NULL;
isc_boolean_t load_zones = ISC_FALSE;
while ((c = isc_commandline_parse(argc, argv, "djt:vz")) != EOF) {
@ -252,6 +256,10 @@ main(int argc, char **argv) {
RUNTIME_CHECK(setup_logging(mctx, &logc) == ISC_R_SUCCESS);
RUNTIME_CHECK(isc_entropy_create(mctx, &ectx) == ISC_R_SUCCESS);
RUNTIME_CHECK(isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE)
== ISC_R_SUCCESS);
dns_result_register();
RUNTIME_CHECK(cfg_parser_create(mctx, logc, &parser) == ISC_R_SUCCESS);
@ -280,6 +288,9 @@ main(int argc, char **argv) {
isc_log_destroy(&logc);
isc_hash_destroy();
isc_entropy_detach(&ectx);
isc_mem_destroy(&mctx);
return (exit_status);

22
contrib/bind9/bin/check/named-checkzone.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: named-checkzone.c,v 1.13.2.3.8.9 2004/03/06 10:21:11 marka Exp $ */
/* $Id: named-checkzone.c,v 1.13.2.3.8.11 2004/10/25 01:36:06 marka Exp $ */
#include <config.h>
@ -24,6 +24,8 @@
#include <isc/app.h>
#include <isc/commandline.h>
#include <isc/dir.h>
#include <isc/entropy.h>
#include <isc/hash.h>
#include <isc/log.h>
#include <isc/mem.h>
#include <isc/socket.h>
@ -44,6 +46,7 @@
static int quiet = 0;
static isc_mem_t *mctx = NULL;
static isc_entropy_t *ectx = NULL;
dns_zone_t *zone = NULL;
dns_zonetype_t zonetype = dns_zone_master;
static int dumpzone = 0;
@ -63,7 +66,8 @@ static void
usage(void) {
fprintf(stderr,
"usage: named-checkzone [-djqvD] [-c class] [-o output] "
"[-t directory] [-w directory] [-k option] zonename filename\n");
"[-t directory] [-w directory] [-k (ignore|warn|fail)] "
"[-n (ignore|warn|fail)] zonename filename\n");
exit(1);
}
@ -111,12 +115,17 @@ main(int argc, char **argv) {
break;
case 'k':
if (!strcmp(isc_commandline_argument, "check-names")) {
if (!strcmp(isc_commandline_argument, "warn")) {
zone_options |= DNS_ZONEOPT_CHECKNAMES;
zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL;
} else if (!strcmp(isc_commandline_argument,
"check-names-fail")) {
"fail")) {
zone_options |= DNS_ZONEOPT_CHECKNAMES |
DNS_ZONEOPT_CHECKNAMESFAIL;
} else if (!strcmp(isc_commandline_argument,
"ignore")) {
zone_options &= ~(DNS_ZONEOPT_CHECKNAMES |
DNS_ZONEOPT_CHECKNAMESFAIL);
}
break;
@ -179,6 +188,9 @@ main(int argc, char **argv) {
dns_log_init(lctx);
dns_log_setcontext(lctx);
}
RUNTIME_CHECK(isc_entropy_create(mctx, &ectx) == ISC_R_SUCCESS);
RUNTIME_CHECK(isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE)
== ISC_R_SUCCESS);
dns_result_register();
@ -195,6 +207,8 @@ main(int argc, char **argv) {
destroy();
if (lctx != NULL)
isc_log_destroy(&lctx);
isc_hash_destroy();
isc_entropy_detach(&ectx);
isc_mem_destroy(&mctx);
return ((result == ISC_R_SUCCESS) ? 0 : 1);
}

67
contrib/bind9/bin/dig/dig.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dig.c,v 1.157.2.13.2.20 2004/06/23 04:19:40 marka Exp $ */
/* $Id: dig.c,v 1.157.2.13.2.25 2004/09/16 02:14:14 marka Exp $ */
#include <config.h>
#include <stdlib.h>
@ -41,6 +41,8 @@
#include <dns/rdataclass.h>
#include <dns/result.h>
#include <bind9/getaddresses.h>
#include <dig/dig.h>
extern ISC_LIST(dig_lookup_t) lookup_list;
@ -54,6 +56,7 @@ extern ISC_LIST(dig_searchlist_t) search_list;
isc_buffer_putstr(b, s); \
}
#define DIG_MAX_ADDRESSES 20
extern isc_boolean_t have_ipv4, have_ipv6, specified_source,
usesearch, qr;
@ -83,6 +86,7 @@ extern isc_boolean_t debugging, memdebugging;
static char *batchname = NULL;
static FILE *batchfp = NULL;
static char *argv0;
static int addresscount = 0;
static char domainopt[DNS_NAME_MAXTEXT];
@ -627,6 +631,15 @@ printgreeting(int argc, char **argv, dig_lookup_t *lookup) {
remaining = sizeof(lookup->cmdline) -
strlen(lookup->cmdline) - 1;
strncat(lookup->cmdline, "\n", remaining);
if (first && addresscount != 0) {
snprintf(append, sizeof(append),
"; (%d server%s found)\n",
addresscount,
addresscount > 1 ? "s" : "");
remaining = sizeof(lookup->cmdline) -
strlen(lookup->cmdline) - 1;
strncat(lookup->cmdline, append, remaining);
}
if (first) {
snprintf(append, sizeof(append),
";; global options: %s %s\n",
@ -1008,7 +1021,7 @@ plus_option(char *option, isc_boolean_t is_batchfile,
lookup->stats = ISC_FALSE;
lookup->section_additional = ISC_FALSE;
lookup->section_authority = ISC_TRUE;
lookup->section_question = ISC_FALSE;
lookup->section_question = ISC_FALSE;
}
break;
case 'i': /* tries */
@ -1024,6 +1037,7 @@ plus_option(char *option, isc_boolean_t is_batchfile,
break;
#ifdef DIG_SIGCHASE
case 'u': /* trusted-key */
FULLCHECK("trusted-key");
if (value == NULL)
goto need_value;
if (!state)
@ -1068,8 +1082,7 @@ static const char *single_dash_opts = "46dhimnv";
static const char *dash_opts = "46bcdfhikmnptvyx";
static isc_boolean_t
dash_option(char *option, char *next, dig_lookup_t **lookup,
isc_boolean_t *open_type_class, isc_boolean_t *firstarg,
int argc, char **argv)
isc_boolean_t *open_type_class)
{
char opt, *value, *ptr;
isc_result_t result;
@ -1274,10 +1287,6 @@ dash_option(char *option, char *next, dig_lookup_t **lookup,
if (!(*lookup)->rdclassset)
(*lookup)->rdclass = dns_rdataclass_in;
(*lookup)->new_search = ISC_TRUE;
if (*lookup && *firstarg) {
printgreeting(argc, argv, *lookup);
*firstarg = ISC_FALSE;
}
ISC_LIST_APPEND(lookup_list, *lookup, link);
} else {
fprintf(stderr, "Invalid IP address %s\n", value);
@ -1324,13 +1333,36 @@ preparse_args(int argc, char **argv) {
}
}
static void
getaddresses(dig_lookup_t *lookup, const char *host) {
isc_result_t result;
isc_sockaddr_t sockaddrs[DIG_MAX_ADDRESSES];
isc_netaddr_t netaddr;
int count, i;
dig_server_t *srv;
char tmp[ISC_NETADDR_FORMATSIZE];
result = bind9_getaddresses(host, 0, sockaddrs,
DIG_MAX_ADDRESSES, &count);
if (result != ISC_R_SUCCESS)
fatal("couldn't get address for '%s': %s",
host, isc_result_totext(result));
for (i = 0; i < count; i++) {
isc_netaddr_fromsockaddr(&netaddr, &sockaddrs[i]);
isc_netaddr_format(&netaddr, tmp, sizeof(tmp));
srv = make_server(tmp, host);
ISC_LIST_APPEND(lookup->my_server_list, srv, link);
}
addresscount = count;
}
static void
parse_args(isc_boolean_t is_batchfile, isc_boolean_t config_only,
int argc, char **argv) {
isc_result_t result;
isc_textregion_t tr;
isc_boolean_t firstarg = ISC_TRUE;
dig_server_t *srv = NULL;
dig_lookup_t *lookup = NULL;
dns_rdatatype_t rdtype;
dns_rdataclass_t rdclass;
@ -1410,24 +1442,20 @@ parse_args(isc_boolean_t is_batchfile, isc_boolean_t config_only,
if (strncmp(rv[0], "%", 1) == 0)
break;
if (strncmp(rv[0], "@", 1) == 0) {
srv = make_server(&rv[0][1]);
ISC_LIST_APPEND(lookup->my_server_list,
srv, link);
getaddresses(lookup, &rv[0][1]);
} else if (rv[0][0] == '+') {
plus_option(&rv[0][1], is_batchfile,
lookup);
} else if (rv[0][0] == '-') {
if (rc <= 1) {
if (dash_option(&rv[0][1], NULL,
&lookup, &open_type_class,
&firstarg, argc, argv)) {
&lookup, &open_type_class)) {
rc--;
rv++;
}
} else {
if (dash_option(&rv[0][1], rv[1],
&lookup, &open_type_class,
&firstarg, argc, argv)) {
&lookup, &open_type_class)) {
rc--;
rv++;
}
@ -1498,10 +1526,6 @@ parse_args(isc_boolean_t is_batchfile, isc_boolean_t config_only,
if (!config_only) {
lookup = clone_lookup(default_lookup,
ISC_TRUE);
if (firstarg) {
printgreeting(argc, argv, lookup);
firstarg = ISC_FALSE;
}
strncpy(lookup->textname, rv[0],
sizeof(lookup->textname));
lookup->textname[sizeof(lookup->textname)-1]=0;
@ -1568,6 +1592,9 @@ parse_args(isc_boolean_t is_batchfile, isc_boolean_t config_only,
firstarg = ISC_FALSE;
}
ISC_LIST_APPEND(lookup_list, lookup, link);
} else if (!config_only && firstarg) {
printgreeting(argc, argv, lookup);
firstarg = ISC_FALSE;
}
}

87
contrib/bind9/bin/dig/dighost.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dighost.c,v 1.221.2.19.2.14 2004/06/30 23:57:52 marka Exp $ */
/* $Id: dighost.c,v 1.221.2.19.2.20 2004/11/22 23:30:31 marka Exp $ */
/*
* Notice to programmers: Do not use this code as an example of how to
@ -290,6 +290,8 @@ struct_tk_list tk_list = { {NULL, NULL, NULL, NULL, NULL}, 0};
#endif
#define DIG_MAX_ADDRESSES 20
/*
* Apply and clear locks at the event level in global task.
* Can I get rid of these using shutdown events? XXX
@ -493,7 +495,7 @@ check_result(isc_result_t result, const char *msg) {
* of finding the answer the user is looking for
*/
dig_server_t *
make_server(const char *servname) {
make_server(const char *servname, const char *userarg) {
dig_server_t *srv;
REQUIRE(servname != NULL);
@ -504,10 +506,13 @@ make_server(const char *servname) {
fatal("memory allocation failure in %s:%d",
__FILE__, __LINE__);
strncpy(srv->servername, servname, MXNAME);
strncpy(srv->userarg, userarg, MXNAME);
srv->servername[MXNAME-1] = 0;
srv->userarg[MXNAME-1] = 0;
ISC_LINK_INIT(srv, link);
return (srv);
}
static int
addr2af(int lwresaddrtype)
{
@ -525,6 +530,7 @@ addr2af(int lwresaddrtype)
return (af);
}
/*
* Create a copy of the server list from the lwres configuration structure.
* The dest list must have already had ISC_LIST_INIT applied.
@ -542,11 +548,12 @@ copy_server_list(lwres_conf_t *confdata, dig_serverlist_t *dest) {
lwres_net_ntop(af, confdata->nameservers[i].address,
tmp, sizeof(tmp));
newsrv = make_server(tmp);
newsrv = make_server(tmp, tmp);
ISC_LINK_INIT(newsrv, link);
ISC_LIST_ENQUEUE(*dest, newsrv, link);
}
}
void
flush_server_list(void) {
dig_server_t *s, *ps;
@ -560,18 +567,35 @@ flush_server_list(void) {
isc_mem_free(mctx, ps);
}
}
void
set_nameserver(char *opt) {
isc_result_t result;
isc_sockaddr_t sockaddrs[DIG_MAX_ADDRESSES];
isc_netaddr_t netaddr;
int count, i;
dig_server_t *srv;
char tmp[ISC_NETADDR_FORMATSIZE];
if (opt == NULL)
return;
result = bind9_getaddresses(opt, 0, sockaddrs,
DIG_MAX_ADDRESSES, &count);
if (result != ISC_R_SUCCESS)
fatal("couldn't get address for '%s': %s",
opt, isc_result_totext(result));
flush_server_list();
srv = make_server(opt);
if (srv == NULL)
fatal("memory allocation failure");
ISC_LIST_INITANDAPPEND(server_list, srv, link);
for (i = 0; i < count; i++) {
isc_netaddr_fromsockaddr(&netaddr, &sockaddrs[i]);
isc_netaddr_format(&netaddr, tmp, sizeof(tmp));
srv = make_server(tmp, opt);
if (srv == NULL)
fatal("memory allocation failure");
ISC_LIST_APPEND(server_list, srv, link);
}
}
static isc_result_t
@ -613,7 +637,7 @@ clone_server_list(dig_serverlist_t src, dig_serverlist_t *dest) {
debug("clone_server_list()");
srv = ISC_LIST_HEAD(src);
while (srv != NULL) {
newsrv = make_server(srv->servername);
newsrv = make_server(srv->servername, srv->userarg);
ISC_LINK_INIT(newsrv, link);
ISC_LIST_ENQUEUE(*dest, newsrv, link);
srv = ISC_LIST_NEXT(srv, link);
@ -1392,6 +1416,13 @@ followup_lookup(dns_message_t *msg, dig_query_t *query, dns_section_t section)
name = NULL;
dns_message_currentname(msg, section, &name);
if (section == DNS_SECTION_AUTHORITY) {
rdataset = NULL;
result = dns_message_findtype(name, dns_rdatatype_soa,
0, &rdataset);
if (result == ISC_R_SUCCESS)
return (0);
}
rdataset = NULL;
result = dns_message_findtype(name, dns_rdatatype_ns, 0,
&rdataset);
@ -1436,7 +1467,7 @@ followup_lookup(dns_message_t *msg, dig_query_t *query, dns_section_t section)
query->lookup->ns_search_only;
lookup->trace_root = ISC_FALSE;
}
srv = make_server(namestr);
srv = make_server(namestr, namestr);
debug("adding server %s", srv->servername);
ISC_LIST_APPEND(lookup->my_server_list, srv, link);
dns_rdata_reset(&rdata);
@ -1800,6 +1831,7 @@ setup_lookup(dig_lookup_t *lookup) {
query->first_rr_serial = 0;
query->second_rr_serial = 0;
query->servname = serv->servername;
query->userarg = serv->userarg;
query->rr_count = 0;
query->msg_count = 0;
ISC_LINK_INIT(query, link);
@ -2581,11 +2613,26 @@ recv_done(isc_task_t *task, isc_event_t *event) {
else
isc_sockaddr_any6(&any);
#ifdef ISC_PLATFORM_HAVESCOPEID
/*
* We don't expect a match when the packet is
* sent to 0.0.0.0, :: or to a multicast addresses.
* XXXMPA broadcast needs to be handled here as well.
*/
* Accept answers from any scope if we havn't specified the
* scope as long as the address and port match.
*/
if (isc_sockaddr_pf(&query->sockaddr) == AF_INET6 &&
query->sockaddr.type.sin6.sin6_scope_id == 0 &&
memcmp(&sevent->address.type.sin6.sin6_addr,
&query->sockaddr.type.sin6.sin6_addr,
sizeof(query->sockaddr.type.sin6.sin6_addr)) == 0 &&
isc_sockaddr_getport(&sevent->address) ==
isc_sockaddr_getport(&query->sockaddr))
/* empty */;
else
#endif
/*
* We don't expect a match above when the packet is
* sent to 0.0.0.0, :: or to a multicast addresses.
* XXXMPA broadcast needs to be handled here as well.
*/
if ((!isc_sockaddr_eqaddr(&query->sockaddr, &any) &&
!isc_sockaddr_ismulticast(&query->sockaddr)) ||
isc_sockaddr_getport(&query->sockaddr) !=
@ -3564,8 +3611,8 @@ get_trusted_key(isc_mem_t *mctx)
return ISC_R_FAILURE;
}
fclose(fptemp);
result = dst_key_fromnamedfile(filetemp, DST_TYPE_PUBLIC |
DST_TYPE_KEY, mctx, &key);
result = dst_key_fromnamedfile(filetemp, DST_TYPE_PUBLIC,
mctx, &key);
removetmpkey(mctx, filetemp);
isc_mem_free(mctx, filetemp);
if (result != ISC_R_SUCCESS ) {
@ -3688,7 +3735,7 @@ prepare_lookup(dns_name_t *name)
dns_rdata_reset(&aaaa);
srv = make_server(namestr);
srv = make_server(namestr, namestr);
ISC_LIST_APPEND(lookup->my_server_list,
srv, link);
@ -3718,7 +3765,7 @@ prepare_lookup(dns_name_t *name)
printf("ns name: %s\n", namestr);
srv = make_server(namestr);
srv = make_server(namestr, namestr);
ISC_LIST_APPEND(lookup->my_server_list,
srv, link);
@ -3730,7 +3777,7 @@ prepare_lookup(dns_name_t *name)
printf("ns name: ");
dns_name_print(&ns.name, stdout);
printf("\n");
srv = make_server(namestr);
srv = make_server(namestr, namestr);
ISC_LIST_APPEND(lookup->my_server_list, srv, link);
@ -4905,7 +4952,7 @@ prove_nx_domain(dns_message_t *msg,
dns_rdataset_t * nsecset = NULL;
dns_rdataset_t * signsecset = NULL ;
dns_rdata_t nsec = DNS_RDATA_INIT;
dns_name_t * nsecname = NULL;
dns_name_t * nsecname;
dns_rdata_nsec_t nsecstruct;
if ((result = dns_message_firstname(msg, DNS_SECTION_AUTHORITY))
@ -4916,6 +4963,7 @@ prove_nx_domain(dns_message_t *msg,
}
do {
nsecname = NULL;
dns_message_currentname(msg, DNS_SECTION_AUTHORITY, &nsecname);
nsecset = search_type(nsecname, dns_rdatatype_nsec,
dns_rdatatype_any);
@ -4961,7 +5009,6 @@ prove_nx_domain(dns_message_t *msg,
dns_rdata_freestruct(&nsecstruct);
}
nsecname = NULL;
} while (dns_message_nextname(msg, DNS_SECTION_AUTHORITY)
== ISC_R_SUCCESS);

4
contrib/bind9/bin/dig/host.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: host.c,v 1.76.2.5.2.9 2004/04/13 03:00:06 marka Exp $ */
/* $Id: host.c,v 1.76.2.5.2.10 2004/09/06 01:33:05 marka Exp $ */
#include <config.h>
#include <limits.h>
@ -386,7 +386,7 @@ printmessage(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers) {
char sockstr[ISC_SOCKADDR_FORMATSIZE];
printf("Using domain server:\n");
printf("Name: %s\n", query->servname);
printf("Name: %s\n", query->userarg);
isc_sockaddr_format(&query->sockaddr, sockstr,
sizeof(sockstr));
printf("Address: %s\n", sockstr);

6
contrib/bind9/bin/dig/include/dig/dig.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dig.h,v 1.71.2.6.2.6 2004/06/19 02:30:12 sra Exp $ */
/* $Id: dig.h,v 1.71.2.6.2.7 2004/09/06 01:33:06 marka Exp $ */
#ifndef DIG_H
#define DIG_H
@ -192,6 +192,7 @@ struct dig_query {
isc_uint32_t msg_count;
isc_uint32_t rr_count;
char *servname;
char *userarg;
isc_bufferlist_t sendlist,
recvlist,
lengthlist;
@ -209,6 +210,7 @@ struct dig_query {
struct dig_server {
char servername[MXNAME];
char userarg[MXNAME];
ISC_LINK(dig_server_t) link;
};
@ -272,7 +274,7 @@ dig_lookup_t *
clone_lookup(dig_lookup_t *lookold, isc_boolean_t servers);
dig_server_t *
make_server(const char *servname);
make_server(const char *servname, const char *userarg);
void
flush_server_list(void);

8
contrib/bind9/bin/dig/nslookup.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: nslookup.c,v 1.90.2.4.2.7 2004/08/18 23:25:58 marka Exp $ */
/* $Id: nslookup.c,v 1.90.2.4.2.8 2004/09/06 01:33:05 marka Exp $ */
#include <config.h>
@ -402,7 +402,7 @@ printmessage(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers) {
debug("printmessage()");
isc_sockaddr_format(&query->sockaddr, servtext, sizeof(servtext));
printf("Server:\t\t%s\n", query->servname);
printf("Server:\t\t%s\n", query->userarg);
printf("Address:\t%s\n", servtext);
puts("");
@ -461,7 +461,7 @@ show_settings(isc_boolean_t full, isc_boolean_t serv_only) {
get_address(srv->servername, port, &sockaddr);
isc_sockaddr_format(&sockaddr, sockstr, sizeof(sockstr));
printf("Default server: %s\nAddress: %s\n",
srv->servername, sockstr);
srv->userarg, sockstr);
if (!full)
return;
srv = ISC_LIST_NEXT(srv, link);
@ -738,7 +738,9 @@ get_next_command(void) {
setoption(arg);
else if ((strcasecmp(ptr, "server") == 0) ||
(strcasecmp(ptr, "lserver") == 0)) {
isc_app_block();
set_nameserver(arg);
isc_app_unblock();
show_settings(ISC_TRUE, ISC_TRUE);
} else if (strcasecmp(ptr, "exit") == 0) {
in_use = ISC_FALSE;

9
contrib/bind9/bin/dnssec/dnssec-signzone.c
View File

@ -16,7 +16,7 @@
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dnssec-signzone.c,v 1.139.2.2.4.16 2004/08/28 06:25:29 marka Exp $ */
/* $Id: dnssec-signzone.c,v 1.139.2.2.4.17 2004/10/25 01:36:06 marka Exp $ */
#include <config.h>
@ -28,6 +28,7 @@
#include <isc/entropy.h>
#include <isc/event.h>
#include <isc/file.h>
#include <isc/hash.h>
#include <isc/mem.h>
#include <isc/mutex.h>
#include <isc/os.h>
@ -1824,6 +1825,11 @@ main(int argc, char *argv[]) {
eflags = ISC_ENTROPY_BLOCKING;
if (!pseudorandom)
eflags |= ISC_ENTROPY_GOODONLY;
result = isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE);
if (result != ISC_R_SUCCESS)
fatal("could not create hash context");
result = dst_lib_init(mctx, ectx, eflags);
if (result != ISC_R_SUCCESS)
fatal("could not initialize dst");
@ -2086,6 +2092,7 @@ main(int argc, char *argv[]) {
cleanup_logging(&log);
dst_lib_destroy();
isc_hash_destroy();
cleanup_entropy(&ectx);
if (verbose > 10)
isc_mem_stats(mctx, stdout);

8
contrib/bind9/bin/named/Makefile.in
View File

@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.74.12.10 2004/08/21 06:22:40 marka Exp $
# $Id: Makefile.in,v 1.74.12.11 2004/09/06 21:47:25 marka Exp $
srcdir = @srcdir@
VPATH = @srcdir@
@ -123,9 +123,13 @@ clean distclean maintainer-clean::
installdirs:
$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${sbindir}
$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man5
$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man8
install:: named@EXEEXT@ lwresd@EXEEXT@ installdirs
${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named@EXEEXT@ ${DESTDIR}${sbindir}
(cd ${DESTDIR}${sbindir}; rm -f lwresd@EXEEXT@; @LN@ named@EXEEXT@ lwresd@EXEEXT@)
for m in ${MANPAGES}; do ${INSTALL_DATA} ${srcdir}/$$m ${DESTDIR}${mandir}/man8; done
${INSTALL_DATA} ${srcdir}/named.8 ${DESTDIR}${mandir}/man8
${INSTALL_DATA} ${srcdir}/lwresd.8 ${DESTDIR}${mandir}/man8
${INSTALL_DATA} ${srcdir}/named.conf.5 ${DESTDIR}${mandir}/man5

4
contrib/bind9/bin/named/client.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: client.c,v 1.176.2.13.4.22 2004/07/23 02:56:51 marka Exp $ */
/* $Id: client.c,v 1.176.2.13.4.23 2004/09/26 22:37:43 marka Exp $ */
#include <config.h>
@ -1938,7 +1938,7 @@ client_udprecv(ns_client_t *client) {
client->task, client->recvevent, 0);
if (result != ISC_R_SUCCESS) {
UNEXPECTED_ERROR(__FILE__, __LINE__,
"isc_socket_recv() failed: %s",
"isc_socket_recv2() failed: %s",
isc_result_totext(result));
/*
* This cannot happen in the current implementation, since

6
contrib/bind9/bin/named/config.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: config.c,v 1.11.2.4.8.28 2004/08/28 05:41:42 marka Exp $ */
/* $Id: config.c,v 1.11.2.4.8.29 2004/10/05 02:52:26 marka Exp $ */
#include <config.h>
@ -555,8 +555,8 @@ ns_config_getipandkeylist(cfg_obj_t *config, cfg_obj_t *list, isc_mem_t *mctx,
if (new == NULL)
goto cleanup;
if (keycount != 0) {
memcpy(new, keys, newsize);
isc_mem_put(mctx, keys, newsize);
memcpy(new, keys, oldsize);
isc_mem_put(mctx, keys, oldsize);
}
keys = new;
keycount = newlen;

2
contrib/bind9/bin/named/control.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: control.c,v 1.7.2.2.2.10.4.1 2004/09/20 01:00:00 marka Exp $ */
/* $Id: control.c,v 1.7.2.2.2.11 2004/09/03 03:43:31 marka Exp $ */
#include <config.h>

2
contrib/bind9/bin/named/include/named/control.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: control.h,v 1.6.2.2.2.6.6.1 2004/09/20 01:00:01 marka Exp $ */
/* $Id: control.h,v 1.6.2.2.2.7 2004/09/03 03:43:32 marka Exp $ */
#ifndef NAMED_CONTROL_H
#define NAMED_CONTROL_H 1

16
contrib/bind9/bin/named/main.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: main.c,v 1.119.2.3.2.16 2004/09/01 07:16:35 marka Exp $ */
/* $Id: main.c,v 1.119.2.3.2.17 2004/10/25 00:42:54 marka Exp $ */
#include <config.h>
@ -605,6 +605,15 @@ setup(void) {
if (!ns_g_foreground)
ns_os_daemonize();
/*
* We call isc_app_start() here as some versions of FreeBSD's fork()
* destroys all the signal handling it sets up.
*/
result = isc_app_start();
if (result != ISC_R_SUCCESS)
ns_main_earlyfatal("isc_app_start() failed: %s",
isc_result_totext(result));
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
ISC_LOG_NOTICE, "starting BIND %s%s", ns_g_version,
saved_command_line);
@ -801,11 +810,6 @@ main(int argc, char *argv[]) {
ns_os_init(program_name);
result = isc_app_start();
if (result != ISC_R_SUCCESS)
ns_main_earlyfatal("isc_app_start() failed: %s",
isc_result_totext(result));
dns_result_register();
dst_result_register();
isccc_result_register();

3
contrib/bind9/bin/named/named.conf.5
View File

@ -12,7 +12,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: named.conf.5,v 1.1.4.2 2004/08/21 07:35:01 marka Exp $
.\" $Id: named.conf.5,v 1.1.4.3 2004/10/18 02:33:06 marka Exp $
.\"
.TH "NAMED.CONF" "5" "Aug 13, 2004" "BIND9" ""
.SH NAME
@ -142,6 +142,7 @@ options {
files \fIsize\fR;
heartbeat-interval \fIinteger\fR;
host-statistics \fIboolean\fR; // not implemented
host-statistics-max \fInumber\fR; // not implemented
hostname ( \fIquoted_string\fR | none );
interface-interval \fIinteger\fR;
listen-on [ port \fIinteger\fR ] { \fIaddress_match_element\fR; ... };

3
contrib/bind9/bin/named/named.conf.docbook
View File

@ -15,7 +15,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named.conf.docbook,v 1.1.4.1 2004/08/20 22:02:38 marka Exp $ -->
<!-- $Id: named.conf.docbook,v 1.1.4.2 2004/10/17 23:19:49 marka Exp $ -->
<refentry>
<refentryinfo>
@ -177,6 +177,7 @@ options {
files <replaceable>size</replaceable>;
heartbeat-interval <replaceable>integer</replaceable>;
host-statistics <replaceable>boolean</replaceable>; // not implemented
host-statistics-max <replaceable>number</replaceable>; // not implemented
hostname ( <replaceable>quoted_string</replaceable> | none );
interface-interval <replaceable>integer</replaceable>;
listen-on <optional> port <replaceable>integer</replaceable> </optional> { <replaceable>address_match_element</replaceable>; ... };

14
contrib/bind9/bin/named/named.conf.html
View File

@ -14,7 +14,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named.conf.html,v 1.1.4.3 2004/08/22 23:38:59 marka Exp $ -->
<!-- $Id: named.conf.html,v 1.1.4.4 2004/10/18 02:33:06 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
@ -469,6 +469,10 @@ CLASS="REPLACEABLE"
host-statistics&nbsp;<VAR
CLASS="REPLACEABLE"
>boolean</VAR
>;&nbsp;//&nbsp;not&nbsp;implemented<br>
host-statistics-max&nbsp;<VAR
CLASS="REPLACEABLE"
>number</VAR
>;&nbsp;//&nbsp;not&nbsp;implemented<br>
hostname&nbsp;(&nbsp;<VAR
CLASS="REPLACEABLE"
@ -1038,7 +1042,7 @@ CLASS="REPLACEABLE"
><DIV
CLASS="REFSECT1"
><A
NAME="AEN271"
NAME="AEN272"
></A
><H2
>VIEW</H2
@ -1530,7 +1534,7 @@ CLASS="REPLACEABLE"
><DIV
CLASS="REFSECT1"
><A
NAME="AEN397"
NAME="AEN398"
></A
><H2
>ZONE</H2
@ -1848,7 +1852,7 @@ CLASS="REPLACEABLE"
><DIV
CLASS="REFSECT1"
><A
NAME="AEN479"
NAME="AEN480"
></A
><H2
>FILES</H2
@ -1861,7 +1865,7 @@ CLASS="FILENAME"
><DIV
CLASS="REFSECT1"
><A
NAME="AEN483"
NAME="AEN484"
></A
><H2
>SEE ALSO</H2

32
contrib/bind9/bin/named/server.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: server.c,v 1.339.2.15.2.56 2004/06/18 04:39:48 marka Exp $ */
/* $Id: server.c,v 1.339.2.15.2.59 2004/11/10 22:13:56 marka Exp $ */
#include <config.h>
@ -522,6 +522,7 @@ configure_order(dns_order_t *order, cfg_obj_t *ent) {
const char *str;
isc_buffer_t b;
isc_result_t result;
isc_boolean_t addroot;
result = ns_config_getclass(cfg_tuple_get(ent, "class"),
dns_rdataclass_any, &rdclass);
@ -538,11 +539,12 @@ configure_order(dns_order_t *order, cfg_obj_t *ent) {
str = cfg_obj_asstring(obj);
else
str = "*";
addroot = ISC_TF(strcmp(str, "*") == 0);
isc_buffer_init(&b, str, strlen(str));
isc_buffer_add(&b, strlen(str));
dns_fixedname_init(&fixed);
result = dns_name_fromtext(dns_fixedname_name(&fixed), &b,
dns_rootname, ISC_FALSE, NULL);
dns_rootname, ISC_FALSE, NULL);
if (result != ISC_R_SUCCESS)
return (result);
@ -558,6 +560,18 @@ configure_order(dns_order_t *order, cfg_obj_t *ent) {
else
INSIST(0);
/*
* "*" should match everything including the root (BIND 8 compat).
* As dns_name_matcheswildcard(".", "*.") returns FALSE add a
* explict entry for "." when the name is "*".
*/
if (addroot) {
result = dns_order_add(order, dns_rootname,
rdtype, rdclass, mode);
if (result != ISC_R_SUCCESS)
return (result);
}
return (dns_order_add(order, dns_fixedname_name(&fixed),
rdtype, rdclass, mode));
}
@ -1903,7 +1917,8 @@ adjust_interfaces(ns_server_t *server, isc_mem_t *mctx) {
dns_dispatch_t *dispatch6;
dispatch6 = dns_resolver_dispatchv6(view->resolver);
INSIST(dispatch6 != NULL);
if (dispatch6 == NULL)
continue;
result = dns_dispatch_getlocaladdress(dispatch6, &addr);
if (result != ISC_R_SUCCESS)
goto fail;
@ -2805,7 +2820,7 @@ run_server(isc_task_t *task, isc_event_t *event) {
isc_result_t result;
ns_server_t *server = (ns_server_t *)event->ev_arg;
UNUSED(task);
INSIST(task == server->task);
isc_event_free(&event);
@ -2843,11 +2858,11 @@ run_server(isc_task_t *task, isc_event_t *event) {
isc_hash_init();
CHECKFATAL(load_zones(server, ISC_FALSE),
"loading zones");
CHECKFATAL(load_zones(server, ISC_FALSE), "loading zones");
ns_os_started();
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER,
ISC_LOG_INFO, "running");
ISC_LOG_NOTICE, "running");
}
void
@ -3187,8 +3202,7 @@ loadconfig(ns_server_t *server) {
start_reserved_dispatches(server);
result = load_configuration(ns_g_lwresdonly ?
lwresd_g_conffile : ns_g_conffile,
server,
ISC_FALSE);
server, ISC_FALSE);
if (result == ISC_R_SUCCESS)
end_reserved_dispatches(server, ISC_FALSE);
else

5
contrib/bind9/bin/named/unix/include/named/os.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: os.h,v 1.14.2.2.8.8 2004/03/08 04:04:21 marka Exp $ */
/* $Id: os.h,v 1.14.2.2.8.9 2004/09/29 06:36:44 marka Exp $ */
#ifndef NS_OS_H
#define NS_OS_H 1
@ -61,4 +61,7 @@ ns_os_shutdownmsg(char *command, isc_buffer_t *text);
void
ns_os_tzset(void);
void
ns_os_started(void);
#endif /* NS_OS_H */

