import unbound 1.4.22

svn path=/vendor/unbound/dist/; revision=266077
svn path=/vendor/unbound/1.4.22/; revision=266078; tag=vendor/unbound/1.4.22

LICENSE

@@ -18,13 +18,13 @@ be used to endorse or promote products derived from this software without
 specific prior written permission.
 
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
-TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
-LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGE.
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

acx_nlnetlabs.m4

@@ -2,7 +2,8 @@
 # Copyright 2009, Wouter Wijngaards, NLnet Labs.   
 # BSD licensed.
 #
-# Version 25
+# Version 26
+# 2013-09-19 FLTO help text improved.
 # 2013-07-18 Enable ACX_CHECK_COMPILER_FLAG to test for -Wstrict-prototypes
 # 2013-06-25 FLTO has --disable-flto option.
 # 2013-05-03 Update W32_SLEEP for newer mingw that links but not defines it.
@@ -410,7 +411,7 @@ dnl Check if CC supports -flto.
 dnl in a way that supports clang and suncc (that flag does something else,
 dnl but fails to link).  It sets it in CFLAGS if it works.
 AC_DEFUN([ACX_CHECK_FLTO], [
-    AC_ARG_ENABLE([flto], AS_HELP_STRING([--disable-flto], [Disable link-time optimization]))
+    AC_ARG_ENABLE([flto], AS_HELP_STRING([--disable-flto], [Disable link-time optimization (gcc specific option)]))
     AS_IF([test "x$enable_flto" != "xno"], [
         AC_MSG_CHECKING([if $CC supports -flto])
         BAKCFLAGS="$CFLAGS"

compat/snprintf.c

@@ -20,16 +20,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 #include "config.h"

compat/strlcat.c

@@ -0,0 +1,73 @@
+/* compat/strlcat.c */
+
+/*-
+ * Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote products
+ *    derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL
+ * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* OPENBSD ORIGINAL: lib/libc/string/strlcat.c */
+
+#include "config.h"
+#ifndef HAVE_STRLCAT
+
+#include <sys/types.h>
+#include <string.h>
+
+/*
+ * Appends src to string dst of size siz (unlike strncat, siz is the
+ * full size of dst, not space left).  At most siz-1 characters
+ * will be copied.  Always NUL terminates (unless siz <= strlen(dst)).
+ * Returns strlen(src) + MIN(siz, strlen(initial dst)).
+ * If retval >= siz, truncation occurred.
+ */
+size_t
+strlcat(char *dst, const char *src, size_t siz)
+{
+	char *d = dst;
+	const char *s = src;
+	size_t n = siz;
+	size_t dlen;
+
+	/* Find the end of dst and adjust bytes left but don't go past end */
+	while (n-- != 0 && *d != '\0')
+		d++;
+	dlen = d - dst;
+	n = siz - dlen;
+
+	if (n == 0)
+		return(dlen + strlen(s));
+	while (*s != '\0') {
+		if (n != 1) {
+			*d++ = *s;
+			n--;
+		}
+		s++;
+	}
+	*d = '\0';
+
+	return(dlen + (s - src));	/* count does not include NUL */
+}
+
+#endif /* !HAVE_STRLCAT */

config.h.in

@@ -70,6 +70,12 @@
 /* Define to 1 if you have the <dlfcn.h> header file. */
 #undef HAVE_DLFCN_H
 
+/* Define to 1 if you have the `endprotoent' function. */
+#undef HAVE_ENDPROTOENT
+
+/* Define to 1 if you have the `endservent' function. */
+#undef HAVE_ENDSERVENT
+
 /* Define to 1 if you have the `event_base_free' function. */
 #undef HAVE_EVENT_BASE_FREE
 
@@ -166,15 +172,6 @@
 /* Define to 1 if you have the `kill' function. */
 #undef HAVE_KILL
 
-/* Define to 1 if you have the `ldns_key_EVP_unload_gost' function. */
-#undef HAVE_LDNS_KEY_EVP_UNLOAD_GOST
-
-/* Define to 1 if you have the <ldns/ldns.h> header file. */
-#undef HAVE_LDNS_LDNS_H
-
-/* Define to 1 if you have the `ldns' library (-lldns). */
-#undef HAVE_LIBLDNS
-
 /* Define to 1 if you have the `localtime_r' function. */
 #undef HAVE_LOCALTIME_R
 
@@ -310,6 +307,9 @@
 /* Define to 1 if you have the <string.h> header file. */
 #undef HAVE_STRING_H
 
+/* Define to 1 if you have the `strlcat' function. */
+#undef HAVE_STRLCAT
+
 /* Define to 1 if you have the `strlcpy' function. */
 #undef HAVE_STRLCPY
 
@@ -475,6 +475,9 @@
 /* Shared data */
 #undef SHARE_DIR
 
+/* The size of `time_t', as computed by sizeof. */
+#undef SIZEOF_TIME_T
+
 /* Define to 1 if you have the ANSI C header files. */
 #undef STDC_HEADERS
 
@@ -569,6 +572,9 @@
 /* Define to 1 if on MINIX. */
 #undef _MINIX
 
+/* Enable for compile on Minix */
+#undef _NETBSD_SOURCE
+
 /* Define to 2 if the system does not provide POSIX.1 features except with
    this defined. */
 #undef _POSIX_1_SOURCE
@@ -687,6 +693,12 @@
 #  define NDEBUG
 #endif
 
+/** Use small-ldns codebase */
+#define USE_SLDNS 1
+#ifdef HAVE_SSL
+#  define LDNS_BUILD_CONFIG_HAVE_SSL 1
+#endif
+
 #include <stdio.h>
 #include <string.h>
 #include <unistd.h>
@@ -697,6 +709,10 @@
 #include <stddef.h>
 #endif
 
+#ifdef HAVE_STDARG_H
+#include <stdarg.h>
+#endif
+
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
 #endif
@@ -731,6 +747,12 @@
 #include <ws2tcpip.h>
 #endif
 
+#ifndef USE_WINSOCK
+#define ARG_LL "%ll"
+#else
+#define ARG_LL "%I64"
+#endif
+
 
  
 #ifdef HAVE_ATTR_FORMAT
@@ -796,6 +818,12 @@ void *memmove(void *dest, const void *src, size_t n);
 #endif
 
 
+#ifndef HAVE_STRLCAT
+#define strlcat strlcat_unbound
+size_t strlcat(char *dst, const char *src, size_t siz);
+#endif
+
+
 #ifndef HAVE_STRLCPY
 #define strlcpy strlcpy_unbound
 size_t strlcpy(char *dst, const char *src, size_t siz);

configure

@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for unbound 1.4.21.
+# Generated by GNU Autoconf 2.69 for unbound 1.4.22.
 #
 # Report bugs to <unbound-bugs@nlnetlabs.nl>.
 #
@@ -590,8 +590,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='unbound'
 PACKAGE_TARNAME='unbound'
-PACKAGE_VERSION='1.4.21'
-PACKAGE_STRING='unbound 1.4.21'
+PACKAGE_VERSION='1.4.22'
+PACKAGE_STRING='unbound 1.4.22'
 PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl'
 PACKAGE_URL=''
 
@@ -632,7 +632,7 @@ ac_includes_default="\
 #endif"
 
 ac_subst_vars='LTLIBOBJS
-ldnsdir
+INSTALLTARGET
 ALLTARGET
 SOURCEFILE
 SOURCEDETERMINE
@@ -651,6 +651,8 @@ WINAPPS
 WINDRES
 CHECKLOCK_OBJ
 staticexe
+UNBOUND_EVENT_UNINSTALL
+UNBOUND_EVENT_INSTALL
 HAVE_SSL
 CONFIG_DATE
 NETBSD_LINTFLAGS
@@ -819,13 +821,13 @@ with_ssl
 enable_sha2
 enable_gost
 enable_ecdsa
+enable_event_api
 with_libevent
 with_libexpat
 enable_static_exe
 enable_lock_checks
 enable_allsymbols
 with_libunbound_only
-with_ldns
 '
       ac_precious_vars='build_alias
 host_alias
@@ -1379,7 +1381,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures unbound 1.4.21 to adapt to many kinds of systems.
+\`configure' configures unbound 1.4.22 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1445,7 +1447,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of unbound 1.4.21:";;
+     short | recursive ) echo "Configuration of unbound 1.4.22:";;
    esac
   cat <<\_ACEOF
 
@@ -1455,7 +1457,7 @@ Optional Features:
   --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
   --enable-checking       Enable warnings, asserts, makefile-dependencies
   --enable-debug          same as enable-checking
-  --disable-flto          Disable link-time optimization
+  --disable-flto          Disable link-time optimization (gcc specific option)
   --enable-shared[=PKGS]  build shared libraries [default=yes]
   --enable-static[=PKGS]  build static libraries [default=yes]
   --enable-fast-install[=PKGS]
@@ -1474,8 +1476,10 @@ Optional Features:
   --disable-sha2          Disable SHA256 and SHA512 RRSIG support
   --disable-gost          Disable GOST support
   --disable-ecdsa         Disable ECDSA support
+  --enable-event-api      Enable (experimental) libevent-based libunbound API
+                          installed to unbound-event.h
   --enable-static-exe     enable to compile executables statically against
-                          event, ldns libs, for debug purposes
+                          (event) libs, for debug purposes
   --enable-lock-checks    enable to check lock and unlock calls, for debug
                           purposes
   --enable-allsymbols     export all symbols from libunbound and link binaries
@@ -1526,7 +1530,6 @@ Optional Packages:
                           outgoing port ranges.
   --with-libexpat=path    specify explicit path for libexpat.
   --with-libunbound-only  do not build daemon and tool programs
-  --with-ldns=PATH        specify prefix of path of ldns library to use
 
 Some influential environment variables:
   CC          C compiler command
@@ -1614,7 +1617,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-unbound configure 1.4.21
+unbound configure 1.4.22
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2034,6 +2037,189 @@ $as_echo "$ac_res" >&6; }
 
 } # ac_fn_c_check_type
 
+# ac_fn_c_compute_int LINENO EXPR VAR INCLUDES
+# --------------------------------------------
+# Tries to find the compile-time value of EXPR in a program that includes
+# INCLUDES, setting VAR accordingly. Returns whether the value could be
+# computed
+ac_fn_c_compute_int ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  if test "$cross_compiling" = yes; then
+    # Depending upon the size, compute the lo and hi bounds.
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) >= 0)];
+test_array [0] = 0;
+return test_array [0];
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_lo=0 ac_mid=0
+  while :; do
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) <= $ac_mid)];
+test_array [0] = 0;
+return test_array [0];
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_hi=$ac_mid; break
+else
+  as_fn_arith $ac_mid + 1 && ac_lo=$as_val
+			if test $ac_lo -le $ac_mid; then
+			  ac_lo= ac_hi=
+			  break
+			fi
+			as_fn_arith 2 '*' $ac_mid + 1 && ac_mid=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  done
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) < 0)];
+test_array [0] = 0;
+return test_array [0];
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_hi=-1 ac_mid=-1
+  while :; do
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) >= $ac_mid)];
+test_array [0] = 0;
+return test_array [0];
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_lo=$ac_mid; break
+else
+  as_fn_arith '(' $ac_mid ')' - 1 && ac_hi=$as_val
+			if test $ac_mid -le $ac_hi; then
+			  ac_lo= ac_hi=
+			  break
+			fi
+			as_fn_arith 2 '*' $ac_mid && ac_mid=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  done
+else
+  ac_lo= ac_hi=
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+# Binary search between lo and hi bounds.
+while test "x$ac_lo" != "x$ac_hi"; do
+  as_fn_arith '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo && ac_mid=$as_val
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) <= $ac_mid)];
+test_array [0] = 0;
+return test_array [0];
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_hi=$ac_mid
+else
+  as_fn_arith '(' $ac_mid ')' + 1 && ac_lo=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+done
+case $ac_lo in #((
+?*) eval "$3=\$ac_lo"; ac_retval=0 ;;
+'') ac_retval=1 ;;
+esac
+  else
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+static long int longval () { return $2; }
+static unsigned long int ulongval () { return $2; }
+#include <stdio.h>
+#include <stdlib.h>
+int
+main ()
+{
+
+  FILE *f = fopen ("conftest.val", "w");
+  if (! f)
+    return 1;
+  if (($2) < 0)
+    {
+      long int i = longval ();
+      if (i != ($2))
+	return 1;
+      fprintf (f, "%ld", i);
+    }
+  else
+    {
+      unsigned long int i = ulongval ();
+      if (i != ($2))
+	return 1;
+      fprintf (f, "%lu", i);
+    }
+  /* Do not output a trailing newline, as this causes \r\n confusion
+     on some platforms.  */
+  return ferror (f) || fclose (f) != 0;
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+  echo >>conftest.val; read $3 <conftest.val; ac_retval=0
+else
+  ac_retval=1
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+rm -f conftest.val
+
+  fi
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} # ac_fn_c_compute_int
+
 # ac_fn_c_check_decl LINENO SYMBOL VAR INCLUDES
 # ---------------------------------------------
 # Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR
@@ -2140,7 +2326,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by unbound $as_me 1.4.21, which was
+It was created by unbound $as_me 1.4.22, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -2492,7 +2678,7 @@ UNBOUND_VERSION_MAJOR=1
 
 UNBOUND_VERSION_MINOR=4
 
-UNBOUND_VERSION_MICRO=21
+UNBOUND_VERSION_MICRO=22
 
 
 LIBUNBOUND_CURRENT=4
@@ -3970,6 +4156,11 @@ $as_echo "$ac_cv_safe_to_define___extensions__" >&6; }
 
 
 
+if test "$ac_cv_header_minix_config_h" = "yes"; then
+
+$as_echo "#define _NETBSD_SOURCE 1" >>confdefs.h
+
+fi
 
 case "$prefix" in
         NONE)
@@ -13883,6 +14074,53 @@ rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
 fi
 
 
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of time_t" >&5
+$as_echo_n "checking size of time_t... " >&6; }
+if ${ac_cv_sizeof_time_t+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (time_t))" "ac_cv_sizeof_time_t"        "
+$ac_includes_default
+#ifdef TIME_WITH_SYS_TIME
+# include <sys/time.h>
+# include <time.h>
+#else
+# ifdef HAVE_SYS_TIME_H
+#  include <sys/time.h>
+# else
+#  include <time.h>
+# endif
+#endif
+
+"; then :
+
+else
+  if test "$ac_cv_type_time_t" = yes; then
+     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (time_t)
+See \`config.log' for more details" "$LINENO" 5; }
+   else
+     ac_cv_sizeof_time_t=0
+   fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_time_t" >&5
+$as_echo "$ac_cv_sizeof_time_t" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_TIME_T $ac_cv_sizeof_time_t
+_ACEOF
+
+
+
 # add option to disable the evil rpath
 
 # Check whether --enable-rpath was given.
@@ -16725,7 +16963,7 @@ else
 #include <openssl/evp.h>
 #include <openssl/engine.h>
 #include <openssl/conf.h>
-/* routine to load gost from ldns */
+/* routine to load gost (from sldns) */
 int load_gost_id(void)
 {
 	static int gost_id = 0;
@@ -16915,6 +17153,20 @@ _ACEOF
       ;;
 esac
 
+# Check whether --enable-event-api was given.
+if test "${enable_event_api+set}" = set; then :
+  enableval=$enable_event_api;
+fi
+
+use_unbound_event="no"
+case "$enable_event_api" in
+    yes)
+      use_unbound_event="yes"
+      ;;
+    *)
+      ;;
+esac
+
 # check for libevent
 
 # Check whether --with-libevent was given.
@@ -16932,7 +17184,7 @@ $as_echo_n "checking for libevent... " >&6; }
         fi
         for dir in $withval; do
             thedir="$dir"
-            if test -f "$dir/include/event.h"; then
+            if test -f "$dir/include/event.h" -o -f "$dir/include/event2/event.h"; then
                 found_libevent="yes"
 				if test "$thedir" != "/usr"; then
                     CPPFLAGS="$CPPFLAGS -I$thedir/include"
@@ -16969,8 +17221,18 @@ large outgoing port ranges.  " "$LINENO" 5
         else
             { $as_echo "$as_me:${as_lineno-$LINENO}: result: found in $thedir" >&5
 $as_echo "found in $thedir" >&6; }
-	    	    if test "$thedir" != "/usr" -a "$thedir" != ""; then
-                LDFLAGS="$LDFLAGS -L$thedir/lib"
+	    	    if test ! -f $thedir/lib/libevent.a -a ! -f $thedir/lib/libevent.so -a -d "$thedir/lib/event2"; then
+		    LDFLAGS="$LDFLAGS -L$thedir/lib/event2"
+
+	if test "x$enable_rpath" = xyes; then
+		if echo "$thedir/lib/event2" | grep "^/" >/dev/null; then
+			RUNTIME_PATH="$RUNTIME_PATH -R$thedir/lib/event2"
+		fi
+	fi
+
+	    else
+		    		    if test "$thedir" != "/usr" -a "$thedir" != ""; then
+			LDFLAGS="$LDFLAGS -L$thedir/lib"
 
 	if test "x$enable_rpath" = xyes; then
 		if echo "$thedir/lib" | grep "^/" >/dev/null; then
@@ -16978,6 +17240,7 @@ $as_echo "found in $thedir" >&6; }
 		fi
 	fi
 
+		    fi
 	    fi
         fi
 	# check for library used by libevent after 1.3c
@@ -17245,6 +17508,12 @@ done
 	if test -n "$BAK_LDFLAGS_SET"; then
 		LDFLAGS="$BAK_LDFLAGS"
 	fi
+        if test "$use_unbound_event" = "yes"; then
+		UNBOUND_EVENT_INSTALL=unbound-event-install
+
+		UNBOUND_EVENT_UNINSTALL=unbound-event-uninstall
+
+	fi
 else
 
 $as_echo "#define USE_MINI_EVENT 1" >>confdefs.h
@@ -17732,7 +18001,7 @@ if test "$ac_res" != no; then :
 
 fi
 
-for ac_func in tzset sigprocmask fcntl getpwnam getrlimit setrlimit setsid sbrk chroot kill sleep usleep random srandom recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex
+for ac_func in tzset sigprocmask fcntl getpwnam getrlimit setrlimit setsid sbrk chroot kill sleep usleep random srandom recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex endservent endprotoent
 do :
   as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
 ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
@@ -17853,6 +18122,20 @@ esac
 fi
 
 
+ac_fn_c_check_func "$LINENO" "strlcat" "ac_cv_func_strlcat"
+if test "x$ac_cv_func_strlcat" = xyes; then :
+  $as_echo "#define HAVE_STRLCAT 1" >>confdefs.h
+
+else
+  case " $LIBOBJS " in
+  *" strlcat.$ac_objext "* ) ;;
+  *) LIBOBJS="$LIBOBJS strlcat.$ac_objext"
+ ;;
+esac
+
+fi
+
+
 ac_fn_c_check_func "$LINENO" "strlcpy" "ac_cv_func_strlcpy"
 if test "x$ac_cv_func_strlcpy" = xyes; then :
   $as_echo "#define HAVE_STRLCPY 1" >>confdefs.h
@@ -17990,204 +18273,20 @@ rm -f conftest.lo
 
 # see if we want to build the library or everything
 ALLTARGET="alltargets"
+INSTALLTARGET="install-all"
 
 # Check whether --with-libunbound-only was given.
 if test "${with_libunbound_only+set}" = set; then :
   withval=$with_libunbound_only;
 	if test "$withval" = "yes"; then
 		ALLTARGET="lib"
+		INSTALLTARGET="install-lib"
 	fi
 
 fi
 
 
 
-# check this after all other compilation checks, since the linking of the lib
-# may break checks after this.
-
-# Check whether --with-ldns was given.
-if test "${with_ldns+set}" = set; then :
-  withval=$with_ldns;
-	if test "$withval" != "yes"; then
-		if test "$withval" != "/usr" -a "$withval" != ""; then
-			CPPFLAGS="-I$withval/include $CPPFLAGS"
-			LDFLAGS="-L$withval/lib $LDFLAGS"
-
-	if test "x$enable_rpath" = xyes; then
-		if echo "$withval/lib" | grep "^/" >/dev/null; then
-			RUNTIME_PATH="$RUNTIME_PATH -R$withval/lib"
-		fi
-	fi
-
-		fi
-		ldnsdir="$withval"
-
-	fi
-
-fi
-
-
-# check if ldns is good enough
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ldns_rr_new in -lldns" >&5
-$as_echo_n "checking for ldns_rr_new in -lldns... " >&6; }
-if ${ac_cv_lib_ldns_ldns_rr_new+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lldns  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char ldns_rr_new ();
-int
-main ()
-{
-return ldns_rr_new ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_ldns_ldns_rr_new=yes
-else
-  ac_cv_lib_ldns_ldns_rr_new=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ldns_ldns_rr_new" >&5
-$as_echo "$ac_cv_lib_ldns_ldns_rr_new" >&6; }
-if test "x$ac_cv_lib_ldns_ldns_rr_new" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBLDNS 1
-_ACEOF
-
-  LIBS="-lldns $LIBS"
-
-else
-
-	as_fn_error $? "No ldns library found, install the ldns library into system lib dir or use --with-ldns=path to other location.  The --with-ldns can point to the make-dir of ldns.  Install the package ldns or download source http://www.nlnetlabs.nl/projects/ldns" "$LINENO" 5
-
-fi
-
-ac_fn_c_check_func "$LINENO" "ldns_buffer_copy" "ac_cv_func_ldns_buffer_copy"
-if test "x$ac_cv_func_ldns_buffer_copy" = xyes; then :
-
-fi
-
-if test $USE_NSS = "no"; then
-    ac_fn_c_check_func "$LINENO" "ldns_key_buf2rsa_raw" "ac_cv_func_ldns_key_buf2rsa_raw"
-if test "x$ac_cv_func_ldns_key_buf2rsa_raw" = xyes; then :
-
-fi
-
-else
-        ac_cv_func_ldns_key_buf2rsa_raw="yes"
-fi
-ac_fn_c_check_func "$LINENO" "ldns_get_random" "ac_cv_func_ldns_get_random"
-if test "x$ac_cv_func_ldns_get_random" = xyes; then :
-
-fi
-
-ac_fn_c_check_func "$LINENO" "ldns_b32_ntop_extended_hex" "ac_cv_func_ldns_b32_ntop_extended_hex"
-if test "x$ac_cv_func_ldns_b32_ntop_extended_hex" = xyes; then :
-
-fi
-
-if test x$use_gost = xyes -a x$USE_NSS = xno; then
-    ac_fn_c_check_func "$LINENO" "ldns_key_EVP_load_gost_id" "ac_cv_func_ldns_key_EVP_load_gost_id"
-if test "x$ac_cv_func_ldns_key_EVP_load_gost_id" = xyes; then :
-
-fi
-
-    for ac_func in ldns_key_EVP_unload_gost
-do :
-  ac_fn_c_check_func "$LINENO" "ldns_key_EVP_unload_gost" "ac_cv_func_ldns_key_EVP_unload_gost"
-if test "x$ac_cv_func_ldns_key_EVP_unload_gost" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LDNS_KEY_EVP_UNLOAD_GOST 1
-_ACEOF
-
-fi
-done
-
-else
-        ac_cv_func_ldns_key_EVP_load_gost_id="yes"
-fi
-if test x$use_ecdsa = xyes; then
-    ac_fn_c_check_decl "$LINENO" "LDNS_ECDSAP384SHA384" "ac_cv_have_decl_LDNS_ECDSAP384SHA384" "
-$ac_includes_default
-#ifdef HAVE_SYS_SOCKET_H
-#  include <sys/socket.h>
-#endif
-#ifdef HAVE_WS2TCPIP_H
-#  include <ws2tcpip.h>
-#endif
-#include <ldns/ldns.h>
-
-"
-if test "x$ac_cv_have_decl_LDNS_ECDSAP384SHA384" = xyes; then :
-
-fi
-
-else
-    ac_cv_have_decl_LDNS_ECDSAP384SHA384="yes"
-fi
-for ac_header in ldns/ldns.h
-do :
-  ac_fn_c_check_header_compile "$LINENO" "ldns/ldns.h" "ac_cv_header_ldns_ldns_h" "$ac_includes_default
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#ifdef HAVE_WINSOCK2_H
-#include <winsock2.h>
-#endif
-
-#ifdef HAVE_WS2TCPIP_H
-#include <ws2tcpip.h>
-#endif
-
-"
-if test "x$ac_cv_header_ldns_ldns_h" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LDNS_LDNS_H 1
-_ACEOF
-
-else
-
-	as_fn_error $? "No ldns include file found, install the ldns library development files.  Install package ldns-dev or ldns-devel or download source http://www.nlnetlabs.nl/projects/ldns" "$LINENO" 5
-
-fi
-
-done
-
-if test $ac_cv_func_ldns_buffer_copy = yes \
-    -a $ac_cv_func_ldns_key_buf2rsa_raw = yes \
-    -a $ac_cv_func_ldns_get_random = yes \
-    -a $ac_cv_header_ldns_ldns_h = yes \
-    -a $ac_cv_func_ldns_b32_ntop_extended_hex = yes \
-    -a $ac_cv_func_ldns_key_EVP_load_gost_id = yes \
-    -a $ac_cv_have_decl_LDNS_ECDSAP384SHA384 = yes; then
-        :
-else
-    as_fn_error $? "ldns library is not recent, update the ldns library, install it into system lib dir or use --with-ldns=path to other location.  The --with-ldns can point to the make-dir of ldns.  Package libldns or download source http://www.nlnetlabs.nl/projects/ldns" "$LINENO" 5
-fi
 
 
   { $as_echo "$as_me:${as_lineno-$LINENO}: Stripping extension flags..." >&5
@@ -18777,7 +18876,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by unbound $as_me 1.4.21, which was
+This file was extended by unbound $as_me 1.4.22, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -18843,7 +18942,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-unbound config.status 1.4.21
+unbound config.status 1.4.22
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 

configure.ac

@@ -9,7 +9,7 @@ sinclude(ac_pkg_swig.m4)
 # must be numbers. ac_defun because of later processing
 m4_define([VERSION_MAJOR],[1])
 m4_define([VERSION_MINOR],[4])
-m4_define([VERSION_MICRO],[21])
+m4_define([VERSION_MICRO],[22])
 AC_INIT(unbound, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), unbound-bugs@nlnetlabs.nl, unbound)
 AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR])
 AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR])
@@ -92,6 +92,9 @@ AC_DEFINE_UNQUOTED(CONFIGURE_DATE, ["`date`"], [configure date])
 
 CFLAGS="$CFLAGS"
 AC_AIX
+if test "$ac_cv_header_minix_config_h" = "yes"; then
+	AC_DEFINE(_NETBSD_SOURCE,1, [Enable for compile on Minix])
+fi
 
 dnl
 dnl By default set prefix to /usr/local
@@ -296,6 +299,20 @@ ACX_TYPE_IN_ADDR_T
 ACX_TYPE_IN_PORT_T
 ACX_CHECK_MEMCMP_SIGNED
 
+AC_CHECK_SIZEOF(time_t,,[
+AC_INCLUDES_DEFAULT
+#ifdef TIME_WITH_SYS_TIME
+# include <sys/time.h>
+# include <time.h>
+#else
+# ifdef HAVE_SYS_TIME_H
+#  include <sys/time.h>
+# else
+#  include <time.h>
+# endif
+#endif
+])
+
 # add option to disable the evil rpath
 ACX_ARG_RPATH
 AC_SUBST(RUNTIME_PATH)
@@ -600,7 +617,7 @@ AC_RUN_IFELSE([AC_LANG_SOURCE([[
 #include <openssl/evp.h>
 #include <openssl/engine.h>
 #include <openssl/conf.h>
-/* routine to load gost from ldns */
+/* routine to load gost (from sldns) */
 int load_gost_id(void)
 {
 	static int gost_id = 0;
@@ -728,6 +745,16 @@ case "$enable_ecdsa" in
       ;;
 esac
 
+AC_ARG_ENABLE(event-api, AC_HELP_STRING([--enable-event-api], [Enable (experimental) libevent-based libunbound API installed to unbound-event.h]))
+use_unbound_event="no"
+case "$enable_event_api" in
+    yes)
+      use_unbound_event="yes"
+      ;;
+    *)
+      ;;
+esac
+
 # check for libevent
 AC_ARG_WITH(libevent, AC_HELP_STRING([--with-libevent=pathname],
     [use libevent (will check /usr/local /opt/local /usr/lib /usr/pkg /usr/sfw /usr  or you can specify an explicit path). Slower, but allows use of large outgoing port ranges.]),
@@ -739,7 +766,7 @@ if test x_$withval = x_yes -o x_$withval != x_no; then
         fi
         for dir in $withval; do
             thedir="$dir"
-            if test -f "$dir/include/event.h"; then
+            if test -f "$dir/include/event.h" -o -f "$dir/include/event2/event.h"; then
                 found_libevent="yes"
 		dnl assume /usr is in default path.
 		if test "$thedir" != "/usr"; then
@@ -775,10 +802,16 @@ large outgoing port ranges.  ])
 		fi
         else
             AC_MSG_RESULT(found in $thedir)
-	    dnl assume /usr is in default path, do not add "".
-	    if test "$thedir" != "/usr" -a "$thedir" != ""; then
-                LDFLAGS="$LDFLAGS -L$thedir/lib"
-		ACX_RUNTIME_PATH_ADD([$thedir/lib])
+	    dnl if event2 exists and no event lib in dir itself, use subdir
+	    if test ! -f $thedir/lib/libevent.a -a ! -f $thedir/lib/libevent.so -a -d "$thedir/lib/event2"; then
+		    LDFLAGS="$LDFLAGS -L$thedir/lib/event2"
+		    ACX_RUNTIME_PATH_ADD([$thedir/lib/event2])
+	    else
+		    dnl assume /usr is in default path, do not add "".
+		    if test "$thedir" != "/usr" -a "$thedir" != ""; then
+			LDFLAGS="$LDFLAGS -L$thedir/lib"
+			ACX_RUNTIME_PATH_ADD([$thedir/lib])
+		    fi
 	    fi
         fi
 	# check for library used by libevent after 1.3c
@@ -802,6 +835,10 @@ large outgoing port ranges.  ])
 	if test -n "$BAK_LDFLAGS_SET"; then
 		LDFLAGS="$BAK_LDFLAGS"
 	fi
+        if test "$use_unbound_event" = "yes"; then
+		AC_SUBST(UNBOUND_EVENT_INSTALL, [unbound-event-install])
+		AC_SUBST(UNBOUND_EVENT_UNINSTALL, [unbound-event-uninstall])
+	fi
 else
 	AC_DEFINE(USE_MINI_EVENT, 1, [Define if you want to use internal select based events])
 fi
@@ -833,7 +870,7 @@ AC_CHECK_HEADERS([expat.h],,, [AC_INCLUDES_DEFAULT])
 AC_SUBST(staticexe)
 staticexe=""
 AC_ARG_ENABLE(static-exe, AC_HELP_STRING([--enable-static-exe],
-	[ enable to compile executables statically against event, ldns libs, for debug purposes ]), 
+	[ enable to compile executables statically against (event) libs, for debug purposes ]), 
 	, )
 if test x_$enable_static_exe = x_yes; then
 	staticexe="-static"
@@ -926,7 +963,7 @@ AC_INCLUDES_DEFAULT
 #endif
 ])
 AC_SEARCH_LIBS([setusercontext], [util])
-AC_CHECK_FUNCS([tzset sigprocmask fcntl getpwnam getrlimit setrlimit setsid sbrk chroot kill sleep usleep random srandom recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex])
+AC_CHECK_FUNCS([tzset sigprocmask fcntl getpwnam getrlimit setrlimit setsid sbrk chroot kill sleep usleep random srandom recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex endservent endprotoent])
 AC_CHECK_FUNCS([setresuid],,[AC_CHECK_FUNCS([setreuid])])
 AC_CHECK_FUNCS([setresgid],,[AC_CHECK_FUNCS([setregid])])
 
@@ -938,6 +975,7 @@ AC_REPLACE_FUNCS(inet_aton)
 AC_REPLACE_FUNCS(inet_pton)
 AC_REPLACE_FUNCS(inet_ntop)
 AC_REPLACE_FUNCS(snprintf)
+AC_REPLACE_FUNCS(strlcat)
 AC_REPLACE_FUNCS(strlcpy)
 AC_REPLACE_FUNCS(memmove)
 AC_REPLACE_FUNCS(gmtime_r)
@@ -1014,100 +1052,17 @@ AC_SUBST(SOURCEFILE)
 
 # see if we want to build the library or everything
 ALLTARGET="alltargets"
+INSTALLTARGET="install-all"
 AC_ARG_WITH(libunbound-only, AC_HELP_STRING([--with-libunbound-only],
 	[do not build daemon and tool programs]),
 	[
 	if test "$withval" = "yes"; then
 		ALLTARGET="lib"
+		INSTALLTARGET="install-lib"
 	fi
 ])
 AC_SUBST(ALLTARGET)
-
-# check this after all other compilation checks, since the linking of the lib
-# may break checks after this.
-AC_ARG_WITH(ldns, AC_HELP_STRING([--with-ldns=PATH], 
-	[specify prefix of path of ldns library to use]), 
-	[
-	if test "$withval" != "yes"; then
-		if test "$withval" != "/usr" -a "$withval" != ""; then
-			CPPFLAGS="-I$withval/include $CPPFLAGS"
-			LDFLAGS="-L$withval/lib $LDFLAGS"
-			ACX_RUNTIME_PATH_ADD([$withval/lib])
-		fi
-		ldnsdir="$withval"
-		AC_SUBST(ldnsdir)
-	fi
-])
-
-# check if ldns is good enough
-AC_CHECK_LIB(ldns, ldns_rr_new,,[
-	AC_MSG_ERROR([No ldns library found, install the ldns library into system lib dir or use --with-ldns=path to other location.  The --with-ldns can point to the make-dir of ldns.  Install the package ldns or download source http://www.nlnetlabs.nl/projects/ldns])
-])
-AC_CHECK_FUNC(ldns_buffer_copy)
-if test $USE_NSS = "no"; then
-    AC_CHECK_FUNC(ldns_key_buf2rsa_raw)
-else
-    dnl ignore test
-    ac_cv_func_ldns_key_buf2rsa_raw="yes"
-fi
-AC_CHECK_FUNC(ldns_get_random)
-AC_CHECK_FUNC(ldns_b32_ntop_extended_hex)
-if test x$use_gost = xyes -a x$USE_NSS = xno; then
-    AC_CHECK_FUNC(ldns_key_EVP_load_gost_id)
-    AC_CHECK_FUNCS([ldns_key_EVP_unload_gost])
-else
-    dnl ignore test
-    ac_cv_func_ldns_key_EVP_load_gost_id="yes"
-fi
-if test x$use_ecdsa = xyes; then
-    AC_CHECK_DECL([LDNS_ECDSAP384SHA384], [], [], [
-AC_INCLUDES_DEFAULT
-#ifdef HAVE_SYS_SOCKET_H
-#  include <sys/socket.h>
-#endif
-#ifdef HAVE_WS2TCPIP_H
-#  include <ws2tcpip.h>
-#endif
-#include <ldns/ldns.h>
-    ])
-else
-    ac_cv_have_decl_LDNS_ECDSAP384SHA384="yes"
-fi
-AC_CHECK_HEADERS([ldns/ldns.h],,[
-	AC_MSG_ERROR([No ldns include file found, install the ldns library development files.  Install package ldns-dev or ldns-devel or download source http://www.nlnetlabs.nl/projects/ldns])
-	], [AC_INCLUDES_DEFAULT
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#ifdef HAVE_WINSOCK2_H
-#include <winsock2.h>
-#endif
-
-#ifdef HAVE_WS2TCPIP_H
-#include <ws2tcpip.h>
-#endif
-])
-if test $ac_cv_func_ldns_buffer_copy = yes \
-    -a $ac_cv_func_ldns_key_buf2rsa_raw = yes \
-    -a $ac_cv_func_ldns_get_random = yes \
-    -a $ac_cv_header_ldns_ldns_h = yes \
-    -a $ac_cv_func_ldns_b32_ntop_extended_hex = yes \
-    -a $ac_cv_func_ldns_key_EVP_load_gost_id = yes \
-    -a $ac_cv_have_decl_LDNS_ECDSAP384SHA384 = yes; then
-    dnl ldns was found
-    :
-else
-    AC_MSG_ERROR([ldns library is not recent, update the ldns library, install it into system lib dir or use --with-ldns=path to other location.  The --with-ldns can point to the make-dir of ldns.  Package libldns or download source http://www.nlnetlabs.nl/projects/ldns])
-fi
+AC_SUBST(INSTALLTARGET)
 
 ACX_STRIP_EXT_FLAGS
 LDFLAGS="$LATE_LDFLAGS $LDFLAGS"
@@ -1124,6 +1079,12 @@ dnl includes
 #  define NDEBUG
 #endif
 
+/** Use small-ldns codebase */
+#define USE_SLDNS 1
+#ifdef HAVE_SSL
+#  define LDNS_BUILD_CONFIG_HAVE_SSL 1
+#endif
+
 #include <stdio.h>
 #include <string.h>
 #include <unistd.h>
@@ -1134,6 +1095,10 @@ dnl includes
 #include <stddef.h>
 #endif
 
+#ifdef HAVE_STDARG_H
+#include <stdarg.h>
+#endif
+
 #ifdef HAVE_STDINT_H
 #include <stdint.h>
 #endif
@@ -1167,6 +1132,12 @@ dnl includes
 #ifdef HAVE_WS2TCPIP_H
 #include <ws2tcpip.h>
 #endif
+
+#ifndef USE_WINSOCK
+#define ARG_LL "%ll"
+#else
+#define ARG_LL "%I64"
+#endif
 ]
 
 AHX_CONFIG_FORMAT_ATTRIBUTE
@@ -1178,6 +1149,7 @@ AHX_CONFIG_INET_PTON(unbound)
 AHX_CONFIG_INET_NTOP(unbound)
 AHX_CONFIG_INET_ATON(unbound)
 AHX_CONFIG_MEMMOVE(unbound)
+AHX_CONFIG_STRLCAT(unbound)
 AHX_CONFIG_STRLCPY(unbound)
 AHX_CONFIG_GMTIME_R(unbound)
 AHX_CONFIG_W32_SLEEP

daemon/acl_list.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -103,6 +103,10 @@ acl_list_str_cfg(struct acl_list* acl, const char* str, const char* s2,
 		control = acl_deny;
 	else if(strcmp(s2, "refuse") == 0)
 		control = acl_refuse;
+	else if(strcmp(s2, "deny_non_local") == 0)
+		control = acl_deny_non_local;
+	else if(strcmp(s2, "refuse_non_local") == 0)
+		control = acl_refuse_non_local;
 	else if(strcmp(s2, "allow_snoop") == 0)
 		control = acl_allow_snoop;
 	else {

daemon/acl_list.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -55,6 +55,10 @@ enum acl_access {
 	acl_deny = 0,
 	/** disallow access, send a polite 'REFUSED' reply */
 	acl_refuse,
+	/** disallow any access to zones that aren't local, drop it */
+	acl_deny_non_local,
+	/** disallow access to zones that aren't local, 'REFUSED' reply */
+	acl_refuse_non_local,
 	/** allow full access for recursion (+RD) queries */
 	acl_allow,
 	/** allow full access for all queries, recursion and cache snooping */

daemon/cachedump.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -40,7 +40,7 @@
  * to text format.
  */
 #include "config.h"
-#include <ldns/ldns.h>
+#include <openssl/ssl.h>
 #include "daemon/cachedump.h"
 #include "daemon/remote.h"
 #include "daemon/worker.h"
@@ -56,64 +56,19 @@
 #include "iterator/iter_utils.h"
 #include "iterator/iter_fwd.h"
 #include "iterator/iter_hints.h"
-
-/** convert to ldns rr */
-static ldns_rr*
-to_rr(struct ub_packed_rrset_key* k, struct packed_rrset_data* d, 
-	time_t now, size_t i, uint16_t type)
-{
-	ldns_rr* rr = ldns_rr_new();
-	ldns_rdf* rdf;
-	ldns_status status;
-	size_t pos;
-	log_assert(i < d->count + d->rrsig_count);
-	if(!rr) {
-		return NULL;
-	}
-	ldns_rr_set_type(rr, type);
-	ldns_rr_set_class(rr, ntohs(k->rk.rrset_class));
-	if(d->rr_ttl[i] < now)
-		ldns_rr_set_ttl(rr, 0);
-	else	ldns_rr_set_ttl(rr, d->rr_ttl[i] - now);
-	pos = 0;
-	status = ldns_wire2dname(&rdf, k->rk.dname, k->rk.dname_len, &pos);
-	if(status != LDNS_STATUS_OK) {
-		/* we drop detailed error in status */
-		ldns_rr_free(rr);
-		return NULL;
-	}
-	ldns_rr_set_owner(rr, rdf);
-	pos = 0;
-	status = ldns_wire2rdf(rr, d->rr_data[i], d->rr_len[i], &pos);
-	if(status != LDNS_STATUS_OK) {
-		/* we drop detailed error in status */
-		ldns_rr_free(rr);
-		return NULL;
-	}
-	return rr;
-}
+#include "ldns/sbuffer.h"
+#include "ldns/wire2str.h"
+#include "ldns/str2wire.h"
 
 /** dump one rrset zonefile line */
 static int
-dump_rrset_line(SSL* ssl, struct ub_packed_rrset_key* k,
-        struct packed_rrset_data* d, time_t now, size_t i, uint16_t type)
+dump_rrset_line(SSL* ssl, struct ub_packed_rrset_key* k, time_t now, size_t i)
 {
-	char* s;
-	ldns_rr* rr = to_rr(k, d, now, i, type);
-	if(!rr) {
+	char s[65535];
+	if(!packed_rr_to_string(k, i, now, s, sizeof(s))) {
 		return ssl_printf(ssl, "BADRR\n");
 	}
-	s = ldns_rr2str(rr);
-	ldns_rr_free(rr);
-	if(!s) {
-		return ssl_printf(ssl, "BADRR\n");
-	}
-	if(!ssl_printf(ssl, "%s", s)) {
-		free(s);
-		return 0;
-	}
-	free(s);
-	return 1;
+	return ssl_printf(ssl, "%s", s);
 }
 
 /** dump rrset key and data info */
@@ -127,23 +82,17 @@ dump_rrset(SSL* ssl, struct ub_packed_rrset_key* k,
 	if(d->ttl < now) return 1; /* expired */
 
 	/* meta line */
-	if(!ssl_printf(ssl, ";rrset%s %lld %u %u %d %d\n",
+	if(!ssl_printf(ssl, ";rrset%s " ARG_LL "d %u %u %d %d\n",
 		(k->rk.flags & PACKED_RRSET_NSEC_AT_APEX)?" nsec_apex":"",
 		(long long)(d->ttl - now),
 		(unsigned)d->count, (unsigned)d->rrsig_count,
 		(int)d->trust, (int)d->security
 		)) 
 		return 0;
-	for(i=0; i<d->count; i++) {
-		if(!dump_rrset_line(ssl, k, d, now, i, ntohs(k->rk.type)))
+	for(i=0; i<d->count + d->rrsig_count; i++) {
+		if(!dump_rrset_line(ssl, k, now, i))
 			return 0;
 	}
-	for(i=0; i<d->rrsig_count; i++) {
-		if(!dump_rrset_line(ssl, k, d, now, i+d->count, 
-			LDNS_RR_TYPE_RRSIG))
-			return 0;
-	}
-	
 	return 1;
 }
 
@@ -189,20 +138,10 @@ dump_rrset_cache(SSL* ssl, struct worker* worker)
 static int
 dump_msg_ref(SSL* ssl, struct ub_packed_rrset_key* k)
 {
-	ldns_rdf* rdf;
-	ldns_status status;
-	size_t pos;
 	char* nm, *tp, *cl;
-
-	pos = 0;
-	status = ldns_wire2dname(&rdf, k->rk.dname, k->rk.dname_len, &pos);
-	if(status != LDNS_STATUS_OK) {
-		return ssl_printf(ssl, "BADREF\n");
-	}
-	nm = ldns_rdf2str(rdf);
-	ldns_rdf_deep_free(rdf);
-	tp = ldns_rr_type2str(ntohs(k->rk.type));
-	cl = ldns_rr_class2str(ntohs(k->rk.rrset_class));
+	nm = sldns_wire2str_dname(k->rk.dname, k->rk.dname_len);
+	tp = sldns_wire2str_type(ntohs(k->rk.type));
+	cl = sldns_wire2str_class(ntohs(k->rk.rrset_class));
 	if(!nm || !cl || !tp) {
 		free(nm);
 		free(tp);
@@ -229,21 +168,12 @@ dump_msg(SSL* ssl, struct query_info* k, struct reply_info* d,
 {
 	size_t i;
 	char* nm, *tp, *cl;
-	ldns_rdf* rdf;
-	ldns_status status;
-	size_t pos;
 	if(!k || !d) return 1;
 	if(d->ttl < now) return 1; /* expired */
 	
-	pos = 0;
-	status = ldns_wire2dname(&rdf, k->qname, k->qname_len, &pos);
-	if(status != LDNS_STATUS_OK) {
-		return 1; /* skip this entry */
-	}
-	nm = ldns_rdf2str(rdf);
-	ldns_rdf_deep_free(rdf);
-	tp = ldns_rr_type2str(k->qtype);
-	cl = ldns_rr_class2str(k->qclass);
+	nm = sldns_wire2str_dname(k->qname, k->qname_len);
+	tp = sldns_wire2str_type(k->qtype);
+	cl = sldns_wire2str_class(k->qclass);
 	if(!nm || !tp || !cl) {
 		free(nm);
 		free(tp);
@@ -259,7 +189,7 @@ dump_msg(SSL* ssl, struct query_info* k, struct reply_info* d,
 	}
 	
 	/* meta line */
-	if(!ssl_printf(ssl, "msg %s %s %s %d %d %lld %d %u %u %u\n",
+	if(!ssl_printf(ssl, "msg %s %s %s %d %d " ARG_LL "d %d %u %u %u\n",
 			nm, cl, tp,
 			(int)d->flags, (int)d->qdcount, 
 			(long long)(d->ttl-now), (int)d->security,
@@ -369,96 +299,74 @@ dump_cache(SSL* ssl, struct worker* worker)
 
 /** read a line from ssl into buffer */
 static int
-ssl_read_buf(SSL* ssl, ldns_buffer* buf)
+ssl_read_buf(SSL* ssl, sldns_buffer* buf)
 {
-	return ssl_read_line(ssl, (char*)ldns_buffer_begin(buf), 
-		ldns_buffer_capacity(buf));
+	return ssl_read_line(ssl, (char*)sldns_buffer_begin(buf), 
+		sldns_buffer_capacity(buf));
 }
 
 /** check fixed text on line */
 static int
-read_fixed(SSL* ssl, ldns_buffer* buf, const char* str)
+read_fixed(SSL* ssl, sldns_buffer* buf, const char* str)
 {
 	if(!ssl_read_buf(ssl, buf)) return 0;
-	return (strcmp((char*)ldns_buffer_begin(buf), str) == 0);
+	return (strcmp((char*)sldns_buffer_begin(buf), str) == 0);
 }
 
 /** load an RR into rrset */
 static int
-load_rr(SSL* ssl, ldns_buffer* buf, struct regional* region,
+load_rr(SSL* ssl, sldns_buffer* buf, struct regional* region,
 	struct ub_packed_rrset_key* rk, struct packed_rrset_data* d,
 	unsigned int i, int is_rrsig, int* go_on, time_t now)
 {
-	ldns_rr* rr;
-	ldns_status status;
+	uint8_t rr[LDNS_RR_BUF_SIZE];
+	size_t rr_len = sizeof(rr), dname_len = 0;
+	int status;
 
 	/* read the line */
 	if(!ssl_read_buf(ssl, buf))
 		return 0;
-	if(strncmp((char*)ldns_buffer_begin(buf), "BADRR\n", 6) == 0) {
+	if(strncmp((char*)sldns_buffer_begin(buf), "BADRR\n", 6) == 0) {
 		*go_on = 0;
 		return 1;
 	}
-	status = ldns_rr_new_frm_str(&rr, (char*)ldns_buffer_begin(buf),
-		LDNS_DEFAULT_TTL, NULL, NULL);
-	if(status != LDNS_STATUS_OK) {
+	status = sldns_str2wire_rr_buf((char*)sldns_buffer_begin(buf), rr,
+		&rr_len, &dname_len, 3600, NULL, 0, NULL, 0);
+	if(status != 0) {
 		log_warn("error cannot parse rr: %s: %s",
-			ldns_get_errorstr_by_id(status),
-			(char*)ldns_buffer_begin(buf));
+			sldns_get_errorstr_parse(status),
+			(char*)sldns_buffer_begin(buf));
 		return 0;
 	}
-	if(is_rrsig && ldns_rr_get_type(rr) != LDNS_RR_TYPE_RRSIG) {
+	if(is_rrsig && sldns_wirerr_get_type(rr, rr_len, dname_len)
+		!= LDNS_RR_TYPE_RRSIG) {
 		log_warn("error expected rrsig but got %s",
-			(char*)ldns_buffer_begin(buf));
+			(char*)sldns_buffer_begin(buf));
 		return 0;
 	}
 
 	/* convert ldns rr into packed_rr */
-	d->rr_ttl[i] = ldns_rr_ttl(rr) + now;
-	ldns_buffer_clear(buf);
-	ldns_buffer_skip(buf, 2);
-	status = ldns_rr_rdata2buffer_wire(buf, rr);
-	if(status != LDNS_STATUS_OK) {
-		log_warn("error cannot rr2wire: %s",
-			ldns_get_errorstr_by_id(status));
-		ldns_rr_free(rr);
-		return 0;
-	}
-	ldns_buffer_flip(buf);
-	ldns_buffer_write_u16_at(buf, 0, ldns_buffer_limit(buf) - 2);
-
-	d->rr_len[i] = ldns_buffer_limit(buf);
+	d->rr_ttl[i] = (time_t)sldns_wirerr_get_ttl(rr, rr_len, dname_len) + now;
+	sldns_buffer_clear(buf);
+	d->rr_len[i] = sldns_wirerr_get_rdatalen(rr, rr_len, dname_len)+2;
 	d->rr_data[i] = (uint8_t*)regional_alloc_init(region, 
-		ldns_buffer_begin(buf), ldns_buffer_limit(buf));
+		sldns_wirerr_get_rdatawl(rr, rr_len, dname_len), d->rr_len[i]);
 	if(!d->rr_data[i]) {
-		ldns_rr_free(rr);
 		log_warn("error out of memory");
 		return 0;
 	}
 
 	/* if first entry, fill the key structure */
 	if(i==0) {
-		rk->rk.type = htons(ldns_rr_get_type(rr));
-		rk->rk.rrset_class = htons(ldns_rr_get_class(rr));
-		ldns_buffer_clear(buf);
-		status = ldns_dname2buffer_wire(buf, ldns_rr_owner(rr));
-		if(status != LDNS_STATUS_OK) {
-			log_warn("error cannot dname2buffer: %s",
-				ldns_get_errorstr_by_id(status));
-			ldns_rr_free(rr);
-			return 0;
-		}
-		ldns_buffer_flip(buf);
-		rk->rk.dname_len = ldns_buffer_limit(buf);
-		rk->rk.dname = regional_alloc_init(region, 
-			ldns_buffer_begin(buf), ldns_buffer_limit(buf));
+		rk->rk.type = htons(sldns_wirerr_get_type(rr, rr_len, dname_len));
+		rk->rk.rrset_class = htons(sldns_wirerr_get_class(rr, rr_len, dname_len));
+		rk->rk.dname_len = dname_len;
+		rk->rk.dname = regional_alloc_init(region, rr, dname_len);
 		if(!rk->rk.dname) {
 			log_warn("error out of memory");
-			ldns_rr_free(rr);
 			return 0;
 		}
 	}
-	ldns_rr_free(rr);
 
 	return 1;
 }
@@ -524,9 +432,9 @@ move_into_cache(struct ub_packed_rrset_key* k,
 
 /** load an rrset entry */
 static int
-load_rrset(SSL* ssl, ldns_buffer* buf, struct worker* worker)
+load_rrset(SSL* ssl, sldns_buffer* buf, struct worker* worker)
 {
-	char* s = (char*)ldns_buffer_begin(buf);
+	char* s = (char*)sldns_buffer_begin(buf);
 	struct regional* region = worker->scratchpad;
 	struct ub_packed_rrset_key* rk;
 	struct packed_rrset_data* d;
@@ -553,7 +461,7 @@ load_rrset(SSL* ssl, ldns_buffer* buf, struct worker* worker)
 		s += 10;
 		rk->rk.flags |= PACKED_RRSET_NSEC_AT_APEX;
 	}
-	if(sscanf(s, " %lld %u %u %u %u", &ttl, &rr_count, &rrsig_count,
+	if(sscanf(s, " " ARG_LL "d %u %u %u %u", &ttl, &rr_count, &rrsig_count,
 		&trust, &security) != 5) {
 		log_warn("error bad rrset spec %s", s);
 		return 0;
@@ -606,10 +514,10 @@ load_rrset(SSL* ssl, ldns_buffer* buf, struct worker* worker)
 static int
 load_rrset_cache(SSL* ssl, struct worker* worker)
 {
-	ldns_buffer* buf = worker->env.scratch_buffer;
+	sldns_buffer* buf = worker->env.scratch_buffer;
 	if(!read_fixed(ssl, buf, "START_RRSET_CACHE")) return 0;
 	while(ssl_read_buf(ssl, buf) && 
-		strcmp((char*)ldns_buffer_begin(buf), "END_RRSET_CACHE")!=0) {
+		strcmp((char*)sldns_buffer_begin(buf), "END_RRSET_CACHE")!=0) {
 		if(!load_rrset(ssl, buf, worker))
 			return 0;
 	}
@@ -618,13 +526,13 @@ load_rrset_cache(SSL* ssl, struct worker* worker)
 
 /** read qinfo from next three words */
 static char*
-load_qinfo(char* str, struct query_info* qinfo, ldns_buffer* buf, 
-	struct regional* region)
+load_qinfo(char* str, struct query_info* qinfo, struct regional* region)
 {
 	/* s is part of the buf */
 	char* s = str;
-	ldns_rr* rr;
-	ldns_status status;
+	uint8_t rr[LDNS_RR_BUF_SIZE];
+	size_t rr_len = sizeof(rr), dname_len = 0;
+	int status;
 
 	/* skip three words */
 	s = strchr(str, ' ');
@@ -638,26 +546,17 @@ load_qinfo(char* str, struct query_info* qinfo, ldns_buffer* buf,
 	s++;
 
 	/* parse them */
-	status = ldns_rr_new_question_frm_str(&rr, str, NULL, NULL);
-	if(status != LDNS_STATUS_OK) {
+	status = sldns_str2wire_rr_question_buf(str, rr, &rr_len, &dname_len,
+		NULL, 0, NULL, 0);
+	if(status != 0) {
 		log_warn("error cannot parse: %s %s",
-			ldns_get_errorstr_by_id(status), str);
+			sldns_get_errorstr_parse(status), str);
 		return NULL;
 	}
-	qinfo->qtype = ldns_rr_get_type(rr);
-	qinfo->qclass = ldns_rr_get_class(rr);
-	ldns_buffer_clear(buf);
-	status = ldns_dname2buffer_wire(buf, ldns_rr_owner(rr));
-	ldns_rr_free(rr);
-	if(status != LDNS_STATUS_OK) {
-		log_warn("error cannot dname2wire: %s", 
-			ldns_get_errorstr_by_id(status));
-		return NULL;
-	}
-	ldns_buffer_flip(buf);
-	qinfo->qname_len = ldns_buffer_limit(buf);
-	qinfo->qname = (uint8_t*)regional_alloc_init(region, 
-		ldns_buffer_begin(buf), ldns_buffer_limit(buf));
+	qinfo->qtype = sldns_wirerr_get_type(rr, rr_len, dname_len);
+	qinfo->qclass = sldns_wirerr_get_class(rr, rr_len, dname_len);
+	qinfo->qname_len = dname_len;
+	qinfo->qname = (uint8_t*)regional_alloc_init(region, rr, dname_len);
 	if(!qinfo->qname) {
 		log_warn("error out of memory");
 		return NULL;
@@ -668,11 +567,11 @@ load_qinfo(char* str, struct query_info* qinfo, ldns_buffer* buf,
 
 /** load a msg rrset reference */
 static int
-load_ref(SSL* ssl, ldns_buffer* buf, struct worker* worker, 
+load_ref(SSL* ssl, sldns_buffer* buf, struct worker* worker, 
 	struct regional *region, struct ub_packed_rrset_key** rrset, 
 	int* go_on)
 {
-	char* s = (char*)ldns_buffer_begin(buf);
+	char* s = (char*)sldns_buffer_begin(buf);
 	struct query_info qinfo;
 	unsigned int flags;
 	struct ub_packed_rrset_key* k;
@@ -685,7 +584,7 @@ load_ref(SSL* ssl, ldns_buffer* buf, struct worker* worker,
 		return 1;
 	}
 
-	s = load_qinfo(s, &qinfo, buf, region);
+	s = load_qinfo(s, &qinfo, region);
 	if(!s) {
 		return 0;
 	}
@@ -713,12 +612,12 @@ load_ref(SSL* ssl, ldns_buffer* buf, struct worker* worker,
 
 /** load a msg entry */
 static int
-load_msg(SSL* ssl, ldns_buffer* buf, struct worker* worker)
+load_msg(SSL* ssl, sldns_buffer* buf, struct worker* worker)
 {
 	struct regional* region = worker->scratchpad;
 	struct query_info qinf;
 	struct reply_info rep;
-	char* s = (char*)ldns_buffer_begin(buf);
+	char* s = (char*)sldns_buffer_begin(buf);
 	unsigned int flags, qdcount, security, an, ns, ar;
 	long long ttl;
 	size_t i;
@@ -731,13 +630,13 @@ load_msg(SSL* ssl, ldns_buffer* buf, struct worker* worker)
 		return 0;
 	}
 	s += 4;
-	s = load_qinfo(s, &qinf, buf, region);
+	s = load_qinfo(s, &qinf, region);
 	if(!s) {
 		return 0;
 	}
 