56
contrib/bind9/bin/named/unix/os.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: os.c,v 1.46.2.4.8.16 2004/05/04 03:19:42 marka Exp $ */
/* $Id: os.c,v 1.46.2.4.8.19 2004/10/07 02:34:20 marka Exp $ */
#include <config.h>
#include <stdarg.h>
@ -104,6 +104,7 @@ static pid_t mainpid = 0;
static struct passwd *runas_pw = NULL;
static isc_boolean_t done_setuid = ISC_FALSE;
static int dfd[2] = { -1, -1 };
#ifdef HAVE_LINUX_CAPABILITY_H
@ -161,7 +162,10 @@ linux_setcaps(unsigned int caps) {
cap.inheritable = caps;
if (syscall(SYS_capset, &caphead, &cap) < 0) {
isc__strerror(errno, strbuf, sizeof(strbuf));
ns_main_earlyfatal("capset failed: %s", strbuf);
ns_main_earlyfatal("capset failed: %s:"
" please ensure that the capset kernel"
" module is loaded. see insmod(8)",
strbuf);
}
}
@ -302,13 +306,33 @@ ns_os_daemonize(void) {
pid_t pid;
char strbuf[ISC_STRERRORSIZE];
if (pipe(dfd) == -1) {
isc__strerror(errno, strbuf, sizeof(strbuf));
ns_main_earlyfatal("pipe(): %s", strbuf);
}
pid = fork();
if (pid == -1) {
isc__strerror(errno, strbuf, sizeof(strbuf));
ns_main_earlyfatal("fork(): %s", strbuf);
}
if (pid != 0)
_exit(0);
if (pid != 0) {
int n;
/*
* Wait for the child to finish loading for the first time.
* This would be so much simpler if fork() worked once we
* were multi-threaded.
*/
(void)close(dfd[1]);
do {
char buf;
n = read(dfd[0], &buf, 1);
if (n == 1)
_exit(0);
} while (n == -1 && errno == EINTR);
_exit(1);
}
(void)close(dfd[0]);
/*
* We're the child.
@ -349,6 +373,20 @@ ns_os_daemonize(void) {
}
}
void
ns_os_started(void) {
char buf = 0;
/*
* Signal to the parent that we stated successfully.
*/
if (dfd[0] != -1 && dfd[1] != -1) {
write(dfd[1], &buf, 1);
close(dfd[1]);
dfd[0] = dfd[1] = -1;
}
}
void
ns_os_opendevnull(void) {
devnullfd = open("/dev/null", O_RDWR, 0);
@ -426,10 +464,14 @@ ns_os_changeuser(void) {
#ifdef HAVE_LINUXTHREADS
#ifdef HAVE_LINUX_CAPABILITY_H
if (!non_root_caps)
ns_main_earlyfatal("-u with Linux threads not supported: "
"requires kernel support for "
"prctl(PR_SET_KEEPCAPS)");
#else
ns_main_earlyfatal("-u with Linux threads not supported: "
"no capabilities support or capabilities "
"disabled at build time");
#endif
ns_main_earlyfatal(
"-u not supported on Linux kernels older than "
"2.3.99-pre3 or 2.2.18 when using threads");
#endif
if (setgid(runas_pw->pw_gid) < 0) {

25
contrib/bind9/bin/named/update.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: update.c,v 1.88.2.5.2.23 2004/07/23 02:56:52 marka Exp $ */
/* $Id: update.c,v 1.88.2.5.2.25 2004/10/21 01:40:22 marka Exp $ */
#include <config.h>
@ -708,7 +708,7 @@ ssu_checkrule(void *data, dns_rdataset_t *rrset) {
*/
if (rrset->type == dns_rdatatype_rrsig ||
rrset->type == dns_rdatatype_nsec)
return (ISC_TRUE);
return (ISC_R_SUCCESS);
result = dns_ssutable_checkrules(ssuinfo->table, ssuinfo->signer,
ssuinfo->name, rrset->type);
return (result == ISC_TRUE ? ISC_R_SUCCESS : ISC_R_FAILURE);
@ -965,13 +965,27 @@ typedef struct {
*/
/*
* Return true iff 'update_rr' is neither a SOA nor an NS RR.
* Return true iff 'db_rr' is neither a SOA nor an NS RR nor
* an RRSIG nor a NSEC.
*/
static isc_boolean_t
type_not_soa_nor_ns_p(dns_rdata_t *update_rr, dns_rdata_t *db_rr) {
UNUSED(update_rr);
return ((db_rr->type != dns_rdatatype_soa &&
db_rr->type != dns_rdatatype_ns) ?
db_rr->type != dns_rdatatype_ns &&
db_rr->type != dns_rdatatype_rrsig &&
db_rr->type != dns_rdatatype_nsec) ?
ISC_TRUE : ISC_FALSE);
}
/*
* Return true iff 'db_rr' is neither a RRSIG nor a NSEC.
*/
static isc_boolean_t
type_not_dnssec(dns_rdata_t *update_rr, dns_rdata_t *db_rr) {
UNUSED(update_rr);
return ((db_rr->type != dns_rdatatype_rrsig &&
db_rr->type != dns_rdatatype_nsec) ?
ISC_TRUE : ISC_FALSE);
}
@ -2514,7 +2528,8 @@ update_action(isc_task_t *task, isc_event_t *event) {
dns_rdatatype_any, 0,
&rdata, &diff));
} else {
CHECK(delete_if(true_p, db, ver, name,
CHECK(delete_if(type_not_dnssec,
db, ver, name,
dns_rdatatype_any, 0,
&rdata, &diff));
}

63
contrib/bind9/bin/nsupdate/nsupdate.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: nsupdate.c,v 1.103.2.15.2.16 2004/06/17 01:00:38 sra Exp $ */
/* $Id: nsupdate.c,v 1.103.2.15.2.18 2004/09/16 02:12:18 marka Exp $ */
#include <config.h>
@ -627,7 +627,7 @@ parse_args(int argc, char **argv) {
exit(1);
}
if (timeout == 0)
timeout = ULONG_MAX;
timeout = UINT_MAX;
break;
case 'u':
result = isc_parse_uint32(&udp_timeout,
@ -637,7 +637,7 @@ parse_args(int argc, char **argv) {
exit(1);
}
if (udp_timeout == 0)
udp_timeout = ULONG_MAX;
udp_timeout = UINT_MAX;
break;
case 'r':
result = isc_parse_uint32(&udp_retries,
@ -1595,6 +1595,8 @@ recvsoa(isc_task_t *task, isc_event_t *event) {
dns_message_t *soaquery = NULL;
isc_sockaddr_t *addr;
isc_boolean_t seencname = ISC_FALSE;
dns_name_t tname;
unsigned int nlabels;
UNUSED(task);
@ -1703,9 +1705,8 @@ recvsoa(isc_task_t *task, isc_event_t *event) {
section = DNS_SECTION_ANSWER;
else if (pass == 1)
section = DNS_SECTION_AUTHORITY;
else
fatal("response to SOA query didn't contain an SOA");
else
goto droplabel;
result = dns_message_firstname(rcvmsg, section);
if (result != ISC_R_SUCCESS) {
@ -1742,29 +1743,8 @@ recvsoa(isc_task_t *task, isc_event_t *event) {
goto lookforsoa;
}
if (seencname) {
dns_name_t tname;
unsigned int nlabels;
result = dns_message_firstname(soaquery, DNS_SECTION_QUESTION);
INSIST(result == ISC_R_SUCCESS);
name = NULL;
dns_message_currentname(soaquery, DNS_SECTION_QUESTION, &name);
nlabels = dns_name_countlabels(name);
if (nlabels == 1)
fatal("could not find enclosing zone");
dns_name_init(&tname, NULL);
dns_name_getlabelsequence(name, 1, nlabels - 1, &tname);
dns_name_clone(&tname, name);
dns_request_destroy(&request);
dns_message_renderreset(soaquery);
if (userserver != NULL)
sendrequest(localaddr, userserver, soaquery, &request);
else
sendrequest(localaddr, &servers[ns_inuse], soaquery,
&request);
goto out;
}
if (seencname)
goto droplabel;
if (debugging) {
char namestr[DNS_NAME_FORMATSIZE];
@ -1807,17 +1787,38 @@ recvsoa(isc_task_t *task, isc_event_t *event) {
get_address(serverstr, DNSDEFAULTPORT, &tempaddr);
serveraddr = &tempaddr;
}
dns_rdata_freestruct(&soa);
send_update(zonename, serveraddr, localaddr);
setzoneclass(dns_rdataclass_none);
dns_message_destroy(&soaquery);
dns_request_destroy(&request);
out:
setzoneclass(dns_rdataclass_none);
dns_rdata_freestruct(&soa);
dns_message_destroy(&rcvmsg);
ddebug("Out of recvsoa");
return;
droplabel:
result = dns_message_firstname(soaquery, DNS_SECTION_QUESTION);
INSIST(result == ISC_R_SUCCESS);
name = NULL;
dns_message_currentname(soaquery, DNS_SECTION_QUESTION, &name);
nlabels = dns_name_countlabels(name);
if (nlabels == 1)
fatal("could not find enclosing zone");
dns_name_init(&tname, NULL);
dns_name_getlabelsequence(name, 1, nlabels - 1, &tname);
dns_name_clone(&tname, name);
dns_request_destroy(&request);
dns_message_renderreset(soaquery);
if (userserver != NULL)
sendrequest(localaddr, userserver, soaquery, &request);
else
sendrequest(localaddr, &servers[ns_inuse], soaquery,
&request);
goto out;
}
static void

5
contrib/bind9/bin/rndc/rndc-confgen.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: rndc-confgen.c,v 1.9.2.6.2.4 2004/03/06 10:21:31 marka Exp $ */
/* $Id: rndc-confgen.c,v 1.9.2.6.2.5 2004/09/28 07:14:57 marka Exp $ */
#include <config.h>
@ -273,7 +273,8 @@ main(int argc, char **argv) {
buf = isc_mem_get(mctx, len);
if (buf == NULL)
fatal("isc_mem_get(%d) failed\n", len);
snprintf(buf, len, "%s/%s", chrootdir, keyfile);
snprintf(buf, len, "%s%s%s", chrootdir,
(*keyfile != '/') ? "/" : "", keyfile);
write_key_file(buf, user, keyname, &key_txtbuffer);
isc_mem_put(mctx, buf, len);

2
contrib/bind9/bin/rndc/rndc.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: rndc.c,v 1.77.2.5.2.12.6.1 2004/09/20 01:00:01 marka Exp $ */
/* $Id: rndc.c,v 1.77.2.5.2.13 2004/09/03 03:43:32 marka Exp $ */
/*
* Principal Author: DCL

94
contrib/bind9/config.guess vendored
View File

@ -1,9 +1,9 @@
#! /bin/sh
# Attempt to guess a canonical system name.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
# 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
timestamp='2004-01-24'
timestamp='2004-09-07'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
@ -53,7 +53,7 @@ version="\
GNU config.guess ($timestamp)
Originally written by Per Bothner.
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004
Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
@ -197,15 +197,21 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used.
echo "${machine}-${os}${release}"
exit 0 ;;
amd64:OpenBSD:*:*)
echo x86_64-unknown-openbsd${UNAME_RELEASE}
exit 0 ;;
amiga:OpenBSD:*:*)
echo m68k-unknown-openbsd${UNAME_RELEASE}
exit 0 ;;
arc:OpenBSD:*:*)
echo mipsel-unknown-openbsd${UNAME_RELEASE}
cats:OpenBSD:*:*)
echo arm-unknown-openbsd${UNAME_RELEASE}
exit 0 ;;
hp300:OpenBSD:*:*)
echo m68k-unknown-openbsd${UNAME_RELEASE}
exit 0 ;;
luna88k:OpenBSD:*:*)
echo m88k-unknown-openbsd${UNAME_RELEASE}
exit 0 ;;
mac68k:OpenBSD:*:*)
echo m68k-unknown-openbsd${UNAME_RELEASE}
exit 0 ;;
@ -221,28 +227,33 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
mvmeppc:OpenBSD:*:*)
echo powerpc-unknown-openbsd${UNAME_RELEASE}
exit 0 ;;
pegasos:OpenBSD:*:*)
echo powerpc-unknown-openbsd${UNAME_RELEASE}
exit 0 ;;
pmax:OpenBSD:*:*)
echo mipsel-unknown-openbsd${UNAME_RELEASE}
exit 0 ;;
sgi:OpenBSD:*:*)
echo mipseb-unknown-openbsd${UNAME_RELEASE}
echo mips64-unknown-openbsd${UNAME_RELEASE}
exit 0 ;;
sun3:OpenBSD:*:*)
echo m68k-unknown-openbsd${UNAME_RELEASE}
exit 0 ;;
wgrisc:OpenBSD:*:*)
echo mipsel-unknown-openbsd${UNAME_RELEASE}
exit 0 ;;
*:OpenBSD:*:*)
echo ${UNAME_MACHINE}-unknown-openbsd${UNAME_RELEASE}
exit 0 ;;
*:ekkoBSD:*:*)
echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE}
exit 0 ;;
macppc:MirBSD:*:*)
echo powerppc-unknown-mirbsd${UNAME_RELEASE}
exit 0 ;;
*:MirBSD:*:*)
echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE}
exit 0 ;;
alpha:OSF1:*:*)
if test $UNAME_RELEASE = "V4.0"; then
case $UNAME_RELEASE in
*4.0)
UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'`
fi
;;
*5.*)
UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'`
;;
esac
# According to Compaq, /usr/sbin/psrinfo has been available on
# OSF/1 and Tru64 systems produced since 1995. I hope that
# covers most systems running today. This code pipes the CPU
@ -280,14 +291,12 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
"EV7.9 (21364A)")
UNAME_MACHINE="alphaev79" ;;
esac
# A Pn.n version is a patched version.
# A Vn.n version is a released version.
# A Tn.n version is a released field test version.
# A Xn.n version is an unreleased experimental baselevel.
# 1.2 uses "1.2" for uname -r.
echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
exit 0 ;;
Alpha*:OpenVMS:*:*)
echo alpha-hp-vms
echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
exit 0 ;;
Alpha\ *:Windows_NT*:*)
# How do we know it's Interix rather than the generic POSIX subsystem?
@ -743,7 +752,7 @@ EOF
echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
exit 0 ;;
*:UNICOS/mp:*:*)
echo nv1-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
exit 0 ;;
F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*)
FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
@ -766,21 +775,7 @@ EOF
echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
exit 0 ;;
*:FreeBSD:*:*)
# Determine whether the default compiler uses glibc.
eval $set_cc_for_build
sed 's/^ //' << EOF >$dummy.c
#include <features.h>
#if __GLIBC__ >= 2
LIBC=gnu
#else
LIBC=
#endif
EOF
eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=`
# GNU/KFreeBSD systems have a "k" prefix to indicate we are using
# FreeBSD's kernel, but not the complete OS.
case ${LIBC} in gnu) kernel_only='k' ;; esac
echo ${UNAME_MACHINE}-unknown-${kernel_only}freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`${LIBC:+-$LIBC}
echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
exit 0 ;;
i*:CYGWIN*:*)
echo ${UNAME_MACHINE}-pc-cygwin
@ -829,9 +824,18 @@ EOF
cris:Linux:*:*)
echo cris-axis-linux-gnu
exit 0 ;;
crisv32:Linux:*:*)
echo crisv32-axis-linux-gnu
exit 0 ;;
frv:Linux:*:*)
echo frv-unknown-linux-gnu
exit 0 ;;
ia64:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit 0 ;;
m32r*:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit 0 ;;
m68*:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit 0 ;;
@ -1072,9 +1076,9 @@ EOF
M680?0:D-NIX:5.3:*)
echo m68k-diab-dnix
exit 0 ;;
M68*:*:R3V[567]*:*)
M68*:*:R3V[5678]*:*)
test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;;
3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0)
3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0)
OS_REL=''
test -r /etc/.relid \
&& OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
@ -1172,9 +1176,10 @@ EOF
echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE}
exit 0 ;;
*:Darwin:*:*)
case `uname -p` in
UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown
case $UNAME_PROCESSOR in
*86) UNAME_PROCESSOR=i686 ;;
powerpc) UNAME_PROCESSOR=powerpc ;;
unknown) UNAME_PROCESSOR=powerpc ;;
esac
echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE}
exit 0 ;;
@ -1236,6 +1241,13 @@ EOF
*:DragonFly:*:*)
echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
exit 0 ;;
*:*VMS:*:*)
UNAME_MACHINE=`(uname -p) 2>/dev/null`
case "${UNAME_MACHINE}" in
A*) echo alpha-dec-vms && exit 0 ;;
I*) echo ia64-dec-vms && exit 0 ;;
V*) echo vax-dec-vms && exit 0 ;;
esac
esac
#echo '(No uname command or uname output not recognized.)' 1>&2

60
contrib/bind9/config.sub vendored
View File

@ -1,9 +1,9 @@
#! /bin/sh
# Configuration validation subroutine script.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
# 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
timestamp='2004-01-05'
timestamp='2004-08-29'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
@ -70,7 +70,7 @@ Report bugs and patches to <config-patches@gnu.org>."
version="\
GNU config.sub ($timestamp)
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004
Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
@ -145,7 +145,7 @@ case $os in
-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
-apple | -axis)
-apple | -axis | -knuth | -cray)
os=
basic_machine=$1
;;
@ -237,7 +237,7 @@ case $basic_machine in
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
| i370 | i860 | i960 | ia64 \
| ip2k | iq2000 \
| m32r | m68000 | m68k | m88k | mcore \
| m32r | m32rle | m68000 | m68k | m88k | mcore \
| mips | mipsbe | mipseb | mipsel | mipsle \
| mips16 \
| mips64 | mips64el \
@ -262,7 +262,7 @@ case $basic_machine in
| pyramid \
| sh | sh[1234] | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \
| sh64 | sh64le \
| sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv9 | sparcv9b \
| sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv8 | sparcv9 | sparcv9b \
| strongarm \
| tahoe | thumb | tic4x | tic80 | tron \
| v850 | v850e \
@ -300,7 +300,7 @@ case $basic_machine in
| avr-* \
| bs2000-* \
| c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \
| clipper-* | cydra-* \
| clipper-* | craynv-* | cydra-* \
| d10v-* | d30v-* | dlx-* \
| elxsi-* \
| f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \
@ -308,7 +308,7 @@ case $basic_machine in
| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
| i*86-* | i860-* | i960-* | ia64-* \
| ip2k-* | iq2000-* \
| m32r-* \
| m32r-* | m32rle-* \
| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
| m88110-* | m88k-* | mcore-* \
| mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
@ -326,8 +326,9 @@ case $basic_machine in
| mipsisa64sb1-* | mipsisa64sb1el-* \
| mipsisa64sr71k-* | mipsisa64sr71kel-* \
| mipstx39-* | mipstx39el-* \
| mmix-* \
| msp430-* \
| none-* | np1-* | nv1-* | ns16k-* | ns32k-* \
| none-* | np1-* | ns16k-* | ns32k-* \
| orion-* \
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
@ -336,7 +337,7 @@ case $basic_machine in
| sh-* | sh[1234]-* | sh[23]e-* | sh[34]eb-* | shbe-* \
| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
| sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \
| sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \
| sparcv8-* | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \
| tahoe-* | thumb-* \
| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
| tron-* \
@ -363,6 +364,9 @@ case $basic_machine in
basic_machine=a29k-amd
os=-udi
;;
abacus)
basic_machine=abacus-unknown
;;
adobe68k)
basic_machine=m68010-adobe
os=-scout
@ -442,12 +446,27 @@ case $basic_machine in
basic_machine=j90-cray
os=-unicos
;;
craynv)
basic_machine=craynv-cray
os=-unicosmp
;;
cr16c)
basic_machine=cr16c-unknown
os=-elf
;;
crds | unos)
basic_machine=m68k-crds
;;
crisv32 | crisv32-* | etraxfs*)
basic_machine=crisv32-axis
;;
cris | cris-* | etrax*)
basic_machine=cris-axis
;;
crx)
basic_machine=crx-unknown
os=-elf
;;
da30 | da30-*)
basic_machine=m68k-da30
;;
@ -648,10 +667,6 @@ case $basic_machine in
mips3*)
basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
;;
mmix*)
basic_machine=mmix-knuth
os=-mmixware
;;
monitor)
basic_machine=m68k-rom68k
os=-coff
@ -732,10 +747,6 @@ case $basic_machine in
np1)
basic_machine=np1-gould
;;
nv1)
basic_machine=nv1-cray
os=-unicosmp
;;
nsr-tandem)
basic_machine=nsr-tandem
;;
@ -1048,6 +1059,9 @@ case $basic_machine in
romp)
basic_machine=romp-ibm
;;
mmix)
basic_machine=mmix-knuth
;;
rs6000)
basic_machine=rs6000-ibm
;;
@ -1070,7 +1084,7 @@ case $basic_machine in
sh64)
basic_machine=sh64-unknown
;;
sparc | sparcv9 | sparcv9b)
sparc | sparcv8 | sparcv9 | sparcv9b)
basic_machine=sparc-sun
;;
cydra)
@ -1143,8 +1157,9 @@ case $os in
| -aos* \
| -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
| -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
| -hiux* | -386bsd* | -knetbsd* | -netbsd* | -openbsd* | -kfreebsd* | -freebsd* | -riscix* \
| -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
| -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* | -openbsd* \
| -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \
| -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
| -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
| -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
| -chorusos* | -chorusrdb* \
@ -1362,6 +1377,9 @@ case $basic_machine in
*-ibm)
os=-aix
;;
*-knuth)
os=-mmixware
;;
*-wec)
os=-proelf
;;

78
contrib/bind9/configure.in
View File

@ -18,7 +18,7 @@ AC_DIVERT_PUSH(1)dnl
esyscmd([sed "s/^/# /" COPYRIGHT])dnl
AC_DIVERT_POP()dnl
AC_REVISION($Revision: 1.294.2.23.2.30 $)
AC_REVISION($Revision: 1.294.2.23.2.39 $)
AC_INIT(lib/dns/name.c)
AC_PREREQ(2.13)
@ -261,6 +261,23 @@ AC_TRY_COMPILE(, [
AC_TYPE_SIZE_T
AC_CHECK_TYPE(ssize_t, int)
AC_CHECK_TYPE(socklen_t,
[AC_DEFINE(ISC_SOCKADDR_LEN_T, socklen_t)],
[
AC_TRY_COMPILE(
[
#include <sys/types.h>
#include <sys/socket.h>
int getsockname(int, struct sockaddr *, size_t *);
],[],
[AC_DEFINE(ISC_SOCKADDR_LEN_T, size_t)],
[AC_DEFINE(ISC_SOCKADDR_LEN_T, int)])
],
[
#include <sys/types.h>
#include <sys/socket.h>
])
AC_SUBST(ISC_SOCKADDR_LEN_T)
AC_HEADER_TIME
AC_MSG_CHECKING(for long long)
AC_TRY_COMPILE([],[long long i = 0; return (0);],
@ -345,17 +362,33 @@ AC_ARG_WITH(openssl,
(Required for DNSSEC)],
use_openssl="$withval", use_openssl="auto")
openssldirs="/usr /usr/local /usr/local/ssl /usr/pkg"
if test "$use_openssl" = "auto"
then
for d in $openssldirs
do
if test -f $d/include/openssl/opensslv.h
then
use_openssl=$d
break
fi
done
fi
case "$use_openssl" in
no)
AC_MSG_RESULT(no)
DST_OPENSSL_INC=""
USE_OPENSSL=""
;;
auto)
DST_OPENSSL_INC=""
USE_OPENSSL=""
AC_MSG_RESULT(not found)
;;
*)
if test "$use_openssl" = "yes" -o "$use_openssl" = "auto"
if test "$use_openssl" = "yes"
then
# User did not specify a path - guess it
openssldirs="/usr /usr/local /usr/local/ssl /usr/pkg"
for d in $openssldirs
do
if test -f $d/include/openssl/opensslv.h
@ -369,12 +402,6 @@ case "$use_openssl" in
AC_MSG_RESULT(not found)
AC_MSG_ERROR(
[OpenSSL was not found in any of $openssldirs; use --with-openssl=/path])
elif test "$use_openssl" = "auto"
then
DST_OPENSSL_INC=""
USE_OPENSSL=""
AC_MSG_RESULT(not found)
break
fi
fi
USE_OPENSSL='-DOPENSSL'
@ -762,6 +789,11 @@ then
#
*-freebsd*)
AC_CHECK_LIB(c_r, sigwait, AC_DEFINE(HAVE_SIGWAIT),)
case $host in
*-freebsd5.3|*-freebsd5.3.*)
AC_DEFINE(NEED_PTHREAD_SCOPE_SYSTEM)
;;
esac
;;
#
# BSDI 3.0 through 4.0.1 needs pthread_init() to be
@ -905,6 +937,11 @@ IRIX_DNSSEC_WARNINGS_HACK=""
if test "X$GCC" = "Xyes"; then
STD_CWARNINGS="$STD_CWARNINGS -W -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -Wformat"
case "$host" in
*-hp-hpux*)
LDFLAGS="-Wl,+vnocompatwarnings $LDFALGS"
;;
esac
else
case $host in
*-dec-osf*)
@ -928,7 +965,7 @@ else
;;
esac
CCOPT="$CCOPT -Ae -z"
LIBS="-Wl,+vnocompatwarnings $LIBS"
LDFLAGS="-Wl,+vnocompatwarnings $LDFALGS"
MKDEPPROG='cc -Ae -E -Wp,-M >/dev/null 2>>$TMP'
;;
*-sgi-irix*)
@ -1039,6 +1076,13 @@ case $use_libtool in
LIBTOOL_MODE_COMPILE='--mode=compile'
LIBTOOL_MODE_INSTALL='--mode=install'
LIBTOOL_MODE_LINK='--mode=link'
case "$host" in
*) LIBTOOL_ALLOW_UNDEFINED= ;;
esac
case "$host" in
*-ibm-aix*) LIBTOOL_IN_MAIN="-Wl,-bI:T_testlist.imp" ;;
*) LIBTOOL_IN_MAIN= ;;
esac;
;;
*)
O=o
@ -1049,6 +1093,8 @@ case $use_libtool in
LIBTOOL_MODE_COMPILE=
LIBTOOL_MODE_INSTALL=
LIBTOOL_MODE_LINK=
LIBTOOL_ALLOW_UNDEFINED=
LIBTOOL_IN_MAIN=
;;
esac
@ -1065,6 +1111,8 @@ AC_SUBST(LIBTOOL_MKDEP_SED)
AC_SUBST(LIBTOOL_MODE_COMPILE)
AC_SUBST(LIBTOOL_MODE_INSTALL)
AC_SUBST(LIBTOOL_MODE_LINK)
AC_SUBST(LIBTOOL_ALLOW_UNDEFINED)
AC_SUBST(LIBTOOL_IN_MAIN)
#
# build libbind?
@ -1592,7 +1640,7 @@ case $host in
# project handles the AF_INET6 case correctly. We need to avoid
# using the former but prefer the latter unless overridden by
# --enable-getifaddrs=glibc.
if test $use_getifaddrs = glibc
if test $want_getifaddrs = glibc
then
AC_CHECK_FUNC(getifaddrs, AC_DEFINE(HAVE_GETIFADDRS))
else
@ -1830,6 +1878,9 @@ AC_SUBST(ISC_PLATFORM_BRACEPTHREADONCEINIT)
ISC_PLATFORM_BRACEPTHREADONCEINIT="#undef ISC_PLATFORM_BRACEPTHREADONCEINIT"
case "$host" in
*-aix5.1.*)
hack_shutup_pthreadonceinit=yes
;;
*-bsdi3.1*)
hack_shutup_sputaux=yes
;;
@ -2119,10 +2170,7 @@ AC_OUTPUT(
lib/dns/Makefile
lib/dns/include/Makefile
lib/dns/include/dns/Makefile
lib/dns/sec/Makefile
lib/dns/sec/dst/Makefile
lib/dns/sec/dst/include/Makefile
lib/dns/sec/dst/include/dst/Makefile
lib/dns/include/dst/Makefile
lib/bind9/Makefile
lib/bind9/include/Makefile
lib/bind9/include/bind9/Makefile

45
contrib/bind9/doc/arm/Bv9ARM-book.xml
View File

@ -2,7 +2,7 @@
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.0//EN"
"http://www.oasis-open.org/docbook/xml/4.0/docbookx.dtd">
<!-- File: $Id: Bv9ARM-book.xml,v 1.155.2.27.2.49 2004/08/16 00:55:29 marka Exp $ -->
<!-- File: $Id: Bv9ARM-book.xml,v 1.155.2.27.2.52 2005/02/09 03:48:57 marka Exp $ -->
<book>
<title>BIND 9 Administrator Reference Manual</title>
@ -679,8 +679,13 @@ of a server.</para>
syntax and consistency.</para>
<cmdsynopsis label="Usage">
<command>named-checkzone</command>
<arg>-dq</arg>
<arg>-djqvD</arg>
<arg>-c <replaceable>class</replaceable></arg>
<arg>-o <replaceable>output</replaceable></arg>
<arg>-t <replaceable>directory</replaceable></arg>
<arg>-w <replaceable>directory</replaceable></arg>
<arg>-k <replaceable>(ignore|warn|fail)</replaceable></arg>
<arg>-n <replaceable>(ignore|warn|fail)</replaceable></arg>
<arg choice="plain"><replaceable>zone</replaceable></arg>
<arg><replaceable>filename</replaceable></arg>
</cmdsynopsis>
@ -2707,6 +2712,7 @@ statement in the <filename>named.conf</filename> file:</para>
<optional> flush-zones-on-shutdown <replaceable>yes_or_no</replaceable>; </optional>
<optional> has-old-clients <replaceable>yes_or_no</replaceable>; </optional>
<optional> host-statistics <replaceable>yes_or_no</replaceable>; </optional>
<optional> host-statistics-max <replaceable>number</replaceable>; </optional>
<optional> minimal-responses <replaceable>yes_or_no</replaceable>; </optional>
<optional> multiple-cnames <replaceable>yes_or_no</replaceable>; </optional>
<optional> notify <replaceable>yes_or_no</replaceable> | <replaceable>explicit</replaceable>; </optional>
@ -2720,7 +2726,7 @@ statement in the <filename>named.conf</filename> file:</para>
<optional> forward ( <replaceable>only</replaceable> | <replaceable>first</replaceable> ); </optional>
<optional> forwarders { <replaceable>ip_addr</replaceable> <optional>port <replaceable>ip_port</replaceable></optional> ; <optional> <replaceable>ip_addr</replaceable> <optional>port <replaceable>ip_port</replaceable></optional> ; ... </optional> }; </optional>
<optional> dual-stack-servers <optional>port <replaceable>ip_port</replaceable></optional> { ( <replaceable>domain_name</replaceable> <optional>port <replaceable>ip_port</replaceable></optional> | <replaceable>ip_addr</replaceable> <optional>port <replaceable>ip_port</replaceable></optional> ) ; ... }; </optional>
<optional> check-names ( <replaceable>master</replaceable> | <replaceable>slave</replaceable> | <replaceable> response</replaceable> )( <replaceable>warn</replaceable> | <replaceable>fail</replaceable> | <replaceable>ignore</replaceable> ); </optional>
<optional> check-names ( <replaceable>master</replaceable> | <replaceable>slave</replaceable> | <replaceable>response</replaceable> )( <replaceable>warn</replaceable> | <replaceable>fail</replaceable> | <replaceable>ignore</replaceable> ); </optional>
<optional> allow-notify { <replaceable>address_match_list</replaceable> }; </optional>
<optional> allow-query { <replaceable>address_match_list</replaceable> }; </optional>
<optional> allow-transfer { <replaceable>address_match_list</replaceable> }; </optional>
@ -2791,8 +2797,8 @@ statement in the <filename>named.conf</filename> file:</para>
<optional> edns-udp-size <replaceable>number</replaceable>; </optional>
<optional> root-delegation-only <optional> exclude { <replaceable>namelist</replaceable> } </optional> ; </optional>
<optional> querylog <replaceable>yes_or_no</replaceable> ; </optional>
};
<optional> disable-algorithms <replaceable>domain</replaceable> { <replaceable>algorithm</replaceable>; <optional> <replaceable>algorithm</replaceable>; </optional> }; </optional>
};
</programlisting>
</sect2>
@ -3338,6 +3344,28 @@ If <command>querylog</command> is not specified then the query logging
is determined by the presence of the logging category <command>queries</command>.
</para></listitem></varlistentry>
<varlistentry><term><command>check-names</command></term>
<listitem>
<para>
This option is used to restrict the character set and syntax of
certain domain names in master files and/or DNS responses received
from the network. The default varies according to usage area. For
<command>master</command> zones the default is <command>fail</command>.
For <command>slave</command> zones the default is <command>warn</command>.
For answer received from the network (<command>response</command>)
the default is <command>ignore</command>.
</para>
<para>The rules for legal hostnames / mail domains are derived from RFC 952
and RFC 821 as modified by RFC 1123.
</para>
<para><command>check-names</command> applies to the owner names of A, AAA and
MX records. It also applies to the domain names in the RDATA of NS, SOA and MX
records. It also applies to the RDATA of PTR records where the owner name
indicated that it is a reverse lookup of a hostname (the owner name ends in
IN-ADDR.ARPA, IP6.ARPA, IP6.INT).
</para>
</listitem></varlistentry>
</variablelist>
</sect3>
@ -3820,6 +3848,12 @@ will be automatically removed. The default is
<literal>unlimited</literal>.</para>
</listitem></varlistentry>
<varlistentry><term><command>host-statistics-max</command></term>
<listitem><para>In BIND 8, specifies the maximum number of host statistic
entries to be kept.
Not implemented in BIND 9.
</para></listitem></varlistentry>
<varlistentry><term><command>recursive-clients</command></term>
<listitem><para>The maximum number of simultaneous recursive lookups
the server will perform on behalf of clients. The default is
@ -4728,7 +4762,8 @@ The default is the empty list.</para>
<listitem><para>
This option is used to restrict the character set and syntax of
certain domain names in master files and/or DNS responses received from the
network.
network. The default varies according to zone type. For <command>master</command> zones the default is <command>fail</command>. For <command>slave</command>
zones the default is <command>warn</command>.
</para>
</listitem></varlistentry>

21
contrib/bind9/doc/arm/Bv9ARM.ch03.html
View File

@ -651,9 +651,24 @@ CLASS="command"
><B
CLASS="command"
>named-checkzone</B
> [-dq] [-c <VAR
> [-djqvD] [-c <VAR
CLASS="replaceable"
>class</VAR
>] [-o <VAR
CLASS="replaceable"
>output</VAR
>] [-t <VAR
CLASS="replaceable"
>directory</VAR
>] [-w <VAR
CLASS="replaceable"
>directory</VAR
>] [-k <VAR
CLASS="replaceable"
>(ignore|warn|fail)</VAR
>] [-n <VAR
CLASS="replaceable"
>(ignore|warn|fail)</VAR
>] <VAR
CLASS="replaceable"
>zone</VAR
@ -1318,7 +1333,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN679"
NAME="AEN689"
>3.3.2. Signals</A
></H2
><P
@ -1333,7 +1348,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN683"
NAME="AEN693"
></A
><TABLE
CELLPADDING="3"

42
contrib/bind9/doc/arm/Bv9ARM.ch04.html
View File

@ -96,7 +96,7 @@ HREF="Bv9ARM.ch04.html#incremental_zone_transfers"
></DT
><DT
>4.4. <A
HREF="Bv9ARM.ch04.html#AEN757"
HREF="Bv9ARM.ch04.html#AEN767"
>Split DNS</A
></DT
><DT
@ -106,12 +106,12 @@ HREF="Bv9ARM.ch04.html#tsig"
></DT
><DT
>4.6. <A
HREF="Bv9ARM.ch04.html#AEN917"
HREF="Bv9ARM.ch04.html#AEN927"
>TKEY</A
></DT
><DT
>4.7. <A
HREF="Bv9ARM.ch04.html#AEN932"
HREF="Bv9ARM.ch04.html#AEN942"
>SIG(0)</A
></DT
><DT
@ -121,7 +121,7 @@ HREF="Bv9ARM.ch04.html#DNSSEC"
></DT
><DT
>4.9. <A
HREF="Bv9ARM.ch04.html#AEN1001"
HREF="Bv9ARM.ch04.html#AEN1011"
>IPv6 Support in <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
@ -338,7 +338,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN757"
NAME="AEN767"
>4.4. Split DNS</A
></H1
><P
@ -756,7 +756,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN848"
NAME="AEN858"
>4.5.1. Generate Shared Keys for Each Pair of Hosts</A
></H2
><P
@ -780,7 +780,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN853"
NAME="AEN863"
>4.5.1.1. Automatic Generation</A
></H3
><P
@ -820,7 +820,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN864"
NAME="AEN874"
>4.5.1.2. Manual Generation</A
></H3
><P
@ -841,7 +841,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN869"
NAME="AEN879"
>4.5.2. Copying the Shared Secret to Both Machines</A
></H2
><P
@ -853,7 +853,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN872"
NAME="AEN882"
>4.5.3. Informing the Servers of the Key's Existence</A
></H2
><P
@ -907,7 +907,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN884"
NAME="AEN894"
>4.5.4. Instructing the Server to Use the Key</A
></H2
><P
@ -991,7 +991,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN900"
NAME="AEN910"
>4.5.5. TSIG Key Based Access Control</A
></H2
><P
@ -1037,7 +1037,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN913"
NAME="AEN923"
>4.5.6. Errors</A
></H2
><P
@ -1066,7 +1066,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN917"
NAME="AEN927"
>4.6. TKEY</A
></H1
><P
@ -1133,7 +1133,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN932"
NAME="AEN942"
>4.7. SIG(0)</A
></H1
><P
@ -1220,7 +1220,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN952"
NAME="AEN962"
>4.8.1. Generating Keys</A
></H2
><P
@ -1298,7 +1298,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN972"
NAME="AEN982"
>4.8.2. Signing the Zone</A
></H2
><P
@ -1378,7 +1378,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN994"
NAME="AEN1004"
>4.8.3. Configuring Servers</A
></H2
><P
@ -1406,7 +1406,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN1001"
NAME="AEN1011"
>4.9. IPv6 Support in <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
@ -1486,7 +1486,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1019"
NAME="AEN1029"
>4.9.1. Address Lookups Using AAAA Records</A
></H2
><P
@ -1512,7 +1512,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1025"
NAME="AEN1035"
>4.9.2. Address to Name Lookups Using Nibble Format</A
></H2
><P

4
contrib/bind9/doc/arm/Bv9ARM.ch05.html
View File

@ -84,7 +84,7 @@ CLASS="TOC"
></DT
><DT
>5.1. <A
HREF="Bv9ARM.ch05.html#AEN1034"
HREF="Bv9ARM.ch05.html#AEN1044"
>The Lightweight Resolver Library</A
></DT
><DT
@ -99,7 +99,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN1034"
NAME="AEN1044"
>5.1. The Lightweight Resolver Library</A
></H1
><P

212
contrib/bind9/doc/arm/Bv9ARM.ch06.html
View File

@ -94,7 +94,7 @@ HREF="Bv9ARM.ch06.html#Configuration_File_Grammar"
></DT
><DT
>6.3. <A
HREF="Bv9ARM.ch06.html#AEN4015"
HREF="Bv9ARM.ch06.html#AEN4050"
>Zone File</A
></DT
></DL
@ -151,7 +151,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN1076"
NAME="AEN1086"
></A
><TABLE
CELLPADDING="3"
@ -623,7 +623,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN1241"
NAME="AEN1251"
>6.1.1.1. Syntax</A
></H3
><PRE
@ -654,7 +654,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN1249"
NAME="AEN1259"
>6.1.1.2. Definition and Usage</A
></H3
><P
@ -768,7 +768,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1280"
NAME="AEN1290"
>6.1.2. Comment Syntax</A
></H2
><P
@ -787,7 +787,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN1285"
NAME="AEN1295"
>6.1.2.1. Syntax</A
></H3
><P
@ -819,7 +819,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN1294"
NAME="AEN1304"
>6.1.2.2. Definition and Usage</A
></H3
><P
@ -932,7 +932,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN1318"
NAME="AEN1328"
></A
><TABLE
CELLPADDING="3"
@ -1132,7 +1132,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1401"
NAME="AEN1411"
>6.2.1. <B
CLASS="command"
>acl</B
@ -1181,7 +1181,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN1414"
NAME="AEN1424"
></A
><TABLE
CELLPADDING="3"
@ -1264,7 +1264,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1445"
NAME="AEN1455"
>6.2.3. <B
CLASS="command"
>controls</B
@ -1578,7 +1578,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1524"
NAME="AEN1534"
>6.2.5. <B
CLASS="command"
>include</B
@ -1596,7 +1596,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1529"
NAME="AEN1539"
>6.2.6. <B
CLASS="command"
>include</B
@ -1625,7 +1625,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1536"
NAME="AEN1546"
>6.2.7. <B
CLASS="command"
>key</B
@ -1653,7 +1653,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1543"
NAME="AEN1553"
>6.2.8. <B
CLASS="command"
>key</B
@ -1735,7 +1735,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1563"
NAME="AEN1573"
>6.2.9. <B
CLASS="command"
>logging</B
@ -1877,7 +1877,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1603"
NAME="AEN1613"
>6.2.10. <B
CLASS="command"
>logging</B
@ -1940,7 +1940,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN1619"
NAME="AEN1629"
>6.2.10.1. The <B
CLASS="command"
>channel</B
@ -2456,7 +2456,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN1743"
NAME="AEN1753"
></A
><TABLE
CELLPADDING="3"
@ -2783,7 +2783,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1873"
NAME="AEN1883"
>6.2.11. <B
CLASS="command"
>lwres</B
@ -2864,7 +2864,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1897"
NAME="AEN1907"
>6.2.12. <B
CLASS="command"
>lwres</B
@ -2938,7 +2938,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1916"
NAME="AEN1926"
>6.2.13. <B
CLASS="command"
>masters</B
@ -2987,7 +2987,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1931"
NAME="AEN1941"
>6.2.14. <B
CLASS="command"
>masters</B
@ -3005,7 +3005,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN1936"
NAME="AEN1946"
>6.2.15. <B
CLASS="command"
>options</B
@ -3175,6 +3175,13 @@ CLASS="replaceable"
>]
[<SPAN
CLASS="optional"
> host-statistics-max <VAR
CLASS="replaceable"
>number</VAR
>; </SPAN
>]
[<SPAN
CLASS="optional"
> minimal-responses <VAR
CLASS="replaceable"
>yes_or_no</VAR
@ -3322,7 +3329,7 @@ CLASS="replaceable"
>slave</VAR
> | <VAR
CLASS="replaceable"
> response</VAR
>response</VAR
> )( <VAR
CLASS="replaceable"
>warn</VAR
@ -3953,7 +3960,6 @@ CLASS="replaceable"
>yes_or_no</VAR
> ; </SPAN
>]
};
[<SPAN
CLASS="optional"
> disable-algorithms <VAR
@ -3970,6 +3976,7 @@ CLASS="replaceable"
>; </SPAN
>] }; </SPAN
>]
};
</PRE
></DIV
><DIV
@ -4490,7 +4497,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN2390"
NAME="AEN2402"
></A
><TABLE
CELLPADDING="3"
@ -5281,6 +5288,54 @@ CLASS="command"
>.
</P
></DD
><DT
><B
CLASS="command"
>check-names</B
></DT
><DD
><P
>&#13;This option is used to restrict the character set and syntax of
certain domain names in master files and/or DNS responses received
from the network. The default varies according to usage area. For
<B
CLASS="command"
>master</B
> zones the default is <B
CLASS="command"
>fail</B
>.
For <B
CLASS="command"
>slave</B
> zones the default is <B
CLASS="command"
>warn</B
>.
For answer received from the network (<B
CLASS="command"
>response</B
>)
the default is <B
CLASS="command"
>ignore</B
>.
</P
><P
>The rules for legal hostnames / mail domains are derived from RFC 952
and RFC 821 as modified by RFC 1123.
</P
><P
><B
CLASS="command"
>check-names</B
> applies to the owner names of A, AAA and
MX records. It also applies to the domain names in the RDATA of NS, SOA and MX
records. It also applies to the RDATA of PTR records where the owner name
indicated that it is a reverse lookup of a hostname (the owner name ends in
IN-ADDR.ARPA, IP6.ARPA, IP6.INT).
</P
></DD
></DL
></DIV
></DIV
@ -5289,7 +5344,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN2669"
NAME="AEN2695"
>6.2.16.2. Forwarding</A
></H3
><P
@ -5357,7 +5412,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN2688"
NAME="AEN2714"
>6.2.16.3. Dual-stack Servers</A
></H3
><P
@ -5569,7 +5624,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN2755"
NAME="AEN2781"
>6.2.16.5. Interfaces</A
></H3
><P
@ -5672,7 +5727,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN2782"
NAME="AEN2808"
>6.2.16.6. Query Address</A
></H3
><P
@ -6180,7 +6235,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN2948"
NAME="AEN2974"
>6.2.16.8. Bad UDP Port Lists</A
></H3
><P
@ -6204,7 +6259,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN2953"
NAME="AEN2979"
>6.2.16.9. Operating System Resource Limits</A
></H3
><P
@ -6324,7 +6379,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN2990"
NAME="AEN3016"
>6.2.16.10. Server Resource Limits</A
></H3
><P
@ -6374,6 +6429,18 @@ CLASS="literal"
><DT
><B
CLASS="command"
>host-statistics-max</B
></DT
><DD
><P
>In BIND 8, specifies the maximum number of host statistic
entries to be kept.
Not implemented in BIND 9.
</P
></DD
><DT
><B
CLASS="command"
>recursive-clients</B
></DT
><DD
@ -6447,7 +6514,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN3031"
NAME="AEN3062"
>6.2.16.11. Periodic Task Intervals</A
></H3
><P
@ -6812,7 +6879,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN3119"
NAME="AEN3150"
></A
><TABLE
CELLPADDING="3"
@ -7274,7 +7341,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN3263"
NAME="AEN3294"
></A
><TABLE
CELLPADDING="3"
@ -7746,7 +7813,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN3402"
NAME="AEN3433"
>6.2.19. <B
CLASS="command"
>trusted-keys</B
@ -7801,7 +7868,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN3418"
NAME="AEN3449"
>6.2.20. <B
CLASS="command"
>trusted-keys</B
@ -7889,7 +7956,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN3440"
NAME="AEN3471"
>6.2.22. <B
CLASS="command"
>view</B
@ -8523,7 +8590,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN3614"
NAME="AEN3645"
>6.2.24. <B
CLASS="command"
>zone</B
@ -8534,7 +8601,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN3617"
NAME="AEN3648"
>6.2.24.1. Zone Types</A
></H3
><DIV
@ -8542,7 +8609,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN3619"
NAME="AEN3650"
></A
><TABLE
CELLPADDING="3"
@ -8774,7 +8841,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN3682"
NAME="AEN3713"
>6.2.24.2. Class</A
></H3
><P
@ -8812,7 +8879,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN3692"
NAME="AEN3723"
>6.2.24.3. Zone Options</A
></H3
><P
@ -8956,7 +9023,20 @@ CLASS="command"
><P
>&#13;This option is used to restrict the character set and syntax of
certain domain names in master files and/or DNS responses received from the
network.
network. The default varies according to zone type. For <B
CLASS="command"
>master</B
> zones the default is <B
CLASS="command"
>fail</B
>. For <B
CLASS="command"
>slave</B
>
zones the default is <B
CLASS="command"
>warn</B
>.
</P
></DD
><DT
@ -9548,7 +9628,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN3974"
NAME="AEN4009"
></A
><TABLE
CELLPADDING="3"
@ -9673,7 +9753,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN4015"
NAME="AEN4050"
>6.3. Zone File</A
></H1
><DIV
@ -9694,7 +9774,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN4020"
NAME="AEN4055"
>6.3.1.1. Resource Records</A
></H3
><P
@ -9719,7 +9799,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN4026"
NAME="AEN4061"
></A
><TABLE
CELLPADDING="3"
@ -9800,7 +9880,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN4058"
NAME="AEN4093"
></A
><TABLE
CELLPADDING="3"
@ -10151,7 +10231,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN4210"
NAME="AEN4245"
></A
><TABLE
CELLPADDING="3"
@ -10233,7 +10313,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN4234"
NAME="AEN4269"
>6.3.1.2. Textual expression of RRs</A
></H3
><P
@ -10265,7 +10345,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN4241"
NAME="AEN4276"
></A
><TABLE
CELLPADDING="3"
@ -10420,7 +10500,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN4307"
NAME="AEN4342"
></A
><TABLE
CELLPADDING="3"
@ -10491,7 +10571,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN4335"
NAME="AEN4370"
>6.3.2. Discussion of MX Records</A
></H2
><P
@ -10529,7 +10609,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN4341"
NAME="AEN4376"
></A
><TABLE
CELLPADDING="3"
@ -10750,7 +10830,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN4433"
NAME="AEN4468"
></A
><TABLE
CELLPADDING="3"
@ -10813,7 +10893,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN4456"
NAME="AEN4491"
>6.3.4. Inverse Mapping in IPv4</A
></H2
><P
@ -10842,7 +10922,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN4461"
NAME="AEN4496"
></A
><TABLE
CELLPADDING="3"
@ -10908,7 +10988,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN4483"
NAME="AEN4518"
>6.3.5. Other Zone File Directives</A
></H2
><P
@ -10933,7 +11013,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN4490"
NAME="AEN4525"
>6.3.5.1. The <B
CLASS="command"
>$ORIGIN</B
@ -10999,7 +11079,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN4510"
NAME="AEN4545"
>6.3.5.2. The <B
CLASS="command"
>$INCLUDE</B
@ -11075,7 +11155,7 @@ CLASS="sect3"
><H3
CLASS="sect3"
><A
NAME="AEN4530"
NAME="AEN4565"
>6.3.5.3. The <B
CLASS="command"
>$TTL</B
@ -11111,7 +11191,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN4541"
NAME="AEN4576"
>6.3.6. <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
@ -11194,7 +11274,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN4565"
NAME="AEN4600"
></A
><TABLE
CELLPADDING="3"

8
contrib/bind9/doc/arm/Bv9ARM.ch07.html
View File

@ -89,7 +89,7 @@ HREF="Bv9ARM.ch07.html#Access_Control_Lists"
></DT
><DT
>7.2. <A
HREF="Bv9ARM.ch07.html#AEN4658"
HREF="Bv9ARM.ch07.html#AEN4693"
><B
CLASS="command"
>chroot</B
@ -197,7 +197,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN4658"
NAME="AEN4693"
>7.2. <B
CLASS="command"
>chroot</B
@ -275,7 +275,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN4681"
NAME="AEN4716"
>7.2.1. The <B
CLASS="command"
>chroot</B
@ -351,7 +351,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN4699"
NAME="AEN4734"
>7.2.2. Using the <B
CLASS="command"
>setuid</B

14
contrib/bind9/doc/arm/Bv9ARM.ch08.html
View File

@ -81,17 +81,17 @@ CLASS="TOC"
></DT
><DT
>8.1. <A
HREF="Bv9ARM.ch08.html#AEN4720"
HREF="Bv9ARM.ch08.html#AEN4755"
>Common Problems</A
></DT
><DT
>8.2. <A
HREF="Bv9ARM.ch08.html#AEN4725"
HREF="Bv9ARM.ch08.html#AEN4760"
>Incrementing and Changing the Serial Number</A
></DT
><DT
>8.3. <A
HREF="Bv9ARM.ch08.html#AEN4730"
HREF="Bv9ARM.ch08.html#AEN4765"
>Where Can I Get Help?</A
></DT
></DL
@ -101,7 +101,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN4720"
NAME="AEN4755"
>8.1. Common Problems</A
></H1
><DIV
@ -109,7 +109,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN4722"
NAME="AEN4757"
>8.1.1. It's not working; how can I figure out what's wrong?</A
></H2
><P
@ -125,7 +125,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN4725"
NAME="AEN4760"
>8.2. Incrementing and Changing the Serial Number</A
></H1
><P
@ -154,7 +154,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN4730"
NAME="AEN4765"
>8.3. Where Can I Get Help?</A
></H1
><P

108
contrib/bind9/doc/arm/Bv9ARM.ch09.html
View File

@ -74,7 +74,7 @@ CLASS="TOC"
></DT
><DT
>A.1. <A
HREF="Bv9ARM.ch09.html#AEN4746"
HREF="Bv9ARM.ch09.html#AEN4781"
>Acknowledgments</A
></DT
><DT
@ -97,7 +97,7 @@ CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN4746"
NAME="AEN4781"
>A.1. Acknowledgments</A
></H1
><DIV
@ -105,7 +105,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN4748"
NAME="AEN4783"
>A.1.1. A Brief History of the <ACRONYM
CLASS="acronym"
>DNS</ACRONYM
@ -271,7 +271,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN4784"
NAME="AEN4819"
></A
><TABLE
CELLPADDING="3"
@ -410,7 +410,7 @@ CLASS="informaltable"
><P
></P
><A
NAME="AEN4853"
NAME="AEN4888"
></A
><TABLE
CELLPADDING="3"
@ -608,19 +608,19 @@ TARGET="_top"
</P
><H3
><A
NAME="AEN4921"
NAME="AEN4956"
>Bibliography</A
></H3
><H2
CLASS="bibliodiv"
><A
NAME="AEN4922"
NAME="AEN4957"
>Standards</A
></H2
><DIV
CLASS="biblioentry"
><A
NAME="AEN4924"
NAME="AEN4959"
></A
><P
>[RFC974]&nbsp;<SPAN
@ -637,7 +637,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN4931"
NAME="AEN4966"
></A
><P
>[RFC1034]&nbsp;<SPAN
@ -654,7 +654,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN4938"
NAME="AEN4973"
></A
><P
>[RFC1035]&nbsp;<SPAN
@ -678,7 +678,7 @@ NAME="proposed_standards"
><DIV
CLASS="biblioentry"
><A
NAME="AEN4947"
NAME="AEN4982"
></A
><P
>[RFC2181]&nbsp;<SPAN
@ -698,7 +698,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN4955"
NAME="AEN4990"
></A
><P
>[RFC2308]&nbsp;<SPAN
@ -718,7 +718,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN4963"
NAME="AEN4998"
></A
><P
>[RFC1995]&nbsp;<SPAN
@ -738,7 +738,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN4971"
NAME="AEN5006"
></A
><P
>[RFC1996]&nbsp;<SPAN
@ -755,7 +755,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN4978"
NAME="AEN5013"
></A
><P
>[RFC2136]&nbsp;<SPAN
@ -781,7 +781,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN4995"
NAME="AEN5030"
></A
><P
>[RFC2845]&nbsp;<SPAN
@ -810,13 +810,13 @@ STYLE="margin-left: 0.5in"
><H2
CLASS="bibliodiv"
><A
NAME="AEN5014"
NAME="AEN5049"
>Proposed Standards Still Under Development</A
></H2
><DIV
CLASS="biblioentry"
><A
NAME="AEN5019"
NAME="AEN5054"
></A
><P
>[RFC1886]&nbsp;<SPAN
@ -839,7 +839,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5031"
NAME="AEN5066"
></A
><P
>[RFC2065]&nbsp;<SPAN
@ -859,7 +859,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5043"
NAME="AEN5078"
></A
><P
>[RFC2137]&nbsp;<SPAN
@ -876,7 +876,7 @@ STYLE="margin-left: 0.5in"
><H2
CLASS="bibliodiv"
><A
NAME="AEN5051"
NAME="AEN5086"
>Other Important RFCs About <ACRONYM
CLASS="acronym"
>DNS</ACRONYM
@ -885,7 +885,7 @@ CLASS="acronym"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5054"
NAME="AEN5089"
></A
><P
>[RFC1535]&nbsp;<SPAN
@ -905,7 +905,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5062"
NAME="AEN5097"
></A
><P
>[RFC1536]&nbsp;<SPAN
@ -937,7 +937,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5083"
NAME="AEN5118"
></A
><P
>[RFC1982]&nbsp;<SPAN
@ -957,13 +957,13 @@ STYLE="margin-left: 0.5in"
><H2
CLASS="bibliodiv"
><A
NAME="AEN5094"
NAME="AEN5129"
>Resource Record Types</A
></H2
><DIV
CLASS="biblioentry"
><A
NAME="AEN5096"
NAME="AEN5131"
></A
><P
>[RFC1183]&nbsp;<SPAN
@ -992,7 +992,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5114"
NAME="AEN5149"
></A
><P
>[RFC1706]&nbsp;<SPAN
@ -1015,7 +1015,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5126"
NAME="AEN5161"
></A
><P
>[RFC2168]&nbsp;<SPAN
@ -1036,7 +1036,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5137"
NAME="AEN5172"
></A
><P
>[RFC1876]&nbsp;<SPAN
@ -1063,7 +1063,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5154"
NAME="AEN5189"
></A
><P
>[RFC2052]&nbsp;<SPAN
@ -1087,7 +1087,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5166"
NAME="AEN5201"
></A
><P
>[RFC2163]&nbsp;<SPAN
@ -1108,7 +1108,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5174"
NAME="AEN5209"
></A
><P
>[RFC2230]&nbsp;<SPAN
@ -1128,7 +1128,7 @@ STYLE="margin-left: 0.5in"
><H2
CLASS="bibliodiv"
><A
NAME="AEN5182"
NAME="AEN5217"
><ACRONYM
CLASS="acronym"
>DNS</ACRONYM
@ -1137,7 +1137,7 @@ CLASS="acronym"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5185"
NAME="AEN5220"
></A
><P
>[RFC1101]&nbsp;<SPAN
@ -1157,7 +1157,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5193"
NAME="AEN5228"
></A
><P
>[RFC1123]&nbsp;<SPAN
@ -1174,7 +1174,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5200"
NAME="AEN5235"
></A
><P
>[RFC1591]&nbsp;<SPAN
@ -1191,7 +1191,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5207"
NAME="AEN5242"
></A
><P
>[RFC2317]&nbsp;<SPAN
@ -1214,7 +1214,7 @@ STYLE="margin-left: 0.5in"
><H2
CLASS="bibliodiv"
><A
NAME="AEN5221"
NAME="AEN5256"
><ACRONYM
CLASS="acronym"
>DNS</ACRONYM
@ -1223,7 +1223,7 @@ CLASS="acronym"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5224"
NAME="AEN5259"
></A
><P
>[RFC1537]&nbsp;<SPAN
@ -1243,7 +1243,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5232"
NAME="AEN5267"
></A
><P
>[RFC1912]&nbsp;<SPAN
@ -1263,7 +1263,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5240"
NAME="AEN5275"
></A
><P
>[RFC2010]&nbsp;<SPAN
@ -1283,7 +1283,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5251"
NAME="AEN5286"
></A
><P
>[RFC2219]&nbsp;<SPAN
@ -1306,7 +1306,7 @@ STYLE="margin-left: 0.5in"
><H2
CLASS="bibliodiv"
><A
NAME="AEN5263"
NAME="AEN5298"
>Other <ACRONYM
CLASS="acronym"
>DNS</ACRONYM
@ -1315,7 +1315,7 @@ CLASS="acronym"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5269"
NAME="AEN5304"
></A
><P
>[RFC1464]&nbsp;<SPAN
@ -1332,7 +1332,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5276"
NAME="AEN5311"
></A
><P
>[RFC1713]&nbsp;<SPAN
@ -1352,7 +1352,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5284"
NAME="AEN5319"
></A
><P
>[RFC1794]&nbsp;<SPAN
@ -1372,7 +1372,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5292"
NAME="AEN5327"
></A
><P
>[RFC2240]&nbsp;<SPAN
@ -1389,7 +1389,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5299"
NAME="AEN5334"
></A
><P
>[RFC2345]&nbsp;<SPAN
@ -1412,7 +1412,7 @@ STYLE="margin-left: 0.5in"
><DIV
CLASS="biblioentry"
><A
NAME="AEN5313"
NAME="AEN5348"
></A
><P
>[RFC2352]&nbsp;<SPAN
@ -1429,13 +1429,13 @@ STYLE="margin-left: 0.5in"
><H2
CLASS="bibliodiv"
><A
NAME="AEN5320"
NAME="AEN5355"
>Obsolete and Unimplemented Experimental RRs</A
></H2
><DIV
CLASS="biblioentry"
><A
NAME="AEN5322"
NAME="AEN5357"
></A
><P
>[RFC1712]&nbsp;<SPAN
@ -1486,7 +1486,7 @@ CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN5343"
NAME="AEN5378"
>A.3.3. Other Documents About <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
@ -1496,13 +1496,13 @@ CLASS="acronym"
></P
><H3
><A
NAME="AEN5347"
NAME="AEN5382"
>Bibliography</A
></H3
><DIV
CLASS="biblioentry"
><A
NAME="AEN5348"
NAME="AEN5383"
></A
><P
><SPAN

100
contrib/bind9/doc/arm/Bv9ARM.html
View File

@ -191,7 +191,7 @@ HREF="Bv9ARM.ch03.html#AEN347"
></DT
><DT
>3.3.2. <A
HREF="Bv9ARM.ch03.html#AEN679"
HREF="Bv9ARM.ch03.html#AEN689"
>Signals</A
></DT
></DL
@ -231,7 +231,7 @@ HREF="Bv9ARM.ch04.html#incremental_zone_transfers"
></DT
><DT
>4.4. <A
HREF="Bv9ARM.ch04.html#AEN757"
HREF="Bv9ARM.ch04.html#AEN767"
>Split DNS</A
></DT
><DT
@ -243,44 +243,44 @@ HREF="Bv9ARM.ch04.html#tsig"
><DL
><DT
>4.5.1. <A
HREF="Bv9ARM.ch04.html#AEN848"
HREF="Bv9ARM.ch04.html#AEN858"
>Generate Shared Keys for Each Pair of Hosts</A
></DT
><DT
>4.5.2. <A
HREF="Bv9ARM.ch04.html#AEN869"
HREF="Bv9ARM.ch04.html#AEN879"
>Copying the Shared Secret to Both Machines</A
></DT
><DT
>4.5.3. <A
HREF="Bv9ARM.ch04.html#AEN872"
HREF="Bv9ARM.ch04.html#AEN882"
>Informing the Servers of the Key's Existence</A
></DT
><DT
>4.5.4. <A
HREF="Bv9ARM.ch04.html#AEN884"
HREF="Bv9ARM.ch04.html#AEN894"
>Instructing the Server to Use the Key</A
></DT
><DT
>4.5.5. <A
HREF="Bv9ARM.ch04.html#AEN900"
HREF="Bv9ARM.ch04.html#AEN910"
>TSIG Key Based Access Control</A
></DT
><DT
>4.5.6. <A
HREF="Bv9ARM.ch04.html#AEN913"
HREF="Bv9ARM.ch04.html#AEN923"
>Errors</A
></DT
></DL
></DD
><DT
>4.6. <A
HREF="Bv9ARM.ch04.html#AEN917"
HREF="Bv9ARM.ch04.html#AEN927"
>TKEY</A
></DT
><DT
>4.7. <A
HREF="Bv9ARM.ch04.html#AEN932"
HREF="Bv9ARM.ch04.html#AEN942"
>SIG(0)</A
></DT
><DT
@ -292,24 +292,24 @@ HREF="Bv9ARM.ch04.html#DNSSEC"
><DL
><DT
>4.8.1. <A
HREF="Bv9ARM.ch04.html#AEN952"
HREF="Bv9ARM.ch04.html#AEN962"
>Generating Keys</A
></DT
><DT
>4.8.2. <A
HREF="Bv9ARM.ch04.html#AEN972"
HREF="Bv9ARM.ch04.html#AEN982"
>Signing the Zone</A
></DT
><DT
>4.8.3. <A
HREF="Bv9ARM.ch04.html#AEN994"
HREF="Bv9ARM.ch04.html#AEN1004"
>Configuring Servers</A
></DT
></DL
></DD
><DT
>4.9. <A
HREF="Bv9ARM.ch04.html#AEN1001"
HREF="Bv9ARM.ch04.html#AEN1011"
>IPv6 Support in <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
@ -319,12 +319,12 @@ CLASS="acronym"
><DL
><DT
>4.9.1. <A
HREF="Bv9ARM.ch04.html#AEN1019"
HREF="Bv9ARM.ch04.html#AEN1029"
>Address Lookups Using AAAA Records</A
></DT
><DT
>4.9.2. <A
HREF="Bv9ARM.ch04.html#AEN1025"
HREF="Bv9ARM.ch04.html#AEN1035"
>Address to Name Lookups Using Nibble Format</A
></DT
></DL
@ -343,7 +343,7 @@ CLASS="acronym"
><DL
><DT
>5.1. <A
HREF="Bv9ARM.ch05.html#AEN1034"
HREF="Bv9ARM.ch05.html#AEN1044"
>The Lightweight Resolver Library</A
></DT
><DT
@ -377,7 +377,7 @@ HREF="Bv9ARM.ch06.html#address_match_lists"
></DT
><DT
>6.1.2. <A
HREF="Bv9ARM.ch06.html#AEN1280"
HREF="Bv9ARM.ch06.html#AEN1290"
>Comment Syntax</A
></DT
></DL
@ -391,7 +391,7 @@ HREF="Bv9ARM.ch06.html#Configuration_File_Grammar"
><DL
><DT
>6.2.1. <A
HREF="Bv9ARM.ch06.html#AEN1401"
HREF="Bv9ARM.ch06.html#AEN1411"
><B
CLASS="command"
>acl</B
@ -408,7 +408,7 @@ Usage</A
></DT
><DT
>6.2.3. <A
HREF="Bv9ARM.ch06.html#AEN1445"
HREF="Bv9ARM.ch06.html#AEN1455"
><B
CLASS="command"
>controls</B
@ -424,7 +424,7 @@ CLASS="command"
></DT
><DT
>6.2.5. <A
HREF="Bv9ARM.ch06.html#AEN1524"
HREF="Bv9ARM.ch06.html#AEN1534"
><B
CLASS="command"
>include</B
@ -432,7 +432,7 @@ CLASS="command"
></DT
><DT
>6.2.6. <A
HREF="Bv9ARM.ch06.html#AEN1529"
HREF="Bv9ARM.ch06.html#AEN1539"
><B
CLASS="command"
>include</B
@ -440,7 +440,7 @@ CLASS="command"
></DT
><DT
>6.2.7. <A
HREF="Bv9ARM.ch06.html#AEN1536"
HREF="Bv9ARM.ch06.html#AEN1546"
><B
CLASS="command"
>key</B
@ -448,7 +448,7 @@ CLASS="command"
></DT
><DT
>6.2.8. <A
HREF="Bv9ARM.ch06.html#AEN1543"
HREF="Bv9ARM.ch06.html#AEN1553"
><B
CLASS="command"
>key</B
@ -456,7 +456,7 @@ CLASS="command"
></DT
><DT
>6.2.9. <A
HREF="Bv9ARM.ch06.html#AEN1563"
HREF="Bv9ARM.ch06.html#AEN1573"
><B
CLASS="command"
>logging</B
@ -464,7 +464,7 @@ CLASS="command"
></DT
><DT
>6.2.10. <A
HREF="Bv9ARM.ch06.html#AEN1603"
HREF="Bv9ARM.ch06.html#AEN1613"
><B
CLASS="command"
>logging</B
@ -472,7 +472,7 @@ CLASS="command"
></DT
><DT
>6.2.11. <A
HREF="Bv9ARM.ch06.html#AEN1873"
HREF="Bv9ARM.ch06.html#AEN1883"
><B
CLASS="command"
>lwres</B
@ -480,7 +480,7 @@ CLASS="command"
></DT
><DT
>6.2.12. <A
HREF="Bv9ARM.ch06.html#AEN1897"
HREF="Bv9ARM.ch06.html#AEN1907"
><B
CLASS="command"
>lwres</B
@ -488,7 +488,7 @@ CLASS="command"
></DT
><DT
>6.2.13. <A
HREF="Bv9ARM.ch06.html#AEN1916"
HREF="Bv9ARM.ch06.html#AEN1926"
><B
CLASS="command"
>masters</B
@ -496,7 +496,7 @@ CLASS="command"
></DT
><DT
>6.2.14. <A
HREF="Bv9ARM.ch06.html#AEN1931"
HREF="Bv9ARM.ch06.html#AEN1941"
><B
CLASS="command"
>masters</B
@ -504,7 +504,7 @@ CLASS="command"
></DT
><DT
>6.2.15. <A
HREF="Bv9ARM.ch06.html#AEN1936"
HREF="Bv9ARM.ch06.html#AEN1946"
><B
CLASS="command"
>options</B
@ -536,7 +536,7 @@ CLASS="command"
></DT
><DT
>6.2.19. <A
HREF="Bv9ARM.ch06.html#AEN3402"
HREF="Bv9ARM.ch06.html#AEN3433"
><B
CLASS="command"
>trusted-keys</B
@ -544,7 +544,7 @@ CLASS="command"
></DT
><DT
>6.2.20. <A
HREF="Bv9ARM.ch06.html#AEN3418"
HREF="Bv9ARM.ch06.html#AEN3449"
><B
CLASS="command"
>trusted-keys</B
@ -561,7 +561,7 @@ CLASS="command"
></DT
><DT
>6.2.22. <A
HREF="Bv9ARM.ch06.html#AEN3440"
HREF="Bv9ARM.ch06.html#AEN3471"
><B
CLASS="command"
>view</B
@ -578,7 +578,7 @@ Statement Grammar</A
></DT
><DT
>6.2.24. <A
HREF="Bv9ARM.ch06.html#AEN3614"
HREF="Bv9ARM.ch06.html#AEN3645"
><B
CLASS="command"
>zone</B
@ -588,7 +588,7 @@ CLASS="command"
></DD
><DT
>6.3. <A
HREF="Bv9ARM.ch06.html#AEN4015"
HREF="Bv9ARM.ch06.html#AEN4050"
>Zone File</A
></DT
><DD
@ -600,7 +600,7 @@ HREF="Bv9ARM.ch06.html#types_of_resource_records_and_when_to_use_them"
></DT
><DT
>6.3.2. <A
HREF="Bv9ARM.ch06.html#AEN4335"
HREF="Bv9ARM.ch06.html#AEN4370"
>Discussion of MX Records</A
></DT
><DT
@ -610,17 +610,17 @@ HREF="Bv9ARM.ch06.html#Setting_TTLs"
></DT
><DT
>6.3.4. <A
HREF="Bv9ARM.ch06.html#AEN4456"
HREF="Bv9ARM.ch06.html#AEN4491"
>Inverse Mapping in IPv4</A
></DT
><DT
>6.3.5. <A
HREF="Bv9ARM.ch06.html#AEN4483"
HREF="Bv9ARM.ch06.html#AEN4518"
>Other Zone File Directives</A
></DT
><DT
>6.3.6. <A
HREF="Bv9ARM.ch06.html#AEN4541"
HREF="Bv9ARM.ch06.html#AEN4576"
><ACRONYM
CLASS="acronym"
>BIND</ACRONYM
@ -650,7 +650,7 @@ HREF="Bv9ARM.ch07.html#Access_Control_Lists"
></DT
><DT
>7.2. <A
HREF="Bv9ARM.ch07.html#AEN4658"
HREF="Bv9ARM.ch07.html#AEN4693"
><B
CLASS="command"
>chroot</B
@ -664,7 +664,7 @@ UNIX servers)</A
><DL
><DT
>7.2.1. <A
HREF="Bv9ARM.ch07.html#AEN4681"
HREF="Bv9ARM.ch07.html#AEN4716"
>The <B
CLASS="command"
>chroot</B
@ -672,7 +672,7 @@ CLASS="command"
></DT
><DT
>7.2.2. <A
HREF="Bv9ARM.ch07.html#AEN4699"
HREF="Bv9ARM.ch07.html#AEN4734"
>Using the <B
CLASS="command"
>setuid</B
@ -696,26 +696,26 @@ HREF="Bv9ARM.ch08.html"
><DL
><DT
>8.1. <A
HREF="Bv9ARM.ch08.html#AEN4720"
HREF="Bv9ARM.ch08.html#AEN4755"
>Common Problems</A
></DT
><DD
><DL
><DT
>8.1.1. <A
HREF="Bv9ARM.ch08.html#AEN4722"
HREF="Bv9ARM.ch08.html#AEN4757"
>It's not working; how can I figure out what's wrong?</A
></DT
></DL
></DD
><DT
>8.2. <A
HREF="Bv9ARM.ch08.html#AEN4725"
HREF="Bv9ARM.ch08.html#AEN4760"
>Incrementing and Changing the Serial Number</A
></DT
><DT
>8.3. <A
HREF="Bv9ARM.ch08.html#AEN4730"
HREF="Bv9ARM.ch08.html#AEN4765"
>Where Can I Get Help?</A
></DT
></DL
@ -729,14 +729,14 @@ HREF="Bv9ARM.ch09.html"
><DL
><DT
>A.1. <A
HREF="Bv9ARM.ch09.html#AEN4746"
HREF="Bv9ARM.ch09.html#AEN4781"
>Acknowledgments</A
></DT
><DD
><DL
><DT
>A.1.1. <A
HREF="Bv9ARM.ch09.html#AEN4748"
HREF="Bv9ARM.ch09.html#AEN4783"
>A Brief History of the <ACRONYM
CLASS="acronym"
>DNS</ACRONYM
@ -783,7 +783,7 @@ HREF="Bv9ARM.ch09.html#internet_drafts"
></DT
><DT
>A.3.3. <A
HREF="Bv9ARM.ch09.html#AEN5343"
HREF="Bv9ARM.ch09.html#AEN5378"
>Other Documents About <ACRONYM
CLASS="acronym"
>BIND</ACRONYM