 	/* read remainder of line */
-	if(sscanf(s, " %u %u %lld %u %u %u %u", &flags, &qdcount, &ttl, 
+	if(sscanf(s, " %u %u " ARG_LL "d %u %u %u %u", &flags, &qdcount, &ttl, 
 		&security, &an, &ns, &ar) != 7) {
 		log_warn("error cannot parse numbers: %s", s);
 		return 0;
@@ -776,10 +675,10 @@ load_msg(SSL* ssl, ldns_buffer* buf, struct worker* worker)
 static int
 load_msg_cache(SSL* ssl, struct worker* worker)
 {
-	ldns_buffer* buf = worker->env.scratch_buffer;
+	sldns_buffer* buf = worker->env.scratch_buffer;
 	if(!read_fixed(ssl, buf, "START_MSG_CACHE")) return 0;
 	while(ssl_read_buf(ssl, buf) && 
-		strcmp((char*)ldns_buffer_begin(buf), "END_MSG_CACHE")!=0) {
+		strcmp((char*)sldns_buffer_begin(buf), "END_MSG_CACHE")!=0) {
 		if(!load_msg(ssl, buf, worker))
 			return 0;
 	}
@@ -843,8 +742,8 @@ print_dp_details(SSL* ssl, struct worker* worker, struct delegpt* dp)
 				return;
 			continue; /* skip stuff not in infra cache */
 		}
-		if(!ssl_printf(ssl, "%s%s%s%srto %d msec, ttl %lld, ping %d "
-			"var %d rtt %d, tA %d, tAAAA %d, tother %d",
+		if(!ssl_printf(ssl, "%s%s%s%srto %d msec, ttl " ARG_LL "d, "
+			"ping %d var %d rtt %d, tA %d, tAAAA %d, tother %d",
 			lame?"LAME ":"", dlame?"NoDNSSEC ":"",
 			a->lame?"AddrWasParentSide ":"",
 			rlame?"NoAuthButRecursive ":"", rto, entry_ttl,

daemon/cachedump.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

daemon/daemon.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -56,12 +56,16 @@
 #include <openssl/engine.h>
 #endif
 
+#ifdef HAVE_TIME_H
+#include <time.h>
+#endif
+#include <sys/time.h>
+
 #ifdef HAVE_NSS
 /* nss3 */
 #include "nss.h"
 #endif
 
-#include <ldns/ldns.h>
 #include "daemon/daemon.h"
 #include "daemon/worker.h"
 #include "daemon/remote.h"
@@ -80,6 +84,7 @@
 #include "util/random.h"
 #include "util/tube.h"
 #include "util/net_help.h"
+#include "ldns/keyraw.h"
 #include <signal.h>
 
 /** How many quit requests happened. */
@@ -203,7 +208,7 @@ daemon_init(void)
 	OPENSSL_config("unbound");
 #  endif
 #  ifdef USE_GOST
-	(void)ldns_key_EVP_load_gost_id();
+	(void)sldns_key_EVP_load_gost_id();
 #  endif
 	OpenSSL_add_all_algorithms();
 #  if HAVE_DECL_SSL_COMP_GET_COMPRESSION_METHODS
@@ -250,9 +255,55 @@ daemon_open_shared_ports(struct daemon* daemon)
 {
 	log_assert(daemon);
 	if(daemon->cfg->port != daemon->listening_port) {
-		listening_ports_free(daemon->ports);
-		if(!(daemon->ports=listening_ports_open(daemon->cfg)))
+		size_t i;
+		int reuseport = 0;
+		struct listen_port* p0;
+		/* free and close old ports */
+		if(daemon->ports != NULL) {
+			for(i=0; i<daemon->num_ports; i++)
+				listening_ports_free(daemon->ports[i]);
+			free(daemon->ports);
+			daemon->ports = NULL;
+		}
+		/* see if we want to reuseport */
+#if defined(__linux__) && defined(SO_REUSEPORT)
+		if(daemon->cfg->so_reuseport && daemon->cfg->num_threads > 0)
+			reuseport = 1;
+#endif
+		/* try to use reuseport */
+		p0 = listening_ports_open(daemon->cfg, &reuseport);
+		if(!p0) {
+			listening_ports_free(p0);
 			return 0;
+		}
+		if(reuseport) {
+			/* reuseport was successful, allocate for it */
+			daemon->num_ports = (size_t)daemon->cfg->num_threads;
+		} else {
+			/* do the normal, singleportslist thing,
+			 * reuseport not enabled or did not work */
+			daemon->num_ports = 1;
+		}
+		if(!(daemon->ports = (struct listen_port**)calloc(
+			daemon->num_ports, sizeof(*daemon->ports)))) {
+			listening_ports_free(p0);
+			return 0;
+		}
+		daemon->ports[0] = p0;
+		if(reuseport) {
+			/* continue to use reuseport */
+			for(i=1; i<daemon->num_ports; i++) {
+				if(!(daemon->ports[i]=
+					listening_ports_open(daemon->cfg,
+						&reuseport)) || !reuseport ) {
+					for(i=0; i<daemon->num_ports; i++)
+						listening_ports_free(daemon->ports[i]);
+					free(daemon->ports);
+					daemon->ports = NULL;
+					return 0;
+				}
+			}
+		}
 		daemon->listening_port = daemon->cfg->port;
 	}
 	if(!daemon->cfg->remote_control_enable && daemon->rc_port) {
@@ -389,6 +440,7 @@ static void*
 thread_start(void* arg)
 {
 	struct worker* worker = (struct worker*)arg;
+	int port_num = 0;
 	log_thread_set(&worker->thread_num);
 	ub_thread_blocksigs();
 #ifdef THREADS_DISABLED
@@ -396,7 +448,14 @@ thread_start(void* arg)
 	tube_close_write(worker->cmd);
 	close_other_pipes(worker->daemon, worker->thread_num);
 #endif
-	if(!worker_init(worker, worker->daemon->cfg, worker->daemon->ports, 0))
+#if defined(__linux__) && defined(SO_REUSEPORT)
+	if(worker->daemon->cfg->so_reuseport)
+		port_num = worker->thread_num;
+	else
+		port_num = 0;
+#endif
+	if(!worker_init(worker, worker->daemon->cfg,
+			worker->daemon->ports[port_num], 0))
 		fatal_exit("Could not initialize thread");
 
 	worker_work(worker);
@@ -469,7 +528,7 @@ daemon_fork(struct daemon* daemon)
 
 #if defined(HAVE_EV_LOOP) || defined(HAVE_EV_DEFAULT_LOOP)
 	/* in libev the first inited base gets signals */
-	if(!worker_init(daemon->workers[0], daemon->cfg, daemon->ports, 1))
+	if(!worker_init(daemon->workers[0], daemon->cfg, daemon->ports[0], 1))
 		fatal_exit("Could not initialize main thread");
 #endif
 	
@@ -483,7 +542,7 @@ daemon_fork(struct daemon* daemon)
 	 */
 #if !(defined(HAVE_EV_LOOP) || defined(HAVE_EV_DEFAULT_LOOP))
 	/* libevent has the last inited base get signals (or any base) */
-	if(!worker_init(daemon->workers[0], daemon->cfg, daemon->ports, 1))
+	if(!worker_init(daemon->workers[0], daemon->cfg, daemon->ports[0], 1))
 		fatal_exit("Could not initialize main thread");
 #endif
 	signal_handling_playback(daemon->workers[0]);
@@ -529,11 +588,14 @@ daemon_cleanup(struct daemon* daemon)
 void 
 daemon_delete(struct daemon* daemon)
 {
+	size_t i;
 	if(!daemon)
 		return;
 	modstack_desetup(&daemon->mods, daemon->env);
 	daemon_remote_delete(daemon->rc);
-	listening_ports_free(daemon->ports);
+	for(i = 0; i < daemon->num_ports; i++)
+		listening_ports_free(daemon->ports[i]);
+	free(daemon->ports);
 	listening_ports_free(daemon->rc_ports);
 	if(daemon->env) {
 		slabhash_delete(daemon->env->msg_cache);
@@ -558,7 +620,7 @@ daemon_delete(struct daemon* daemon)
 	/* libcrypto cleanup */
 #ifdef HAVE_SSL
 #  if defined(USE_GOST) && defined(HAVE_LDNS_KEY_EVP_UNLOAD_GOST)
-	ldns_key_EVP_unload_gost();
+	sldns_key_EVP_unload_gost();
 #  endif
 #  if HAVE_DECL_SSL_COMP_GET_COMPRESSION_METHODS && HAVE_DECL_SK_SSL_COMP_POP_FREE
 #    ifndef S_SPLINT_S

daemon/daemon.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -72,8 +72,11 @@ struct daemon {
 	char* pidfile;
 	/** port number that has ports opened. */
 	int listening_port;
-	/** listening ports, opened, to be shared by threads */
-	struct listen_port* ports;
+	/** array of listening ports, opened.  Listening ports per worker,
+	 * or just one element[0] shared by the worker threads. */
+	struct listen_port** ports;
+	/** size of ports array */
+	size_t num_ports;
 	/** port number for remote that has ports opened. */
 	int rc_port;
 	/** listening ports for remote control */

daemon/remote.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -47,7 +47,6 @@
 #include <openssl/err.h>
 #endif
 #include <ctype.h>
-#include <ldns/ldns.h>
 #include "daemon/remote.h"
 #include "daemon/worker.h"
 #include "daemon/daemon.h"
@@ -75,6 +74,10 @@
 #include "iterator/iter_delegpt.h"
 #include "services/outbound_list.h"
 #include "services/outside_network.h"
+#include "ldns/str2wire.h"
+#include "ldns/parseutil.h"
+#include "ldns/wire2str.h"
+#include "ldns/sbuffer.h"
 
 #ifdef HAVE_SYS_TYPES_H
 #  include <sys/types.h>
@@ -268,7 +271,7 @@ add_open(const char* ip, int nr, struct listen_port** list, int noproto_is_err)
 	}
 
 	/* open fd */
-	fd = create_tcp_accept_sock(res, 1, &noproto);
+	fd = create_tcp_accept_sock(res, 1, &noproto, 0);
 	freeaddrinfo(res);
 	if(fd == -1 && noproto) {
 		if(!noproto_is_err)
@@ -629,7 +632,7 @@ print_stats(SSL* ssl, const char* nm, struct stats_info* s)
 	if(!ssl_printf(ssl, "%s.requestlist.current.user"SQ"%u\n", nm,
 		(unsigned)s->mesh_num_reply_states)) return 0;
 	timeval_divide(&avg, &s->mesh_replies_sum_wait, s->mesh_replies_sent);
-	if(!ssl_printf(ssl, "%s.recursion.time.avg"SQ"%lld.%6.6d\n", nm,
+	if(!ssl_printf(ssl, "%s.recursion.time.avg"SQ ARG_LL "d.%6.6d\n", nm,
 		(long long)avg.tv_sec, (int)avg.tv_usec)) return 0;
 	if(!ssl_printf(ssl, "%s.recursion.time.median"SQ"%g\n", nm, 
 		s->mesh_time_median)) return 0;
@@ -713,11 +716,11 @@ print_uptime(SSL* ssl, struct worker* worker, int reset)
 	timeval_subtract(&dt, &now, &worker->daemon->time_last_stat);
 	if(reset)
 		worker->daemon->time_last_stat = now;
-	if(!ssl_printf(ssl, "time.now"SQ"%lld.%6.6d\n", 
+	if(!ssl_printf(ssl, "time.now"SQ ARG_LL "d.%6.6d\n", 
 		(long long)now.tv_sec, (unsigned)now.tv_usec)) return 0;
-	if(!ssl_printf(ssl, "time.up"SQ"%lld.%6.6d\n", 
+	if(!ssl_printf(ssl, "time.up"SQ ARG_LL "d.%6.6d\n", 
 		(long long)up.tv_sec, (unsigned)up.tv_usec)) return 0;
-	if(!ssl_printf(ssl, "time.elapsed"SQ"%lld.%6.6d\n", 
+	if(!ssl_printf(ssl, "time.elapsed"SQ ARG_LL "d.%6.6d\n", 
 		(long long)dt.tv_sec, (unsigned)dt.tv_usec)) return 0;
 	return 1;
 }
@@ -756,13 +759,13 @@ print_ext(SSL* ssl, struct stats_info* s)
 {
 	int i;
 	char nm[16];
-	const ldns_rr_descriptor* desc;
-	const ldns_lookup_table* lt;
+	const sldns_rr_descriptor* desc;
+	const sldns_lookup_table* lt;
 	/* TYPE */
 	for(i=0; i<STATS_QTYPE_NUM; i++) {
 		if(inhibit_zero && s->svr.qtype[i] == 0)
 			continue;
-		desc = ldns_rr_descript((uint16_t)i);
+		desc = sldns_rr_descript((uint16_t)i);
 		if(desc && desc->_name) {
 			snprintf(nm, sizeof(nm), "%s", desc->_name);
 		} else if (i == LDNS_RR_TYPE_IXFR) {
@@ -789,7 +792,7 @@ print_ext(SSL* ssl, struct stats_info* s)
 	for(i=0; i<STATS_QCLASS_NUM; i++) {
 		if(inhibit_zero && s->svr.qclass[i] == 0)
 			continue;
-		lt = ldns_lookup_by_id(ldns_rr_classes, i);
+		lt = sldns_lookup_by_id(sldns_rr_classes, i);
 		if(lt && lt->name) {
 			snprintf(nm, sizeof(nm), "%s", lt->name);
 		} else {
@@ -806,7 +809,7 @@ print_ext(SSL* ssl, struct stats_info* s)
 	for(i=0; i<STATS_OPCODE_NUM; i++) {
 		if(inhibit_zero && s->svr.qopcode[i] == 0)
 			continue;
-		lt = ldns_lookup_by_id(ldns_opcodes, i);
+		lt = sldns_lookup_by_id(sldns_opcodes, i);
 		if(lt && lt->name) {
 			snprintf(nm, sizeof(nm), "%s", lt->name);
 		} else {
@@ -846,7 +849,7 @@ print_ext(SSL* ssl, struct stats_info* s)
 	for(i=0; i<STATS_RCODE_NUM; i++) {
 		if(inhibit_zero && s->svr.ans_rcode[i] == 0)
 			continue;
-		lt = ldns_lookup_by_id(ldns_rcodes, i);
+		lt = sldns_lookup_by_id(sldns_rcodes, i);
 		if(lt && lt->name) {
 			snprintf(nm, sizeof(nm), "%s", lt->name);
 		} else {
@@ -912,17 +915,20 @@ do_stats(SSL* ssl, struct daemon_remote* rc, int reset)
 static int
 parse_arg_name(SSL* ssl, char* str, uint8_t** res, size_t* len, int* labs)
 {
-	ldns_rdf* rdf;
+	uint8_t nm[LDNS_MAX_DOMAINLEN+1];
+	size_t nmlen = sizeof(nm);
+	int status;
 	*res = NULL;
 	*len = 0;
 	*labs = 0;
-	rdf = ldns_dname_new_frm_str(str);
-	if(!rdf) {
-		ssl_printf(ssl, "error cannot parse name %s\n", str);
+	status = sldns_str2wire_dname_buf(str, nm, &nmlen);
+	if(status != 0) {
+		ssl_printf(ssl, "error cannot parse name %s at %d: %s\n", str,
+			LDNS_WIREPARSE_OFFSET(status),
+			sldns_get_errorstr_parse(status));
 		return 0;
 	}
-	*res = memdup(ldns_rdf_data(rdf), ldns_rdf_size(rdf));
-	ldns_rdf_deep_free(rdf);
+	*res = memdup(nm, nmlen);
 	if(!*res) {
 		ssl_printf(ssl, "error out of memory\n");
 		return 0;
@@ -975,7 +981,7 @@ do_zone_add(SSL* ssl, struct worker* worker, char* arg)
 		free(nm);
 		return;
 	}
-	lock_quick_lock(&worker->daemon->local_zones->lock);
+	lock_rw_wrlock(&worker->daemon->local_zones->lock);
 	if((z=local_zones_find(worker->daemon->local_zones, nm, nmlen, 
 		nmlabs, LDNS_RR_CLASS_IN))) {
 		/* already present in tree */
@@ -983,17 +989,17 @@ do_zone_add(SSL* ssl, struct worker* worker, char* arg)
 		z->type = t; /* update type anyway */
 		lock_rw_unlock(&z->lock);
 		free(nm);
-		lock_quick_unlock(&worker->daemon->local_zones->lock);
+		lock_rw_unlock(&worker->daemon->local_zones->lock);
 		send_ok(ssl);
 		return;
 	}
 	if(!local_zones_add_zone(worker->daemon->local_zones, nm, nmlen, 
 		nmlabs, LDNS_RR_CLASS_IN, t)) {
-		lock_quick_unlock(&worker->daemon->local_zones->lock);
+		lock_rw_unlock(&worker->daemon->local_zones->lock);
 		ssl_printf(ssl, "error out of memory\n");
 		return;
 	}
-	lock_quick_unlock(&worker->daemon->local_zones->lock);
+	lock_rw_unlock(&worker->daemon->local_zones->lock);
 	send_ok(ssl);
 }
 
@@ -1007,13 +1013,13 @@ do_zone_remove(SSL* ssl, struct worker* worker, char* arg)
 	struct local_zone* z;
 	if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
 		return;
-	lock_quick_lock(&worker->daemon->local_zones->lock);
+	lock_rw_wrlock(&worker->daemon->local_zones->lock);
 	if((z=local_zones_find(worker->daemon->local_zones, nm, nmlen, 
 		nmlabs, LDNS_RR_CLASS_IN))) {
 		/* present in tree */
 		local_zones_del_zone(worker->daemon->local_zones, z);
 	}
-	lock_quick_unlock(&worker->daemon->local_zones->lock);
+	lock_rw_unlock(&worker->daemon->local_zones->lock);
 	free(nm);
 	send_ok(ssl);
 }
@@ -1022,8 +1028,7 @@ do_zone_remove(SSL* ssl, struct worker* worker, char* arg)
 static void
 do_data_add(SSL* ssl, struct worker* worker, char* arg)
 {
-	if(!local_zones_add_RR(worker->daemon->local_zones, arg,
-		worker->env.scratch_buffer)) {
+	if(!local_zones_add_RR(worker->daemon->local_zones, arg)) {
 		ssl_printf(ssl,"error in syntax or out of memory, %s\n", arg);
 		return;
 	}
@@ -1090,7 +1095,7 @@ do_flush_type(SSL* ssl, struct worker* worker, char* arg)
 		return;
 	if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
 		return;
-	t = ldns_get_rr_type_by_name(arg2);
+	t = sldns_get_rr_type_by_name(arg2);
 	do_cache_remove(worker, nm, nmlen, t, LDNS_RR_CLASS_IN);
 	
 	free(nm);
@@ -1388,9 +1393,9 @@ ssl_print_name_dp(SSL* ssl, char* str, uint8_t* nm, uint16_t dclass,
 	struct delegpt_addr* a;
 	int f = 0;
 	if(str) { /* print header for forward, stub */
-		char* c = ldns_rr_class2str(dclass);
+		char* c = sldns_wire2str_class(dclass);
 		dname_str(nm, buf);
-		if(!ssl_printf(ssl, "%s %s %s: ", buf, c, str)) {
+		if(!ssl_printf(ssl, "%s %s %s: ", buf, (c?c:"CLASS??"), str)) {
 			free(c);
 			return 0;
 		}
@@ -1571,7 +1576,7 @@ do_forward_add(SSL* ssl, struct worker* worker, char* args)
 	struct delegpt* dp = NULL;
 	if(!parse_fs_args(ssl, args, &nm, &dp, &insecure, NULL))
 		return;
-	if(insecure) {
+	if(insecure && worker->env.anchors) {
 		if(!anchors_add_insecure(worker->env.anchors, LDNS_RR_CLASS_IN,
 			nm)) {
 			(void)ssl_printf(ssl, "error out of memory\n");
@@ -1598,7 +1603,7 @@ do_forward_remove(SSL* ssl, struct worker* worker, char* args)
 	uint8_t* nm = NULL;
 	if(!parse_fs_args(ssl, args, &nm, NULL, &insecure, NULL))
 		return;
-	if(insecure)
+	if(insecure && worker->env.anchors)
 		anchors_delete_insecure(worker->env.anchors, LDNS_RR_CLASS_IN,
 			nm);
 	forwards_delete_zone(fwd, LDNS_RR_CLASS_IN, nm);
@@ -1616,7 +1621,7 @@ do_stub_add(SSL* ssl, struct worker* worker, char* args)
 	struct delegpt* dp = NULL;
 	if(!parse_fs_args(ssl, args, &nm, &dp, &insecure, &prime))
 		return;
-	if(insecure) {
+	if(insecure && worker->env.anchors) {
 		if(!anchors_add_insecure(worker->env.anchors, LDNS_RR_CLASS_IN,
 			nm)) {
 			(void)ssl_printf(ssl, "error out of memory\n");
@@ -1626,8 +1631,9 @@ do_stub_add(SSL* ssl, struct worker* worker, char* args)
 		}
 	}
 	if(!forwards_add_stub_hole(fwd, LDNS_RR_CLASS_IN, nm)) {
-		if(insecure) anchors_delete_insecure(worker->env.anchors,
-			LDNS_RR_CLASS_IN, nm);
+		if(insecure && worker->env.anchors)
+			anchors_delete_insecure(worker->env.anchors,
+				LDNS_RR_CLASS_IN, nm);
 		(void)ssl_printf(ssl, "error out of memory\n");
 		delegpt_free_mlc(dp);
 		free(nm);
@@ -1636,8 +1642,9 @@ do_stub_add(SSL* ssl, struct worker* worker, char* args)
 	if(!hints_add_stub(worker->env.hints, LDNS_RR_CLASS_IN, dp, !prime)) {
 		(void)ssl_printf(ssl, "error out of memory\n");
 		forwards_delete_stub_hole(fwd, LDNS_RR_CLASS_IN, nm);
-		if(insecure) anchors_delete_insecure(worker->env.anchors,
-			LDNS_RR_CLASS_IN, nm);
+		if(insecure && worker->env.anchors)
+			anchors_delete_insecure(worker->env.anchors,
+				LDNS_RR_CLASS_IN, nm);
 		free(nm);
 		return;
 	}
@@ -1654,7 +1661,7 @@ do_stub_remove(SSL* ssl, struct worker* worker, char* args)
 	uint8_t* nm = NULL;
 	if(!parse_fs_args(ssl, args, &nm, NULL, &insecure, NULL))
 		return;
-	if(insecure)
+	if(insecure && worker->env.anchors)
 		anchors_delete_insecure(worker->env.anchors, LDNS_RR_CLASS_IN,
 			nm);
 	forwards_delete_stub_hole(fwd, LDNS_RR_CLASS_IN, nm);
@@ -1672,10 +1679,13 @@ do_insecure_add(SSL* ssl, struct worker* worker, char* arg)
 	uint8_t* nm = NULL;
 	if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
 		return;
-	if(!anchors_add_insecure(worker->env.anchors, LDNS_RR_CLASS_IN, nm)) {
-		(void)ssl_printf(ssl, "error out of memory\n");
-		free(nm);
-		return;
+	if(worker->env.anchors) {
+		if(!anchors_add_insecure(worker->env.anchors,
+			LDNS_RR_CLASS_IN, nm)) {
+			(void)ssl_printf(ssl, "error out of memory\n");
+			free(nm);
+			return;
+		}
 	}
 	free(nm);
 	send_ok(ssl);
@@ -1690,7 +1700,9 @@ do_insecure_remove(SSL* ssl, struct worker* worker, char* arg)
 	uint8_t* nm = NULL;
 	if(!parse_arg_name(ssl, arg, &nm, &nmlen, &nmlabs))
 		return;
-	anchors_delete_insecure(worker->env.anchors, LDNS_RR_CLASS_IN, nm);
+	if(worker->env.anchors)
+		anchors_delete_insecure(worker->env.anchors,
+			LDNS_RR_CLASS_IN, nm);
 	free(nm);
 	send_ok(ssl);
 }
@@ -1716,7 +1728,7 @@ do_status(SSL* ssl, struct worker* worker)
 	if(!ssl_printf(ssl, " ]\n"))
 		return;
 	uptime = (time_t)time(NULL) - (time_t)worker->daemon->time_boot.tv_sec;
-	if(!ssl_printf(ssl, "uptime: %lld seconds\n", (long long)uptime))
+	if(!ssl_printf(ssl, "uptime: " ARG_LL "d seconds\n", (long long)uptime))
 		return;
 	if(!ssl_printf(ssl, "unbound (pid %d) is running...\n",
 		(int)getpid()))
@@ -1735,7 +1747,8 @@ get_mesh_age(struct mesh_state* m, char* buf, size_t len,
 		while(r && r->next)
 			r = r->next;
 		timeval_subtract(&d, env->now_tv, &r->start_time);
-		snprintf(buf, len, "%lld.%6.6d", (long long)d.tv_sec, (int)d.tv_usec);
+		snprintf(buf, len, ARG_LL "d.%6.6d",
+			(long long)d.tv_sec, (int)d.tv_usec);
 	} else {
 		snprintf(buf, len, "-");
 	}
@@ -1780,10 +1793,11 @@ get_mesh_status(struct mesh_area* mesh, struct mesh_state* m,
 		if(m->sub_set.count == 0)
 			snprintf(buf, len, " (empty_list)");
 		RBTREE_FOR(sub, struct mesh_state_ref*, &m->sub_set) {
-			char* t = ldns_rr_type2str(sub->s->s.qinfo.qtype);
-			char* c = ldns_rr_class2str(sub->s->s.qinfo.qclass);
+			char* t = sldns_wire2str_type(sub->s->s.qinfo.qtype);
+			char* c = sldns_wire2str_class(sub->s->s.qinfo.qclass);
 			dname_str(sub->s->s.qinfo.qname, nm);
-			snprintf(buf, len, " %s %s %s", t, c, nm);
+			snprintf(buf, len, " %s %s %s", (t?t:"TYPE??"),
+				(c?c:"CLASS??"), nm);
 			l = strlen(buf);
 			buf += l; len -= l;
 			free(t);
@@ -1812,13 +1826,14 @@ do_dump_requestlist(SSL* ssl, struct worker* worker)
 	mesh = worker->env.mesh;
 	if(!mesh) return;
 	RBTREE_FOR(m, struct mesh_state*, &mesh->all) {
-		char* t = ldns_rr_type2str(m->s.qinfo.qtype);
-		char* c = ldns_rr_class2str(m->s.qinfo.qclass);
+		char* t = sldns_wire2str_type(m->s.qinfo.qtype);
+		char* c = sldns_wire2str_class(m->s.qinfo.qclass);
 		dname_str(m->s.qinfo.qname, buf);
 		get_mesh_age(m, timebuf, sizeof(timebuf), &worker->env);
 		get_mesh_status(mesh, m, statbuf, sizeof(statbuf));
 		if(!ssl_printf(ssl, "%3d %4s %2s %s %s %s\n", 
-			num, t, c, buf, timebuf, statbuf)) {
+			num, (t?t:"TYPE??"), (c?c:"CLASS??"), buf, timebuf,
+			statbuf)) {
 			free(t);
 			free(c);
 			return;
@@ -1959,7 +1974,7 @@ do_list_local_zones(SSL* ssl, struct worker* worker)
 	struct local_zones* zones = worker->daemon->local_zones;
 	struct local_zone* z;
 	char buf[257];
-	lock_quick_lock(&zones->lock);
+	lock_rw_rdlock(&zones->lock);
 	RBTREE_FOR(z, struct local_zone*, &zones->ztree) {
 		lock_rw_rdlock(&z->lock);
 		dname_str(z->name, buf);
@@ -1967,7 +1982,7 @@ do_list_local_zones(SSL* ssl, struct worker* worker)
 			local_zone_type2str(z->type));
 		lock_rw_unlock(&z->lock);
 	}
-	lock_quick_unlock(&zones->lock);
+	lock_rw_unlock(&zones->lock);
 }
 
 /** do the list_local_data command */
@@ -1978,22 +1993,30 @@ do_list_local_data(SSL* ssl, struct worker* worker)
 	struct local_zone* z;
 	struct local_data* d;
 	struct local_rrset* p;
-	lock_quick_lock(&zones->lock);
+	char* s = (char*)sldns_buffer_begin(worker->env.scratch_buffer);
+	size_t slen = sldns_buffer_capacity(worker->env.scratch_buffer);
+	lock_rw_rdlock(&zones->lock);
 	RBTREE_FOR(z, struct local_zone*, &zones->ztree) {
 		lock_rw_rdlock(&z->lock);
 		RBTREE_FOR(d, struct local_data*, &z->data) {
 			for(p = d->rrsets; p; p = p->next) {
-				ldns_rr_list* rr = packed_rrset_to_rr_list(
-					p->rrset, worker->env.scratch_buffer);
-				char* str = ldns_rr_list2str(rr);
-				(void)ssl_printf(ssl, "%s", str);
-				free(str);
-				ldns_rr_list_free(rr);
+				struct packed_rrset_data* d =
+					(struct packed_rrset_data*)p->rrset->entry.data;
+				size_t i;
+				for(i=0; i<d->count + d->rrsig_count; i++) {
+					if(!packed_rr_to_string(p->rrset, i,
+						0, s, slen)) {
+						if(!ssl_printf(ssl, "BADRR\n"))
+							return;
+					}
+				        if(!ssl_printf(ssl, "%s\n", s))
+						return;
+				}
 			}
 		}
 		lock_rw_unlock(&z->lock);
 	}
-	lock_quick_unlock(&zones->lock);
+	lock_rw_unlock(&zones->lock);
 }
 
 /** tell other processes to execute the command */

daemon/remote.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

daemon/stats.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -40,7 +40,11 @@
  * numbers. These 'statistics' may be of interest to the operator.
  */
 #include "config.h"
-#include <ldns/wire2host.h>
+#ifdef HAVE_TIME_H
+#include <time.h>
+#endif
+#include <sys/time.h>
+#include <sys/types.h>
 #include "daemon/stats.h"
 #include "daemon/worker.h"
 #include "daemon/daemon.h"
@@ -51,6 +55,7 @@
 #include "util/timehist.h"
 #include "util/net_help.h"
 #include "validator/validator.h"
+#include "ldns/sbuffer.h"
 
 /** add timers and the values do not overflow or become negative */
 static void
@@ -257,14 +262,14 @@ void server_stats_insquery(struct server_stats* stats, struct comm_point* c,
 	uint16_t qtype, uint16_t qclass, struct edns_data* edns,
 	struct comm_reply* repinfo)
 {
-	uint16_t flags = ldns_buffer_read_u16_at(c->buffer, 2);
+	uint16_t flags = sldns_buffer_read_u16_at(c->buffer, 2);
 	if(qtype < STATS_QTYPE_NUM)
 		stats->qtype[qtype]++;
 	else	stats->qtype_big++;
 	if(qclass < STATS_QCLASS_NUM)
 		stats->qclass[qclass]++;
 	else	stats->qclass_big++;
-	stats->qopcode[ LDNS_OPCODE_WIRE(ldns_buffer_begin(c->buffer)) ]++;
+	stats->qopcode[ LDNS_OPCODE_WIRE(sldns_buffer_begin(c->buffer)) ]++;
 	if(c->type != comm_udp)
 		stats->qtcp++;
 	if(repinfo && addr_is_ip6(&repinfo->addr, repinfo->addrlen))
@@ -292,12 +297,12 @@ void server_stats_insquery(struct server_stats* stats, struct comm_point* c,
 	}
 }
 
-void server_stats_insrcode(struct server_stats* stats, ldns_buffer* buf)
+void server_stats_insrcode(struct server_stats* stats, sldns_buffer* buf)
 {
-	if(stats->extended && ldns_buffer_limit(buf) != 0) {
-		int r = (int)LDNS_RCODE_WIRE( ldns_buffer_begin(buf) );
+	if(stats->extended && sldns_buffer_limit(buf) != 0) {
+		int r = (int)LDNS_RCODE_WIRE( sldns_buffer_begin(buf) );
 		stats->ans_rcode[r] ++;
-		if(r == 0 && LDNS_ANCOUNT( ldns_buffer_begin(buf) ) == 0)
+		if(r == 0 && LDNS_ANCOUNT( sldns_buffer_begin(buf) ) == 0)
 			stats->ans_rcode_nodata ++;
 	}
 }

daemon/stats.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -43,12 +43,12 @@
 #ifndef DAEMON_STATS_H
 #define DAEMON_STATS_H
 #include "util/timehist.h"
-#include <ldns/buffer.h>
 struct worker;
 struct config_file;
 struct comm_point;
 struct comm_reply;
 struct edns_data;
+struct sldns_buffer;
 
 /** number of qtype that is stored for in array */
 #define STATS_QTYPE_NUM 256
@@ -230,6 +230,6 @@ void server_stats_insquery(struct server_stats* stats, struct comm_point* c,
  * @param stats: the stats
  * @param buf: buffer with rcode. If buffer is length0: not counted.
  */
-void server_stats_insrcode(struct server_stats* stats, ldns_buffer* buf);
+void server_stats_insrcode(struct server_stats* stats, struct sldns_buffer* buf);
 
 #endif /* DAEMON_STATS_H */

daemon/unbound.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
  */
 
@@ -66,9 +66,12 @@
 #include <grp.h>
 #endif
 
+#ifndef S_SPLINT_S
+/* splint chokes on this system header file */
 #ifdef HAVE_SYS_RESOURCE_H
 #include <sys/resource.h>
 #endif
+#endif /* S_SPLINT_S */
 #ifdef HAVE_LOGIN_CAP_H
 #include <login_cap.h>
 #endif
@@ -162,8 +165,8 @@ static void usage()
 #endif
 	printf("Version %s\n", PACKAGE_VERSION);
 	get_event_sys(&evnm, &evsys, &evmethod);
-	printf("linked libs: %s %s (it uses %s), ldns %s, %s\n", 
-		evnm, evsys, evmethod, ldns_version(), 
+	printf("linked libs: %s %s (it uses %s), %s\n", 
+		evnm, evsys, evmethod,
 #ifdef HAVE_SSL
 		SSLeay_version(SSLEAY_VERSION)
 #elif defined(HAVE_NSS)
@@ -192,6 +195,7 @@ int replay_var_compare(const void* ATTR_UNUSED(a), const void* ATTR_UNUSED(b))
 static void
 checkrlimits(struct config_file* cfg)
 {
+#ifndef S_SPLINT_S
 #ifdef HAVE_GETRLIMIT
 	/* list has number of ports to listen to, ifs number addresses */
 	int list = ((cfg->do_udp?1:0) + (cfg->do_tcp?1 + 
@@ -282,6 +286,7 @@ checkrlimits(struct config_file* cfg)
 #else	
 	(void)cfg;
 #endif /* HAVE_GETRLIMIT */
+#endif /* S_SPLINT_S */
 }
 
 /** set verbosity, check rlimits, cache settings */

daemon/worker.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -40,7 +40,6 @@
  * pending requests.
  */
 #include "config.h"
-#include <ldns/wire2host.h>
 #include "util/log.h"
 #include "util/net_help.h"
 #include "util/random.h"
@@ -70,6 +69,7 @@
 #include "iterator/iter_hints.h"
 #include "validator/autotrust.h"
 #include "validator/val_anchor.h"
+#include "ldns/sbuffer.h"
 
 #ifdef HAVE_SYS_TYPES_H
 #  include <sys/types.h>
@@ -179,7 +179,7 @@ worker_mem_report(struct worker* ATTR_UNUSED(worker),
 		+ sizeof(worker->rndstate) 
 		+ regional_get_mem(worker->scratchpad) 
 		+ sizeof(*worker->env.scratch_buffer) 
-		+ ldns_buffer_capacity(worker->env.scratch_buffer)
+		+ sldns_buffer_capacity(worker->env.scratch_buffer)
 		+ forwards_get_mem(worker->env.fwds)
 		+ hints_get_mem(worker->env.hints);
 	if(worker->thread_num == 0)
@@ -241,10 +241,10 @@ worker_handle_reply(struct comm_point* c, void* arg, int error,
 		return 0;
 	}
 	/* sanity check. */
-	if(!LDNS_QR_WIRE(ldns_buffer_begin(c->buffer))
-		|| LDNS_OPCODE_WIRE(ldns_buffer_begin(c->buffer)) != 
+	if(!LDNS_QR_WIRE(sldns_buffer_begin(c->buffer))
+		|| LDNS_OPCODE_WIRE(sldns_buffer_begin(c->buffer)) != 
 			LDNS_PACKET_QUERY
-		|| LDNS_QDCOUNT(ldns_buffer_begin(c->buffer)) > 1) {
+		|| LDNS_QDCOUNT(sldns_buffer_begin(c->buffer)) > 1) {
 		/* error becomes timeout for the module as if this reply
 		 * never arrived. */
 		mesh_report_reply(worker->env.mesh, &e, reply_info, 
@@ -272,10 +272,10 @@ worker_handle_service_reply(struct comm_point* c, void* arg, int error,
 		return 0;
 	}
 	/* sanity check. */
-	if(!LDNS_QR_WIRE(ldns_buffer_begin(c->buffer))
-		|| LDNS_OPCODE_WIRE(ldns_buffer_begin(c->buffer)) != 
+	if(!LDNS_QR_WIRE(sldns_buffer_begin(c->buffer))
+		|| LDNS_OPCODE_WIRE(sldns_buffer_begin(c->buffer)) != 
 			LDNS_PACKET_QUERY
-		|| LDNS_QDCOUNT(ldns_buffer_begin(c->buffer)) > 1) {
+		|| LDNS_QDCOUNT(sldns_buffer_begin(c->buffer)) > 1) {
 		/* error becomes timeout for the module as if this reply
 		 * never arrived. */
 		verbose(VERB_ALGO, "worker: bad reply handled as timeout");
@@ -295,49 +295,49 @@ worker_handle_service_reply(struct comm_point* c, void* arg, int error,
  * @return error code, 0 OK, or -1 discard.
 */
 static int 
-worker_check_request(ldns_buffer* pkt, struct worker* worker)
+worker_check_request(sldns_buffer* pkt, struct worker* worker)
 {
-	if(ldns_buffer_limit(pkt) < LDNS_HEADER_SIZE) {
+	if(sldns_buffer_limit(pkt) < LDNS_HEADER_SIZE) {
 		verbose(VERB_QUERY, "request too short, discarded");
 		return -1;
 	}
-	if(ldns_buffer_limit(pkt) > NORMAL_UDP_SIZE && 
+	if(sldns_buffer_limit(pkt) > NORMAL_UDP_SIZE && 
 		worker->daemon->cfg->harden_large_queries) {
 		verbose(VERB_QUERY, "request too large, discarded");
 		return -1;
 	}
-	if(LDNS_QR_WIRE(ldns_buffer_begin(pkt))) {
+	if(LDNS_QR_WIRE(sldns_buffer_begin(pkt))) {
 		verbose(VERB_QUERY, "request has QR bit on, discarded");
 		return -1;
 	}
-	if(LDNS_TC_WIRE(ldns_buffer_begin(pkt))) {
-		LDNS_TC_CLR(ldns_buffer_begin(pkt));
+	if(LDNS_TC_WIRE(sldns_buffer_begin(pkt))) {
+		LDNS_TC_CLR(sldns_buffer_begin(pkt));
 		verbose(VERB_QUERY, "request bad, has TC bit on");
 		return LDNS_RCODE_FORMERR;
 	}
-	if(LDNS_OPCODE_WIRE(ldns_buffer_begin(pkt)) != LDNS_PACKET_QUERY) {
+	if(LDNS_OPCODE_WIRE(sldns_buffer_begin(pkt)) != LDNS_PACKET_QUERY) {
 		verbose(VERB_QUERY, "request unknown opcode %d", 
-			LDNS_OPCODE_WIRE(ldns_buffer_begin(pkt)));
+			LDNS_OPCODE_WIRE(sldns_buffer_begin(pkt)));
 		return LDNS_RCODE_NOTIMPL;
 	}
-	if(LDNS_QDCOUNT(ldns_buffer_begin(pkt)) != 1) {
+	if(LDNS_QDCOUNT(sldns_buffer_begin(pkt)) != 1) {
 		verbose(VERB_QUERY, "request wrong nr qd=%d", 
-			LDNS_QDCOUNT(ldns_buffer_begin(pkt)));
+			LDNS_QDCOUNT(sldns_buffer_begin(pkt)));
 		return LDNS_RCODE_FORMERR;
 	}
-	if(LDNS_ANCOUNT(ldns_buffer_begin(pkt)) != 0) {
+	if(LDNS_ANCOUNT(sldns_buffer_begin(pkt)) != 0) {
 		verbose(VERB_QUERY, "request wrong nr an=%d", 
-			LDNS_ANCOUNT(ldns_buffer_begin(pkt)));
+			LDNS_ANCOUNT(sldns_buffer_begin(pkt)));
 		return LDNS_RCODE_FORMERR;
 	}
-	if(LDNS_NSCOUNT(ldns_buffer_begin(pkt)) != 0) {
+	if(LDNS_NSCOUNT(sldns_buffer_begin(pkt)) != 0) {
 		verbose(VERB_QUERY, "request wrong nr ns=%d", 
-			LDNS_NSCOUNT(ldns_buffer_begin(pkt)));
+			LDNS_NSCOUNT(sldns_buffer_begin(pkt)));
 		return LDNS_RCODE_FORMERR;
 	}
-	if(LDNS_ARCOUNT(ldns_buffer_begin(pkt)) > 1) {
+	if(LDNS_ARCOUNT(sldns_buffer_begin(pkt)) > 1) {
 		verbose(VERB_QUERY, "request wrong nr ar=%d", 
-			LDNS_ARCOUNT(ldns_buffer_begin(pkt)));
+			LDNS_ARCOUNT(sldns_buffer_begin(pkt)));
 		return LDNS_RCODE_FORMERR;
 	}
 	return 0;
@@ -359,7 +359,7 @@ worker_handle_control_cmd(struct tube* ATTR_UNUSED(tube), uint8_t* msg,
 	if(len != sizeof(uint32_t)) {
 		fatal_exit("bad control msg length %d", (int)len);
 	}
-	cmd = ldns_read_uint32(msg);
+	cmd = sldns_read_uint32(msg);
 	free(msg);
 	switch(cmd) {
 	case worker_cmd_quit:
@@ -636,32 +636,32 @@ reply_and_prefetch(struct worker* worker, struct query_info* qinfo,
  * @param edns: edns reply information.
  */
 static void
-chaos_replystr(ldns_buffer* pkt, const char* str, struct edns_data* edns)
+chaos_replystr(sldns_buffer* pkt, const char* str, struct edns_data* edns)
 {
 	size_t len = strlen(str);
-	unsigned int rd = LDNS_RD_WIRE(ldns_buffer_begin(pkt));
-	unsigned int cd = LDNS_CD_WIRE(ldns_buffer_begin(pkt));
+	unsigned int rd = LDNS_RD_WIRE(sldns_buffer_begin(pkt));
+	unsigned int cd = LDNS_CD_WIRE(sldns_buffer_begin(pkt));
 	if(len>255) len=255; /* cap size of TXT record */
-	ldns_buffer_clear(pkt);
-	ldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip id */
-	ldns_buffer_write_u16(pkt, (uint16_t)(BIT_QR|BIT_RA));
-	if(rd) LDNS_RD_SET(ldns_buffer_begin(pkt));
-	if(cd) LDNS_CD_SET(ldns_buffer_begin(pkt));
-	ldns_buffer_write_u16(pkt, 1); /* qdcount */
-	ldns_buffer_write_u16(pkt, 1); /* ancount */
-	ldns_buffer_write_u16(pkt, 0); /* nscount */
-	ldns_buffer_write_u16(pkt, 0); /* arcount */
+	sldns_buffer_clear(pkt);
+	sldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip id */
+	sldns_buffer_write_u16(pkt, (uint16_t)(BIT_QR|BIT_RA));
+	if(rd) LDNS_RD_SET(sldns_buffer_begin(pkt));
+	if(cd) LDNS_CD_SET(sldns_buffer_begin(pkt));
+	sldns_buffer_write_u16(pkt, 1); /* qdcount */
+	sldns_buffer_write_u16(pkt, 1); /* ancount */
+	sldns_buffer_write_u16(pkt, 0); /* nscount */
+	sldns_buffer_write_u16(pkt, 0); /* arcount */
 	(void)query_dname_len(pkt); /* skip qname */
-	ldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip qtype */
-	ldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip qclass */
-	ldns_buffer_write_u16(pkt, 0xc00c); /* compr ptr to query */
-	ldns_buffer_write_u16(pkt, LDNS_RR_TYPE_TXT);
-	ldns_buffer_write_u16(pkt, LDNS_RR_CLASS_CH);
-	ldns_buffer_write_u32(pkt, 0); /* TTL */
-	ldns_buffer_write_u16(pkt, sizeof(uint8_t) + len);
-	ldns_buffer_write_u8(pkt, len);
-	ldns_buffer_write(pkt, str, len);
-	ldns_buffer_flip(pkt);
+	sldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip qtype */
+	sldns_buffer_skip(pkt, (ssize_t)sizeof(uint16_t)); /* skip qclass */
+	sldns_buffer_write_u16(pkt, 0xc00c); /* compr ptr to query */
+	sldns_buffer_write_u16(pkt, LDNS_RR_TYPE_TXT);
+	sldns_buffer_write_u16(pkt, LDNS_RR_CLASS_CH);
+	sldns_buffer_write_u32(pkt, 0); /* TTL */
+	sldns_buffer_write_u16(pkt, sizeof(uint8_t) + len);
+	sldns_buffer_write_u8(pkt, len);
+	sldns_buffer_write(pkt, str, len);
+	sldns_buffer_flip(pkt);
 	edns->edns_version = EDNS_ADVERTISED_VERSION;
 	edns->udp_size = EDNS_ADVERTISED_SIZE;
 	edns->bits &= EDNS_DO;
@@ -678,7 +678,7 @@ chaos_replystr(ldns_buffer* pkt, const char* str, struct edns_data* edns)
  */
 static int
 answer_chaos(struct worker* w, struct query_info* qinfo, 
-	struct edns_data* edns, ldns_buffer* pkt)
+	struct edns_data* edns, sldns_buffer* pkt)
 {
 	struct config_file* cfg = w->env.cfg;
 	if(qinfo->qtype != LDNS_RR_TYPE_ANY && qinfo->qtype != LDNS_RR_TYPE_TXT)
@@ -718,6 +718,52 @@ answer_chaos(struct worker* w, struct query_info* qinfo,
 	return 0;
 }
 
+int
+deny_refuse(struct comm_point* c, enum acl_access acl,
+	enum acl_access deny, enum acl_access refuse,
+	struct worker* worker, struct comm_reply* repinfo)
+{
+	if(acl == deny) {
+		comm_point_drop_reply(repinfo);
+		if(worker->stats.extended)
+			worker->stats.unwanted_queries++;
+		return 0;
+	} else if(acl == refuse) {
+		log_addr(VERB_ALGO, "refused query from",
+			&repinfo->addr, repinfo->addrlen);
+		log_buf(VERB_ALGO, "refuse", c->buffer);
+		if(worker->stats.extended)
+			worker->stats.unwanted_queries++;
+		if(worker_check_request(c->buffer, worker) == -1) {
+			comm_point_drop_reply(repinfo);
+			return 0; /* discard this */
+		}
+		sldns_buffer_set_limit(c->buffer, LDNS_HEADER_SIZE);
+		sldns_buffer_write_at(c->buffer, 4, 
+			(uint8_t*)"\0\0\0\0\0\0\0\0", 8);
+		LDNS_QR_SET(sldns_buffer_begin(c->buffer));
+		LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), 
+			LDNS_RCODE_REFUSED);
+		return 1;
+	}
+
+	return -1;
+}
+
+int
+deny_refuse_all(struct comm_point* c, enum acl_access acl,
+	struct worker* worker, struct comm_reply* repinfo)
+{
+	return deny_refuse(c, acl, acl_deny, acl_refuse, worker, repinfo);
+}
+
+int
+deny_refuse_non_local(struct comm_point* c, enum acl_access acl,
+	struct worker* worker, struct comm_reply* repinfo)
+{
+	return deny_refuse(c, acl, acl_deny_non_local, acl_refuse_non_local, worker, repinfo);
+}
+
 int 
 worker_handle_request(struct comm_point* c, void* arg, int error,
 	struct comm_reply* repinfo)
@@ -737,35 +783,16 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
 	}
 	acl = acl_list_lookup(worker->daemon->acl, &repinfo->addr, 
 		repinfo->addrlen);
-	if(acl == acl_deny) {
-		comm_point_drop_reply(repinfo);
-		if(worker->stats.extended)
-			worker->stats.unwanted_queries++;
-		return 0;
-	} else if(acl == acl_refuse) {
-		log_addr(VERB_ALGO, "refused query from",
-			&repinfo->addr, repinfo->addrlen);
-		log_buf(VERB_ALGO, "refuse", c->buffer);
-		if(worker->stats.extended)
-			worker->stats.unwanted_queries++;
-		if(worker_check_request(c->buffer, worker) == -1) {
-			comm_point_drop_reply(repinfo);
-			return 0; /* discard this */
-		}
-		ldns_buffer_set_limit(c->buffer, LDNS_HEADER_SIZE);
-		ldns_buffer_write_at(c->buffer, 4, 
-			(uint8_t*)"\0\0\0\0\0\0\0\0", 8);
-		LDNS_QR_SET(ldns_buffer_begin(c->buffer));
-		LDNS_RCODE_SET(ldns_buffer_begin(c->buffer), 
-			LDNS_RCODE_REFUSED);
-		return 1;
+	if((ret=deny_refuse_all(c, acl, worker, repinfo)) != -1)
+	{
+		return ret;
 	}
 	if((ret=worker_check_request(c->buffer, worker)) != 0) {
 		verbose(VERB_ALGO, "worker check request: bad query.");
 		log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
 		if(ret != -1) {
-			LDNS_QR_SET(ldns_buffer_begin(c->buffer));
-			LDNS_RCODE_SET(ldns_buffer_begin(c->buffer), ret);
+			LDNS_QR_SET(sldns_buffer_begin(c->buffer));
+			LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), ret);
 			return 1;
 		}
 		comm_point_drop_reply(repinfo);
@@ -776,9 +803,9 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
 	if(!query_info_parse(&qinfo, c->buffer)) {
 		verbose(VERB_ALGO, "worker parse request: formerror.");
 		log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
-		ldns_buffer_rewind(c->buffer);
-		LDNS_QR_SET(ldns_buffer_begin(c->buffer));
-		LDNS_RCODE_SET(ldns_buffer_begin(c->buffer), 
+		sldns_buffer_rewind(c->buffer);
+		LDNS_QR_SET(sldns_buffer_begin(c->buffer));
+		LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), 
 			LDNS_RCODE_FORMERR);
 		server_stats_insrcode(&worker->stats, c->buffer);
 		return 1;
@@ -792,9 +819,9 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
 		qinfo.qtype == LDNS_RR_TYPE_IXFR) {
 		verbose(VERB_ALGO, "worker request: refused zone transfer.");
 		log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
-		ldns_buffer_rewind(c->buffer);
-		LDNS_QR_SET(ldns_buffer_begin(c->buffer));
-		LDNS_RCODE_SET(ldns_buffer_begin(c->buffer), 
+		sldns_buffer_rewind(c->buffer);
+		LDNS_QR_SET(sldns_buffer_begin(c->buffer));
+		LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), 
 			LDNS_RCODE_REFUSED);
 		if(worker->stats.extended) {
 			worker->stats.qtype[qinfo.qtype]++;
@@ -805,9 +832,9 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
 	if((ret=parse_edns_from_pkt(c->buffer, &edns)) != 0) {
 		verbose(VERB_ALGO, "worker parse edns: formerror.");
 		log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
-		ldns_buffer_rewind(c->buffer);
-		LDNS_QR_SET(ldns_buffer_begin(c->buffer));
-		LDNS_RCODE_SET(ldns_buffer_begin(c->buffer), ret);
+		sldns_buffer_rewind(c->buffer);
+		LDNS_QR_SET(sldns_buffer_begin(c->buffer));
+		LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), ret);
 		server_stats_insrcode(&worker->stats, c->buffer);
 		return 1;
 	}
@@ -819,8 +846,8 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
 		verbose(VERB_ALGO, "query with bad edns version.");
 		log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
 		error_encode(c->buffer, EDNS_RCODE_BADVERS&0xf, &qinfo,
-			*(uint16_t*)ldns_buffer_begin(c->buffer),
-			ldns_buffer_read_u16_at(c->buffer, 2), NULL);
+			*(uint16_t*)sldns_buffer_begin(c->buffer),
+			sldns_buffer_read_u16_at(c->buffer, 2), NULL);
 		attach_edns_record(c->buffer, &edns);
 		return 1;
 	}
@@ -842,14 +869,14 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
 	if(edns.udp_size < LDNS_HEADER_SIZE) {
 		verbose(VERB_ALGO, "worker request: edns is too small.");
 		log_addr(VERB_CLIENT, "from", &repinfo->addr, repinfo->addrlen);
-		LDNS_QR_SET(ldns_buffer_begin(c->buffer));
-		LDNS_TC_SET(ldns_buffer_begin(c->buffer));
-		LDNS_RCODE_SET(ldns_buffer_begin(c->buffer), 
+		LDNS_QR_SET(sldns_buffer_begin(c->buffer));
+		LDNS_TC_SET(sldns_buffer_begin(c->buffer));
+		LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), 
 			LDNS_RCODE_SERVFAIL);
-		ldns_buffer_set_position(c->buffer, LDNS_HEADER_SIZE);
-		ldns_buffer_write_at(c->buffer, 4, 
+		sldns_buffer_set_position(c->buffer, LDNS_HEADER_SIZE);
+		sldns_buffer_write_at(c->buffer, 4, 
 			(uint8_t*)"\0\0\0\0\0\0\0\0", 8);
-		ldns_buffer_flip(c->buffer);
+		sldns_buffer_flip(c->buffer);
 		return 1;
 	}
 	if(worker->stats.extended)
@@ -865,22 +892,32 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
 	if(local_zones_answer(worker->daemon->local_zones, &qinfo, &edns, 
 		c->buffer, worker->scratchpad)) {
 		regional_free_all(worker->scratchpad);
-		if(ldns_buffer_limit(c->buffer) == 0) {
+		if(sldns_buffer_limit(c->buffer) == 0) {
 			comm_point_drop_reply(repinfo);
 			return 0;
 		}
 		server_stats_insrcode(&worker->stats, c->buffer);
 		return 1;
 	}
-	if(!(LDNS_RD_WIRE(ldns_buffer_begin(c->buffer))) &&
+
+	/* We've looked in our local zones. If the answer isn't there, we
+	 * might need to bail out based on ACLs now. */
+	if((ret=deny_refuse_non_local(c, acl, worker, repinfo)) != -1)
+	{
+		return ret;
+	}
+
+	/* If this request does not have the recursion bit set, verify
+	 * ACLs allow the snooping. */
+	if(!(LDNS_RD_WIRE(sldns_buffer_begin(c->buffer))) &&
 		acl != acl_allow_snoop ) {
-		ldns_buffer_set_limit(c->buffer, LDNS_HEADER_SIZE);
-		ldns_buffer_write_at(c->buffer, 4, 
+		sldns_buffer_set_limit(c->buffer, LDNS_HEADER_SIZE);
+		sldns_buffer_write_at(c->buffer, 4, 
 			(uint8_t*)"\0\0\0\0\0\0\0\0", 8);
-		LDNS_QR_SET(ldns_buffer_begin(c->buffer));
-		LDNS_RCODE_SET(ldns_buffer_begin(c->buffer), 
+		LDNS_QR_SET(sldns_buffer_begin(c->buffer));
+		LDNS_RCODE_SET(sldns_buffer_begin(c->buffer), 
 			LDNS_RCODE_REFUSED);
-		ldns_buffer_flip(c->buffer);
+		sldns_buffer_flip(c->buffer);
 		server_stats_insrcode(&worker->stats, c->buffer);
 		log_addr(VERB_ALGO, "refused nonrec (cache snoop) query from",
 			&repinfo->addr, repinfo->addrlen);
@@ -891,8 +928,8 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
 		/* answer from cache - we have acquired a readlock on it */
 		if(answer_from_cache(worker, &qinfo, 
 			(struct reply_info*)e->data, 
-			*(uint16_t*)ldns_buffer_begin(c->buffer), 
-			ldns_buffer_read_u16_at(c->buffer, 2), repinfo, 
+			*(uint16_t*)sldns_buffer_begin(c->buffer), 
+			sldns_buffer_read_u16_at(c->buffer, 2), repinfo, 
 			&edns)) {
 			/* prefetch it if the prefetch TTL expired */
 			if(worker->env.cfg->prefetch && *worker->env.now >=
@@ -901,7 +938,7 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
 					data)->ttl - *worker->env.now;
 				lock_rw_unlock(&e->lock);
 				reply_and_prefetch(worker, &qinfo, 
-					ldns_buffer_read_u16_at(c->buffer, 2),
+					sldns_buffer_read_u16_at(c->buffer, 2),
 					repinfo, leeway);
 				return 0;
 			}
@@ -911,17 +948,17 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
 		verbose(VERB_ALGO, "answer from the cache failed");
 		lock_rw_unlock(&e->lock);
 	}
-	if(!LDNS_RD_WIRE(ldns_buffer_begin(c->buffer))) {
+	if(!LDNS_RD_WIRE(sldns_buffer_begin(c->buffer))) {
 		if(answer_norec_from_cache(worker, &qinfo,
-			*(uint16_t*)ldns_buffer_begin(c->buffer), 
-			ldns_buffer_read_u16_at(c->buffer, 2), repinfo, 
+			*(uint16_t*)sldns_buffer_begin(c->buffer), 
+			sldns_buffer_read_u16_at(c->buffer, 2), repinfo, 
 			&edns)) {
 			return 1;
 		}
 		verbose(VERB_ALGO, "answer norec from cache -- "
 			"need to validate or not primed");
 	}
-	ldns_buffer_rewind(c->buffer);
+	sldns_buffer_rewind(c->buffer);
 	server_stats_querymiss(&worker->stats, worker);
 
 	if(verbosity >= VERB_CLIENT) {
@@ -934,8 +971,8 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
 
 	/* grab a work request structure for this new request */
 	mesh_new_client(worker->env.mesh, &qinfo, 
-		ldns_buffer_read_u16_at(c->buffer, 2),
-		&edns, repinfo, *(uint16_t*)ldns_buffer_begin(c->buffer));
+		sldns_buffer_read_u16_at(c->buffer, 2),
+		&edns, repinfo, *(uint16_t*)sldns_buffer_begin(c->buffer));
 	worker_mem_report(worker, NULL);
 	return 0;
 }
@@ -1119,7 +1156,7 @@ worker_init(struct worker* worker, struct config_file *cfg,
 		worker->daemon->env->infra_cache, worker->rndstate,
 		cfg->use_caps_bits_for_id, worker->ports, worker->numports,
 		cfg->unwanted_threshold, &worker_alloc_cleanup, worker,
-		cfg->do_udp, worker->daemon->connect_sslctx);
+		cfg->do_udp, worker->daemon->connect_sslctx, cfg->delay_close);
 	if(!worker->back) {
 		log_err("could not create outgoing sockets");
 		worker_delete(worker);
@@ -1165,7 +1202,7 @@ worker_init(struct worker* worker, struct config_file *cfg,
 	worker->env.attach_sub = &mesh_attach_sub;
 	worker->env.kill_sub = &mesh_state_delete;
 	worker->env.detect_cycle = &mesh_detect_cycle;
-	worker->env.scratch_buffer = ldns_buffer_new(cfg->msg_buffer_size);
+	worker->env.scratch_buffer = sldns_buffer_new(cfg->msg_buffer_size);
 	if(!(worker->env.fwds = forwards_create()) ||
 		!forwards_apply_cfg(worker->env.fwds, cfg)) {
 		log_err("Could not set forward zones");
@@ -1228,7 +1265,7 @@ worker_delete(struct worker* worker)
 	}
 	outside_network_quit_prepare(worker->back);
 	mesh_delete(worker->env.mesh);
-	ldns_buffer_free(worker->env.scratch_buffer);
+	sldns_buffer_free(worker->env.scratch_buffer);
 	forwards_delete(worker->env.fwds);
 	hints_delete(worker->env.hints);
 	listen_delete(worker->front);
@@ -1341,14 +1378,21 @@ void libworker_handle_control_cmd(struct tube* ATTR_UNUSED(tube),
 }
 
 void libworker_fg_done_cb(void* ATTR_UNUSED(arg), int ATTR_UNUSED(rcode),
-        ldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(s),
+        sldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(s),
 	char* ATTR_UNUSED(why_bogus))
 {
 	log_assert(0);
 }
 
 void libworker_bg_done_cb(void* ATTR_UNUSED(arg), int ATTR_UNUSED(rcode),
-        ldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(s),
+        sldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(s),
+	char* ATTR_UNUSED(why_bogus))
+{
+	log_assert(0);
+}
+
+void libworker_event_done_cb(void* ATTR_UNUSED(arg), int ATTR_UNUSED(rcode),
+        sldns_buffer* ATTR_UNUSED(buf), enum sec_status ATTR_UNUSED(s),
 	char* ATTR_UNUSED(why_bogus))
 {
 	log_assert(0);

daemon/worker.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

doc/Changelog

@@ -1,3 +1,161 @@
+12 March 2014: Wouter
+	- tag 1.4.22
+
+10 March 2014: Wouter
+	- Fix bug#561: contrib/cacti plugin did not report SERVFAIL rcodes
+	  because of spelling.  Patch from Chris Coates.
+
+27 February 2014: Wouter
+	- tag 1.4.22rc1
+
+21 February 2014: Wouter
+	- iana portlist updated.
+
+20 February 2014: Matthijs
+	- Be lenient when a NSEC NameError response with RCODE=NXDOMAIN is
+	  received. This is okay according 4035, but not after revising
+	  existence in 4592.  NSEC empty non-terminals exist and thus the
+	  RCODE should have been NOERROR. If this occurs, and the RRsets
+	  are secure, we set the RCODE to NOERROR and the security status
+	  of the reponse is also considered secure.
+
+14 February 2014: Wouter
+	- Works on Minix (3.2.1).
+
+11 February 2014: Wouter
+	- Fix parse of #553(NSD) string in sldns, quotes without spaces.
+
+7 February 2014: Wouter
+	- iana portlist updated.
+	- add body to ifstatement if locks disabled.
+	- add TXT string"string" test case to unit test.
+	- Fix #551: License change "Regents" to "Copyright holder", matching
+	  the BSD license on opensource.org.
+
+6 February 2014: Wouter
+	- sldns has type HIP.
+	- code documentation on the module interface.
+
+5 February 2014: Wouter
+	- Fix sldns parse tests on osx.
+
+3 February 2014: Wouter
+	- Detect libevent2 install automatically by configure.
+	- Fixup link with lib/event2 subdir.
+	- Fix parse in sldns of quoted parenthesized text strings.
+
+31 January 2014: Wouter
+	- unit test for ldns wire to str and back with zones, root, nlnetlabs
+	  and types.sidnlabs.
+	- Fix for hex to string in unknown, atma and nsap.
+	- fixup nss compile (no ldns in it).
+	- fixup warning in unitldns
+	- fixup WKS and rdata type service to print unsigned because strings
+	  are not portable; they cannot be read (for sure) on other computers.
+	- fixup type EUI48 and EUI64, type APL and type IPSECKEY in string
+	  parse sldns.
+
+30 January 2014: Wouter
+	- delay-close does not act if there are udp-wait queries, so that
+	  it does not make a socketdrain DoS easier.
+
+28 January 2014: Wouter
+	- iana portlist updated.
+	- iana portlist test updated so it does not touch the source
+	  if there are no changes.
+	- delay-close: msec option that delays closing ports for which
+	  the UDP reply has timed out.  Keeps the port open, only accepts
+	  the correct reply.  This correct reply is not used, but the port
+	  is open so that no port-denied ICMPs are generated.
+
+27 January 2014: Wouter
+	- reuseport is attempted, then fallback to without on failure.
+
+24 January 2014: Wouter
+	- Change unbound-event.h to use void* buffer, length idiom.
+	- iana portlist updated.
+	- unbound-event.h is installed if you configure --enable-event-api.
+	- speed up unbound (reports say it could be up to 10%), by reducing
+	  lock contention on localzones.lock.  It is changed to an rwlock.
+	- so-reuseport: yesno option to distribute queries evenly over
+	  threads on Linux (Thanks Robert Edmonds).
+	- made lint clean.
+
+21 January 2014: Wouter
+	- Fix #547: no trustanchor written if filesystem full, fclose checked.
+
+17 January 2014: Wouter
+	- Fix isprint() portability in sldns, uses unsigned int.
+	- iana portlist updated.
+
+16 January 2014: Wouter
+	- fix #544: Fixed +i causes segfault when running with module conf
+	  "iterator".
+	- Windows port, adjust %lld to %I64d, and warning in win_event.c.
+
+14 January 2014: Wouter
+	- iana portlist updated.
+
+5 Dec 2013: Wouter
+	- Fix bug in cachedump that uses sldns.
+	- update pythonmod for ldns_ to sldns_ name change.
+
+3 Dec 2013: Wouter
+	- Fix sldns to use sldns_ prefix for all ldns_ variables.
+	- Fix windows compile to compile with sldns.
+
+30 Nov 2013: Wouter
+	- Fix sldns to make globals use sldns_ prefix.  This fixes
+	  linking with libldns that uses global variables ldns_ .
+
+13 Nov 2013: Wouter
+	- Fix bug#537: compile python plugin without ldns library.
+
+12 Nov 2013: Wouter
+	- Fix bug#536: acl_deny_non_local and refuse_non_local added.
+
+5 Nov 2013: Wouter
+	- Patch from Neel Goyal to fix async id assignment if callback
+	  is called by libunbound in the mesh attach.
+	- Accept ip-address: as an alternative for interface: for
+	  consistency with nsd.conf syntax.
+
+4 Nov 2013: Wouter
+	- Patch from Neel Goyal to fix callback in libunbound.
+
+3 Nov 2013: Wouter
+	- if configured --with-libunbound-only fix make install.
+
+31 Oct 2013: Wouter
+	- Fix #531: Set SO_REUSEADDR so that the wildcard interface and a 
+	  more specific interface port 53 can be used at the same time, and
+	  one of the daemons is unbound.
+	- iana portlist update.
+	- separate ldns into core ldns inside ldns/ subdirectory.  No more
+	  --with-ldns is needed and unbound does not rely on libldns.
+	- portability fixes for new USE_SLDNS ldns subdir codebase.
+
+22 Oct 2013: Wouter
+	- Patch from Neel Goyal: Add an API call to set an event base on an
+	  existing ub_ctx.  This basically just destroys the current worker and
+	  sets the event base to the current.  And fix a deadlock in
+	  ub_resolve_event – the cfglock is held when libworker_create is
+	  called.  This ends up trying to acquire the lock again in
+	  context_obtain_alloc in the call chain.
+	- Fix #528: if very high logging (4 or more) segfault on allow_snoop.
+
+26 Sep 2013: Wouter
+	- unbound-event.h is installed if configured --with-libevent.  It
+	  contains low-level library calls, that use libevent's event_base
+	  and an ldns_buffer for the wire return packet to perform async
+	  resolution in the client's eventloop.
+
+19 Sep 2013: Wouter
+	- 1.4.21 tag created.
+	- trunk has 1.4.22 number inside it.
+	- iana portlist updated.
+	- acx_nlnetlabs.m4 to 26; improve FLTO help text.
+
 16 Sep 2013: Wouter
 	- Fix#524: max-udp-size not effective to non-EDNS0 queries, from
 	  Daisuke HIGASHI.

doc/LICENSE

@@ -18,13 +18,13 @@ be used to endorse or promote products derived from this software without
 specific prior written permission.
 