11
contrib/bind9/doc/misc/migration
View File

@ -119,6 +119,15 @@ line.
$GENERATE: The "$$" construct for getting a literal $ into a domain
name is deprecated. Use \$ instead.
2.6. TXT records are no longer automatically split.
Some versions of BIND accepted strings in TXT RDATA consisting of more
than 255 characters and silently split them to be able to encode the
strings in a protocol conformant way. You may now see errors like this
dns_rdata_fromtext: local.db:119: ran out of space
if you have TXT RRs with too longs strings. Make sure to split the
string in the zone data file at or before a single one reaches 255
characters.
3. Interoperability Impact of New Protocol Features
@ -243,4 +252,4 @@ necessary, the umask should be set explicitly in the script used to
start the named process.
$Id: migration,v 1.37.2.3.2.2 2004/03/06 13:16:19 marka Exp $
$Id: migration,v 1.37.2.3.2.3 2004/11/22 22:33:09 marka Exp $

1
contrib/bind9/doc/misc/options
View File

@ -16,6 +16,7 @@ options {
has-old-clients <boolean>; // obsolete
heartbeat-interval <integer>;
host-statistics <boolean>; // not implemented
host-statistics-max <integer>; // not implemented
hostname ( <quoted_string> | none );
interface-interval <integer>;
listen-on [ port <integer> ] { <address_match_element>; ... };

12
contrib/bind9/lib/bind/Makefile.in
View File

@ -13,12 +13,16 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.12.2.5.2.5 2004/07/20 07:01:56 marka Exp $
# $Id: Makefile.in,v 1.12.2.5.2.7 2004/12/09 04:07:14 marka Exp $
srcdir = @srcdir@
VPATH = @srcdir@
top_srcdir = @top_srcdir@
# Attempt to disable parallel processing.
.NOTPARALLEL:
.NO_PARALLEL:
@LIBBIND_API@
LIBS = @LIBS@
@ -40,8 +44,8 @@ INETOBJS= inet/inet_addr.@O@ inet/inet_cidr_ntop.@O@ inet/inet_cidr_pton.@O@ \
inet/inet_netof.@O@ inet/inet_network.@O@ inet/inet_ntoa.@O@ \
inet/inet_ntop.@O@ inet/inet_pton.@O@ inet/nsap_addr.@O@
WANT_IRS_THREADS_OBJS= irs/gethostent_r.@O@ irs/getnetgrent_r.@O@ \
irs/getprotoent_r.@O@ irs/getservent_r.@O@
WANT_IRS_THREADS_OBJS= irs/gethostent_r.@O@ irs/getnetent_r.@O@ \
irs/getnetgrent_r.@O@ irs/getprotoent_r.@O@ irs/getservent_r.@O@
WANT_IRS_NISGR_OBJS= irs/nis_gr.@O@
WANT_IRS_GR_OBJS= irs/dns_gr.@O@ irs/irp_gr.@O@ irs/lcl_gr.@O@ irs/gen_gr.@O@ \
@ -62,7 +66,7 @@ IRSOBJS= @WANT_IRS_GR_OBJS@ @WANT_IRS_NIS_OBJS@ @WANT_IRS_THREADS_OBJS@ \
irs/dns_sv.@O@ irs/gai_strerror.@O@ irs/gen.@O@ irs/gen_ho.@O@ \
irs/gen_ng.@O@ irs/gen_nw.@O@ irs/gen_pr.@O@ irs/gen_sv.@O@ \
irs/getaddrinfo.@O@ irs/gethostent.@O@ irs/getnameinfo.@O@ \
irs/getnetent.@O@ irs/getnetent_r.@O@ irs/getnetgrent.@O@ \
irs/getnetent.@O@ irs/getnetgrent.@O@ \
irs/getprotoent.@O@ irs/getservent.@O@ irs/hesiod.@O@ \
irs/irp.@O@ irs/irp_ho.@O@ irs/irp_ng.@O@ irs/irp_nw.@O@ \
irs/irp_pr.@O@ irs/irp_sv.@O@ irs/irpmarshall.@O@ irs/irs_data.@O@ \

2
contrib/bind9/lib/bind/aclocal.m4 vendored
View File

@ -1,2 +1,2 @@
sinclude(./libtool.m4)dnl
sinclude(../../libtool.m4)dnl

2
contrib/bind9/lib/bind/api
View File

@ -1,3 +1,3 @@
LIBINTERFACE = 3
LIBREVISION = 7
LIBREVISION = 8
LIBAGE = 0

8
contrib/bind9/lib/bind/config.h.in
View File

@ -43,3 +43,11 @@ extern __inline int __sputaux(int _c, struct __sFILE *_p);
#endif
#undef BROKEN_IN6ADDR_INIT_MACROS
#undef HAVE_STRLCAT
/* Shut up warnings about missing braces */
#undef SHUTUP_MUTEX_INITIALIZER
#ifdef SHUTUP_MUTEX_INITIALIZER
#define LIBBIND_MUTEX_INITIALIZER { PTHREAD_MUTEX_INITIALIZER }
#else
#define LIBBIND_MUTEX_INITIALIZER PTHREAD_MUTEX_INITIALIZER
#endif

772
contrib/bind9/lib/bind/configure vendored
View File

File diff suppressed because it is too large Load Diff

30
contrib/bind9/lib/bind/configure.in
View File

@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
AC_REVISION($Revision: 1.83.2.5.2.3 $)
AC_REVISION($Revision: 1.83.2.5.2.10 $)
AC_INIT(resolv/herror.c)
AC_PREREQ(2.13)
@ -508,6 +508,7 @@ then
WANT_IRS_THREADSGR_OBJS="\${WANT_IRS_THREADSGR_OBJS}"
WANT_IRS_THREADSPW_OBJS="\${WANT_IRS_THREADSPW_OBJS}"
WANT_IRS_THREADS_OBJS="\${WANT_IRS_THREADS_OBJS}"
WANT_THREADS_OBJS="\${WANT_THREADS_OBJS}"
thread_dir=pthreads
else
ALWAYS_DEFINES=""
@ -515,6 +516,7 @@ else
WANT_IRS_THREADSGR_OBJS=""
WANT_IRS_THREADSPW_OBJS=""
WANT_IRS_THREADS_OBJS=""
WANT_THREADS_OBJS=""
thread_dir=nothreads
fi
@ -525,6 +527,7 @@ AC_SUBST(DO_PTHREADS)
AC_SUBST(WANT_IRS_THREADSGR_OBJS)
AC_SUBST(WANT_IRS_THREADSPW_OBJS)
AC_SUBST(WANT_IRS_THREADS_OBJS)
AC_SUBST(WANT_THREADS_OBJS)
AC_CHECK_FUNC(if_nametoindex,
[USE_IFNAMELINKID="#define USE_IFNAMELINKID 1"],
@ -1075,6 +1078,7 @@ USE_FIONBIO_IOCTL="#undef USE_FIONBIO_IOCTL"
case "$host" in
*aix3.2*) PORT_DIR="port/aix32";;
*aix4*) PORT_DIR="port/aix4";;
*aix5*) PORT_DIR="port/aix5";;
*aux3*) PORT_DIR="port/aux3";;
*-bsdi2*) PORT_DIR="port/bsdos2";;
*-bsdi*) PORT_DIR="port/bsdos";;
@ -2298,11 +2302,13 @@ AC_SUBST(INNETGR_ARGS)
# Random remaining OS-specific issues involving compiler warnings.
# XXXDCL print messages to indicate some compensation is being done?
#
AC_SUBST(ISC_PLATFORM_BRACEPTHREADONCEINIT)
ISC_PLATFORM_BRACEPTHREADONCEINIT="#undef ISC_PLATFORM_BRACEPTHREADONCEINIT"
BROKEN_IN6ADDR_INIT_MACROS="#undef BROKEN_IN6ADDR_INIT_MACROS"
case "$host" in
*-aix5.1.*)
hack_shutup_pthreadmutexinit=yes
hack_shutup_in6addr_init_macros=yes
;;
*-bsdi3.1*)
hack_shutup_sputaux=yes
;;
@ -2314,18 +2320,28 @@ case "$host" in
*-bsdi4.1*)
hack_shutup_stdargcast=yes
;;
*-hpux11.11)
hack_shutup_in6addr_init_macros=yes
;;
*-osf5.1|*-osf5.1b)
hack_shutup_in6addr_init_macros=yes
;;
*-solaris2.8)
hack_shutup_pthreadonceinit=yes
hack_shutup_pthreadmutexinit=yes
hack_shutup_in6addr_init_macros=yes
;;
*-solaris2.9)
hack_shutup_in6addr_init_macros=yes
;;
esac
case "$hack_shutup_pthreadonceinit" in
case "$hack_shutup_pthreadmutexinit" in
yes)
#
# Shut up PTHREAD_ONCE_INIT unbraced initializer warnings.
# Shut up PTHREAD_MUTEX_INITIALIZER unbraced
# initializer warnings.
#
ISC_PLATFORM_BRACEPTHREADONCEINIT="#define ISC_PLATFORM_BRACEPTHREADONCEINIT 1"
AC_DEFINE(SHUTUP_MUTEX_INITIALIZER)
;;
esac

7
contrib/bind9/lib/bind/dst/dst_api.c
View File

@ -1,5 +1,5 @@
#ifndef LINT
static const char rcsid[] = "$Header: /proj/cvs/prod/bind9/lib/bind/dst/dst_api.c,v 1.4.2.6 2002/07/12 00:17:19 marka Exp $";
static const char rcsid[] = "$Header: /proj/cvs/prod/bind9/lib/bind/dst/dst_api.c,v 1.4.2.6.8.1 2004/09/16 00:57:33 marka Exp $";
#endif
/*
@ -861,7 +861,8 @@ dst_s_read_private_key_file(char *name, DST_KEY *pk_key, u_int16_t in_id,
len = cnt;
p = in_buff;
if (!dst_s_verify_str((const char **) &p, "Private-key-format: v")) {
if (!dst_s_verify_str((const char **) (void *)&p,
"Private-key-format: v")) {
EREPORT(("dst_s_read_private_key_file(): Not a Key file/Decrypt failed %s\n", name));
goto fail;
}
@ -879,7 +880,7 @@ dst_s_read_private_key_file(char *name, DST_KEY *pk_key, u_int16_t in_id,
while (*p++ != '\n') ; /* skip to end of line */
if (!dst_s_verify_str((const char **) &p, "Algorithm: "))
if (!dst_s_verify_str((const char **) (void *)&p, "Algorithm: "))
goto fail;
if (sscanf((char *)p, "%d", &alg) != 1)

5
contrib/bind9/lib/bind/include/netdb.h
View File

@ -86,7 +86,7 @@
/*
* @(#)netdb.h 8.1 (Berkeley) 6/2/93
* $Id: netdb.h,v 1.12.2.1.4.4 2004/03/16 02:19:19 marka Exp $
* $Id: netdb.h,v 1.12.2.1.4.5 2004/11/30 01:15:42 marka Exp $
*/
#ifndef _NETDB_H_
@ -527,6 +527,9 @@ void endservent_r __P((void));
#ifdef __GLIBC__
int getnetgrent_r __P((char **, char **, char **, char *, size_t));
#endif
#ifdef _AIX
int setnetgrent_r __P((char *, void **));
#endif
#endif
#endif

14
contrib/bind9/lib/bind/inet/inet_makeaddr.c
View File

@ -51,16 +51,16 @@ struct in_addr
inet_makeaddr(net, host)
u_long net, host;
{
u_long addr;
struct in_addr a;
if (net < 128U)
addr = (net << IN_CLASSA_NSHIFT) | (host & IN_CLASSA_HOST);
a.s_addr = (net << IN_CLASSA_NSHIFT) | (host & IN_CLASSA_HOST);
else if (net < 65536U)
addr = (net << IN_CLASSB_NSHIFT) | (host & IN_CLASSB_HOST);
a.s_addr = (net << IN_CLASSB_NSHIFT) | (host & IN_CLASSB_HOST);
else if (net < 16777216L)
addr = (net << IN_CLASSC_NSHIFT) | (host & IN_CLASSC_HOST);
a.s_addr = (net << IN_CLASSC_NSHIFT) | (host & IN_CLASSC_HOST);
else
addr = net | host;
addr = htonl(addr);
return (*(struct in_addr *)&addr);
a.s_addr = net | host;
a.s_addr = htonl(a.s_addr);
return (a);
}

6
contrib/bind9/lib/bind/irs/Makefile.in
View File

@ -13,12 +13,12 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.7.206.1 2004/03/06 08:13:23 marka Exp $
# $Id: Makefile.in,v 1.7.206.3 2004/12/07 00:38:35 marka Exp $
srcdir= @srcdir@
VPATH = @srcdir@
WANT_IRS_THREADS_OBJS= gethostent_r.@O@ getnetgrent_r.@O@ \
WANT_IRS_THREADS_OBJS= gethostent_r.@O@ getnetent_r.@O@ getnetgrent_r.@O@ \
getprotoent_r.@O@ getservent_r.@O@
WANT_IRS_NISGR_OBJS= nis_gr.@O@
@ -40,7 +40,7 @@ OBJS= @WANT_IRS_GR_OBJS@ @WANT_IRS_NIS_OBJS@ @WANT_IRS_THREADS_OBJS@ \
dns_sv.@O@ gai_strerror.@O@ gen.@O@ gen_ho.@O@ \
gen_ng.@O@ gen_nw.@O@ gen_pr.@O@ gen_sv.@O@ \
getaddrinfo.@O@ gethostent.@O@ \
getnameinfo.@O@ getnetent.@O@ getnetent_r.@O@ \
getnameinfo.@O@ getnetent.@O@ \
getnetgrent.@O@ getprotoent.@O@ getservent.@O@ \
hesiod.@O@ irp.@O@ irp_ho.@O@ irp_ng.@O@ irp_nw.@O@ \
irp_pr.@O@ irp_sv.@O@ irpmarshall.@O@ irs_data.@O@ \

4
contrib/bind9/lib/bind/irs/dns_nw.c
View File

@ -16,7 +16,7 @@
*/
#if defined(LIBC_SCCS) && !defined(lint)
static const char rcsid[] = "$Id: dns_nw.c,v 1.3.2.4.4.3 2004/05/17 07:48:56 marka Exp $";
static const char rcsid[] = "$Id: dns_nw.c,v 1.3.2.4.4.4 2004/09/16 00:57:34 marka Exp $";
#endif /* LIBC_SCCS and not lint */
/* Imports. */
@ -569,7 +569,7 @@ normalize_name(char *name) {
/* Make lower case. */
for (t = name; *t; t++)
if (isascii((unsigned char)*t) && isupper((unsigned char)*t))
*t = tolower(*t);
*t = tolower((*t)&0xff);
/* Remove trailing dots. */
while (t > name && t[-1] == '.')

5
contrib/bind9/lib/bind/irs/gai_strerror.c
View File

@ -52,7 +52,10 @@ gai_strerror(int ecode) {
#ifndef DO_PTHREADS
static char buf[EAI_BUFSIZE];
#else /* DO_PTHREADS */
static pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
#ifndef LIBBIND_MUTEX_INITIALIZER
#define LIBBIND_MUTEX_INITIALIZER PTHREAD_MUTEX_INITIALIZER
#endif
static pthread_mutex_t lock = LIBBIND_MUTEX_INITIALIZER;
static pthread_key_t key;
static int once = 0;
char *buf;

8
contrib/bind9/lib/bind/irs/gen.c
View File

@ -16,7 +16,7 @@
*/
#if !defined(LINT) && !defined(CODECENTER)
static const char rcsid[] = "$Id: gen.c,v 1.3.206.2 2004/03/17 00:29:48 marka Exp $";
static const char rcsid[] = "$Id: gen.c,v 1.3.206.3 2004/09/16 00:57:34 marka Exp $";
#endif
/*
@ -391,8 +391,10 @@ init_map_rules(struct gen_p *irs, const char *conf_file) {
default_map_rules(irs);
return;
}
(void) sprintf(pattern, "%%%ds %%%ds %%%ds\n",
sizeof mapname, sizeof accname, sizeof options);
(void) sprintf(pattern, "%%%lus %%%lus %%%lus\n",
(unsigned long)sizeof mapname,
(unsigned long)sizeof accname,
(unsigned long)sizeof options);
while (fgets(line, sizeof line, conf)) {
enum irs_map_id map;
enum irs_acc_id acc;

3
contrib/bind9/lib/bind/irs/getnetgrent_r.c
View File

@ -16,7 +16,7 @@
*/
#if defined(LIBC_SCCS) && !defined(lint)
static const char rcsid[] = "$Id: getnetgrent_r.c,v 1.5.2.1.4.2 2004/04/13 04:59:29 marka Exp $";
static const char rcsid[] = "$Id: getnetgrent_r.c,v 1.5.2.1.4.3 2004/11/30 01:15:43 marka Exp $";
#endif /* LIBC_SCCS and not lint */
#include <port_before.h>
@ -29,7 +29,6 @@ static const char rcsid[] = "$Id: getnetgrent_r.c,v 1.5.2.1.4.2 2004/04/13 04:59
#include <sys/types.h>
#include <netinet/in.h>
#include <netdb.h>
#include <netgroup.h>
#include <stdlib.h>
#include <port_after.h>

6
contrib/bind9/lib/bind/irs/getpwent_r.c
View File

@ -16,7 +16,7 @@
*/
#if defined(LIBC_SCCS) && !defined(lint)
static const char rcsid[] = "$Id: getpwent_r.c,v 1.5.206.1 2004/03/09 08:33:36 marka Exp $";
static const char rcsid[] = "$Id: getpwent_r.c,v 1.5.206.2 2004/09/17 13:32:37 marka Exp $";
#endif /* LIBC_SCCS and not lint */
#include <port_before.h>
@ -130,7 +130,7 @@ getpwuid_r(uid_t uid, struct passwd *pwptr, char *buf, int buflen) {
PASS_R_RETURN
getpwent_r(struct passwd *pwptr, PASS_R_ARGS) {
struct passwd *pw = getpwent();
int res;
int res = 0;
if (pw == NULL)
return (PASS_R_BAD);
@ -184,7 +184,7 @@ endpwent_r(void)
PASS_R_RETURN
fgetpwent_r(FILE *f, struct passwd *pwptr, PASS_R_COPY_ARGS) {
struct passwd *pw = fgetpwent(f);
int res;
int res = 0;
if (pw == NULL)
return (PASS_R_BAD);

7
contrib/bind9/lib/bind/irs/irs_data.c
View File

@ -16,7 +16,7 @@
*/
#if !defined(LINT) && !defined(CODECENTER)
static const char rcsid[] = "$Id: irs_data.c,v 1.3.2.2.4.2 2004/03/17 00:29:49 marka Exp $";
static const char rcsid[] = "$Id: irs_data.c,v 1.3.2.2.4.3 2004/11/30 01:15:43 marka Exp $";
#endif
#include "port_before.h"
@ -121,7 +121,10 @@ net_data_destroy(void *p) {
struct net_data *
net_data_init(const char *conf_file) {
#ifdef DO_PTHREADS
static pthread_mutex_t keylock = PTHREAD_MUTEX_INITIALIZER;
#ifndef LIBBIND_MUTEX_INITIALIZER
#define LIBBIND_MUTEX_INITIALIZER PTHREAD_MUTEX_INITIALIZER
#endif
static pthread_mutex_t keylock = LIBBIND_MUTEX_INITIALIZER;
struct net_data *net_data;
if (!once) {

6
contrib/bind9/lib/bind/isc/eventlib.c
View File

@ -20,7 +20,7 @@
*/
#if !defined(LINT) && !defined(CODECENTER)
static const char rcsid[] = "$Id: eventlib.c,v 1.2.2.1.4.2 2004/03/17 01:49:41 marka Exp $";
static const char rcsid[] = "$Id: eventlib.c,v 1.2.2.1.4.4 2004/12/09 04:07:15 marka Exp $";
#endif
#include "port_before.h"
@ -42,6 +42,8 @@ static const char rcsid[] = "$Id: eventlib.c,v 1.2.2.1.4.2 2004/03/17 01:49:41 m
#include "port_after.h"
int __evOptMonoTime;
/* Forward. */
#ifdef NEED_PSELECT
@ -50,6 +52,8 @@ static int pselect(int, void *, void *, void *,
const sigset_t *);
#endif
int __evOptMonoTime;
/* Public. */
int

4
contrib/bind9/lib/bind/isc/eventlib_p.h
View File

@ -18,7 +18,7 @@
/* eventlib_p.h - private interfaces for eventlib
* vix 09sep95 [initial]
*
* $Id: eventlib_p.h,v 1.3.2.1.4.1 2004/03/09 08:33:43 marka Exp $
* $Id: eventlib_p.h,v 1.3.2.1.4.2 2004/12/05 22:38:43 marka Exp $
*/
#ifndef _EVENTLIB_P_H
@ -214,6 +214,6 @@ void evDestroyTimers(const evContext_p *);
evWait *evFreeWait(evContext_p *ctx, evWait *old);
/* Global options */
int __evOptMonoTime;
extern int __evOptMonoTime;
#endif /*_EVENTLIB_P_H*/

6
contrib/bind9/lib/bind/isc/memcluster.c
View File

@ -24,7 +24,7 @@
#if !defined(LINT) && !defined(CODECENTER)
static const char rcsid[] = "$Id: memcluster.c,v 1.3.206.3 2004/03/17 00:29:52 marka Exp $";
static const char rcsid[] = "$Id: memcluster.c,v 1.3.206.4 2004/09/16 00:57:34 marka Exp $";
#endif /* not lint */
#include "port_before.h"
@ -471,9 +471,9 @@ memstats(FILE *out) {
if (s->totalgets == 0U && s->gets == 0U)
continue;
fprintf(out, "%s%5d: %11lu gets, %11lu rem",
fprintf(out, "%s%5lu: %11lu gets, %11lu rem",
(i == max_size) ? ">=" : " ",
i, s->totalgets, s->gets);
(unsigned long)i, s->totalgets, s->gets);
if (s->blocks != 0U)
fprintf(out, " (%lu bl, %lu ff)",
s->blocks, s->freefrags);

4
contrib/bind9/lib/bind/make/rules.in
View File

@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: rules.in,v 1.3.2.3.4.3 2004/03/15 01:02:44 marka Exp $
# $Id: rules.in,v 1.3.2.3.4.4 2004/10/20 00:14:47 marka Exp $
###
### Common Makefile rules for BIND 9.
@ -69,7 +69,7 @@ subdirs:
if [ "$$i" != "nulldir" -a -d $$i ]; then \
echo "making all in `pwd`/$$i"; \
(cd $$i; ${MAKE} ${MAKEDEFS} all) || exit 1; \
fi \
fi; \
done
install clean distclean docclean manclean::

6
contrib/bind9/lib/bind/nameser/ns_print.c
View File

@ -16,7 +16,7 @@
*/
#ifndef lint
static const char rcsid[] = "$Id: ns_print.c,v 1.3.2.1.4.5 2004/07/28 20:16:45 marka Exp $";
static const char rcsid[] = "$Id: ns_print.c,v 1.3.2.1.4.7 2004/09/16 07:01:12 marka Exp $";
#endif
/* Import. */
@ -705,8 +705,8 @@ ns_sprintrrf(const u_char *msg, size_t msglen,
int n, m;
char *p;
len = SPRINTF((tmp, "\\# %u%s\t; %s", edata - rdata,
rdlen != 0 ? " (" : "", comment));
len = SPRINTF((tmp, "\\# %u%s\t; %s", (unsigned)(edata - rdata),
rdlen != 0U ? " (" : "", comment));
T(addstr(tmp, len, &buf, &buflen));
while (rdata < edata) {
p = tmp;

13
contrib/bind9/lib/bind/port_after.h.in
View File

@ -86,6 +86,19 @@ struct sockaddr_in6 {
#undef IN6ADDR_LOOPBACK_INIT
#endif
#ifdef _AIX
#ifndef IN6ADDR_ANY_INIT
#define IN6ADDR_ANY_INIT {{{ 0, 0, 0, 0 }}}
#endif
#ifndef IN6ADDR_LOOPBACK_INIT
#if BYTE_ORDER == BIG_ENDIAN
#define IN6ADDR_LOOPBACK_INIT {{{ 0, 0, 0, 1 }}}
#else
#define IN6ADDR_LOOPBACK_INIT {{{0, 0, 0, 0x01000000}}}
#endif
#endif
#endif
#ifndef IN6ADDR_ANY_INIT
#ifdef s6_addr
#define IN6ADDR_ANY_INIT \

7
contrib/bind9/lib/bind/resolv/res_findzonecut.c
View File

@ -1,5 +1,5 @@
#if !defined(lint) && !defined(SABER)
static const char rcsid[] = "$Id: res_findzonecut.c,v 1.2.2.3.4.2 2004/03/16 12:34:18 marka Exp $";
static const char rcsid[] = "$Id: res_findzonecut.c,v 1.2.2.3.4.3 2004/09/16 07:06:11 marka Exp $";
#endif /* not lint */
/*
@ -360,8 +360,9 @@ get_soa(res_state statp, const char *dname, ns_class class, int opts,
abort();
}
if (strlen(t) + 1 > zsize) {
DPRINTF(("get_soa: zname(%d) too small (%d)",
zsize, strlen(t) + 1));
DPRINTF(("get_soa: zname(%lu) too small (%lu)",
(unsigned long)zsize,
(unsigned long)strlen(t) + 1));
errno = EMSGSIZE;
goto cleanup;
}

14
contrib/bind9/lib/bind9/Makefile.in
View File

@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.2.200.6 2004/07/20 07:01:57 marka Exp $
# $Id: Makefile.in,v 1.2.200.10 2004/12/10 00:05:48 marka Exp $
srcdir = @srcdir@
VPATH = @srcdir@
@ -31,6 +31,14 @@ CINCLUDES = -I. ${BIND9_INCLUDES} ${DNS_INCLUDES} ${ISC_INCLUDES} \
CDEFINES =
CWARNINGS =
ISCLIBS = ../../lib/isc/libisc.@A@
ISCCFGLIBS = ../../lib/isccfg/libisccfg.@A@
DNSLIBS = ../../lib/dns/libdns.@A@
ISCDEPLIBS = ../../lib/isc/libisc.@A@
ISCCFGDEPLIBS = ../../lib/isccfg/libisccfg.@A@
DNSDEPLIBS = ../../lib/dns/libdns.@A@
LIBS = @LIBS@
SUBDIRS = include
@ -57,11 +65,11 @@ libbind9.@SA@: ${OBJS}
${AR} ${ARFLAGS} $@ ${OBJS}
${RANLIB} $@
libbind9.la: ${OBJS}
libbind9.la: ${OBJS} ${ISCCFGDEPLIBS} ${ISCDEPLIBS} ${DNSDEPLIBS}
${LIBTOOL_MODE_LINK} \
${CC} ${ALL_CFLAGS} ${LDFLAGS} -o libbind9.la -rpath ${libdir} \
-version-info ${LIBINTERFACE}:${LIBREVISION}:${LIBAGE} \
${OBJS} ${LIBS}
${OBJS} ${DNSLIBS} ${ISCCFGLIBS} ${ISCLIBS} ${LIBS}
timestamp: libbind9.@A@
touch timestamp

2
contrib/bind9/lib/bind9/api
View File

@ -1,3 +1,3 @@
LIBINTERFACE = 0
LIBREVISION = 4
LIBREVISION = 5
LIBAGE = 0

25
contrib/bind9/lib/bind9/check.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: check.c,v 1.37.6.28 2004/07/29 00:08:08 marka Exp $ */
/* $Id: check.c,v 1.37.6.29 2004/11/22 05:02:41 marka Exp $ */
#include <config.h>
@ -732,7 +732,7 @@ check_zoneconf(cfg_obj_t *zconfig, cfg_obj_t *config, isc_symtab_t *symtab,
{ "zone-statistics", MASTERZONE | SLAVEZONE | STUBZONE },
{ "allow-update", MASTERZONE },
{ "allow-update-forwarding", SLAVEZONE },
{ "file", MASTERZONE | SLAVEZONE | STUBZONE | HINTZONE},
{ "file", MASTERZONE | SLAVEZONE | STUBZONE | HINTZONE },
{ "ixfr-base", MASTERZONE | SLAVEZONE },
{ "ixfr-tmp-file", MASTERZONE | SLAVEZONE },
{ "masters", SLAVEZONE | STUBZONE },
@ -943,6 +943,27 @@ check_zoneconf(cfg_obj_t *zconfig, cfg_obj_t *config, isc_symtab_t *symtab,
if (tresult != ISC_R_SUCCESS)
result = tresult;
/*
* If the zone type is rbt/rbt64 then master/hint zones
* require file clauses.
*/
obj = NULL;
tresult = cfg_map_get(zoptions, "database", &obj);
if (tresult == ISC_R_NOTFOUND ||
(tresult == ISC_R_SUCCESS &&
(strcmp("rbt", cfg_obj_asstring(obj)) == 0 ||
strcmp("rbt64", cfg_obj_asstring(obj)) == 0))) {
obj = NULL;
tresult = cfg_map_get(zoptions, "file", &obj);
if (tresult != ISC_R_SUCCESS &&
(ztype == MASTERZONE || ztype == HINTZONE)) {
cfg_obj_log(zconfig, logctx, ISC_LOG_ERROR,
"zone '%s': missing 'file' entry",
zname);
result = tresult;
}
}
return (result);
}

4
contrib/bind9/lib/bind9/getaddresses.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: getaddresses.c,v 1.13.126.5 2004/05/15 03:46:12 jinmei Exp $ */
/* $Id: getaddresses.c,v 1.13.126.6 2004/09/16 01:00:58 marka Exp $ */
#include <config.h>
#include <string.h>
@ -84,7 +84,7 @@ bind9_getaddresses(const char *hostname, in_port_t port,
isc_sockaddr_v6fromin(&addrs[0], &in4, port);
*addrcount = 1;
return (ISC_R_SUCCESS);
} else if (strlen(hostname) <= 127) {
} else if (strlen(hostname) <= 127U) {
char tmpbuf[128], *d;
isc_uint32_t zone = 0;