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
-TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
-LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGE.
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

doc/README

@@ -1,4 +1,4 @@
-README for Unbound 1.4.21
+README for Unbound 1.4.22
 Copyright 2007 NLnet Labs
 http://unbound.net
 
@@ -10,14 +10,11 @@ This software is under BSD license, see LICENSE for details.
   	http://unbound.net/svn/
 
 * Uses the following libraries; 
-  * ldns	http://www.nlnetlabs.nl/ldns/			(BSD license)
-    (required) can use ldns build directory directly with --with-ldns=path.
   * libevent	http://www.monkey.org/~provos/libevent/		(BSD license)
     (optional) can use builtin alternative instead.
+  * libexpat	(for the unbound-anchor helper program)		(MIT license)
 
 * Make and install: ./configure; make; make install
-  * --with-ldns=/path/to/ldns
-	It will dynamically link against it.
   * --with-libevent=/path/to/libevent
   	Can be set to either the system install or the build directory.
 	--with-libevent=no (default) gives a builtin alternative 
@@ -36,8 +33,8 @@ This software is under BSD license, see LICENSE for details.
 	programming errors, among which buffer overflows.  The program exits
 	with an error if an assertion fails (but the buffer did not overflow).
   * --enable-static-exe
-	This enables a debug option to statically link, against ldns and 
-	libevent libraries.
+	This enables a debug option to statically link against the
+	libevent library.
   * --enable-lock-checks
   	This enables a debug option to check lock and unlock calls. It needs
 	a recent pthreads library to work.

doc/example.conf.in

@@ -1,7 +1,7 @@
 #
 # Example configuration file.
 #
-# See unbound.conf(5) man page, version 1.4.21.
+# See unbound.conf(5) man page, version 1.4.22.
 #
 # this is a comment.
 
@@ -84,6 +84,9 @@ server:
 	# buffer size for UDP port 53 outgoing (SO_SNDBUF socket option).
 	# 0 is system default.  Use 4m to handle spikes on very busy servers.
 	# so-sndbuf: 0
+	
+	# on Linux(3.9+) use SO_REUSEPORT to distribute queries over threads.
+	# so-reuseport: no
 
 	# EDNS reassembly buffer to advertise to UDP peers (the actual buffer
 	# is set with msg-buffer-size). 1480 can solve fragmentation (timeouts).
@@ -111,6 +114,9 @@ server:
 
 	# if very busy, 50% queries run to completion, 50% get timeout in msec
 	# jostle-timeout: 200
+	
+	# msec to wait before close of port on timeout UDP. 0 disables.
+	# delay-close: 0
 
 	# the amount of memory to use for the RRset cache.
 	# plain value in bytes or you can append k, m or G. default is "4Mb". 
@@ -165,6 +171,8 @@ server:
 	# By default everything is refused, except for localhost.
 	# Choose deny (drop message), refuse (polite error reply),
 	# allow (recursive ok), allow_snoop (recursive and nonrecursive ok)
+	# deny_non_local (drop queries unless can be answered from local-data)
+	# refuse_non_local (like deny_non_local but polite error reply).
 	# access-control: 0.0.0.0/0 refuse
 	# access-control: 127.0.0.0/8 allow
 	# access-control: ::0/0 refuse

doc/libunbound.3.in

@@ -1,4 +1,4 @@
-.TH "libunbound" "3" "Sep 19, 2013" "NLnet Labs" "unbound 1.4.21"
+.TH "libunbound" "3" "Mar 12, 2014" "NLnet Labs" "unbound 1.4.22"
 .\"
 .\" libunbound.3 -- unbound library functions manual
 .\"
@@ -42,7 +42,7 @@
 .B ub_ctx_zone_remove,
 .B ub_ctx_data_add,
 .B ub_ctx_data_remove
-\- Unbound DNS validating resolver 1.4.21 functions.
+\- Unbound DNS validating resolver 1.4.22 functions.
 .SH "SYNOPSIS"
 .LP
 .B #include <unbound.h>

doc/unbound-anchor.8.in

@@ -1,4 +1,4 @@
-.TH "unbound-anchor" "8" "Sep 19, 2013" "NLnet Labs" "unbound 1.4.21"
+.TH "unbound-anchor" "8" "Mar 12, 2014" "NLnet Labs" "unbound 1.4.22"
 .\"
 .\" unbound-anchor.8 -- unbound anchor maintenance utility manual
 .\"

doc/unbound-checkconf.8.in

@@ -1,4 +1,4 @@
-.TH "unbound-checkconf" "8" "Sep 19, 2013" "NLnet Labs" "unbound 1.4.21"
+.TH "unbound-checkconf" "8" "Mar 12, 2014" "NLnet Labs" "unbound 1.4.22"
 .\"
 .\" unbound-checkconf.8 -- unbound configuration checker manual
 .\"

doc/unbound-control.8.in

@@ -1,4 +1,4 @@
-.TH "unbound-control" "8" "Sep 19, 2013" "NLnet Labs" "unbound 1.4.21"
+.TH "unbound-control" "8" "Mar 12, 2014" "NLnet Labs" "unbound 1.4.22"
 .\"
 .\" unbound-control.8 -- unbound remote control manual
 .\"

doc/unbound-host.1

@@ -1,4 +1,4 @@
-.TH "unbound\-host" "1" "Sep 19, 2013" "NLnet Labs" "unbound 1.4.21"
+.TH "unbound\-host" "1" "Mar 12, 2014" "NLnet Labs" "unbound 1.4.22"
 .\"
 .\" unbound-host.1 -- unbound DNS lookup utility
 .\"

doc/unbound.8.in

@@ -1,4 +1,4 @@
-.TH "unbound" "8" "Sep 19, 2013" "NLnet Labs" "unbound 1.4.21"
+.TH "unbound" "8" "Mar 12, 2014" "NLnet Labs" "unbound 1.4.22"
 .\"
 .\" unbound.8 -- unbound manual
 .\"
@@ -10,7 +10,7 @@
 .SH "NAME"
 .LP
 .B unbound
-\- Unbound DNS validating resolver 1.4.21.
+\- Unbound DNS validating resolver 1.4.22.
 .SH "SYNOPSIS"
 .LP
 .B unbound

doc/unbound.conf.5.in

@@ -1,4 +1,4 @@
-.TH "unbound.conf" "5" "Sep 19, 2013" "NLnet Labs" "unbound 1.4.21"
+.TH "unbound.conf" "5" "Mar 12, 2014" "NLnet Labs" "unbound 1.4.22"
 .\"
 .\" unbound.conf.5 -- unbound.conf manual
 .\"
@@ -122,6 +122,9 @@ A port number can be specified with @port (without spaces between
 interface and port number), if not specified the default port (from
 \fBport\fR) is used.
 .TP
+.B ip\-address: \fI<ip address[@port]>
+Same as interface: (for easy of compatibility with nsd.conf).
+.TP
 .B interface\-automatic: \fI<yes or no>
 Detect source interface on UDP queries and copy them to replies.  This 
 feature is experimental, and needs support in your OS for particular socket
@@ -225,6 +228,15 @@ The qps for short queries can be about (numqueriesperthread / 2)
 / (jostletimeout in whole seconds) qps per thread, about (1024/2)*5 = 2560
 qps by default.
 .TP
+.B delay\-close: \fI<msec>
+Extra delay for timeouted UDP ports before they are closed, in msec.
+Default is 0, and that disables it.  This prevents very delayed answer
+packets from the upstream (recursive) servers from bouncing against
+closed ports and setting off all sort of close-port counters, with
+eg. 1500 msec.  When timeouts happen you need extra sockets, it checks
+the ID and remote IP of packets, and unwanted packets are added to the
+unwanted packet counter.
+.TP
 .B so\-rcvbuf: \fI<number>
 If not 0, then set the SO_RCVBUF socket option to get more buffer
 space on UDP port 53 incoming queries.  So that short spikes on busy
@@ -247,6 +259,15 @@ linux unbound needs root permission to bypass the limit, or the admin
 can use sysctl net.core.wmem_max.  On BSD, Solaris changes are similar
 to so\-rcvbuf.
 .TP
+.B so\-reuseport: \fI<yes or no>
+If yes, then open dedicated listening sockets for incoming queries for each
+thread and try to set the SO_REUSEPORT socket option on each socket.  May
+distribute incoming queries to threads more evenly.  Default is no.  Only
+supported on Linux >= 3.9.  You can enable it (on any platform and kernel),
+it then attempts to open the port and passes the option if it was available
+at compile time, if that works it is used, if it fails, it continues
+silently (unless verbosity 3) without the option.
+.TP
 .B rrset\-cache\-size: \fI<number>
 Number of bytes size of the RRset cache. Default is 4 megabytes.
 A plain number is in bytes, append 'k', 'm' or 'g' for kilobytes, megabytes
@@ -331,7 +352,7 @@ a daemon. Default is yes.
 .B access\-control: \fI<IP netblock> <action>
 The netblock is given as an IP4 or IP6 address with /size appended for a 
 classless network block. The action can be \fIdeny\fR, \fIrefuse\fR, 
-\fIallow\fR or \fIallow_snoop\fR.
+\fIallow\fR, \fIallow_snoop\fR, \fIdeny_non_local\fR or \fIrefuse_non_local\fR.
 .IP
 The action \fIdeny\fR stops queries from hosts from that netblock.
 .IP
@@ -360,6 +381,12 @@ By default only localhost is \fIallow\fRed, the rest is \fIrefuse\fRd.
 The default is \fIrefuse\fRd, because that is protocol\-friendly. The DNS 
 protocol is not designed to handle dropped packets due to policy, and 
 dropping may result in (possibly excessive) retried queries.
+.IP
+The deny_non_local and refuse_non_local settings are for hosts that are
+only allowed to query for the authoritative local\-data, they are not
+allowed full recursion but only the static data.  With deny_non_local,
+messages that are disallowed are dropped, with refuse_non_local they
+receive error code REFUSED.
 .TP
 .B chroot: \fI<directory>
 If chroot is enabled, you should pass the configfile (from the

iterator/iter_delegpt.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -47,6 +47,8 @@
 #include "util/data/packed_rrset.h"
 #include "util/data/msgreply.h"
 #include "util/net_help.h"
+#include "ldns/rrdef.h"
+#include "ldns/sbuffer.h"
 
 struct delegpt* 
 delegpt_create(struct regional* region)
@@ -388,7 +390,7 @@ delegpt_rrset_add_ns(struct delegpt* dp, struct regional* region,
 	for(i=0; i<nsdata->count; i++) {
 		if(nsdata->rr_len[i] < 2+1) continue; /* len + root label */
 		if(dname_valid(nsdata->rr_data[i]+2, nsdata->rr_len[i]-2) !=
-			(size_t)ldns_read_uint16(nsdata->rr_data[i]))
+			(size_t)sldns_read_uint16(nsdata->rr_data[i]))
 			continue; /* bad format */
 		/* add rdata of NS (= wirefmt dname), skip rdatalen bytes */
 		if(!delegpt_add_ns(dp, region, nsdata->rr_data[i]+2, lame))

iterator/iter_delegpt.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

iterator/iter_donotq.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

iterator/iter_donotq.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

iterator/iter_fwd.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -40,15 +40,14 @@
  * Keep track of forward zones and config settings.
  */
 #include "config.h"
-#include <ldns/rdata.h>
-#include <ldns/dname.h>
-#include <ldns/rr.h>
 #include "iterator/iter_fwd.h"
 #include "iterator/iter_delegpt.h"
 #include "util/log.h"
 #include "util/config_file.h"
 #include "util/net_help.h"
 #include "util/data/dname.h"
+#include "ldns/rrdef.h"
+#include "ldns/str2wire.h"
 
 int
 fwd_cmp(const void* k1, const void* k2)
@@ -180,22 +179,23 @@ static struct delegpt*
 read_fwds_name(struct config_stub* s)
 {
 	struct delegpt* dp;
-	ldns_rdf* rdf;
+	uint8_t* dname;
+	size_t dname_len;
 	if(!s->name) {
 		log_err("forward zone without a name (use name \".\" to forward everything)");
 		return NULL;
 	}
-	rdf = ldns_dname_new_frm_str(s->name);
-	if(!rdf) {
+	dname = sldns_str2wire_dname(s->name, &dname_len);
+	if(!dname) {
 		log_err("cannot parse forward zone name %s", s->name);
 		return NULL;
 	}
-	if(!(dp=delegpt_create_mlc(ldns_rdf_data(rdf)))) {
-		ldns_rdf_deep_free(rdf);
+	if(!(dp=delegpt_create_mlc(dname))) {
+		free(dname);
 		log_err("out of memory");
 		return NULL;
 	}
-	ldns_rdf_deep_free(rdf);
+	free(dname);
 	return dp;
 }
 
@@ -204,21 +204,22 @@ static int
 read_fwds_host(struct config_stub* s, struct delegpt* dp)
 {
 	struct config_strlist* p;
-	ldns_rdf* rdf;
+	uint8_t* dname;
+	size_t dname_len;
 	for(p = s->hosts; p; p = p->next) {
 		log_assert(p->str);
-		rdf = ldns_dname_new_frm_str(p->str);
-		if(!rdf) {
+		dname = sldns_str2wire_dname(p->str, &dname_len);
+		if(!dname) {
 			log_err("cannot parse forward %s server name: '%s'", 
 				s->name, p->str);
 			return 0;
 		}
-		if(!delegpt_add_ns_mlc(dp, ldns_rdf_data(rdf), 0)) {
-			ldns_rdf_deep_free(rdf);
+		if(!delegpt_add_ns_mlc(dp, dname, 0)) {
+			free(dname);
 			log_err("out of memory");
 			return 0;
 		}
-		ldns_rdf_deep_free(rdf);
+		free(dname);
 	}
 	return 1;
 }
@@ -290,19 +291,20 @@ static int
 make_stub_holes(struct iter_forwards* fwd, struct config_file* cfg)
 {
 	struct config_stub* s;
+	uint8_t* dname;
+	size_t dname_len;
 	for(s = cfg->stubs; s; s = s->next) {
-		ldns_rdf* rdf = ldns_dname_new_frm_str(s->name);
-		if(!rdf) {
+		dname = sldns_str2wire_dname(s->name, &dname_len);
+		if(!dname) {
 			log_err("cannot parse stub name '%s'", s->name);
 			return 0;
 		}
-		if(!fwd_add_stub_hole(fwd, LDNS_RR_CLASS_IN,
-				ldns_rdf_data(rdf))) {
-			ldns_rdf_deep_free(rdf);
+		if(!fwd_add_stub_hole(fwd, LDNS_RR_CLASS_IN, dname)) {
+			free(dname);
 			log_err("out of memory");
 			return 0;
 		}
-		ldns_rdf_deep_free(rdf);
+		free(dname);
 	}
 	return 1;
 }

iterator/iter_fwd.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

iterator/iter_hints.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -40,14 +40,15 @@
  * Keep track of stub and root hints, and read those from config.
  */
 #include "config.h"
-#include <ldns/dname.h>
-#include <ldns/rr.h>
 #include "iterator/iter_hints.h"
 #include "iterator/iter_delegpt.h"
 #include "util/log.h"
 #include "util/config_file.h"
 #include "util/net_help.h"
 #include "util/data/dname.h"
+#include "ldns/rrdef.h"
+#include "ldns/str2wire.h"
+#include "ldns/wire2str.h"
 
 struct iter_hints* 
 hints_create(void)
@@ -92,19 +93,20 @@ ah(struct delegpt* dp, const char* sv, const char* ip)
 {
 	struct sockaddr_storage addr;
 	socklen_t addrlen;
-	ldns_rdf* rdf = ldns_dname_new_frm_str(sv);
-	if(!rdf) {
+	size_t dname_len;
+	uint8_t* dname = sldns_str2wire_dname(sv, &dname_len);
+	if(!dname) {
 		log_err("could not parse %s", sv);
 		return 0;
 	}
-	if(!delegpt_add_ns_mlc(dp, ldns_rdf_data(rdf), 0) ||
+	if(!delegpt_add_ns_mlc(dp, dname, 0) ||
 	   !extstrtoaddr(ip, &addr, &addrlen) ||
-	   !delegpt_add_target_mlc(dp, ldns_rdf_data(rdf), ldns_rdf_size(rdf),
+	   !delegpt_add_target_mlc(dp, dname, dname_len,
 		&addr, addrlen, 0, 0)) {
-		ldns_rdf_deep_free(rdf);
+		free(dname);
 		return 0;
 	}
-	ldns_rdf_deep_free(rdf);
+	free(dname);
 	return 1;
 }
 
@@ -186,22 +188,23 @@ static struct delegpt*
 read_stubs_name(struct config_stub* s)
 {
 	struct delegpt* dp;
-	ldns_rdf* rdf;
+	size_t dname_len;
+	uint8_t* dname;
 	if(!s->name) {
 		log_err("stub zone without a name");
 		return NULL;
 	}
-	rdf = ldns_dname_new_frm_str(s->name);
-	if(!rdf) {
+	dname = sldns_str2wire_dname(s->name, &dname_len);
+	if(!dname) {
 		log_err("cannot parse stub zone name %s", s->name);
 		return NULL;
 	}
-	if(!(dp=delegpt_create_mlc(ldns_rdf_data(rdf)))) {
-		ldns_rdf_deep_free(rdf);
+	if(!(dp=delegpt_create_mlc(dname))) {
+		free(dname);
 		log_err("out of memory");
 		return NULL;
 	}
-	ldns_rdf_deep_free(rdf);
+	free(dname);
 	return dp;
 }
 
@@ -210,21 +213,22 @@ static int
 read_stubs_host(struct config_stub* s, struct delegpt* dp)
 {
 	struct config_strlist* p;
-	ldns_rdf* rdf;
+	size_t dname_len;
+	uint8_t* dname;
 	for(p = s->hosts; p; p = p->next) {
 		log_assert(p->str);
-		rdf = ldns_dname_new_frm_str(p->str);
-		if(!rdf) {
+		dname = sldns_str2wire_dname(p->str, &dname_len);
+		if(!dname) {
 			log_err("cannot parse stub %s nameserver name: '%s'", 
 				s->name, p->str);
 			return 0;
 		}
-		if(!delegpt_add_ns_mlc(dp, ldns_rdf_data(rdf), 0)) {
-			ldns_rdf_deep_free(rdf);
+		if(!delegpt_add_ns_mlc(dp, dname, 0)) {
+			free(dname);
 			log_err("out of memory");
 			return 0;
 		}
-		ldns_rdf_deep_free(rdf);
+		free(dname);
 	}
 	return 1;
 }
@@ -279,13 +283,11 @@ read_stubs(struct iter_hints* hints, struct config_file* cfg)
 static int 
 read_root_hints(struct iter_hints* hints, char* fname)
 {
-	int lineno = 0;
-	uint32_t default_ttl = 0;
-	ldns_rdf* origin = NULL;
-	ldns_rdf* prev_rr = NULL;
+	struct sldns_file_parse_state pstate;
 	struct delegpt* dp;
-	ldns_rr* rr = NULL;
-	ldns_status status;
+	uint8_t rr[LDNS_RR_BUF_SIZE];
+	size_t rr_len, dname_len;
+	int status;
 	uint16_t c = LDNS_RR_CLASS_IN;
 	FILE* f = fopen(fname, "r");
 	if(!f) {
@@ -300,77 +302,78 @@ read_root_hints(struct iter_hints* hints, char* fname)
 		return 0;
 	}
 	verbose(VERB_QUERY, "Reading root hints from %s", fname);
+	memset(&pstate, 0, sizeof(pstate));
+	pstate.lineno = 1;
 	dp->has_parent_side_NS = 1;
 	while(!feof(f)) {
-		status = ldns_rr_new_frm_fp_l(&rr, f, 
-			&default_ttl, &origin, &prev_rr, &lineno);
-		if(status == LDNS_STATUS_SYNTAX_EMPTY ||
-			status == LDNS_STATUS_SYNTAX_TTL ||
-			status == LDNS_STATUS_SYNTAX_ORIGIN)
-			continue;
-		if(status != LDNS_STATUS_OK) {
-			log_err("reading root hints %s %d: %s", fname,
-				lineno, ldns_get_errorstr_by_id(status));
+		rr_len = sizeof(rr);
+		dname_len = 0;
+		status = sldns_fp2wire_rr_buf(f, rr, &rr_len, &dname_len,
+			&pstate);
+		if(status != 0) {
+			log_err("reading root hints %s %d:%d: %s", fname,
+				pstate.lineno, LDNS_WIREPARSE_OFFSET(status),
+				sldns_get_errorstr_parse(status));
 			goto stop_read;
 		}
-		if(ldns_rr_get_type(rr) == LDNS_RR_TYPE_NS) {
-			if(!delegpt_add_ns_mlc(dp,
-				ldns_rdf_data(ldns_rr_rdf(rr, 0)), 0)) {
+		if(rr_len == 0)
+			continue; /* EMPTY line, TTL or ORIGIN */
+		if(sldns_wirerr_get_type(rr, rr_len, dname_len)
+			== LDNS_RR_TYPE_NS) {
+			if(!delegpt_add_ns_mlc(dp, sldns_wirerr_get_rdata(rr,
+				rr_len, dname_len), 0)) {
 				log_err("out of memory reading root hints");
 				goto stop_read;
 			}
-			c = ldns_rr_get_class(rr);
+			c = sldns_wirerr_get_class(rr, rr_len, dname_len);
 			if(!dp->name) {
-				if(!delegpt_set_name_mlc(dp,
-					ldns_rdf_data(ldns_rr_owner(rr)))){
+				if(!delegpt_set_name_mlc(dp, rr)) {
 					log_err("out of memory.");
 					goto stop_read;
 				}
 			}
-		} else if(ldns_rr_get_type(rr) == LDNS_RR_TYPE_A) {
+		} else if(sldns_wirerr_get_type(rr, rr_len, dname_len)
+			== LDNS_RR_TYPE_A && sldns_wirerr_get_rdatalen(rr,
+			rr_len, dname_len) == INET_SIZE) {
 			struct sockaddr_in sa;
 			socklen_t len = (socklen_t)sizeof(sa);
 			memset(&sa, 0, len);
 			sa.sin_family = AF_INET;
 			sa.sin_port = (in_port_t)htons(UNBOUND_DNS_PORT);
 			memmove(&sa.sin_addr, 
-				ldns_rdf_data(ldns_rr_rdf(rr, 0)), INET_SIZE);
-			if(!delegpt_add_target_mlc(dp,
-					ldns_rdf_data(ldns_rr_owner(rr)),
-					ldns_rdf_size(ldns_rr_owner(rr)),
+				sldns_wirerr_get_rdata(rr, rr_len, dname_len),
+				INET_SIZE);
+			if(!delegpt_add_target_mlc(dp, rr, dname_len,
 					(struct sockaddr_storage*)&sa, len, 
 					0, 0)) {
 				log_err("out of memory reading root hints");
 				goto stop_read;
 			}
-		} else if(ldns_rr_get_type(rr) == LDNS_RR_TYPE_AAAA) {
+		} else if(sldns_wirerr_get_type(rr, rr_len, dname_len)
+			== LDNS_RR_TYPE_AAAA && sldns_wirerr_get_rdatalen(rr,
+			rr_len, dname_len) == INET6_SIZE) {
 			struct sockaddr_in6 sa;
 			socklen_t len = (socklen_t)sizeof(sa);
 			memset(&sa, 0, len);
 			sa.sin6_family = AF_INET6;
 			sa.sin6_port = (in_port_t)htons(UNBOUND_DNS_PORT);
 			memmove(&sa.sin6_addr, 
-				ldns_rdf_data(ldns_rr_rdf(rr, 0)), INET6_SIZE);
-			if(!delegpt_add_target_mlc(dp,
-					ldns_rdf_data(ldns_rr_owner(rr)),
-					ldns_rdf_size(ldns_rr_owner(rr)),
+				sldns_wirerr_get_rdata(rr, rr_len, dname_len),
+				INET6_SIZE);
+			if(!delegpt_add_target_mlc(dp, rr, dname_len,
 					(struct sockaddr_storage*)&sa, len,
 					0, 0)) {
 				log_err("out of memory reading root hints");
 				goto stop_read;
 			}
 		} else {
-			log_warn("root hints %s:%d skipping type %d",
-				fname, lineno, ldns_rr_get_type(rr));
+			char buf[17];
+			sldns_wire2str_type_buf(sldns_wirerr_get_type(rr,
+				rr_len, dname_len), buf, sizeof(buf));
+			log_warn("root hints %s:%d skipping type %s",
+				fname, pstate.lineno, buf);
 		}
-
-		ldns_rr_free(rr);
 	}
-
-	if (origin)
-		ldns_rdf_deep_free(origin);
-	if (prev_rr)
-		ldns_rdf_deep_free(prev_rr);
 	fclose(f);
 	if(!dp->name) {
 		log_warn("root hints %s: no NS content", fname);
@@ -384,10 +387,6 @@ read_root_hints(struct iter_hints* hints, char* fname)
 	return 1;
 
 stop_read:
-	if (origin)
-		ldns_rdf_deep_free(origin);
-	if (prev_rr)
-		ldns_rdf_deep_free(prev_rr);
 	delegpt_free_mlc(dp);
 	fclose(f);
 	return 0;

iterator/iter_hints.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

iterator/iter_priv.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -41,7 +41,6 @@
  */
 
 #include "config.h"
-#include <ldns/dname.h>
 #include "iterator/iter_priv.h"
 #include "util/regional.h"
 #include "util/log.h"
@@ -50,6 +49,8 @@
 #include "util/data/msgparse.h"
 #include "util/net_help.h"
 #include "util/storage/dnstree.h"
+#include "ldns/str2wire.h"
+#include "ldns/sbuffer.h"
 
 struct iter_priv* priv_create(void)
 {
@@ -110,23 +111,21 @@ static int read_names(struct iter_priv* priv, struct config_file* cfg)
 	/* parse names, report errors, insert into tree */
 	struct config_strlist* p;
 	struct name_tree_node* n;
-	uint8_t* nm;
+	uint8_t* nm, *nmr;
 	size_t nm_len;
 	int nm_labs;
-	ldns_rdf* rdf;
 
 	for(p = cfg->private_domain; p; p = p->next) {
 		log_assert(p->str);
-		rdf = ldns_dname_new_frm_str(p->str);
-		if(!rdf) {
+		nm = sldns_str2wire_dname(p->str, &nm_len);
+		if(!nm) {
 			log_err("cannot parse private-domain: %s", p->str);
 			return 0;
 		}
-		nm = ldns_rdf_data(rdf);
 		nm_labs = dname_count_size_labels(nm, &nm_len);
-		nm = (uint8_t*)regional_alloc_init(priv->region, nm, nm_len);
-		ldns_rdf_deep_free(rdf);
-		if(!nm) {
+		nmr = (uint8_t*)regional_alloc_init(priv->region, nm, nm_len);
+		free(nm);
+		if(!nmr) {
 			log_err("out of memory");
 			return 0;
 		}
@@ -136,7 +135,7 @@ static int read_names(struct iter_priv* priv, struct config_file* cfg)
 			log_err("out of memory");
 			return 0;
 		}
-		if(!name_tree_insert(&priv->n, n, nm, nm_len, nm_labs,
+		if(!name_tree_insert(&priv->n, n, nmr, nm_len, nm_labs,
 			LDNS_RR_CLASS_IN)) {
 			verbose(VERB_QUERY, "ignoring duplicate "
 				"private-domain: %s", p->str);
@@ -188,7 +187,7 @@ priv_lookup_addr(struct iter_priv* priv, struct sockaddr_storage* addr,
  * @return: true if the name is OK. false if unlisted.
  */
 static int 
-priv_lookup_name(struct iter_priv* priv, ldns_buffer* pkt,
+priv_lookup_name(struct iter_priv* priv, sldns_buffer* pkt,
 	uint8_t* name, size_t name_len, uint16_t dclass)
 {
 	size_t len;
@@ -210,7 +209,7 @@ size_t priv_get_mem(struct iter_priv* priv)
 
 /** remove RR from msgparse RRset, return true if rrset is entirely bad */
 static int
-remove_rr(const char* str, ldns_buffer* pkt, struct rrset_parse* rrset,
+remove_rr(const char* str, sldns_buffer* pkt, struct rrset_parse* rrset,
 	struct rr_parse* prev, struct rr_parse** rr, struct sockaddr_storage* addr, socklen_t addrlen)
 {
 	if(verbosity >= VERB_QUERY && rrset->dname_len <= LDNS_MAX_DOMAINLEN && str) {
@@ -230,7 +229,7 @@ remove_rr(const char* str, ldns_buffer* pkt, struct rrset_parse* rrset,
 	return rrset->rr_count == 0;
 }
 
-int priv_rrset_bad(struct iter_priv* priv, ldns_buffer* pkt,
+int priv_rrset_bad(struct iter_priv* priv, sldns_buffer* pkt,
 	struct rrset_parse* rrset)
 {
 	if(priv->a.count == 0) 
@@ -253,7 +252,7 @@ int priv_rrset_bad(struct iter_priv* priv, ldns_buffer* pkt,
 			sa.sin_family = AF_INET;
 			sa.sin_port = (in_port_t)htons(UNBOUND_DNS_PORT);
 			for(rr = rrset->rr_first; rr; rr = rr->next) {
-				if(ldns_read_uint16(rr->ttl_data+4) 
+				if(sldns_read_uint16(rr->ttl_data+4) 
 					!= INET_SIZE) {
 					prev = rr;
 					continue;
@@ -276,7 +275,7 @@ int priv_rrset_bad(struct iter_priv* priv, ldns_buffer* pkt,
 			sa.sin6_family = AF_INET6;
 			sa.sin6_port = (in_port_t)htons(UNBOUND_DNS_PORT);
 			for(rr = rrset->rr_first; rr; rr = rr->next) {
-				if(ldns_read_uint16(rr->ttl_data+4) 
+				if(sldns_read_uint16(rr->ttl_data+4) 
 					!= INET6_SIZE) {
 					prev = rr;
 					continue;

iterator/iter_priv.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -43,7 +43,7 @@
 #ifndef ITERATOR_ITER_PRIV_H
 #define ITERATOR_ITER_PRIV_H
 #include "util/rbtree.h"
-#include <ldns/buffer.h>
+struct sldns_buffer;
 struct iter_env;
 struct config_file;
 struct regional;
@@ -99,7 +99,7 @@ int priv_apply_cfg(struct iter_priv* priv, struct config_file* cfg);
  * @param rrset: the rrset to examine, A or AAAA.
  * @return true if the rrset is bad and should be removed.
  */
-int priv_rrset_bad(struct iter_priv* priv, ldns_buffer* pkt, 
+int priv_rrset_bad(struct iter_priv* priv, struct sldns_buffer* pkt, 
 	struct rrset_parse* rrset);
 
 /**

iterator/iter_resptype.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -40,12 +40,13 @@
  * one of the response types.
  */
 #include "config.h"
-#include <ldns/packet.h>
 #include "iterator/iter_resptype.h"
 #include "iterator/iter_delegpt.h"
 #include "services/cache/dns.h"
 #include "util/net_help.h"
 #include "util/data/dname.h"
+#include "ldns/rrdef.h"
+#include "ldns/pkthdr.h"
 
 enum response_type 
 response_type_from_cache(struct dns_msg* msg, 

iterator/iter_resptype.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

iterator/iter_scrub.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -53,13 +53,14 @@
 #include "util/data/dname.h"
 #include "util/data/msgreply.h"
 #include "util/alloc.h"
+#include "ldns/sbuffer.h"
 
 /** RRset flag used during scrubbing. The RRset is OK. */
 #define RRSET_SCRUB_OK	0x80
 
 /** remove rrset, update loop variables */
 static void
-remove_rrset(const char* str, ldns_buffer* pkt, struct msg_parse* msg, 
+remove_rrset(const char* str, sldns_buffer* pkt, struct msg_parse* msg, 
 	struct rrset_parse* prev, struct rrset_parse** rrset)
 {
 	if(verbosity >= VERB_QUERY && str
@@ -108,7 +109,7 @@ has_additional(uint16_t t)
 /** get additional name from rrset RR, return false if no name present */
 static int
 get_additional_name(struct rrset_parse* rrset, struct rr_parse* rr, 
-	uint8_t** nm, size_t* nmlen, ldns_buffer* pkt) 
+	uint8_t** nm, size_t* nmlen, sldns_buffer* pkt) 
 {
 	size_t offset = 0;
 	size_t len, oldpos;
@@ -132,14 +133,14 @@ get_additional_name(struct rrset_parse* rrset, struct rr_parse* rr,
 		default:
 			return 0;
 	}
-	len = ldns_read_uint16(rr->ttl_data+sizeof(uint32_t));
+	len = sldns_read_uint16(rr->ttl_data+sizeof(uint32_t));
 	if(len < offset+1)
 		return 0; /* rdata field too small */
 	*nm = rr->ttl_data+sizeof(uint32_t)+sizeof(uint16_t)+offset;
-	oldpos = ldns_buffer_position(pkt);
-	ldns_buffer_set_position(pkt, (size_t)(*nm - ldns_buffer_begin(pkt)));
+	oldpos = sldns_buffer_position(pkt);
+	sldns_buffer_set_position(pkt, (size_t)(*nm - sldns_buffer_begin(pkt)));
 	*nmlen = pkt_dname_len(pkt);
-	ldns_buffer_set_position(pkt, oldpos);
+	sldns_buffer_set_position(pkt, oldpos);
 	if(*nmlen == 0)
 		return 0;
 	return 1;
@@ -147,7 +148,7 @@ get_additional_name(struct rrset_parse* rrset, struct rr_parse* rr,
 
 /** Place mark on rrsets in additional section they are OK */
 static void
-mark_additional_rrset(ldns_buffer* pkt, struct msg_parse* msg, 
+mark_additional_rrset(sldns_buffer* pkt, struct msg_parse* msg, 
 	struct rrset_parse* rrset)
 {
 	/* Mark A and AAAA for NS as appropriate additional section info. */
@@ -209,7 +210,7 @@ parse_get_cname_target(struct rrset_parse* rrset, uint8_t** sname,
 /** Synthesize CNAME from DNAME, false if too long */
 static int 
 synth_cname(uint8_t* qname, size_t qnamelen, struct rrset_parse* dname_rrset, 
-	uint8_t* alias, size_t* aliaslen, ldns_buffer* pkt)
+	uint8_t* alias, size_t* aliaslen, sldns_buffer* pkt)
 {
 	/* we already know that sname is a strict subdomain of DNAME owner */
 	uint8_t* dtarg = NULL;
@@ -233,7 +234,7 @@ static struct rrset_parse*
 synth_cname_rrset(uint8_t** sname, size_t* snamelen, uint8_t* alias, 
 	size_t aliaslen, struct regional* region, struct msg_parse* msg, 
 	struct rrset_parse* rrset, struct rrset_parse* prev,
-	struct rrset_parse* nx, ldns_buffer* pkt)
+	struct rrset_parse* nx, sldns_buffer* pkt)
 {
 	struct rrset_parse* cn = (struct rrset_parse*)regional_alloc(region,
 		sizeof(struct rrset_parse));
@@ -264,8 +265,8 @@ synth_cname_rrset(uint8_t** sname, size_t* snamelen, uint8_t* alias,
 		sizeof(uint32_t)+sizeof(uint16_t)+aliaslen);
 	if(!cn->rr_first->ttl_data)
 		return NULL;
-	ldns_write_uint32(cn->rr_first->ttl_data, 0); /* TTL = 0 */
-	ldns_write_uint16(cn->rr_first->ttl_data+4, aliaslen);
+	sldns_write_uint32(cn->rr_first->ttl_data, 0); /* TTL = 0 */
+	sldns_write_uint16(cn->rr_first->ttl_data+4, aliaslen);
 	memmove(cn->rr_first->ttl_data+6, alias, aliaslen);
 	cn->rr_first->size = sizeof(uint16_t)+aliaslen;
 
@@ -287,7 +288,7 @@ synth_cname_rrset(uint8_t** sname, size_t* snamelen, uint8_t* alias,
 
 /** check if DNAME applies to a name */
 static int
-pkt_strict_sub(ldns_buffer* pkt, uint8_t* sname, uint8_t* dr)
+pkt_strict_sub(sldns_buffer* pkt, uint8_t* sname, uint8_t* dr)
 {
 	uint8_t buf1[LDNS_MAX_DOMAINLEN+1];
 	uint8_t buf2[LDNS_MAX_DOMAINLEN+1];
@@ -299,7 +300,7 @@ pkt_strict_sub(ldns_buffer* pkt, uint8_t* sname, uint8_t* dr)
 
 /** check subdomain with decompression */
 static int
-pkt_sub(ldns_buffer* pkt, uint8_t* comprname, uint8_t* zone)
+pkt_sub(sldns_buffer* pkt, uint8_t* comprname, uint8_t* zone)
 {
 	uint8_t buf[LDNS_MAX_DOMAINLEN+1];
 	dname_pkt_copy(pkt, buf, comprname);
@@ -308,7 +309,7 @@ pkt_sub(ldns_buffer* pkt, uint8_t* comprname, uint8_t* zone)
 
 /** check subdomain with decompression, compressed is parent */
 static int
-sub_of_pkt(ldns_buffer* pkt, uint8_t* zone, uint8_t* comprname)
+sub_of_pkt(sldns_buffer* pkt, uint8_t* zone, uint8_t* comprname)
 {
 	uint8_t buf[LDNS_MAX_DOMAINLEN+1];
 	dname_pkt_copy(pkt, buf, comprname);
@@ -327,7 +328,7 @@ sub_of_pkt(ldns_buffer* pkt, uint8_t* zone, uint8_t* comprname)
  * @return 0 on error.
  */
 static int
-scrub_normalize(ldns_buffer* pkt, struct msg_parse* msg, 
+scrub_normalize(sldns_buffer* pkt, struct msg_parse* msg, 
 	struct query_info* qinfo, struct regional* region)
 {
 	uint8_t* sname = qinfo->qname;
@@ -514,7 +515,7 @@ scrub_normalize(ldns_buffer* pkt, struct msg_parse* msg,
  * @param rrset: to store.
  */
 static void
-store_rrset(ldns_buffer* pkt, struct msg_parse* msg, struct module_env* env,
+store_rrset(sldns_buffer* pkt, struct msg_parse* msg, struct module_env* env,
 	struct rrset_parse* rrset)
 {
 	struct ub_packed_rrset_key* k;
@@ -565,7 +566,7 @@ static int sanitize_nsec_is_overreach(struct rrset_parse* rrset,
 	log_assert(rrset->type == LDNS_RR_TYPE_NSEC);
 	for(rr = rrset->rr_first; rr; rr = rr->next) {
 		rhs = rr->ttl_data+4+2;
-		len = ldns_read_uint16(rr->ttl_data+4);
+		len = sldns_read_uint16(rr->ttl_data+4);
 		if(!dname_valid(rhs, len)) {
 			/* malformed domain name in rdata */
 			return 1;
@@ -594,7 +595,7 @@ static int sanitize_nsec_is_overreach(struct rrset_parse* rrset,
  * @return 0 on error.
  */
 static int
-scrub_sanitize(ldns_buffer* pkt, struct msg_parse* msg, 
+scrub_sanitize(sldns_buffer* pkt, struct msg_parse* msg, 
 	struct query_info* qinfo, uint8_t* zonename, struct module_env* env,
 	struct iter_env* ie)
 {
@@ -713,7 +714,7 @@ scrub_sanitize(ldns_buffer* pkt, struct msg_parse* msg,
 }
 
 int 
-scrub_message(ldns_buffer* pkt, struct msg_parse* msg, 
+scrub_message(sldns_buffer* pkt, struct msg_parse* msg, 
 	struct query_info* qinfo, uint8_t* zonename, struct regional* region,
 	struct module_env* env, struct iter_env* ie)
 {

iterator/iter_scrub.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -42,7 +42,7 @@
 
 #ifndef ITERATOR_ITER_SCRUB_H
 #define ITERATOR_ITER_SCRUB_H
-#include <ldns/buffer.h>
+struct sldns_buffer;
 struct msg_parse;
 struct query_info;
 struct regional;
@@ -62,7 +62,7 @@ struct iter_env;
  * @param ie: iterator module environment data.
  * @return: false if the message is total waste. true if scrubbed with success.
  */
-int scrub_message(ldns_buffer* pkt, struct msg_parse* msg, 
+int scrub_message(struct sldns_buffer* pkt, struct msg_parse* msg, 
 	struct query_info* qinfo, uint8_t* zonename, struct regional* regional,
 	struct module_env* env, struct iter_env* ie);
 

iterator/iter_utils.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -63,6 +63,8 @@
 #include "validator/val_kcache.h"
 #include "validator/val_kentry.h"
 #include "validator/val_utils.h"
+#include "validator/val_sigcrypt.h"
+#include "ldns/sbuffer.h"
 
 /** time when nameserver glue is said to be 'recent' */
 #define SUSPICION_RECENT_EXPIRY 86400
@@ -389,7 +391,7 @@ iter_server_selection(struct iter_env* iter_env,
 }
 
 struct dns_msg* 
-dns_alloc_msg(ldns_buffer* pkt, struct msg_parse* msg, 
+dns_alloc_msg(sldns_buffer* pkt, struct msg_parse* msg, 
 	struct regional* region)
 {
 	struct dns_msg* m = (struct dns_msg*)regional_alloc(region,
@@ -682,7 +684,7 @@ rrset_equal(struct ub_packed_rrset_key* k1, struct ub_packed_rrset_key* k2)
 }
 
 int 
-reply_equal(struct reply_info* p, struct reply_info* q, ldns_buffer* scratch)
+reply_equal(struct reply_info* p, struct reply_info* q, struct regional* region)
 {
 	size_t i;
 	if(p->flags != q->flags ||
@@ -697,27 +699,12 @@ reply_equal(struct reply_info* p, struct reply_info* q, ldns_buffer* scratch)
 		return 0;
 	for(i=0; i<p->rrset_count; i++) {
 		if(!rrset_equal(p->rrsets[i], q->rrsets[i])) {
-			/* fallback procedure: try to sort and canonicalize */
-			ldns_rr_list* pl, *ql;
-			pl = packed_rrset_to_rr_list(p->rrsets[i], scratch);
-			ql = packed_rrset_to_rr_list(q->rrsets[i], scratch);
-			if(!pl || !ql) {
-				ldns_rr_list_deep_free(pl);
-				ldns_rr_list_deep_free(ql);
+			if(!rrset_canonical_equal(region, p->rrsets[i],
+				q->rrsets[i])) {
+				regional_free_all(region);
 				return 0;
 			}
-			ldns_rr_list2canonical(pl);
-			ldns_rr_list2canonical(ql);
-			ldns_rr_list_sort(pl);
-			ldns_rr_list_sort(ql);
-			if(ldns_rr_list_compare(pl, ql) != 0) {
-				ldns_rr_list_deep_free(pl);
-				ldns_rr_list_deep_free(ql);
-				return 0;
-			}
-			ldns_rr_list_deep_free(pl);
-			ldns_rr_list_deep_free(ql);
-			continue;
+			regional_free_all(region);
 		}
 	}
 	return 1;
@@ -817,7 +804,7 @@ void iter_store_parentside_neg(struct module_env* env,
 	newd->rr_len[0] = 0 /* zero len rdata */ + sizeof(uint16_t);
 	packed_rrset_ptr_fixup(newd);
 	newd->rr_ttl[0] = newd->ttl;
-	ldns_write_uint16(newd->rr_data[0], 0 /* zero len rdata */);
+	sldns_write_uint16(newd->rr_data[0], 0 /* zero len rdata */);
 	/* store it */
 	log_rrset_key(VERB_ALGO, "store parent-side negative", neg);
 	iter_store_parentside_rrset(env, neg);

iterator/iter_utils.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -43,7 +43,7 @@
 #ifndef ITERATOR_ITER_UTILS_H
 #define ITERATOR_ITER_UTILS_H
 #include "iterator/iter_resptype.h"
-#include <ldns/buffer.h>
+struct sldns_buffer;
 struct iter_env;
 struct iter_hints;
 struct iter_forwards;
@@ -102,7 +102,7 @@ struct delegpt_addr* iter_server_selection(struct iter_env* iter_env,
  * @param regional: regional to use for allocation.
  * @return newly allocated dns_msg, or NULL on memory error.
  */
-struct dns_msg* dns_alloc_msg(ldns_buffer* pkt, struct msg_parse* msg, 
+struct dns_msg* dns_alloc_msg(struct sldns_buffer* pkt, struct msg_parse* msg, 
 	struct regional* regional);
 
 /**
@@ -216,10 +216,10 @@ int iter_msg_from_zone(struct dns_msg* msg, struct delegpt* dp,
  * @param p: reply one. The reply has rrset data pointers in region.
  * 	Does not check rrset-IDs
  * @param q: reply two
- * @param buf: scratch buffer.
+ * @param region: scratch buffer.
  * @return if one and two are equal.
  */
-int reply_equal(struct reply_info* p, struct reply_info* q, ldns_buffer* buf);
+int reply_equal(struct reply_info* p, struct reply_info* q, struct regional* region);
 
 /**
  * Store parent-side rrset in seperate rrset cache entries for later 

iterator/iterator.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -41,7 +41,6 @@
  */
 
 #include "config.h"
-#include <ldns/ldns.h>
 #include "iterator/iterator.h"
 #include "iterator/iter_utils.h"
 #include "iterator/iter_hints.h"
@@ -62,6 +61,10 @@
 #include "util/data/msgencode.h"
 #include "util/fptr_wlist.h"
 #include "util/config_file.h"
+#include "ldns/rrdef.h"
+#include "ldns/wire2str.h"
+#include "ldns/parseutil.h"
+#include "ldns/sbuffer.h"
 
 int 
 iter_init(struct module_env* env, int id)
@@ -228,8 +231,8 @@ static int
 error_response(struct module_qstate* qstate, int id, int rcode)
 {
 	verbose(VERB_QUERY, "return error response %s", 
-		ldns_lookup_by_id(ldns_rcodes, rcode)?
-		ldns_lookup_by_id(ldns_rcodes, rcode)->name:"??");
+		sldns_lookup_by_id(sldns_rcodes, rcode)?
+		sldns_lookup_by_id(sldns_rcodes, rcode)->name:"??");
 	qstate->return_rcode = rcode;
 	qstate->return_msg = NULL;
 	qstate->ext_state[id] = module_finished;
@@ -540,8 +543,8 @@ prime_root(struct module_qstate* qstate, struct iter_qstate* iq, int id,
 	struct delegpt* dp;
 	struct module_qstate* subq;
 	verbose(VERB_DETAIL, "priming . %s NS", 
-		ldns_lookup_by_id(ldns_rr_classes, (int)qclass)?
-		ldns_lookup_by_id(ldns_rr_classes, (int)qclass)->name:"??");
+		sldns_lookup_by_id(sldns_rr_classes, (int)qclass)?
+		sldns_lookup_by_id(sldns_rr_classes, (int)qclass)->name:"??");
 	dp = hints_lookup_root(qstate->env->hints, qclass);
 	if(!dp) {
 		verbose(VERB_ALGO, "Cannot prime due to lack of hints");
@@ -1212,7 +1215,7 @@ processInitRequest3(struct module_qstate* qstate, struct iter_qstate* iq,
 	 * cached referral as the response. */
 	if(!(qstate->query_flags & BIT_RD)) {
 		iq->response = iq->deleg_msg;
-		if(verbosity >= VERB_ALGO)
+		if(verbosity >= VERB_ALGO && iq->response)
 			log_dns_msg("no RD requested, using delegation msg", 
 				&iq->response->qinfo, iq->response->rep);
 		if(qstate->reply_origin)
@@ -2748,7 +2751,7 @@ process_response(struct module_qstate* qstate, struct iter_qstate* iq,
 {
 	struct msg_parse* prs;
 	struct edns_data edns;
-	ldns_buffer* pkt;
+	sldns_buffer* pkt;
 
 	verbose(VERB_ALGO, "process_response: new external response event");
 	iq->response = NULL;
@@ -2775,7 +2778,7 @@ process_response(struct module_qstate* qstate, struct iter_qstate* iq,
 	memset(prs, 0, sizeof(*prs));
 	memset(&edns, 0, sizeof(edns));
 	pkt = qstate->reply->c->buffer;
-	ldns_buffer_set_position(pkt, 0);
+	sldns_buffer_set_position(pkt, 0);
 	if(parse_packet(pkt, prs, qstate->env->scratch) != LDNS_RCODE_NOERROR) {
 		verbose(VERB_ALGO, "parse error on reply packet");
 		goto handle_it;
@@ -2815,7 +2818,7 @@ process_response(struct module_qstate* qstate, struct iter_qstate* iq,
 		} else {
 			/* check if reply is the same, otherwise, fail */
 			if(!reply_equal(iq->response->rep, iq->caps_reply,
-				qstate->env->scratch_buffer)) {
+				qstate->env->scratch)) {
 				verbose(VERB_DETAIL, "Capsforid fallback: "
 					"getting different replies, failed");
 				outbound_list_remove(&iq->outlist, outbound);

iterator/iterator.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

ldns/keyraw.c

@@ -0,0 +1,368 @@
+/*
+ * keyraw.c - raw key operations and conversions
+ *
+ * (c) NLnet Labs, 2004-2008
+ *
+ * See the file LICENSE for the license
+ */
+/**
+ * \file
+ * Implementation of raw DNSKEY functions (work on wire rdata).
+ */
+
+#include "config.h"
+#include "ldns/keyraw.h"
+#include "ldns/rrdef.h"
+
+#ifdef HAVE_SSL
+#include <openssl/ssl.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <openssl/err.h>
+#include <openssl/md5.h>
+#ifdef HAVE_OPENSSL_ENGINE_H
+#  include <openssl/engine.h>
+#endif
+#endif /* HAVE_SSL */
+
+size_t
+sldns_rr_dnskey_key_size_raw(const unsigned char* keydata,
+	const size_t len, int alg)
+{
+	/* for DSA keys */
+	uint8_t t;
+	
+	/* for RSA keys */
+	uint16_t exp;
+	uint16_t int16;
+	
+	switch ((sldns_algorithm)alg) {
+	case LDNS_DSA:
+	case LDNS_DSA_NSEC3:
+		if (len > 0) {
+			t = keydata[0];
+			return (64 + t*8)*8;
+		} else {
+			return 0;
+		}
+		break;
+	case LDNS_RSAMD5:
+	case LDNS_RSASHA1:
+	case LDNS_RSASHA1_NSEC3:
+#ifdef USE_SHA2
+	case LDNS_RSASHA256:
+	case LDNS_RSASHA512:
+#endif
+		if (len > 0) {
+			if (keydata[0] == 0) {
+				/* big exponent */
+				if (len > 3) {
+					memmove(&int16, keydata + 1, 2);
+					exp = ntohs(int16);
+					return (len - exp - 3)*8;
+				} else {
+					return 0;
+				}
+			} else {
+				exp = keydata[0];
+				return (len-exp-1)*8;
+			}
+		} else {
+			return 0;
+		}
+		break;
+#ifdef USE_GOST
+	case LDNS_ECC_GOST:
+		return 512;
+#endif
+#ifdef USE_ECDSA
+        case LDNS_ECDSAP256SHA256:
+                return 256;
+        case LDNS_ECDSAP384SHA384:
+                return 384;
+#endif
+	default:
+		return 0;
+	}
+}
+
+uint16_t sldns_calc_keytag_raw(uint8_t* key, size_t keysize)
+{
+	if(keysize < 4) {
+		return 0;
+	}
+	/* look at the algorithm field, copied from 2535bis */
+	if (key[3] == LDNS_RSAMD5) {
+		uint16_t ac16 = 0;
+		if (keysize > 4) {
+			memmove(&ac16, key + keysize - 3, 2);
+		}
+		ac16 = ntohs(ac16);
+		return (uint16_t) ac16;
+	} else {
+		size_t i;
+		uint32_t ac32 = 0;
+		for (i = 0; i < keysize; ++i) {
+			ac32 += (i & 1) ? key[i] : key[i] << 8;
+		}
+		ac32 += (ac32 >> 16) & 0xFFFF;
+		return (uint16_t) (ac32 & 0xFFFF);
+	}
+}
+
+#ifdef HAVE_SSL
+#ifdef USE_GOST
+/** store GOST engine reference loaded into OpenSSL library */
+ENGINE* sldns_gost_engine = NULL;
+
+int
+sldns_key_EVP_load_gost_id(void)
+{
+	static int gost_id = 0;
+	const EVP_PKEY_ASN1_METHOD* meth;
+	ENGINE* e;
+
+	if(gost_id) return gost_id;
+
+	/* see if configuration loaded gost implementation from other engine*/
+	meth = EVP_PKEY_asn1_find_str(NULL, "gost2001", -1);
+	if(meth) {
+		EVP_PKEY_asn1_get0_info(&gost_id, NULL, NULL, NULL, NULL, meth);
+		return gost_id;
+	}
+
+	/* see if engine can be loaded already */
+	e = ENGINE_by_id("gost");
+	if(!e) {
+		/* load it ourself, in case statically linked */
+		ENGINE_load_builtin_engines();
+		ENGINE_load_dynamic();
+		e = ENGINE_by_id("gost");
+	}
+	if(!e) {
+		/* no gost engine in openssl */
+		return 0;
+	}
+	if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
+		ENGINE_finish(e);
+		ENGINE_free(e);
+		return 0;
+	}
+
+	meth = EVP_PKEY_asn1_find_str(&e, "gost2001", -1);
+	if(!meth) {
+		/* algo not found */
+		ENGINE_finish(e);
+		ENGINE_free(e);
+		return 0;
+	}
+        /* Note: do not ENGINE_finish and ENGINE_free the acquired engine
+         * on some platforms this frees up the meth and unloads gost stuff */
+        sldns_gost_engine = e;
+	
+	EVP_PKEY_asn1_get0_info(&gost_id, NULL, NULL, NULL, NULL, meth);
+	return gost_id;
+} 
+
+void sldns_key_EVP_unload_gost(void)
+{
+        if(sldns_gost_engine) {
+                ENGINE_finish(sldns_gost_engine);
+                ENGINE_free(sldns_gost_engine);
+                sldns_gost_engine = NULL;
+        }
+}
+#endif /* USE_GOST */
+
+DSA *
+sldns_key_buf2dsa_raw(unsigned char* key, size_t len)
+{
+	uint8_t T;
+	uint16_t length;
+	uint16_t offset;
+	DSA *dsa;
+	BIGNUM *Q; BIGNUM *P;
+	BIGNUM *G; BIGNUM *Y;
+
+	if(len == 0)
+		return NULL;
+	T = (uint8_t)key[0];
+	length = (64 + T * 8);
+	offset = 1;
+
+	if (T > 8) {
+		return NULL;
+	}
+	if(len < (size_t)1 + SHA_DIGEST_LENGTH + 3*length)
+		return NULL;
+
+	Q = BN_bin2bn(key+offset, SHA_DIGEST_LENGTH, NULL);
+	offset += SHA_DIGEST_LENGTH;
+
+	P = BN_bin2bn(key+offset, (int)length, NULL);
+	offset += length;
+
+	G = BN_bin2bn(key+offset, (int)length, NULL);
+	offset += length;
+
+	Y = BN_bin2bn(key+offset, (int)length, NULL);
+	offset += length;
+
+	/* create the key and set its properties */
+	if(!Q || !P || !G || !Y || !(dsa = DSA_new())) {
+		BN_free(Q);
+		BN_free(P);
+		BN_free(G);
+		BN_free(Y);
+		return NULL;
+	}
+#ifndef S_SPLINT_S
+	dsa->p = P;
+	dsa->q = Q;
+	dsa->g = G;
+	dsa->pub_key = Y;
+#endif /* splint */
+
+	return dsa;
+}
+
+RSA *
+sldns_key_buf2rsa_raw(unsigned char* key, size_t len)
+{
+	uint16_t offset;
+	uint16_t exp;
+	uint16_t int16;
+	RSA *rsa;
+	BIGNUM *modulus;
+	BIGNUM *exponent;
+
+	if (len == 0)
+		return NULL;
+	if (key[0] == 0) {
+		if(len < 3)
+			return NULL;
+		memmove(&int16, key+1, 2);
+		exp = ntohs(int16);
+		offset = 3;
+	} else {
+		exp = key[0];
+		offset = 1;
+	}
+
+	/* key length at least one */
+	if(len < (size_t)offset + exp + 1)
+		return NULL;
+
+	/* Exponent */
+	exponent = BN_new();
+	if(!exponent) return NULL;
+	(void) BN_bin2bn(key+offset, (int)exp, exponent);
+	offset += exp;
+
+	/* Modulus */
+	modulus = BN_new();
+	if(!modulus) {
+		BN_free(exponent);
+		return NULL;
+	}
+	/* length of the buffer must match the key length! */
+	(void) BN_bin2bn(key+offset, (int)(len - offset), modulus);
+
+	rsa = RSA_new();
+	if(!rsa) {
+		BN_free(exponent);
+		BN_free(modulus);
+		return NULL;
+	}
+#ifndef S_SPLINT_S
+	rsa->n = modulus;
+	rsa->e = exponent;
+#endif /* splint */
+
+	return rsa;
+}
+
+#ifdef USE_GOST
+EVP_PKEY*
+sldns_gost2pkey_raw(unsigned char* key, size_t keylen)
+{
+	/* prefix header for X509 encoding */
+	uint8_t asn[37] = { 0x30, 0x63, 0x30, 0x1c, 0x06, 0x06, 0x2a, 0x85, 
+		0x03, 0x02, 0x02, 0x13, 0x30, 0x12, 0x06, 0x07, 0x2a, 0x85, 
+		0x03, 0x02, 0x02, 0x23, 0x01, 0x06, 0x07, 0x2a, 0x85, 0x03, 
+		0x02, 0x02, 0x1e, 0x01, 0x03, 0x43, 0x00, 0x04, 0x40};
+	unsigned char encoded[37+64];
+	const unsigned char* pp;
+	if(keylen != 64) {
+		/* key wrong size */
+		return NULL;
+	}
+
+	/* create evp_key */
+	memmove(encoded, asn, 37);
+	memmove(encoded+37, key, 64);
+	pp = (unsigned char*)&encoded[0];
+
+	return d2i_PUBKEY(NULL, &pp, (int)sizeof(encoded));
+}
+#endif /* USE_GOST */
+
+#ifdef USE_ECDSA
+EVP_PKEY*
+sldns_ecdsa2pkey_raw(unsigned char* key, size_t keylen, uint8_t algo)
+{
+	unsigned char buf[256+2]; /* sufficient for 2*384/8+1 */
+        const unsigned char* pp = buf;
+        EVP_PKEY *evp_key;
+        EC_KEY *ec;
+	/* check length, which uncompressed must be 2 bignums */
+        if(algo == LDNS_ECDSAP256SHA256) {
+		if(keylen != 2*256/8) return NULL;
+                ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+        } else if(algo == LDNS_ECDSAP384SHA384) {
+		if(keylen != 2*384/8) return NULL;
+                ec = EC_KEY_new_by_curve_name(NID_secp384r1);
+        } else    ec = NULL;
+        if(!ec) return NULL;
+	if(keylen+1 > sizeof(buf))
+		return NULL; /* sanity check */
+	/* prepend the 0x02 (from docs) (or actually 0x04 from implementation
+	 * of openssl) for uncompressed data */
+	buf[0] = POINT_CONVERSION_UNCOMPRESSED;
+	memmove(buf+1, key, keylen);
+        if(!o2i_ECPublicKey(&ec, &pp, (int)keylen+1)) {
+                EC_KEY_free(ec);
+                return NULL;
+        }
+        evp_key = EVP_PKEY_new();
+        if(!evp_key) {
+                EC_KEY_free(ec);
+                return NULL;
+        }
+        if (!EVP_PKEY_assign_EC_KEY(evp_key, ec)) {
+		EVP_PKEY_free(evp_key);
+		EC_KEY_free(ec);
+		return NULL;
+	}
+        return evp_key;
+}
+#endif /* USE_ECDSA */
+
+int
+sldns_digest_evp(unsigned char* data, unsigned int len, unsigned char* dest,
+	const EVP_MD* md)
+{
+	EVP_MD_CTX* ctx;
+	ctx = EVP_MD_CTX_create();
+	if(!ctx)
+		return 0;
+	if(!EVP_DigestInit_ex(ctx, md, NULL) ||
+		!EVP_DigestUpdate(ctx, data, len) ||
+		!EVP_DigestFinal_ex(ctx, dest, NULL)) {
+		EVP_MD_CTX_destroy(ctx);
+		return 0;
+	}
+	EVP_MD_CTX_destroy(ctx);
+	return 1;
+}
+#endif /* HAVE_SSL */

ldns/keyraw.h

@@ -0,0 +1,112 @@
+/*
+ * keyraw.h -- raw key and signature access and conversion
+ *
+ * Copyright (c) 2005-2008, NLnet Labs. All rights reserved.
+ *
+ * See LICENSE for the license.
+ *
+ */
+
+/**
+ * \file
+ *
+ * raw key and signature access and conversion
+ *
+ * Since those functions heavily rely op cryptographic operations,
+ * this module is dependent on openssl.
+ * 
+ */
+ 
+#ifndef LDNS_KEYRAW_H
+#define LDNS_KEYRAW_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+#if LDNS_BUILD_CONFIG_HAVE_SSL
+#  include <openssl/ssl.h>
+#  include <openssl/evp.h>
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
+
+/**
+ * get the length of the keydata in bits
+ * \param[in] keydata the raw key data
+ * \param[in] len the length of the keydata
+ * \param[in] alg the cryptographic algorithm this is a key for
+ * \return the keysize in bits, or 0 on error
+ */
+size_t sldns_rr_dnskey_key_size_raw(const unsigned char *keydata,
+	const size_t len, int alg);
+
+/**
+ * Calculates keytag of DNSSEC key, operates on wireformat rdata.
+ * \param[in] key the key as uncompressed wireformat rdata.
+ * \param[in] keysize length of key data.
+ * \return the keytag
+ */
+uint16_t sldns_calc_keytag_raw(uint8_t* key, size_t keysize);
+
+#if LDNS_BUILD_CONFIG_HAVE_SSL
+/** 
+ * Get the PKEY id for GOST, loads GOST into openssl as a side effect.
+ * Only available if GOST is compiled into the library and openssl.
+ * \return the gost id for EVP_CTX creation.
+ */
+int sldns_key_EVP_load_gost_id(void);
+
+/** Release the engine reference held for the GOST engine. */
+void sldns_key_EVP_unload_gost(void);
+
+/**
+ * Like sldns_key_buf2dsa, but uses raw buffer.
+ * \param[in] key the uncompressed wireformat of the key.
+ * \param[in] len length of key data
+ * \return a DSA * structure with the key material
+ */
+DSA *sldns_key_buf2dsa_raw(unsigned char* key, size_t len);
+
+/**
+ * Converts a holding buffer with key material to EVP PKEY in openssl.
+ * Only available if ldns was compiled with GOST.
+ * \param[in] key data to convert
+ * \param[in] keylen length of the key data
+ * \return the key or NULL on error.
+ */
+EVP_PKEY* sldns_gost2pkey_raw(unsigned char* key, size_t keylen);
+
+/**
+ * Converts a holding buffer with key material to EVP PKEY in openssl.
+ * Only available if ldns was compiled with ECDSA.
+ * \param[in] key data to convert
+ * \param[in] keylen length of the key data
+ * \param[in] algo precise algorithm to initialize ECC group values.
+ * \return the key or NULL on error.
+ */
+EVP_PKEY* sldns_ecdsa2pkey_raw(unsigned char* key, size_t keylen, uint8_t algo);
+
+/**
+ * Like sldns_key_buf2rsa, but uses raw buffer.
+ * \param[in] key the uncompressed wireformat of the key.
+ * \param[in] len length of key data
+ * \return a RSA * structure with the key material
+ */
+RSA *sldns_key_buf2rsa_raw(unsigned char* key, size_t len);
+
+/**
+ * Utility function to calculate hash using generic EVP_MD pointer.
+ * \param[in] data the data to hash.
+ * \param[in] len  length of data.
+ * \param[out] dest the destination of the hash, must be large enough.
+ * \param[in] md the message digest to use.
+ * \return true if worked, false on failure.
+ */
+int sldns_digest_evp(unsigned char* data, unsigned int len, 
+	unsigned char* dest, const EVP_MD* md);
+
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* LDNS_KEYRAW_H */

ldns/parse.c

@@ -0,0 +1,459 @@
+/*
+ * a generic (simple) parser. Use to parse rr's, private key
+ * information and /etc/resolv.conf files
+ *
+ * a Net::DNS like library for C
+ * LibDNS Team @ NLnet Labs
+ * (c) NLnet Labs, 2005-2006
+ * See the file LICENSE for the license
+ */
+#include "config.h"
+#include "ldns/parse.h"
+#include "ldns/parseutil.h"
+#include "ldns/sbuffer.h"
+
+#include <limits.h>
+#include <strings.h>
+
+sldns_lookup_table sldns_directive_types[] = {
+        { LDNS_DIR_TTL, "$TTL" },
+        { LDNS_DIR_ORIGIN, "$ORIGIN" },
+        { LDNS_DIR_INCLUDE, "$INCLUDE" },
+        { 0, NULL }
+};
+
+/* add max_limit here? */
+ssize_t
+sldns_fget_token(FILE *f, char *token, const char *delim, size_t limit)
+{
+	return sldns_fget_token_l(f, token, delim, limit, NULL);
+}
+
+ssize_t
+sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *line_nr)
+{
+	int c, prev_c;
+	int p; /* 0 -> no parenthese seen, >0 nr of ( seen */
+	int com, quoted;
+	char *t;
+	size_t i;
+	const char *d;
+	const char *del;
+
+	/* standard delimeters */
+	if (!delim) {
+		/* from isspace(3) */
+		del = LDNS_PARSE_NORMAL;
+	} else {
+		del = delim;
+	}
+
+	p = 0;
+	i = 0;
+	com = 0;
+	quoted = 0;
+	prev_c = 0;
+	t = token;
+	if (del[0] == '"') {
+		quoted = 1;
+	}
+	while ((c = getc(f)) != EOF) {
+		if (c == '\r') /* carriage return */
+			c = ' ';
+		if (c == '(' && prev_c != '\\' && !quoted) {
+			/* this only counts for non-comments */
+			if (com == 0) {
+				p++;
+			}
+			prev_c = c;
+			continue;
+		}
+
+		if (c == ')' && prev_c != '\\' && !quoted) {
+			/* this only counts for non-comments */
+			if (com == 0) {
+				p--;
+			}
+			prev_c = c;
+			continue;
+		}
+
+		if (p < 0) {
+			/* more ) then ( - close off the string */
+			*t = '\0';
+			return 0;
+		}
+
+		/* do something with comments ; */
+		if (c == ';' && quoted == 0) {
+			if (prev_c != '\\') {
+				com = 1;
+			}
+		}
+		if (c == '\"' && com == 0 && prev_c != '\\') {
+			quoted = 1 - quoted;
+		}
+
+		if (c == '\n' && com != 0) {
+			/* comments */
+			com = 0;
+			*t = ' ';
+			if (line_nr) {
+				*line_nr = *line_nr + 1;
+			}
+			if (p == 0 && i > 0) {
+				goto tokenread;
+			} else {
+				prev_c = c;
+				continue;
+			}
+		}
+
+		if (com == 1) {
+			*t = ' ';
+			prev_c = c;
+			continue;
+		}
+
+		if (c == '\n' && p != 0 && t > token) {
+			/* in parentheses */
+			if (line_nr) {
+				*line_nr = *line_nr + 1;
+			}
+			*t++ = ' ';
+			prev_c = c;
+			continue;
+		}
+
+		/* check if we hit the delim */
+		for (d = del; *d; d++) {
+			if (c == *d && i > 0 && prev_c != '\\' && p == 0) {
+				if (c == '\n' && line_nr) {
+					*line_nr = *line_nr + 1;
+				}
+				goto tokenread;
+			}
+		}
+		if (c != '\0' && c != '\n') {
+			i++;
+		}
+		if (limit > 0 && (i >= limit || (size_t)(t-token) >= limit)) {
+			*t = '\0';
+			return -1;
+		}
+		if (c != '\0' && c != '\n') {
+			*t++ = c;
+		}
+		if (c == '\\' && prev_c == '\\')
+			prev_c = 0;
+		else	prev_c = c;
+	}
+	*t = '\0';
+	if (c == EOF) {
+		return (ssize_t)i;
+	}
+
+	if (i == 0) {
+		/* nothing read */
+		return -1;
+	}
+	if (p != 0) {
+		return -1;
+	}
+	return (ssize_t)i;
+
+tokenread:
+	if(*del == '"')
+		/* do not skip over quotes after the string, they are part
+		 * of the next string.  But skip over whitespace (if needed)*/
+		sldns_fskipcs_l(f, del+1, line_nr);
+	else	sldns_fskipcs_l(f, del, line_nr);
+	*t = '\0';
+	if (p != 0) {
+		return -1;
+	}
+
+	return (ssize_t)i;
+}
+
+ssize_t
+sldns_fget_keyword_data(FILE *f, const char *keyword, const char *k_del, char *data,
+               const char *d_del, size_t data_limit)
+{
+       return sldns_fget_keyword_data_l(f, keyword, k_del, data, d_del,
+		       data_limit, NULL);
+}
+
+ssize_t
+sldns_fget_keyword_data_l(FILE *f, const char *keyword, const char *k_del, char *data,
+               const char *d_del, size_t data_limit, int *line_nr)
+{
+       /* we assume: keyword|sep|data */
+       char *fkeyword;
+       ssize_t i;
+
+       if(strlen(keyword) >= LDNS_MAX_KEYWORDLEN)
+               return -1;
+       fkeyword = (char*)malloc(LDNS_MAX_KEYWORDLEN);
+       if(!fkeyword)
+               return -1;
+
+       i = sldns_fget_token(f, fkeyword, k_del, LDNS_MAX_KEYWORDLEN);
+       if(i==0 || i==-1) {
+               free(fkeyword);
+               return -1;
+       }
+
+       /* case??? i instead of strlen? */
+       if (strncmp(fkeyword, keyword, LDNS_MAX_KEYWORDLEN - 1) == 0) {
+               /* whee! */
+               /* printf("%s\n%s\n", "Matching keyword", fkeyword); */
+               i = sldns_fget_token_l(f, data, d_del, data_limit, line_nr);
+               free(fkeyword);
+               return i;
+       } else {
+               /*printf("no match for %s (read: %s)\n", keyword, fkeyword);*/
+               free(fkeyword);
+               return -1;
+       }
+}
+
+ssize_t
+sldns_bget_token(sldns_buffer *b, char *token, const char *delim, size_t limit)
+{
+	return sldns_bget_token_par(b, token, delim, limit, NULL, NULL);
+}
+
+ssize_t
+sldns_bget_token_par(sldns_buffer *b, char *token, const char *delim,
+	size_t limit, int* par, const char* skipw)
+{
+	int c, lc;
+	int p; /* 0 -> no parenthese seen, >0 nr of ( seen */
+	int com, quoted;
+	char *t;
+	size_t i;
+	const char *d;
+	const char *del;
+
+	/* standard delimiters */
+	if (!delim) {
+		/* from isspace(3) */
+		del = LDNS_PARSE_NORMAL;
+	} else {
+		del = delim;
+	}
+
+	p = (par?*par:0);
+	i = 0;
+	com = 0;
+	quoted = 0;
+	t = token;
+	lc = 0;
+	if (del[0] == '"') {
+		quoted = 1;
+	}
+
+	while ((c = sldns_bgetc(b)) != EOF) {
+		if (c == '\r') /* carriage return */
+			c = ' ';
+		if (c == '(' && lc != '\\' && !quoted) {
+			/* this only counts for non-comments */
+			if (com == 0) {
+				if(par) (*par)++;
+				p++;
+			}
+			lc = c;
+			continue;
+		}
+
+		if (c == ')' && lc != '\\' && !quoted) {
+			/* this only counts for non-comments */
+			if (com == 0) {
+				if(par) (*par)--;
+				p--;
+			}
+			lc = c;
+			continue;
+		}
+
+		if (p < 0) {
+			/* more ) then ( */
+			*t = '\0';
+			return 0;
+		}
+
+		/* do something with comments ; */
+		if (c == ';' && quoted == 0) {
+			if (lc != '\\') {
+				com = 1;
+			}
+		}
+		if (c == '"' && com == 0 && lc != '\\') {
+			quoted = 1 - quoted;
+		}
+
+		if (c == '\n' && com != 0) {
+			/* comments */
+			com = 0;
+			*t = ' ';
+			lc = c;
+			continue;
+		}
+
+		if (com == 1) {
+			*t = ' ';
+			lc = c;
+			continue;
+		}
+
+		if (c == '\n' && p != 0) {
+			/* in parentheses */
+			/* do not write ' ' if we want to skip spaces */
+			if(!(skipw && (strchr(skipw, c)||strchr(skipw, ' '))))
+				*t++ = ' ';
+			lc = c;
+			continue;
+		}
+
+		/* check to skip whitespace at start, but also after ( */
+		if(skipw && i==0 && !com && !quoted && lc != '\\') {
+			if(strchr(skipw, c)) {
+				lc = c;
+				continue;
+			}
+		}
+
+		/* check if we hit the delim */
+		for (d = del; *d; d++) {
+			/* we can only exit if no parens or user tracks them */
+                        if (c == *d && lc != '\\' && (p == 0 || par)) {
+				goto tokenread;
+                        }
+		}
+
+		i++;
+		if (limit > 0 && (i >= limit || (size_t)(t-token) >= limit)) {
+			*t = '\0';
+			return -1;
+		}
+		*t++ = c;
+
+		if (c == '\\' && lc == '\\') {
+			lc = 0;
+		} else {
+			lc = c;
+		}
+	}
+	*t = '\0';
+	if (i == 0) {
+		/* nothing read */
+		return -1;
+	}
+	if (!par && p != 0) {
+		return -1;
+	}
+	return (ssize_t)i;
+
+tokenread:
+	if(*del == '"')
+		/* do not skip over quotes after the string, they are part
+		 * of the next string.  But skip over whitespace (if needed)*/
+		sldns_bskipcs(b, del+1);
+	else 	sldns_bskipcs(b, del);
+	*t = '\0';
+
+	if (!par && p != 0) {
+		return -1;
+	}
+	return (ssize_t)i;
+}
+
+
+void
+sldns_bskipcs(sldns_buffer *buffer, const char *s)
+{
+        int found;
+        char c;
+        const char *d;
+
+        while(sldns_buffer_available_at(buffer, buffer->_position, sizeof(char))) {
+                c = (char) sldns_buffer_read_u8_at(buffer, buffer->_position);
+                found = 0;
+                for (d = s; *d; d++) {
+                        if (*d == c) {
+                                found = 1;
+                        }
+                }
+                if (found && buffer->_limit > buffer->_position) {
+                        buffer->_position += sizeof(char);
+                } else {
+                        return;
+                }
+        }
+}
+
+void
+sldns_fskipcs(FILE *fp, const char *s)
+{
+	sldns_fskipcs_l(fp, s, NULL);
+}
+
+void
+sldns_fskipcs_l(FILE *fp, const char *s, int *line_nr)
+{
+        int found;
+        int c;
+        const char *d;
+
+	while ((c = fgetc(fp)) != EOF) {
+		if (line_nr && c == '\n') {
+			*line_nr = *line_nr + 1;
+		}
+                found = 0;
+                for (d = s; *d; d++) {
+                        if (*d == c) {
+                                found = 1;
+                        }
+                }
+		if (!found) {
+			/* with getc, we've read too far */
+			ungetc(c, fp);
+			return;
+		}
+	}
+}
+
+ssize_t
+sldns_bget_keyword_data(sldns_buffer *b, const char *keyword, const char *k_del, char
+*data, const char *d_del, size_t data_limit)
+{
+       /* we assume: keyword|sep|data */
+       char *fkeyword;
+       ssize_t i;
+
+       if(strlen(keyword) >= LDNS_MAX_KEYWORDLEN)
+               return -1;
+       fkeyword = (char*)malloc(LDNS_MAX_KEYWORDLEN);
+       if(!fkeyword)
+               return -1; /* out of memory */
+
+       i = sldns_bget_token(b, fkeyword, k_del, data_limit);
+       if(i==0 || i==-1) {
+               free(fkeyword);
+               return -1; /* nothing read */
+       }
+
+       /* case??? */
+       if (strncmp(fkeyword, keyword, strlen(keyword)) == 0) {
+               free(fkeyword);
+               /* whee, the match! */
+               /* retrieve it's data */
+               i = sldns_bget_token(b, data, d_del, 0);
+               return i;
+       } else {
+               free(fkeyword);
+               return -1;
+       }
+}
+

ldns/parse.h

@@ -0,0 +1,184 @@
+/*
+ * parse.h 
+ *
+ * a Net::DNS like library for C
+ * LibDNS Team @ NLnet Labs
+ * (c) NLnet Labs, 2005-2006
+ * See the file LICENSE for the license
+ */
+
+#ifndef LDNS_PARSE_H
+#define LDNS_PARSE_H
+
+struct sldns_buffer;
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define LDNS_PARSE_SKIP_SPACE		"\f\n\r\v"
+#define LDNS_PARSE_NORMAL		" \f\n\r\t\v"
+#define LDNS_PARSE_NO_NL		" \t"
+#define LDNS_MAX_LINELEN		10230
+#define LDNS_MAX_KEYWORDLEN		32
+
+
+/**
+ * \file
+ *
+ * Contains some low-level parsing functions, mostly used in the _frm_str
+ * family of functions.
+ */
+ 
+/**
+ * different type of directives in zone files
+ * We now deal with $TTL, $ORIGIN and $INCLUDE.
+ * The latter is not implemented in ldns (yet)
+ */
+enum sldns_enum_directive
+{
+	LDNS_DIR_TTL,
+	LDNS_DIR_ORIGIN,
+	LDNS_DIR_INCLUDE
+};
+typedef enum sldns_enum_directive sldns_directive;
+
+/** 
+ * returns a token/char from the stream F.
+ * This function deals with ( and ) in the stream,
+ * and ignores them when encountered
+ * \param[in] *f the file to read from
+ * \param[out] *token the read token is put here
+ * \param[in] *delim chars at which the parsing should stop
+ * \param[in] *limit how much to read. If 0 the builtin maximum is used
+ * \return 0 on error of EOF of the stream F.  Otherwise return the length of what is read
+ */
+ssize_t sldns_fget_token(FILE *f, char *token, const char *delim, size_t limit);
+
+/** 
+ * returns a token/char from the stream F.
+ * This function deals with ( and ) in the stream,
+ * and ignores when it finds them.
+ * \param[in] *f the file to read from
+ * \param[out] *token the token is put here
+ * \param[in] *delim chars at which the parsing should stop
+ * \param[in] *limit how much to read. If 0 use builtin maximum
+ * \param[in] line_nr pointer to an integer containing the current line number (for debugging purposes)
+ * \return 0 on error of EOF of F otherwise return the length of what is read
+ */
+ssize_t sldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *line_nr);
+
+/**
+ * returns a token/char from the buffer b.
+ * This function deals with ( and ) in the buffer,
+ * and ignores when it finds them.
+ * \param[in] *b the buffer to read from
+ * \param[out] *token the token is put here
+ * \param[in] *delim chars at which the parsing should stop
+ * \param[in] *limit how much to read. If 0 the builtin maximum is used
+ * \param[in] *par if you pass nonNULL, set to 0 on first call, the parenthesis
+ * state is stored in it, for use on next call.  User must check it is back
+ * to zero after last bget in string (for parse error).  If you pass NULL,
+ * the entire parenthesized string is read in.
+ * \param[in] skipw string with whitespace to skip before the start of the
+ * token, like " ", or " \t", or NULL for none.  
+ * \returns 0 on error of EOF of b. Otherwise return the length of what is read
+ */
+ssize_t sldns_bget_token_par(struct sldns_buffer *b, char *token, const char *delim, size_t limit, int* par, const char* skipw);
+
+/**
+ * returns a token/char from the buffer b.
+ * This function deals with ( and ) in the buffer,
+ * and ignores when it finds them.
+ * \param[in] *b the buffer to read from
+ * \param[out] *token the token is put here
+ * \param[in] *delim chars at which the parsing should stop
+ * \param[in] *limit how much to read. If 0 the builtin maximum is used
+ * \returns 0 on error of EOF of b. Otherwise return the length of what is read
+ */
+ssize_t sldns_bget_token(struct sldns_buffer *b, char *token, const char *delim, size_t limit);
+
+/*
+ * searches for keyword and delim in a file. Gives everything back
+ * after the keyword + k_del until we hit d_del
+ * \param[in] f file pointer to read from
+ * \param[in] keyword keyword to look for
+ * \param[in] k_del keyword delimeter 
+ * \param[out] data the data found 
+ * \param[in] d_del the data delimeter
+ * \param[in] data_limit maximum size the the data buffer
+ * \return the number of character read
+ */
+ssize_t sldns_fget_keyword_data(FILE *f, const char *keyword, const char *k_del, char *data, const char *d_del, size_t data_limit);
+
+/*
+ * searches for keyword and delim. Gives everything back
+ * after the keyword + k_del until we hit d_del
+ * \param[in] f file pointer to read from
+ * \param[in] keyword keyword to look for
+ * \param[in] k_del keyword delimeter 
+ * \param[out] data the data found 
+ * \param[in] d_del the data delimeter
+ * \param[in] data_limit maximum size the the data buffer
+ * \param[in] line_nr pointer to an integer containing the current line number (for
+debugging purposes)
+ * \return the number of character read
+ */
+ssize_t sldns_fget_keyword_data_l(FILE *f, const char *keyword, const char *k_del, char *data, const char *d_del, size_t data_limit, int *line_nr);
+
+/*
+ * searches for keyword and delim in a buffer. Gives everything back
+ * after the keyword + k_del until we hit d_del
+ * \param[in] b buffer pointer to read from
+ * \param[in] keyword keyword to look for
+ * \param[in] k_del keyword delimeter 
+ * \param[out] data the data found 
+ * \param[in] d_del the data delimeter
+ * \param[in] data_limit maximum size the the data buffer
+ * \return the number of character read
+ */
+ssize_t sldns_bget_keyword_data(struct sldns_buffer *b, const char *keyword, const char *k_del, char *data, const char *d_del, size_t data_limit);
+
+/**
+ * returns the next character from a buffer. Advances the position pointer with 1.
+ * When end of buffer is reached returns EOF. This is the buffer's equivalent
+ * for getc().
+ * \param[in] *buffer buffer to read from
+ * \return EOF on failure otherwise return the character
+ */
+int sldns_bgetc(struct sldns_buffer *buffer);
+
+/**
+ * skips all of the characters in the given string in the buffer, moving
+ * the position to the first character that is not in *s.
+ * \param[in] *buffer buffer to use
+ * \param[in] *s characters to skip
+ * \return void
+ */
+void sldns_bskipcs(struct sldns_buffer *buffer, const char *s);
+
+/**
+ * skips all of the characters in the given string in the fp, moving
+ * the position to the first character that is not in *s.
+ * \param[in] *fp file to use
+ * \param[in] *s characters to skip
+ * \return void
+ */
+void sldns_fskipcs(FILE *fp, const char *s);
+
+
+/**
+ * skips all of the characters in the given string in the fp, moving
+ * the position to the first character that is not in *s.
+ * \param[in] *fp file to use
+ * \param[in] *s characters to skip
+ * \param[in] line_nr pointer to an integer containing the current line number (for debugging purposes)
+ * \return void
+ */
+void sldns_fskipcs_l(FILE *fp, const char *s, int *line_nr);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* LDNS_PARSE_H */

ldns/parseutil.c

@@ -0,0 +1,726 @@
+/*
+ * parseutil.c - parse utilities for string and wire conversion
+ *
+ * (c) NLnet Labs, 2004-2006
+ *
+ * See the file LICENSE for the license
+ */
+/**
+ * \file
+ *
+ * Utility functions for parsing, base32(DNS variant) and base64 encoding
+ * and decoding, Hex, Time units, Escape codes.
+ */
+
+#include "config.h"
+#include "ldns/parseutil.h"
+#include <sys/time.h>
+#include <time.h>
+#include <ctype.h>
+
+sldns_lookup_table *
+sldns_lookup_by_name(sldns_lookup_table *table, const char *name)
+{
+        while (table->name != NULL) {
+                if (strcasecmp(name, table->name) == 0)
+                        return table;
+                table++;
+        }
+        return NULL;
+}
+
+sldns_lookup_table *
+sldns_lookup_by_id(sldns_lookup_table *table, int id)
+{
+        while (table->name != NULL) {
+                if (table->id == id)
+                        return table;
+                table++;
+        }
+        return NULL;
+}
+
+/* Number of days per month (except for February in leap years). */
+static const int mdays[] = {
+	31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
+};
+
+#define LDNS_MOD(x,y) (((x) % (y) < 0) ? ((x) % (y) + (y)) : ((x) % (y)))
+#define LDNS_DIV(x,y) (((x) % (y) < 0) ? ((x) / (y) -  1 ) : ((x) / (y)))
+
+static int
+is_leap_year(int year)
+{
+	return LDNS_MOD(year,   4) == 0 && (LDNS_MOD(year, 100) != 0 
+	    || LDNS_MOD(year, 400) == 0);
+}
+
+static int
+leap_days(int y1, int y2)
+{
+	--y1;
+	--y2;
+	return (LDNS_DIV(y2,   4) - LDNS_DIV(y1,   4)) - 
+	       (LDNS_DIV(y2, 100) - LDNS_DIV(y1, 100)) +
+	       (LDNS_DIV(y2, 400) - LDNS_DIV(y1, 400));
+}
+
+/*
+ * Code adapted from Python 2.4.1 sources (Lib/calendar.py).
+ */
+time_t
+sldns_mktime_from_utc(const struct tm *tm)
+{
+	int year = 1900 + tm->tm_year;
+	time_t days = 365 * ((time_t) year - 1970) + leap_days(1970, year);
+	time_t hours;
+	time_t minutes;
+	time_t seconds;
+	int i;
+
+	for (i = 0; i < tm->tm_mon; ++i) {
+		days += mdays[i];
+	}
+	if (tm->tm_mon > 1 && is_leap_year(year)) {
+		++days;
+	}
+	days += tm->tm_mday - 1;
+
+	hours = days * 24 + tm->tm_hour;
+	minutes = hours * 60 + tm->tm_min;
+	seconds = minutes * 60 + tm->tm_sec;
+
+	return seconds;
+}
+
+#if SIZEOF_TIME_T <= 4
+
+static void
+sldns_year_and_yday_from_days_since_epoch(int64_t days, struct tm *result)
+{
+	int year = 1970;
+	int new_year;
+
+	while (days < 0 || days >= (int64_t) (is_leap_year(year) ? 366 : 365)) {
+		new_year = year + (int) LDNS_DIV(days, 365);
+		days -= (new_year - year) * 365;
+		days -= leap_days(year, new_year);
+		year  = new_year;
+	}
+	result->tm_year = year;
+	result->tm_yday = (int) days;
+}
+
+/* Number of days per month in a leap year. */
+static const int leap_year_mdays[] = {
+	31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
+};
+
+static void
+sldns_mon_and_mday_from_year_and_yday(struct tm *result)
+{
+	int idays = result->tm_yday;
+	const int *mon_lengths = is_leap_year(result->tm_year) ? 
+					leap_year_mdays : mdays;
+
+	result->tm_mon = 0;
+	while  (idays >= mon_lengths[result->tm_mon]) {
+		idays -= mon_lengths[result->tm_mon++];
+	}
+	result->tm_mday = idays + 1;
+}
+
+static void
+sldns_wday_from_year_and_yday(struct tm *result)
+{
+	result->tm_wday = 4 /* 1-1-1970 was a thursday */
+			+ LDNS_MOD((result->tm_year - 1970), 7) * LDNS_MOD(365, 7)
+			+ leap_days(1970, result->tm_year)
+			+ result->tm_yday;
+	result->tm_wday = LDNS_MOD(result->tm_wday, 7);
+	if (result->tm_wday < 0) {
+		result->tm_wday += 7;
+	}
+}
+
+static struct tm *
+sldns_gmtime64_r(int64_t clock, struct tm *result)
+{
+	result->tm_isdst = 0;
+	result->tm_sec   = (int) LDNS_MOD(clock, 60);
+	clock            =       LDNS_DIV(clock, 60);
+	result->tm_min   = (int) LDNS_MOD(clock, 60);
+	clock            =       LDNS_DIV(clock, 60);
+	result->tm_hour  = (int) LDNS_MOD(clock, 24);
+	clock            =       LDNS_DIV(clock, 24);
+
+	sldns_year_and_yday_from_days_since_epoch(clock, result);
+	sldns_mon_and_mday_from_year_and_yday(result);
+	sldns_wday_from_year_and_yday(result);
+	result->tm_year -= 1900;
+
+	return result;
+}
+
+#endif /* SIZEOF_TIME_T <= 4 */
+
+static int64_t
+sldns_serial_arithmitics_time(int32_t time, time_t now)
+{
+	int32_t offset = time - (int32_t) now;
+	return (int64_t) now + offset;
+}
+
+struct tm *
+sldns_serial_arithmitics_gmtime_r(int32_t time, time_t now, struct tm *result)
+{
+#if SIZEOF_TIME_T <= 4
+	int64_t secs_since_epoch = sldns_serial_arithmitics_time(time, now);
+	return  sldns_gmtime64_r(secs_since_epoch, result);
+#else
+	time_t  secs_since_epoch = sldns_serial_arithmitics_time(time, now);
+	return  gmtime_r(&secs_since_epoch, result);
+#endif
+}
+
+int
+sldns_hexdigit_to_int(char ch)
+{
+	switch (ch) {
+	case '0': return 0;
+	case '1': return 1;
+	case '2': return 2;
+	case '3': return 3;
+	case '4': return 4;
+	case '5': return 5;
+	case '6': return 6;
+	case '7': return 7;
+	case '8': return 8;
+	case '9': return 9;
+	case 'a': case 'A': return 10;
+	case 'b': case 'B': return 11;
+	case 'c': case 'C': return 12;
+	case 'd': case 'D': return 13;
+	case 'e': case 'E': return 14;
+	case 'f': case 'F': return 15;
+	default:
+		return -1;
+	}
+}
+
+uint32_t
+sldns_str2period(const char *nptr, const char **endptr)
+{
+	int sign = 0;
+	uint32_t i = 0;
+	uint32_t seconds = 0;
+
+	for(*endptr = nptr; **endptr; (*endptr)++) {
+		switch (**endptr) {
+			case ' ':
+			case '\t':
+				break;
+			case '-':
+				if(sign == 0) {
+					sign = -1;
+				} else {
+					return seconds;
+				}
+				break;
+			case '+':
+				if(sign == 0) {
+					sign = 1;
+				} else {
+					return seconds;
+				}
+				break;
+			case 's':
+			case 'S':
+				seconds += i;
+				i = 0;
+				break;
+			case 'm':
+			case 'M':
+				seconds += i * 60;
+				i = 0;
+				break;
+			case 'h':
+			case 'H':
+				seconds += i * 60 * 60;
+				i = 0;
+				break;
+			case 'd':
+			case 'D':
+				seconds += i * 60 * 60 * 24;
+				i = 0;
+				break;
+			case 'w':
+			case 'W':
+				seconds += i * 60 * 60 * 24 * 7;
+				i = 0;
+				break;
+			case '0':
+			case '1':
+			case '2':
+			case '3':
+			case '4':
+			case '5':
+			case '6':
+			case '7':
+			case '8':
+			case '9':
+				i *= 10;
+				i += (**endptr - '0');
+				break;
+			default:
+				seconds += i;
+				/* disregard signedness */
+				return seconds;
+		}
+	}
+	seconds += i;
+	/* disregard signedness */
+	return seconds;
+}
+
+int
+sldns_parse_escape(uint8_t *ch_p, const char** str_p)
+{
+	uint16_t val;
+
+	if ((*str_p)[0] && isdigit((*str_p)[0])  &&
+	    (*str_p)[1] && isdigit((*str_p)[1])  &&
+	    (*str_p)[2] && isdigit((*str_p)[2]))  {
+
+		val = (uint16_t)(((*str_p)[0] - '0') * 100 +
+				 ((*str_p)[1] - '0') *  10 +
+				 ((*str_p)[2] - '0'));
+
+		if (val > 255) {
+			goto error;
+		}
+		*ch_p = (uint8_t)val;
+		*str_p += 3;
+		return 1;
+
+	} else if ((*str_p)[0] && !isdigit((*str_p)[0])) {
+
+		*ch_p = (uint8_t)*(*str_p)++;
+		return 1;
+	}
+error:
+	*str_p = NULL;
+	return 0; /* LDNS_WIREPARSE_ERR_SYNTAX_BAD_ESCAPE */
+}
+
+/** parse one character, with escape codes */
+int
+sldns_parse_char(uint8_t *ch_p, const char** str_p)
+{
+	switch (**str_p) {
+
+	case '\0':	return 0;
+
+	case '\\':	*str_p += 1;
+			return sldns_parse_escape(ch_p, str_p);
+
+	default:	*ch_p = (uint8_t)*(*str_p)++;
+			return 1;
+	}
+}
+
+size_t sldns_b32_ntop_calculate_size(size_t src_data_length)
+{
+	return src_data_length == 0 ? 0 : ((src_data_length - 1) / 5 + 1) * 8;
+}
+
+size_t sldns_b32_ntop_calculate_size_no_padding(size_t src_data_length)
+{
+	return ((src_data_length + 3) * 8 / 5) - 4;
+}
+
+static int
+sldns_b32_ntop_base(const uint8_t* src, size_t src_sz, char* dst, size_t dst_sz,
+	int extended_hex, int add_padding)
+{
+	size_t ret_sz;
+	const char* b32 = extended_hex ?  "0123456789abcdefghijklmnopqrstuv"
+					: "abcdefghijklmnopqrstuvwxyz234567";
+
+	size_t c = 0; /* c is used to carry partial base32 character over 
+		       * byte boundaries for sizes with a remainder.
+		       * (i.e. src_sz % 5 != 0)
+		       */
+
+	ret_sz = add_padding ? sldns_b32_ntop_calculate_size(src_sz)
+			     : sldns_b32_ntop_calculate_size_no_padding(src_sz);
+	
+	/* Do we have enough space? */
+	if (dst_sz < ret_sz + 1)
+		return -1;
+
+	/* We know the size; terminate the string */
+	dst[ret_sz] = '\0';
+
+	/* First process all chunks of five */
+	while (src_sz >= 5) {
+		/* 00000... ........ ........ ........ ........ */
+		dst[0] = b32[(src[0]       ) >> 3];
+
+		/* .....111 11...... ........ ........ ........ */
+		dst[1] = b32[(src[0] & 0x07) << 2 | src[1] >> 6];
+
+		/* ........ ..22222. ........ ........ ........ */
+		dst[2] = b32[(src[1] & 0x3e) >> 1];
+
+		/* ........ .......3 3333.... ........ ........ */
+		dst[3] = b32[(src[1] & 0x01) << 4 | src[2] >> 4];
+
+		/* ........ ........ ....4444 4....... ........ */
+		dst[4] = b32[(src[2] & 0x0f) << 1 | src[3] >> 7];
+
+		/* ........ ........ ........ .55555.. ........ */
+		dst[5] = b32[(src[3] & 0x7c) >> 2];
+
+		/* ........ ........ ........ ......66 666..... */
+		dst[6] = b32[(src[3] & 0x03) << 3 | src[4] >> 5];
+
+		/* ........ ........ ........ ........ ...77777 */
+		dst[7] = b32[(src[4] & 0x1f)     ];
+
+		src_sz -= 5;
+		src    += 5;
+		dst    += 8;
+	}
+	/* Process what remains */
+	switch (src_sz) {
+	case 4: /* ........ ........ ........ ......66 666..... */
+		dst[6] = b32[(src[3] & 0x03) << 3];
+
+		/* ........ ........ ........ .55555.. ........ */
+		dst[5] = b32[(src[3] & 0x7c) >> 2];
+
+		/* ........ ........ ....4444 4....... ........ */
+			 c =  src[3]         >> 7 ;
+	case 3: dst[4] = b32[(src[2] & 0x0f) << 1 | c];
+
+		/* ........ .......3 3333.... ........ ........ */
+			 c =  src[2]         >> 4 ;
+	case 2:	dst[3] = b32[(src[1] & 0x01) << 4 | c];
+
+		/* ........ ..22222. ........ ........ ........ */
+		dst[2] = b32[(src[1] & 0x3e) >> 1];
+
+		/* .....111 11...... ........ ........ ........ */
+			 c =  src[1]         >> 6 ;
+	case 1:	dst[1] = b32[(src[0] & 0x07) << 2 | c];
+
+		/* 00000... ........ ........ ........ ........ */
+		dst[0] = b32[ src[0]         >> 3];
+	}
+	/* Add padding */
+	if (add_padding) {
+		switch (src_sz) {
+			case 1: dst[2] = '=';
+				dst[3] = '=';
+			case 2: dst[4] = '=';
+			case 3: dst[5] = '=';
+				dst[6] = '=';
+			case 4: dst[7] = '=';
+		}
+	}
+	return (int)ret_sz;
+}
+
+int 
+sldns_b32_ntop(const uint8_t* src, size_t src_sz, char* dst, size_t dst_sz)
+{
+	return sldns_b32_ntop_base(src, src_sz, dst, dst_sz, 0, 1);
+}
+
+int 
+sldns_b32_ntop_extended_hex(const uint8_t* src, size_t src_sz,
+		char* dst, size_t dst_sz)
+{
+	return sldns_b32_ntop_base(src, src_sz, dst, dst_sz, 1, 1);
+}
+
+size_t sldns_b32_pton_calculate_size(size_t src_text_length)
+{
+	return src_text_length * 5 / 8;
+}
+
+static int
+sldns_b32_pton_base(const char* src, size_t src_sz, uint8_t* dst, size_t dst_sz,
+	int extended_hex, int check_padding)
+{
+	size_t i = 0;
+	char ch = '\0';
+	uint8_t buf[8];
+	uint8_t* start = dst;
+
+	while (src_sz) {
+		/* Collect 8 characters in buf (if possible) */
+		for (i = 0; i < 8; i++) {
+
+			do {
+				ch = *src++;
+				--src_sz;
+
+			} while (isspace(ch) && src_sz > 0);
+
+			if (ch == '=' || ch == '\0')
+				break;
+
+			else if (extended_hex)
+
+				if (ch >= '0' && ch <= '9')
+					buf[i] = (uint8_t)ch - '0';
+				else if (ch >= 'a' && ch <= 'v')
+					buf[i] = (uint8_t)ch - 'a' + 10;
+				else if (ch >= 'A' && ch <= 'V')
+					buf[i] = (uint8_t)ch - 'A' + 10;
+				else
+					return -1;
+
+			else if (ch >= 'a' && ch <= 'z')
+				buf[i] = (uint8_t)ch - 'a';
+			else if (ch >= 'A' && ch <= 'Z')
+				buf[i] = (uint8_t)ch - 'A';
+			else if (ch >= '2' && ch <= '7')
+				buf[i] = (uint8_t)ch - '2' + 26;
+			else
+				return -1;
+		}
+		/* Less that 8 characters. We're done. */
+		if (i < 8)
+			break;
+
+		/* Enough space available at the destination? */
+		if (dst_sz < 5)
+			return -1;
+
+		/* 00000... ........ ........ ........ ........ */
+		/* .....111 11...... ........ ........ ........ */
+		dst[0] = buf[0] << 3 | buf[1] >> 2;
+
+		/* .....111 11...... ........ ........ ........ */
+		/* ........ ..22222. ........ ........ ........ */
+		/* ........ .......3 3333.... ........ ........ */
+		dst[1] = buf[1] << 6 | buf[2] << 1 | buf[3] >> 4;
+
+		/* ........ .......3 3333.... ........ ........ */
+		/* ........ ........ ....4444 4....... ........ */
+		dst[2] = buf[3] << 4 | buf[4] >> 1;
+
+		/* ........ ........ ....4444 4....... ........ */
+		/* ........ ........ ........ .55555.. ........ */
+		/* ........ ........ ........ ......66 666..... */
+		dst[3] = buf[4] << 7 | buf[5] << 2 | buf[6] >> 3;
+
+		/* ........ ........ ........ ......66 666..... */
+		/* ........ ........ ........ ........ ...77777 */
+		dst[4] = buf[6] << 5 | buf[7];
+
+		dst += 5;
+		dst_sz -= 5;
+	}
+	/* Not ending on a eight byte boundary? */
+	if (i > 0 && i < 8) {
+
+		/* Enough space available at the destination? */
+		if (dst_sz < (i + 1) / 2)
+			return -1;
+
+		switch (i) {
+		case 7: /* ........ ........ ........ ......66 666..... */
+			/* ........ ........ ........ .55555.. ........ */
+			/* ........ ........ ....4444 4....... ........ */
+			dst[3] = buf[4] << 7 | buf[5] << 2 | buf[6] >> 3;
+
+		case 5: /* ........ ........ ....4444 4....... ........ */
+			/* ........ .......3 3333.... ........ ........ */
+			dst[2] = buf[3] << 4 | buf[4] >> 1;
+
+		case 4: /* ........ .......3 3333.... ........ ........ */
+			/* ........ ..22222. ........ ........ ........ */
+			/* .....111 11...... ........ ........ ........ */
+			dst[1] = buf[1] << 6 | buf[2] << 1 | buf[3] >> 4;
+
+		case 2: /* .....111 11...... ........ ........ ........ */
+			/* 00000... ........ ........ ........ ........ */
+			dst[0] = buf[0] << 3 | buf[1] >> 2;
+
+			break;
+
+		default:
+			return -1;
+		}
+		dst += (i + 1) / 2;
+
+		if (check_padding) {
+			/* Check remaining padding characters */
+			if (ch != '=')
+				return -1;
+
+			/* One down, 8 - i - 1 more to come... */
+			for (i = 8 - i - 1; i > 0; i--) {
+
+				do {
+					if (src_sz == 0)
+						return -1;
+					ch = *src++;
+					src_sz--;
+
+				} while (isspace(ch));
+
+				if (ch != '=')
+					return -1;
+			}
+		}
+	}
+	return dst - start;
+}
+
+int
+sldns_b32_pton(const char* src, size_t src_sz, uint8_t* dst, size_t dst_sz)
+{
+	return sldns_b32_pton_base(src, src_sz, dst, dst_sz, 0, 1);
+}
+
+int
+sldns_b32_pton_extended_hex(const char* src, size_t src_sz, 
+		uint8_t* dst, size_t dst_sz)
+{
+	return sldns_b32_pton_base(src, src_sz, dst, dst_sz, 1, 1);
+}
+
+size_t sldns_b64_ntop_calculate_size(size_t srcsize)
+{
+	return ((((srcsize + 2) / 3) * 4) + 1);
+}
+
+/* RFC 1521, section 5.2.
+ *
+ * The encoding process represents 24-bit groups of input bits as output
+ * strings of 4 encoded characters. Proceeding from left to right, a
+ * 24-bit input group is formed by concatenating 3 8-bit input groups.
+ * These 24 bits are then treated as 4 concatenated 6-bit groups, each
+ * of which is translated into a single digit in the base64 alphabet.
+ *
+ * This routine does not insert spaces or linebreaks after 76 characters.
+ */
+int sldns_b64_ntop(uint8_t const *src, size_t srclength,
+	char *target, size_t targsize)
+{
+	const char* b64 =
+	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+	const char pad64 = '=';
+	size_t i = 0, o = 0;
+	if(targsize < sldns_b64_ntop_calculate_size(srclength))
+		return -1;
+	/* whole chunks: xxxxxxyy yyyyzzzz zzwwwwww */
+	while(i+3 <= srclength) {
+		if(o+4 > targsize) return -1;
+		target[o] = b64[src[i] >> 2];
+		target[o+1] = b64[ ((src[i]&0x03)<<4) | (src[i+1]>>4) ];
+		target[o+2] = b64[ ((src[i+1]&0x0f)<<2) | (src[i+2]>>6) ];
+		target[o+3] = b64[ (src[i+2]&0x3f) ];
+		i += 3;
+		o += 4;
+	}
+	/* remainder */
+	switch(srclength - i) {
+	case 2:
+		/* two at end, converted into A B C = */
+		target[o] = b64[src[i] >> 2];
+		target[o+1] = b64[ ((src[i]&0x03)<<4) | (src[i+1]>>4) ];
+		target[o+2] = b64[ ((src[i+1]&0x0f)<<2) ];
+		target[o+3] = pad64;
+		i += 2;
+		o += 4;
+		break;
+	case 1:
+		/* one at end, converted into A B = = */
+		target[o] = b64[src[i] >> 2];
+		target[o+1] = b64[ ((src[i]&0x03)<<4) ];
+		target[o+2] = pad64;
+		target[o+3] = pad64;
+		i += 1;
+		o += 4;
+		break;
+	case 0:
+	default:
+		/* nothing */
+		break;
+	}
+	/* assert: i == srclength */
+	if(o+1 > targsize) return -1;
+	target[o] = 0;
+	return (int)o;
+}
+
+size_t sldns_b64_pton_calculate_size(size_t srcsize)
+{
+	return (((((srcsize + 3) / 4) * 3)) + 1);
+}
+
+int sldns_b64_pton(char const *src, uint8_t *target, size_t targsize)
+{
+	const uint8_t pad64 = 64; /* is 64th in the b64 array */
+	const char* s = src;
+	uint8_t in[4];
+	size_t o = 0, incount = 0;
+
+	while(*s) {
+		/* skip any character that is not base64 */
+		/* conceptually we do:
+		const char* b64 =      pad'=' is appended to array
+		"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
+		const char* d = strchr(b64, *s++);
+		and use d-b64;
+		*/
+		char d = *s++;
+		if(d <= 'Z' && d >= 'A')
+			d -= 'A';
+		else if(d <= 'z' && d >= 'a')
+			d = d - 'a' + 26;
+		else if(d <= '9' && d >= '0')
+			d = d - '0' + 52;
+		else if(d == '+')
+			d = 62;
+		else if(d == '/')
+			d = 63;
+		else if(d == '=')
+			d = 64;
+		else	continue;
+		in[incount++] = (uint8_t)d;
+		if(incount != 4)
+			continue;
+		/* process whole block of 4 characters into 3 output bytes */
+		if(in[3] == pad64 && in[2] == pad64) { /* A B = = */
+			if(o+1 > targsize)
+				return -1;
+			target[o] = (in[0]<<2) | ((in[1]&0x30)>>4);
+			o += 1;
+			break; /* we are done */
+		} else if(in[3] == pad64) { /* A B C = */
+			if(o+2 > targsize)
+				return -1;
+			target[o] = (in[0]<<2) | ((in[1]&0x30)>>4);
+			target[o+1]= ((in[1]&0x0f)<<4) | ((in[2]&0x3c)>>2);
+			o += 2;
+			break; /* we are done */
+		} else {
+			if(o+3 > targsize)
+				return -1;
+			/* write xxxxxxyy yyyyzzzz zzwwwwww */
+			target[o] = (in[0]<<2) | ((in[1]&0x30)>>4);
+			target[o+1]= ((in[1]&0x0f)<<4) | ((in[2]&0x3c)>>2);
+			target[o+2]= ((in[2]&0x03)<<6) | in[3];
+			o += 3;
+		}
+		incount = 0;
+	}
+	return (int)o;
+}