30
contrib/bind9/lib/dns/Makefile.in
View File

@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.126.2.3.2.15 2004/07/20 07:01:57 marka Exp $
# $Id: Makefile.in,v 1.126.2.3.2.17 2004/12/09 04:07:15 marka Exp $
srcdir = @srcdir@
VPATH = @srcdir@
@ -29,9 +29,10 @@ top_srcdir = @top_srcdir@
@BIND9_MAKE_INCLUDES@
CINCLUDES = -I. ${DNS_INCLUDES} ${ISC_INCLUDES}
CINCLUDES = -I. -Iinclude ${DNS_INCLUDES} \
${ISC_INCLUDES} @DST_OPENSSL_INC@ @DST_GSSAPI_INC@
CDEFINES =
CDEFINES = -DUSE_MD5 @USE_OPENSSL@ @USE_GSSAPI@
CWARNINGS =
ISCLIBS = ../../lib/isc/libisc.@A@
@ -42,13 +43,10 @@ LIBS = @LIBS@
# Alphabetically
DSTOBJS = sec/dst/dst_api.@O@ \
sec/dst/dst_lib.@O@ sec/dst/dst_parse.@O@ \
sec/dst/dst_result.@O@ sec/dst/gssapi_link.@O@ \
sec/dst/gssapictx.@O@ sec/dst/hmac_link.@O@ \
sec/dst/key.@O@ sec/dst/openssl_link.@O@ \
sec/dst/openssldh_link.@O@ sec/dst/openssldsa_link.@O@ \
sec/dst/opensslrsa_link.@O@
DSTOBJS = dst_api.@O@ dst_lib.@O@ dst_parse.@O@ dst_result.@O@ \
gssapi_link.@O@ gssapictx.@O@ hmac_link.@O@ key.@O@ \
openssl_link.@O@ openssldh_link.@O@ openssldsa_link.@O@ \
opensslrsa_link.@O@
# Alphabetically
DNSOBJS = acl.@O@ adb.@O@ byaddr.@O@ \
@ -69,6 +67,12 @@ DNSOBJS = acl.@O@ adb.@O@ byaddr.@O@ \
OBJS= ${DNSOBJS} ${OTHEROBJS} ${DSTOBJS}
# Alphabetically
DSTSRCS = dst_api.c dst_lib.c dst_parse.c \
dst_result.c gssapi_link.c gssapictx.c \
hmac_link.c key.c \
openssl_link.c openssldh_link.c \
openssldsa_link.c opensslrsa_link.c
SRCS = acl.c adb.c byaddr.c \
cache.c callbacks.c compress.c \
db.c dbiterator.c dbtable.c diff.c dispatch.c \
@ -83,8 +87,9 @@ SRCS = acl.c adb.c byaddr.c \
stats.c tcpmsg.c time.c timer.c tkey.c \
tsig.c ttl.c validator.c \
version.c view.c xfrin.c zone.c zonekey.c zt.c ${OTHERSRCS}
SRCS = ${DSTSRCS} ${DNSSRCS}
SUBDIRS = include sec
SUBDIRS = include
TARGETS = include/dns/enumtype.h include/dns/enumclass.h \
include/dns/rdatastruct.h timestamp
@ -159,6 +164,5 @@ depend: include/dns/enumtype.h include/dns/enumclass.h \
include/dns/rdatastruct.h code.h
subdirs: include/dns/enumtype.h include/dns/enumclass.h \
include/dns/rdatastruct.h code.h
${DNSOBJS}: include/dns/enumtype.h include/dns/enumclass.h \
${OBJS}: include/dns/enumtype.h include/dns/enumclass.h \
include/dns/rdatastruct.h
rdata.${0}: code.h

52
contrib/bind9/lib/dns/adb.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: adb.c,v 1.181.2.11.2.19 2004/09/01 05:19:57 marka Exp $ */
/* $Id: adb.c,v 1.181.2.11.2.20 2004/11/10 22:32:40 marka Exp $ */
/*
* Implementation notes
@ -278,7 +278,7 @@ static inline dns_adbname_t *find_name_and_lock(dns_adb_t *, dns_name_t *,
unsigned int, int *);
static inline dns_adbentry_t *find_entry_and_lock(dns_adb_t *,
isc_sockaddr_t *, int *);
static void dump_adb(dns_adb_t *, FILE *, isc_boolean_t debug);
static void dump_adb(dns_adb_t *, FILE *, isc_boolean_t debug, isc_stdtime_t);
static void print_dns_name(FILE *, dns_name_t *);
static void print_namehook_list(FILE *, const char *legend,
dns_adbnamehooklist_t *list,
@ -315,7 +315,8 @@ static inline isc_boolean_t unlink_name(dns_adb_t *, dns_adbname_t *);
static inline void link_entry(dns_adb_t *, int, dns_adbentry_t *);
static inline isc_boolean_t unlink_entry(dns_adb_t *, dns_adbentry_t *);
static isc_boolean_t kill_name(dns_adbname_t **, isc_eventtype_t);
static void water(void *arg, int mark);
static void water(void *, int);
static void dump_entry(FILE *, dns_adbentry_t *, isc_boolean_t, isc_stdtime_t);
/*
* MUST NOT overlap DNS_ADBFIND_* flags!
@ -1937,7 +1938,7 @@ timer_cleanup(isc_task_t *task, isc_event_t *ev) {
if (adb->next_cleanbucket >= NBUCKETS) {
adb->next_cleanbucket = 0;
#ifdef DUMP_ADB_AFTER_CLEANING
dump_adb(adb, stdout, ISC_TRUE);
dump_adb(adb, stdout, ISC_TRUE, now);
#endif
}
}
@ -2707,6 +2708,9 @@ dns_adb_cancelfind(dns_adbfind_t *find) {
void
dns_adb_dump(dns_adb_t *adb, FILE *f) {
int i;
isc_stdtime_t now;
REQUIRE(DNS_ADB_VALID(adb));
REQUIRE(f != NULL);
@ -2718,7 +2722,14 @@ dns_adb_dump(dns_adb_t *adb, FILE *f) {
*/
LOCK(&adb->lock);
dump_adb(adb, f, ISC_FALSE);
isc_stdtime_get(&now);
for (i = 0; i < NBUCKETS; i++)
RUNTIME_CHECK(cleanup_names(adb, i, now) == ISC_FALSE);
for (i = 0; i < NBUCKETS; i++)
RUNTIME_CHECK(cleanup_entries(adb, i, now) == ISC_FALSE);
dump_adb(adb, f, ISC_FALSE, now);
UNLOCK(&adb->lock);
}
@ -2730,12 +2741,10 @@ dump_ttl(FILE *f, const char *legend, isc_stdtime_t value, isc_stdtime_t now) {
}
static void
dump_adb(dns_adb_t *adb, FILE *f, isc_boolean_t debug) {
dump_adb(dns_adb_t *adb, FILE *f, isc_boolean_t debug, isc_stdtime_t now) {
int i;
dns_adbname_t *name;
isc_stdtime_t now;
isc_stdtime_get(&now);
dns_adbentry_t *entry;
fprintf(f, ";\n; Address database dump\n;\n");
if (debug)
@ -2793,6 +2802,17 @@ dump_adb(dns_adb_t *adb, FILE *f, isc_boolean_t debug) {
}
}
fprintf(f, ";\n; Unassociated entries\n;\n");
for (i = 0; i < NBUCKETS; i++) {
entry = ISC_LIST_HEAD(adb->entries[i]);
while (entry != NULL) {
if (entry->refcnt == 0)
dump_entry(f, entry, debug, now);
entry = ISC_LIST_NEXT(entry, plink);
}
}
/*
* Unlock everything
*/
@ -2818,6 +2838,8 @@ dump_entry(FILE *f, dns_adbentry_t *entry, isc_boolean_t debug,
fprintf(f, ";\t%s [srtt %u] [flags %08x]",
addrbuf, entry->srtt, entry->flags);
if (entry->expires != 0)
fprintf(f, " [ttl %d]", entry->expires - now);
fprintf(f, "\n");
for (zi = ISC_LIST_HEAD(entry->zoneinfo);
zi != NULL;
@ -3495,16 +3517,16 @@ dns_adb_flush(dns_adb_t *adb) {
LOCK(&adb->lock);
for (i = 0; i < NBUCKETS; i++) {
/*
* Call our cleanup routines.
*/
/*
* Call our cleanup routines.
*/
for (i = 0; i < NBUCKETS; i++)
RUNTIME_CHECK(cleanup_names(adb, i, INT_MAX) == ISC_FALSE);
for (i = 0; i < NBUCKETS; i++)
RUNTIME_CHECK(cleanup_entries(adb, i, INT_MAX) == ISC_FALSE);
}
#ifdef DUMP_ADB_AFTER_CLEANING
dump_adb(adb, stdout, ISC_TRUE);
dump_adb(adb, stdout, ISC_TRUE, INT_MAX);
#endif
UNLOCK(&adb->lock);

2
contrib/bind9/lib/dns/api
View File

@ -1,3 +1,3 @@
LIBINTERFACE = 20
LIBREVISION = 0
LIBREVISION = 2
LIBAGE = 0

1185
contrib/bind9/lib/dns/dst_api.c Normal file
View File

File diff suppressed because it is too large Load Diff

134
contrib/bind9/lib/dns/dst_internal.h Normal file
View File

@ -0,0 +1,134 @@
/*
* Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (C) 2000-2002 Internet Software Consortium.
* Portions Copyright (C) 1995-2000 by Network Associates, Inc.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
* FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dst_internal.h,v 1.1.4.1 2004/12/09 04:07:16 marka Exp $ */
#ifndef DST_DST_INTERNAL_H
#define DST_DST_INTERNAL_H 1
#include <isc/lang.h>
#include <isc/buffer.h>
#include <isc/int.h>
#include <isc/magic.h>
#include <isc/region.h>
#include <isc/types.h>
#include <dst/dst.h>
ISC_LANG_BEGINDECLS
#define KEY_MAGIC ISC_MAGIC('D','S','T','K')
#define CTX_MAGIC ISC_MAGIC('D','S','T','C')
#define VALID_KEY(x) ISC_MAGIC_VALID(x, KEY_MAGIC)
#define VALID_CTX(x) ISC_MAGIC_VALID(x, CTX_MAGIC)
extern isc_mem_t *dst__memory_pool;
/***
*** Types
***/
typedef struct dst_func dst_func_t;
struct dst_key {
unsigned int magic;
dns_name_t * key_name; /* name of the key */
unsigned int key_size; /* size of the key in bits */
unsigned int key_proto; /* protocols this key is used for */
unsigned int key_alg; /* algorithm of the key */
isc_uint32_t key_flags; /* flags of the public key */
isc_uint16_t key_id; /* identifier of the key */
dns_rdataclass_t key_class; /* class of the key record */
isc_mem_t *mctx; /* memory context */
void * opaque; /* pointer to key in crypto pkg fmt */
dst_func_t * func; /* crypto package specific functions */
};
struct dst_context {
unsigned int magic;
dst_key_t *key;
isc_mem_t *mctx;
void *opaque;
};
struct dst_func {
/*
* Context functions
*/
isc_result_t (*createctx)(dst_key_t *key, dst_context_t *dctx);
void (*destroyctx)(dst_context_t *dctx);
isc_result_t (*adddata)(dst_context_t *dctx, const isc_region_t *data);
/*
* Key operations
*/
isc_result_t (*sign)(dst_context_t *dctx, isc_buffer_t *sig);
isc_result_t (*verify)(dst_context_t *dctx, const isc_region_t *sig);
isc_result_t (*computesecret)(const dst_key_t *pub,
const dst_key_t *priv,
isc_buffer_t *secret);
isc_boolean_t (*compare)(const dst_key_t *key1, const dst_key_t *key2);
isc_boolean_t (*paramcompare)(const dst_key_t *key1,
const dst_key_t *key2);
isc_result_t (*generate)(dst_key_t *key, int parms);
isc_boolean_t (*isprivate)(const dst_key_t *key);
void (*destroy)(dst_key_t *key);
/* conversion functions */
isc_result_t (*todns)(const dst_key_t *key, isc_buffer_t *data);
isc_result_t (*fromdns)(dst_key_t *key, isc_buffer_t *data);
isc_result_t (*tofile)(const dst_key_t *key, const char *directory);
isc_result_t (*parse)(dst_key_t *key, isc_lex_t *lexer);
/* cleanup */
void (*cleanup)(void);
};
/*
* Initializers
*/
isc_result_t dst__openssl_init(void);
isc_result_t dst__hmacmd5_init(struct dst_func **funcp);
isc_result_t dst__opensslrsa_init(struct dst_func **funcp);
isc_result_t dst__openssldsa_init(struct dst_func **funcp);
isc_result_t dst__openssldh_init(struct dst_func **funcp);
isc_result_t dst__gssapi_init(struct dst_func **funcp);
/*
* Destructors
*/
void dst__openssl_destroy(void);
/*
* Memory allocators using the DST memory pool.
*/
void * dst__mem_alloc(size_t size);
void dst__mem_free(void *ptr);
void * dst__mem_realloc(void *ptr, size_t size);
/*
* Entropy retriever using the DST entropy pool.
*/
isc_result_t dst__entropy_getdata(void *buf, unsigned int len,
isc_boolean_t pseudo);
ISC_LANG_ENDDECLS
#endif /* DST_DST_INTERNAL_H */

65
contrib/bind9/lib/dns/dst_lib.c Normal file
View File

@ -0,0 +1,65 @@
/*
* Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/*
* Principal Author: Brian Wellington
* $Id: dst_lib.c,v 1.1.4.1 2004/12/09 04:07:16 marka Exp $
*/
#include <config.h>
#include <stddef.h>
#include <isc/once.h>
#include <isc/msgcat.h>
#include <isc/util.h>
#include <dst/lib.h>
/***
*** Globals
***/
LIBDNS_EXTERNAL_DATA isc_msgcat_t * dst_msgcat = NULL;
/***
*** Private
***/
static isc_once_t msgcat_once = ISC_ONCE_INIT;
/***
*** Functions
***/
static void
open_msgcat(void) {
isc_msgcat_open("libdst.cat", &dst_msgcat);
}
void
dst_lib_initmsgcat(void) {
/*
* Initialize the DST library's message catalog, dst_msgcat, if it
* has not already been initialized.
*/
RUNTIME_CHECK(isc_once_do(&msgcat_once, open_msgcat) == ISC_R_SUCCESS);
}

33
contrib/bind9/lib/dns/dst_openssl.h Normal file
View File

@ -0,0 +1,33 @@
/*
* Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dst_openssl.h,v 1.1.2.1 2004/12/09 04:07:17 marka Exp $ */
#ifndef DST_OPENSSL_H
#define DST_OPENSSL_H 1
#include <isc/lang.h>
#include <isc/result.h>
ISC_LANG_BEGINDECLS
isc_result_t
dst__openssl_toresult(isc_result_t fallback);
ISC_LANG_ENDDECLS
#endif /* DST_OPENSSL_H */

412
contrib/bind9/lib/dns/dst_parse.c Normal file
View File

@ -0,0 +1,412 @@
/*
* Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (C) 1999-2002 Internet Software Consortium.
* Portions Copyright (C) 1995-2000 by Network Associates, Inc.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
* FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/*
* Principal Author: Brian Wellington
* $Id: dst_parse.c,v 1.1.4.1 2004/12/09 04:07:17 marka Exp $
*/
#include <config.h>
#include <isc/base64.h>
#include <isc/dir.h>
#include <isc/fsaccess.h>
#include <isc/lex.h>
#include <isc/mem.h>
#include <isc/string.h>
#include <isc/util.h>
#include "dst_internal.h"
#include "dst_parse.h"
#include "dst/result.h"
#define DST_AS_STR(t) ((t).value.as_textregion.base)
#define PRIVATE_KEY_STR "Private-key-format:"
#define ALGORITHM_STR "Algorithm:"
struct parse_map {
const int value;
const char *tag;
};
static struct parse_map map[] = {
{TAG_RSA_MODULUS, "Modulus:"},
{TAG_RSA_PUBLICEXPONENT, "PublicExponent:"},
{TAG_RSA_PRIVATEEXPONENT, "PrivateExponent:"},
{TAG_RSA_PRIME1, "Prime1:"},
{TAG_RSA_PRIME2, "Prime2:"},
{TAG_RSA_EXPONENT1, "Exponent1:"},
{TAG_RSA_EXPONENT2, "Exponent2:"},
{TAG_RSA_COEFFICIENT, "Coefficient:"},
{TAG_DH_PRIME, "Prime(p):"},
{TAG_DH_GENERATOR, "Generator(g):"},
{TAG_DH_PRIVATE, "Private_value(x):"},
{TAG_DH_PUBLIC, "Public_value(y):"},
{TAG_DSA_PRIME, "Prime(p):"},
{TAG_DSA_SUBPRIME, "Subprime(q):"},
{TAG_DSA_BASE, "Base(g):"},
{TAG_DSA_PRIVATE, "Private_value(x):"},
{TAG_DSA_PUBLIC, "Public_value(y):"},
{TAG_HMACMD5_KEY, "Key:"},
{0, NULL}
};
static int
find_value(const char *s, const unsigned int alg) {
int i;
for (i = 0; ; i++) {
if (map[i].tag == NULL)
return (-1);
else if (strcasecmp(s, map[i].tag) == 0 &&
TAG_ALG(map[i].value) == alg)
return (map[i].value);
}
}
static const char *
find_tag(const int value) {
int i;
for (i = 0; ; i++) {
if (map[i].tag == NULL)
return (NULL);
else if (value == map[i].value)
return (map[i].tag);
}
}
static int
check_rsa(const dst_private_t *priv) {
int i, j;
if (priv->nelements != RSA_NTAGS)
return (-1);
for (i = 0; i < RSA_NTAGS; i++) {
for (j = 0; j < priv->nelements; j++)
if (priv->elements[j].tag == TAG(DST_ALG_RSAMD5, i))
break;
if (j == priv->nelements)
return (-1);
}
return (0);
}
static int
check_dh(const dst_private_t *priv) {
int i, j;
if (priv->nelements != DH_NTAGS)
return (-1);
for (i = 0; i < DH_NTAGS; i++) {
for (j = 0; j < priv->nelements; j++)
if (priv->elements[j].tag == TAG(DST_ALG_DH, i))
break;
if (j == priv->nelements)
return (-1);
}
return (0);
}
static int
check_dsa(const dst_private_t *priv) {
int i, j;
if (priv->nelements != DSA_NTAGS)
return (-1);
for (i = 0; i < DSA_NTAGS; i++) {
for (j = 0; j < priv->nelements; j++)
if (priv->elements[j].tag == TAG(DST_ALG_DSA, i))
break;
if (j == priv->nelements)
return (-1);
}
return (0);
}
static int
check_hmac_md5(const dst_private_t *priv) {
if (priv->nelements != HMACMD5_NTAGS)
return (-1);
if (priv->elements[0].tag != TAG_HMACMD5_KEY)
return (-1);
return (0);
}
static int
check_data(const dst_private_t *priv, const unsigned int alg) {
/* XXXVIX this switch statement is too sparse to gen a jump table. */
switch (alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
return (check_rsa(priv));
case DST_ALG_DH:
return (check_dh(priv));
case DST_ALG_DSA:
return (check_dsa(priv));
case DST_ALG_HMACMD5:
return (check_hmac_md5(priv));
default:
return (DST_R_UNSUPPORTEDALG);
}
}
void
dst__privstruct_free(dst_private_t *priv, isc_mem_t *mctx) {
int i;
if (priv == NULL)
return;
for (i = 0; i < priv->nelements; i++) {
if (priv->elements[i].data == NULL)
continue;
memset(priv->elements[i].data, 0, MAXFIELDSIZE);
isc_mem_put(mctx, priv->elements[i].data, MAXFIELDSIZE);
}
priv->nelements = 0;
}
int
dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex,
isc_mem_t *mctx, dst_private_t *priv)
{
int n = 0, major, minor;
isc_buffer_t b;
isc_token_t token;
unsigned char *data = NULL;
unsigned int opt = ISC_LEXOPT_EOL;
isc_result_t ret;
REQUIRE(priv != NULL);
priv->nelements = 0;
#define NEXTTOKEN(lex, opt, token) \
do { \
ret = isc_lex_gettoken(lex, opt, token); \
if (ret != ISC_R_SUCCESS) \
goto fail; \
} while (0)
#define READLINE(lex, opt, token) \
do { \
ret = isc_lex_gettoken(lex, opt, token); \
if (ret == ISC_R_EOF) \
break; \
else if (ret != ISC_R_SUCCESS) \
goto fail; \
} while ((*token).type != isc_tokentype_eol)
/*
* Read the description line.
*/
NEXTTOKEN(lex, opt, &token);
if (token.type != isc_tokentype_string ||
strcmp(DST_AS_STR(token), PRIVATE_KEY_STR) != 0)
{
ret = DST_R_INVALIDPRIVATEKEY;
goto fail;
}
NEXTTOKEN(lex, opt, &token);
if (token.type != isc_tokentype_string ||
(DST_AS_STR(token))[0] != 'v')
{
ret = DST_R_INVALIDPRIVATEKEY;
goto fail;
}
if (sscanf(DST_AS_STR(token), "v%d.%d", &major, &minor) != 2)
{
ret = DST_R_INVALIDPRIVATEKEY;
goto fail;
}
if (major > MAJOR_VERSION ||
(major == MAJOR_VERSION && minor > MINOR_VERSION))
{
ret = DST_R_INVALIDPRIVATEKEY;
goto fail;
}
READLINE(lex, opt, &token);
/*
* Read the algorithm line.
*/
NEXTTOKEN(lex, opt, &token);
if (token.type != isc_tokentype_string ||
strcmp(DST_AS_STR(token), ALGORITHM_STR) != 0)
{
ret = DST_R_INVALIDPRIVATEKEY;
goto fail;
}
NEXTTOKEN(lex, opt | ISC_LEXOPT_NUMBER, &token);
if (token.type != isc_tokentype_number ||
token.value.as_ulong != (unsigned long) dst_key_alg(key))
{
ret = DST_R_INVALIDPRIVATEKEY;
goto fail;
}
READLINE(lex, opt, &token);
/*
* Read the key data.
*/
for (n = 0; n < MAXFIELDS; n++) {
int tag;
isc_region_t r;
do {
ret = isc_lex_gettoken(lex, opt, &token);
if (ret == ISC_R_EOF)
goto done;
if (ret != ISC_R_SUCCESS)
goto fail;
} while (token.type == isc_tokentype_eol);
if (token.type != isc_tokentype_string) {
ret = DST_R_INVALIDPRIVATEKEY;
goto fail;
}
memset(&priv->elements[n], 0, sizeof(dst_private_element_t));
tag = find_value(DST_AS_STR(token), alg);
if (tag < 0 || TAG_ALG(tag) != alg) {
ret = DST_R_INVALIDPRIVATEKEY;
goto fail;
}
priv->elements[n].tag = tag;
data = (unsigned char *) isc_mem_get(mctx, MAXFIELDSIZE);
if (data == NULL)
goto fail;
isc_buffer_init(&b, data, MAXFIELDSIZE);
ret = isc_base64_tobuffer(lex, &b, -1);
if (ret != ISC_R_SUCCESS)
goto fail;
isc_buffer_usedregion(&b, &r);
priv->elements[n].length = r.length;
priv->elements[n].data = r.base;
READLINE(lex, opt, &token);
data = NULL;
}
done:
priv->nelements = n;
if (check_data(priv, alg) < 0)
goto fail;
return (ISC_R_SUCCESS);
fail:
priv->nelements = n;
dst__privstruct_free(priv, mctx);
if (data != NULL)
isc_mem_put(mctx, data, MAXFIELDSIZE);
return (ret);
}
int
dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv,
const char *directory)
{
FILE *fp;
int ret, i;
isc_result_t iret;
char filename[ISC_DIR_NAMEMAX];
char buffer[MAXFIELDSIZE * 2];
isc_buffer_t b;
isc_fsaccess_t access;
REQUIRE(priv != NULL);
if (check_data(priv, dst_key_alg(key)) < 0)
return (DST_R_INVALIDPRIVATEKEY);
isc_buffer_init(&b, filename, sizeof(filename));
ret = dst_key_buildfilename(key, DST_TYPE_PRIVATE, directory, &b);
if (ret != ISC_R_SUCCESS)
return (ret);
if ((fp = fopen(filename, "w")) == NULL)
return (DST_R_WRITEERROR);
access = 0;
isc_fsaccess_add(ISC_FSACCESS_OWNER,
ISC_FSACCESS_READ | ISC_FSACCESS_WRITE,
&access);
(void)isc_fsaccess_set(filename, access);
/* XXXDCL return value should be checked for full filesystem */
fprintf(fp, "%s v%d.%d\n", PRIVATE_KEY_STR, MAJOR_VERSION,
MINOR_VERSION);
fprintf(fp, "%s %d ", ALGORITHM_STR, dst_key_alg(key));
/* XXXVIX this switch statement is too sparse to gen a jump table. */
switch (dst_key_alg(key)) {
case DST_ALG_RSAMD5:
fprintf(fp, "(RSA)\n");
break;
case DST_ALG_DH:
fprintf(fp, "(DH)\n");
break;
case DST_ALG_DSA:
fprintf(fp, "(DSA)\n");
break;
case DST_ALG_RSASHA1:
fprintf(fp, "(RSASHA1)\n");
break;
case DST_ALG_HMACMD5:
fprintf(fp, "(HMAC_MD5)\n");
break;
default:
fprintf(fp, "(?)\n");
break;
}
for (i = 0; i < priv->nelements; i++) {
isc_buffer_t b;
isc_region_t r;
const char *s;
s = find_tag(priv->elements[i].tag);
r.base = priv->elements[i].data;
r.length = priv->elements[i].length;
isc_buffer_init(&b, buffer, sizeof(buffer));
iret = isc_base64_totext(&r, sizeof(buffer), "", &b);
if (iret != ISC_R_SUCCESS) {
fclose(fp);
return (DST_R_INVALIDPRIVATEKEY);
}
isc_buffer_usedregion(&b, &r);
fprintf(fp, "%s ", s);
fwrite(r.base, 1, r.length, fp);
fprintf(fp, "\n");
}
fclose(fp);
return (ISC_R_SUCCESS);
}

95
contrib/bind9/lib/dns/dst_parse.h Normal file
View File

@ -0,0 +1,95 @@
/*
* Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (C) 2000-2002 Internet Software Consortium.
* Portions Copyright (C) 1995-2000 by Network Associates, Inc.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
* FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dst_parse.h,v 1.1.4.1 2004/12/09 04:07:17 marka Exp $ */
#ifndef DST_DST_PARSE_H
#define DST_DST_PARSE_H 1
#include <isc/lang.h>
#include <dst/dst.h>
#define MAJOR_VERSION 1
#define MINOR_VERSION 2
#define MAXFIELDSIZE 512
#define MAXFIELDS 12
#define TAG_SHIFT 4
#define TAG_ALG(tag) ((unsigned int)(tag) >> TAG_SHIFT)
#define TAG(alg, off) (((alg) << TAG_SHIFT) + (off))
/* These are used by both RSA-MD5 and RSA-SHA1 */
#define RSA_NTAGS 8
#define TAG_RSA_MODULUS ((DST_ALG_RSAMD5 << TAG_SHIFT) + 0)
#define TAG_RSA_PUBLICEXPONENT ((DST_ALG_RSAMD5 << TAG_SHIFT) + 1)
#define TAG_RSA_PRIVATEEXPONENT ((DST_ALG_RSAMD5 << TAG_SHIFT) + 2)
#define TAG_RSA_PRIME1 ((DST_ALG_RSAMD5 << TAG_SHIFT) + 3)
#define TAG_RSA_PRIME2 ((DST_ALG_RSAMD5 << TAG_SHIFT) + 4)
#define TAG_RSA_EXPONENT1 ((DST_ALG_RSAMD5 << TAG_SHIFT) + 5)
#define TAG_RSA_EXPONENT2 ((DST_ALG_RSAMD5 << TAG_SHIFT) + 6)
#define TAG_RSA_COEFFICIENT ((DST_ALG_RSAMD5 << TAG_SHIFT) + 7)
#define DH_NTAGS 4
#define TAG_DH_PRIME ((DST_ALG_DH << TAG_SHIFT) + 0)
#define TAG_DH_GENERATOR ((DST_ALG_DH << TAG_SHIFT) + 1)
#define TAG_DH_PRIVATE ((DST_ALG_DH << TAG_SHIFT) + 2)
#define TAG_DH_PUBLIC ((DST_ALG_DH << TAG_SHIFT) + 3)
#define DSA_NTAGS 5
#define TAG_DSA_PRIME ((DST_ALG_DSA << TAG_SHIFT) + 0)
#define TAG_DSA_SUBPRIME ((DST_ALG_DSA << TAG_SHIFT) + 1)
#define TAG_DSA_BASE ((DST_ALG_DSA << TAG_SHIFT) + 2)
#define TAG_DSA_PRIVATE ((DST_ALG_DSA << TAG_SHIFT) + 3)
#define TAG_DSA_PUBLIC ((DST_ALG_DSA << TAG_SHIFT) + 4)
#define HMACMD5_NTAGS 1
#define TAG_HMACMD5_KEY ((DST_ALG_HMACMD5 << TAG_SHIFT) + 0)
struct dst_private_element {
unsigned short tag;
unsigned short length;
unsigned char *data;
};
typedef struct dst_private_element dst_private_element_t;
struct dst_private {
unsigned short nelements;
dst_private_element_t elements[MAXFIELDS];
};
typedef struct dst_private dst_private_t;
ISC_LANG_BEGINDECLS
void
dst__privstruct_free(dst_private_t *priv, isc_mem_t *mctx);
int
dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex,
isc_mem_t *mctx, dst_private_t *priv);
int
dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv,
const char *directory);
ISC_LANG_ENDDECLS
#endif /* DST_DST_PARSE_H */

86
contrib/bind9/lib/dns/dst_result.c Normal file
View File

@ -0,0 +1,86 @@
/*
* Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/*
* Principal Author: Brian Wellington
* $Id: dst_result.c,v 1.1.4.1 2004/12/09 04:07:17 marka Exp $
*/
#include <config.h>
#include <isc/once.h>
#include <isc/util.h>
#include <dst/result.h>
#include <dst/lib.h>
static const char *text[DST_R_NRESULTS] = {
"algorithm is unsupported", /* 0 */
"openssl failure", /* 1 */
"built with no crypto support", /* 2 */
"illegal operation for a null key", /* 3 */
"public key is invalid", /* 4 */
"private key is invalid", /* 5 */
"UNUSED6", /* 6 */
"error occurred writing key to disk", /* 7 */
"invalid algorithm specific parameter", /* 8 */
"UNUSED9", /* 9 */
"UNUSED10", /* 10 */
"sign failure", /* 11 */
"UNUSED12", /* 12 */
"UNUSED13", /* 13 */
"verify failure", /* 14 */
"not a public key", /* 15 */
"not a private key", /* 16 */
"not a key that can compute a secret", /* 17 */
"failure computing a shared secret", /* 18 */
"no randomness available", /* 19 */
"bad key type" /* 20 */
};
#define DST_RESULT_RESULTSET 2
static isc_once_t once = ISC_ONCE_INIT;
static void
initialize_action(void) {
isc_result_t result;
result = isc_result_register(ISC_RESULTCLASS_DST, DST_R_NRESULTS,
text, dst_msgcat, DST_RESULT_RESULTSET);
if (result != ISC_R_SUCCESS)
UNEXPECTED_ERROR(__FILE__, __LINE__,
"isc_result_register() failed: %u", result);
}
static void
initialize(void) {
dst_lib_initmsgcat();
RUNTIME_CHECK(isc_once_do(&once, initialize_action) == ISC_R_SUCCESS);
}
const char *
dst_result_totext(isc_result_t result) {
initialize();
return (isc_result_totext(result));
}
void
dst_result_register(void) {
initialize();
}

220
contrib/bind9/lib/dns/gssapi_link.c Normal file
View File

@ -0,0 +1,220 @@
/*
* Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/*
* $Id: gssapi_link.c,v 1.1.4.1 2004/12/09 04:07:17 marka Exp $
*/
#ifdef GSSAPI
#include <config.h>
#include <isc/buffer.h>
#include <isc/mem.h>
#include <isc/string.h>
#include <isc/util.h>
#include <dst/result.h>
#include "dst_internal.h"
#include "dst_parse.h"
#include <gssapi/gssapi.h>
#define INITIAL_BUFFER_SIZE 1024
#define BUFFER_EXTRA 1024
#define REGION_TO_GBUFFER(r, gb) \
do { \
(gb).length = (r).length; \
(gb).value = (r).base; \
} while (0)
typedef struct gssapi_ctx {
isc_buffer_t *buffer;
gss_ctx_id_t *context_id;
} gssapi_ctx_t;
static isc_result_t
gssapi_createctx(dst_key_t *key, dst_context_t *dctx) {
gssapi_ctx_t *ctx;
isc_result_t result;
UNUSED(key);
ctx = isc_mem_get(dctx->mctx, sizeof(gssapi_ctx_t));
if (ctx == NULL)
return (ISC_R_NOMEMORY);
ctx->buffer = NULL;
result = isc_buffer_allocate(dctx->mctx, &ctx->buffer,
INITIAL_BUFFER_SIZE);
if (result != ISC_R_SUCCESS) {
isc_mem_put(dctx->mctx, ctx, sizeof(gssapi_ctx_t));
return (result);
}
ctx->context_id = key->opaque;
dctx->opaque = ctx;
return (ISC_R_SUCCESS);
}
static void
gssapi_destroyctx(dst_context_t *dctx) {
gssapi_ctx_t *ctx = dctx->opaque;
if (ctx != NULL) {
if (ctx->buffer != NULL)
isc_buffer_free(&ctx->buffer);
isc_mem_put(dctx->mctx, ctx, sizeof(gssapi_ctx_t));
dctx->opaque = NULL;
}
}
static isc_result_t
gssapi_adddata(dst_context_t *dctx, const isc_region_t *data) {
gssapi_ctx_t *ctx = dctx->opaque;
isc_buffer_t *newbuffer = NULL;
isc_region_t r;
unsigned int length;
isc_result_t result;
result = isc_buffer_copyregion(ctx->buffer, data);
if (result == ISC_R_SUCCESS)
return (ISC_R_SUCCESS);
length = isc_buffer_length(ctx->buffer) + data->length + BUFFER_EXTRA;
result = isc_buffer_allocate(dctx->mctx, &newbuffer, length);
if (result != ISC_R_SUCCESS)
return (result);
isc_buffer_usedregion(ctx->buffer, &r);
(void) isc_buffer_copyregion(newbuffer, &r);
(void) isc_buffer_copyregion(newbuffer, data);
isc_buffer_free(&ctx->buffer);
ctx->buffer = newbuffer;
return (ISC_R_SUCCESS);
}
static isc_result_t
gssapi_sign(dst_context_t *dctx, isc_buffer_t *sig) {
gssapi_ctx_t *ctx = dctx->opaque;
isc_region_t message;
gss_buffer_desc gmessage, gsig;
OM_uint32 minor, gret;
isc_buffer_usedregion(ctx->buffer, &message);
REGION_TO_GBUFFER(message, gmessage);
gret = gss_get_mic(&minor, ctx->context_id,
GSS_C_QOP_DEFAULT, &gmessage, &gsig);
if (gret != 0)
return (ISC_R_FAILURE);
if (gsig.length > isc_buffer_availablelength(sig)) {
gss_release_buffer(&minor, &gsig);
return (ISC_R_NOSPACE);
}
isc_buffer_putmem(sig, gsig.value, gsig.length);
gss_release_buffer(&minor, &gsig);
return (ISC_R_SUCCESS);
}
static isc_result_t
gssapi_verify(dst_context_t *dctx, const isc_region_t *sig) {
gssapi_ctx_t *ctx = dctx->opaque;
isc_region_t message;
gss_buffer_desc gmessage, gsig;
OM_uint32 minor, gret;
isc_buffer_usedregion(ctx->buffer, &message);
REGION_TO_GBUFFER(message, gmessage);
REGION_TO_GBUFFER(*sig, gsig);
gret = gss_verify_mic(&minor, ctx->context_id, &gmessage, &gsig, NULL);
if (gret != 0)
return (ISC_R_FAILURE);
return (ISC_R_SUCCESS);
}
static isc_boolean_t
gssapi_compare(const dst_key_t *key1, const dst_key_t *key2) {
gss_ctx_id_t gsskey1 = key1->opaque;
gss_ctx_id_t gsskey2 = key2->opaque;
/* No idea */
return (ISC_TF(gsskey1 == gsskey2));
}
static isc_result_t
gssapi_generate(dst_key_t *key, int unused) {
UNUSED(key);
UNUSED(unused);
/* No idea */
return (ISC_R_FAILURE);
}
static isc_boolean_t
gssapi_isprivate(const dst_key_t *key) {
UNUSED(key);
return (ISC_TRUE);
}
static void
gssapi_destroy(dst_key_t *key) {
UNUSED(key);
/* No idea */
}
static dst_func_t gssapi_functions = {
gssapi_createctx,
gssapi_destroyctx,
gssapi_adddata,
gssapi_sign,
gssapi_verify,
NULL, /* computesecret */
gssapi_compare,
NULL, /* paramcompare */
gssapi_generate,
gssapi_isprivate,
gssapi_destroy,
NULL, /* todns */
NULL, /* fromdns */
NULL, /* tofile */
NULL, /* parse */
NULL, /* cleanup */
};
isc_result_t
dst__gssapi_init(dst_func_t **funcp) {
REQUIRE(funcp != NULL);
if (*funcp == NULL)
*funcp = &gssapi_functions;
return (ISC_R_SUCCESS);
}
#else
int gssapi_link_unneeded = 1;
#endif

262
contrib/bind9/lib/dns/gssapictx.c Normal file
View File

@ -0,0 +1,262 @@
/*
* Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000, 2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: gssapictx.c,v 1.1.4.1 2004/12/09 04:07:17 marka Exp $ */
#include <config.h>
#include <stdlib.h>
#include <isc/buffer.h>
#include <isc/dir.h>
#include <isc/entropy.h>
#include <isc/lex.h>
#include <isc/mem.h>
#include <isc/once.h>
#include <isc/random.h>
#include <isc/string.h>
#include <isc/time.h>
#include <isc/util.h>
#include <dns/fixedname.h>
#include <dns/name.h>
#include <dns/rdata.h>
#include <dns/rdataclass.h>
#include <dns/result.h>
#include <dns/types.h>
#include <dns/keyvalues.h>
#include <dst/gssapi.h>
#include <dst/result.h>
#include "dst_internal.h"
#ifdef GSSAPI
#include <gssapi/gssapi.h>
#define RETERR(x) do { \
result = (x); \
if (result != ISC_R_SUCCESS) \
goto out; \
} while (0)
#define REGION_TO_GBUFFER(r, gb) \
do { \
(gb).length = (r).length; \
(gb).value = (r).base; \
} while (0)
#define GBUFFER_TO_REGION(gb, r) \
do { \
(r).length = (gb).length; \
(r).base = (gb).value; \
} while (0)
static inline void
name_to_gbuffer(dns_name_t *name, isc_buffer_t *buffer,
gss_buffer_desc *gbuffer)
{
dns_name_t tname, *namep;
isc_region_t r;
isc_result_t result;
if (!dns_name_isabsolute(name))
namep = name;
else {
unsigned int labels;
dns_name_init(&tname, NULL);
labels = dns_name_countlabels(name);
dns_name_getlabelsequence(name, 0, labels - 1, &tname);
namep = &tname;
}
result = dns_name_totext(namep, ISC_FALSE, buffer);
isc_buffer_putuint8(buffer, 0);
isc_buffer_usedregion(buffer, &r);
REGION_TO_GBUFFER(r, *gbuffer);
}
isc_result_t
dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, void **cred) {
isc_buffer_t namebuf;
gss_name_t gname;
gss_buffer_desc gnamebuf;
unsigned char array[DNS_NAME_MAXTEXT + 1];
OM_uint32 gret, minor;
gss_OID_set mechs;
OM_uint32 lifetime;
gss_cred_usage_t usage;
REQUIRE(cred != NULL && *cred == NULL);
if (name != NULL) {
isc_buffer_init(&namebuf, array, sizeof(array));
name_to_gbuffer(name, &namebuf, &gnamebuf);
gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID,
&gname);
if (gret != GSS_S_COMPLETE)
return (ISC_R_FAILURE);
} else
gname = NULL;
if (initiate)
usage = GSS_C_INITIATE;
else
usage = GSS_C_ACCEPT;
gret = gss_acquire_cred(&minor, gname, GSS_C_INDEFINITE,
GSS_C_NO_OID_SET, usage,
cred, &mechs, &lifetime);
if (gret != GSS_S_COMPLETE)
return (ISC_R_FAILURE);
return (ISC_R_SUCCESS);
}
isc_result_t
dst_gssapi_initctx(dns_name_t *name, void *cred,
isc_region_t *intoken, isc_buffer_t *outtoken,
void **context)
{
isc_region_t r;
isc_buffer_t namebuf;
gss_buffer_desc gnamebuf, gintoken, *gintokenp, gouttoken;
OM_uint32 gret, minor, flags, ret_flags;
gss_OID mech_type, ret_mech_type;
OM_uint32 lifetime;
gss_name_t gname;
isc_result_t result;
unsigned char array[DNS_NAME_MAXTEXT + 1];
isc_buffer_init(&namebuf, array, sizeof(array));
name_to_gbuffer(name, &namebuf, &gnamebuf);
gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname);
if (gret != GSS_S_COMPLETE)
return (ISC_R_FAILURE);
if (intoken != NULL) {
REGION_TO_GBUFFER(*intoken, gintoken);
gintokenp = &gintoken;
} else
gintokenp = NULL;
if (*context == NULL)
*context = GSS_C_NO_CONTEXT;
flags = GSS_C_REPLAY_FLAG | GSS_C_MUTUAL_FLAG | GSS_C_DELEG_FLAG |
GSS_C_SEQUENCE_FLAG | GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG;
mech_type = GSS_C_NO_OID;
gret = gss_init_sec_context(&minor, cred, context, gname,
mech_type, flags, 0,
GSS_C_NO_CHANNEL_BINDINGS, gintokenp,
&ret_mech_type, &gouttoken, &ret_flags,
&lifetime);
if (gret != GSS_S_COMPLETE && gret != GSS_S_CONTINUE_NEEDED)
return (ISC_R_FAILURE);
GBUFFER_TO_REGION(gouttoken, r);
RETERR(isc_buffer_copyregion(outtoken, &r));
if (gret == GSS_S_COMPLETE)
return (ISC_R_SUCCESS);
else
return (DNS_R_CONTINUE);
out:
return (result);
}
isc_result_t
dst_gssapi_acceptctx(dns_name_t *name, void *cred,
isc_region_t *intoken, isc_buffer_t *outtoken,
void **context)
{
isc_region_t r;
isc_buffer_t namebuf;
gss_buffer_desc gnamebuf, gintoken, gouttoken;
OM_uint32 gret, minor, flags;
gss_OID mech_type;
OM_uint32 lifetime;
gss_cred_id_t delegated_cred;
gss_name_t gname;
isc_result_t result;
unsigned char array[DNS_NAME_MAXTEXT + 1];
isc_buffer_init(&namebuf, array, sizeof(array));
name_to_gbuffer(name, &namebuf, &gnamebuf);
gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname);
if (gret != GSS_S_COMPLETE)
return (ISC_R_FAILURE);
REGION_TO_GBUFFER(*intoken, gintoken);
if (*context == NULL)
*context = GSS_C_NO_CONTEXT;
gret = gss_accept_sec_context(&minor, context, cred, &gintoken,
GSS_C_NO_CHANNEL_BINDINGS, gname,
&mech_type, &gouttoken, &flags,
&lifetime, &delegated_cred);
if (gret != GSS_S_COMPLETE)
return (ISC_R_FAILURE);
GBUFFER_TO_REGION(gouttoken, r);
RETERR(isc_buffer_copyregion(outtoken, &r));
return (ISC_R_SUCCESS);
out:
return (result);
}
#else
isc_result_t
dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, void **cred) {
UNUSED(name);
UNUSED(initiate);
UNUSED(cred);
return (ISC_R_NOTIMPLEMENTED);
}
isc_result_t
dst_gssapi_initctx(dns_name_t *name, void *cred,
isc_region_t *intoken, isc_buffer_t *outtoken,
void **context)
{
UNUSED(name);
UNUSED(cred);
UNUSED(intoken);
UNUSED(outtoken);
UNUSED(context);
return (ISC_R_NOTIMPLEMENTED);
}
isc_result_t
dst_gssapi_acceptctx(dns_name_t *name, void *cred,
isc_region_t *intoken, isc_buffer_t *outtoken,
void **context)
{
UNUSED(name);
UNUSED(cred);
UNUSED(intoken);
UNUSED(outtoken);
UNUSED(context);
return (ISC_R_NOTIMPLEMENTED);
}
#endif

282
contrib/bind9/lib/dns/hmac_link.c Normal file
View File

@ -0,0 +1,282 @@
/*
* Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (C) 1999-2002 Internet Software Consortium.
* Portions Copyright (C) 1995-2000 by Network Associates, Inc.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
* FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/*
* Principal Author: Brian Wellington
* $Id: hmac_link.c,v 1.1.4.1 2004/12/09 04:07:17 marka Exp $
*/
#include <config.h>
#include <isc/buffer.h>
#include <isc/hmacmd5.h>
#include <isc/md5.h>
#include <isc/mem.h>
#include <isc/string.h>
#include <isc/util.h>
#include <dst/result.h>
#include "dst_internal.h"
#include "dst_parse.h"
#define HMAC_LEN 64
#define HMAC_IPAD 0x36
#define HMAC_OPAD 0x5c
static isc_result_t hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data);
typedef struct hmackey {
unsigned char key[HMAC_LEN];
} HMAC_Key;
static isc_result_t
hmacmd5_createctx(dst_key_t *key, dst_context_t *dctx) {
isc_hmacmd5_t *hmacmd5ctx;
HMAC_Key *hkey = key->opaque;
hmacmd5ctx = isc_mem_get(dctx->mctx, sizeof(isc_hmacmd5_t));
if (hmacmd5ctx == NULL)
return (ISC_R_NOMEMORY);
isc_hmacmd5_init(hmacmd5ctx, hkey->key, HMAC_LEN);
dctx->opaque = hmacmd5ctx;
return (ISC_R_SUCCESS);
}
static void
hmacmd5_destroyctx(dst_context_t *dctx) {
isc_hmacmd5_t *hmacmd5ctx = dctx->opaque;
if (hmacmd5ctx != NULL) {
isc_hmacmd5_invalidate(hmacmd5ctx);
isc_mem_put(dctx->mctx, hmacmd5ctx, sizeof(isc_hmacmd5_t));
dctx->opaque = NULL;
}
}
static isc_result_t
hmacmd5_adddata(dst_context_t *dctx, const isc_region_t *data) {
isc_hmacmd5_t *hmacmd5ctx = dctx->opaque;
isc_hmacmd5_update(hmacmd5ctx, data->base, data->length);
return (ISC_R_SUCCESS);
}
static isc_result_t
hmacmd5_sign(dst_context_t *dctx, isc_buffer_t *sig) {
isc_hmacmd5_t *hmacmd5ctx = dctx->opaque;
unsigned char *digest;
if (isc_buffer_availablelength(sig) < ISC_MD5_DIGESTLENGTH)
return (ISC_R_NOSPACE);
digest = isc_buffer_used(sig);
isc_hmacmd5_sign(hmacmd5ctx, digest);
isc_buffer_add(sig, ISC_MD5_DIGESTLENGTH);
return (ISC_R_SUCCESS);
}
static isc_result_t
hmacmd5_verify(dst_context_t *dctx, const isc_region_t *sig) {
isc_hmacmd5_t *hmacmd5ctx = dctx->opaque;
if (sig->length < ISC_MD5_DIGESTLENGTH)
return (DST_R_VERIFYFAILURE);
if (isc_hmacmd5_verify(hmacmd5ctx, sig->base))
return (ISC_R_SUCCESS);
else
return (DST_R_VERIFYFAILURE);
}
static isc_boolean_t
hmacmd5_compare(const dst_key_t *key1, const dst_key_t *key2) {
HMAC_Key *hkey1, *hkey2;
hkey1 = (HMAC_Key *)key1->opaque;
hkey2 = (HMAC_Key *)key2->opaque;
if (hkey1 == NULL && hkey2 == NULL)
return (ISC_TRUE);
else if (hkey1 == NULL || hkey2 == NULL)
return (ISC_FALSE);
if (memcmp(hkey1->key, hkey2->key, HMAC_LEN) == 0)
return (ISC_TRUE);
else
return (ISC_FALSE);
}
static isc_result_t
hmacmd5_generate(dst_key_t *key, int pseudorandom_ok) {
isc_buffer_t b;
isc_result_t ret;
int bytes;
unsigned char data[HMAC_LEN];
bytes = (key->key_size + 7) / 8;
if (bytes > 64) {
bytes = 64;
key->key_size = 512;
}
memset(data, 0, HMAC_LEN);
ret = dst__entropy_getdata(data, bytes, ISC_TF(pseudorandom_ok != 0));
if (ret != ISC_R_SUCCESS)
return (ret);
isc_buffer_init(&b, data, bytes);
isc_buffer_add(&b, bytes);
ret = hmacmd5_fromdns(key, &b);
memset(data, 0, HMAC_LEN);
return (ret);
}
static isc_boolean_t
hmacmd5_isprivate(const dst_key_t *key) {
UNUSED(key);
return (ISC_TRUE);
}
static void
hmacmd5_destroy(dst_key_t *key) {
HMAC_Key *hkey = key->opaque;
memset(hkey, 0, sizeof(HMAC_Key));
isc_mem_put(key->mctx, hkey, sizeof(HMAC_Key));
key->opaque = NULL;
}
static isc_result_t
hmacmd5_todns(const dst_key_t *key, isc_buffer_t *data) {
HMAC_Key *hkey;
unsigned int bytes;
REQUIRE(key->opaque != NULL);
hkey = (HMAC_Key *) key->opaque;
bytes = (key->key_size + 7) / 8;
if (isc_buffer_availablelength(data) < bytes)
return (ISC_R_NOSPACE);
isc_buffer_putmem(data, hkey->key, bytes);
return (ISC_R_SUCCESS);
}
static isc_result_t
hmacmd5_fromdns(dst_key_t *key, isc_buffer_t *data) {
HMAC_Key *hkey;
int keylen;
isc_region_t r;
isc_md5_t md5ctx;
isc_buffer_remainingregion(data, &r);
if (r.length == 0)
return (ISC_R_SUCCESS);
hkey = (HMAC_Key *) isc_mem_get(key->mctx, sizeof(HMAC_Key));
if (hkey == NULL)
return (ISC_R_NOMEMORY);
memset(hkey->key, 0, sizeof(hkey->key));
if (r.length > HMAC_LEN) {
isc_md5_init(&md5ctx);
isc_md5_update(&md5ctx, r.base, r.length);
isc_md5_final(&md5ctx, hkey->key);
keylen = ISC_MD5_DIGESTLENGTH;
}
else {
memcpy(hkey->key, r.base, r.length);
keylen = r.length;
}
key->key_size = keylen * 8;
key->opaque = hkey;
return (ISC_R_SUCCESS);
}
static isc_result_t
hmacmd5_tofile(const dst_key_t *key, const char *directory) {
int cnt = 0;
HMAC_Key *hkey;
dst_private_t priv;
int bytes = (key->key_size + 7) / 8;
if (key->opaque == NULL)
return (DST_R_NULLKEY);
hkey = (HMAC_Key *) key->opaque;
priv.elements[cnt].tag = TAG_HMACMD5_KEY;
priv.elements[cnt].length = bytes;
priv.elements[cnt++].data = hkey->key;
priv.nelements = cnt;
return (dst__privstruct_writefile(key, &priv, directory));
}
static isc_result_t
hmacmd5_parse(dst_key_t *key, isc_lex_t *lexer) {
dst_private_t priv;
isc_result_t ret;
isc_buffer_t b;
isc_mem_t *mctx = key->mctx;
/* read private key file */
ret = dst__privstruct_parse(key, DST_ALG_HMACMD5, lexer, mctx, &priv);
if (ret != ISC_R_SUCCESS)
return (ret);
isc_buffer_init(&b, priv.elements[0].data, priv.elements[0].length);
isc_buffer_add(&b, priv.elements[0].length);
ret = hmacmd5_fromdns(key, &b);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ret);
}
static dst_func_t hmacmd5_functions = {
hmacmd5_createctx,
hmacmd5_destroyctx,
hmacmd5_adddata,
hmacmd5_sign,
hmacmd5_verify,
NULL, /* computesecret */
hmacmd5_compare,
NULL, /* paramcompare */
hmacmd5_generate,
hmacmd5_isprivate,
hmacmd5_destroy,
hmacmd5_todns,
hmacmd5_fromdns,
hmacmd5_tofile,
hmacmd5_parse,
NULL, /* cleanup */
};
isc_result_t
dst__hmacmd5_init(dst_func_t **funcp) {
REQUIRE(funcp != NULL);
if (*funcp == NULL)
*funcp = &hmacmd5_functions;
return (ISC_R_SUCCESS);
}

4
contrib/bind9/lib/dns/include/Makefile.in
View File

@ -13,13 +13,13 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.11.206.1 2004/03/06 08:13:50 marka Exp $
# $Id: Makefile.in,v 1.11.206.2 2004/12/09 04:07:19 marka Exp $
srcdir = @srcdir@
VPATH = @srcdir@
top_srcdir = @top_srcdir@
SUBDIRS = dns
SUBDIRS = dns dst
TARGETS =
@BIND9_MAKE_RULES@

10
contrib/bind9/lib/dns/include/dns/name.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: name.h,v 1.95.2.3.2.11 2004/09/01 05:19:59 marka Exp $ */
/* $Id: name.h,v 1.95.2.3.2.12 2004/09/08 00:29:34 marka Exp $ */
#ifndef DNS_NAME_H
#define DNS_NAME_H 1
@ -560,7 +560,7 @@ dns_name_getlabel(const dns_name_t *name, unsigned int n, dns_label_t *label);
* be changed while 'label' is still in use.
*
* Requires:
* n < dns_label_countlabels(name)
* n < dns_name_countlabels(name)
*/
void
@ -582,9 +582,9 @@ dns_name_getlabelsequence(const dns_name_t *source, unsigned int first,
* Requires:
* 'source' and 'target' are valid names.
*
* first < dns_label_countlabels(name)
* first < dns_name_countlabels(name)
*
* first + n <= dns_label_countlabels(name)
* first + n <= dns_name_countlabels(name)
*/
@ -601,7 +601,7 @@ dns_name_clone(dns_name_t *source, dns_name_t *target);
* This call is functionally equivalent to:
*
* dns_name_getlabelsequence(source, 0,
* dns_label_countlabels(source),
* dns_name_countlabels(source),
* target);
*
* but is more efficient. Also, dns_name_clone() works even if 'source'

17
contrib/bind9/lib/dns/include/dns/rbt.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: rbt.h,v 1.55.12.5 2004/03/08 09:04:38 marka Exp $ */
/* $Id: rbt.h,v 1.55.12.6 2004/10/11 05:55:51 marka Exp $ */
#ifndef DNS_RBT_H
#define DNS_RBT_H 1
@ -603,15 +603,18 @@ dns_rbt_destroy(dns_rbt_t **rbtp);
isc_result_t
dns_rbt_destroy2(dns_rbt_t **rbtp, unsigned int quantum);
/*
* Stop working with a red-black tree of trees. Once dns_rbt_destroy2()
* has been called on a 'rbt' only dns_rbt_destroy() or dns_rbt_destroy2()
* may be used on the tree. If 'quantum' is zero then the entire tree will
* be destroyed.
*
* Stop working with a red-black tree of trees.
* If 'quantum' is zero then the entire tree will be destroyed.
* If 'quantum' is non zero then up to 'quantum' nodes will be destroyed
* allowing the rbt to be incrementally destroyed by repeated calls to
* dns_rbt_destroy2(). Once dns_rbt_destroy2() has been called no other
* operations than dns_rbt_destroy()/dns_rbt_destroy2() should be
* performed on the tree of trees.
*
* Requires:
* *rbt is a valid rbt manager.
*
* Ensures:
* Ensures on ISC_R_SUCCESS:
* All space allocated by the RBT library has been returned.
*
* *rbt is invalidated as an rbt manager.

9
contrib/bind9/lib/dns/include/dns/zone.h
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: zone.h,v 1.106.2.7.4.14 2004/03/06 08:14:01 marka Exp $ */
/* $Id: zone.h,v 1.106.2.7.4.15 2004/10/26 02:08:43 marka Exp $ */
#ifndef DNS_ZONE_H
#define DNS_ZONE_H 1
@ -971,6 +971,13 @@ dns_zone_replacedb(dns_zone_t *zone, dns_db_t *db, isc_boolean_t dump);
*
* Requires:
* 'zone' to be a valid zone.
*
* Returns:
* DNS_R_SUCCESS
* DNS_R_BADZONE zone failed basic consistancy checks:
* * a single SOA must exist
* * some NS records must exist.
* Others
*/
isc_uint32_t

37
contrib/bind9/lib/dns/include/dst/Makefile.in Normal file
View File

@ -0,0 +1,37 @@
# Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 1998-2001 Internet Software Consortium.
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.1.4.1 2004/12/09 04:07:19 marka Exp $
srcdir = @srcdir@
VPATH = @srcdir@
top_srcdir = @top_srcdir@
@BIND9_VERSION@
HEADERS = dst.h lib.h result.h
SUBDIRS =
TARGETS =
@BIND9_MAKE_RULES@
installdirs:
$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${includedir}/dst
install:: installdirs
for i in ${HEADERS}; do \
${INSTALL_DATA} ${srcdir}/$$i ${DESTDIR}${includedir}/dst ; \
done

570
contrib/bind9/lib/dns/include/dst/dst.h Normal file
View File

@ -0,0 +1,570 @@
/*
* Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dst.h,v 1.1.4.1 2004/12/09 04:07:19 marka Exp $ */
#ifndef DST_DST_H
#define DST_DST_H 1
#include <isc/lang.h>
#include <dns/types.h>
ISC_LANG_BEGINDECLS
/***
*** Types
***/
/*
* The dst_key structure is opaque. Applications should use the accessor
* functions provided to retrieve key attributes. If an application needs
* to set attributes, new accessor functions will be written.
*/
typedef struct dst_key dst_key_t;
typedef struct dst_context dst_context_t;
/* DST algorithm codes */
#define DST_ALG_UNKNOWN 0
#define DST_ALG_RSAMD5 1
#define DST_ALG_RSA DST_ALG_RSAMD5 /* backwards compatibility */
#define DST_ALG_DH 2
#define DST_ALG_DSA 3
#define DST_ALG_ECC 4
#define DST_ALG_RSASHA1 5
#define DST_ALG_HMACMD5 157
#define DST_ALG_GSSAPI 160
#define DST_ALG_PRIVATE 254
#define DST_ALG_EXPAND 255
#define DST_MAX_ALGS 255
/* A buffer of this size is large enough to hold any key */
#define DST_KEY_MAXSIZE 1280
/*
* A buffer of this size is large enough to hold the textual representation
* of any key
*/
#define DST_KEY_MAXTEXTSIZE 2048
/* 'Type' for dst_read_key() */
#define DST_TYPE_KEY 0x1000000 /* KEY key */
#define DST_TYPE_PRIVATE 0x2000000
#define DST_TYPE_PUBLIC 0x4000000
/***
*** Functions
***/
isc_result_t
dst_lib_init(isc_mem_t *mctx, isc_entropy_t *ectx, unsigned int eflags);
/*
* Initializes the DST subsystem.
*
* Requires:
* "mctx" is a valid memory context
* "ectx" is a valid entropy context
*
* Returns:
* ISC_R_SUCCESS
* ISC_R_NOMEMORY
*
* Ensures:
* DST is properly initialized.
*/
void
dst_lib_destroy(void);
/*
* Releases all resources allocated by DST.
*/
isc_boolean_t
dst_algorithm_supported(unsigned int alg);
/*
* Checks that a given algorithm is supported by DST.
*
* Returns:
* ISC_TRUE
* ISC_FALSE
*/
isc_result_t
dst_context_create(dst_key_t *key, isc_mem_t *mctx, dst_context_t **dctxp);
/*
* Creates a context to be used for a sign or verify operation.
*
* Requires:
* "key" is a valid key.
* "mctx" is a valid memory context.
* dctxp != NULL && *dctxp == NULL
*
* Returns:
* ISC_R_SUCCESS
* ISC_R_NOMEMORY
*
* Ensures:
* *dctxp will contain a usable context.
*/
void
dst_context_destroy(dst_context_t **dctxp);
/*
* Destroys all memory associated with a context.
*
* Requires:
* *dctxp != NULL && *dctxp == NULL
*
* Ensures:
* *dctxp == NULL
*/
isc_result_t
dst_context_adddata(dst_context_t *dctx, const isc_region_t *data);
/*
* Incrementally adds data to the context to be used in a sign or verify
* operation.
*
* Requires:
* "dctx" is a valid context
* "data" is a valid region
*
* Returns:
* ISC_R_SUCCESS
* DST_R_SIGNFAILURE
* all other errors indicate failure
*/
isc_result_t
dst_context_sign(dst_context_t *dctx, isc_buffer_t *sig);
/*
* Computes a signature using the data and key stored in the context.
*
* Requires:
* "dctx" is a valid context.
* "sig" is a valid buffer.
*
* Returns:
* ISC_R_SUCCESS
* DST_R_VERIFYFAILURE
* all other errors indicate failure
*
* Ensures:
* "sig" will contain the signature
*/
isc_result_t
dst_context_verify(dst_context_t *dctx, isc_region_t *sig);
/*
* Verifies the signature using the data and key stored in the context.
*
* Requires:
* "dctx" is a valid context.
* "sig" is a valid region.
*
* Returns:
* ISC_R_SUCCESS
* all other errors indicate failure
*
* Ensures:
* "sig" will contain the signature
*/
isc_result_t
dst_key_computesecret(const dst_key_t *pub, const dst_key_t *priv,
isc_buffer_t *secret);
/*
* Computes a shared secret from two (Diffie-Hellman) keys.
*
* Requires:
* "pub" is a valid key that can be used to derive a shared secret
* "priv" is a valid private key that can be used to derive a shared secret
* "secret" is a valid buffer
*
* Returns:
* ISC_R_SUCCESS
* any other result indicates failure
*
* Ensures:
* If successful, secret will contain the derived shared secret.
*/
isc_result_t
dst_key_fromfile(dns_name_t *name, dns_keytag_t id, unsigned int alg, int type,
const char *directory, isc_mem_t *mctx, dst_key_t **keyp);
/*
* Reads a key from permanent storage. The key can either be a public or
* private key, and is specified by name, algorithm, and id. If a private key
* is specified, the public key must also be present. If directory is NULL,
* the current directory is assumed.
*
* Requires:
* "name" is a valid absolute dns name.
* "id" is a valid key tag identifier.
* "alg" is a supported key algorithm.
* "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union.
* DST_TYPE_KEY look for a KEY record otherwise DNSKEY
* "mctx" is a valid memory context.
* "keyp" is not NULL and "*keyp" is NULL.
*
* Returns:
* ISC_R_SUCCESS
* any other result indicates failure
*
* Ensures:
* If successful, *keyp will contain a valid key.
*/
isc_result_t
dst_key_fromnamedfile(const char *filename, int type, isc_mem_t *mctx,
dst_key_t **keyp);
/*
* Reads a key from permanent storage. The key can either be a public or
* key, and is specified by filename. If a private key is specified, the
* public key must also be present.
*
* Requires:
* "filename" is not NULL
* "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union
* DST_TYPE_KEY look for a KEY record otherwise DNSKEY
* "mctx" is a valid memory context
* "keyp" is not NULL and "*keyp" is NULL.
*
* Returns:
* ISC_R_SUCCESS
* any other result indicates failure
*
* Ensures:
* If successful, *keyp will contain a valid key.
*/
isc_result_t
dst_key_tofile(const dst_key_t *key, int type, const char *directory);
/*
* Writes a key to permanent storage. The key can either be a public or
* private key. Public keys are written in DNS format and private keys
* are written as a set of base64 encoded values. If directory is NULL,
* the current directory is assumed.
*
* Requires:
* "key" is a valid key.
* "type" is DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or the bitwise union
*
* Returns:
* ISC_R_SUCCESS
* any other result indicates failure
*/
isc_result_t
dst_key_fromdns(dns_name_t *name, dns_rdataclass_t rdclass,
isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp);
/*
* Converts a DNS KEY record into a DST key.
*
* Requires:
* "name" is a valid absolute dns name.
* "source" is a valid buffer. There must be at least 4 bytes available.
* "mctx" is a valid memory context.
* "keyp" is not NULL and "*keyp" is NULL.
*
* Returns:
* ISC_R_SUCCESS
* any other result indicates failure
*
* Ensures:
* If successful, *keyp will contain a valid key, and the consumed
* pointer in data will be advanced.
*/
isc_result_t
dst_key_todns(const dst_key_t *key, isc_buffer_t *target);
/*
* Converts a DST key into a DNS KEY record.
*
* Requires:
* "key" is a valid key.
* "target" is a valid buffer. There must be at least 4 bytes unused.
*
* Returns:
* ISC_R_SUCCESS
* any other result indicates failure
*
* Ensures:
* If successful, the used pointer in 'target' is advanced by at least 4.
*/
isc_result_t
dst_key_frombuffer(dns_name_t *name, unsigned int alg,
unsigned int flags, unsigned int protocol,
dns_rdataclass_t rdclass,
isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp);
/*
* Converts a buffer containing DNS KEY RDATA into a DST key.
*
* Requires:
* "name" is a valid absolute dns name.
* "alg" is a supported key algorithm.
* "source" is a valid buffer.
* "mctx" is a valid memory context.
* "keyp" is not NULL and "*keyp" is NULL.
*
* Returns:
* ISC_R_SUCCESS
* any other result indicates failure
*
* Ensures:
* If successful, *keyp will contain a valid key, and the consumed
* pointer in source will be advanced.
*/
isc_result_t
dst_key_tobuffer(const dst_key_t *key, isc_buffer_t *target);
/*
* Converts a DST key into DNS KEY RDATA format.
*
* Requires:
* "key" is a valid key.
* "target" is a valid buffer.
*
* Returns:
* ISC_R_SUCCESS
* any other result indicates failure
*
* Ensures:
* If successful, the used pointer in 'target' is advanced.
*/
isc_result_t
dst_key_privatefrombuffer(dst_key_t *key, isc_buffer_t *buffer);
/*
* Converts a public key into a private key, reading the private key
* information from the buffer. The buffer should contain the same data
* as the .private key file would.
*
* Requires:
* "key" is a valid public key.
* "buffer" is not NULL.
*
* Returns:
* ISC_R_SUCCESS
* any other result indicates failure
*
* Ensures:
* If successful, key will contain a valid private key.
*/
isc_result_t
dst_key_fromgssapi(dns_name_t *name, void *opaque, isc_mem_t *mctx,
dst_key_t **keyp);
/*
* Converts a GSSAPI opaque context id into a DST key.
*
* Requires:
* "name" is a valid absolute dns name.
* "opaque" is a GSSAPI context id.
* "mctx" is a valid memory context.
* "keyp" is not NULL and "*keyp" is NULL.
*
* Returns:
* ISC_R_SUCCESS
* any other result indicates failure
*
* Ensures:
* If successful, *keyp will contain a valid key and be responsible for
* the context id.
*/
isc_result_t
dst_key_generate(dns_name_t *name, unsigned int alg,
unsigned int bits, unsigned int param,
unsigned int flags, unsigned int protocol,
dns_rdataclass_t rdclass,
isc_mem_t *mctx, dst_key_t **keyp);
/*
* Generate a DST key (or keypair) with the supplied parameters. The
* interpretation of the "param" field depends on the algorithm:
* RSA: exponent
* 0 use exponent 3
* !0 use Fermat4 (2^16 + 1)
* DH: generator
* 0 default - use well known prime if bits == 768 or 1024,
* otherwise use 2 as the generator.
* !0 use this value as the generator.
* DSA: unused
* HMACMD5: entropy
* 0 default - require good entropy
* !0 lack of good entropy is ok
*
* Requires:
* "name" is a valid absolute dns name.
* "keyp" is not NULL and "*keyp" is NULL.
*
* Returns:
* ISC_R_SUCCESS
* any other result indicates failure
*
* Ensures:
* If successful, *keyp will contain a valid key.
*/
isc_boolean_t
dst_key_compare(const dst_key_t *key1, const dst_key_t *key2);
/*
* Compares two DST keys.
*
* Requires:
* "key1" is a valid key.
* "key2" is a valid key.
*
* Returns:
* ISC_TRUE
* ISC_FALSE
*/
isc_boolean_t
dst_key_paramcompare(const dst_key_t *key1, const dst_key_t *key2);
/*
* Compares the parameters of two DST keys. This is used to determine if
* two (Diffie-Hellman) keys can be used to derive a shared secret.
*
* Requires:
* "key1" is a valid key.
* "key2" is a valid key.
*
* Returns:
* ISC_TRUE
* ISC_FALSE
*/
void
dst_key_free(dst_key_t **keyp);
/*
* Release all memory associated with the key.
*
* Requires:
* "keyp" is not NULL and "*keyp" is a valid key.
*
* Ensures:
* All memory associated with "*keyp" will be freed.
* *keyp == NULL
*/
/*
* Accessor functions to obtain key fields.
*
* Require:
* "key" is a valid key.
*/
dns_name_t *
dst_key_name(const dst_key_t *key);
unsigned int
dst_key_size(const dst_key_t *key);
unsigned int
dst_key_proto(const dst_key_t *key);
unsigned int
dst_key_alg(const dst_key_t *key);
isc_uint32_t
dst_key_flags(const dst_key_t *key);
dns_keytag_t
dst_key_id(const dst_key_t *key);
dns_rdataclass_t
dst_key_class(const dst_key_t *key);
isc_boolean_t
dst_key_isprivate(const dst_key_t *key);
isc_boolean_t
dst_key_iszonekey(const dst_key_t *key);
isc_boolean_t
dst_key_isnullkey(const dst_key_t *key);
isc_result_t
dst_key_buildfilename(const dst_key_t *key, int type,
const char *directory, isc_buffer_t *out);
/*
* Generates the filename used by dst to store the specified key.
* If directory is NULL, the current directory is assumed.
*
* Requires:
* "key" is a valid key
* "type" is either DST_TYPE_PUBLIC, DST_TYPE_PRIVATE, or 0 for no suffix.
* "out" is a valid buffer
*
* Ensures:
* the file name will be written to "out", and the used pointer will
* be advanced.
*/
isc_result_t
dst_key_sigsize(const dst_key_t *key, unsigned int *n);
/*
* Computes the size of a signature generated by the given key.
*
* Requires:
* "key" is a valid key.
* "n" is not NULL
*
* Returns:
* ISC_R_SUCCESS
* DST_R_UNSUPPORTEDALG
*
* Ensures:
* "n" stores the size of a generated signature
*/
isc_result_t
dst_key_secretsize(const dst_key_t *key, unsigned int *n);
/*
* Computes the size of a shared secret generated by the given key.
*
* Requires:
* "key" is a valid key.
* "n" is not NULL
*
* Returns:
* ISC_R_SUCCESS
* DST_R_UNSUPPORTEDALG
*
* Ensures:
* "n" stores the size of a generated shared secret
*/
isc_uint16_t
dst_region_computeid(const isc_region_t *source, unsigned int alg);
/*
* Computes the key id of the key stored in the provided region with the
* given algorithm.
*
* Requires:
* "source" contains a valid, non-NULL region.
*
* Returns:
* the key id
*/
ISC_LANG_ENDDECLS
#endif /* DST_DST_H */