ldns/parseutil.h

@@ -0,0 +1,148 @@
+/*
+ * parseutil.h - parse utilities for string and wire conversion
+ *
+ * (c) NLnet Labs, 2004
+ *
+ * See the file LICENSE for the license
+ */
+/**
+ * \file
+ *
+ * Utility functions for parsing, base32(DNS variant) and base64 encoding
+ * and decoding, Hex, Time units, Escape codes.
+ */
+
+#ifndef LDNS_PARSEUTIL_H
+#define LDNS_PARSEUTIL_H
+struct tm;
+
+/** 
+ *  A general purpose lookup table
+ *  
+ *  Lookup tables are arrays of (id, name) pairs,
+ *  So you can for instance lookup the RCODE 3, which is "NXDOMAIN",
+ *  and vice versa. The lookup tables themselves are defined wherever needed,
+ *  for instance in host2str.c
+ */
+struct sldns_struct_lookup_table {
+        int id;
+        const char *name;
+};
+typedef struct sldns_struct_lookup_table sldns_lookup_table;
+
+/**
+ * Looks up the table entry by name, returns NULL if not found.
+ * \param[in] table the lookup table to search in
+ * \param[in] name what to search for
+ * \return the item found
+ */
+sldns_lookup_table *sldns_lookup_by_name(sldns_lookup_table table[],
+                                       const char *name);
+/**
+ * Looks up the table entry by id, returns NULL if not found.
+ * \param[in] table the lookup table to search in
+ * \param[in] id what to search for
+ * \return the item found
+ */
+sldns_lookup_table *sldns_lookup_by_id(sldns_lookup_table table[], int id);
+
+/**
+ * Convert TM to seconds since epoch (midnight, January 1st, 1970).
+ * Like timegm(3), which is not always available.
+ * \param[in] tm a struct tm* with the date
+ * \return the seconds since epoch
+ */
+time_t sldns_mktime_from_utc(const struct tm *tm);
+
+/**
+ * The function interprets time as the number of seconds since epoch
+ * with respect to now using serial arithmitics (rfc1982).
+ * That number of seconds is then converted to broken-out time information.
+ * This is especially usefull when converting the inception and expiration
+ * fields of RRSIG records.
+ *
+ * \param[in] time number of seconds since epoch (midnight, January 1st, 1970)
+ *            to be intepreted as a serial arithmitics number relative to now.
+ * \param[in] now number of seconds since epoch (midnight, January 1st, 1970)
+ *            to which the time value is compared to determine the final value.
+ * \param[out] result the struct with the broken-out time information
+ * \return result on success or NULL on error
+ */
+struct tm * sldns_serial_arithmitics_gmtime_r(int32_t time, time_t now, struct tm *result);
+
+/**
+ * converts a ttl value (like 5d2h) to a long.
+ * \param[in] nptr the start of the string
+ * \param[out] endptr points to the last char in case of error
+ * \return the convert duration value
+ */
+uint32_t sldns_str2period(const char *nptr, const char **endptr);
+
+/**
+ * Returns the int value of the given (hex) digit
+ * \param[in] ch the hex char to convert
+ * \return the converted decimal value
+ */
+int sldns_hexdigit_to_int(char ch);
+
+/**
+ * calculates the size needed to store the result of b64_ntop
+ */
+size_t sldns_b64_ntop_calculate_size(size_t srcsize);
+
+int sldns_b64_ntop(uint8_t const *src, size_t srclength,
+	char *target, size_t targsize);
+
+/**
+ * calculates the size needed to store the result of sldns_b64_pton
+ */
+size_t sldns_b64_pton_calculate_size(size_t srcsize);
+
+int sldns_b64_pton(char const *src, uint8_t *target, size_t targsize);
+
+/**
+ * calculates the size needed to store the result of b32_ntop
+ */
+size_t sldns_b32_ntop_calculate_size(size_t src_data_length);
+
+size_t sldns_b32_ntop_calculate_size_no_padding(size_t src_data_length);
+
+int sldns_b32_ntop(const uint8_t* src_data, size_t src_data_length,
+	char* target_text_buffer, size_t target_text_buffer_size);
+
+int sldns_b32_ntop_extended_hex(const uint8_t* src_data, size_t src_data_length,
+	char* target_text_buffer, size_t target_text_buffer_size);
+
+/**
+ * calculates the size needed to store the result of b32_pton
+ */
+size_t sldns_b32_pton_calculate_size(size_t src_text_length);
+
+int sldns_b32_pton(const char* src_text, size_t src_text_length,
+	uint8_t* target_data_buffer, size_t target_data_buffer_size);
+
+int sldns_b32_pton_extended_hex(const char* src_text, size_t src_text_length,
+	uint8_t* target_data_buffer, size_t target_data_buffer_size);
+
+/*
+ * Checks whether the escaped value at **s is an octal value or
+ * a 'normally' escaped character (and not eos)
+ *
+ * @param ch_p: the parsed character
+ * @param str_p: the string. moved along for characters read.
+ * The string pointer at *s is increased by either 0 (on error), 1 (on
+ * normal escapes), or 3 (on octals)
+ *
+ * @return 0 on error
+ */
+int sldns_parse_escape(uint8_t *ch_p, const char** str_p);
+
+/** 
+ * Parse one character, with escape codes,
+ * @param ch_p: the parsed character
+ * @param str_p: the string. moved along for characters read.
+ * @return 0 on error
+ */
+int sldns_parse_char(uint8_t *ch_p, const char** str_p);
+
+#endif /* LDNS_PARSEUTIL_H */

ldns/pkthdr.h

@@ -0,0 +1,158 @@
+/*
+ * pkthdr.h - packet header from wire conversion routines
+ *
+ * a Net::DNS like library for C
+ *
+ * (c) NLnet Labs, 2005-2006
+ *
+ * See the file LICENSE for the license
+ */
+
+/**
+ * \file
+ *
+ * Contains functions that translate dns data from the wire format (as sent
+ * by servers and clients) to the internal structures for the packet header.
+ */
+ 
+#ifndef LDNS_PKTHDR_H
+#define LDNS_PKTHDR_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* The length of the header */
+#define	LDNS_HEADER_SIZE	12
+
+/* First octet of flags */
+#define	LDNS_RD_MASK		0x01U
+#define	LDNS_RD_SHIFT	0
+#define	LDNS_RD_WIRE(wirebuf)	(*(wirebuf+2) & LDNS_RD_MASK)
+#define	LDNS_RD_SET(wirebuf)	(*(wirebuf+2) |= LDNS_RD_MASK)
+#define	LDNS_RD_CLR(wirebuf)	(*(wirebuf+2) &= ~LDNS_RD_MASK)
+
+#define LDNS_TC_MASK		0x02U
+#define LDNS_TC_SHIFT	1
+#define	LDNS_TC_WIRE(wirebuf)	(*(wirebuf+2) & LDNS_TC_MASK)
+#define	LDNS_TC_SET(wirebuf)	(*(wirebuf+2) |= LDNS_TC_MASK)
+#define	LDNS_TC_CLR(wirebuf)	(*(wirebuf+2) &= ~LDNS_TC_MASK)
+
+#define	LDNS_AA_MASK		0x04U
+#define	LDNS_AA_SHIFT	2
+#define	LDNS_AA_WIRE(wirebuf)	(*(wirebuf+2) & LDNS_AA_MASK)
+#define	LDNS_AA_SET(wirebuf)	(*(wirebuf+2) |= LDNS_AA_MASK)
+#define	LDNS_AA_CLR(wirebuf)	(*(wirebuf+2) &= ~LDNS_AA_MASK)
+
+#define	LDNS_OPCODE_MASK	0x78U
+#define	LDNS_OPCODE_SHIFT	3
+#define	LDNS_OPCODE_WIRE(wirebuf)	((*(wirebuf+2) & LDNS_OPCODE_MASK) >> LDNS_OPCODE_SHIFT)
+#define	LDNS_OPCODE_SET(wirebuf, opcode) \
+	(*(wirebuf+2) = ((*(wirebuf+2)) & ~LDNS_OPCODE_MASK) | ((opcode) << LDNS_OPCODE_SHIFT))
+
+#define	LDNS_QR_MASK		0x80U
+#define	LDNS_QR_SHIFT	7
+#define	LDNS_QR_WIRE(wirebuf)	(*(wirebuf+2) & LDNS_QR_MASK)
+#define	LDNS_QR_SET(wirebuf)	(*(wirebuf+2) |= LDNS_QR_MASK)
+#define	LDNS_QR_CLR(wirebuf)	(*(wirebuf+2) &= ~LDNS_QR_MASK)
+
+/* Second octet of flags */
+#define	LDNS_RCODE_MASK	0x0fU
+#define	LDNS_RCODE_SHIFT	0
+#define	LDNS_RCODE_WIRE(wirebuf)	(*(wirebuf+3) & LDNS_RCODE_MASK)
+#define	LDNS_RCODE_SET(wirebuf, rcode) \
+	(*(wirebuf+3) = ((*(wirebuf+3)) & ~LDNS_RCODE_MASK) | (rcode))
+
+#define	LDNS_CD_MASK		0x10U
+#define	LDNS_CD_SHIFT	4
+#define	LDNS_CD_WIRE(wirebuf)	(*(wirebuf+3) & LDNS_CD_MASK)
+#define	LDNS_CD_SET(wirebuf)	(*(wirebuf+3) |= LDNS_CD_MASK)
+#define	LDNS_CD_CLR(wirebuf)	(*(wirebuf+3) &= ~LDNS_CD_MASK)
+
+#define	LDNS_AD_MASK		0x20U
+#define	LDNS_AD_SHIFT	5
+#define	LDNS_AD_WIRE(wirebuf)	(*(wirebuf+3) & LDNS_AD_MASK)
+#define	LDNS_AD_SET(wirebuf)	(*(wirebuf+3) |= LDNS_AD_MASK)
+#define	LDNS_AD_CLR(wirebuf)	(*(wirebuf+3) &= ~LDNS_AD_MASK)
+
+#define	LDNS_Z_MASK		0x40U
+#define	LDNS_Z_SHIFT		6
+#define	LDNS_Z_WIRE(wirebuf)	(*(wirebuf+3) & LDNS_Z_MASK)
+#define	LDNS_Z_SET(wirebuf)	(*(wirebuf+3) |= LDNS_Z_MASK)
+#define	LDNS_Z_CLR(wirebuf)	(*(wirebuf+3) &= ~LDNS_Z_MASK)
+
+#define	LDNS_RA_MASK		0x80U
+#define	LDNS_RA_SHIFT	7
+#define	LDNS_RA_WIRE(wirebuf)	(*(wirebuf+3) & LDNS_RA_MASK)
+#define	LDNS_RA_SET(wirebuf)	(*(wirebuf+3) |= LDNS_RA_MASK)
+#define	LDNS_RA_CLR(wirebuf)	(*(wirebuf+3) &= ~LDNS_RA_MASK)
+
+/* Query ID */
+#define	LDNS_ID_WIRE(wirebuf)		(sldns_read_uint16(wirebuf))
+#define	LDNS_ID_SET(wirebuf, id)	(sldns_write_uint16(wirebuf, id))
+
+/* Counter of the question section */
+#define LDNS_QDCOUNT_OFF		4
+/*
+#define	QDCOUNT(wirebuf)		(ntohs(*(uint16_t *)(wirebuf+QDCOUNT_OFF)))
+*/
+#define	LDNS_QDCOUNT(wirebuf)		(sldns_read_uint16(wirebuf+LDNS_QDCOUNT_OFF))
+
+/* Counter of the answer section */
+#define LDNS_ANCOUNT_OFF		6
+#define	LDNS_ANCOUNT(wirebuf)		(sldns_read_uint16(wirebuf+LDNS_ANCOUNT_OFF))
+
+/* Counter of the authority section */
+#define LDNS_NSCOUNT_OFF		8
+#define	LDNS_NSCOUNT(wirebuf)		(sldns_read_uint16(wirebuf+LDNS_NSCOUNT_OFF))
+
+/* Counter of the additional section */
+#define LDNS_ARCOUNT_OFF		10
+#define	LDNS_ARCOUNT(wirebuf)		(sldns_read_uint16(wirebuf+LDNS_ARCOUNT_OFF))
+
+/**
+ * The sections of a packet
+ */
+enum sldns_enum_pkt_section {
+        LDNS_SECTION_QUESTION = 0,
+        LDNS_SECTION_ANSWER = 1,
+        LDNS_SECTION_AUTHORITY = 2,
+        LDNS_SECTION_ADDITIONAL = 3,
+        /** bogus section, if not interested */
+        LDNS_SECTION_ANY = 4,
+        /** used to get all non-question rrs from a packet */
+        LDNS_SECTION_ANY_NOQUESTION = 5
+};
+typedef enum sldns_enum_pkt_section sldns_pkt_section;
+
+/* opcodes for pkt's */
+enum sldns_enum_pkt_opcode {
+        LDNS_PACKET_QUERY = 0,
+        LDNS_PACKET_IQUERY = 1,
+        LDNS_PACKET_STATUS = 2, /* there is no 3?? DNS is weird */
+        LDNS_PACKET_NOTIFY = 4,
+        LDNS_PACKET_UPDATE = 5
+};
+typedef enum sldns_enum_pkt_opcode sldns_pkt_opcode;
+
+/* rcodes for pkts */
+enum sldns_enum_pkt_rcode {
+        LDNS_RCODE_NOERROR = 0,
+        LDNS_RCODE_FORMERR = 1,
+        LDNS_RCODE_SERVFAIL = 2,
+        LDNS_RCODE_NXDOMAIN = 3,
+        LDNS_RCODE_NOTIMPL = 4,
+        LDNS_RCODE_REFUSED = 5,
+        LDNS_RCODE_YXDOMAIN = 6,
+        LDNS_RCODE_YXRRSET = 7,
+        LDNS_RCODE_NXRRSET = 8,
+        LDNS_RCODE_NOTAUTH = 9,
+        LDNS_RCODE_NOTZONE = 10
+};
+typedef enum sldns_enum_pkt_rcode sldns_pkt_rcode;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* LDNS_PKTHDR_H */

ldns/rrdef.c

@@ -0,0 +1,738 @@
+/* rrdef.c
+ *
+ * access functions to rr definitions list.
+ * a Net::DNS like library for C
+ * LibDNS Team @ NLnet Labs
+ *
+ * (c) NLnet Labs, 2004-2006
+ * See the file LICENSE for the license
+ */
+/**
+ * \file
+ *
+ * Defines resource record types and constants.
+ */
+#include "config.h"
+#include "ldns/rrdef.h"
+#include "ldns/parseutil.h"
+
+/* classes  */
+static sldns_lookup_table sldns_rr_classes_data[] = {
+        { LDNS_RR_CLASS_IN, "IN" },
+        { LDNS_RR_CLASS_CH, "CH" },
+        { LDNS_RR_CLASS_HS, "HS" },
+        { LDNS_RR_CLASS_NONE, "NONE" },
+        { LDNS_RR_CLASS_ANY, "ANY" },
+        { 0, NULL }
+};
+sldns_lookup_table* sldns_rr_classes = sldns_rr_classes_data;
+
+/* types */
+static const sldns_rdf_type type_0_wireformat[] = { LDNS_RDF_TYPE_UNKNOWN };
+static const sldns_rdf_type type_a_wireformat[] = { LDNS_RDF_TYPE_A };
+static const sldns_rdf_type type_ns_wireformat[] = { LDNS_RDF_TYPE_DNAME };
+static const sldns_rdf_type type_md_wireformat[] = { LDNS_RDF_TYPE_DNAME };
+static const sldns_rdf_type type_mf_wireformat[] = { LDNS_RDF_TYPE_DNAME };
+static const sldns_rdf_type type_cname_wireformat[] = { LDNS_RDF_TYPE_DNAME };
+static const sldns_rdf_type type_soa_wireformat[] = {
+	LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_INT32, 
+	LDNS_RDF_TYPE_PERIOD, LDNS_RDF_TYPE_PERIOD, LDNS_RDF_TYPE_PERIOD,
+	LDNS_RDF_TYPE_PERIOD
+};
+static const sldns_rdf_type type_mb_wireformat[] = { LDNS_RDF_TYPE_DNAME };
+static const sldns_rdf_type type_mg_wireformat[] = { LDNS_RDF_TYPE_DNAME };
+static const sldns_rdf_type type_mr_wireformat[] = { LDNS_RDF_TYPE_DNAME };
+static const sldns_rdf_type type_wks_wireformat[] = {
+	LDNS_RDF_TYPE_A, LDNS_RDF_TYPE_WKS
+};
+static const sldns_rdf_type type_ptr_wireformat[] = { LDNS_RDF_TYPE_DNAME };
+static const sldns_rdf_type type_hinfo_wireformat[] = {
+	LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_STR
+};
+static const sldns_rdf_type type_minfo_wireformat[] = {
+	LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_DNAME
+};
+static const sldns_rdf_type type_mx_wireformat[] = {
+	LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME
+};
+static const sldns_rdf_type type_rp_wireformat[] = {
+	LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_DNAME
+};
+static const sldns_rdf_type type_afsdb_wireformat[] = {
+	LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME
+};
+static const sldns_rdf_type type_x25_wireformat[] = { LDNS_RDF_TYPE_STR };
+static const sldns_rdf_type type_isdn_wireformat[] = {
+	LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_STR
+};
+static const sldns_rdf_type type_rt_wireformat[] = {
+	LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME
+};
+static const sldns_rdf_type type_nsap_wireformat[] = {
+	LDNS_RDF_TYPE_NSAP
+};
+static const sldns_rdf_type type_nsap_ptr_wireformat[] = {
+	LDNS_RDF_TYPE_STR
+};
+static const sldns_rdf_type type_sig_wireformat[] = {
+	LDNS_RDF_TYPE_TYPE, LDNS_RDF_TYPE_ALG, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT32,
+	LDNS_RDF_TYPE_TIME, LDNS_RDF_TYPE_TIME, LDNS_RDF_TYPE_INT16,
+	LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_B64
+};
+static const sldns_rdf_type type_key_wireformat[] = {
+	LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_B64
+};
+static const sldns_rdf_type type_px_wireformat[] = {
+	LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_DNAME
+};
+static const sldns_rdf_type type_gpos_wireformat[] = {
+	LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_STR
+};
+static const sldns_rdf_type type_aaaa_wireformat[] = { LDNS_RDF_TYPE_AAAA };
+static const sldns_rdf_type type_loc_wireformat[] = { LDNS_RDF_TYPE_LOC };
+static const sldns_rdf_type type_nxt_wireformat[] = {
+	LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_UNKNOWN
+};
+static const sldns_rdf_type type_eid_wireformat[] = {
+	LDNS_RDF_TYPE_HEX
+};
+static const sldns_rdf_type type_nimloc_wireformat[] = {
+	LDNS_RDF_TYPE_HEX
+};
+static const sldns_rdf_type type_srv_wireformat[] = {
+	LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME
+};
+static const sldns_rdf_type type_atma_wireformat[] = {
+	LDNS_RDF_TYPE_ATMA
+};
+static const sldns_rdf_type type_naptr_wireformat[] = {
+	LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_DNAME
+};
+static const sldns_rdf_type type_kx_wireformat[] = {
+	LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME
+};
+static const sldns_rdf_type type_cert_wireformat[] = {
+	 LDNS_RDF_TYPE_CERT_ALG, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_ALG, LDNS_RDF_TYPE_B64
+};
+static const sldns_rdf_type type_a6_wireformat[] = { LDNS_RDF_TYPE_UNKNOWN };
+static const sldns_rdf_type type_dname_wireformat[] = { LDNS_RDF_TYPE_DNAME };
+static const sldns_rdf_type type_sink_wireformat[] = { LDNS_RDF_TYPE_INT8,
+	LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_B64
+};
+static const sldns_rdf_type type_apl_wireformat[] = {
+	LDNS_RDF_TYPE_APL
+};
+static const sldns_rdf_type type_ds_wireformat[] = {
+	LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_ALG, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_HEX
+};
+static const sldns_rdf_type type_sshfp_wireformat[] = {
+	LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_HEX
+};
+static const sldns_rdf_type type_ipseckey_wireformat[] = {
+	LDNS_RDF_TYPE_IPSECKEY
+};
+static const sldns_rdf_type type_rrsig_wireformat[] = {
+	LDNS_RDF_TYPE_TYPE, LDNS_RDF_TYPE_ALG, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT32,
+	LDNS_RDF_TYPE_TIME, LDNS_RDF_TYPE_TIME, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_B64
+};
+static const sldns_rdf_type type_nsec_wireformat[] = {
+	LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_NSEC
+};
+static const sldns_rdf_type type_dhcid_wireformat[] = {
+	LDNS_RDF_TYPE_B64
+};
+static const sldns_rdf_type type_talink_wireformat[] = {
+	LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_DNAME
+};
+/* nsec3 is some vars, followed by same type of data of nsec */
+static const sldns_rdf_type type_nsec3_wireformat[] = {
+/*	LDNS_RDF_TYPE_NSEC3_VARS, LDNS_RDF_TYPE_NSEC3_NEXT_OWNER, LDNS_RDF_TYPE_NSEC*/
+	LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_NSEC3_SALT, LDNS_RDF_TYPE_NSEC3_NEXT_OWNER, LDNS_RDF_TYPE_NSEC
+};
+
+static const sldns_rdf_type type_nsec3param_wireformat[] = {
+/*	LDNS_RDF_TYPE_NSEC3_PARAMS_VARS*/
+	LDNS_RDF_TYPE_INT8,
+	LDNS_RDF_TYPE_INT8,
+	LDNS_RDF_TYPE_INT16,
+	LDNS_RDF_TYPE_NSEC3_SALT
+};
+
+static const sldns_rdf_type type_dnskey_wireformat[] = {
+	LDNS_RDF_TYPE_INT16,
+	LDNS_RDF_TYPE_INT8,
+	LDNS_RDF_TYPE_ALG,
+	LDNS_RDF_TYPE_B64
+};
+static const sldns_rdf_type type_tkey_wireformat[] = {
+	LDNS_RDF_TYPE_DNAME,
+	LDNS_RDF_TYPE_TIME,
+	LDNS_RDF_TYPE_TIME,
+	LDNS_RDF_TYPE_INT16,
+	LDNS_RDF_TYPE_INT16,
+	LDNS_RDF_TYPE_INT16_DATA,
+	LDNS_RDF_TYPE_INT16_DATA,
+};
+static const sldns_rdf_type type_tsig_wireformat[] = {
+	LDNS_RDF_TYPE_DNAME,
+	LDNS_RDF_TYPE_TSIGTIME,
+	LDNS_RDF_TYPE_INT16,
+	LDNS_RDF_TYPE_INT16_DATA,
+	LDNS_RDF_TYPE_INT16,
+	LDNS_RDF_TYPE_INT16,
+	LDNS_RDF_TYPE_INT16_DATA
+};
+static const sldns_rdf_type type_tlsa_wireformat[] = {
+	LDNS_RDF_TYPE_INT8,
+	LDNS_RDF_TYPE_INT8,
+	LDNS_RDF_TYPE_INT8,
+	LDNS_RDF_TYPE_HEX
+};
+static const sldns_rdf_type type_hip_wireformat[] = {
+	LDNS_RDF_TYPE_HIP
+};
+static const sldns_rdf_type type_nid_wireformat[] = {
+	LDNS_RDF_TYPE_INT16,
+	LDNS_RDF_TYPE_ILNP64
+};
+static const sldns_rdf_type type_l32_wireformat[] = {
+	LDNS_RDF_TYPE_INT16,
+	LDNS_RDF_TYPE_A
+};
+static const sldns_rdf_type type_l64_wireformat[] = {
+	LDNS_RDF_TYPE_INT16,
+	LDNS_RDF_TYPE_ILNP64
+};
+static const sldns_rdf_type type_lp_wireformat[] = {
+	LDNS_RDF_TYPE_INT16,
+	LDNS_RDF_TYPE_DNAME
+};
+static const sldns_rdf_type type_eui48_wireformat[] = {
+	LDNS_RDF_TYPE_EUI48
+};
+static const sldns_rdf_type type_eui64_wireformat[] = {
+	LDNS_RDF_TYPE_EUI64
+};
+#ifdef DRAFT_RRTYPES
+static const sldns_rdf_type type_uri_wireformat[] = {
+	LDNS_RDF_TYPE_INT16,
+	LDNS_RDF_TYPE_INT16,
+	LDNS_RDF_TYPE_LONG_STR
+};
+#endif
+static const sldns_rdf_type type_caa_wireformat[] = {
+	LDNS_RDF_TYPE_INT8,
+	LDNS_RDF_TYPE_TAG,
+	LDNS_RDF_TYPE_LONG_STR
+};
+
+/* All RR's defined in 1035 are well known and can thus
+ * be compressed. See RFC3597. These RR's are:
+ * CNAME HINFO MB MD MF MG MINFO MR MX NULL NS PTR SOA TXT
+ */
+static sldns_rr_descriptor rdata_field_descriptors[] = {
+	/* 0 */
+	{ 0, NULL, 0, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 1 */
+	{LDNS_RR_TYPE_A, "A", 1, 1, type_a_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 2 */
+	{LDNS_RR_TYPE_NS, "NS", 1, 1, type_ns_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
+	/* 3 */
+	{LDNS_RR_TYPE_MD, "MD", 1, 1, type_md_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
+	/* 4 */
+	{LDNS_RR_TYPE_MF, "MF", 1, 1, type_mf_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
+	/* 5 */
+	{LDNS_RR_TYPE_CNAME, "CNAME", 1, 1, type_cname_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
+	/* 6 */
+	{LDNS_RR_TYPE_SOA, "SOA", 7, 7, type_soa_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 2 },
+	/* 7 */
+	{LDNS_RR_TYPE_MB, "MB", 1, 1, type_mb_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
+	/* 8 */
+	{LDNS_RR_TYPE_MG, "MG", 1, 1, type_mg_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
+	/* 9 */
+	{LDNS_RR_TYPE_MR, "MR", 1, 1, type_mr_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
+	/* 10 */
+	{LDNS_RR_TYPE_NULL, "NULL", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 11 */
+	{LDNS_RR_TYPE_WKS, "WKS", 2, 2, type_wks_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 12 */
+	{LDNS_RR_TYPE_PTR, "PTR", 1, 1, type_ptr_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
+	/* 13 */
+	{LDNS_RR_TYPE_HINFO, "HINFO", 2, 2, type_hinfo_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 14 */
+	{LDNS_RR_TYPE_MINFO, "MINFO", 2, 2, type_minfo_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 2 },
+	/* 15 */
+	{LDNS_RR_TYPE_MX, "MX", 2, 2, type_mx_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
+	/* 16 */
+	{LDNS_RR_TYPE_TXT, "TXT", 1, 0, NULL, LDNS_RDF_TYPE_STR, LDNS_RR_NO_COMPRESS, 0 },
+	/* 17 */
+	{LDNS_RR_TYPE_RP, "RP", 2, 2, type_rp_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 2 },
+	/* 18 */
+	{LDNS_RR_TYPE_AFSDB, "AFSDB", 2, 2, type_afsdb_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
+	/* 19 */
+	{LDNS_RR_TYPE_X25, "X25", 1, 1, type_x25_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 20 */
+	{LDNS_RR_TYPE_ISDN, "ISDN", 1, 2, type_isdn_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 21 */
+	{LDNS_RR_TYPE_RT, "RT", 2, 2, type_rt_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
+	/* 22 */
+	{LDNS_RR_TYPE_NSAP, "NSAP", 1, 1, type_nsap_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 23 */
+	{LDNS_RR_TYPE_NSAP_PTR, "NSAP-PTR", 1, 1, type_nsap_ptr_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 24 */
+	{LDNS_RR_TYPE_SIG, "SIG", 9, 9, type_sig_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
+	/* 25 */
+	{LDNS_RR_TYPE_KEY, "KEY", 4, 4, type_key_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 26 */
+	{LDNS_RR_TYPE_PX, "PX", 3, 3, type_px_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 2 },
+	/* 27 */
+	{LDNS_RR_TYPE_GPOS, "GPOS", 3, 3, type_gpos_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 28 */
+	{LDNS_RR_TYPE_AAAA, "AAAA", 1, 1, type_aaaa_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 29 */
+	{LDNS_RR_TYPE_LOC, "LOC", 1, 1, type_loc_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 30 */
+	{LDNS_RR_TYPE_NXT, "NXT", 2, 2, type_nxt_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
+	/* 31 */
+	{LDNS_RR_TYPE_EID, "EID", 1, 1, type_eid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 32 */
+	{LDNS_RR_TYPE_NIMLOC, "NIMLOC", 1, 1, type_nimloc_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 33 */
+	{LDNS_RR_TYPE_SRV, "SRV", 4, 4, type_srv_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
+	/* 34 */
+	{LDNS_RR_TYPE_ATMA, "ATMA", 1, 1, type_atma_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 35 */
+	{LDNS_RR_TYPE_NAPTR, "NAPTR", 6, 6, type_naptr_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
+	/* 36 */
+	{LDNS_RR_TYPE_KX, "KX", 2, 2, type_kx_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
+	/* 37 */
+	{LDNS_RR_TYPE_CERT, "CERT", 4, 4, type_cert_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 38 */
+	{LDNS_RR_TYPE_A6, "A6", 1, 1, type_a6_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 39 */
+	{LDNS_RR_TYPE_DNAME, "DNAME", 1, 1, type_dname_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
+	/* 40 */
+	{LDNS_RR_TYPE_SINK, "SINK", 1, 1, type_sink_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 41 */
+	{LDNS_RR_TYPE_OPT, "OPT", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 42 */
+	{LDNS_RR_TYPE_APL, "APL", 0, 0, type_apl_wireformat, LDNS_RDF_TYPE_APL, LDNS_RR_NO_COMPRESS, 0 },
+	/* 43 */
+	{LDNS_RR_TYPE_DS, "DS", 4, 4, type_ds_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 44 */
+	{LDNS_RR_TYPE_SSHFP, "SSHFP", 3, 3, type_sshfp_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 45 */
+	{LDNS_RR_TYPE_IPSECKEY, "IPSECKEY", 1, 1, type_ipseckey_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 46 */
+	{LDNS_RR_TYPE_RRSIG, "RRSIG", 9, 9, type_rrsig_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
+	/* 47 */
+	{LDNS_RR_TYPE_NSEC, "NSEC", 1, 2, type_nsec_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
+	/* 48 */
+	{LDNS_RR_TYPE_DNSKEY, "DNSKEY", 4, 4, type_dnskey_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 49 */
+	{LDNS_RR_TYPE_DHCID, "DHCID", 1, 1, type_dhcid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 50 */
+	{LDNS_RR_TYPE_NSEC3, "NSEC3", 5, 6, type_nsec3_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 51 */
+	{LDNS_RR_TYPE_NSEC3PARAM, "NSEC3PARAM", 4, 4, type_nsec3param_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 52 */
+	{LDNS_RR_TYPE_TLSA, "TLSA", 4, 4, type_tlsa_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+
+{LDNS_RR_TYPE_NULL, "TYPE53", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE54", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+        /* 55
+	 * Hip ends with 0 or more Rendezvous Servers represented as dname's.
+	 * Hence the LDNS_RDF_TYPE_DNAME _variable field and the _maximum field
+	 * set to 0.
+	 */
+	{LDNS_RR_TYPE_HIP, "HIP", 1, 1, type_hip_wireformat, LDNS_RDF_TYPE_DNAME, LDNS_RR_NO_COMPRESS, 0 },
+
+#ifdef DRAFT_RRTYPES
+	/* 56 */
+	{LDNS_RR_TYPE_NINFO, "NINFO", 1, 0, NULL, LDNS_RDF_TYPE_STR, LDNS_RR_NO_COMPRESS, 0 },
+	/* 57 */
+	{LDNS_RR_TYPE_RKEY, "RKEY", 4, 4, type_key_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+#else
+{LDNS_RR_TYPE_NULL, "TYPE56", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE57", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+#endif
+	/* 58 */
+	{LDNS_RR_TYPE_TALINK, "TALINK", 2, 2, type_talink_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 2 },
+
+#ifdef DRAFT_RRTYPES
+	/* 59 */
+	{LDNS_RR_TYPE_CDS, "CDS", 4, 4, type_ds_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+#else
+{LDNS_RR_TYPE_NULL, "TYPE59", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+#endif
+
+{LDNS_RR_TYPE_NULL, "TYPE60", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE61", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE62", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE63", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE64", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE65", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE66", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE67", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE68", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE69", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE70", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE71", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE72", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE73", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE74", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE75", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE76", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE77", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE78", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE79", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE80", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE81", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE82", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE83", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE84", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE85", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE86", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE87", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE88", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE89", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE90", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE91", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE92", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE93", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE94", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE95", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE96", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE97", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE98", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+
+	/* 99 */
+	{LDNS_RR_TYPE_SPF,  "SPF", 1, 0, NULL, LDNS_RDF_TYPE_STR, LDNS_RR_NO_COMPRESS, 0 },
+
+	/* UINFO  [IANA-Reserved] */
+{LDNS_RR_TYPE_NULL, "TYPE100", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* UID    [IANA-Reserved] */
+{LDNS_RR_TYPE_NULL, "TYPE101", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* GID    [IANA-Reserved] */
+{LDNS_RR_TYPE_NULL, "TYPE102", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* UNSPEC [IANA-Reserved] */
+{LDNS_RR_TYPE_NULL, "TYPE103", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+
+	/* 104 */
+	{LDNS_RR_TYPE_NID, "NID", 2, 2, type_nid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 105 */
+	{LDNS_RR_TYPE_L32, "L32", 2, 2, type_l32_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 106 */
+	{LDNS_RR_TYPE_L64, "L64", 2, 2, type_l64_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 107 */
+	{LDNS_RR_TYPE_LP, "LP", 2, 2, type_lp_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
+
+	/* 108 */
+	{LDNS_RR_TYPE_EUI48, "EUI48", 1, 1, type_eui48_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* 109 */
+	{LDNS_RR_TYPE_EUI64, "EUI64", 1, 1, type_eui64_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+
+{LDNS_RR_TYPE_NULL, "TYPE110", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE111", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE112", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE113", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE114", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE115", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE116", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE117", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE118", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE119", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE120", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE121", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE122", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE123", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE124", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE125", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE126", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE127", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE128", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE129", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE130", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE131", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE132", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE133", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE134", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE135", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE136", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE137", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE138", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE139", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE140", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE141", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE142", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE143", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE144", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE145", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE146", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE147", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE148", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE149", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE150", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE151", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE152", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE153", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE154", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE155", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE156", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE157", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE158", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE159", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE160", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE161", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE162", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE163", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE164", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE165", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE166", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE167", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE168", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE169", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE170", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE171", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE172", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE173", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE174", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE175", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE176", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE177", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE178", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE179", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE180", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE181", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE182", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE183", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE184", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE185", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE186", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE187", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE188", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE189", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE190", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE191", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE192", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE193", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE194", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE195", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE196", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE197", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE198", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE199", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE200", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE201", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE202", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE203", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE204", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE205", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE206", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE207", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE208", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE209", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE210", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE211", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE212", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE213", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE214", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE215", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE216", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE217", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE218", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE219", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE220", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE221", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE222", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE223", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE224", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE225", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE226", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE227", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE228", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE229", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE230", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE231", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE232", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE233", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE234", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE235", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE236", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE237", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE238", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE239", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE240", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE241", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE242", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE243", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE244", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE245", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE246", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE247", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NULL, "TYPE248", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+
+	/* LDNS_RDF_TYPE_INT16_DATA takes two fields (length and data) as one.
+	 * So, unlike RFC 2930 spec, we have 7 min/max rdf's i.s.o. 8/9.
+	 */
+	/* 249 */
+	{LDNS_RR_TYPE_TKEY, "TKEY", 7, 7, type_tkey_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
+	/* LDNS_RDF_TYPE_INT16_DATA takes two fields (length and data) as one.
+	 * So, unlike RFC 2930 spec, we have 7 min/max rdf's i.s.o. 8/9.
+	 */
+	/* 250 */
+	{LDNS_RR_TYPE_TSIG, "TSIG", 7, 7, type_tsig_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
+
+	/* IXFR: A request for a transfer of an incremental zone transfer */
+{LDNS_RR_TYPE_IXFR, "IXFR", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* AXFR: A request for a transfer of an entire zone */
+{LDNS_RR_TYPE_AXFR, "AXFR", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* MAILB: A request for mailbox-related records (MB, MG or MR) */
+{LDNS_RR_TYPE_MAILB, "MAILB", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* MAILA: A request for mail agent RRs (Obsolete - see MX) */
+{LDNS_RR_TYPE_MAILA, "MAILA", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+	/* ANY: A request for all (available) records */
+{LDNS_RR_TYPE_ANY, "ANY", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+
+#ifdef DRAFT_RRTYPES
+	/* 256 */
+	{LDNS_RR_TYPE_URI, "URI", 3, 3, type_uri_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+#else
+{LDNS_RR_TYPE_NULL, "TYPE256", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+#endif
+	/* 257 */
+	{LDNS_RR_TYPE_CAA, "CAA", 3, 3, type_caa_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+
+/* split in array, no longer contiguous */
+
+#ifdef DRAFT_RRTYPES
+	/* 32768 */
+	{LDNS_RR_TYPE_TA, "TA", 4, 4, type_ds_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+#else
+{LDNS_RR_TYPE_NULL, "TYPE32768", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+#endif
+	/* 32769 */
+	{LDNS_RR_TYPE_DLV, "DLV", 4, 4, type_ds_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }
+};
+
+/**
+ * \def LDNS_RDATA_FIELD_DESCRIPTORS_COUNT
+ * computes the number of rdata fields
+ */
+#define LDNS_RDATA_FIELD_DESCRIPTORS_COUNT \
+	(sizeof(rdata_field_descriptors)/sizeof(rdata_field_descriptors[0]))
+
+const sldns_rr_descriptor *
+sldns_rr_descript(uint16_t type)
+{
+	size_t i;
+	if (type < LDNS_RDATA_FIELD_DESCRIPTORS_COMMON) {
+		return &rdata_field_descriptors[type];
+	} else {
+		/* because not all array index equals type code */
+		for (i = LDNS_RDATA_FIELD_DESCRIPTORS_COMMON;
+		     i < LDNS_RDATA_FIELD_DESCRIPTORS_COUNT;
+		     i++) {
+		        if (rdata_field_descriptors[i]._type == type) {
+		     		return &rdata_field_descriptors[i];
+			}
+		}
+                return &rdata_field_descriptors[0];
+	}
+}
+
+size_t
+sldns_rr_descriptor_minimum(const sldns_rr_descriptor *descriptor)
+{
+	if (descriptor) {
+		return descriptor->_minimum;
+	} else {
+		return 0;
+	}
+}
+
+size_t
+sldns_rr_descriptor_maximum(const sldns_rr_descriptor *descriptor)
+{
+	if (descriptor) {
+		if (descriptor->_variable != LDNS_RDF_TYPE_NONE) {
+			return 65535; /* cannot be more than 64k */
+		} else {
+			return descriptor->_maximum;
+		}
+	} else {
+		return 0;
+	}
+}
+
+sldns_rdf_type
+sldns_rr_descriptor_field_type(const sldns_rr_descriptor *descriptor,
+                              size_t index)
+{
+	assert(descriptor != NULL);
+	assert(index < descriptor->_maximum
+	       || descriptor->_variable != LDNS_RDF_TYPE_NONE);
+	if (index < descriptor->_maximum) {
+		return descriptor->_wireformat[index];
+	} else {
+		return descriptor->_variable;
+	}
+}
+
+sldns_rr_type
+sldns_get_rr_type_by_name(const char *name)
+{
+	unsigned int i;
+	const char *desc_name;
+	const sldns_rr_descriptor *desc;
+
+	/* TYPEXX representation */
+	if (strlen(name) > 4 && strncasecmp(name, "TYPE", 4) == 0) {
+		return atoi(name + 4);
+	}
+
+	/* Normal types */
+	for (i = 0; i < (unsigned int) LDNS_RDATA_FIELD_DESCRIPTORS_COUNT; i++) {
+		desc = &rdata_field_descriptors[i];
+		desc_name = desc->_name;
+		if(desc_name &&
+		   strlen(name) == strlen(desc_name) &&
+		   strncasecmp(name, desc_name, strlen(desc_name)) == 0) {
+			/* because not all array index equals type code */
+			return desc->_type;
+		}
+	}
+
+	/* special cases for query types */
+	if (strlen(name) == 4 && strncasecmp(name, "IXFR", 4) == 0) {
+		return 251;
+	} else if (strlen(name) == 4 && strncasecmp(name, "AXFR", 4) == 0) {
+		return 252;
+	} else if (strlen(name) == 5 && strncasecmp(name, "MAILB", 5) == 0) {
+		return 253;
+	} else if (strlen(name) == 5 && strncasecmp(name, "MAILA", 5) == 0) {
+		return 254;
+	} else if (strlen(name) == 3 && strncasecmp(name, "ANY", 3) == 0) {
+		return 255;
+	}
+
+	return 0;
+}
+
+sldns_rr_class
+sldns_get_rr_class_by_name(const char *name)
+{
+	sldns_lookup_table *lt;
+
+	/* CLASSXX representation */
+	if (strlen(name) > 5 && strncasecmp(name, "CLASS", 5) == 0) {
+		return atoi(name + 5);
+	}
+
+	/* Normal types */
+	lt = sldns_lookup_by_name(sldns_rr_classes, name);
+	if (lt) {
+		return lt->id;
+	}
+	return 0;
+}

ldns/rrdef.h

@@ -0,0 +1,503 @@
+/*
+ * rrdef.h
+ *
+ * RR definitions
+ *
+ * a Net::DNS like library for C
+ *
+ * (c) NLnet Labs, 2005-2006
+ *
+ * See the file LICENSE for the license
+ */
+
+/**
+ * \file
+ *
+ * Defines resource record types and constants.
+ */
+
+#ifndef LDNS_RRDEF_H
+#define LDNS_RRDEF_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/** Maximum length of a dname label */
+#define LDNS_MAX_LABELLEN     63
+/** Maximum length of a complete dname */
+#define LDNS_MAX_DOMAINLEN    255
+/** Maximum number of pointers in 1 dname */
+#define LDNS_MAX_POINTERS	65535
+/** The bytes TTL, CLASS and length use up in an rr */
+#define LDNS_RR_OVERHEAD	10
+
+#define LDNS_DNSSEC_KEYPROTO    3
+#define LDNS_KEY_ZONE_KEY   0x0100 /* set for ZSK&KSK, rfc 4034 */
+#define LDNS_KEY_SEP_KEY    0x0001 /* set for KSK, rfc 4034 */
+#define LDNS_KEY_REVOKE_KEY 0x0080 /* used to revoke KSK, rfc 5011 */
+
+/* The first fields are contiguous and can be referenced instantly */
+#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON 258
+
+/** lookuptable for rr classes  */
+extern struct sldns_struct_lookup_table* sldns_rr_classes;
+
+/**
+ *  The different RR classes.
+ */
+enum sldns_enum_rr_class
+{
+	/** the Internet */
+	LDNS_RR_CLASS_IN 	= 1,
+	/** Chaos class */
+	LDNS_RR_CLASS_CH	= 3,
+	/** Hesiod (Dyer 87) */
+	LDNS_RR_CLASS_HS	= 4,
+	/** None class, dynamic update */
+	LDNS_RR_CLASS_NONE      = 254,
+	/** Any class */
+	LDNS_RR_CLASS_ANY	= 255,
+
+	LDNS_RR_CLASS_FIRST     = 0,
+	LDNS_RR_CLASS_LAST      = 65535,
+	LDNS_RR_CLASS_COUNT     = LDNS_RR_CLASS_LAST - LDNS_RR_CLASS_FIRST + 1
+};
+typedef enum sldns_enum_rr_class sldns_rr_class;
+
+/**
+ *  Used to specify whether compression is allowed.
+ */
+enum sldns_enum_rr_compress
+{
+	/** compression is allowed */
+	LDNS_RR_COMPRESS,
+	LDNS_RR_NO_COMPRESS
+};
+typedef enum sldns_enum_rr_compress sldns_rr_compress;
+
+/**
+ * The different RR types.
+ */
+enum sldns_enum_rr_type
+{
+	/**  a host address */
+	LDNS_RR_TYPE_A = 1,
+	/**  an authoritative name server */
+	LDNS_RR_TYPE_NS = 2,
+	/**  a mail destination (Obsolete - use MX) */
+	LDNS_RR_TYPE_MD = 3,
+	/**  a mail forwarder (Obsolete - use MX) */
+	LDNS_RR_TYPE_MF = 4,
+	/**  the canonical name for an alias */
+	LDNS_RR_TYPE_CNAME = 5,
+	/**  marks the start of a zone of authority */
+	LDNS_RR_TYPE_SOA = 6,
+	/**  a mailbox domain name (EXPERIMENTAL) */
+	LDNS_RR_TYPE_MB = 7,
+	/**  a mail group member (EXPERIMENTAL) */
+	LDNS_RR_TYPE_MG = 8,
+	/**  a mail rename domain name (EXPERIMENTAL) */
+	LDNS_RR_TYPE_MR = 9,
+	/**  a null RR (EXPERIMENTAL) */
+	LDNS_RR_TYPE_NULL = 10,
+	/**  a well known service description */
+	LDNS_RR_TYPE_WKS = 11,
+	/**  a domain name pointer */
+	LDNS_RR_TYPE_PTR = 12,
+	/**  host information */
+	LDNS_RR_TYPE_HINFO = 13,
+	/**  mailbox or mail list information */
+	LDNS_RR_TYPE_MINFO = 14,
+	/**  mail exchange */
+	LDNS_RR_TYPE_MX = 15,
+	/**  text strings */
+	LDNS_RR_TYPE_TXT = 16,
+	/**  RFC1183 */
+	LDNS_RR_TYPE_RP = 17,
+	/**  RFC1183 */
+	LDNS_RR_TYPE_AFSDB = 18,
+	/**  RFC1183 */
+	LDNS_RR_TYPE_X25 = 19,
+	/**  RFC1183 */
+	LDNS_RR_TYPE_ISDN = 20,
+	/**  RFC1183 */
+	LDNS_RR_TYPE_RT = 21,
+	/**  RFC1706 */
+	LDNS_RR_TYPE_NSAP = 22,
+	/**  RFC1348 */
+	LDNS_RR_TYPE_NSAP_PTR = 23,
+	/**  2535typecode */
+	LDNS_RR_TYPE_SIG = 24,
+	/**  2535typecode */
+	LDNS_RR_TYPE_KEY = 25,
+	/**  RFC2163 */
+	LDNS_RR_TYPE_PX = 26,
+	/**  RFC1712 */
+	LDNS_RR_TYPE_GPOS = 27,
+	/**  ipv6 address */
+	LDNS_RR_TYPE_AAAA = 28,
+	/**  LOC record  RFC1876 */
+	LDNS_RR_TYPE_LOC = 29,
+	/**  2535typecode */
+	LDNS_RR_TYPE_NXT = 30,
+	/**  draft-ietf-nimrod-dns-01.txt */
+	LDNS_RR_TYPE_EID = 31,
+	/**  draft-ietf-nimrod-dns-01.txt */
+	LDNS_RR_TYPE_NIMLOC = 32,
+	/**  SRV record RFC2782 */
+	LDNS_RR_TYPE_SRV = 33,
+	/**  http://www.jhsoft.com/rfc/af-saa-0069.000.rtf */
+	LDNS_RR_TYPE_ATMA = 34,
+	/**  RFC2915 */
+	LDNS_RR_TYPE_NAPTR = 35,
+	/**  RFC2230 */
+	LDNS_RR_TYPE_KX = 36,
+	/**  RFC2538 */
+	LDNS_RR_TYPE_CERT = 37,
+	/**  RFC2874 */
+	LDNS_RR_TYPE_A6 = 38,
+	/**  RFC2672 */
+	LDNS_RR_TYPE_DNAME = 39,
+	/**  dnsind-kitchen-sink-02.txt */
+	LDNS_RR_TYPE_SINK = 40,
+	/**  Pseudo OPT record... */
+	LDNS_RR_TYPE_OPT = 41,
+	/**  RFC3123 */
+	LDNS_RR_TYPE_APL = 42,
+	/**  RFC4034, RFC3658 */
+	LDNS_RR_TYPE_DS = 43,
+	/**  SSH Key Fingerprint */
+	LDNS_RR_TYPE_SSHFP = 44, /* RFC 4255 */
+	/**  IPsec Key */
+	LDNS_RR_TYPE_IPSECKEY = 45, /* RFC 4025 */
+	/**  DNSSEC */
+	LDNS_RR_TYPE_RRSIG = 46, /* RFC 4034 */
+	LDNS_RR_TYPE_NSEC = 47, /* RFC 4034 */
+	LDNS_RR_TYPE_DNSKEY = 48, /* RFC 4034 */
+
+	LDNS_RR_TYPE_DHCID = 49, /* RFC 4701 */
+	/* NSEC3 */
+	LDNS_RR_TYPE_NSEC3 = 50, /* RFC 5155 */
+	LDNS_RR_TYPE_NSEC3PARAM = 51, /* RFC 5155 */
+	LDNS_RR_TYPE_NSEC3PARAMS = 51,
+	LDNS_RR_TYPE_TLSA = 52, /* RFC 6698 */
+
+	LDNS_RR_TYPE_HIP = 55, /* RFC 5205 */
+
+	/** draft-reid-dnsext-zs */
+	LDNS_RR_TYPE_NINFO = 56,
+	/** draft-reid-dnsext-rkey */
+	LDNS_RR_TYPE_RKEY = 57,
+        /** draft-ietf-dnsop-trust-history */
+        LDNS_RR_TYPE_TALINK = 58,
+	/** draft-barwood-dnsop-ds-publis */
+	LDNS_RR_TYPE_CDS = 59,
+
+	LDNS_RR_TYPE_SPF = 99, /* RFC 4408 */
+
+	LDNS_RR_TYPE_UINFO = 100,
+	LDNS_RR_TYPE_UID = 101,
+	LDNS_RR_TYPE_GID = 102,
+	LDNS_RR_TYPE_UNSPEC = 103,
+
+	LDNS_RR_TYPE_NID = 104, /* RFC 6742 */
+	LDNS_RR_TYPE_L32 = 105, /* RFC 6742 */
+	LDNS_RR_TYPE_L64 = 106, /* RFC 6742 */
+	LDNS_RR_TYPE_LP = 107, /* RFC 6742 */
+
+	/** draft-jabley-dnsext-eui48-eui64-rrtypes */
+	LDNS_RR_TYPE_EUI48 = 108,
+	LDNS_RR_TYPE_EUI64 = 109,
+
+	LDNS_RR_TYPE_TKEY = 249, /* RFC 2930 */
+	LDNS_RR_TYPE_TSIG = 250,
+	LDNS_RR_TYPE_IXFR = 251,
+	LDNS_RR_TYPE_AXFR = 252,
+	/**  A request for mailbox-related records (MB, MG or MR) */
+	LDNS_RR_TYPE_MAILB = 253,
+	/**  A request for mail agent RRs (Obsolete - see MX) */
+	LDNS_RR_TYPE_MAILA = 254,
+	/**  any type (wildcard) */
+	LDNS_RR_TYPE_ANY = 255,
+	/** draft-faltstrom-uri-06 */
+	LDNS_RR_TYPE_URI = 256,
+	LDNS_RR_TYPE_CAA = 257, /* RFC 6844 */
+
+	/** DNSSEC Trust Authorities */
+	LDNS_RR_TYPE_TA = 32768,
+	/* RFC 4431, 5074, DNSSEC Lookaside Validation */
+	LDNS_RR_TYPE_DLV = 32769,
+
+	/* type codes from nsec3 experimental phase
+	LDNS_RR_TYPE_NSEC3 = 65324,
+	LDNS_RR_TYPE_NSEC3PARAMS = 65325, */
+	LDNS_RR_TYPE_FIRST = 0,
+	LDNS_RR_TYPE_LAST  = 65535,
+	LDNS_RR_TYPE_COUNT = LDNS_RR_TYPE_LAST - LDNS_RR_TYPE_FIRST + 1
+};
+typedef enum sldns_enum_rr_type sldns_rr_type;
+
+/* RDATA */
+#define LDNS_MAX_RDFLEN	65535
+
+#define LDNS_RDF_SIZE_BYTE              1
+#define LDNS_RDF_SIZE_WORD              2
+#define LDNS_RDF_SIZE_DOUBLEWORD        4
+#define LDNS_RDF_SIZE_6BYTES            6
+#define LDNS_RDF_SIZE_8BYTES            8
+#define LDNS_RDF_SIZE_16BYTES           16
+
+#define LDNS_NSEC3_VARS_OPTOUT_MASK 0x01
+
+#define LDNS_APL_IP4            1
+#define LDNS_APL_IP6            2
+#define LDNS_APL_MASK           0x7f
+#define LDNS_APL_NEGATION       0x80
+
+/**
+ * The different types of RDATA fields.
+ */
+enum sldns_enum_rdf_type
+{
+	/** none */
+	LDNS_RDF_TYPE_NONE,
+	/** domain name */
+	LDNS_RDF_TYPE_DNAME,
+	/** 8 bits */
+	LDNS_RDF_TYPE_INT8,
+	/** 16 bits */
+	LDNS_RDF_TYPE_INT16,
+	/** 32 bits */
+	LDNS_RDF_TYPE_INT32,
+	/** A record */
+	LDNS_RDF_TYPE_A,
+	/** AAAA record */
+	LDNS_RDF_TYPE_AAAA,
+	/** txt string */
+	LDNS_RDF_TYPE_STR,
+	/** apl data */
+	LDNS_RDF_TYPE_APL,
+	/** b32 string */
+	LDNS_RDF_TYPE_B32_EXT,
+	/** b64 string */
+	LDNS_RDF_TYPE_B64,
+	/** hex string */
+	LDNS_RDF_TYPE_HEX,
+	/** nsec type codes */
+	LDNS_RDF_TYPE_NSEC,
+	/** a RR type */
+	LDNS_RDF_TYPE_TYPE,
+	/** a class */
+	LDNS_RDF_TYPE_CLASS,
+	/** certificate algorithm */
+	LDNS_RDF_TYPE_CERT_ALG,
+	/** a key algorithm */
+        LDNS_RDF_TYPE_ALG,
+        /** unknown types */
+        LDNS_RDF_TYPE_UNKNOWN,
+        /** time (32 bits) */
+        LDNS_RDF_TYPE_TIME,
+        /** period */
+        LDNS_RDF_TYPE_PERIOD,
+        /** tsig time 48 bits */
+        LDNS_RDF_TYPE_TSIGTIME,
+	/** Represents the Public Key Algorithm, HIT and Public Key fields
+	    for the HIP RR types.  A HIP specific rdf type is used because of
+	    the unusual layout in wireformat (see RFC 5205 Section 5) */
+	LDNS_RDF_TYPE_HIP,
+        /** variable length any type rdata where the length
+            is specified by the first 2 bytes */
+        LDNS_RDF_TYPE_INT16_DATA,
+        /** protocol and port bitmaps */
+        LDNS_RDF_TYPE_SERVICE,
+        /** location data */
+        LDNS_RDF_TYPE_LOC,
+        /** well known services */
+        LDNS_RDF_TYPE_WKS,
+        /** NSAP */
+        LDNS_RDF_TYPE_NSAP,
+        /** ATMA */
+        LDNS_RDF_TYPE_ATMA,
+        /** IPSECKEY */
+        LDNS_RDF_TYPE_IPSECKEY,
+        /** nsec3 hash salt */
+        LDNS_RDF_TYPE_NSEC3_SALT,
+        /** nsec3 base32 string (with length byte on wire */
+        LDNS_RDF_TYPE_NSEC3_NEXT_OWNER,
+
+        /** 4 shorts represented as 4 * 16 bit hex numbers
+         *  seperated by colons. For NID and L64.
+         */
+        LDNS_RDF_TYPE_ILNP64,
+
+        /** 6 * 8 bit hex numbers seperated by dashes. For EUI48. */
+        LDNS_RDF_TYPE_EUI48,
+        /** 8 * 8 bit hex numbers seperated by dashes. For EUI64. */
+        LDNS_RDF_TYPE_EUI64,
+
+        /** A non-zero sequence of US-ASCII letters and numbers in lower case.
+         *  For CAA.
+         */
+        LDNS_RDF_TYPE_TAG,
+
+        /** A <character-string> encoding of the value field as specified 
+         * [RFC1035], Section 5.1., encoded as remaining rdata.
+         * For CAA.
+         */
+        LDNS_RDF_TYPE_LONG_STR,
+
+        /* Aliases */
+        LDNS_RDF_TYPE_BITMAP = LDNS_RDF_TYPE_NSEC
+};
+typedef enum sldns_enum_rdf_type sldns_rdf_type;
+
+/**
+ * Algorithms used in dns
+ */
+enum sldns_enum_algorithm
+{
+        LDNS_RSAMD5             = 1,   /* RFC 4034,4035 */
+        LDNS_DH                 = 2,
+        LDNS_DSA                = 3,
+        LDNS_ECC                = 4,
+        LDNS_RSASHA1            = 5,
+        LDNS_DSA_NSEC3          = 6,
+        LDNS_RSASHA1_NSEC3      = 7,
+        LDNS_RSASHA256          = 8,   /* RFC 5702 */
+        LDNS_RSASHA512          = 10,  /* RFC 5702 */
+        LDNS_ECC_GOST           = 12,  /* RFC 5933 */
+        LDNS_ECDSAP256SHA256    = 13,  /* RFC 6605 */
+        LDNS_ECDSAP384SHA384    = 14,  /* RFC 6605 */
+        LDNS_INDIRECT           = 252,
+        LDNS_PRIVATEDNS         = 253,
+        LDNS_PRIVATEOID         = 254
+};
+typedef enum sldns_enum_algorithm sldns_algorithm;
+
+/**
+ * Hashing algorithms used in the DS record
+ */
+enum sldns_enum_hash
+{
+        LDNS_SHA1               = 1,  /* RFC 4034 */
+        LDNS_SHA256             = 2,  /* RFC 4509 */
+        LDNS_HASH_GOST          = 3,  /* RFC 5933 */
+        LDNS_SHA384             = 4   /* RFC 6605 */
+};
+typedef enum sldns_enum_hash sldns_hash;
+
+/**
+ * algorithms used in CERT rrs
+ */
+enum sldns_enum_cert_algorithm
+{
+        LDNS_CERT_PKIX          = 1,
+        LDNS_CERT_SPKI          = 2,
+        LDNS_CERT_PGP           = 3,
+        LDNS_CERT_IPKIX         = 4,
+        LDNS_CERT_ISPKI         = 5,
+        LDNS_CERT_IPGP          = 6,
+        LDNS_CERT_ACPKIX        = 7,
+        LDNS_CERT_IACPKIX       = 8,
+        LDNS_CERT_URI           = 253,
+        LDNS_CERT_OID           = 254
+};
+typedef enum sldns_enum_cert_algorithm sldns_cert_algorithm;
+
+/**
+ * EDNS option codes
+ */
+enum sldns_enum_edns_option
+{
+	LDNS_EDNS_LLQ = 1, /* http://files.dns-sd.org/draft-sekar-dns-llq.txt */
+	LDNS_EDNS_UL = 2, /* http://files.dns-sd.org/draft-sekar-dns-ul.txt */
+	LDNS_EDNS_NSID = 3, /* RFC5001 */
+	/* 4 draft-cheshire-edns0-owner-option */
+	LDNS_EDNS_DAU = 5, /* RFC6975 */
+	LDNS_EDNS_DHU = 6, /* RFC6975 */
+	LDNS_EDNS_N3U = 7, /* RFC6975 */
+	LDNS_EDNS_CLIENT_SUBNET = 8 /* draft-vandergaast-edns-client-subnet */
+};
+typedef enum sldns_edns_option sldns_edns_option;
+
+#define LDNS_EDNS_MASK_DO_BIT 0x8000
+
+/**
+ * Contains all information about resource record types.
+ *
+ * This structure contains, for all rr types, the rdata fields that are defined.
+ */
+struct sldns_struct_rr_descriptor
+{
+	/** Type of the RR that is described here */
+	sldns_rr_type    _type;
+	/** Textual name of the RR type.  */
+	const char *_name;
+	/** Minimum number of rdata fields in the RRs of this type.  */
+	uint8_t     _minimum;
+	/** Maximum number of rdata fields in the RRs of this type.  */
+	uint8_t     _maximum;
+	/** Wireformat specification for the rr, i.e. the types of rdata fields in their respective order. */
+	const sldns_rdf_type *_wireformat;
+	/** Special rdf types */
+	sldns_rdf_type _variable;
+	/** Specifies whether compression can be used for dnames in this RR type. */
+	sldns_rr_compress _compress;
+	/** The number of DNAMEs in the _wireformat string, for parsing. */
+	uint8_t _dname_count;
+};
+typedef struct sldns_struct_rr_descriptor sldns_rr_descriptor;
+
+/**
+ * returns the resource record descriptor for the given rr type.
+ *
+ * \param[in] type the type value of the rr type
+ *\return the sldns_rr_descriptor for this type
+ */
+const sldns_rr_descriptor *sldns_rr_descript(uint16_t type);
+
+/**
+ * returns the minimum number of rdata fields of the rr type this descriptor describes.
+ *
+ * \param[in]  descriptor for an rr type
+ * \return the minimum number of rdata fields
+ */
+size_t sldns_rr_descriptor_minimum(const sldns_rr_descriptor *descriptor);
+
+/**
+ * returns the maximum number of rdata fields of the rr type this descriptor describes.
+ *
+ * \param[in]  descriptor for an rr type
+ * \return the maximum number of rdata fields
+ */
+size_t sldns_rr_descriptor_maximum(const sldns_rr_descriptor *descriptor);
+
+/**
+ * returns the rdf type for the given rdata field number of the rr type for the given descriptor.
+ *
+ * \param[in] descriptor for an rr type
+ * \param[in] field the field number
+ * \return the rdf type for the field
+ */
+sldns_rdf_type sldns_rr_descriptor_field_type(const sldns_rr_descriptor *descriptor, size_t field);
+
+/**
+ * retrieves a rrtype by looking up its name.
+ * \param[in] name a string with the name
+ * \return the type which corresponds with the name
+ */
+sldns_rr_type sldns_get_rr_type_by_name(const char *name);
+
+/**
+ * retrieves a class by looking up its name.
+ * \param[in] name string with the name
+ * \return the cass which corresponds with the name
+ */
+sldns_rr_class sldns_get_rr_class_by_name(const char *name);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* LDNS_RRDEF_H */