56
contrib/bind9/lib/dns/include/dst/gssapi.h Normal file
View File

@ -0,0 +1,56 @@
/*
* Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000, 2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: gssapi.h,v 1.1.4.1 2004/12/09 04:07:20 marka Exp $ */
#ifndef DST_GSSAPI_H
#define DST_GSSAPI_H 1
#include <isc/lang.h>
#include <isc/types.h>
ISC_LANG_BEGINDECLS
/***
*** Types
***/
/***
*** Functions
***/
isc_result_t
dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, void **cred);
isc_result_t
dst_gssapi_initctx(dns_name_t *name, void *cred,
isc_region_t *intoken, isc_buffer_t *outtoken,
void **context);
isc_result_t
dst_gssapi_acceptctx(dns_name_t *name, void *cred,
isc_region_t *intoken, isc_buffer_t *outtoken,
void **context);
/*
* XXX
*/
ISC_LANG_ENDDECLS
#endif /* DST_GSSAPI_H */

39
contrib/bind9/lib/dns/include/dst/lib.h Normal file
View File

@ -0,0 +1,39 @@
/*
* Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: lib.h,v 1.1.4.1 2004/12/09 04:07:20 marka Exp $ */
#ifndef DST_LIB_H
#define DST_LIB_H 1
#include <isc/types.h>
#include <isc/lang.h>
ISC_LANG_BEGINDECLS
LIBDNS_EXTERNAL_DATA extern isc_msgcat_t *dst_msgcat;
void
dst_lib_initmsgcat(void);
/*
* Initialize the DST library's message catalog, dst_msgcat, if it
* has not already been initialized.
*/
ISC_LANG_ENDDECLS
#endif /* DST_LIB_H */

68
contrib/bind9/lib/dns/include/dst/result.h Normal file
View File

@ -0,0 +1,68 @@
/*
* Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: result.h,v 1.1.4.1 2004/12/09 04:07:20 marka Exp $ */
#ifndef DST_RESULT_H
#define DST_RESULT_H 1
#include <isc/lang.h>
#include <isc/resultclass.h>
/*
* Nothing in this file truly depends on <isc/result.h>, but the
* DST result codes are considered to be publicly derived from
* the ISC result codes, so including this file buys you the ISC_R_
* namespace too.
*/
#include <isc/result.h> /* Contractual promise. */
#define DST_R_UNSUPPORTEDALG (ISC_RESULTCLASS_DST + 0)
#define DST_R_OPENSSLFAILURE (ISC_RESULTCLASS_DST + 1)
#define DST_R_NOCRYPTO (ISC_RESULTCLASS_DST + 2)
#define DST_R_NULLKEY (ISC_RESULTCLASS_DST + 3)
#define DST_R_INVALIDPUBLICKEY (ISC_RESULTCLASS_DST + 4)
#define DST_R_INVALIDPRIVATEKEY (ISC_RESULTCLASS_DST + 5)
/* 6 is unused */
#define DST_R_WRITEERROR (ISC_RESULTCLASS_DST + 7)
#define DST_R_INVALIDPARAM (ISC_RESULTCLASS_DST + 8)
/* 9 is unused */
/* 10 is unused */
#define DST_R_SIGNFAILURE (ISC_RESULTCLASS_DST + 11)
/* 12 is unused */
/* 13 is unused */
#define DST_R_VERIFYFAILURE (ISC_RESULTCLASS_DST + 14)
#define DST_R_NOTPUBLICKEY (ISC_RESULTCLASS_DST + 15)
#define DST_R_NOTPRIVATEKEY (ISC_RESULTCLASS_DST + 16)
#define DST_R_KEYCANNOTCOMPUTESECRET (ISC_RESULTCLASS_DST + 17)
#define DST_R_COMPUTESECRETFAILURE (ISC_RESULTCLASS_DST + 18)
#define DST_R_NORANDOMNESS (ISC_RESULTCLASS_DST + 19)
#define DST_R_BADKEYTYPE (ISC_RESULTCLASS_DST + 20)
#define DST_R_NRESULTS 21 /* Number of results */
ISC_LANG_BEGINDECLS
const char *
dst_result_totext(isc_result_t);
void
dst_result_register(void);
ISC_LANG_ENDDECLS
#endif /* DST_RESULT_H */

24
contrib/bind9/lib/dns/journal.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: journal.c,v 1.77.2.1.10.8 2004/05/14 05:27:47 marka Exp $ */
/* $Id: journal.c,v 1.77.2.1.10.9 2004/09/16 04:57:02 marka Exp $ */
#include <config.h>
@ -1035,8 +1035,8 @@ dns_journal_commit(dns_journal_t *j) {
*/
if (j->x.n_soa != 2) {
isc_log_write(JOURNAL_COMMON_LOGARGS, ISC_LOG_ERROR,
"malformed transaction: %d SOAs",
j->x.n_soa);
"%s: malformed transaction: %d SOAs",
j->filename, j->x.n_soa);
return (ISC_R_UNEXPECTED);
}
if (! (DNS_SERIAL_GT(j->x.pos[1].serial, j->x.pos[0].serial) ||
@ -1044,8 +1044,8 @@ dns_journal_commit(dns_journal_t *j) {
j->x.pos[1].serial == j->x.pos[0].serial)))
{
isc_log_write(JOURNAL_COMMON_LOGARGS, ISC_LOG_ERROR,
"malformed transaction: serial number "
"would decrease");
"%s: malformed transaction: serial number "
"would decrease", j->filename);
return (ISC_R_UNEXPECTED);
}
if (! JOURNAL_EMPTY(&j->header)) {
@ -1266,8 +1266,8 @@ roll_forward(dns_journal_t *j, dns_db_t *db) {
if (++n_put > 100) {
isc_log_write(JOURNAL_DEBUG_LOGARGS(3),
"applying diff to database (%u)",
db_serial);
"%s: applying diff to database (%u)",
j->filename, db_serial);
(void)dns_diff_print(&diff, NULL);
CHECK(dns_diff_apply(&diff, db, ver));
dns_diff_clear(&diff);
@ -1280,8 +1280,8 @@ roll_forward(dns_journal_t *j, dns_db_t *db) {
if (n_put != 0) {
isc_log_write(JOURNAL_DEBUG_LOGARGS(3),
"applying final diff to database (%u)",
db_serial);
"%s: applying final diff to database (%u)",
j->filename, db_serial);
(void)dns_diff_print(&diff, NULL);
CHECK(dns_diff_apply(&diff, db, ver));
dns_diff_clear(&diff);
@ -1352,7 +1352,8 @@ dns_journal_print(isc_mem_t *mctx, const char *filename, FILE *file) {
if (result != ISC_R_SUCCESS) {
isc_log_write(JOURNAL_COMMON_LOGARGS, ISC_LOG_ERROR,
"journal open failure");
"journal open failure: %s: %s",
isc_result_totext(result), j->filename);
return (result);
}
@ -1545,7 +1546,8 @@ read_one_rr(dns_journal_t *j) {
CHECK(journal_read_xhdr(j, &xhdr));
if (xhdr.size == 0) {
isc_log_write(JOURNAL_COMMON_LOGARGS, ISC_LOG_ERROR,
"journal corrupt: empty transaction");
"%s: journal corrupt: empty transaction",
j->filename);
FAIL(ISC_R_UNEXPECTED);
}
if (xhdr.serial0 != j->it.current_serial) {

126
contrib/bind9/lib/dns/key.c Normal file
View File

@ -0,0 +1,126 @@
/*
* Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: key.c,v 1.1.4.1 2004/12/09 04:07:18 marka Exp $ */
#include <config.h>
#include <stdlib.h>
#include <isc/region.h>
#include <isc/util.h>
#include <dns/keyvalues.h>
#include <dst/dst.h>
#include "dst_internal.h"
isc_uint16_t
dst_region_computeid(const isc_region_t *source, unsigned int alg) {
isc_uint32_t ac;
const unsigned char *p;
int size;
REQUIRE(source != NULL);
REQUIRE(source->length >= 4);
p = source->base;
size = source->length;
if (alg == DST_ALG_RSAMD5)
return ((p[size - 3] << 8) + p[size - 2]);
for (ac = 0; size > 1; size -= 2, p += 2)
ac += ((*p) << 8) + *(p + 1);
if (size > 0)
ac += ((*p) << 8);
ac += (ac >> 16) & 0xffff;
return ((isc_uint16_t)(ac & 0xffff));
}
dns_name_t *
dst_key_name(const dst_key_t *key) {
REQUIRE(VALID_KEY(key));
return (key->key_name);
}
unsigned int
dst_key_size(const dst_key_t *key) {
REQUIRE(VALID_KEY(key));
return (key->key_size);
}
unsigned int
dst_key_proto(const dst_key_t *key) {
REQUIRE(VALID_KEY(key));
return (key->key_proto);
}
unsigned int
dst_key_alg(const dst_key_t *key) {
REQUIRE(VALID_KEY(key));
return (key->key_alg);
}
isc_uint32_t
dst_key_flags(const dst_key_t *key) {
REQUIRE(VALID_KEY(key));
return (key->key_flags);
}
dns_keytag_t
dst_key_id(const dst_key_t *key) {
REQUIRE(VALID_KEY(key));
return (key->key_id);
}
dns_rdataclass_t
dst_key_class(const dst_key_t *key) {
REQUIRE(VALID_KEY(key));
return (key->key_class);
}
isc_boolean_t
dst_key_iszonekey(const dst_key_t *key) {
REQUIRE(VALID_KEY(key));
if ((key->key_flags & DNS_KEYTYPE_NOAUTH) != 0)
return (ISC_FALSE);
if ((key->key_flags & DNS_KEYFLAG_OWNERMASK) != DNS_KEYOWNER_ZONE)
return (ISC_FALSE);
if (key->key_proto != DNS_KEYPROTO_DNSSEC &&
key->key_proto != DNS_KEYPROTO_ANY)
return (ISC_FALSE);
return (ISC_TRUE);
}
isc_boolean_t
dst_key_isnullkey(const dst_key_t *key) {
REQUIRE(VALID_KEY(key));
if ((key->key_flags & DNS_KEYFLAG_TYPEMASK) != DNS_KEYTYPE_NOKEY)
return (ISC_FALSE);
if ((key->key_flags & DNS_KEYFLAG_OWNERMASK) != DNS_KEYOWNER_ZONE)
return (ISC_FALSE);
if (key->key_proto != DNS_KEYPROTO_DNSSEC &&
key->key_proto != DNS_KEYPROTO_ANY)
return (ISC_FALSE);
return (ISC_TRUE);
}

219
contrib/bind9/lib/dns/openssl_link.c Normal file
View File

@ -0,0 +1,219 @@
/*
* Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (C) 1999-2003 Internet Software Consortium.
* Portions Copyright (C) 1995-2000 by Network Associates, Inc.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
* FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/*
* Principal Author: Brian Wellington
* $Id: openssl_link.c,v 1.1.4.1 2004/12/09 04:07:18 marka Exp $
*/
#ifdef OPENSSL
#include <config.h>
#include <isc/entropy.h>
#include <isc/mem.h>
#include <isc/mutex.h>
#include <isc/mutexblock.h>
#include <isc/string.h>
#include <isc/thread.h>
#include <isc/util.h>
#include "dst_internal.h"
#include "dst_openssl.h"
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/crypto.h>
#if defined(CRYPTO_LOCK_ENGINE) && (OPENSSL_VERSION_NUMBER < 0x00907000L)
#define USE_ENGINE 1
#endif
#ifdef USE_ENGINE
#include <openssl/engine.h>
#endif
static RAND_METHOD *rm = NULL;
static isc_mutex_t *locks = NULL;
static int nlocks;
#ifdef USE_ENGINE
static ENGINE *e;
#endif
static int
entropy_get(unsigned char *buf, int num) {
isc_result_t result;
if (num < 0)
return (-1);
result = dst__entropy_getdata(buf, (unsigned int) num, ISC_FALSE);
return (result == ISC_R_SUCCESS ? num : -1);
}
static int
entropy_getpseudo(unsigned char *buf, int num) {
isc_result_t result;
if (num < 0)
return (-1);
result = dst__entropy_getdata(buf, (unsigned int) num, ISC_TRUE);
return (result == ISC_R_SUCCESS ? num : -1);
}
static void
entropy_add(const void *buf, int num, double entropy) {
/*
* Do nothing. The only call to this provides no useful data anyway.
*/
UNUSED(buf);
UNUSED(num);
UNUSED(entropy);
}
static void
lock_callback(int mode, int type, const char *file, int line) {
UNUSED(file);
UNUSED(line);
if ((mode & CRYPTO_LOCK) != 0)
LOCK(&locks[type]);
else
UNLOCK(&locks[type]);
}
static unsigned long
id_callback(void) {
return ((unsigned long)isc_thread_self());
}
static void *
mem_alloc(size_t size) {
INSIST(dst__memory_pool != NULL);
return (isc_mem_allocate(dst__memory_pool, size));
}
static void
mem_free(void *ptr) {
INSIST(dst__memory_pool != NULL);
if (ptr != NULL)
isc_mem_free(dst__memory_pool, ptr);
}
static void *
mem_realloc(void *ptr, size_t size) {
void *p;
INSIST(dst__memory_pool != NULL);
p = NULL;
if (size > 0U) {
p = mem_alloc(size);
if (p != NULL && ptr != NULL)
memcpy(p, ptr, size);
}
if (ptr != NULL)
mem_free(ptr);
return (p);
}
isc_result_t
dst__openssl_init() {
isc_result_t result;
CRYPTO_set_mem_functions(mem_alloc, mem_realloc, mem_free);
nlocks = CRYPTO_num_locks();
locks = mem_alloc(sizeof(isc_mutex_t) * nlocks);
if (locks == NULL)
return (ISC_R_NOMEMORY);
result = isc_mutexblock_init(locks, nlocks);
if (result != ISC_R_SUCCESS)
goto cleanup_mutexalloc;
CRYPTO_set_locking_callback(lock_callback);
CRYPTO_set_id_callback(id_callback);
rm = mem_alloc(sizeof(RAND_METHOD));
if (rm == NULL) {
result = ISC_R_NOMEMORY;
goto cleanup_mutexinit;
}
rm->seed = NULL;
rm->bytes = entropy_get;
rm->cleanup = NULL;
rm->add = entropy_add;
rm->pseudorand = entropy_getpseudo;
rm->status = NULL;
#ifdef USE_ENGINE
e = ENGINE_new();
if (e == NULL) {
result = ISC_R_NOMEMORY;
goto cleanup_rm;
}
ENGINE_set_RAND(e, rm);
RAND_set_rand_method(e);
#else
RAND_set_rand_method(rm);
#endif
return (ISC_R_SUCCESS);
#ifdef USE_ENGINE
cleanup_rm:
mem_free(rm);
#endif
cleanup_mutexinit:
DESTROYMUTEXBLOCK(locks, nlocks);
cleanup_mutexalloc:
mem_free(locks);
return (result);
}
void
dst__openssl_destroy() {
ERR_clear_error();
#ifdef USE_ENGINE
if (e != NULL) {
ENGINE_free(e);
e = NULL;
}
#endif
if (locks != NULL) {
DESTROYMUTEXBLOCK(locks, nlocks);
mem_free(locks);
}
if (rm != NULL)
mem_free(rm);
}
isc_result_t
dst__openssl_toresult(isc_result_t fallback) {
isc_result_t result = fallback;
int err = ERR_get_error();
switch (ERR_GET_REASON(err)) {
case ERR_R_MALLOC_FAILURE:
result = ISC_R_NOMEMORY;
break;
default:
break;
}
ERR_clear_error();
return (result);
}
#else /* OPENSSL */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
#endif /* OPENSSL */

608
contrib/bind9/lib/dns/openssldh_link.c Normal file
View File

@ -0,0 +1,608 @@
/*
* Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (C) 1999-2002 Internet Software Consortium.
* Portions Copyright (C) 1995-2000 by Network Associates, Inc.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
* FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/*
* Principal Author: Brian Wellington
* $Id: openssldh_link.c,v 1.1.4.1 2004/12/09 04:07:18 marka Exp $
*/
#ifdef OPENSSL
#include <config.h>
#include <ctype.h>
#include <isc/mem.h>
#include <isc/string.h>
#include <isc/util.h>
#include <dst/result.h>
#include "dst_internal.h"
#include "dst_openssl.h"
#include "dst_parse.h"
#include <openssl/dh.h>
#define PRIME768 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088" \
"A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25" \
"F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF"
#define PRIME1024 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" \
"8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF2" \
"5F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406" \
"B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF"
#define PRIME1536 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
"E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
"EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \
"C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \
"83655D23DCA3AD961C62F356208552BB9ED529077096966D" \
"670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF"
static isc_result_t openssldh_todns(const dst_key_t *key, isc_buffer_t *data);
static BIGNUM bn2, bn768, bn1024, bn1536;
static isc_result_t
openssldh_computesecret(const dst_key_t *pub, const dst_key_t *priv,
isc_buffer_t *secret)
{
DH *dhpub, *dhpriv;
int ret;
isc_region_t r;
unsigned int len;
REQUIRE(pub->opaque != NULL);
REQUIRE(priv->opaque != NULL);
dhpub = (DH *) pub->opaque;
dhpriv = (DH *) priv->opaque;
len = DH_size(dhpriv);
isc_buffer_availableregion(secret, &r);
if (r.length < len)
return (ISC_R_NOSPACE);
ret = DH_compute_key(r.base, dhpub->pub_key, dhpriv);
if (ret == 0)
return (dst__openssl_toresult(DST_R_COMPUTESECRETFAILURE));
isc_buffer_add(secret, len);
return (ISC_R_SUCCESS);
}
static isc_boolean_t
openssldh_compare(const dst_key_t *key1, const dst_key_t *key2) {
int status;
DH *dh1, *dh2;
dh1 = (DH *) key1->opaque;
dh2 = (DH *) key2->opaque;
if (dh1 == NULL && dh2 == NULL)
return (ISC_TRUE);
else if (dh1 == NULL || dh2 == NULL)
return (ISC_FALSE);
status = BN_cmp(dh1->p, dh2->p) ||
BN_cmp(dh1->g, dh2->g) ||
BN_cmp(dh1->pub_key, dh2->pub_key);
if (status != 0)
return (ISC_FALSE);
if (dh1->priv_key != NULL || dh2->priv_key != NULL) {
if (dh1->priv_key == NULL || dh2->priv_key == NULL)
return (ISC_FALSE);
if (BN_cmp(dh1->priv_key, dh2->priv_key) != 0)
return (ISC_FALSE);
}
return (ISC_TRUE);
}
static isc_boolean_t
openssldh_paramcompare(const dst_key_t *key1, const dst_key_t *key2) {
int status;
DH *dh1, *dh2;
dh1 = (DH *) key1->opaque;
dh2 = (DH *) key2->opaque;
if (dh1 == NULL && dh2 == NULL)
return (ISC_TRUE);
else if (dh1 == NULL || dh2 == NULL)
return (ISC_FALSE);
status = BN_cmp(dh1->p, dh2->p) ||
BN_cmp(dh1->g, dh2->g);
if (status != 0)
return (ISC_FALSE);
return (ISC_TRUE);
}
static isc_result_t
openssldh_generate(dst_key_t *key, int generator) {
DH *dh = NULL;
if (generator == 0) {
if (key->key_size == 768 ||
key->key_size == 1024 ||
key->key_size == 1536)
{
dh = DH_new();
if (dh == NULL)
return (ISC_R_NOMEMORY);
if (key->key_size == 768)
dh->p = &bn768;
else if (key->key_size == 1024)
dh->p = &bn1024;
else
dh->p = &bn1536;
dh->g = &bn2;
}
else
generator = 2;
}
if (generator != 0)
dh = DH_generate_parameters(key->key_size, generator,
NULL, NULL);
if (dh == NULL)
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
if (DH_generate_key(dh) == 0) {
DH_free(dh);
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
dh->flags &= ~DH_FLAG_CACHE_MONT_P;
key->opaque = dh;
return (ISC_R_SUCCESS);
}
static isc_boolean_t
openssldh_isprivate(const dst_key_t *key) {
DH *dh = (DH *) key->opaque;
return (ISC_TF(dh != NULL && dh->priv_key != NULL));
}
static void
openssldh_destroy(dst_key_t *key) {
DH *dh = key->opaque;
if (dh == NULL)
return;
if (dh->p == &bn768 || dh->p == &bn1024 || dh->p == &bn1536)
dh->p = NULL;
if (dh->g == &bn2)
dh->g = NULL;
DH_free(dh);
key->opaque = NULL;
}
static void
uint16_toregion(isc_uint16_t val, isc_region_t *region) {
*region->base++ = (val & 0xff00) >> 8;
*region->base++ = (val & 0x00ff);
}
static isc_uint16_t
uint16_fromregion(isc_region_t *region) {
isc_uint16_t val;
unsigned char *cp = region->base;
val = ((unsigned int)(cp[0])) << 8;
val |= ((unsigned int)(cp[1]));
region->base += 2;
return (val);
}
static isc_result_t
openssldh_todns(const dst_key_t *key, isc_buffer_t *data) {
DH *dh;
isc_region_t r;
isc_uint16_t dnslen, plen, glen, publen;
REQUIRE(key->opaque != NULL);
dh = (DH *) key->opaque;
isc_buffer_availableregion(data, &r);
if (dh->g == &bn2 &&
(dh->p == &bn768 || dh->p == &bn1024 || dh->p == &bn1536)) {
plen = 1;
glen = 0;
}
else {
plen = BN_num_bytes(dh->p);
glen = BN_num_bytes(dh->g);
}
publen = BN_num_bytes(dh->pub_key);
dnslen = plen + glen + publen + 6;
if (r.length < (unsigned int) dnslen)
return (ISC_R_NOSPACE);
uint16_toregion(plen, &r);
if (plen == 1) {
if (dh->p == &bn768)
*r.base = 1;
else if (dh->p == &bn1024)
*r.base = 2;
else
*r.base = 3;
}
else
BN_bn2bin(dh->p, r.base);
r.base += plen;
uint16_toregion(glen, &r);
if (glen > 0)
BN_bn2bin(dh->g, r.base);
r.base += glen;
uint16_toregion(publen, &r);
BN_bn2bin(dh->pub_key, r.base);
r.base += publen;
isc_buffer_add(data, dnslen);
return (ISC_R_SUCCESS);
}
static isc_result_t
openssldh_fromdns(dst_key_t *key, isc_buffer_t *data) {
DH *dh;
isc_region_t r;
isc_uint16_t plen, glen, publen;
int special = 0;
isc_buffer_remainingregion(data, &r);
if (r.length == 0)
return (ISC_R_SUCCESS);
dh = DH_new();
if (dh == NULL)
return (ISC_R_NOMEMORY);
dh->flags &= ~DH_FLAG_CACHE_MONT_P;
/*
* Read the prime length. 1 & 2 are table entries, > 16 means a
* prime follows, otherwise an error.
*/
if (r.length < 2) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
plen = uint16_fromregion(&r);
if (plen < 16 && plen != 1 && plen != 2) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
if (r.length < plen) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
if (plen == 1 || plen == 2) {
if (plen == 1)
special = *r.base++;
else
special = uint16_fromregion(&r);
switch (special) {
case 1:
dh->p = &bn768;
break;
case 2:
dh->p = &bn1024;
break;
case 3:
dh->p = &bn1536;
break;
default:
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
}
else {
dh->p = BN_bin2bn(r.base, plen, NULL);
r.base += plen;
}
/*
* Read the generator length. This should be 0 if the prime was
* special, but it might not be. If it's 0 and the prime is not
* special, we have a problem.
*/
if (r.length < 2) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
glen = uint16_fromregion(&r);
if (r.length < glen) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
if (special != 0) {
if (glen == 0)
dh->g = &bn2;
else {
dh->g = BN_bin2bn(r.base, glen, NULL);
if (BN_cmp(dh->g, &bn2) == 0) {
BN_free(dh->g);
dh->g = &bn2;
}
else {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
}
}
else {
if (glen == 0) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
dh->g = BN_bin2bn(r.base, glen, NULL);
}
r.base += glen;
if (r.length < 2) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
publen = uint16_fromregion(&r);
if (r.length < publen) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
dh->pub_key = BN_bin2bn(r.base, publen, NULL);
r.base += publen;
key->key_size = BN_num_bits(dh->p);
isc_buffer_forward(data, plen + glen + publen + 6);
key->opaque = (void *) dh;
return (ISC_R_SUCCESS);
}
static isc_result_t
openssldh_tofile(const dst_key_t *key, const char *directory) {
int i;
DH *dh;
dst_private_t priv;
unsigned char *bufs[4];
isc_result_t result;
if (key->opaque == NULL)
return (DST_R_NULLKEY);
dh = (DH *) key->opaque;
for (i = 0; i < 4; i++) {
bufs[i] = isc_mem_get(key->mctx, BN_num_bytes(dh->p));
if (bufs[i] == NULL) {
result = ISC_R_NOMEMORY;
goto fail;
}
}
i = 0;
priv.elements[i].tag = TAG_DH_PRIME;
priv.elements[i].length = BN_num_bytes(dh->p);
BN_bn2bin(dh->p, bufs[i]);
priv.elements[i].data = bufs[i];
i++;
priv.elements[i].tag = TAG_DH_GENERATOR;
priv.elements[i].length = BN_num_bytes(dh->g);
BN_bn2bin(dh->g, bufs[i]);
priv.elements[i].data = bufs[i];
i++;
priv.elements[i].tag = TAG_DH_PRIVATE;
priv.elements[i].length = BN_num_bytes(dh->priv_key);
BN_bn2bin(dh->priv_key, bufs[i]);
priv.elements[i].data = bufs[i];
i++;
priv.elements[i].tag = TAG_DH_PUBLIC;
priv.elements[i].length = BN_num_bytes(dh->pub_key);
BN_bn2bin(dh->pub_key, bufs[i]);
priv.elements[i].data = bufs[i];
i++;
priv.nelements = i;
result = dst__privstruct_writefile(key, &priv, directory);
fail:
for (i = 0; i < 4; i++) {
if (bufs[i] == NULL)
break;
isc_mem_put(key->mctx, bufs[i], BN_num_bytes(dh->p));
}
return (result);
}
static isc_result_t
openssldh_parse(dst_key_t *key, isc_lex_t *lexer) {
dst_private_t priv;
isc_result_t ret;
int i;
DH *dh = NULL;
isc_mem_t *mctx;
#define DST_RET(a) {ret = a; goto err;}
mctx = key->mctx;
/* read private key file */
ret = dst__privstruct_parse(key, DST_ALG_DH, lexer, mctx, &priv);
if (ret != ISC_R_SUCCESS)
return (ret);
dh = DH_new();
if (dh == NULL)
DST_RET(ISC_R_NOMEMORY);
dh->flags &= ~DH_FLAG_CACHE_MONT_P;
key->opaque = dh;
for (i = 0; i < priv.nelements; i++) {
BIGNUM *bn;
bn = BN_bin2bn(priv.elements[i].data,
priv.elements[i].length, NULL);
if (bn == NULL)
DST_RET(ISC_R_NOMEMORY);
switch (priv.elements[i].tag) {
case TAG_DH_PRIME:
dh->p = bn;
break;
case TAG_DH_GENERATOR:
dh->g = bn;
break;
case TAG_DH_PRIVATE:
dh->priv_key = bn;
break;
case TAG_DH_PUBLIC:
dh->pub_key = bn;
break;
}
}
dst__privstruct_free(&priv, mctx);
key->key_size = BN_num_bits(dh->p);
if ((key->key_size == 768 ||
key->key_size == 1024 ||
key->key_size == 1536) &&
BN_cmp(dh->g, &bn2) == 0)
{
if (key->key_size == 768 && BN_cmp(dh->p, &bn768) == 0) {
BN_free(dh->p);
BN_free(dh->g);
dh->p = &bn768;
dh->g = &bn2;
} else if (key->key_size == 1024 &&
BN_cmp(dh->p, &bn1024) == 0) {
BN_free(dh->p);
BN_free(dh->g);
dh->p = &bn1024;
dh->g = &bn2;
} else if (key->key_size == 1536 &&
BN_cmp(dh->p, &bn1536) == 0) {
BN_free(dh->p);
BN_free(dh->g);
dh->p = &bn1536;
dh->g = &bn2;
}
}
return (ISC_R_SUCCESS);
err:
openssldh_destroy(key);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ret);
}
static void
BN_fromhex(BIGNUM *b, const char *str) {
static const char hexdigits[] = "0123456789abcdef";
unsigned char data[512];
unsigned int i;
BIGNUM *out;
RUNTIME_CHECK(strlen(str) < 1024U && strlen(str) % 2 == 0U);
for (i = 0; i < strlen(str); i += 2) {
char *s;
unsigned int high, low;
s = strchr(hexdigits, tolower((unsigned char)str[i]));
RUNTIME_CHECK(s != NULL);
high = s - hexdigits;
s = strchr(hexdigits, tolower((unsigned char)str[i + 1]));
RUNTIME_CHECK(s != NULL);
low = s - hexdigits;
data[i/2] = (unsigned char)((high << 4) + low);
}
out = BN_bin2bn(data, strlen(str)/2, b);
RUNTIME_CHECK(out != NULL);
}
static void
openssldh_cleanup(void) {
BN_free(&bn2);
BN_free(&bn768);
BN_free(&bn1024);
BN_free(&bn1536);
}
static dst_func_t openssldh_functions = {
NULL, /* createctx */
NULL, /* destroyctx */
NULL, /* adddata */
NULL, /* openssldh_sign */
NULL, /* openssldh_verify */
openssldh_computesecret,
openssldh_compare,
openssldh_paramcompare,
openssldh_generate,
openssldh_isprivate,
openssldh_destroy,
openssldh_todns,
openssldh_fromdns,
openssldh_tofile,
openssldh_parse,
openssldh_cleanup,
};
isc_result_t
dst__openssldh_init(dst_func_t **funcp) {
REQUIRE(funcp != NULL);
if (*funcp == NULL) {
BN_init(&bn2);
BN_init(&bn768);
BN_init(&bn1024);
BN_init(&bn1536);
BN_set_word(&bn2, 2);
BN_fromhex(&bn768, PRIME768);
BN_fromhex(&bn1024, PRIME1024);
BN_fromhex(&bn1536, PRIME1536);
*funcp = &openssldh_functions;
}
return (ISC_R_SUCCESS);
}
#else /* OPENSSL */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
#endif /* OPENSSL */

443
contrib/bind9/lib/dns/openssldsa_link.c Normal file
View File

@ -0,0 +1,443 @@
/*
* Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (C) 1999-2002 Internet Software Consortium.
* Portions Copyright (C) 1995-2000 by Network Associates, Inc.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
* FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: openssldsa_link.c,v 1.1.4.1 2004/12/09 04:07:18 marka Exp $ */
#ifdef OPENSSL
#include <config.h>
#include <string.h>
#include <isc/entropy.h>
#include <isc/mem.h>
#include <isc/sha1.h>
#include <isc/util.h>
#include <dst/result.h>
#include "dst_internal.h"
#include "dst_openssl.h"
#include "dst_parse.h"
#include <openssl/dsa.h>
static isc_result_t openssldsa_todns(const dst_key_t *key, isc_buffer_t *data);
static isc_result_t
openssldsa_createctx(dst_key_t *key, dst_context_t *dctx) {
isc_sha1_t *sha1ctx;
UNUSED(key);
sha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_sha1_t));
isc_sha1_init(sha1ctx);
dctx->opaque = sha1ctx;
return (ISC_R_SUCCESS);
}
static void
openssldsa_destroyctx(dst_context_t *dctx) {
isc_sha1_t *sha1ctx = dctx->opaque;
if (sha1ctx != NULL) {
isc_sha1_invalidate(sha1ctx);
isc_mem_put(dctx->mctx, sha1ctx, sizeof(isc_sha1_t));
dctx->opaque = NULL;
}
}
static isc_result_t
openssldsa_adddata(dst_context_t *dctx, const isc_region_t *data) {
isc_sha1_t *sha1ctx = dctx->opaque;
isc_sha1_update(sha1ctx, data->base, data->length);
return (ISC_R_SUCCESS);
}
static int
BN_bn2bin_fixed(BIGNUM *bn, unsigned char *buf, int size) {
int bytes = size - BN_num_bytes(bn);
while (bytes-- > 0)
*buf++ = 0;
BN_bn2bin(bn, buf);
return (size);
}
static isc_result_t
openssldsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
isc_sha1_t *sha1ctx = dctx->opaque;
dst_key_t *key = dctx->key;
DSA *dsa = key->opaque;
DSA_SIG *dsasig;
isc_region_t r;
unsigned char digest[ISC_SHA1_DIGESTLENGTH];
isc_buffer_availableregion(sig, &r);
if (r.length < ISC_SHA1_DIGESTLENGTH * 2 + 1)
return (ISC_R_NOSPACE);
isc_sha1_final(sha1ctx, digest);
dsasig = DSA_do_sign(digest, ISC_SHA1_DIGESTLENGTH, dsa);
if (dsasig == NULL)
return (dst__openssl_toresult(DST_R_SIGNFAILURE));
*r.base++ = (key->key_size - 512)/64;
BN_bn2bin_fixed(dsasig->r, r.base, ISC_SHA1_DIGESTLENGTH);
r.base += ISC_SHA1_DIGESTLENGTH;
BN_bn2bin_fixed(dsasig->s, r.base, ISC_SHA1_DIGESTLENGTH);
r.base += ISC_SHA1_DIGESTLENGTH;
DSA_SIG_free(dsasig);
isc_buffer_add(sig, ISC_SHA1_DIGESTLENGTH * 2 + 1);
return (ISC_R_SUCCESS);
}
static isc_result_t
openssldsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
isc_sha1_t *sha1ctx = dctx->opaque;
dst_key_t *key = dctx->key;
DSA *dsa = key->opaque;
DSA_SIG *dsasig;
int status = 0;
unsigned char digest[ISC_SHA1_DIGESTLENGTH];
unsigned char *cp = sig->base;
isc_sha1_final(sha1ctx, digest);
if (sig->length < 2 * ISC_SHA1_DIGESTLENGTH + 1)
return (DST_R_VERIFYFAILURE);
cp++; /* Skip T */
dsasig = DSA_SIG_new();
dsasig->r = BN_bin2bn(cp, ISC_SHA1_DIGESTLENGTH, NULL);
cp += ISC_SHA1_DIGESTLENGTH;
dsasig->s = BN_bin2bn(cp, ISC_SHA1_DIGESTLENGTH, NULL);
cp += ISC_SHA1_DIGESTLENGTH;
status = DSA_do_verify(digest, ISC_SHA1_DIGESTLENGTH, dsasig, dsa);
DSA_SIG_free(dsasig);
if (status == 0)
return (dst__openssl_toresult(DST_R_VERIFYFAILURE));
return (ISC_R_SUCCESS);
}
static isc_boolean_t
openssldsa_compare(const dst_key_t *key1, const dst_key_t *key2) {
int status;
DSA *dsa1, *dsa2;
dsa1 = (DSA *) key1->opaque;
dsa2 = (DSA *) key2->opaque;
if (dsa1 == NULL && dsa2 == NULL)
return (ISC_TRUE);
else if (dsa1 == NULL || dsa2 == NULL)
return (ISC_FALSE);
status = BN_cmp(dsa1->p, dsa2->p) ||
BN_cmp(dsa1->q, dsa2->q) ||
BN_cmp(dsa1->g, dsa2->g) ||
BN_cmp(dsa1->pub_key, dsa2->pub_key);
if (status != 0)
return (ISC_FALSE);
if (dsa1->priv_key != NULL || dsa2->priv_key != NULL) {
if (dsa1->priv_key == NULL || dsa2->priv_key == NULL)
return (ISC_FALSE);
if (BN_cmp(dsa1->priv_key, dsa2->priv_key))
return (ISC_FALSE);
}
return (ISC_TRUE);
}
static isc_result_t
openssldsa_generate(dst_key_t *key, int unused) {
DSA *dsa;
unsigned char rand_array[ISC_SHA1_DIGESTLENGTH];
isc_result_t result;
UNUSED(unused);
result = dst__entropy_getdata(rand_array, sizeof(rand_array),
ISC_FALSE);
if (result != ISC_R_SUCCESS)
return (result);
dsa = DSA_generate_parameters(key->key_size, rand_array,
ISC_SHA1_DIGESTLENGTH, NULL, NULL,
NULL, NULL);
if (dsa == NULL)
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
if (DSA_generate_key(dsa) == 0) {
DSA_free(dsa);
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
dsa->flags &= ~DSA_FLAG_CACHE_MONT_P;
key->opaque = dsa;
return (ISC_R_SUCCESS);
}
static isc_boolean_t
openssldsa_isprivate(const dst_key_t *key) {
DSA *dsa = (DSA *) key->opaque;
return (ISC_TF(dsa != NULL && dsa->priv_key != NULL));
}
static void
openssldsa_destroy(dst_key_t *key) {
DSA *dsa = key->opaque;
DSA_free(dsa);
key->opaque = NULL;
}
static isc_result_t
openssldsa_todns(const dst_key_t *key, isc_buffer_t *data) {
DSA *dsa;
isc_region_t r;
int dnslen;
unsigned int t, p_bytes;
REQUIRE(key->opaque != NULL);
dsa = (DSA *) key->opaque;
isc_buffer_availableregion(data, &r);
t = (BN_num_bytes(dsa->p) - 64) / 8;
if (t > 8)
return (DST_R_INVALIDPUBLICKEY);
p_bytes = 64 + 8 * t;
dnslen = 1 + (key->key_size * 3)/8 + ISC_SHA1_DIGESTLENGTH;
if (r.length < (unsigned int) dnslen)
return (ISC_R_NOSPACE);
*r.base++ = t;
BN_bn2bin_fixed(dsa->q, r.base, ISC_SHA1_DIGESTLENGTH);
r.base += ISC_SHA1_DIGESTLENGTH;
BN_bn2bin_fixed(dsa->p, r.base, key->key_size/8);
r.base += p_bytes;
BN_bn2bin_fixed(dsa->g, r.base, key->key_size/8);
r.base += p_bytes;
BN_bn2bin_fixed(dsa->pub_key, r.base, key->key_size/8);
r.base += p_bytes;
isc_buffer_add(data, dnslen);
return (ISC_R_SUCCESS);
}
static isc_result_t
openssldsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
DSA *dsa;
isc_region_t r;
unsigned int t, p_bytes;
isc_mem_t *mctx = key->mctx;
UNUSED(mctx);
isc_buffer_remainingregion(data, &r);
if (r.length == 0)
return (ISC_R_SUCCESS);
dsa = DSA_new();
if (dsa == NULL)
return (ISC_R_NOMEMORY);
dsa->flags &= ~DSA_FLAG_CACHE_MONT_P;
t = (unsigned int) *r.base++;
if (t > 8) {
DSA_free(dsa);
return (DST_R_INVALIDPUBLICKEY);
}
p_bytes = 64 + 8 * t;
if (r.length < 1 + ISC_SHA1_DIGESTLENGTH + 3 * p_bytes) {
DSA_free(dsa);
return (DST_R_INVALIDPUBLICKEY);
}
dsa->q = BN_bin2bn(r.base, ISC_SHA1_DIGESTLENGTH, NULL);
r.base += ISC_SHA1_DIGESTLENGTH;
dsa->p = BN_bin2bn(r.base, p_bytes, NULL);
r.base += p_bytes;
dsa->g = BN_bin2bn(r.base, p_bytes, NULL);
r.base += p_bytes;
dsa->pub_key = BN_bin2bn(r.base, p_bytes, NULL);
r.base += p_bytes;
key->key_size = p_bytes * 8;
isc_buffer_forward(data, 1 + ISC_SHA1_DIGESTLENGTH + 3 * p_bytes);
key->opaque = (void *) dsa;
return (ISC_R_SUCCESS);
}
static isc_result_t
openssldsa_tofile(const dst_key_t *key, const char *directory) {
int cnt = 0;
DSA *dsa;
dst_private_t priv;
unsigned char bufs[5][128];
if (key->opaque == NULL)
return (DST_R_NULLKEY);
dsa = (DSA *) key->opaque;
priv.elements[cnt].tag = TAG_DSA_PRIME;
priv.elements[cnt].length = BN_num_bytes(dsa->p);
BN_bn2bin(dsa->p, bufs[cnt]);
priv.elements[cnt].data = bufs[cnt];
cnt++;
priv.elements[cnt].tag = TAG_DSA_SUBPRIME;
priv.elements[cnt].length = BN_num_bytes(dsa->q);
BN_bn2bin(dsa->q, bufs[cnt]);
priv.elements[cnt].data = bufs[cnt];
cnt++;
priv.elements[cnt].tag = TAG_DSA_BASE;
priv.elements[cnt].length = BN_num_bytes(dsa->g);
BN_bn2bin(dsa->g, bufs[cnt]);
priv.elements[cnt].data = bufs[cnt];
cnt++;
priv.elements[cnt].tag = TAG_DSA_PRIVATE;
priv.elements[cnt].length = BN_num_bytes(dsa->priv_key);
BN_bn2bin(dsa->priv_key, bufs[cnt]);
priv.elements[cnt].data = bufs[cnt];
cnt++;
priv.elements[cnt].tag = TAG_DSA_PUBLIC;
priv.elements[cnt].length = BN_num_bytes(dsa->pub_key);
BN_bn2bin(dsa->pub_key, bufs[cnt]);
priv.elements[cnt].data = bufs[cnt];
cnt++;
priv.nelements = cnt;
return (dst__privstruct_writefile(key, &priv, directory));
}
static isc_result_t
openssldsa_parse(dst_key_t *key, isc_lex_t *lexer) {
dst_private_t priv;
isc_result_t ret;
int i;
DSA *dsa = NULL;
isc_mem_t *mctx = key->mctx;
#define DST_RET(a) {ret = a; goto err;}
/* read private key file */
ret = dst__privstruct_parse(key, DST_ALG_DSA, lexer, mctx, &priv);
if (ret != ISC_R_SUCCESS)
return (ret);
dsa = DSA_new();
if (dsa == NULL)
DST_RET(ISC_R_NOMEMORY);
dsa->flags &= ~DSA_FLAG_CACHE_MONT_P;
key->opaque = dsa;
for (i=0; i < priv.nelements; i++) {
BIGNUM *bn;
bn = BN_bin2bn(priv.elements[i].data,
priv.elements[i].length, NULL);
if (bn == NULL)
DST_RET(ISC_R_NOMEMORY);
switch (priv.elements[i].tag) {
case TAG_DSA_PRIME:
dsa->p = bn;
break;
case TAG_DSA_SUBPRIME:
dsa->q = bn;
break;
case TAG_DSA_BASE:
dsa->g = bn;
break;
case TAG_DSA_PRIVATE:
dsa->priv_key = bn;
break;
case TAG_DSA_PUBLIC:
dsa->pub_key = bn;
break;
}
}
dst__privstruct_free(&priv, mctx);
key->key_size = BN_num_bits(dsa->p);
return (ISC_R_SUCCESS);
err:
openssldsa_destroy(key);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ret);
}
static dst_func_t openssldsa_functions = {
openssldsa_createctx,
openssldsa_destroyctx,
openssldsa_adddata,
openssldsa_sign,
openssldsa_verify,
NULL, /* computesecret */
openssldsa_compare,
NULL, /* paramcompare */
openssldsa_generate,
openssldsa_isprivate,
openssldsa_destroy,
openssldsa_todns,
openssldsa_fromdns,
openssldsa_tofile,
openssldsa_parse,
NULL, /* cleanup */
};
isc_result_t
dst__openssldsa_init(dst_func_t **funcp) {
REQUIRE(funcp != NULL);
if (*funcp == NULL)
*funcp = &openssldsa_functions;
return (ISC_R_SUCCESS);
}
#else /* OPENSSL */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
#endif /* OPENSSL */

567
contrib/bind9/lib/dns/opensslrsa_link.c Normal file
View File

@ -0,0 +1,567 @@
/*
* Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
/*
* Principal Author: Brian Wellington
* $Id: opensslrsa_link.c,v 1.1.4.1 2004/12/09 04:07:18 marka Exp $
*/
#ifdef OPENSSL
#include <config.h>
#include <isc/entropy.h>
#include <isc/md5.h>
#include <isc/sha1.h>
#include <isc/mem.h>
#include <isc/string.h>
#include <isc/util.h>
#include <dst/result.h>
#include "dst_internal.h"
#include "dst_openssl.h"
#include "dst_parse.h"
#include <openssl/err.h>
#include <openssl/objects.h>
#include <openssl/rsa.h>
/*
* XXXMPA Temporarially disable RSA_BLINDING as it requires
* good quality random data that cannot currently be guarenteed.
* XXXMPA Find which versions of openssl use pseudo random data
* and set RSA_FLAG_BLINDING for those.
*/
#if 0
#if OPENSSL_VERSION_NUMBER < 0x0090601fL
#define SET_FLAGS(rsa) \
do { \
(rsa)->flags &= ~(RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE); \
(rsa)->flags |= RSA_FLAG_BLINDING; \
} while (0)
#else
#define SET_FLAGS(rsa) \
do { \
(rsa)->flags |= RSA_FLAG_BLINDING; \
} while (0)
#endif
#endif
#if OPENSSL_VERSION_NUMBER < 0x0090601fL
#define SET_FLAGS(rsa) \
do { \
(rsa)->flags &= ~(RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE); \
(rsa)->flags &= ~RSA_FLAG_BLINDING; \
} while (0)
#else
#define SET_FLAGS(rsa) \
do { \
(rsa)->flags &= ~RSA_FLAG_BLINDING; \
} while (0)
#endif
static isc_result_t opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data);
static isc_result_t
opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) {
UNUSED(key);
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1);
if (dctx->key->key_alg == DST_ALG_RSAMD5) {
isc_md5_t *md5ctx;
md5ctx = isc_mem_get(dctx->mctx, sizeof(isc_md5_t));
isc_md5_init(md5ctx);
dctx->opaque = md5ctx;
} else {
isc_sha1_t *sha1ctx;
sha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_sha1_t));
isc_sha1_init(sha1ctx);
dctx->opaque = sha1ctx;
}
return (ISC_R_SUCCESS);
}
static void
opensslrsa_destroyctx(dst_context_t *dctx) {
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1);
if (dctx->key->key_alg == DST_ALG_RSAMD5) {
isc_md5_t *md5ctx = dctx->opaque;
if (md5ctx != NULL) {
isc_md5_invalidate(md5ctx);
isc_mem_put(dctx->mctx, md5ctx, sizeof(isc_md5_t));
}
} else {
isc_sha1_t *sha1ctx = dctx->opaque;
if (sha1ctx != NULL) {
isc_sha1_invalidate(sha1ctx);
isc_mem_put(dctx->mctx, sha1ctx, sizeof(isc_sha1_t));
}
}
dctx->opaque = NULL;
}
static isc_result_t
opensslrsa_adddata(dst_context_t *dctx, const isc_region_t *data) {
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1);
if (dctx->key->key_alg == DST_ALG_RSAMD5) {
isc_md5_t *md5ctx = dctx->opaque;
isc_md5_update(md5ctx, data->base, data->length);
} else {
isc_sha1_t *sha1ctx = dctx->opaque;
isc_sha1_update(sha1ctx, data->base, data->length);
}
return (ISC_R_SUCCESS);
}
static isc_result_t
opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
dst_key_t *key = dctx->key;
RSA *rsa = key->opaque;
isc_region_t r;
/* note: ISC_SHA1_DIGESTLENGTH > ISC_MD5_DIGESTLENGTH */
unsigned char digest[ISC_SHA1_DIGESTLENGTH];
unsigned int siglen = 0;
int status;
int type;
unsigned int digestlen;
char *message;
unsigned long err;
const char* file;
int line;
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1);
isc_buffer_availableregion(sig, &r);
if (r.length < (unsigned int) RSA_size(rsa))
return (ISC_R_NOSPACE);
if (dctx->key->key_alg == DST_ALG_RSAMD5) {
isc_md5_t *md5ctx = dctx->opaque;
isc_md5_final(md5ctx, digest);
type = NID_md5;
digestlen = ISC_MD5_DIGESTLENGTH;
} else {
isc_sha1_t *sha1ctx = dctx->opaque;
isc_sha1_final(sha1ctx, digest);
type = NID_sha1;
digestlen = ISC_SHA1_DIGESTLENGTH;
}
status = RSA_sign(type, digest, digestlen, r.base, &siglen, rsa);
if (status == 0) {
err = ERR_peek_error_line(&file, &line);
if (err != 0U) {
message = ERR_error_string(err, NULL);
fprintf(stderr, "%s:%s:%d\n", message,
file ? file : "", line);
}
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
isc_buffer_add(sig, siglen);
return (ISC_R_SUCCESS);
}
static isc_result_t
opensslrsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
dst_key_t *key = dctx->key;
RSA *rsa = key->opaque;
/* note: ISC_SHA1_DIGESTLENGTH > ISC_MD5_DIGESTLENGTH */
unsigned char digest[ISC_SHA1_DIGESTLENGTH];
int status = 0;
int type;
unsigned int digestlen;
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1);
if (dctx->key->key_alg == DST_ALG_RSAMD5) {
isc_md5_t *md5ctx = dctx->opaque;
isc_md5_final(md5ctx, digest);
type = NID_md5;
digestlen = ISC_MD5_DIGESTLENGTH;
} else {
isc_sha1_t *sha1ctx = dctx->opaque;
isc_sha1_final(sha1ctx, digest);
type = NID_sha1;
digestlen = ISC_SHA1_DIGESTLENGTH;
}
if (sig->length < (unsigned int) RSA_size(rsa))
return (DST_R_VERIFYFAILURE);
status = RSA_verify(type, digest, digestlen, sig->base,
RSA_size(rsa), rsa);
if (status == 0)
return (dst__openssl_toresult(DST_R_VERIFYFAILURE));
return (ISC_R_SUCCESS);
}
static isc_boolean_t
opensslrsa_compare(const dst_key_t *key1, const dst_key_t *key2) {
int status;
RSA *rsa1, *rsa2;
rsa1 = (RSA *) key1->opaque;
rsa2 = (RSA *) key2->opaque;
if (rsa1 == NULL && rsa2 == NULL)
return (ISC_TRUE);
else if (rsa1 == NULL || rsa2 == NULL)
return (ISC_FALSE);
status = BN_cmp(rsa1->n, rsa2->n) ||
BN_cmp(rsa1->e, rsa2->e);
if (status != 0)
return (ISC_FALSE);
if (rsa1->d != NULL || rsa2->d != NULL) {
if (rsa1->d == NULL || rsa2->d == NULL)
return (ISC_FALSE);
status = BN_cmp(rsa1->d, rsa2->d) ||
BN_cmp(rsa1->p, rsa2->p) ||
BN_cmp(rsa1->q, rsa2->q);
if (status != 0)
return (ISC_FALSE);
}
return (ISC_TRUE);
}
static isc_result_t
opensslrsa_generate(dst_key_t *key, int exp) {
RSA *rsa;
unsigned long e;
if (exp == 0)
e = RSA_3;
else
e = RSA_F4;
rsa = RSA_generate_key(key->key_size, e, NULL, NULL);
if (rsa == NULL)
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
SET_FLAGS(rsa);
key->opaque = rsa;
return (ISC_R_SUCCESS);
}
static isc_boolean_t
opensslrsa_isprivate(const dst_key_t *key) {
RSA *rsa = (RSA *) key->opaque;
return (ISC_TF(rsa != NULL && rsa->d != NULL));
}
static void
opensslrsa_destroy(dst_key_t *key) {
RSA *rsa = key->opaque;
RSA_free(rsa);
key->opaque = NULL;
}
static isc_result_t
opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) {
RSA *rsa;
isc_region_t r;
unsigned int e_bytes;
unsigned int mod_bytes;
REQUIRE(key->opaque != NULL);
rsa = (RSA *) key->opaque;
isc_buffer_availableregion(data, &r);
e_bytes = BN_num_bytes(rsa->e);
mod_bytes = BN_num_bytes(rsa->n);
if (e_bytes < 256) { /* key exponent is <= 2040 bits */
if (r.length < 1)
return (ISC_R_NOSPACE);
isc_buffer_putuint8(data, (isc_uint8_t) e_bytes);
} else {
if (r.length < 3)
return (ISC_R_NOSPACE);
isc_buffer_putuint8(data, 0);
isc_buffer_putuint16(data, (isc_uint16_t) e_bytes);
}
if (r.length < e_bytes + mod_bytes)
return (ISC_R_NOSPACE);
isc_buffer_availableregion(data, &r);
BN_bn2bin(rsa->e, r.base);
r.base += e_bytes;
BN_bn2bin(rsa->n, r.base);
isc_buffer_add(data, e_bytes + mod_bytes);
return (ISC_R_SUCCESS);
}
static isc_result_t
opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
RSA *rsa;
isc_region_t r;
unsigned int e_bytes;
isc_buffer_remainingregion(data, &r);
if (r.length == 0)
return (ISC_R_SUCCESS);
rsa = RSA_new();
if (rsa == NULL)
return (ISC_R_NOMEMORY);
SET_FLAGS(rsa);
if (r.length < 1) {
RSA_free(rsa);
return (DST_R_INVALIDPUBLICKEY);
}
e_bytes = *r.base++;
r.length--;
if (e_bytes == 0) {
if (r.length < 2) {
RSA_free(rsa);
return (DST_R_INVALIDPUBLICKEY);
}
e_bytes = ((*r.base++) << 8);
e_bytes += *r.base++;
r.length -= 2;
}
if (r.length < e_bytes) {
RSA_free(rsa);
return (DST_R_INVALIDPUBLICKEY);
}
rsa->e = BN_bin2bn(r.base, e_bytes, NULL);
r.base += e_bytes;
r.length -= e_bytes;
rsa->n = BN_bin2bn(r.base, r.length, NULL);
key->key_size = BN_num_bits(rsa->n);
isc_buffer_forward(data, r.length);
key->opaque = (void *) rsa;
return (ISC_R_SUCCESS);
}
static isc_result_t
opensslrsa_tofile(const dst_key_t *key, const char *directory) {
int i;
RSA *rsa;
dst_private_t priv;
unsigned char *bufs[8];
isc_result_t result;
if (key->opaque == NULL)
return (DST_R_NULLKEY);
rsa = (RSA *) key->opaque;
for (i = 0; i < 8; i++) {
bufs[i] = isc_mem_get(key->mctx, BN_num_bytes(rsa->n));
if (bufs[i] == NULL) {
result = ISC_R_NOMEMORY;
goto fail;
}
}
i = 0;
priv.elements[i].tag = TAG_RSA_MODULUS;
priv.elements[i].length = BN_num_bytes(rsa->n);
BN_bn2bin(rsa->n, bufs[i]);
priv.elements[i].data = bufs[i];
i++;
priv.elements[i].tag = TAG_RSA_PUBLICEXPONENT;
priv.elements[i].length = BN_num_bytes(rsa->e);
BN_bn2bin(rsa->e, bufs[i]);
priv.elements[i].data = bufs[i];
i++;
priv.elements[i].tag = TAG_RSA_PRIVATEEXPONENT;
priv.elements[i].length = BN_num_bytes(rsa->d);
BN_bn2bin(rsa->d, bufs[i]);
priv.elements[i].data = bufs[i];
i++;
priv.elements[i].tag = TAG_RSA_PRIME1;
priv.elements[i].length = BN_num_bytes(rsa->p);
BN_bn2bin(rsa->p, bufs[i]);
priv.elements[i].data = bufs[i];
i++;
priv.elements[i].tag = TAG_RSA_PRIME2;
priv.elements[i].length = BN_num_bytes(rsa->q);
BN_bn2bin(rsa->q, bufs[i]);
priv.elements[i].data = bufs[i];
i++;
priv.elements[i].tag = TAG_RSA_EXPONENT1;
priv.elements[i].length = BN_num_bytes(rsa->dmp1);
BN_bn2bin(rsa->dmp1, bufs[i]);
priv.elements[i].data = bufs[i];
i++;
priv.elements[i].tag = TAG_RSA_EXPONENT2;
priv.elements[i].length = BN_num_bytes(rsa->dmq1);
BN_bn2bin(rsa->dmq1, bufs[i]);
priv.elements[i].data = bufs[i];
i++;
priv.elements[i].tag = TAG_RSA_COEFFICIENT;
priv.elements[i].length = BN_num_bytes(rsa->iqmp);
BN_bn2bin(rsa->iqmp, bufs[i]);
priv.elements[i].data = bufs[i];
i++;
priv.nelements = i;
result = dst__privstruct_writefile(key, &priv, directory);
fail:
for (i = 0; i < 8; i++) {
if (bufs[i] == NULL)
break;
isc_mem_put(key->mctx, bufs[i], BN_num_bytes(rsa->n));
}
return (result);
}
static isc_result_t
opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer) {
dst_private_t priv;
isc_result_t ret;
int i;
RSA *rsa = NULL;
isc_mem_t *mctx = key->mctx;
#define DST_RET(a) {ret = a; goto err;}
/* read private key file */
ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv);
if (ret != ISC_R_SUCCESS)
return (ret);
rsa = RSA_new();
if (rsa == NULL)
DST_RET(ISC_R_NOMEMORY);
SET_FLAGS(rsa);
key->opaque = rsa;
for (i = 0; i < priv.nelements; i++) {
BIGNUM *bn;
bn = BN_bin2bn(priv.elements[i].data,
priv.elements[i].length, NULL);
if (bn == NULL)
DST_RET(ISC_R_NOMEMORY);
switch (priv.elements[i].tag) {
case TAG_RSA_MODULUS:
rsa->n = bn;
break;
case TAG_RSA_PUBLICEXPONENT:
rsa->e = bn;
break;
case TAG_RSA_PRIVATEEXPONENT:
rsa->d = bn;
break;
case TAG_RSA_PRIME1:
rsa->p = bn;
break;
case TAG_RSA_PRIME2:
rsa->q = bn;
break;
case TAG_RSA_EXPONENT1:
rsa->dmp1 = bn;
break;
case TAG_RSA_EXPONENT2:
rsa->dmq1 = bn;
break;
case TAG_RSA_COEFFICIENT:
rsa->iqmp = bn;
break;
}
}
dst__privstruct_free(&priv, mctx);
key->key_size = BN_num_bits(rsa->n);
return (ISC_R_SUCCESS);
err:
opensslrsa_destroy(key);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ret);
}
static dst_func_t opensslrsa_functions = {
opensslrsa_createctx,
opensslrsa_destroyctx,
opensslrsa_adddata,
opensslrsa_sign,
opensslrsa_verify,
NULL, /* computesecret */
opensslrsa_compare,
NULL, /* paramcompare */
opensslrsa_generate,
opensslrsa_isprivate,
opensslrsa_destroy,
opensslrsa_todns,
opensslrsa_fromdns,
opensslrsa_tofile,
opensslrsa_parse,
NULL, /* cleanup */
};
isc_result_t
dst__opensslrsa_init(dst_func_t **funcp) {
REQUIRE(funcp != NULL);
if (*funcp == NULL)
*funcp = &opensslrsa_functions;
return (ISC_R_SUCCESS);
}
#else /* OPENSSL */
#include <isc/util.h>
EMPTY_TRANSLATION_UNIT
#endif /* OPENSSL */

81
contrib/bind9/lib/dns/rbt.c
View File

@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: rbt.c,v 1.115.2.2.2.9 2004/03/08 21:06:27 marka Exp $ */
/* $Id: rbt.c,v 1.115.2.2.2.11 2004/10/25 01:36:07 marka Exp $ */
/* Principal Authors: DCL */
@ -64,7 +64,6 @@ struct dns_rbt {
unsigned int nodecount;
unsigned int hashsize;
dns_rbtnode_t ** hashtable;
unsigned int quantum;
};
#define RED 0
@ -180,25 +179,6 @@ find_up(dns_rbtnode_t *node) {
return (PARENT(root));
}
#ifdef DNS_RBT_USEHASH
static inline void
compute_node_hash(dns_rbtnode_t *node) {
unsigned int hash;
dns_name_t name;
dns_rbtnode_t *up_node;
dns_name_init(&name, NULL);
NODENAME(node, &name);
hash = dns_name_hashbylabel(&name, ISC_FALSE);
up_node = find_up(node);
if (up_node != NULL)
hash += HASHVAL(up_node);
HASHVAL(node) = hash;
}
#endif
/*
* Forward declarations.
*/
@ -207,11 +187,11 @@ create_node(isc_mem_t *mctx, dns_name_t *name, dns_rbtnode_t **nodep);
#ifdef DNS_RBT_USEHASH
static inline void
hash_node(dns_rbt_t *rbt, dns_rbtnode_t *node);
hash_node(dns_rbt_t *rbt, dns_rbtnode_t *node, dns_name_t *name);
static inline void
unhash_node(dns_rbt_t *rbt, dns_rbtnode_t *node);
#else
#define hash_node(rbt, node) (ISC_R_SUCCESS)
#define hash_node(rbt, node, name) (ISC_R_SUCCESS)
#define unhash_node(rbt, node)
#endif
@ -231,7 +211,8 @@ static isc_result_t
dns_rbt_deletetree(dns_rbt_t *rbt, dns_rbtnode_t *node);
static void
dns_rbt_deletetreeflat(dns_rbt_t *rbt, dns_rbtnode_t **nodep);
dns_rbt_deletetreeflat(dns_rbt_t *rbt, unsigned int quantum,
dns_rbtnode_t **nodep);
/*
* Initialize a red/black tree of trees.
@ -268,7 +249,6 @@ dns_rbt_create(isc_mem_t *mctx, void (*deleter)(void *, void *),
return (result);
}
#endif
rbt->quantum = 0;
rbt->magic = RBT_MAGIC;
*rbtp = rbt;
@ -292,9 +272,7 @@ dns_rbt_destroy2(dns_rbt_t **rbtp, unsigned int quantum) {
rbt = *rbtp;
rbt->quantum = quantum;
dns_rbt_deletetreeflat(rbt, &rbt->root);
dns_rbt_deletetreeflat(rbt, quantum, &rbt->root);
if (rbt->root != NULL)
return (ISC_R_QUOTA);
@ -377,13 +355,14 @@ dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep) {
* Does this thing have too many variables or what?
*/
dns_rbtnode_t **root, *parent, *child, *current, *new_current;
dns_name_t *add_name, current_name, *prefix, *suffix;
dns_fixedname_t fixedcopy, fixedprefix, fixedsuffix;
dns_name_t *add_name, *new_name, current_name, *prefix, *suffix;
dns_fixedname_t fixedcopy, fixedprefix, fixedsuffix, fnewname;
dns_offsets_t current_offsets;
dns_namereln_t compared;
isc_result_t result = ISC_R_SUCCESS;
dns_rbtnodechain_t chain;
unsigned int common_labels;
unsigned int nlabels, hlabels;
int order;
REQUIRE(VALID_RBT(rbt));
@ -405,7 +384,7 @@ dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep) {
new_current->is_root = 1;
rbt->root = new_current;
*nodep = new_current;
hash_node(rbt, new_current);
hash_node(rbt, new_current, name);
}
return (result);
}
@ -423,6 +402,10 @@ dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep) {
current = NULL;
child = *root;
dns_name_init(&current_name, current_offsets);
dns_fixedname_init(&fnewname);
new_name = dns_fixedname_name(&fnewname);
nlabels = dns_name_countlabels(name);
hlabels = 0;
do {
current = child;
@ -462,6 +445,7 @@ dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep) {
* the non-common parts of these two names should
* start a new tree.
*/
hlabels += common_labels;
if (compared == dns_namereln_subdomain) {
/*
* All of the existing labels are in common,
@ -588,7 +572,10 @@ dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep) {
ATTRS(current) &= ~DNS_NAMEATTR_ABSOLUTE;
rbt->nodecount++;
hash_node(rbt, new_current);
dns_name_getlabelsequence(name,
nlabels - hlabels,
hlabels, new_name);
hash_node(rbt, new_current, new_name);
if (common_labels ==
dns_name_countlabels(add_name)) {
@ -635,7 +622,7 @@ dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep) {
dns_rbt_addonlevel(new_current, current, order, root);
rbt->nodecount++;
*nodep = new_current;
hash_node(rbt, new_current);
hash_node(rbt, new_current, name);
}
return (result);
@ -687,6 +674,7 @@ dns_rbt_findnode(dns_rbt_t *rbt, dns_name_t *name, dns_name_t *foundname,
dns_namereln_t compared;
isc_result_t result, saved_result;
unsigned int common_labels;
unsigned int hlabels = 0;
int order;
REQUIRE(VALID_RBT(rbt));
@ -782,11 +770,17 @@ dns_rbt_findnode(dns_rbt_t *rbt, dns_name_t *name, dns_name_t *foundname,
dns_name_init(&hash_name, NULL);
hashagain:
/*
* Hash includes tail.
*/
dns_name_getlabelsequence(name,
nlabels - tlabels,
hlabels + tlabels,
&hash_name);
hash = dns_name_fullhash(&hash_name, ISC_FALSE);
dns_name_getlabelsequence(search_name,
nlabels - tlabels,
tlabels, &hash_name);
hash = HASHVAL(up_current) +
dns_name_hashbylabel(&hash_name, ISC_FALSE);
for (hnode = rbt->hashtable[hash % rbt->hashsize];
hnode != NULL;
@ -863,6 +857,7 @@ dns_rbt_findnode(dns_rbt_t *rbt, dns_name_t *name, dns_name_t *foundname,
*/
dns_name_split(search_name, common_labels,
search_name, NULL);
hlabels += common_labels;
/*
* This might be the closest enclosing name.
*/
@ -1475,10 +1470,10 @@ create_node(isc_mem_t *mctx, dns_name_t *name, dns_rbtnode_t **nodep) {
#ifdef DNS_RBT_USEHASH
static inline void
hash_add_node(dns_rbt_t *rbt, dns_rbtnode_t *node) {
hash_add_node(dns_rbt_t *rbt, dns_rbtnode_t *node, dns_name_t *name) {
unsigned int hash;
compute_node_hash(node);
HASHVAL(node) = dns_name_fullhash(name, ISC_FALSE);
hash = HASHVAL(node) % rbt->hashsize;
HASHNEXT(node) = rbt->hashtable[hash];
@ -1539,14 +1534,14 @@ rehash(dns_rbt_t *rbt) {
}
static inline void
hash_node(dns_rbt_t *rbt, dns_rbtnode_t *node) {
hash_node(dns_rbt_t *rbt, dns_rbtnode_t *node, dns_name_t *name) {
REQUIRE(DNS_RBTNODE_VALID(node));
if (rbt->nodecount >= (rbt->hashsize *3))
rehash(rbt);
hash_add_node(rbt, node);
hash_add_node(rbt, node, name);
}
static inline void
@ -2021,8 +2016,6 @@ dns_rbt_deletetree(dns_rbt_t *rbt, dns_rbtnode_t *node) {
done:
if (result != ISC_R_SUCCESS)
return (result);
if (rbt->quantum != 0 && --rbt->quantum == 0)
return (ISC_R_QUOTA);
if (DATA(node) != NULL && rbt->data_deleter != NULL)
rbt->data_deleter(DATA(node), rbt->deleter_arg);
@ -2037,7 +2030,9 @@ dns_rbt_deletetree(dns_rbt_t *rbt, dns_rbtnode_t *node) {
}
static void
dns_rbt_deletetreeflat(dns_rbt_t *rbt, dns_rbtnode_t **nodep) {
dns_rbt_deletetreeflat(dns_rbt_t *rbt, unsigned int quantum,
dns_rbtnode_t **nodep)
{
dns_rbtnode_t *parent;
dns_rbtnode_t *node = *nodep;
REQUIRE(VALID_RBT(rbt));
@ -2081,7 +2076,7 @@ dns_rbt_deletetreeflat(dns_rbt_t *rbt, dns_rbtnode_t **nodep) {
isc_mem_put(rbt->mctx, node, NODE_SIZE(node));
rbt->nodecount--;
node = parent;
if (rbt->quantum != 0 && --rbt->quantum == 0) {
if (quantum != 0 && --quantum == 0) {
*nodep = node;
return;
}

Some files were not shown because too many files have changed in this diff Show More