ldns/sbuffer.c

@@ -0,0 +1,189 @@
+/*
+ * buffer.c -- generic memory buffer .
+ *
+ * Copyright (c) 2001-2008, NLnet Labs. All rights reserved.
+ *
+ * See LICENSE for the license.
+ *
+ */
+/**
+ * \file
+ *
+ * This file contains the definition of sldns_buffer, and functions to manipulate those.
+ */
+#include "config.h"
+#include "ldns/sbuffer.h"
+#include <stdarg.h>
+
+sldns_buffer *
+sldns_buffer_new(size_t capacity)
+{
+	sldns_buffer *buffer = (sldns_buffer*)malloc(sizeof(sldns_buffer));
+
+	if (!buffer) {
+		return NULL;
+	}
+	
+	buffer->_data = (uint8_t *) malloc(capacity);
+	if (!buffer->_data) {
+		free(buffer);
+		return NULL;
+	}
+	
+	buffer->_position = 0;
+	buffer->_limit = buffer->_capacity = capacity;
+	buffer->_fixed = 0;
+	buffer->_status_err = 0;
+	
+	sldns_buffer_invariant(buffer);
+	
+	return buffer;
+}
+
+void
+sldns_buffer_new_frm_data(sldns_buffer *buffer, void *data, size_t size)
+{
+	assert(data != NULL);
+
+	buffer->_position = 0; 
+	buffer->_limit = buffer->_capacity = size;
+	buffer->_fixed = 0;
+	buffer->_data = malloc(size);
+	if(!buffer->_data) {
+		buffer->_status_err = 1;
+		return;
+	}
+	memcpy(buffer->_data, data, size);
+	buffer->_status_err = 0;
+	
+	sldns_buffer_invariant(buffer);
+}
+
+void
+sldns_buffer_init_frm_data(sldns_buffer *buffer, void *data, size_t size)
+{
+	memset(buffer, 0, sizeof(*buffer));
+	buffer->_data = data;
+	buffer->_capacity = buffer->_limit = size;
+	buffer->_fixed = 1;
+}
+
+int
+sldns_buffer_set_capacity(sldns_buffer *buffer, size_t capacity)
+{
+	void *data;
+	
+	sldns_buffer_invariant(buffer);
+	assert(buffer->_position <= capacity);
+
+	data = (uint8_t *) realloc(buffer->_data, capacity);
+	if (!data) {
+		buffer->_status_err = 1;
+		return 0;
+	} else {
+		buffer->_data = data;
+		buffer->_limit = buffer->_capacity = capacity;
+		return 1;
+	}
+}
+
+int
+sldns_buffer_reserve(sldns_buffer *buffer, size_t amount)
+{
+	sldns_buffer_invariant(buffer);
+	assert(!buffer->_fixed);
+	if (buffer->_capacity < buffer->_position + amount) {
+		size_t new_capacity = buffer->_capacity * 3 / 2;
+
+		if (new_capacity < buffer->_position + amount) {
+			new_capacity = buffer->_position + amount;
+		}
+		if (!sldns_buffer_set_capacity(buffer, new_capacity)) {
+			buffer->_status_err = 1;
+			return 0;
+		}
+	}
+	buffer->_limit = buffer->_capacity;
+	return 1;
+}
+
+int
+sldns_buffer_printf(sldns_buffer *buffer, const char *format, ...)
+{
+	va_list args;
+	int written = 0;
+	size_t remaining;
+	
+	if (sldns_buffer_status_ok(buffer)) {
+		sldns_buffer_invariant(buffer);
+		assert(buffer->_limit == buffer->_capacity);
+
+		remaining = sldns_buffer_remaining(buffer);
+		va_start(args, format);
+		written = vsnprintf((char *) sldns_buffer_current(buffer), remaining,
+				    format, args);
+		va_end(args);
+		if (written == -1) {
+			buffer->_status_err = 1;
+			return -1;
+		} else if ((size_t) written >= remaining) {
+			if (!sldns_buffer_reserve(buffer, (size_t) written + 1)) {
+				buffer->_status_err = 1;
+				return -1;
+			}
+			va_start(args, format);
+			written = vsnprintf((char *) sldns_buffer_current(buffer),
+			    sldns_buffer_remaining(buffer), format, args);
+			va_end(args);
+			if (written == -1) {
+				buffer->_status_err = 1;
+				return -1;
+			}
+		}
+		buffer->_position += written;
+	}
+	return written;
+}
+
+void
+sldns_buffer_free(sldns_buffer *buffer)
+{
+	if (!buffer) {
+		return;
+	}
+
+	if (!buffer->_fixed)
+		free(buffer->_data);
+
+	free(buffer);
+}
+
+void *
+sldns_buffer_export(sldns_buffer *buffer)
+{
+	buffer->_fixed = 1;
+	return buffer->_data;
+}
+
+int
+sldns_bgetc(sldns_buffer *buffer)
+{
+	if (!sldns_buffer_available_at(buffer, buffer->_position, sizeof(uint8_t))) {
+		sldns_buffer_set_position(buffer, sldns_buffer_limit(buffer));
+		/* sldns_buffer_rewind(buffer);*/
+		return EOF;
+	}
+	return (int)sldns_buffer_read_u8(buffer);
+}
+
+void 
+sldns_buffer_copy(sldns_buffer* result, sldns_buffer* from)
+{
+	size_t tocopy = sldns_buffer_limit(from);
+
+	if(tocopy > sldns_buffer_capacity(result))
+		tocopy = sldns_buffer_capacity(result);
+	sldns_buffer_clear(result);
+	sldns_buffer_write(result, sldns_buffer_begin(from), tocopy);
+	sldns_buffer_flip(result);
+}

ldns/sbuffer.h

@@ -0,0 +1,706 @@
+/*
+ * buffer.h -- generic memory buffer.
+ *
+ * Copyright (c) 2005-2008, NLnet Labs. All rights reserved.
+ *
+ * See LICENSE for the license.
+ *
+ *
+ * The buffer module implements a generic buffer.  The API is based on
+ * the java.nio.Buffer interface.
+ */
+
+#ifndef LDNS_SBUFFER_H
+#define LDNS_SBUFFER_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifdef S_SPLINT_S
+#  define INLINE 
+#else
+#  ifdef SWIG
+#    define INLINE static
+#  else
+#    define INLINE static inline
+#  endif
+#endif
+
+/*
+ * Copy data allowing for unaligned accesses in network byte order
+ * (big endian).
+ */
+INLINE uint16_t
+sldns_read_uint16(const void *src)
+{
+#ifdef ALLOW_UNALIGNED_ACCESSES
+        return ntohs(*(uint16_t *) src);
+#else
+        uint8_t *p = (uint8_t *) src;
+        return ((uint16_t) p[0] << 8) | (uint16_t) p[1];
+#endif
+}
+
+INLINE uint32_t
+sldns_read_uint32(const void *src)
+{
+#ifdef ALLOW_UNALIGNED_ACCESSES
+        return ntohl(*(uint32_t *) src);
+#else
+        uint8_t *p = (uint8_t *) src;
+        return (  ((uint32_t) p[0] << 24)
+                | ((uint32_t) p[1] << 16)
+                | ((uint32_t) p[2] << 8)
+                |  (uint32_t) p[3]);
+#endif
+}
+
+/*
+ * Copy data allowing for unaligned accesses in network byte order
+ * (big endian).
+ */
+INLINE void
+sldns_write_uint16(void *dst, uint16_t data)
+{
+#ifdef ALLOW_UNALIGNED_ACCESSES
+        * (uint16_t *) dst = htons(data);
+#else
+        uint8_t *p = (uint8_t *) dst;
+        p[0] = (uint8_t) ((data >> 8) & 0xff);
+        p[1] = (uint8_t) (data & 0xff);
+#endif
+}
+
+INLINE void
+sldns_write_uint32(void *dst, uint32_t data)
+{
+#ifdef ALLOW_UNALIGNED_ACCESSES
+        * (uint32_t *) dst = htonl(data);
+#else
+        uint8_t *p = (uint8_t *) dst;
+        p[0] = (uint8_t) ((data >> 24) & 0xff);
+        p[1] = (uint8_t) ((data >> 16) & 0xff);
+        p[2] = (uint8_t) ((data >> 8) & 0xff);
+        p[3] = (uint8_t) (data & 0xff);
+#endif
+}
+
+
+/**
+ * \file sbuffer.h
+ *
+ * This file contains the definition of sldns_buffer, and functions to manipulate those.
+ */
+
+/** 
+ * implementation of buffers to ease operations
+ *
+ * sldns_buffers can contain arbitrary information, per octet. You can write
+ * to the current end of a buffer, read from the current position, and
+ * access any data within it.
+ */
+struct sldns_buffer
+{
+	/** The current position used for reading/writing */ 
+	size_t   _position;
+
+	/** The read/write limit */
+	size_t   _limit;
+
+	/** The amount of data the buffer can contain */
+	size_t   _capacity;
+
+	/** The data contained in the buffer */
+	uint8_t *_data;
+
+	/** If the buffer is fixed it cannot be resized */
+	unsigned _fixed : 1;
+
+	/** The current state of the buffer. If writing to the buffer fails
+	 * for any reason, this value is changed. This way, you can perform
+	 * multiple writes in sequence and check for success afterwards. */
+	unsigned _status_err : 1;
+};
+typedef struct sldns_buffer sldns_buffer;
+
+#ifdef NDEBUG
+INLINE void
+sldns_buffer_invariant(sldns_buffer *ATTR_UNUSED(buffer))
+{
+}
+#else
+INLINE void
+sldns_buffer_invariant(sldns_buffer *buffer)
+{
+	assert(buffer != NULL);
+	assert(buffer->_position <= buffer->_limit);
+	assert(buffer->_limit <= buffer->_capacity);
+	assert(buffer->_data != NULL);
+}
+#endif
+
+/**
+ * creates a new buffer with the specified capacity.
+ *
+ * \param[in] capacity the size (in bytes) to allocate for the buffer
+ * \return the created buffer
+ */
+sldns_buffer *sldns_buffer_new(size_t capacity);
+
+/**
+ * creates a buffer with the specified data.  The data IS copied
+ * and MEMORY allocations are done.  The buffer is not fixed and can
+ * be resized using buffer_reserve().
+ *
+ * \param[in] buffer pointer to the buffer to put the data in
+ * \param[in] data the data to encapsulate in the buffer
+ * \param[in] size the size of the data
+ */
+void sldns_buffer_new_frm_data(sldns_buffer *buffer, void *data, size_t size);
+
+/**
+ * Setup a buffer with the data pointed to. No data copied, no memory allocs.
+ * The buffer is fixed.
+ * \param[in] buffer pointer to the buffer to put the data in
+ * \param[in] data the data to encapsulate in the buffer
+ * \param[in] size the size of the data
+ */
+void sldns_buffer_init_frm_data(sldns_buffer *buffer, void *data, size_t size);
+
+/**
+ * clears the buffer and make it ready for writing.  The buffer's limit
+ * is set to the capacity and the position is set to 0.
+ * \param[in] buffer the buffer to clear
+ */
+INLINE void sldns_buffer_clear(sldns_buffer *buffer)
+{
+	sldns_buffer_invariant(buffer);
+
+	/* reset status here? */
+
+	buffer->_position = 0;
+	buffer->_limit = buffer->_capacity;
+}
+
+/**
+ * makes the buffer ready for reading the data that has been written to
+ * the buffer.  The buffer's limit is set to the current position and
+ * the position is set to 0.
+ *
+ * \param[in] buffer the buffer to flip
+ * \return void
+ */
+INLINE void sldns_buffer_flip(sldns_buffer *buffer)
+{
+	sldns_buffer_invariant(buffer);
+
+	buffer->_limit = buffer->_position;
+	buffer->_position = 0;
+}
+
+/**
+ * make the buffer ready for re-reading the data.  The buffer's
+ * position is reset to 0.
+ * \param[in] buffer the buffer to rewind
+ */
+INLINE void sldns_buffer_rewind(sldns_buffer *buffer)
+{
+	sldns_buffer_invariant(buffer);
+
+	buffer->_position = 0;
+}
+
+/**
+ * returns the current position in the buffer (as a number of bytes)
+ * \param[in] buffer the buffer
+ * \return the current position
+ */
+INLINE size_t
+sldns_buffer_position(sldns_buffer *buffer)
+{
+	return buffer->_position;
+}
+
+/**
+ * sets the buffer's position to MARK.  The position must be less than
+ * or equal to the buffer's limit.
+ * \param[in] buffer the buffer
+ * \param[in] mark the mark to use
+ */
+INLINE void
+sldns_buffer_set_position(sldns_buffer *buffer, size_t mark)
+{
+	assert(mark <= buffer->_limit);
+	buffer->_position = mark;
+}
+
+/**
+ * changes the buffer's position by COUNT bytes.  The position must not
+ * be moved behind the buffer's limit or before the beginning of the
+ * buffer.
+ * \param[in] buffer the buffer
+ * \param[in] count the count to use
+ */
+INLINE void
+sldns_buffer_skip(sldns_buffer *buffer, ssize_t count)
+{
+	assert(buffer->_position + count <= buffer->_limit);
+	buffer->_position += count;
+}
+
+/**
+ * returns the maximum size of the buffer
+ * \param[in] buffer
+ * \return the size
+ */
+INLINE size_t
+sldns_buffer_limit(sldns_buffer *buffer)
+{
+	return buffer->_limit;
+}
+
+/**
+ * changes the buffer's limit.  If the buffer's position is greater
+ * than the new limit the position is set to the limit.
+ * \param[in] buffer the buffer
+ * \param[in] limit the new limit
+ */
+INLINE void
+sldns_buffer_set_limit(sldns_buffer *buffer, size_t limit)
+{
+	assert(limit <= buffer->_capacity);
+	buffer->_limit = limit;
+	if (buffer->_position > buffer->_limit)
+		buffer->_position = buffer->_limit;
+}
+
+/**
+ * returns the number of bytes the buffer can hold.
+ * \param[in] buffer the buffer
+ * \return the number of bytes
+ */
+INLINE size_t
+sldns_buffer_capacity(sldns_buffer *buffer)
+{
+	return buffer->_capacity;
+}
+
+/**
+ * changes the buffer's capacity.  The data is reallocated so any
+ * pointers to the data may become invalid.  The buffer's limit is set
+ * to the buffer's new capacity.
+ * \param[in] buffer the buffer
+ * \param[in] capacity the capacity to use
+ * \return whether this failed or succeeded
+ */
+int sldns_buffer_set_capacity(sldns_buffer *buffer, size_t capacity);
+
+/**
+ * ensures BUFFER can contain at least AMOUNT more bytes.  The buffer's
+ * capacity is increased if necessary using buffer_set_capacity().
+ *
+ * The buffer's limit is always set to the (possibly increased)
+ * capacity.
+ * \param[in] buffer the buffer
+ * \param[in] amount amount to use
+ * \return whether this failed or succeeded
+ */
+int sldns_buffer_reserve(sldns_buffer *buffer, size_t amount);
+
+/**
+ * returns a pointer to the data at the indicated position.
+ * \param[in] buffer the buffer
+ * \param[in] at position
+ * \return the pointer to the data
+ */
+INLINE uint8_t *
+sldns_buffer_at(const sldns_buffer *buffer, size_t at)
+{
+	assert(at <= buffer->_limit);
+	return buffer->_data + at;
+}
+
+/**
+ * returns a pointer to the beginning of the buffer (the data at
+ * position 0).
+ * \param[in] buffer the buffer
+ * \return the pointer
+ */
+INLINE uint8_t *
+sldns_buffer_begin(const sldns_buffer *buffer)
+{
+	return sldns_buffer_at(buffer, 0);
+}
+
+/**
+ * returns a pointer to the end of the buffer (the data at the buffer's
+ * limit).
+ * \param[in] buffer the buffer
+ * \return the pointer
+ */
+INLINE uint8_t *
+sldns_buffer_end(sldns_buffer *buffer)
+{
+	return sldns_buffer_at(buffer, buffer->_limit);
+}
+
+/**
+ * returns a pointer to the data at the buffer's current position.
+ * \param[in] buffer the buffer
+ * \return the pointer
+ */
+INLINE uint8_t *
+sldns_buffer_current(sldns_buffer *buffer)
+{
+	return sldns_buffer_at(buffer, buffer->_position);
+}
+
+/**
+ * returns the number of bytes remaining between the indicated position and
+ * the limit.
+ * \param[in] buffer the buffer
+ * \param[in] at indicated position
+ * \return number of bytes
+ */
+INLINE size_t
+sldns_buffer_remaining_at(sldns_buffer *buffer, size_t at)
+{
+	sldns_buffer_invariant(buffer);
+	assert(at <= buffer->_limit);
+	return buffer->_limit - at;
+}
+
+/**
+ * returns the number of bytes remaining between the buffer's position and
+ * limit.
+ * \param[in] buffer the buffer
+ * \return the number of bytes
+ */
+INLINE size_t
+sldns_buffer_remaining(sldns_buffer *buffer)
+{
+	return sldns_buffer_remaining_at(buffer, buffer->_position);
+}
+
+/**
+ * checks if the buffer has at least COUNT more bytes available.
+ * Before reading or writing the caller needs to ensure enough space
+ * is available!
+ * \param[in] buffer the buffer
+ * \param[in] at indicated position
+ * \param[in] count how much is available
+ * \return true or false (as int?)
+ */
+INLINE int
+sldns_buffer_available_at(sldns_buffer *buffer, size_t at, size_t count)
+{
+	return count <= sldns_buffer_remaining_at(buffer, at);
+}
+
+/**
+ * checks if the buffer has count bytes available at the current position
+ * \param[in] buffer the buffer
+ * \param[in] count how much is available
+ * \return true or false (as int?)
+ */
+INLINE int
+sldns_buffer_available(sldns_buffer *buffer, size_t count)
+{
+	return sldns_buffer_available_at(buffer, buffer->_position, count);
+}
+
+/**
+ * writes the given data to the buffer at the specified position
+ * \param[in] buffer the buffer
+ * \param[in] at the position (in number of bytes) to write the data at
+ * \param[in] data pointer to the data to write to the buffer
+ * \param[in] count the number of bytes of data to write
+ */
+INLINE void
+sldns_buffer_write_at(sldns_buffer *buffer, size_t at, const void *data, size_t count)
+{
+	assert(sldns_buffer_available_at(buffer, at, count));
+	memcpy(buffer->_data + at, data, count);
+}
+
+/**
+ * writes count bytes of data to the current position of the buffer
+ * \param[in] buffer the buffer
+ * \param[in] data the data to write
+ * \param[in] count the lenght of the data to write
+ */
+INLINE void
+sldns_buffer_write(sldns_buffer *buffer, const void *data, size_t count)
+{
+	sldns_buffer_write_at(buffer, buffer->_position, data, count);
+	buffer->_position += count;
+}
+
+/**
+ * copies the given (null-delimited) string to the specified position at the buffer
+ * \param[in] buffer the buffer
+ * \param[in] at the position in the buffer
+ * \param[in] str the string to write
+ */
+INLINE void
+sldns_buffer_write_string_at(sldns_buffer *buffer, size_t at, const char *str)
+{
+	sldns_buffer_write_at(buffer, at, str, strlen(str));
+}
+
+/**
+ * copies the given (null-delimited) string to the current position at the buffer
+ * \param[in] buffer the buffer
+ * \param[in] str the string to write
+ */
+INLINE void
+sldns_buffer_write_string(sldns_buffer *buffer, const char *str)
+{
+	sldns_buffer_write(buffer, str, strlen(str));
+}
+
+/**
+ * writes the given byte of data at the given position in the buffer
+ * \param[in] buffer the buffer
+ * \param[in] at the position in the buffer
+ * \param[in] data the 8 bits to write
+ */
+INLINE void
+sldns_buffer_write_u8_at(sldns_buffer *buffer, size_t at, uint8_t data)
+{
+	assert(sldns_buffer_available_at(buffer, at, sizeof(data)));
+	buffer->_data[at] = data;
+}
+
+/**
+ * writes the given byte of data at the current position in the buffer
+ * \param[in] buffer the buffer
+ * \param[in] data the 8 bits to write
+ */
+INLINE void
+sldns_buffer_write_u8(sldns_buffer *buffer, uint8_t data)
+{
+	sldns_buffer_write_u8_at(buffer, buffer->_position, data);
+	buffer->_position += sizeof(data);
+}
+
+/**
+ * writes the given 2 byte integer at the given position in the buffer
+ * \param[in] buffer the buffer
+ * \param[in] at the position in the buffer
+ * \param[in] data the 16 bits to write
+ */
+INLINE void
+sldns_buffer_write_u16_at(sldns_buffer *buffer, size_t at, uint16_t data)
+{
+	assert(sldns_buffer_available_at(buffer, at, sizeof(data)));
+	sldns_write_uint16(buffer->_data + at, data);
+}
+
+/**
+ * writes the given 2 byte integer at the current position in the buffer
+ * \param[in] buffer the buffer
+ * \param[in] data the 16 bits to write
+ */
+INLINE void
+sldns_buffer_write_u16(sldns_buffer *buffer, uint16_t data)
+{
+	sldns_buffer_write_u16_at(buffer, buffer->_position, data);
+	buffer->_position += sizeof(data);
+}
+
+/**
+ * writes the given 4 byte integer at the given position in the buffer
+ * \param[in] buffer the buffer
+ * \param[in] at the position in the buffer
+ * \param[in] data the 32 bits to write
+ */
+INLINE void
+sldns_buffer_write_u32_at(sldns_buffer *buffer, size_t at, uint32_t data)
+{
+	assert(sldns_buffer_available_at(buffer, at, sizeof(data)));
+	sldns_write_uint32(buffer->_data + at, data);
+}
+
+/**
+ * writes the given 4 byte integer at the current position in the buffer
+ * \param[in] buffer the buffer
+ * \param[in] data the 32 bits to write
+ */
+INLINE void
+sldns_buffer_write_u32(sldns_buffer *buffer, uint32_t data)
+{
+	sldns_buffer_write_u32_at(buffer, buffer->_position, data);
+	buffer->_position += sizeof(data);
+}
+
+/**
+ * copies count bytes of data at the given position to the given data-array
+ * \param[in] buffer the buffer
+ * \param[in] at the position in the buffer to start
+ * \param[out] data buffer to copy to
+ * \param[in] count the length of the data to copy
+ */
+INLINE void
+sldns_buffer_read_at(sldns_buffer *buffer, size_t at, void *data, size_t count)
+{
+	assert(sldns_buffer_available_at(buffer, at, count));
+	memcpy(data, buffer->_data + at, count);
+}
+
+/**
+ * copies count bytes of data at the current position to the given data-array
+ * \param[in] buffer the buffer
+ * \param[out] data buffer to copy to
+ * \param[in] count the length of the data to copy
+ */
+INLINE void
+sldns_buffer_read(sldns_buffer *buffer, void *data, size_t count)
+{
+	sldns_buffer_read_at(buffer, buffer->_position, data, count);
+	buffer->_position += count;
+}
+
+/**
+ * returns the byte value at the given position in the buffer
+ * \param[in] buffer the buffer
+ * \param[in] at the position in the buffer
+ * \return 1 byte integer
+ */
+INLINE uint8_t
+sldns_buffer_read_u8_at(sldns_buffer *buffer, size_t at)
+{
+	assert(sldns_buffer_available_at(buffer, at, sizeof(uint8_t)));
+	return buffer->_data[at];
+}
+
+/**
+ * returns the byte value at the current position in the buffer
+ * \param[in] buffer the buffer
+ * \return 1 byte integer
+ */
+INLINE uint8_t
+sldns_buffer_read_u8(sldns_buffer *buffer)
+{
+	uint8_t result = sldns_buffer_read_u8_at(buffer, buffer->_position);
+	buffer->_position += sizeof(uint8_t);
+	return result;
+}
+
+/**
+ * returns the 2-byte integer value at the given position in the buffer
+ * \param[in] buffer the buffer
+ * \param[in] at position in the buffer
+ * \return 2 byte integer
+ */
+INLINE uint16_t
+sldns_buffer_read_u16_at(sldns_buffer *buffer, size_t at)
+{
+	assert(sldns_buffer_available_at(buffer, at, sizeof(uint16_t)));
+	return sldns_read_uint16(buffer->_data + at);
+}
+
+/**
+ * returns the 2-byte integer value at the current position in the buffer
+ * \param[in] buffer the buffer
+ * \return 2 byte integer
+ */
+INLINE uint16_t
+sldns_buffer_read_u16(sldns_buffer *buffer)
+{
+	uint16_t result = sldns_buffer_read_u16_at(buffer, buffer->_position);
+	buffer->_position += sizeof(uint16_t);
+	return result;
+}
+
+/**
+ * returns the 4-byte integer value at the given position in the buffer
+ * \param[in] buffer the buffer
+ * \param[in] at position in the buffer
+ * \return 4 byte integer
+ */
+INLINE uint32_t
+sldns_buffer_read_u32_at(sldns_buffer *buffer, size_t at)
+{
+	assert(sldns_buffer_available_at(buffer, at, sizeof(uint32_t)));
+	return sldns_read_uint32(buffer->_data + at);
+}
+
+/**
+ * returns the 4-byte integer value at the current position in the buffer
+ * \param[in] buffer the buffer
+ * \return 4 byte integer
+ */
+INLINE uint32_t
+sldns_buffer_read_u32(sldns_buffer *buffer)
+{
+	uint32_t result = sldns_buffer_read_u32_at(buffer, buffer->_position);
+	buffer->_position += sizeof(uint32_t);
+	return result;
+}
+
+/**
+ * returns the status of the buffer
+ * \param[in] buffer
+ * \return the status
+ */
+INLINE int
+sldns_buffer_status(sldns_buffer *buffer)
+{
+	return (int)buffer->_status_err;
+}
+
+/**
+ * returns true if the status of the buffer is LDNS_STATUS_OK, false otherwise
+ * \param[in] buffer the buffer
+ * \return true or false
+ */
+INLINE int
+sldns_buffer_status_ok(sldns_buffer *buffer)
+{
+	if (buffer) {
+		return sldns_buffer_status(buffer) == 0;
+	} else {
+		return 0;
+	}
+}
+
+/**
+ * prints to the buffer, increasing the capacity if required using
+ * buffer_reserve(). The buffer's position is set to the terminating '\\0'
+ * Returns the number of characters written (not including the
+ * terminating '\\0') or -1 on failure.
+ */
+int sldns_buffer_printf(sldns_buffer *buffer, const char *format, ...)
+	ATTR_FORMAT(printf, 2, 3);
+
+/**
+ * frees the buffer.
+ * \param[in] *buffer the buffer to be freed
+ * \return void
+ */
+void sldns_buffer_free(sldns_buffer *buffer);
+
+/**
+ * Makes the buffer fixed and returns a pointer to the data.  The
+ * caller is responsible for free'ing the result.
+ * \param[in] *buffer the buffer to be exported
+ * \return void
+ */
+void *sldns_buffer_export(sldns_buffer *buffer);
+
+/**
+ * Copy contents of the from buffer to the result buffer and then flips 
+ * the result buffer. Data will be silently truncated if the result buffer is
+ * too small.
+ * \param[out] *result resulting buffer which is copied to.
+ * \param[in] *from what to copy to result.
+ */
+void sldns_buffer_copy(sldns_buffer* result, sldns_buffer* from);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* LDNS_SBUFFER_H */

ldns/str2wire.h

@@ -0,0 +1,541 @@
+/**
+ * str2wire.h -  read txt presentation of RRs
+ *
+ * (c) NLnet Labs, 2005-2006
+ *
+ * See the file LICENSE for the license
+ */
+
+/**
+ * \file
+ *
+ * Parses text to wireformat.
+ */
+
+#ifndef LDNS_STR2WIRE_H
+#define LDNS_STR2WIRE_H
+
+/* include rrdef for MAX_DOMAINLEN constant */
+#include <ldns/rrdef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+struct sldns_struct_lookup_table;
+
+/** buffer to read an RR, cannot be larger than 64K because of packet size */
+#define LDNS_RR_BUF_SIZE 65535 /* bytes */
+#define LDNS_DEFAULT_TTL	3600
+
+/*
+ * To convert class and type to string see
+ * sldns_get_rr_class_by_name(str)
+ * sldns_get_rr_type_by_name(str)
+ * from rrdef.h
+ */
+
+/**
+ * Convert text string into dname wireformat, mallocless, with user buffer.
+ * @param str: the text string with the domain name.
+ * @param buf: the result buffer, suggested size LDNS_MAX_DOMAINLEN+1
+ * @param len: length of the buffer on input, length of the result on output.
+ * @return 0 on success, otherwise an error.
+ */
+int sldns_str2wire_dname_buf(const char* str, uint8_t* buf, size_t* len);
+
+/**
+ * Same as sldns_str2wire_dname_buf, but concatenates origin if the domain
+ * name is relative (does not end in '.').
+ * @param str: the text string with the domain name.
+ * @param buf: the result buffer, suggested size LDNS_MAX_DOMAINLEN+1
+ * @param len: length of the buffer on input, length of the result on output.
+ * @param origin: the origin to append or NULL (nothing is appended).
+ * @param origin_len: length of origin.
+ * @return 0 on success, otherwise an error.
+ */
+int sldns_str2wire_dname_buf_origin(const char* str, uint8_t* buf, size_t* len,
+	uint8_t* origin, size_t origin_len);
+
+/**
+ * Convert text string into dname wireformat
+ * @param str: the text string with the domain name.
+ * @param len: returned length of wireformat.
+ * @return wireformat dname (malloced) or NULL on failure.
+ */
+uint8_t* sldns_str2wire_dname(const char* str, size_t* len);
+
+/**
+ * Convert text RR to wireformat, with user buffer.
+ * @param str: the RR data in text presentation format.
+ * @param rr: the buffer where the result is stored into.  This buffer has
+ * 	the wire-dname(uncompressed), type, class, ttl, rdatalen, rdata.
+ * 	These values are probably not aligned, and in network format.
+ * 	Use the sldns_wirerr_get_xxx functions to access them safely.
+ * 	buffer size LDNS_RR_BUF_SIZE is suggested.
+ * @param len: on input the length of the buffer, on output the amount of
+ * 	the buffer used for the rr.
+ * @param dname_len: if non-NULL, filled with the dname length as result.
+ * 	Because after the dname you find the type, class, ttl, rdatalen, rdata.
+ * @param default_ttl: TTL used if no TTL available.
+ * @param origin: used for origin dname (if not NULL)
+ * @param origin_len: length of origin.
+ * @param prev: used for prev_rr dname (if not NULL)
+ * @param prev_len: length of prev.
+ * @return 0 on success, an error on failure.
+ */
+int sldns_str2wire_rr_buf(const char* str, uint8_t* rr, size_t* len,
+	size_t* dname_len, uint32_t default_ttl, uint8_t* origin,
+	size_t origin_len, uint8_t* prev, size_t prev_len);
+
+/**
+ * Same as sldns_str2wire_rr_buf, but there is no rdata, it returns an RR
+ * with zero rdata and no ttl.  It has name, type, class.
+ * You can access those with the sldns_wirerr_get_type and class functions.
+ * @param str: the RR data in text presentation format.
+ * @param rr: the buffer where the result is stored into.
+ * @param len: on input the length of the buffer, on output the amount of
+ * 	the buffer used for the rr.
+ * @param dname_len: if non-NULL, filled with the dname length as result.
+ * 	Because after the dname you find the type, class, ttl, rdatalen, rdata.
+ * @param origin: used for origin dname (if not NULL)
+ * @param origin_len: length of origin.
+ * @param prev: used for prev_rr dname (if not NULL)
+ * @param prev_len: length of prev.
+ * @return 0 on success, an error on failure.
+ */
+int sldns_str2wire_rr_question_buf(const char* str, uint8_t* rr, size_t* len,
+	size_t* dname_len, uint8_t* origin, size_t origin_len, uint8_t* prev,
+	size_t prev_len);
+
+/**
+ * Get the type of the RR.
+ * @param rr: the RR in wire format.
+ * @param len: rr length.
+ * @param dname_len: dname length to skip.
+ * @return type in host byteorder
+ */
+uint16_t sldns_wirerr_get_type(uint8_t* rr, size_t len, size_t dname_len);
+
+/**
+ * Get the class of the RR.
+ * @param rr: the RR in wire format.
+ * @param len: rr length.
+ * @param dname_len: dname length to skip.
+ * @return class in host byteorder
+ */
+uint16_t sldns_wirerr_get_class(uint8_t* rr, size_t len, size_t dname_len);
+
+/**
+ * Get the ttl of the RR.
+ * @param rr: the RR in wire format.
+ * @param len: rr length.
+ * @param dname_len: dname length to skip.
+ * @return ttl in host byteorder
+ */
+uint32_t sldns_wirerr_get_ttl(uint8_t* rr, size_t len, size_t dname_len);
+
+/**
+ * Get the rdata length of the RR.
+ * @param rr: the RR in wire format.
+ * @param len: rr length.
+ * @param dname_len: dname length to skip.
+ * @return rdata length in host byteorder
+ * 	If the rdata length is larger than the rr-len allows, it is truncated.
+ * 	So, that it is safe to read the data length returned
+ * 	from this function from the rdata pointer of sldns_wirerr_get_rdata.
+ */
+uint16_t sldns_wirerr_get_rdatalen(uint8_t* rr, size_t len, size_t dname_len);
+
+/**
+ * Get the rdata pointer of the RR.
+ * @param rr: the RR in wire format.
+ * @param len: rr length.
+ * @param dname_len: dname length to skip.
+ * @return rdata pointer
+ */
+uint8_t* sldns_wirerr_get_rdata(uint8_t* rr, size_t len, size_t dname_len);
+
+/**
+ * Get the rdata pointer of the RR. prefixed with rdata length.
+ * @param rr: the RR in wire format.
+ * @param len: rr length.
+ * @param dname_len: dname length to skip.
+ * @return pointer to rdatalength, followed by the rdata.
+ */
+uint8_t* sldns_wirerr_get_rdatawl(uint8_t* rr, size_t len, size_t dname_len);
+
+/**
+ * Parse result codes
+ */
+#define LDNS_WIREPARSE_MASK 0x0fff
+#define LDNS_WIREPARSE_SHIFT 12
+#define LDNS_WIREPARSE_ERROR(e) ((e)&LDNS_WIREPARSE_MASK)
+#define LDNS_WIREPARSE_OFFSET(e) (((e)&~LDNS_WIREPARSE_MASK)>>LDNS_WIREPARSE_SHIFT)
+/* use lookuptable to get error string, sldns_wireparse_errors */
+#define LDNS_WIREPARSE_ERR_OK 0
+#define LDNS_WIREPARSE_ERR_GENERAL 342
+#define LDNS_WIREPARSE_ERR_DOMAINNAME_OVERFLOW 343
+#define LDNS_WIREPARSE_ERR_DOMAINNAME_UNDERFLOW 344
+#define LDNS_WIREPARSE_ERR_BUFFER_TOO_SMALL 345
+#define LDNS_WIREPARSE_ERR_LABEL_OVERFLOW 346
+#define LDNS_WIREPARSE_ERR_EMPTY_LABEL 347
+#define LDNS_WIREPARSE_ERR_SYNTAX_BAD_ESCAPE 348
+#define LDNS_WIREPARSE_ERR_SYNTAX 349
+#define LDNS_WIREPARSE_ERR_SYNTAX_TTL 350
+#define LDNS_WIREPARSE_ERR_SYNTAX_TYPE 351
+#define LDNS_WIREPARSE_ERR_SYNTAX_CLASS 352
+#define LDNS_WIREPARSE_ERR_SYNTAX_RDATA 353
+#define LDNS_WIREPARSE_ERR_SYNTAX_MISSING_VALUE 354
+#define LDNS_WIREPARSE_ERR_INVALID_STR 355
+#define LDNS_WIREPARSE_ERR_SYNTAX_B64 356
+#define LDNS_WIREPARSE_ERR_SYNTAX_B32_EXT 357
+#define LDNS_WIREPARSE_ERR_SYNTAX_HEX 358
+#define LDNS_WIREPARSE_ERR_CERT_BAD_ALGORITHM 359
+#define LDNS_WIREPARSE_ERR_SYNTAX_TIME 360
+#define LDNS_WIREPARSE_ERR_SYNTAX_PERIOD 361
+#define LDNS_WIREPARSE_ERR_SYNTAX_ILNP64 362
+#define LDNS_WIREPARSE_ERR_SYNTAX_EUI48 363
+#define LDNS_WIREPARSE_ERR_SYNTAX_EUI64 364
+#define LDNS_WIREPARSE_ERR_SYNTAX_TAG 365
+#define LDNS_WIREPARSE_ERR_NOT_IMPL 366
+#define LDNS_WIREPARSE_ERR_SYNTAX_INT 367
+#define LDNS_WIREPARSE_ERR_SYNTAX_IP4 368
+#define LDNS_WIREPARSE_ERR_SYNTAX_IP6 369
+#define LDNS_WIREPARSE_ERR_SYNTAX_INTEGER_OVERFLOW 370
+#define LDNS_WIREPARSE_ERR_INCLUDE 371
+#define LDNS_WIREPARSE_ERR_PARENTHESIS 372
+
+/**
+ * Get reference to a constant string for the (parse) error.
+ * @param e: error return value
+ * @return string.
+ */
+const char* sldns_get_errorstr_parse(int e);
+
+/**
+ * wire parse state for parsing files
+ */
+struct sldns_file_parse_state {
+	/** the origin domain name, if len!=0. uncompressed wireformat */
+	uint8_t origin[LDNS_MAX_DOMAINLEN+1];
+	/** length of origin domain name, in bytes. 0 if not set. */
+	size_t origin_len;
+	/** the previous domain name, if len!=0. uncompressed wireformat*/
+	uint8_t prev_rr[LDNS_MAX_DOMAINLEN+1];
+	/** length of the previous domain name, in bytes. 0 if not set. */
+	size_t prev_rr_len;
+	/** default TTL, this is used if the text does not specify a TTL,
+	 * host byteorder */
+	uint32_t default_ttl;
+	/** line number information */
+	int lineno;
+};
+
+/**
+ * Read one RR from zonefile with buffer for the data.
+ * @param in: file that is read from (one RR, multiple lines if it spans them).
+ * @param rr: this is malloced by the user and the result is stored here,
+ * 	if an RR is read.  If no RR is read this is signalled with the
+ * 	return len set to 0 (for ORIGIN, TTL directives).
+ * @param len: on input, the length of the rr buffer.  on output the rr len.
+ * 	Buffer size of 64k should be enough.
+ * @param dname_len: returns the length of the dname initial part of the rr.
+ * @param parse_state: pass a pointer to user-allocated struct.
+ * 	Contents are maintained by this function.
+ * 	If you pass NULL then ORIGIN and TTL directives are not honored.
+ * 	You can start out with a particular origin by pre-filling it.
+ * 	otherwise, zero the structure before passing it.
+ * 	lineno is incremented when a newline is passed by the parser,
+ * 	you should initialize it at 1 at the start of the file.
+ * @return 0 on success, error on failure.
+ */
+int sldns_fp2wire_rr_buf(FILE* in, uint8_t* rr, size_t* len, size_t* dname_len,
+	struct sldns_file_parse_state* parse_state);
+
+/**
+ * Convert one rdf in rdata to wireformat and parse from string.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @param rdftype: the type of the rdf.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_rdf_buf(const char* str, uint8_t* rd, size_t* len,
+	sldns_rdf_type rdftype);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_INT8 from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_int8_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_INT16 from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_int16_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_INT32 from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_int32_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_A from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_a_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_AAAA from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_aaaa_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_STR from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_str_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_APL from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_apl_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_B64 from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_b64_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_B32_EXT from string to wireformat.
+ * And also LDNS_RDF_TYPE_NSEC3_NEXT_OWNER.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_b32_ext_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_HEX from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_hex_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_NSEC from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_nsec_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_TYPE from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_type_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_CLASS from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_class_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_CERT_ALG from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_cert_alg_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_ALG from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_alg_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_TIME from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_time_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_PERIOD from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_period_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_LOC from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_loc_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_WKS from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_wks_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_NSAP from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_nsap_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_ATMA from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_atma_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_IPSECKEY from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_ipseckey_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_NSEC3_SALT from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_nsec3_salt_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_ILNP64 from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_ilnp64_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_EUI48 from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_eui48_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_EUI64 from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_eui64_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_TAG from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_tag_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_LONG_STR from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_long_str_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_HIP from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_hip_buf(const char* str, uint8_t* rd, size_t* len);
+
+/**
+ * Convert rdf of type LDNS_RDF_TYPE_INT16_DATA from string to wireformat.
+ * @param str: the text to convert for this rdata element.
+ * @param rd: rdata buffer for the wireformat.
+ * @param len: length of rd buffer on input, used length on output.
+ * @return 0 on success, error on failure.
+ */
+int sldns_str2wire_int16_data_buf(const char* str, uint8_t* rd, size_t* len);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* LDNS_STR2WIRE_H */

ldns/wire2str.h

@@ -0,0 +1,984 @@
+/**
+ * wire2str.h -  txt presentation of RRs
+ *
+ * (c) NLnet Labs, 2005-2006
+ *
+ * See the file LICENSE for the license
+ */
+
+/**
+ * \file
+ *
+ * Contains functions to translate the wireformat to text
+ * representation, as well as functions to print them.
+ */
+
+#ifndef LDNS_WIRE2STR_H
+#define LDNS_WIRE2STR_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+struct sldns_struct_lookup_table;
+
+/* lookup tables for standard DNS stuff  */
+/** Taken from RFC 2535, section 7.  */
+extern struct sldns_struct_lookup_table* sldns_algorithms;
+/** DS record hash algorithms */
+extern struct sldns_struct_lookup_table* sldns_hashes;
+/** Taken from RFC 2538, section 2.1.  */
+extern struct sldns_struct_lookup_table* sldns_cert_algorithms;
+/** Response codes */
+extern struct sldns_struct_lookup_table* sldns_rcodes;
+/** Operation codes */
+extern struct sldns_struct_lookup_table* sldns_opcodes;
+/** EDNS flags */
+extern struct sldns_struct_lookup_table* sldns_edns_flags;
+/** EDNS option codes */
+extern struct sldns_struct_lookup_table* sldns_edns_options;
+/** error string from wireparse */
+extern struct sldns_struct_lookup_table* sldns_wireparse_errors;
+
+/**
+ * Convert wireformat packet to a string representation
+ * @param data: wireformat packet data (starting at ID bytes).
+ * @param len: length of packet.
+ * @return string(malloced) or NULL on failure.
+ */
+char* sldns_wire2str_pkt(uint8_t* data, size_t len);
+
+/**
+ * Convert wireformat RR to a string representation.
+ * @param rr: the wireformat RR, in uncompressed form.  Starts at the domain
+ * 	name start, ends with the rdata of the RR.
+ * @param len: length of the rr wireformat.
+ * @return string(malloced) or NULL on failure.
+ */
+char* sldns_wire2str_rr(uint8_t* rr, size_t len);
+
+/**
+ * Conver wire dname to a string.
+ * @param dname: the dname in uncompressed wireformat.
+ * @param dname_len: length of the dname.
+ * @return string or NULL on failure.
+ */
+char* sldns_wire2str_dname(uint8_t* dname, size_t dname_len);
+
+/**
+ * Convert wire RR type to a string, 'MX', 'TYPE1234'...
+ * @param rrtype: the RR type in host order.
+ * @return malloced string with the RR type or NULL on malloc failure.
+ */
+char* sldns_wire2str_type(uint16_t rrtype);
+
+/**
+ * Convert wire RR class to a string, 'IN', 'CLASS1'.
+ * @param rrclass: the RR class in host order.
+ * @return malloced string with the RR class or NULL on malloc failure.
+ */
+char* sldns_wire2str_class(uint16_t rrclass);
+
+/**
+ * Convert wire packet rcode to a string, 'NOERROR', 'NXDOMAIN'...
+ * @param rcode: as integer, host order
+ * @return malloced string with the rcode or NULL on malloc failure.
+ */
+char* sldns_wire2str_rcode(int rcode);
+
+/**
+ * Print to string, move string along for next content. With va_list.
+ * @param str: string buffer.  Adjusted at end to after the output.
+ * @param slen: length of the string buffer.  Adjusted at end.
+ * @param format: printf format string.
+ * @param args: arguments for printf.
+ * @return number of characters needed. Can be larger than slen.
+ */
+int sldns_str_vprint(char** str, size_t* slen, const char* format, va_list args);
+
+/**
+ * Print to string, move string along for next content.
+ * @param str: string buffer.  Adjusted at end to after the output.
+ * @param slen: length of the string buffer.  Adjusted at end.
+ * @param format: printf format string and arguments for it.
+ * @return number of characters needed. Can be larger than slen.
+ */
+int sldns_str_print(char** str, size_t* slen, const char* format, ...)
+	ATTR_FORMAT(printf, 3, 4);
+
+/**
+ * Convert wireformat packet to a string representation with user buffer
+ * It appends every RR with default comments.
+ * For more formatter options use the function: TBD(TODO)
+ * @param data: wireformat packet data (starting at ID bytes).
+ * @param data_len: length of packet.
+ * @param str: the string buffer for the output.
+ * 	If you pass NULL as the str the return value of the function is
+ * 	the str_len you need for the entire packet.  It does not include
+ * 	the 0 byte at the end.
+ * @param str_len: the size of the string buffer.  If more is needed, it'll
+ * 	silently truncate the output to fit in the buffer.
+ * @return the number of characters for this element, excluding zerobyte.
+ * 	Is larger than str_len if output was truncated.
+ */
+int sldns_wire2str_pkt_buf(uint8_t* data, size_t data_len, char* str,
+	size_t str_len);
+
+/**
+ * Scan wireformat packet to a string representation with user buffer
+ * It appends every RR with default comments.
+ * For more formatter options use the function: TBD(TODO)
+ * @param data: wireformat packet data (starting at ID bytes).
+ * @param data_len: length of packet.
+ * @param str: the string buffer for the output.
+ * @param str_len: the size of the string buffer.
+ * @return number of characters for string.
+ * returns the number of characters that are needed (except terminating null),
+ * so it may return a value larger than str_len.
+ * On error you get less output (i.e. shorter output in str (null terminated))
+ * On exit the data, data_len, str and str_len values are adjusted to move them
+ * from their original position along the input and output for the content
+ * that has been consumed (and produced) by this function.  If the end of the
+ * output string is reached, *str_len is set to 0.  The output string is null
+ * terminated (shortening the output if necessary).  If the end of the input
+ * is reached *data_len is set to 0.
+ */
+int sldns_wire2str_pkt_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat rr to string, with user buffers.  It shifts the arguments
+ * to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param pkt: packet for decompression, if NULL no decompression.
+ * @param pktlen: length of packet buffer.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_rr_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len, uint8_t* pkt, size_t pktlen);
+
+/**
+ * Scan wireformat question rr to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param pkt: packet for decompression, if NULL no decompression.
+ * @param pktlen: length of packet buffer.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_rrquestion_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len, uint8_t* pkt, size_t pktlen);
+
+/**
+ * Scan wireformat RR to string in unknown RR format, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param pkt: packet for decompression, if NULL no decompression.
+ * @param pktlen: length of packet buffer.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_rr_unknown_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len, uint8_t* pkt, size_t pktlen);
+
+/**
+ * Print to string the RR-information comment in default format,
+ * with user buffers.  Moves string along.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param rr: wireformat data.
+ * @param rrlen: length of data buffer.
+ * @param dname_off: offset in buffer behind owner dname, the compressed size
+ * 	of the owner name.
+ * @param rrtype: type of the RR, host format.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_rr_comment_print(char** str, size_t* str_len, uint8_t* rr,
+	size_t rrlen, size_t dname_off, uint16_t rrtype);
+
+/**
+ * Scan wireformat packet header to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_header_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat rdata to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.  The length of the rdata in the
+ * 	buffer.  The rdatalen itself has already been scanned, the data
+ * 	points to the rdata after the rdatalen.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param rrtype: RR type of Rdata, host format.
+ * @param pkt: packet for decompression, if NULL no decompression.
+ * @param pktlen: length of packet buffer.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_rdata_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len, uint16_t rrtype, uint8_t* pkt, size_t pktlen);
+
+/**
+ * Scan wireformat rdata to string in unknown format, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer, the length of the rdata in buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_rdata_unknown_scan(uint8_t** data, size_t* data_len,
+	char** str, size_t* str_len);
+
+/**
+ * Scan wireformat domain name to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param pkt: packet for decompression, if NULL no decompression.
+ * @param pktlen: length of packet buffer.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_dname_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len, uint8_t* pkt, size_t pktlen);
+
+/**
+ * Scan wireformat rr type to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_type_scan(uint8_t** data, size_t* data_len, char** str,
+        size_t* str_len);
+
+/**
+ * Scan wireformat rr class to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_class_scan(uint8_t** data, size_t* data_len, char** str,
+        size_t* str_len);
+
+/**
+ * Scan wireformat rr ttl to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_ttl_scan(uint8_t** data, size_t* data_len, char** str,
+        size_t* str_len);
+
+
+/**
+ * Print host format rr type to string.  Moves string along, user buffers.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param rrtype: host format rr type.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_type_print(char** str, size_t* str_len, uint16_t rrtype);
+
+/**
+ * Print host format rr class to string.  Moves string along, user buffers.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param rrclass: host format rr class.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_class_print(char** str, size_t* str_len, uint16_t rrclass);
+
+/**
+ * Print host format rcode to string.  Moves string along, user buffers.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param rcode: host format rcode number.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_rcode_print(char** str, size_t* str_len, int rcode);
+
+/**
+ * Print host format opcode to string.  Moves string along, user buffers.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param opcode: host format opcode number.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_opcode_print(char** str, size_t* str_len, int opcode);
+
+/**
+ * Print host format EDNS0 option to string.  Moves string along, user buffers.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param opcode: host format option number.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_edns_option_code_print(char** str, size_t* str_len,
+	uint16_t opcode);
+
+/**
+ * Convert RR to string presentation format, on one line.  User buffer.
+ * @param rr: wireformat RR data
+ * @param rr_len: length of the rr wire data.
+ * @param str: the string buffer to write to.
+ * 	If you pass NULL as the str, the return value of the function is
+ * 	the str_len you need for the entire packet.  It does not include
+ * 	the 0 byte at the end.
+ * @param str_len: the size of the string buffer.  If more is needed, it'll
+ * 	silently truncate the output to fit in the buffer.
+ * @return the number of characters for this element, excluding zerobyte.
+ * 	Is larger than str_len if output was truncated.
+ */
+int sldns_wire2str_rr_buf(uint8_t* rr, size_t rr_len, char* str,
+	size_t str_len);
+
+/**
+ * 3597 printout of an RR in unknown rr format.
+ * There are more format and comment options available for printout
+ * with the function: TBD(TODO)
+ * @param rr: wireformat RR data
+ * @param rr_len: length of the rr wire data.
+ * @param str: the string buffer to write to.
+ * 	If you pass NULL as the str, the return value of the function is
+ * 	the str_len you need for the entire rr.  It does not include
+ * 	the 0 byte at the end.
+ * @param str_len: the size of the string buffer.  If more is needed, it'll
+ * 	silently truncate the output to fit in the buffer.
+ * @return the number of characters for this element, excluding zerobyte.
+ * 	Is larger than str_len if output was truncated.
+ */
+int sldns_wire2str_rr_unknown_buf(uint8_t* rr, size_t rr_len, char* str,
+	size_t str_len);
+
+/**
+ * This creates the comment to print after the RR. ; keytag=... , and other
+ * basic comments for RRs.
+ * There are more format and comment options available for printout
+ * with the function: TBD(TODO)
+ * @param rr: wireformat RR data
+ * @param rr_len: length of the rr wire data.
+ * @param dname_len: length of the dname in front of the RR.
+ * @param str: the string buffer to write to.
+ * 	If you pass NULL as the str, the return value of the function is
+ * 	the str_len you need for the entire comment.  It does not include
+ * 	the 0 byte at the end.
+ * @param str_len: the size of the string buffer.  If more is needed, it'll
+ * 	silently truncate the output to fit in the buffer.
+ * @return the number of characters for this element, excluding zerobyte.
+ * 	Is larger than str_len if output was truncated.
+ */
+int sldns_wire2str_rr_comment_buf(uint8_t* rr, size_t rr_len, size_t dname_len,
+	char* str, size_t str_len);
+
+/**
+ * Convert RDATA to string presentation format, on one line.  User buffer.
+ * @param rdata: wireformat rdata part of an RR.
+ * @param rdata_len: length of the rr wire data.
+ * @param str: the string buffer to write to.
+ * 	If you pass NULL as the str, the return value of the function is
+ * 	the str_len you need for the entire packet.  It does not include
+ * 	the 0 byte at the end.
+ * @param str_len: the size of the string buffer.  If more is needed, it'll
+ * 	silently truncate the output to fit in the buffer.
+ * @param rrtype: rr type of the data
+ * @return the number of characters for this element, excluding zerobyte.
+ * 	Is larger than str_len if output was truncated.
+ */
+int sldns_wire2str_rdata_buf(uint8_t* rdata, size_t rdata_len, char* str,
+	size_t str_len, uint16_t rrtype);
+
+/**
+ * Convert wire RR type to a string, 'MX', 'TYPE12'.  With user buffer.
+ * @param rrtype: the RR type in host order.
+ * @param str: the string to write to.
+ * @param len: length of str.
+ * @return the number of characters for this element, excluding zerobyte.
+ * 	Is larger than str_len if output was truncated.
+ */
+int sldns_wire2str_type_buf(uint16_t rrtype, char* str, size_t len);
+
+/**
+ * Convert wire RR class to a string, 'IN', 'CLASS12'.  With user buffer.
+ * @param rrclass: the RR class in host order.
+ * @param str: the string to write to.
+ * @param len: length of str.
+ * @return the number of characters for this element, excluding zerobyte.
+ * 	Is larger than str_len if output was truncated.
+ */
+int sldns_wire2str_class_buf(uint16_t rrclass, char* str, size_t len);
+
+/**
+ * Convert wire RR rcode to a string, 'NOERROR', 'NXDOMAIN'.  With user buffer.
+ * @param rcode: rcode as integer in host order
+ * @param str: the string to write to.
+ * @param len: length of str.
+ * @return the number of characters for this element, excluding zerobyte.
+ * 	Is larger than str_len if output was truncated.
+ */
+int sldns_wire2str_rcode_buf(int rcode, char* str, size_t len);
+
+/**
+ * Convert wire dname to a string, "example.com.".  With user buffer.
+ * @param dname: the dname in uncompressed wireformat.
+ * @param dname_len: length of the dname.
+ * @param str: the string to write to.
+ * @param len: length of string.
+ * @return the number of characters for this element, excluding zerobyte.
+ * 	Is larger than str_len if output was truncated.
+ */
+int sldns_wire2str_dname_buf(uint8_t* dname, size_t dname_len, char* str,
+	size_t len);
+
+/**
+ * Scan wireformat rdf field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param rdftype: the type of the rdata field, enum sldns_rdf_type.
+ * @param pkt: packet for decompression, if NULL no decompression.
+ * @param pktlen: length of packet buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_rdf_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len, int rdftype, uint8_t* pkt, size_t pktlen);
+
+/**
+ * Scan wireformat int8 field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_int8_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat int16 field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_int16_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat int32 field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_int32_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat period field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_period_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat tsigtime field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_tsigtime_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat ip4 A field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_a_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat ip6 AAAA field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_aaaa_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat str field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_str_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat apl field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_apl_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat b32_ext field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_b32_ext_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat b64 field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_b64_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat hex field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_hex_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat nsec bitmap field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_nsec_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat nsec3_salt field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_nsec3_salt_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat cert_alg field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_cert_alg_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat alg field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_alg_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat type unknown field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_unknown_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat time field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_time_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat LOC field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_loc_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat WKS field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_wks_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat NSAP field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_nsap_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat ATMA field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_atma_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat IPSECKEY field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param pkt: packet for decompression, if NULL no decompression.
+ * @param pktlen: length of packet buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_ipseckey_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len, uint8_t* pkt, size_t pktlen);
+
+/**
+ * Scan wireformat HIP (algo, HIT, pubkey) field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_hip_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat int16_data field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_int16_data_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat nsec3_next_owner field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_nsec3_next_owner_scan(uint8_t** data, size_t* data_len,
+	char** str, size_t* str_len);
+
+/**
+ * Scan wireformat ILNP64 field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_ilnp64_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat EUI48 field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_eui48_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat EUI64 field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_eui64_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat TAG field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_tag_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Scan wireformat long_str field to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @return number of characters (except null) needed to print.
+ * 	Can return -1 on failure.
+ */
+int sldns_wire2str_long_str_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len);
+
+/**
+ * Print EDNS LLQ option data to string.  User buffers, moves string pointers.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param option_data: buffer with EDNS option code data.
+ * @param option_len: length of the data for this option.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_edns_llq_print(char** str, size_t* str_len,
+	uint8_t* option_data, size_t option_len);
+
+/**
+ * Print EDNS UL option data to string.  User buffers, moves string pointers.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param option_data: buffer with EDNS option code data.
+ * @param option_len: length of the data for this option.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_edns_ul_print(char** str, size_t* str_len,
+	uint8_t* option_data, size_t option_len);
+
+/**
+ * Print EDNS NSID option data to string.  User buffers, moves string pointers.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param option_data: buffer with EDNS option code data.
+ * @param option_len: length of the data for this option.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_edns_nsid_print(char** str, size_t* str_len,
+	uint8_t* option_data, size_t option_len);
+
+/**
+ * Print EDNS DAU option data to string.  User buffers, moves string pointers.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param option_data: buffer with EDNS option code data.
+ * @param option_len: length of the data for this option.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_edns_dau_print(char** str, size_t* str_len,
+	uint8_t* option_data, size_t option_len);
+
+/**
+ * Print EDNS DHU option data to string.  User buffers, moves string pointers.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param option_data: buffer with EDNS option code data.
+ * @param option_len: length of the data for this option.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_edns_dhu_print(char** str, size_t* str_len,
+	uint8_t* option_data, size_t option_len);
+
+/**
+ * Print EDNS N3U option data to string.  User buffers, moves string pointers.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param option_data: buffer with EDNS option code data.
+ * @param option_len: length of the data for this option.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_edns_n3u_print(char** str, size_t* str_len,
+	uint8_t* option_data, size_t option_len);
+
+/**
+ * Print EDNS SUBNET option data to string. User buffers, moves string pointers.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param option_data: buffer with EDNS option code data.
+ * @param option_len: length of the data for this option.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_edns_subnet_print(char** str, size_t* str_len,
+	uint8_t* option_data, size_t option_len);
+
+/**
+ * Print an EDNS option as OPT: VALUE.  User buffers, moves string pointers.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param option_code: host format EDNS option code.
+ * @param option_data: buffer with EDNS option code data.
+ * @param option_len: length of the data for this option.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_edns_option_print(char** str, size_t* str_len,
+	uint16_t option_code, uint8_t* option_data, size_t option_len);
+
+/**
+ * Scan wireformat EDNS OPT to string, with user buffers.
+ * It shifts the arguments to move along (see sldns_wire2str_pkt_scan).
+ * @param data: wireformat data.
+ * @param data_len: length of data buffer.
+ * @param str: string buffer.
+ * @param str_len: length of string buffer.
+ * @param pkt: packet with header and other info (may be NULL)
+ * @param pktlen: length of packet buffer.
+ * @return number of characters (except null) needed to print.
+ */
+int sldns_wire2str_edns_scan(uint8_t** data, size_t* data_len, char** str,
+	size_t* str_len, uint8_t* pkt, size_t pktlen);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* LDNS_WIRE2STR_H */

libunbound/context.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -49,6 +49,7 @@
 #include "services/cache/infra.h"
 #include "util/data/msgreply.h"
 #include "util/storage/slabhash.h"
+#include "ldns/sbuffer.h"
 
 int 
 context_finalize(struct ub_ctx* ctx)
@@ -220,10 +221,10 @@ context_serialize_new_query(struct ctx_query* q, uint32_t* len)
 	*len = sizeof(uint32_t)*4 + slen;
 	p = (uint8_t*)malloc(*len);
 	if(!p) return NULL;
-	ldns_write_uint32(p, UB_LIBCMD_NEWQUERY);
-	ldns_write_uint32(p+sizeof(uint32_t), (uint32_t)q->querynum);
-	ldns_write_uint32(p+2*sizeof(uint32_t), (uint32_t)q->res->qtype);
-	ldns_write_uint32(p+3*sizeof(uint32_t), (uint32_t)q->res->qclass);
+	sldns_write_uint32(p, UB_LIBCMD_NEWQUERY);
+	sldns_write_uint32(p+sizeof(uint32_t), (uint32_t)q->querynum);
+	sldns_write_uint32(p+2*sizeof(uint32_t), (uint32_t)q->res->qtype);
+	sldns_write_uint32(p+3*sizeof(uint32_t), (uint32_t)q->res->qclass);
 	memmove(p+4*sizeof(uint32_t), q->res->qname, slen);
 	return p;
 }
@@ -237,8 +238,8 @@ context_deserialize_new_query(struct ub_ctx* ctx, uint8_t* p, uint32_t len)
 		free(q);
 		return NULL;
 	}
-	log_assert( ldns_read_uint32(p) == UB_LIBCMD_NEWQUERY);
-	q->querynum = (int)ldns_read_uint32(p+sizeof(uint32_t));
+	log_assert( sldns_read_uint32(p) == UB_LIBCMD_NEWQUERY);
+	q->querynum = (int)sldns_read_uint32(p+sizeof(uint32_t));
 	q->node.key = &q->querynum;
 	q->async = 1;
 	q->res = (struct ub_result*)calloc(1, sizeof(*q->res));
@@ -246,8 +247,8 @@ context_deserialize_new_query(struct ub_ctx* ctx, uint8_t* p, uint32_t len)
 		free(q);
 		return NULL;
 	}
-	q->res->qtype = (int)ldns_read_uint32(p+2*sizeof(uint32_t));
-	q->res->qclass = (int)ldns_read_uint32(p+3*sizeof(uint32_t));
+	q->res->qtype = (int)sldns_read_uint32(p+2*sizeof(uint32_t));
+	q->res->qclass = (int)sldns_read_uint32(p+3*sizeof(uint32_t));
 	q->res->qname = strdup((char*)(p+4*sizeof(uint32_t)));
 	if(!q->res->qname) {
 		free(q->res);
@@ -269,8 +270,8 @@ context_lookup_new_query(struct ub_ctx* ctx, uint8_t* p, uint32_t len)
 	if(len < 4*sizeof(uint32_t)+1) {
 		return NULL;
 	}
-	log_assert( ldns_read_uint32(p) == UB_LIBCMD_NEWQUERY);
-	querynum = (int)ldns_read_uint32(p+sizeof(uint32_t));
+	log_assert( sldns_read_uint32(p) == UB_LIBCMD_NEWQUERY);
+	querynum = (int)sldns_read_uint32(p+sizeof(uint32_t));
 	q = (struct ctx_query*)rbtree_search(&ctx->queries, &querynum);
 	if(!q) {
 		return NULL;
@@ -280,7 +281,7 @@ context_lookup_new_query(struct ub_ctx* ctx, uint8_t* p, uint32_t len)
 }
 
 uint8_t* 
-context_serialize_answer(struct ctx_query* q, int err, ldns_buffer* pkt,
+context_serialize_answer(struct ctx_query* q, int err, sldns_buffer* pkt,
 	uint32_t* len)
 {
 	/* answer format
@@ -293,22 +294,22 @@ context_serialize_answer(struct ctx_query* q, int err, ldns_buffer* pkt,
 	 * 	o the remainder is the answer msg from resolver lookup.
 	 * 	  remainder can be length 0.
 	 */
-	size_t pkt_len = pkt?ldns_buffer_remaining(pkt):0;
+	size_t pkt_len = pkt?sldns_buffer_remaining(pkt):0;
 	size_t wlen = (pkt&&q->res->why_bogus)?strlen(q->res->why_bogus)+1:0;
 	uint8_t* p;
 	*len = sizeof(uint32_t)*5 + pkt_len + wlen;
 	p = (uint8_t*)malloc(*len);
 	if(!p) return NULL;
-	ldns_write_uint32(p, UB_LIBCMD_ANSWER);
-	ldns_write_uint32(p+sizeof(uint32_t), (uint32_t)q->querynum);
-	ldns_write_uint32(p+2*sizeof(uint32_t), (uint32_t)err);
-	ldns_write_uint32(p+3*sizeof(uint32_t), (uint32_t)q->msg_security);
-	ldns_write_uint32(p+4*sizeof(uint32_t), (uint32_t)wlen);
+	sldns_write_uint32(p, UB_LIBCMD_ANSWER);
+	sldns_write_uint32(p+sizeof(uint32_t), (uint32_t)q->querynum);
+	sldns_write_uint32(p+2*sizeof(uint32_t), (uint32_t)err);
+	sldns_write_uint32(p+3*sizeof(uint32_t), (uint32_t)q->msg_security);
+	sldns_write_uint32(p+4*sizeof(uint32_t), (uint32_t)wlen);
 	if(wlen > 0)
 		memmove(p+5*sizeof(uint32_t), q->res->why_bogus, wlen);
 	if(pkt_len > 0)
 		memmove(p+5*sizeof(uint32_t)+wlen, 
-			ldns_buffer_begin(pkt), pkt_len);
+			sldns_buffer_begin(pkt), pkt_len);
 	return p;
 }
 
@@ -320,13 +321,13 @@ context_deserialize_answer(struct ub_ctx* ctx,
 	int id;
 	size_t wlen;
 	if(len < 5*sizeof(uint32_t)) return NULL;
-	log_assert( ldns_read_uint32(p) == UB_LIBCMD_ANSWER);
-	id = (int)ldns_read_uint32(p+sizeof(uint32_t));
+	log_assert( sldns_read_uint32(p) == UB_LIBCMD_ANSWER);
+	id = (int)sldns_read_uint32(p+sizeof(uint32_t));
 	q = (struct ctx_query*)rbtree_search(&ctx->queries, &id);
 	if(!q) return NULL; 
-	*err = (int)ldns_read_uint32(p+2*sizeof(uint32_t));
-	q->msg_security = ldns_read_uint32(p+3*sizeof(uint32_t));
-	wlen = (size_t)ldns_read_uint32(p+4*sizeof(uint32_t));
+	*err = (int)sldns_read_uint32(p+2*sizeof(uint32_t));
+	q->msg_security = sldns_read_uint32(p+3*sizeof(uint32_t));
+	wlen = (size_t)sldns_read_uint32(p+4*sizeof(uint32_t));
 	if(len > 5*sizeof(uint32_t) && wlen > 0) {
 		if(len >= 5*sizeof(uint32_t)+wlen)
 			q->res->why_bogus = (char*)memdup(
@@ -362,8 +363,8 @@ context_serialize_cancel(struct ctx_query* q, uint32_t* len)
 	uint8_t* p = (uint8_t*)malloc(2*sizeof(uint32_t));
 	if(!p) return NULL;
 	*len = 2*sizeof(uint32_t);
-	ldns_write_uint32(p, UB_LIBCMD_CANCEL);
-	ldns_write_uint32(p+sizeof(uint32_t), (uint32_t)q->querynum);
+	sldns_write_uint32(p, UB_LIBCMD_CANCEL);
+	sldns_write_uint32(p+sizeof(uint32_t), (uint32_t)q->querynum);
 	return p;
 }
 
@@ -373,8 +374,8 @@ struct ctx_query* context_deserialize_cancel(struct ub_ctx* ctx,
 	struct ctx_query* q;
 	int id;
 	if(len != 2*sizeof(uint32_t)) return NULL;
-	log_assert( ldns_read_uint32(p) == UB_LIBCMD_CANCEL);
-	id = (int)ldns_read_uint32(p+sizeof(uint32_t));
+	log_assert( sldns_read_uint32(p) == UB_LIBCMD_CANCEL);
+	id = (int)sldns_read_uint32(p+sizeof(uint32_t));
 	q = (struct ctx_query*)rbtree_search(&ctx->queries, &id);
 	return q;
 }
@@ -386,7 +387,7 @@ context_serialize_quit(uint32_t* len)
 	if(!p)
 		return NULL;
 	*len = sizeof(uint32_t);
-	ldns_write_uint32(p, UB_LIBCMD_QUIT);
+	sldns_write_uint32(p, UB_LIBCMD_QUIT);
 	return p;
 }
 
@@ -395,6 +396,6 @@ enum ub_ctx_cmd context_serial_getcmd(uint8_t* p, uint32_t len)
 	uint32_t v;
 	if((size_t)len < sizeof(v))
 		return UB_LIBCMD_QUIT;
-	v = ldns_read_uint32(p);
+	v = sldns_read_uint32(p);
 	return v;
 }

libunbound/context.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -48,6 +48,8 @@
 #include "util/data/packed_rrset.h"
 struct libworker;
 struct tube;
+struct sldns_buffer;
+struct event_base;
 
 /**
  * The context structure
@@ -111,6 +113,11 @@ struct ub_ctx {
 	/** random state used to seed new random state structures */
 	struct ub_randstate* seed_rnd;
 
+	/** event base for event oriented interface */
+	struct event_base* event_base;
+	/** libworker for event based interface */
+	struct libworker* event_worker;
+
 	/** next query number (to try) to use */
 	int next_querynum;
 	/** number of async queries outstanding */
@@ -275,7 +282,7 @@ uint8_t* context_serialize_new_query(struct ctx_query* q, uint32_t* len);
  * @return: an alloc, or NULL on mem error.
  */
 uint8_t* context_serialize_answer(struct ctx_query* q, int err, 
-	ldns_buffer* pkt, uint32_t* len);
+	struct sldns_buffer* pkt, uint32_t* len);
 
 /**
  * Serialize a query cancellation. Serializes query async id

libunbound/libunbound.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -43,6 +43,7 @@
 
 /* include the public api first, it should be able to stand alone */
 #include "libunbound/unbound.h"
+#include "libunbound/unbound-event.h"
 #include "config.h"
 #include <ctype.h>
 #include "libunbound/context.h"
@@ -60,6 +61,7 @@
 #include "services/localzone.h"
 #include "services/cache/infra.h"
 #include "services/cache/rrset.h"
+#include "ldns/sbuffer.h"
 #ifdef HAVE_PTHREAD
 #include <signal.h>
 #endif
@@ -69,8 +71,8 @@
 #include <iphlpapi.h>
 #endif /* UB_ON_WINDOWS */
 
-struct ub_ctx* 
-ub_ctx_create(void)
+/** create context functionality, but no pipes */
+static struct ub_ctx* ub_ctx_create_nopipe(void)
 {
 	struct ub_ctx* ctx;
 	unsigned int seed;
@@ -105,28 +107,11 @@ ub_ctx_create(void)
 		return NULL;
 	}
 	seed = 0;
-	if((ctx->qq_pipe = tube_create()) == NULL) {
-		int e = errno;
-		ub_randfree(ctx->seed_rnd);
-		free(ctx);
-		errno = e;
-		return NULL;
-	}
-	if((ctx->rr_pipe = tube_create()) == NULL) {
-		int e = errno;
-		tube_delete(ctx->qq_pipe);
-		ub_randfree(ctx->seed_rnd);
-		free(ctx);
-		errno = e;
-		return NULL;
-	}
 	lock_basic_init(&ctx->qqpipe_lock);
 	lock_basic_init(&ctx->rrpipe_lock);
 	lock_basic_init(&ctx->cfglock);
 	ctx->env = (struct module_env*)calloc(1, sizeof(*ctx->env));
 	if(!ctx->env) {
-		tube_delete(ctx->qq_pipe);
-		tube_delete(ctx->rr_pipe);
 		ub_randfree(ctx->seed_rnd);
 		free(ctx);
 		errno = ENOMEM;
@@ -134,8 +119,6 @@ ub_ctx_create(void)
 	}
 	ctx->env->cfg = config_create_forlib();
 	if(!ctx->env->cfg) {
-		tube_delete(ctx->qq_pipe);
-		tube_delete(ctx->rr_pipe);
 		free(ctx->env);
 		ub_randfree(ctx->seed_rnd);
 		free(ctx);
@@ -150,6 +133,50 @@ ub_ctx_create(void)
 	return ctx;
 }
 
+struct ub_ctx* 
+ub_ctx_create(void)
+{
+	struct ub_ctx* ctx = ub_ctx_create_nopipe();
+	if(!ctx)
+		return NULL;
+	if((ctx->qq_pipe = tube_create()) == NULL) {
+		int e = errno;
+		ub_randfree(ctx->seed_rnd);
+		config_delete(ctx->env->cfg);
+		modstack_desetup(&ctx->mods, ctx->env);
+		free(ctx->env);
+		free(ctx);
+		errno = e;
+		return NULL;
+	}
+	if((ctx->rr_pipe = tube_create()) == NULL) {
+		int e = errno;
+		tube_delete(ctx->qq_pipe);
+		ub_randfree(ctx->seed_rnd);
+		config_delete(ctx->env->cfg);
+		modstack_desetup(&ctx->mods, ctx->env);
+		free(ctx->env);
+		free(ctx);
+		errno = e;
+		return NULL;
+	}
+	return ctx;
+}
+
+struct ub_ctx* 
+ub_ctx_create_event(struct event_base* eb)
+{
+	struct ub_ctx* ctx = ub_ctx_create_nopipe();
+	if(!ctx)
+		return NULL;
+	/* no pipes, but we have the locks to make sure everything works */
+	ctx->created_bg = 0;
+	ctx->dothread = 1; /* the processing is in the same process,
+		makes ub_cancel and ub_ctx_delete do the right thing */
+	ctx->event_base = eb;
+	return ctx;
+}
+	
 /** delete q */
 static void
 delq(rbnode_t* n, void* ATTR_UNUSED(arg))
@@ -218,6 +245,7 @@ ub_ctx_delete(struct ub_ctx* ctx)
 #endif /* HAVE_PTHREAD */
 	if(do_stop)
 		ub_stop_bg(ctx);
+	libworker_delete_event(ctx->event_worker);
 
 	modstack_desetup(&ctx->mods, ctx->env);
 	a = ctx->alloc_list;
@@ -441,21 +469,21 @@ process_answer_detail(struct ub_ctx* ctx, uint8_t* msg, uint32_t len,
 		ub_resolve_free(q->res);
 	} else {
 		/* parse the message, extract rcode, fill result */
-		ldns_buffer* buf = ldns_buffer_new(q->msg_len);
+		sldns_buffer* buf = sldns_buffer_new(q->msg_len);
 		struct regional* region = regional_create();
 		*res = q->res;
 		(*res)->rcode = LDNS_RCODE_SERVFAIL;
 		if(region && buf) {
-			ldns_buffer_clear(buf);
-			ldns_buffer_write(buf, q->msg, q->msg_len);
-			ldns_buffer_flip(buf);
+			sldns_buffer_clear(buf);
+			sldns_buffer_write(buf, q->msg, q->msg_len);
+			sldns_buffer_flip(buf);
 			libworker_enter_result(*res, buf, region,
 				q->msg_security);
 		}
 		(*res)->answer_packet = q->msg;
 		(*res)->answer_len = (int)q->msg_len;
 		q->msg = NULL;
-		ldns_buffer_free(buf);
+		sldns_buffer_free(buf);
 		regional_destroy(region);
 	}
 	q->res = NULL;
@@ -612,6 +640,45 @@ ub_resolve(struct ub_ctx* ctx, const char* name, int rrtype,
 	return UB_NOERROR;
 }
 
+int 
+ub_resolve_event(struct ub_ctx* ctx, const char* name, int rrtype, 
+	int rrclass, void* mydata, ub_event_callback_t callback, int* async_id)
+{
+	struct ctx_query* q;
+	int r;
+
+	if(async_id)
+		*async_id = 0;
+	lock_basic_lock(&ctx->cfglock);
+	if(!ctx->finalized) {
+		int r = context_finalize(ctx);
+		if(r) {
+			lock_basic_unlock(&ctx->cfglock);
+			return r;
+		}
+	}
+	lock_basic_unlock(&ctx->cfglock);
+	if(!ctx->event_worker) {
+		ctx->event_worker = libworker_create_event(ctx,
+			ctx->event_base);
+		if(!ctx->event_worker) {
+			return UB_INITFAIL;
+		}
+	}
+
+	/* create new ctx_query and attempt to add to the list */
+	q = context_new(ctx, name, rrtype, rrclass, (ub_callback_t)callback,
+		mydata);
+	if(!q)
+		return UB_NOMEM;
+
+	/* attach to mesh */
+	if((r=libworker_attach_mesh(ctx, q, async_id)) != 0)
+		return r;
+	return UB_NOERROR;
+}
+
+
 int 
 ub_resolve_async(struct ub_ctx* ctx, const char* name, int rrtype, 
 	int rrclass, void* mydata, ub_callback_t callback, int* async_id)
@@ -1058,23 +1125,23 @@ int ub_ctx_zone_add(struct ub_ctx* ctx, const char *zone_name,
 		return UB_SYNTAX;
 	}
 
-	lock_quick_lock(&ctx->local_zones->lock);
+	lock_rw_wrlock(&ctx->local_zones->lock);
 	if((z=local_zones_find(ctx->local_zones, nm, nmlen, nmlabs, 
 		LDNS_RR_CLASS_IN))) {
 		/* already present in tree */
 		lock_rw_wrlock(&z->lock);
 		z->type = t; /* update type anyway */
 		lock_rw_unlock(&z->lock);
-		lock_quick_unlock(&ctx->local_zones->lock);
+		lock_rw_unlock(&ctx->local_zones->lock);
 		free(nm);
 		return UB_NOERROR;
 	}
 	if(!local_zones_add_zone(ctx->local_zones, nm, nmlen, nmlabs, 
 		LDNS_RR_CLASS_IN, t)) {
-		lock_quick_unlock(&ctx->local_zones->lock);
+		lock_rw_unlock(&ctx->local_zones->lock);
 		return UB_NOMEM;
 	}
-	lock_quick_unlock(&ctx->local_zones->lock);
+	lock_rw_unlock(&ctx->local_zones->lock);
 	return UB_NOERROR;
 }
 
@@ -1093,13 +1160,13 @@ int ub_ctx_zone_remove(struct ub_ctx* ctx, const char *zone_name)
 		return UB_SYNTAX;
 	}
 
-	lock_quick_lock(&ctx->local_zones->lock);
+	lock_rw_wrlock(&ctx->local_zones->lock);
 	if((z=local_zones_find(ctx->local_zones, nm, nmlen, nmlabs, 
 		LDNS_RR_CLASS_IN))) {
 		/* present in tree */
 		local_zones_del_zone(ctx->local_zones, z);
 	}
-	lock_quick_unlock(&ctx->local_zones->lock);
+	lock_rw_unlock(&ctx->local_zones->lock);
 	free(nm);
 	return UB_NOERROR;
 }
@@ -1107,18 +1174,10 @@ int ub_ctx_zone_remove(struct ub_ctx* ctx, const char *zone_name)
 /* Add new RR data */
 int ub_ctx_data_add(struct ub_ctx* ctx, const char *data)
 {
-	ldns_buffer* buf;
 	int res = ub_ctx_finalize(ctx);
 	if (res) return res;
 
-	lock_basic_lock(&ctx->cfglock);
-	buf = ldns_buffer_new(ctx->env->cfg->msg_buffer_size);
-	lock_basic_unlock(&ctx->cfglock);
-	if(!buf) return UB_NOMEM;
-
-	res = local_zones_add_RR(ctx->local_zones, data, buf);
-
-	ldns_buffer_free(buf);
+	res = local_zones_add_RR(ctx->local_zones, data);
 	return (!res) ? UB_NOMEM : UB_NOERROR;
 }
 
@@ -1145,3 +1204,24 @@ const char* ub_version(void)
 {
 	return PACKAGE_VERSION;
 }
+
+int 
+ub_ctx_set_event(struct ub_ctx* ctx, struct event_base* base) {
+	if (!ctx || !ctx->event_base || !base) {
+		return UB_INITFAIL;
+	}
+	if (ctx->event_base == base) {
+		/* already set */
+		return UB_NOERROR;
+	}
+	
+	lock_basic_lock(&ctx->cfglock);
+	/* destroy the current worker - safe to pass in NULL */
+	libworker_delete_event(ctx->event_worker);
+	ctx->event_worker = NULL;
+	ctx->event_base = base;	
+	ctx->created_bg = 0;
+	ctx->dothread = 1;
+	lock_basic_unlock(&ctx->cfglock);
+	return UB_NOERROR;
+}

libunbound/libworker.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -42,14 +42,13 @@
  * returns from the procedure when done.
  */
 #include "config.h"
-#include <ldns/dname.h>
-#include <ldns/wire2host.h>
 #ifdef HAVE_SSL
 #include <openssl/ssl.h>
 #endif
 #include "libunbound/libworker.h"
 #include "libunbound/context.h"
 #include "libunbound/unbound.h"
+#include "libunbound/unbound-event.h"
 #include "services/outside_network.h"
 #include "services/mesh.h"
 #include "services/localzone.h"
@@ -69,21 +68,22 @@
 #include "util/tube.h"
 #include "iterator/iter_fwd.h"
 #include "iterator/iter_hints.h"
+#include "ldns/sbuffer.h"
+#include "ldns/str2wire.h"
 
 /** handle new query command for bg worker */
 static void handle_newq(struct libworker* w, uint8_t* buf, uint32_t len);
 
-/** delete libworker struct */
+/** delete libworker env */
 static void
-libworker_delete(struct libworker* w)
+libworker_delete_env(struct libworker* w)
 {
-	if(!w) return;
 	if(w->env) {
 		outside_network_quit_prepare(w->back);
 		mesh_delete(w->env->mesh);
 		context_release_alloc(w->ctx, w->env->alloc, 
 			!w->is_bg || w->is_bg_thread);
-		ldns_buffer_free(w->env->scratch_buffer);
+		sldns_buffer_free(w->env->scratch_buffer);
 		regional_destroy(w->env->scratch);
 		forwards_delete(w->env->fwds);
 		hints_delete(w->env->hints);
@@ -94,13 +94,30 @@ libworker_delete(struct libworker* w)
 	SSL_CTX_free(w->sslctx);
 #endif
 	outside_network_delete(w->back);
+}
+
+/** delete libworker struct */
+static void
+libworker_delete(struct libworker* w)
+{
+	if(!w) return;
+	libworker_delete_env(w);
 	comm_base_delete(w->base);
 	free(w);
 }
 
+void
+libworker_delete_event(struct libworker* w)
+{
+	if(!w) return;
+	libworker_delete_env(w);
+	comm_base_delete_no_base(w->base);
+	free(w);
+}
+
 /** setup fresh libworker struct */
 static struct libworker*
-libworker_setup(struct ub_ctx* ctx, int is_bg)
+libworker_setup(struct ub_ctx* ctx, int is_bg, struct event_base* eb)
 {
 	unsigned int seed;
 	struct libworker* w = (struct libworker*)calloc(1, sizeof(*w));
@@ -127,7 +144,7 @@ libworker_setup(struct ub_ctx* ctx, int is_bg)
 		lock_basic_lock(&ctx->cfglock);
 	}
 	w->env->scratch = regional_create_custom(cfg->msg_buffer_size);
-	w->env->scratch_buffer = ldns_buffer_new(cfg->msg_buffer_size);
+	w->env->scratch_buffer = sldns_buffer_new(cfg->msg_buffer_size);
 	w->env->fwds = forwards_create();
 	if(w->env->fwds && !forwards_apply_cfg(w->env->fwds, cfg)) { 
 		forwards_delete(w->env->fwds);
@@ -188,7 +205,9 @@ libworker_setup(struct ub_ctx* ctx, int is_bg)
 	}
 	seed = 0;
 
-	w->base = comm_base_create(0);
+	if(eb)
+		w->base = comm_base_create_event(eb);
+	else	w->base = comm_base_create(0);
 	if(!w->base) {
 		libworker_delete(w);
 		return NULL;
@@ -200,8 +219,9 @@ libworker_setup(struct ub_ctx* ctx, int is_bg)
 	if(numports == 0) {
 		int locked = !w->is_bg || w->is_bg_thread;
 		libworker_delete(w);
-		if(locked)
+		if(locked) {
 			lock_basic_unlock(&ctx->cfglock);
+		}
 		return NULL;
 	}
 	w->back = outside_network_create(w->base, cfg->msg_buffer_size,
@@ -210,7 +230,8 @@ libworker_setup(struct ub_ctx* ctx, int is_bg)
 		cfg->do_tcp?cfg->outgoing_num_tcp:0,
 		w->env->infra_cache, w->env->rnd, cfg->use_caps_bits_for_id,
 		ports, numports, cfg->unwanted_threshold,
-		&libworker_alloc_cleanup, w, cfg->do_udp, w->sslctx);
+		&libworker_alloc_cleanup, w, cfg->do_udp, w->sslctx,
+		cfg->delay_close);
 	if(!w->is_bg || w->is_bg_thread) {
 		lock_basic_unlock(&ctx->cfglock);
 	}
@@ -233,6 +254,12 @@ libworker_setup(struct ub_ctx* ctx, int is_bg)
 	return w;
 }
 
+struct libworker* libworker_create_event(struct ub_ctx* ctx,
+	struct event_base* eb)
+{
+	return libworker_setup(ctx, 0, eb);
+}
+
 /** handle cancel command for bg worker */
 static void
 handle_cancel(struct libworker* w, uint8_t* buf, uint32_t len)
@@ -349,7 +376,7 @@ int libworker_bg(struct ub_ctx* ctx)
 	lock_basic_lock(&ctx->cfglock);
 	if(ctx->dothread) {
 		lock_basic_unlock(&ctx->cfglock);
-		w = libworker_setup(ctx, 1);
+		w = libworker_setup(ctx, 1, NULL);
 		if(!w) return UB_NOMEM;
 		w->is_bg_thread = 1;
 #ifdef ENABLE_LOCK_CHECKS
@@ -364,7 +391,7 @@ int libworker_bg(struct ub_ctx* ctx)
 #else /* HAVE_FORK */
 		switch((ctx->bg_pid=fork())) {
 			case 0:
-				w = libworker_setup(ctx, 1);
+				w = libworker_setup(ctx, 1, NULL);
 				if(!w) fatal_exit("out of memory");
 				/* close non-used parts of the pipes */
 				tube_close_write(ctx->qq_pipe);
@@ -389,7 +416,7 @@ int libworker_bg(struct ub_ctx* ctx)
 
 /** get msg reply struct (in temp region) */
 static struct reply_info*
-parse_reply(ldns_buffer* pkt, struct regional* region, struct query_info* qi)
+parse_reply(sldns_buffer* pkt, struct regional* region, struct query_info* qi)
 {
 	struct reply_info* rep;
 	struct msg_parse* msg;
@@ -397,7 +424,7 @@ parse_reply(ldns_buffer* pkt, struct regional* region, struct query_info* qi)
 		return NULL;
 	}
 	memset(msg, 0, sizeof(*msg));
-	ldns_buffer_set_position(pkt, 0);
+	sldns_buffer_set_position(pkt, 0);
 	if(parse_packet(pkt, msg, region) != 0)
 		return 0;
 	if(!parse_create_msg(pkt, msg, NULL, qi, &rep, region)) {
@@ -473,7 +500,7 @@ fill_res(struct ub_result* res, struct ub_packed_rrset_key* answer,
 
 /** fill result from parsed message, on error fills servfail */
 void
-libworker_enter_result(struct ub_result* res, ldns_buffer* buf,
+libworker_enter_result(struct ub_result* res, sldns_buffer* buf,
 	struct regional* temp, enum sec_status msg_security)
 {
 	struct query_info rq;
@@ -501,7 +528,7 @@ libworker_enter_result(struct ub_result* res, ldns_buffer* buf,
 
 /** fillup fg results */
 static void
-libworker_fillup_fg(struct ctx_query* q, int rcode, ldns_buffer* buf, 
+libworker_fillup_fg(struct ctx_query* q, int rcode, sldns_buffer* buf, 
 	enum sec_status s, char* why_bogus)
 {
 	if(why_bogus)
@@ -514,8 +541,8 @@ libworker_fillup_fg(struct ctx_query* q, int rcode, ldns_buffer* buf,
 
 	q->res->rcode = LDNS_RCODE_SERVFAIL;
 	q->msg_security = 0;
-	q->msg = memdup(ldns_buffer_begin(buf), ldns_buffer_limit(buf));
-	q->msg_len = ldns_buffer_limit(buf);
+	q->msg = memdup(sldns_buffer_begin(buf), sldns_buffer_limit(buf));
+	q->msg_len = sldns_buffer_limit(buf);
 	if(!q->msg) {
 		return; /* the error is in the rcode */
 	}
@@ -526,7 +553,7 @@ libworker_fillup_fg(struct ctx_query* q, int rcode, ldns_buffer* buf,
 }
 
 void
-libworker_fg_done_cb(void* arg, int rcode, ldns_buffer* buf, enum sec_status s,
+libworker_fg_done_cb(void* arg, int rcode, sldns_buffer* buf, enum sec_status s,
 	char* why_bogus)
 {
 	struct ctx_query* q = (struct ctx_query*)arg;
@@ -541,37 +568,26 @@ static int
 setup_qinfo_edns(struct libworker* w, struct ctx_query* q, 
 	struct query_info* qinfo, struct edns_data* edns)
 {
-	ldns_rdf* rdf;
 	qinfo->qtype = (uint16_t)q->res->qtype;
 	qinfo->qclass = (uint16_t)q->res->qclass;
-	rdf = ldns_dname_new_frm_str(q->res->qname);
-	if(!rdf) {
+	qinfo->qname = sldns_str2wire_dname(q->res->qname, &qinfo->qname_len);
+	if(!qinfo->qname) {
 		return 0;
 	}
-#ifdef UNBOUND_ALLOC_LITE
-	qinfo->qname = memdup(ldns_rdf_data(rdf), ldns_rdf_size(rdf));
-	qinfo->qname_len = ldns_rdf_size(rdf);
-	ldns_rdf_deep_free(rdf);
-	rdf = 0;
-#else
-	qinfo->qname = ldns_rdf_data(rdf);
-	qinfo->qname_len = ldns_rdf_size(rdf);
-#endif
 	edns->edns_present = 1;
 	edns->ext_rcode = 0;
 	edns->edns_version = 0;
 	edns->bits = EDNS_DO;
-	if(ldns_buffer_capacity(w->back->udp_buff) < 65535)
-		edns->udp_size = (uint16_t)ldns_buffer_capacity(
+	if(sldns_buffer_capacity(w->back->udp_buff) < 65535)
+		edns->udp_size = (uint16_t)sldns_buffer_capacity(
 			w->back->udp_buff);
 	else	edns->udp_size = 65535;
-	ldns_rdf_free(rdf);
 	return 1;
 }
 
 int libworker_fg(struct ub_ctx* ctx, struct ctx_query* q)
 {
-	struct libworker* w = libworker_setup(ctx, 0);
+	struct libworker* w = libworker_setup(ctx, 0, NULL);
 	uint16_t qflags, qid;
 	struct query_info qinfo;
 	struct edns_data edns;
@@ -585,8 +601,8 @@ int libworker_fg(struct ub_ctx* ctx, struct ctx_query* q)
 	qflags = BIT_RD;
 	q->w = w;
 	/* see if there is a fixed answer */
-	ldns_buffer_write_u16_at(w->back->udp_buff, 0, qid);
-	ldns_buffer_write_u16_at(w->back->udp_buff, 2, qflags);
+	sldns_buffer_write_u16_at(w->back->udp_buff, 0, qid);
+	sldns_buffer_write_u16_at(w->back->udp_buff, 2, qflags);
 	if(local_zones_answer(ctx->local_zones, &qinfo, &edns, 
 		w->back->udp_buff, w->env->scratch)) {
 		regional_free_all(w->env->scratch);
@@ -611,9 +627,75 @@ int libworker_fg(struct ub_ctx* ctx, struct ctx_query* q)
 	return UB_NOERROR;
 }
 
+void
+libworker_event_done_cb(void* arg, int rcode, sldns_buffer* buf,
+	enum sec_status s, char* why_bogus)
+{
+	struct ctx_query* q = (struct ctx_query*)arg;
+	ub_event_callback_t cb = (ub_event_callback_t)q->cb;
+	void* cb_arg = q->cb_arg;
+	int cancelled = q->cancelled;
+
+	/* delete it now */
+	struct ub_ctx* ctx = q->w->ctx;
+	lock_basic_lock(&ctx->cfglock);
+	(void)rbtree_delete(&ctx->queries, q->node.key);
+	ctx->num_async--;
+	context_query_delete(q);
+	lock_basic_unlock(&ctx->cfglock);
+
+	if(!cancelled) {
+		/* call callback */
+		int sec = 0;
+		if(s == sec_status_bogus)
+			sec = 1;
+		else if(s == sec_status_secure)
+			sec = 2;
+		(*cb)(cb_arg, rcode, (void*)sldns_buffer_begin(buf),
+			(int)sldns_buffer_limit(buf), sec, why_bogus);
+	}
+}
+
+int libworker_attach_mesh(struct ub_ctx* ctx, struct ctx_query* q,
+	int* async_id)
+{
+	struct libworker* w = ctx->event_worker;
+	uint16_t qflags, qid;
+	struct query_info qinfo;
+	struct edns_data edns;
+	if(!w)
+		return UB_INITFAIL;
+	if(!setup_qinfo_edns(w, q, &qinfo, &edns))
+		return UB_SYNTAX;
+	qid = 0;
+	qflags = BIT_RD;
+	q->w = w;
+	/* see if there is a fixed answer */
+	sldns_buffer_write_u16_at(w->back->udp_buff, 0, qid);
+	sldns_buffer_write_u16_at(w->back->udp_buff, 2, qflags);
+	if(local_zones_answer(ctx->local_zones, &qinfo, &edns, 
+		w->back->udp_buff, w->env->scratch)) {
+		regional_free_all(w->env->scratch);
+		free(qinfo.qname);
+		libworker_event_done_cb(q, LDNS_RCODE_NOERROR,
+			w->back->udp_buff, sec_status_insecure, NULL);
+		return UB_NOERROR;
+	}
+	/* process new query */
+	if(async_id)
+		*async_id = q->querynum;
+	if(!mesh_new_callback(w->env->mesh, &qinfo, qflags, &edns, 
+		w->back->udp_buff, qid, libworker_event_done_cb, q)) {
+		free(qinfo.qname);
+		return UB_NOMEM;
+	}
+	free(qinfo.qname);
+	return UB_NOERROR;
+}
+
 /** add result to the bg worker result queue */
 static void
-add_bg_result(struct libworker* w, struct ctx_query* q, ldns_buffer* pkt, 
+add_bg_result(struct libworker* w, struct ctx_query* q, sldns_buffer* pkt, 
 	int err, char* reason)
 {
 	uint8_t* msg = NULL;
@@ -625,8 +707,8 @@ add_bg_result(struct libworker* w, struct ctx_query* q, ldns_buffer* pkt,
 		if(reason)
 			q->res->why_bogus = strdup(reason);
 		if(pkt) {
-			q->msg_len = ldns_buffer_remaining(pkt);
-			q->msg = memdup(ldns_buffer_begin(pkt), q->msg_len);
+			q->msg_len = sldns_buffer_remaining(pkt);
+			q->msg = memdup(sldns_buffer_begin(pkt), q->msg_len);
 			if(!q->msg)
 				msg = context_serialize_answer(q, UB_NOMEM, 
 				NULL, &len);
@@ -654,7 +736,7 @@ add_bg_result(struct libworker* w, struct ctx_query* q, ldns_buffer* pkt,
 }
 
 void
-libworker_bg_done_cb(void* arg, int rcode, ldns_buffer* buf, enum sec_status s,
+libworker_bg_done_cb(void* arg, int rcode, sldns_buffer* buf, enum sec_status s,
 	char* why_bogus)
 {
 	struct ctx_query* q = (struct ctx_query*)arg;
@@ -709,8 +791,8 @@ handle_newq(struct libworker* w, uint8_t* buf, uint32_t len)
 	qid = 0;
 	qflags = BIT_RD;
 	/* see if there is a fixed answer */
-	ldns_buffer_write_u16_at(w->back->udp_buff, 0, qid);
-	ldns_buffer_write_u16_at(w->back->udp_buff, 2, qflags);
+	sldns_buffer_write_u16_at(w->back->udp_buff, 0, qid);
+	sldns_buffer_write_u16_at(w->back->udp_buff, 2, qflags);
 	if(local_zones_answer(w->ctx->local_zones, &qinfo, &edns, 
 		w->back->udp_buff, w->env->scratch)) {
 		regional_free_all(w->env->scratch);
@@ -772,10 +854,10 @@ libworker_handle_reply(struct comm_point* c, void* arg, int error,
 		return 0;
 	}
 	/* sanity check. */
-	if(!LDNS_QR_WIRE(ldns_buffer_begin(c->buffer))
-		|| LDNS_OPCODE_WIRE(ldns_buffer_begin(c->buffer)) !=
+	if(!LDNS_QR_WIRE(sldns_buffer_begin(c->buffer))
+		|| LDNS_OPCODE_WIRE(sldns_buffer_begin(c->buffer)) !=
 			LDNS_PACKET_QUERY
-		|| LDNS_QDCOUNT(ldns_buffer_begin(c->buffer)) > 1) {
+		|| LDNS_QDCOUNT(sldns_buffer_begin(c->buffer)) > 1) {
 		/* error becomes timeout for the module as if this reply
 		 * never arrived. */
 		mesh_report_reply(lw->env->mesh, &e, reply_info, 
@@ -798,10 +880,10 @@ libworker_handle_service_reply(struct comm_point* c, void* arg, int error,
 		return 0;
 	}
 	/* sanity check. */
-	if(!LDNS_QR_WIRE(ldns_buffer_begin(c->buffer))
-		|| LDNS_OPCODE_WIRE(ldns_buffer_begin(c->buffer)) !=
+	if(!LDNS_QR_WIRE(sldns_buffer_begin(c->buffer))
+		|| LDNS_OPCODE_WIRE(sldns_buffer_begin(c->buffer)) !=
 			LDNS_PACKET_QUERY
-		|| LDNS_QDCOUNT(ldns_buffer_begin(c->buffer)) > 1) {
+		|| LDNS_QDCOUNT(sldns_buffer_begin(c->buffer)) > 1) {
 		/* error becomes timeout for the module as if this reply
 		 * never arrived. */
 		mesh_report_reply(lw->env->mesh, e, reply_info, 

libunbound/libworker.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -57,6 +57,8 @@ struct comm_point;
 struct comm_reply;
 struct regional;
 struct tube;
+struct sldns_buffer;
+struct event_base;
 
 /** 
  * The library-worker status structure
@@ -106,6 +108,31 @@ int libworker_bg(struct ub_ctx* ctx);
  */
 int libworker_fg(struct ub_ctx* ctx, struct ctx_query* q);
 
+/**
+ * create worker for event-based interface.
+ * @param ctx: context with config.
+ * @param eb: event base.
+ * @return new worker or NULL.
+ */
+struct libworker* libworker_create_event(struct ub_ctx* ctx,
+	struct event_base* eb);
+
+/**
+ * Attach context_query to mesh for callback in event-driven setup.
+ * @param ctx: context
+ * @param q: context query entry
+ * @param async_id: store query num if query takes long.
+ * @return 0 if finished OK, else error.
+ */
+int libworker_attach_mesh(struct ub_ctx* ctx, struct ctx_query* q,
+	int* async_id);
+
+/** 
+ * delete worker for event-based interface.  does not free the event_base.
+ * @param w: event-based worker to delete.
+ */
+void libworker_delete_event(struct libworker* w);
+
 /** cleanup the cache to remove all rrset IDs from it, arg is libworker */
 void libworker_alloc_cleanup(void* arg);
 
@@ -148,11 +175,15 @@ void libworker_handle_result_write(struct tube* tube, uint8_t* msg, size_t len,
 	int err, void* arg);
 
 /** mesh callback with fg results */
-void libworker_fg_done_cb(void* arg, int rcode, ldns_buffer* buf, 
+void libworker_fg_done_cb(void* arg, int rcode, struct sldns_buffer* buf, 
 	enum sec_status s, char* why_bogus);
 
 /** mesh callback with bg results */
-void libworker_bg_done_cb(void* arg, int rcode, ldns_buffer* buf, 
+void libworker_bg_done_cb(void* arg, int rcode, struct sldns_buffer* buf, 
+	enum sec_status s, char* why_bogus);
+
+/** mesh callback with event results */
+void libworker_event_done_cb(void* arg, int rcode, struct sldns_buffer* buf, 
 	enum sec_status s, char* why_bogus);
 
 /** 
@@ -164,7 +195,7 @@ void libworker_bg_done_cb(void* arg, int rcode, ldns_buffer* buf,
  *   On error, the res may contain a different status 
  *   (out of memory is not secure, not bogus).
  */
-void libworker_enter_result(struct ub_result* res, ldns_buffer* buf,
+void libworker_enter_result(struct ub_result* res, struct sldns_buffer* buf,
 	struct regional* temp, enum sec_status msg_security);
 
 #endif /* LIBUNBOUND_WORKER_H */

libunbound/ubsyms.def

@@ -1,4 +1,5 @@
 ub_ctx_create
+ub_ctx_create_event
 ub_ctx_delete
 ub_ctx_get_option
 ub_ctx_set_option
@@ -18,6 +19,7 @@ ub_fd
 ub_process
 ub_resolve
 ub_resolve_async
+ub_resolve_event
 ub_cancel
 ub_resolve_free
 ub_strerror
@@ -27,3 +29,4 @@ ub_ctx_zone_remove
 ub_ctx_data_add
 ub_ctx_data_remove
 ub_version
+ub_ctx_set_event

libunbound/unbound-event.h

@@ -0,0 +1,135 @@
+/*
+ * unbound-event.h - unbound validating resolver public API with events
+ *
+ * Copyright (c) 2007, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * 
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * 
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * \file
+ *
+ * This file contains the unbound interface for use with libevent.
+ * You have to use the same libevent that unbound was compiled with,
+ * otherwise it wouldn't work, the event and event_base structures would
+ * be different.  If unbound is compiled without libevent support then
+ * this header file is not supposed to be installed on the system.
+ *
+ * Use ub_ctx_create_event_base() to create an unbound context that uses
+ * the event base that you have made.  Then, use the ub_resolve_event call
+ * to add DNS resolve queries to the context.  Those then run when you
+ * call event_dispatch() on your event_base, and when they are done you
+ * get a function callback.
+ *
+ * This method does not fork another process or create a thread, the effort
+ * is done by the unbound state machines that are connected to the event_base.
+ */
+#ifndef _UB_UNBOUND_EVENT_H
+#define _UB_UNBOUND_EVENT_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct ub_ctx;
+struct ub_result;
+struct event_base;
+
+typedef void (*ub_event_callback_t)(void*, int, void*, int, int, char*);
+
+/**
+ * Create a resolving and validation context.
+ * The information from /etc/resolv.conf and /etc/hosts is not utilised by
+ * default. Use ub_ctx_resolvconf and ub_ctx_hosts to read them.
+ * @param base: the event base that the caller has created.  The unbound
+ *	context uses this event base.
+ * @return a new context. default initialisation.
+ * 	returns NULL on error.
+ * You must use ub_resolve_event with this context.
+ * Do not call ub_ctx_async, ub_poll, ub_wait, ub_process, this is all done
+ * with the event_base.  Setup the options you like with the other functions.
+ */
+struct ub_ctx* ub_ctx_create_event(struct event_base* base);
+
+/**
+ * Set a new event_base on a context created with ub_ctx_create_event.
+ * Any outbound queries will be canceled.
+ * @param ctx the ub_ctx to update.  Must have been created with ub_ctx_create_event
+ * @param base the new event_base to attach to the ctx
+ * @return 0 if OK, else error
+ */
+int ub_ctx_set_event(struct ub_ctx* ctx, struct event_base* base); 
+
+/**
+ * Perform resolution and validation of the target name.
+ * Asynchronous, after a while, the callback will be called with your
+ * data and the result.  Uses the event_base user installed by creating the
+ * context with ub_ctx_create_event().
+ * @param ctx: context with event_base in it.
+ *	The context is finalized, and can no longer accept all config changes.
+ * @param name: domain name in text format (a string).
+ * @param rrtype: type of RR in host order, 1 is A.
+ * @param rrclass: class of RR in host order, 1 is IN (for internet).
+ * @param mydata: this data is your own data (you can pass NULL),
+ * 	and is passed on to the callback function.
+ * @param callback: this is called on completion of the resolution.
+ * 	It is called as:
+ * 	void callback(void* mydata, int rcode, void* packet, int packet_len,
+ * 		int sec, char* why_bogus)
+ * 	with mydata: the same as passed here, you may pass NULL,
+ * 	with rcode: 0 on no error, nonzero for mostly SERVFAIL situations,
+ *		this is a DNS rcode.
+ *	with packet: a buffer with DNS wireformat packet with the answer.
+ *		do not inspect if rcode != 0.
+ *		do not write or free the packet buffer, it is used internally
+ *		in unbound (for other callbacks that want the same data).
+ *	with packet_len: length in bytes of the packet buffer.
+ *	with sec: 0 if insecure, 1 if bogus, 2 if DNSSEC secure.
+ *	with why_bogus: text string explaining why it is bogus (or NULL).
+ *	These point to buffers inside unbound; do not deallocate the packet or
+ *	error string.
+ *
+ * 	If an error happens during processing, your callback will be called
+ * 	with error set to a nonzero value (and result==NULL).
+ * 	For localdata (etc/hosts) the callback is called immediately, before
+ * 	resolve_event returns, async_id=0 is returned.
+ * @param async_id: if you pass a non-NULL value, an identifier number is
+ *	returned for the query as it is in progress. It can be used to 
+ *	cancel the query.
+ * @return 0 if OK, else error.
+ */
+int ub_resolve_event(struct ub_ctx* ctx, const char* name, int rrtype, 
+	int rrclass, void* mydata, ub_event_callback_t callback, int* async_id);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _UB_UNBOUND_H */

libunbound/unbound.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

pythonmod/interface.i

@@ -26,6 +26,9 @@
    #include "util/storage/lruhash.h"
    #include "services/cache/dns.h"
    #include "services/mesh.h"
+   #include "ldns/wire2str.h"
+   #include "ldns/str2wire.h"
+   #include "ldns/pkthdr.h"
 %}
 
 %include "stdint.i" // uint_16_t can be known type now
@@ -164,11 +167,11 @@ struct query_info {
 
 %extend query_info {
    %pythoncode %{
-        def _get_qtype_str(self): return ldns_rr_type2str(self.qtype)
+        def _get_qtype_str(self): return sldns_wire2str_type(self.qtype)
         __swig_getmethods__["qtype_str"] = _get_qtype_str
         if _newclass:qtype_str = _swig_property(_get_qtype_str)
 
-        def _get_qclass_str(self): return ldns_rr_class2str(self.qclass)
+        def _get_qclass_str(self): return sldns_wire2str_class(self.qclass)
         __swig_getmethods__["qclass_str"] = _get_qclass_str
         if _newclass:qclass_str = _swig_property(_get_qclass_str)
 
@@ -216,11 +219,11 @@ uint16_t ntohs(uint16_t netshort);
 
 %extend packed_rrset_key {
    %pythoncode %{
-        def _get_type_str(self): return ldns_rr_type2str(_unboundmodule.ntohs(self.type))
+        def _get_type_str(self): return sldns_wire2str_type(_unboundmodule.ntohs(self.type))
         __swig_getmethods__["type_str"] = _get_type_str
         if _newclass:type_str = _swig_property(_get_type_str)
 
-        def _get_class_str(self): return ldns_rr_class2str(_unboundmodule.ntohs(self.rrset_class))
+        def _get_class_str(self): return sldns_wire2str_class(_unboundmodule.ntohs(self.rrset_class))
         __swig_getmethods__["rrset_class_str"] = _get_class_str
         if _newclass:rrset_class_str = _swig_property(_get_class_str)
 
@@ -721,6 +724,14 @@ enum verbosity_value {
    VERB_ALGO
 };
 
+%constant uint16_t PKT_QR = 1;      /* QueRy - query flag */
+%constant uint16_t PKT_AA = 2;      /* Authoritative Answer - server flag */
+%constant uint16_t PKT_TC = 4;      /* TrunCated - server flag */
+%constant uint16_t PKT_RD = 8;      /* Recursion Desired - query flag */
+%constant uint16_t PKT_CD = 16;     /* Checking Disabled - query flag */
+%constant uint16_t PKT_RA = 32;     /* Recursion Available - server flag */
+%constant uint16_t PKT_AD = 64;     /* Authenticated Data - server flag */
+
 %{
 int checkList(PyObject *l) 
 {
@@ -744,84 +755,100 @@ int checkList(PyObject *l)
     return 0;
 }
 
-ldns_rr_list* createRRList(PyObject *l, uint32_t default_ttl) 
+int pushRRList(sldns_buffer* qb, PyObject *l, uint32_t default_ttl, int qsec,
+        size_t count_offset)
 {
     PyObject* item;
-    ldns_status status;
-    ldns_rr_list* rr_list;
-    ldns_rr* rr;
     int i;
-
-    if (PyList_Size(l) == 0)
-       return NULL;
-
-    rr_list = ldns_rr_list_new();
+    size_t len;
 
     for (i=0; i < PyList_Size(l); i++) 
     {
         item = PyList_GetItem(l, i);
 
-        status = ldns_rr_new_frm_str(&rr, PyString_AsString(item), default_ttl, 0, 0);
-        if (status != LDNS_STATUS_OK) 
-            continue;
-
-        if (!ldns_rr_list_push_rr(rr_list, rr)) 
-            continue;
+        len = sldns_buffer_remaining(qb);
+        if(qsec) {
+                if(sldns_str2wire_rr_question_buf(PyString_AsString(item),
+                        sldns_buffer_current(qb), &len, NULL, NULL, 0, NULL, 0)
+                        != 0)
+                        return 0;
+        } else {
+                if(sldns_str2wire_rr_buf(PyString_AsString(item),
+                        sldns_buffer_current(qb), &len, NULL, default_ttl,
+                        NULL, 0, NULL, 0) != 0)
+                        return 0;
+        }
+        sldns_buffer_skip(qb, len);
 
+        sldns_buffer_write_u16_at(qb, count_offset,
+                sldns_buffer_read_u16_at(qb, count_offset)+1);
     }
-    return rr_list;
+    return 1;
 }
 
 int set_return_msg(struct module_qstate* qstate, 
-                   const char* rr_name, ldns_rr_type rr_type, ldns_rr_class rr_class , uint16_t flags, uint32_t default_ttl,
+                   const char* rr_name, sldns_rr_type rr_type, sldns_rr_class rr_class , uint16_t flags, uint32_t default_ttl,
                    PyObject* question, PyObject* answer, PyObject* authority, PyObject* additional) 
 {
-     ldns_pkt* pkt = 0;
-     ldns_status status;
-     ldns_rr_list* rr_list = 0;
-     ldns_buffer *qb = 0;
+     sldns_buffer *qb = 0;
      int res = 1;
-     
+     size_t l;
+     uint16_t PKT_QR = 1;
+     uint16_t PKT_AA = 2;
+     uint16_t PKT_TC = 4;
+     uint16_t PKT_RD = 8;
+     uint16_t PKT_CD = 16;
+     uint16_t PKT_RA = 32;
+     uint16_t PKT_AD = 64;
+ 
      if ((!checkList(question)) || (!checkList(answer)) || (!checkList(authority)) || (!checkList(additional)))
         return 0;
+     if ((qb = sldns_buffer_new(LDNS_RR_BUF_SIZE)) == 0) return 0;
 
-     status = ldns_pkt_query_new_frm_str(&pkt, rr_name, rr_type, rr_class, flags);
-     if ((status != LDNS_STATUS_OK) || (pkt == 0))
-        return 0;
+     /* write header */
+     sldns_buffer_write_u16(qb, 0); /* ID */
+     sldns_buffer_write_u16(qb, 0); /* flags */
+     sldns_buffer_write_u16(qb, 1); /* qdcount */
+     sldns_buffer_write_u16(qb, 0); /* ancount */
+     sldns_buffer_write_u16(qb, 0); /* nscount */
+     sldns_buffer_write_u16(qb, 0); /* arcount */
+     if ((flags&PKT_QR)) LDNS_QR_SET(sldns_buffer_begin(qb));
+     if ((flags&PKT_AA)) LDNS_AA_SET(sldns_buffer_begin(qb));
+     if ((flags&PKT_TC)) LDNS_TC_SET(sldns_buffer_begin(qb));
+     if ((flags&PKT_RD)) LDNS_RD_SET(sldns_buffer_begin(qb));
+     if ((flags&PKT_CD)) LDNS_CD_SET(sldns_buffer_begin(qb));
+     if ((flags&PKT_RA)) LDNS_RA_SET(sldns_buffer_begin(qb));
+     if ((flags&PKT_AD)) LDNS_AD_SET(sldns_buffer_begin(qb));
 
-     rr_list = createRRList(question, default_ttl);
-     if ((rr_list) && (res)) res = ldns_pkt_push_rr_list(pkt, LDNS_SECTION_QUESTION, rr_list);
-     ldns_rr_list_free(rr_list);
-     rr_list = createRRList(answer, default_ttl);
-     if ((rr_list) && (res)) res = ldns_pkt_push_rr_list(pkt, LDNS_SECTION_ANSWER, rr_list);
-     ldns_rr_list_free(rr_list);
-     rr_list = createRRList(authority, default_ttl);
-     if ((rr_list) && (res)) res = ldns_pkt_push_rr_list(pkt, LDNS_SECTION_AUTHORITY, rr_list);
-     ldns_rr_list_free(rr_list);
-     rr_list = createRRList(additional, default_ttl);
-     if ((rr_list) && (res)) res = ldns_pkt_push_rr_list(pkt, LDNS_SECTION_ADDITIONAL, rr_list);
-     ldns_rr_list_free(rr_list);
+     /* write the query */
+     l = sldns_buffer_remaining(qb);
+     if(sldns_str2wire_dname_buf(rr_name, sldns_buffer_current(qb), &l) != 0) {
+             sldns_buffer_free(qb);
+             return 0;
+     }
+     sldns_buffer_skip(qb, l);
+     if (rr_type == 0) { rr_type = LDNS_RR_TYPE_A; }
+     if (rr_class == 0) { rr_class = LDNS_RR_CLASS_IN; }
+     sldns_buffer_write_u16(qb, rr_type);
+     sldns_buffer_write_u16(qb, rr_class);
 
-     if ((res) && ((qb = ldns_buffer_new(LDNS_MIN_BUFLEN)) == 0)) res = 0;
-     if ((res) && (ldns_pkt2buffer_wire(qb, pkt) != LDNS_STATUS_OK)) res = 0;
+     /* write RR sections */
+     if(res && !pushRRList(qb, question, default_ttl, 1, LDNS_QDCOUNT_OFF))
+             res = 0;
+     if(res && !pushRRList(qb, answer, default_ttl, 0, LDNS_ANCOUNT_OFF))
+             res = 0;
+     if(res && !pushRRList(qb, authority, default_ttl, 0, LDNS_NSCOUNT_OFF))
+             res = 0;
+     if(res && !pushRRList(qb, additional, default_ttl, 0, LDNS_ARCOUNT_OFF))
+             res = 0;
 
      if (res) res = createResponse(qstate, qb);
 
-     if (qb) ldns_buffer_free(qb);
-
-     ldns_pkt_free(pkt); //this function dealocates pkt as well as rrs
+     if (qb) sldns_buffer_free(qb);
      return res;
 }
 %}
 
-%constant uint16_t PKT_QR = 1;      /* QueRy - query flag */
-%constant uint16_t PKT_AA = 2;      /* Authoritative Answer - server flag */
-%constant uint16_t PKT_TC = 4;      /* TrunCated - server flag */
-%constant uint16_t PKT_RD = 8;      /* Recursion Desired - query flag */
-%constant uint16_t PKT_CD = 16;     /* Checking Disabled - query flag */
-%constant uint16_t PKT_RA = 32;     /* Recursion Available - server flag */
-%constant uint16_t PKT_AD = 64;     /* Authenticated Data - server flag */
-
 int set_return_msg(struct module_qstate* qstate, 
                    const char* rr_name, int rr_type, int rr_class , uint16_t flags, uint32_t default_ttl,
                    PyObject* question, PyObject* answer, PyObject* authority, PyObject* additional);
@@ -872,12 +899,12 @@ void regional_log_stats(struct regional *r);
 }
 
 // Mark as source returning newly allocated memory
-%newobject ldns_rr_type2str;
-%newobject ldns_rr_class2str;
+%newobject sldns_wire2str_type;
+%newobject sldns_wire2str_class;
 
 // LDNS functions
-char *ldns_rr_type2str(const uint16_t atype);
-char *ldns_rr_class2str(const uint16_t aclass);
+char *sldns_wire2str_type(const uint16_t atype);
+char *sldns_wire2str_class(const uint16_t aclass);
 
 // Functions from pythonmod_utils
 int storeQueryInCache(struct module_qstate* qstate, struct query_info* qinfo, struct reply_info* msgrep, int is_referral);

pythonmod/pythonmod.c

@@ -45,7 +45,7 @@
 #endif
 
 #include "config.h"
-#include <ldns/ldns.h>
+#include "ldns/sbuffer.h"
 
 #undef _POSIX_C_SOURCE
 #undef _XOPEN_SOURCE

pythonmod/pythonmod_utils.c

@@ -48,6 +48,7 @@
 #include "util/data/msgreply.h"
 #include "util/storage/slabhash.h"
 #include "util/regional.h"
+#include "ldns/sbuffer.h"
 
 #undef _POSIX_C_SOURCE
 #undef _XOPEN_SOURCE
@@ -106,7 +107,7 @@ void invalidateQueryInCache(struct module_qstate* qstate, struct query_info* qin
 }
 
 /* Create response according to the ldns packet content */
-int createResponse(struct module_qstate* qstate, ldns_buffer* pkt)
+int createResponse(struct module_qstate* qstate, sldns_buffer* pkt)
 {
     struct msg_parse* prs;
     struct edns_data edns;
@@ -121,7 +122,7 @@ int createResponse(struct module_qstate* qstate, ldns_buffer* pkt)
     memset(prs, 0, sizeof(*prs));
     memset(&edns, 0, sizeof(edns));
 
-    ldns_buffer_set_position(pkt, 0);
+    sldns_buffer_set_position(pkt, 0);
     if (parse_packet(pkt, prs, qstate->env->scratch) != LDNS_RCODE_NOERROR) {
 	verbose(VERB_ALGO, "storeResponse: parse error on reply packet");
 	return 0;

pythonmod/pythonmod_utils.h

@@ -73,10 +73,10 @@ void invalidateQueryInCache(struct module_qstate* qstate, struct query_info* qin
  *  This function fills qstate.return_msg up with data of a given packet
  * 
  * @param qstate: module environment
- * @param pkt: a ldns_buffer which contains ldns_packet data
+ * @param pkt: a sldns_buffer which contains sldns_packet data
  * @return 0 on failure, out of memory or parse error.
  */
-int createResponse(struct module_qstate* qstate, ldns_buffer* pkt);
+int createResponse(struct module_qstate* qstate, sldns_buffer* pkt);
 
 /**
  *  Convert reply->addr to string

services/cache/dns.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -50,6 +50,7 @@
 #include "util/net_help.h"
 #include "util/regional.h"
 #include "util/config_file.h"
+#include "ldns/sbuffer.h"
 
 /** store rrsets in the rrset cache. 
  * @param env: module environment with caches.
@@ -615,7 +616,7 @@ synth_dname_msg(struct ub_packed_rrset_key* rrset, struct regional* region,
 	newd->rr_ttl[0] = newd->ttl;
 	msg->rep->ttl = newd->ttl;
 	msg->rep->prefetch_ttl = PREFETCH_TTL_CALC(newd->ttl);
-	ldns_write_uint16(newd->rr_data[0], newlen);
+	sldns_write_uint16(newd->rr_data[0], newlen);
 	memmove(newd->rr_data[0] + sizeof(uint16_t), newname, newlen);
 	msg->rep->an_numrrsets ++;
 	msg->rep->rrset_count ++;

services/cache/dns.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

services/cache/infra.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -39,7 +39,7 @@
  * This file contains the infrastructure cache.
  */
 #include "config.h"
-#include <ldns/rr.h>
+#include "ldns/rrdef.h"
 #include "services/cache/infra.h"
 #include "util/storage/slabhash.h"
 #include "util/storage/lookup3.h"

services/cache/infra.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

services/cache/rrset.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -40,6 +40,7 @@
  */
 #include "config.h"
 #include "services/cache/rrset.h"
+#include "ldns/rrdef.h"
 #include "util/storage/slabhash.h"
 #include "util/config_file.h"
 #include "util/data/packed_rrset.h"

services/cache/rrset.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

services/listen_dnsport.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -49,6 +49,7 @@
 #include "util/log.h"
 #include "util/config_file.h"
 #include "util/net_help.h"
+#include "ldns/sbuffer.h"
 
 #ifdef HAVE_NETDB_H
 #include <netdb.h>
@@ -75,7 +76,7 @@ verbose_print_addr(struct addrinfo *addr)
 #endif /* INET6 */
 		if(inet_ntop(addr->ai_family, sinaddr, buf,
 			(socklen_t)sizeof(buf)) == 0) {
-			strncpy(buf, "(null)", sizeof(buf));
+			(void)strlcpy(buf, "(null)", sizeof(buf));
 		}
 		buf[sizeof(buf)-1] = 0;
 		verbose(VERB_ALGO, "creating %s%s socket %s %d", 
@@ -91,10 +92,10 @@ verbose_print_addr(struct addrinfo *addr)
 int
 create_udp_sock(int family, int socktype, struct sockaddr* addr,
         socklen_t addrlen, int v6only, int* inuse, int* noproto,
-	int rcv, int snd)
+	int rcv, int snd, int listen, int* reuseport)
 {
 	int s;
-#if defined(IPV6_USE_MIN_MTU)
+#if defined(SO_REUSEADDR) || defined(SO_REUSEPORT) || defined(IPV6_USE_MIN_MTU)
 	int on=1;
 #endif
 #ifdef IPV6_MTU
@@ -129,6 +130,50 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr,
 		*noproto = 0;
 		return -1;
 	}
+	if(listen) {
+#ifdef SO_REUSEADDR
+		if(setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void*)&on, 
+			(socklen_t)sizeof(on)) < 0) {
+#ifndef USE_WINSOCK
+			log_err("setsockopt(.. SO_REUSEADDR ..) failed: %s",
+				strerror(errno));
+			if(errno != ENOSYS) {
+				close(s);
+				*noproto = 0;
+				*inuse = 0;
+				return -1;
+			}
+#else
+			log_err("setsockopt(.. SO_REUSEADDR ..) failed: %s",
+				wsa_strerror(WSAGetLastError()));
+			closesocket(s);
+			*noproto = 0;
+			*inuse = 0;
+			return -1;
+#endif
+		}
+#endif /* SO_REUSEADDR */
+#if defined(__linux__) && defined(SO_REUSEPORT)
+		/* Linux specific: try to set SO_REUSEPORT so that incoming
+		 * queries are distributed evenly among the receiving threads.
+		 * Each thread must have its own socket bound to the same port,
+		 * with SO_REUSEPORT set on each socket.
+		 */
+		if (reuseport && *reuseport &&
+		    setsockopt(s, SOL_SOCKET, SO_REUSEPORT, (void*)&on,
+			(socklen_t)sizeof(on)) < 0) {
+#ifdef ENOPROTOOPT
+			if(errno != ENOPROTOOPT || verbosity >= 3)
+				log_warn("setsockopt(.. SO_REUSEPORT ..) failed: %s",
+					strerror(errno));
+#endif
+			/* this option is not essential, we can continue */
+			*reuseport = 0;
+		}
+#else
+		(void)reuseport;
+#endif /* defined(__linux__) && defined(SO_REUSEPORT) */
+	}
 	if(rcv) {
 #ifdef SO_RCVBUF
 		int got;
@@ -391,10 +436,11 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr,
 }
 
 int
-create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto)
+create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto,
+	int* reuseport)
 {
 	int s;
-#if defined(SO_REUSEADDR) || defined(IPV6_V6ONLY)
+#if defined(SO_REUSEADDR) || defined(SO_REUSEPORT) || defined(IPV6_V6ONLY)
 	int on = 1;
 #endif /* SO_REUSEADDR || IPV6_V6ONLY */
 	verbose_print_addr(addr);
@@ -432,6 +478,26 @@ create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto)
 		return -1;
 	}
 #endif /* SO_REUSEADDR */
+#if defined(__linux__) && defined(SO_REUSEPORT)
+	/* Linux specific: try to set SO_REUSEPORT so that incoming
+	 * connections are distributed evenly among the receiving threads.
+	 * Each thread must have its own socket bound to the same port,
+	 * with SO_REUSEPORT set on each socket.
+	 */
+	if (reuseport && *reuseport &&
+		setsockopt(s, SOL_SOCKET, SO_REUSEPORT, (void*)&on,
+		(socklen_t)sizeof(on)) < 0) {
+#ifdef ENOPROTOOPT
+		if(errno != ENOPROTOOPT || verbosity >= 3)
+			log_warn("setsockopt(.. SO_REUSEPORT ..) failed: %s",
+				strerror(errno));
+#endif
+		/* this option is not essential, we can continue */
+		*reuseport = 0;
+	}
+#else
+	(void)reuseport;
+#endif /* defined(__linux__) && defined(SO_REUSEPORT) */
 #if defined(IPV6_V6ONLY)
 	if(addr->ai_family == AF_INET6 && v6only) {
 		if(setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, 
@@ -499,7 +565,8 @@ create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto)
  */
 static int
 make_sock(int stype, const char* ifname, const char* port, 
-	struct addrinfo *hints, int v6only, int* noip6, size_t rcv, size_t snd)
+	struct addrinfo *hints, int v6only, int* noip6, size_t rcv, size_t snd,
+	int* reuseport)
 {
 	struct addrinfo *res = NULL;
 	int r, s, inuse, noproto;
@@ -526,14 +593,15 @@ make_sock(int stype, const char* ifname, const char* port,
 		verbose_print_addr(res);
 		s = create_udp_sock(res->ai_family, res->ai_socktype,
 			(struct sockaddr*)res->ai_addr, res->ai_addrlen,
-			v6only, &inuse, &noproto, (int)rcv, (int)snd);
+			v6only, &inuse, &noproto, (int)rcv, (int)snd, 1,
+			reuseport);
 		if(s == -1 && inuse) {
 			log_err("bind: address already in use");
 		} else if(s == -1 && noproto && hints->ai_family == AF_INET6){
 			*noip6 = 1;
 		}
 	} else	{
-		s = create_tcp_accept_sock(res, v6only, &noproto);
+		s = create_tcp_accept_sock(res, v6only, &noproto, reuseport);
 		if(s == -1 && noproto && hints->ai_family == AF_INET6){
 			*noip6 = 1;
 		}
@@ -545,7 +613,8 @@ make_sock(int stype, const char* ifname, const char* port,
 /** make socket and first see if ifname contains port override info */
 static int
 make_sock_port(int stype, const char* ifname, const char* port, 
-	struct addrinfo *hints, int v6only, int* noip6, size_t rcv, size_t snd)
+	struct addrinfo *hints, int v6only, int* noip6, size_t rcv, size_t snd,
+	int* reuseport)
 {
 	char* s = strchr(ifname, '@');
 	if(s) {
@@ -562,14 +631,15 @@ make_sock_port(int stype, const char* ifname, const char* port,
 			*noip6 = 0;
 			return -1;
 		}
-		strncpy(newif, ifname, sizeof(newif));
+		(void)strlcpy(newif, ifname, sizeof(newif));
 		newif[s-ifname] = 0;
-		strncpy(p, s+1, sizeof(p));
+		(void)strlcpy(p, s+1, sizeof(p));
 		p[strlen(s+1)]=0;
 		return make_sock(stype, newif, p, hints, v6only, noip6,
-			rcv, snd);
+			rcv, snd, reuseport);
 	}
-	return make_sock(stype, ifname, port, hints, v6only, noip6, rcv, snd);
+	return make_sock(stype, ifname, port, hints, v6only, noip6, rcv, snd,
+		reuseport);
 }
 
 /**
@@ -661,19 +731,21 @@ set_recvpktinfo(int s, int family)
  * @param rcv: receive buffer size for UDP
  * @param snd: send buffer size for UDP
  * @param ssl_port: ssl service port number
+ * @param reuseport: try to set SO_REUSEPORT if nonNULL and true.
+ * 	set to false on exit if reuseport failed due to no kernel support.
  * @return: returns false on error.
  */
 static int
 ports_create_if(const char* ifname, int do_auto, int do_udp, int do_tcp, 
 	struct addrinfo *hints, const char* port, struct listen_port** list,
-	size_t rcv, size_t snd, int ssl_port)
+	size_t rcv, size_t snd, int ssl_port, int* reuseport)
 {
 	int s, noip6=0;
 	if(!do_udp && !do_tcp)
 		return 0;
 	if(do_auto) {
 		if((s = make_sock_port(SOCK_DGRAM, ifname, port, hints, 1, 
-			&noip6, rcv, snd)) == -1) {
+			&noip6, rcv, snd, reuseport)) == -1) {
 			if(noip6) {
 				log_warn("IPv6 protocol not available");
 				return 1;
@@ -700,7 +772,7 @@ ports_create_if(const char* ifname, int do_auto, int do_udp, int do_tcp,
 	} else if(do_udp) {
 		/* regular udp socket */
 		if((s = make_sock_port(SOCK_DGRAM, ifname, port, hints, 1, 
-			&noip6, rcv, snd)) == -1) {
+			&noip6, rcv, snd, reuseport)) == -1) {
 			if(noip6) {
 				log_warn("IPv6 protocol not available");
 				return 1;
@@ -721,7 +793,7 @@ ports_create_if(const char* ifname, int do_auto, int do_udp, int do_tcp,
 			atoi(strchr(ifname, '@')+1) == ssl_port) ||
 			(!strchr(ifname, '@') && atoi(port) == ssl_port));
 		if((s = make_sock_port(SOCK_STREAM, ifname, port, hints, 1, 
-			&noip6, 0, 0)) == -1) {
+			&noip6, 0, 0, reuseport)) == -1) {
 			if(noip6) {
 				/*log_warn("IPv6 protocol not available");*/
 				return 1;
@@ -772,7 +844,7 @@ listen_create(struct comm_base* base, struct listen_port* ports,
 	if(!front)
 		return NULL;
 	front->cps = NULL;
-	front->udp_buff = ldns_buffer_new(bufsize);
+	front->udp_buff = sldns_buffer_new(bufsize);
 	if(!front->udp_buff) {
 		free(front);
 		return NULL;
@@ -835,12 +907,12 @@ listen_delete(struct listen_dnsport* front)
 	if(!front) 
 		return;
 	listen_list_delete(front->cps);
-	ldns_buffer_free(front->udp_buff);
+	sldns_buffer_free(front->udp_buff);
 	free(front);
 }
 
 struct listen_port* 
-listening_ports_open(struct config_file* cfg)
+listening_ports_open(struct config_file* cfg, int* reuseport)
 {
 	struct listen_port* list = NULL;
 	struct addrinfo hints;
@@ -876,7 +948,7 @@ listening_ports_open(struct config_file* cfg)
 				do_auto, cfg->do_udp, do_tcp, 
 				&hints, portbuf, &list,
 				cfg->so_rcvbuf, cfg->so_sndbuf,
-				cfg->ssl_port)) {
+				cfg->ssl_port, reuseport)) {
 				listening_ports_free(list);
 				return NULL;
 			}
@@ -887,7 +959,7 @@ listening_ports_open(struct config_file* cfg)
 				do_auto, cfg->do_udp, do_tcp, 
 				&hints, portbuf, &list,
 				cfg->so_rcvbuf, cfg->so_sndbuf,
-				cfg->ssl_port)) {
+				cfg->ssl_port, reuseport)) {
 				listening_ports_free(list);
 				return NULL;
 			}
@@ -900,7 +972,7 @@ listening_ports_open(struct config_file* cfg)
 			if(!ports_create_if(cfg->ifs[i], 0, cfg->do_udp, 
 				do_tcp, &hints, portbuf, &list, 
 				cfg->so_rcvbuf, cfg->so_sndbuf,
-				cfg->ssl_port)) {
+				cfg->ssl_port, reuseport)) {
 				listening_ports_free(list);
 				return NULL;
 			}
@@ -911,7 +983,7 @@ listening_ports_open(struct config_file* cfg)
 			if(!ports_create_if(cfg->ifs[i], 0, cfg->do_udp, 
 				do_tcp, &hints, portbuf, &list, 
 				cfg->so_rcvbuf, cfg->so_sndbuf,
-				cfg->ssl_port)) {
+				cfg->ssl_port, reuseport)) {
 				listening_ports_free(list);
 				return NULL;
 			}
@@ -941,7 +1013,7 @@ size_t listen_get_mem(struct listen_dnsport* listen)
 {
 	size_t s = sizeof(*listen) + sizeof(*listen->base) + 
 		sizeof(*listen->udp_buff) + 
-		ldns_buffer_capacity(listen->udp_buff);
+		sldns_buffer_capacity(listen->udp_buff);
 	struct listen_list* p;
 	for(p = listen->cps; p; p = p->next) {
 		s += sizeof(*p);

services/listen_dnsport.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -46,6 +46,7 @@
 struct listen_list;
 struct config_file;
 struct addrinfo;
+struct sldns_buffer;
 
 /**
  * Listening for queries structure.
@@ -57,7 +58,7 @@ struct listen_dnsport {
 
 	/** buffer shared by UDP connections, since there is only one
 	    datagram at any time. */
-	ldns_buffer* udp_buff;
+	struct sldns_buffer* udp_buff;
 
 	/** list of comm points used to get incoming events */
 	struct listen_list* cps;
@@ -106,9 +107,13 @@ struct listen_port {
  * interfaces for IP4 and/or IP6, for UDP and/or TCP.
  * On the given port number. It creates the sockets.
  * @param cfg: settings on what ports to open.
+ * @param reuseport: set to true if you want reuseport, or NULL to not have it,
+ *   set to false on exit if reuseport failed to apply (because of no
+ *   kernel support).
  * @return: linked list of ports or NULL on error.
  */
-struct listen_port* listening_ports_open(struct config_file* cfg);
+struct listen_port* listening_ports_open(struct config_file* cfg,
+	int* reuseport);
 
 /**
  * Close and delete the (list of) listening ports.
@@ -178,19 +183,26 @@ void listen_start_accept(struct listen_dnsport* listen);
 	IPv6 proto (family) is not available.
  * @param rcv: set size on rcvbuf with socket option, if 0 it is not set.
  * @param snd: set size on sndbuf with socket option, if 0 it is not set.
+ * @param listen: if true, this is a listening UDP port, eg port 53, and 
+ * 	set SO_REUSEADDR on it.
+ * @param reuseport: if nonNULL and true, try to set SO_REUSEPORT on
+ * 	listening UDP port.  Set to false on return if it failed to do so.
  * @return: the socket. -1 on error.
  */
 int create_udp_sock(int family, int socktype, struct sockaddr* addr, 
 	socklen_t addrlen, int v6only, int* inuse, int* noproto, int rcv,
-	int snd);
+	int snd, int listen, int* reuseport);
 
 /**
  * Create and bind TCP listening socket
  * @param addr: address info ready to make socket.
  * @param v6only: enable ip6 only flag on ip6 sockets.
  * @param noproto: if error caused by lack of protocol support.
+ * @param reuseport: if nonNULL and true, try to set SO_REUSEPORT on
+ * 	listening UDP port.  Set to false on return if it failed to do so.
  * @return: the socket. -1 on error.
  */
-int create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto);
+int create_tcp_accept_sock(struct addrinfo *addr, int v6only, int* noproto,
+	int* reuseport);
 
 #endif /* LISTEN_DNSPORT_H */

services/localzone.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -39,9 +39,9 @@
  * This file contains functions to enable local zone authority service.
  */
 #include "config.h"
-#include <ldns/dname.h>
-#include <ldns/host2wire.h>
 #include "services/localzone.h"
+#include "ldns/str2wire.h"
+#include "ldns/sbuffer.h"
 #include "util/regional.h"
 #include "util/config_file.h"
 #include "util/data/dname.h"
@@ -59,7 +59,7 @@ local_zones_create(void)
 	if(!zones)
 		return NULL;
 	rbtree_init(&zones->ztree, &local_zone_cmp);
-	lock_quick_init(&zones->lock);
+	lock_rw_init(&zones->lock);
 	lock_protect(&zones->lock, &zones->ztree, sizeof(zones->ztree));
 	/* also lock protects the rbnode's in struct local_zone */
 	return zones;
@@ -78,7 +78,7 @@ local_zones_delete(struct local_zones* zones)
 {
 	if(!zones)
 		return;
-	lock_quick_destroy(&zones->lock);
+	lock_rw_destroy(&zones->lock);
 	/* walk through zones and delete them all */
 	traverse_postorder(&zones->ztree, lzdel, NULL);
 	free(zones);
@@ -125,19 +125,10 @@ local_data_cmp(const void* d1, const void* d2)
 int
 parse_dname(const char* str, uint8_t** res, size_t* len, int* labs)
 {
-	ldns_rdf* rdf;
-	*res = NULL;
-	*len = 0;
+	*res = sldns_str2wire_dname(str, len);
 	*labs = 0;
-	rdf = ldns_dname_new_frm_str(str);
-	if(!rdf) {
-		log_err("cannot parse name %s", str);
-		return 0;
-	}
-	*res = memdup(ldns_rdf_data(rdf), ldns_rdf_size(rdf));
-	ldns_rdf_deep_free(rdf);
 	if(!*res) {
-		log_err("out of memory");
+		log_err("cannot parse name %s", str);
 		return 0;
 	}
 	*labs = dname_count_size_labels(*res, len);
@@ -183,16 +174,16 @@ lz_enter_zone_dname(struct local_zones* zones, uint8_t* nm, size_t len,
 	}
 
 	/* add to rbtree */
-	lock_quick_lock(&zones->lock);
+	lock_rw_wrlock(&zones->lock);
 	lock_rw_wrlock(&z->lock);
 	if(!rbtree_insert(&zones->ztree, &z->node)) {
 		log_warn("duplicate local-zone");
 		lock_rw_unlock(&z->lock);
 		local_zone_delete(z);
-		lock_quick_unlock(&zones->lock);
+		lock_rw_unlock(&zones->lock);
 		return NULL;
 	}
-	lock_quick_unlock(&zones->lock);
+	lock_rw_unlock(&zones->lock);
 	return z;
 }
 
@@ -225,39 +216,28 @@ lz_enter_zone(struct local_zones* zones, const char* name, const char* type,
 /** return name and class and rdata of rr; parses string */
 static int
 get_rr_content(const char* str, uint8_t** nm, uint16_t* type,
-	uint16_t* dclass, time_t* ttl, ldns_buffer* rdata)
+	uint16_t* dclass, time_t* ttl, uint8_t* rr, size_t len,
+	uint8_t** rdata, size_t* rdata_len)
 {
-	ldns_rr* rr = NULL;
-	ldns_status status = ldns_rr_new_frm_str(&rr, str, 3600, NULL, NULL);
-	if(status != LDNS_STATUS_OK) {
-		log_err("error parsing local-data '%s': %s",
-			str, ldns_get_errorstr_by_id(status));
-		ldns_rr_free(rr);
+	size_t dname_len = 0;
+	int e = sldns_str2wire_rr_buf(str, rr, &len, &dname_len, 3600,
+		NULL, 0, NULL, 0);
+	if(e) {
+		log_err("error parsing local-data at %d: '%s': %s",
+			LDNS_WIREPARSE_OFFSET(e), str,
+			sldns_get_errorstr_parse(e));
 		return 0;
 	}
-	*nm = memdup(ldns_rdf_data(ldns_rr_owner(rr)), 
-		ldns_rdf_size(ldns_rr_owner(rr)));
+	*nm = memdup(rr, dname_len);
 	if(!*nm) {
 		log_err("out of memory");
-		ldns_rr_free(rr);
 		return 0;
 	}
-	*dclass = ldns_rr_get_class(rr);
-	*type = ldns_rr_get_type(rr);
-	*ttl = (time_t)ldns_rr_ttl(rr);
-	ldns_buffer_clear(rdata);
-	ldns_buffer_skip(rdata, 2);
-	status = ldns_rr_rdata2buffer_wire(rdata, rr);
-	ldns_rr_free(rr);
-        if(status != LDNS_STATUS_OK) {
-                log_err("error converting RR '%s' to wireformat: %s",
-                        str, ldns_get_errorstr_by_id(status));
-		free(*nm);
-		*nm = NULL;
-                return 0;
-        }
-        ldns_buffer_flip(rdata);
-        ldns_buffer_write_u16_at(rdata, 0, ldns_buffer_limit(rdata) - 2);
+	*dclass = sldns_wirerr_get_class(rr, len, dname_len);
+	*type = sldns_wirerr_get_type(rr, len, dname_len);
+	*ttl = (time_t)sldns_wirerr_get_ttl(rr, len, dname_len);
+	*rdata = sldns_wirerr_get_rdatawl(rr, len, dname_len);
+	*rdata_len = sldns_wirerr_get_rdatalen(rr, len, dname_len)+2;
 	return 1;
 }
 
@@ -265,18 +245,18 @@ get_rr_content(const char* str, uint8_t** nm, uint16_t* type,
 static int
 get_rr_nameclass(const char* str, uint8_t** nm, uint16_t* dclass)
 {
-	ldns_rr* rr = NULL;
-	ldns_status status = ldns_rr_new_frm_str(&rr, str, 3600, NULL, NULL);
-	if(status != LDNS_STATUS_OK) {
-		log_err("error parsing local-data '%s': %s",
-			str, ldns_get_errorstr_by_id(status));
-		ldns_rr_free(rr);
+	uint8_t rr[LDNS_RR_BUF_SIZE];
+	size_t len = sizeof(rr), dname_len = 0;
+	int s = sldns_str2wire_rr_buf(str, rr, &len, &dname_len, 3600,
+		NULL, 0, NULL, 0);
+	if(s != 0) {
+		log_err("error parsing local-data at %d '%s': %s",
+			LDNS_WIREPARSE_OFFSET(s), str,
+			sldns_get_errorstr_parse(s));
 		return 0;
 	}
-	*nm = memdup(ldns_rdf_data(ldns_rr_owner(rr)), 
-		ldns_rdf_size(ldns_rr_owner(rr)));
-	*dclass = ldns_rr_get_class(rr);
-	ldns_rr_free(rr);
+	*nm = memdup(rr, dname_len);
+	*dclass = sldns_wirerr_get_class(rr, len, dname_len);
 	if(!*nm) {
 		log_err("out of memory");
 		return 0;
@@ -304,13 +284,12 @@ local_data_find_type(struct local_data* data, uint16_t type)
 
 /** check for RR duplicates */
 static int
-rr_is_duplicate(struct packed_rrset_data* pd, ldns_buffer* buf)
+rr_is_duplicate(struct packed_rrset_data* pd, uint8_t* rdata, size_t rdata_len)
 {
 	size_t i;
 	for(i=0; i<pd->count; i++) {
-		if(ldns_buffer_limit(buf) == pd->rr_len[i] &&
-			memcmp(ldns_buffer_begin(buf), pd->rr_data[i],
-				ldns_buffer_limit(buf)) == 0) 
+		if(pd->rr_len[i] == rdata_len &&
+			memcmp(pd->rr_data[i], rdata, rdata_len) == 0)
 			return 1;
 	}
 	return 0;
@@ -356,7 +335,7 @@ new_local_rrset(struct regional* region, struct local_data* node,
 /** insert RR into RRset data structure; Wastes a couple of bytes */
 static int
 insert_rr(struct regional* region, struct packed_rrset_data* pd,
-	ldns_buffer* buf, time_t ttl)
+	uint8_t* rdata, size_t rdata_len, time_t ttl)
 {
 	size_t* oldlen = pd->rr_len;
 	time_t* oldttl = pd->rr_ttl;
@@ -379,10 +358,9 @@ insert_rr(struct regional* region, struct packed_rrset_data* pd,
 		memcpy(pd->rr_data+1, olddata, 
 			sizeof(*pd->rr_data)*(pd->count-1));
 	}
-	pd->rr_len[0] = ldns_buffer_limit(buf);
+	pd->rr_len[0] = rdata_len;
 	pd->rr_ttl[0] = ttl;
-	pd->rr_data[0] = regional_alloc_init(region,
-		ldns_buffer_begin(buf), ldns_buffer_limit(buf));
+	pd->rr_data[0] = regional_alloc_init(region, rdata, rdata_len);
 	if(!pd->rr_data[0]) {
 		log_err("out of memory");
 		return 0;
@@ -440,8 +418,7 @@ lz_find_create_node(struct local_zone* z, uint8_t* nm, size_t nmlen,
 
 /** enter data RR into auth zone */
 static int
-lz_enter_rr_into_zone(struct local_zone* z, ldns_buffer* buf,
-	const char* rrstr)
+lz_enter_rr_into_zone(struct local_zone* z, const char* rrstr)
 {
 	uint8_t* nm;
 	size_t nmlen;
@@ -451,7 +428,11 @@ lz_enter_rr_into_zone(struct local_zone* z, ldns_buffer* buf,
 	struct packed_rrset_data* pd;
 	uint16_t rrtype = 0, rrclass = 0;
 	time_t ttl = 0;
-	if(!get_rr_content(rrstr, &nm, &rrtype, &rrclass, &ttl, buf)) {
+	uint8_t rr[LDNS_RR_BUF_SIZE];
+	uint8_t* rdata;
+	size_t rdata_len;
+	if(!get_rr_content(rrstr, &nm, &rrtype, &rrclass, &ttl, rr, sizeof(rr),
+		&rdata, &rdata_len)) {
 		log_err("bad local-data: %s", rrstr);
 		return 0;
 	}
@@ -487,16 +468,16 @@ lz_enter_rr_into_zone(struct local_zone* z, ldns_buffer* buf,
 	log_assert(rrset && pd);
 
 	/* check for duplicate RR */
-	if(rr_is_duplicate(pd, buf)) {
+	if(rr_is_duplicate(pd, rdata, rdata_len)) {
 		verbose(VERB_ALGO, "ignoring duplicate RR: %s", rrstr);
 		return 1;
 	} 
-	return insert_rr(z->region, pd, buf, ttl);
+	return insert_rr(z->region, pd, rdata, rdata_len, ttl);
 }
 
 /** enter a data RR into auth data; a zone for it must exist */
 static int
-lz_enter_rr_str(struct local_zones* zones, const char* rr, ldns_buffer* buf)
+lz_enter_rr_str(struct local_zones* zones, const char* rr)
 {
 	uint8_t* rr_name;
 	uint16_t rr_class;
@@ -509,16 +490,16 @@ lz_enter_rr_str(struct local_zones* zones, const char* rr, ldns_buffer* buf)
 		return 0;
 	}
 	labs = dname_count_size_labels(rr_name, &len);
-	lock_quick_lock(&zones->lock);
+	lock_rw_rdlock(&zones->lock);
 	z = local_zones_lookup(zones, rr_name, len, labs, rr_class);
 	if(!z) {
-		lock_quick_unlock(&zones->lock);
+		lock_rw_unlock(&zones->lock);
 		fatal_exit("internal error: no zone for rr %s", rr);
 	}
 	lock_rw_wrlock(&z->lock);
-	lock_quick_unlock(&zones->lock);
+	lock_rw_unlock(&zones->lock);
 	free(rr_name);
-	r = lz_enter_rr_into_zone(z, buf, rr);
+	r = lz_enter_rr_into_zone(z, rr);
 	lock_rw_unlock(&z->lock);
 	return r;
 }
@@ -549,13 +530,13 @@ lz_exists(struct local_zones* zones, const char* name)
 		log_err("bad name %s", name);
 		return 0;
 	}
-	lock_quick_lock(&zones->lock);
+	lock_rw_rdlock(&zones->lock);
 	if(rbtree_search(&zones->ztree, &z.node)) {
-		lock_quick_unlock(&zones->lock);
+		lock_rw_unlock(&zones->lock);
 		free(z.name);
 		return 1;
 	}
-	lock_quick_unlock(&zones->lock);
+	lock_rw_unlock(&zones->lock);
 	free(z.name);
 	return 0;
 }
@@ -582,7 +563,7 @@ lz_nodefault(struct config_file* cfg, const char* name)
 /** enter AS112 default zone */
 static int
 add_as112_default(struct local_zones* zones, struct config_file* cfg,
-        ldns_buffer* buf, const char* name)
+        const char* name)
 {
 	struct local_zone* z;
 	char str[1024]; /* known long enough */
@@ -592,12 +573,12 @@ add_as112_default(struct local_zones* zones, struct config_file* cfg,
 		return 0;
 	snprintf(str, sizeof(str), "%s 10800 IN SOA localhost. "
 		"nobody.invalid. 1 3600 1200 604800 10800", name);
-	if(!lz_enter_rr_into_zone(z, buf, str)) {
+	if(!lz_enter_rr_into_zone(z, str)) {
 		lock_rw_unlock(&z->lock);
 		return 0;
 	}
 	snprintf(str, sizeof(str), "%s 10800 IN NS localhost. ", name);
-	if(!lz_enter_rr_into_zone(z, buf, str)) {
+	if(!lz_enter_rr_into_zone(z, str)) {
 		lock_rw_unlock(&z->lock);
 		return 0;
 	}
@@ -607,8 +588,7 @@ add_as112_default(struct local_zones* zones, struct config_file* cfg,
 
 /** enter default zones */
 static int
-lz_enter_defaults(struct local_zones* zones, struct config_file* cfg,
-	ldns_buffer* buf)
+lz_enter_defaults(struct local_zones* zones, struct config_file* cfg)
 {
 	struct local_zone* z;
 
@@ -619,14 +599,14 @@ lz_enter_defaults(struct local_zones* zones, struct config_file* cfg,
 		!lz_nodefault(cfg, "localhost.")) {
 		if(!(z=lz_enter_zone(zones, "localhost.", "static", 
 			LDNS_RR_CLASS_IN)) ||
-		   !lz_enter_rr_into_zone(z, buf,
+		   !lz_enter_rr_into_zone(z,
 			"localhost. 10800 IN NS localhost.") ||
-		   !lz_enter_rr_into_zone(z, buf,
+		   !lz_enter_rr_into_zone(z,
 			"localhost. 10800 IN SOA localhost. nobody.invalid. "
 			"1 3600 1200 604800 10800") ||
-		   !lz_enter_rr_into_zone(z, buf,
+		   !lz_enter_rr_into_zone(z,
 			"localhost. 10800 IN A 127.0.0.1") ||
-		   !lz_enter_rr_into_zone(z, buf,
+		   !lz_enter_rr_into_zone(z,
 			"localhost. 10800 IN AAAA ::1")) {
 			log_err("out of memory adding default zone");
 			if(z) { lock_rw_unlock(&z->lock); }
@@ -639,12 +619,12 @@ lz_enter_defaults(struct local_zones* zones, struct config_file* cfg,
 		!lz_nodefault(cfg, "127.in-addr.arpa.")) {
 		if(!(z=lz_enter_zone(zones, "127.in-addr.arpa.", "static", 
 			LDNS_RR_CLASS_IN)) ||
-		   !lz_enter_rr_into_zone(z, buf,
+		   !lz_enter_rr_into_zone(z,
 			"127.in-addr.arpa. 10800 IN NS localhost.") ||
-		   !lz_enter_rr_into_zone(z, buf,
+		   !lz_enter_rr_into_zone(z,
 			"127.in-addr.arpa. 10800 IN SOA localhost. "
 			"nobody.invalid. 1 3600 1200 604800 10800") ||
-		   !lz_enter_rr_into_zone(z, buf,
+		   !lz_enter_rr_into_zone(z,
 			"1.0.0.127.in-addr.arpa. 10800 IN PTR localhost.")) {
 			log_err("out of memory adding default zone");
 			if(z) { lock_rw_unlock(&z->lock); }
@@ -657,12 +637,12 @@ lz_enter_defaults(struct local_zones* zones, struct config_file* cfg,
 		!lz_nodefault(cfg, "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.")) {
 		if(!(z=lz_enter_zone(zones, "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.", "static", 
 			LDNS_RR_CLASS_IN)) ||
-		   !lz_enter_rr_into_zone(z, buf,
+		   !lz_enter_rr_into_zone(z,
 			"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. 10800 IN NS localhost.") ||
-		   !lz_enter_rr_into_zone(z, buf,
+		   !lz_enter_rr_into_zone(z,
 			"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. 10800 IN SOA localhost. "
 			"nobody.invalid. 1 3600 1200 604800 10800") ||
-		   !lz_enter_rr_into_zone(z, buf,
+		   !lz_enter_rr_into_zone(z,
 			"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. 10800 IN PTR localhost.")) {
 			log_err("out of memory adding default zone");
 			if(z) { lock_rw_unlock(&z->lock); }
@@ -670,37 +650,37 @@ lz_enter_defaults(struct local_zones* zones, struct config_file* cfg,
 		}
 		lock_rw_unlock(&z->lock);
 	}
-	if (	!add_as112_default(zones, cfg, buf, "10.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "16.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "17.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "18.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "19.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "20.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "21.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "22.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "23.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "24.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "25.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "26.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "27.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "28.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "29.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "30.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "31.172.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "168.192.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "0.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "254.169.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "2.0.192.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "100.51.198.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "113.0.203.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "255.255.255.255.in-addr.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "d.f.ip6.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "8.e.f.ip6.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "9.e.f.ip6.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "a.e.f.ip6.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "b.e.f.ip6.arpa.") ||
-		!add_as112_default(zones, cfg, buf, "8.b.d.0.1.0.0.2.ip6.arpa.")) {
+	if (	!add_as112_default(zones, cfg, "10.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "16.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "17.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "18.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "19.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "20.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "21.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "22.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "23.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "24.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "25.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "26.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "27.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "28.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "29.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "30.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "31.172.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "168.192.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "0.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "254.169.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "2.0.192.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "100.51.198.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "113.0.203.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "255.255.255.255.in-addr.arpa.") ||
+		!add_as112_default(zones, cfg, "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.") ||
+		!add_as112_default(zones, cfg, "d.f.ip6.arpa.") ||
+		!add_as112_default(zones, cfg, "8.e.f.ip6.arpa.") ||
+		!add_as112_default(zones, cfg, "9.e.f.ip6.arpa.") ||
+		!add_as112_default(zones, cfg, "a.e.f.ip6.arpa.") ||
+		!add_as112_default(zones, cfg, "b.e.f.ip6.arpa.") ||
+		!add_as112_default(zones, cfg, "8.b.d.0.1.0.0.2.ip6.arpa.")) {
 		log_err("out of memory adding default zone");
 		return 0;
 	}
@@ -713,7 +693,7 @@ init_parents(struct local_zones* zones)
 {
         struct local_zone* node, *prev = NULL, *p;
         int m;
-	lock_quick_lock(&zones->lock);
+	lock_rw_wrlock(&zones->lock);
         RBTREE_FOR(node, struct local_zone*, &zones->ztree) {
 		lock_rw_wrlock(&node->lock);
                 node->parent = NULL;
@@ -738,7 +718,7 @@ init_parents(struct local_zones* zones)
                 prev = node;
 		lock_rw_unlock(&node->lock);
         }
-	lock_quick_unlock(&zones->lock);
+	lock_rw_unlock(&zones->lock);
 }
 
 /** enter implicit transparent zone for local-data: without local-zone: */
@@ -768,7 +748,7 @@ lz_setup_implicit(struct local_zones* zones, struct config_file* cfg)
 			return 0;
 		}
 		labs = dname_count_size_labels(rr_name, &len);
-		lock_quick_lock(&zones->lock);
+		lock_rw_rdlock(&zones->lock);
 		if(!local_zones_lookup(zones, rr_name, len, labs, rr_class)) {
 			if(!have_name) {
 				dclass = rr_class;
@@ -783,7 +763,7 @@ lz_setup_implicit(struct local_zones* zones, struct config_file* cfg)
 					/* process other classes later */
 					free(rr_name);
 					have_other_classes = 1;
-					lock_quick_unlock(&zones->lock);
+					lock_rw_unlock(&zones->lock);
 					continue;
 				}
 				/* find smallest shared topdomain */
@@ -794,7 +774,7 @@ lz_setup_implicit(struct local_zones* zones, struct config_file* cfg)
 					match = m;
 			}
 		} else free(rr_name);
-		lock_quick_unlock(&zones->lock);
+		lock_rw_unlock(&zones->lock);
 	}
 	if(have_name) {
 		uint8_t* n2;
@@ -825,12 +805,11 @@ lz_setup_implicit(struct local_zones* zones, struct config_file* cfg)
 
 /** enter auth data */
 static int
-lz_enter_data(struct local_zones* zones, struct config_file* cfg,
-	ldns_buffer* buf)
+lz_enter_data(struct local_zones* zones, struct config_file* cfg)
 {
 	struct config_strlist* p;
 	for(p = cfg->local_data; p; p = p->next) {
-		if(!lz_enter_rr_str(zones, p->str, buf))
+		if(!lz_enter_rr_str(zones, p->str))
 			return 0;
 	}
 	return 1;
@@ -851,35 +830,27 @@ lz_freeup_cfg(struct config_file* cfg)
 int 
 local_zones_apply_cfg(struct local_zones* zones, struct config_file* cfg)
 {
-	ldns_buffer* buf = ldns_buffer_new(65535);
-	if(!buf) fatal_exit("cannot create temporary buffer");
-
 	/* create zones from zone statements. */
 	if(!lz_enter_zones(zones, cfg)) {
-		ldns_buffer_free(buf);
 		return 0;
 	}
 	/* apply default zones+content (unless disabled, or overridden) */
-	if(!lz_enter_defaults(zones, cfg, buf)) {
-		ldns_buffer_free(buf);
+	if(!lz_enter_defaults(zones, cfg)) {
 		return 0;
 	}
 	/* create implicit transparent zone from data. */
 	if(!lz_setup_implicit(zones, cfg)) {
-		ldns_buffer_free(buf);
 		return 0;
 	}
 
 	/* setup parent ptrs for lookup during data entry */
 	init_parents(zones);
 	/* insert local data */
-	if(!lz_enter_data(zones, cfg, buf)) {
-		ldns_buffer_free(buf);
+	if(!lz_enter_data(zones, cfg)) {
 		return 0;
 	}
 	/* freeup memory from cfg struct. */
 	lz_freeup_cfg(cfg);
-	ldns_buffer_free(buf);
 	return 1;
 }
 
@@ -948,7 +919,7 @@ local_zone_out(struct local_zone* z)
 void local_zones_print(struct local_zones* zones)
 {
 	struct local_zone* z;
-	lock_quick_lock(&zones->lock);
+	lock_rw_rdlock(&zones->lock);
 	log_info("number of auth zones %u", (unsigned)zones->ztree.count);
 	RBTREE_FOR(z, struct local_zone*, &zones->ztree) {
 		lock_rw_rdlock(&z->lock);
@@ -985,13 +956,13 @@ void local_zones_print(struct local_zones* zones)
 		local_zone_out(z);
 		lock_rw_unlock(&z->lock);
 	}
-	lock_quick_unlock(&zones->lock);
+	lock_rw_unlock(&zones->lock);
 }
 
 /** encode answer consisting of 1 rrset */
 static int
 local_encode(struct query_info* qinfo, struct edns_data* edns, 
-	ldns_buffer* buf, struct regional* temp, 
+	sldns_buffer* buf, struct regional* temp, 
 	struct ub_packed_rrset_key* rrset, int ansec, int rcode)
 {
 	struct reply_info rep;
@@ -1011,20 +982,20 @@ local_encode(struct query_info* qinfo, struct edns_data* edns,
 	edns->ext_rcode = 0;
 	edns->bits &= EDNS_DO;
 	if(!reply_info_answer_encode(qinfo, &rep, 
-		*(uint16_t*)ldns_buffer_begin(buf),
-		ldns_buffer_read_u16_at(buf, 2),
+		*(uint16_t*)sldns_buffer_begin(buf),
+		sldns_buffer_read_u16_at(buf, 2),
 		buf, 0, 0, temp, udpsize, edns, 
 		(int)(edns->bits&EDNS_DO), 0))
 		error_encode(buf, (LDNS_RCODE_SERVFAIL|BIT_AA), qinfo,
-			*(uint16_t*)ldns_buffer_begin(buf),
-		       ldns_buffer_read_u16_at(buf, 2), edns);
+			*(uint16_t*)sldns_buffer_begin(buf),
+		       sldns_buffer_read_u16_at(buf, 2), edns);
 	return 1;
 }
 
 /** answer local data match */
 static int
 local_data_answer(struct local_zone* z, struct query_info* qinfo,
-	struct edns_data* edns, ldns_buffer* buf, struct regional* temp,
+	struct edns_data* edns, sldns_buffer* buf, struct regional* temp,
 	int labs, struct local_data** ldp)
 {
 	struct local_data key;
@@ -1071,18 +1042,18 @@ local_data_answer(struct local_zone* z, struct query_info* qinfo,
  */
 static int
 lz_zone_answer(struct local_zone* z, struct query_info* qinfo,
-	struct edns_data* edns, ldns_buffer* buf, struct regional* temp,
+	struct edns_data* edns, sldns_buffer* buf, struct regional* temp,
 	struct local_data* ld)
 {
 	if(z->type == local_zone_deny) {
 		/** no reply at all, signal caller by clearing buffer. */
-		ldns_buffer_clear(buf);
-		ldns_buffer_flip(buf);
+		sldns_buffer_clear(buf);
+		sldns_buffer_flip(buf);
 		return 1;
 	} else if(z->type == local_zone_refuse) {
 		error_encode(buf, (LDNS_RCODE_REFUSED|BIT_AA), qinfo,
-			*(uint16_t*)ldns_buffer_begin(buf),
-		       ldns_buffer_read_u16_at(buf, 2), edns);
+			*(uint16_t*)sldns_buffer_begin(buf),
+		       sldns_buffer_read_u16_at(buf, 2), edns);
 		return 1;
 	} else if(z->type == local_zone_static ||
 		z->type == local_zone_redirect) {
@@ -1098,8 +1069,8 @@ lz_zone_answer(struct local_zone* z, struct query_info* qinfo,
 			return local_encode(qinfo, edns, buf, temp, 
 				z->soa, 0, rcode);
 		error_encode(buf, (rcode|BIT_AA), qinfo, 
-			*(uint16_t*)ldns_buffer_begin(buf), 
-			ldns_buffer_read_u16_at(buf, 2), edns);
+			*(uint16_t*)sldns_buffer_begin(buf), 
+			sldns_buffer_read_u16_at(buf, 2), edns);
 		return 1;
 	} else if(z->type == local_zone_typetransparent) {
 		/* no NODATA or NXDOMAINS for this zone type */
@@ -1115,8 +1086,8 @@ lz_zone_answer(struct local_zone* z, struct query_info* qinfo,
 			return local_encode(qinfo, edns, buf, temp, 
 				z->soa, 0, rcode);
 		error_encode(buf, (rcode|BIT_AA), qinfo, 
-			*(uint16_t*)ldns_buffer_begin(buf), 
-			ldns_buffer_read_u16_at(buf, 2), edns);
+			*(uint16_t*)sldns_buffer_begin(buf), 
+			sldns_buffer_read_u16_at(buf, 2), edns);
 		return 1;
 	}
 
@@ -1126,7 +1097,7 @@ lz_zone_answer(struct local_zone* z, struct query_info* qinfo,
 
 int 
 local_zones_answer(struct local_zones* zones, struct query_info* qinfo,
-	struct edns_data* edns, ldns_buffer* buf, struct regional* temp)
+	struct edns_data* edns, sldns_buffer* buf, struct regional* temp)
 {
 	/* see if query is covered by a zone,
 	 * 	if so:	- try to match (exact) local data 
@@ -1135,15 +1106,15 @@ local_zones_answer(struct local_zones* zones, struct query_info* qinfo,
 	struct local_data* ld;
 	struct local_zone* z;
 	int r;
-	lock_quick_lock(&zones->lock);
+	lock_rw_rdlock(&zones->lock);
 	z = local_zones_lookup(zones, qinfo->qname,
 		qinfo->qname_len, labs, qinfo->qclass);
 	if(!z) {
-		lock_quick_unlock(&zones->lock);
+		lock_rw_unlock(&zones->lock);
 		return 0;
 	}
 	lock_rw_rdlock(&z->lock);
-	lock_quick_unlock(&zones->lock);
+	lock_rw_unlock(&zones->lock);
 
 	if(local_data_answer(z, qinfo, edns, buf, temp, labs, &ld)) {
 		lock_rw_unlock(&z->lock);
@@ -1255,7 +1226,7 @@ void local_zones_del_zone(struct local_zones* zones, struct local_zone* z)
 }
 
 int
-local_zones_add_RR(struct local_zones* zones, const char* rr, ldns_buffer* buf)
+local_zones_add_RR(struct local_zones* zones, const char* rr)
 {
 	uint8_t* rr_name;
 	uint16_t rr_class;
@@ -1267,21 +1238,23 @@ local_zones_add_RR(struct local_zones* zones, const char* rr, ldns_buffer* buf)
 		return 0;
 	}
 	labs = dname_count_size_labels(rr_name, &len);
-	lock_quick_lock(&zones->lock);
+	/* could first try readlock then get writelock if zone does not exist,
+	 * but we do not add enough RRs (from multiple threads) to optimize */
+	lock_rw_wrlock(&zones->lock);
 	z = local_zones_lookup(zones, rr_name, len, labs, rr_class);
 	if(!z) {
 		z = local_zones_add_zone(zones, rr_name, len, labs, rr_class,
 			local_zone_transparent);
 		if(!z) {
-			lock_quick_unlock(&zones->lock);
+			lock_rw_unlock(&zones->lock);
 			return 0;
 		}
 	} else {
 		free(rr_name);
 	}
 	lock_rw_wrlock(&z->lock);
-	lock_quick_unlock(&zones->lock);
-	r = lz_enter_rr_into_zone(z, buf, rr);
+	lock_rw_unlock(&zones->lock);
+	r = lz_enter_rr_into_zone(z, rr);
 	lock_rw_unlock(&z->lock);
 	return r;
 }
@@ -1326,15 +1299,15 @@ void local_zones_del_data(struct local_zones* zones,
 	/* find zone */
 	struct local_zone* z;
 	struct local_data* d;
-	lock_quick_lock(&zones->lock);
+	lock_rw_rdlock(&zones->lock);
 	z = local_zones_lookup(zones, name, len, labs, dclass);
 	if(!z) {
 		/* no such zone, we're done */
-		lock_quick_unlock(&zones->lock);
+		lock_rw_unlock(&zones->lock);
 		return;
 	}
 	lock_rw_wrlock(&z->lock);
-	lock_quick_unlock(&zones->lock);
+	lock_rw_unlock(&zones->lock);
 
 	/* find the domain */
 	d = lz_find_node(z, name, len, labs);

services/localzone.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -48,6 +48,7 @@ struct regional;
 struct config_file;
 struct edns_data;
 struct query_info;
+struct sldns_buffer;
 
 /**
  * Local zone type
@@ -77,7 +78,7 @@ enum localzone_type {
  */
 struct local_zones {
 	/** lock on the localzone tree */
-	lock_quick_t lock;
+	lock_rw_t lock;
 	/** rbtree of struct local_zone */
 	rbtree_t ztree;
 };
@@ -224,7 +225,7 @@ void local_zones_print(struct local_zones* zones);
  * value is true, but the buffer is cleared (empty).
  */
 int local_zones_answer(struct local_zones* zones, struct query_info* qinfo,
-	struct edns_data* edns, ldns_buffer* buf, struct regional* temp);
+	struct edns_data* edns, struct sldns_buffer* buf, struct regional* temp);
 
 /**
  * Parse the string into localzone type.
@@ -286,11 +287,9 @@ void local_zones_del_zone(struct local_zones* zones, struct local_zone* zone);
  * name of the RR is created.
  * @param zones: the zones tree. Not locked by caller.
  * @param rr: string with on RR.
- * @param buf: buffer for scratch.
  * @return false on failure.
  */
-int local_zones_add_RR(struct local_zones* zones, const char* rr, 
-	ldns_buffer* buf);
+int local_zones_add_RR(struct local_zones* zones, const char* rr);
 
 /**
  * Remove data from domain name in the tree.

services/mesh.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -43,7 +43,6 @@
  * send back to clients.
  */
 #include "config.h"
-#include <ldns/wire2host.h>
 #include "services/mesh.h"
 #include "services/outbound_list.h"
 #include "services/cache/dns.h"
@@ -56,6 +55,7 @@
 #include "util/fptr_wlist.h"
 #include "util/alloc.h"
 #include "util/config_file.h"
+#include "ldns/sbuffer.h"
 
 /** subtract timers and the values do not overflow or become negative */
 static void
@@ -162,7 +162,7 @@ mesh_create(struct module_stack* stack, struct module_env* env)
 		return NULL;
 	}
 	mesh->histogram = timehist_setup();
-	mesh->qbuf_bak = ldns_buffer_new(env->cfg->msg_buffer_size);
+	mesh->qbuf_bak = sldns_buffer_new(env->cfg->msg_buffer_size);
 	if(!mesh->histogram || !mesh->qbuf_bak) {
 		free(mesh);
 		log_err("mesh area alloc: out of memory");
@@ -210,7 +210,7 @@ mesh_delete(struct mesh_area* mesh)
 	while(mesh->all.count)
 		mesh_delete_helper(mesh->all.root);
 	timehist_delete(mesh->histogram);
-	ldns_buffer_free(mesh->qbuf_bak);
+	sldns_buffer_free(mesh->qbuf_bak);
 	free(mesh);
 }
 
@@ -234,7 +234,7 @@ mesh_delete_all(struct mesh_area* mesh)
 	mesh->jostle_last = NULL;
 }
 
-int mesh_make_new_space(struct mesh_area* mesh, ldns_buffer* qbuf)
+int mesh_make_new_space(struct mesh_area* mesh, sldns_buffer* qbuf)
 {
 	struct mesh_state* m = mesh->jostle_first;
 	/* free space is available */
@@ -253,7 +253,7 @@ int mesh_make_new_space(struct mesh_area* mesh, ldns_buffer* qbuf)
 				m->s.qinfo.qname, m->s.qinfo.qtype,
 				m->s.qinfo.qclass);
 			/* backup the query */
-			if(qbuf) ldns_buffer_copy(mesh->qbuf_bak, qbuf);
+			if(qbuf) sldns_buffer_copy(mesh->qbuf_bak, qbuf);
 			/* notify supers */
 			if(m->super_set.count > 0) {
 				verbose(VERB_ALGO, "notify supers of failure");
@@ -265,7 +265,7 @@ int mesh_make_new_space(struct mesh_area* mesh, ldns_buffer* qbuf)
 			mesh_state_delete(&m->s);
 			/* restore the query - note that the qinfo ptr to
 			 * the querybuffer is then correct again. */
-			if(qbuf) ldns_buffer_copy(qbuf, mesh->qbuf_bak);
+			if(qbuf) sldns_buffer_copy(qbuf, mesh->qbuf_bak);
 			return 1;
 		}
 	}
@@ -372,7 +372,7 @@ void mesh_new_client(struct mesh_area* mesh, struct query_info* qinfo,
 
 int 
 mesh_new_callback(struct mesh_area* mesh, struct query_info* qinfo,
-	uint16_t qflags, struct edns_data* edns, ldns_buffer* buf, 
+	uint16_t qflags, struct edns_data* edns, sldns_buffer* buf, 
 	uint16_t qid, mesh_cb_func_t cb, void* cb_arg)
 {
 	struct mesh_state* s = mesh_area_find(mesh, qinfo, qflags&BIT_RD, 0);
@@ -800,7 +800,7 @@ mesh_do_callback(struct mesh_state* m, int rcode, struct reply_info* rep,
 		(*r->cb)(r->cb_arg, rcode, r->buf, sec_status_unchecked, NULL);
 	} else {
 		size_t udp_size = r->edns.udp_size;
-		ldns_buffer_clear(r->buf);
+		sldns_buffer_clear(r->buf);
 		r->edns.edns_version = EDNS_ADVERTISED_VERSION;
 		r->edns.udp_size = EDNS_ADVERTISED_SIZE;
 		r->edns.ext_rcode = 0;
@@ -858,11 +858,11 @@ mesh_send_reply(struct mesh_state* m, int rcode, struct reply_info* rep,
 		prev->edns.udp_size == r->edns.udp_size) {
 		/* if the previous reply is identical to this one, fix ID */
 		if(prev->query_reply.c->buffer != r->query_reply.c->buffer)
-			ldns_buffer_copy(r->query_reply.c->buffer, 
+			sldns_buffer_copy(r->query_reply.c->buffer, 
 				prev->query_reply.c->buffer);
-		ldns_buffer_write_at(r->query_reply.c->buffer, 0, 
+		sldns_buffer_write_at(r->query_reply.c->buffer, 0, 
 			&r->qid, sizeof(uint16_t));
-		ldns_buffer_write_at(r->query_reply.c->buffer, 12, 
+		sldns_buffer_write_at(r->query_reply.c->buffer, 12, 
 			r->qname, m->s.qinfo.qname_len);
 		comm_point_send_reply(&r->query_reply);
 	} else if(rcode) {
@@ -892,17 +892,17 @@ mesh_send_reply(struct mesh_state* m, int rcode, struct reply_info* rep,
 	m->s.env->mesh->num_reply_addrs--;
 	end_time = *m->s.env->now_tv;
 	timeval_subtract(&duration, &end_time, &r->start_time);
-	verbose(VERB_ALGO, "query took %lld.%6.6d sec",
+	verbose(VERB_ALGO, "query took " ARG_LL "d.%6.6d sec",
 		(long long)duration.tv_sec, (int)duration.tv_usec);
 	m->s.env->mesh->replies_sent++;
 	timeval_add(&m->s.env->mesh->replies_sum_wait, &duration);
 	timehist_insert(m->s.env->mesh->histogram, &duration);
 	if(m->s.env->cfg->stat_extended) {
-		uint16_t rc = FLAGS_GET_RCODE(ldns_buffer_read_u16_at(r->
+		uint16_t rc = FLAGS_GET_RCODE(sldns_buffer_read_u16_at(r->
 			query_reply.c->buffer, 2));
 		if(secure) m->s.env->mesh->ans_secure++;
 		m->s.env->mesh->ans_rcode[ rc ] ++;
-		if(rc == 0 && LDNS_ANCOUNT(ldns_buffer_begin(r->
+		if(rc == 0 && LDNS_ANCOUNT(sldns_buffer_begin(r->
 			query_reply.c->buffer)) == 0)
 			m->s.env->mesh->ans_nodata++;
 	}
@@ -956,7 +956,7 @@ struct mesh_state* mesh_area_find(struct mesh_area* mesh,
 }
 
 int mesh_state_add_cb(struct mesh_state* s, struct edns_data* edns,
-        ldns_buffer* buf, mesh_cb_func_t cb, void* cb_arg,
+        sldns_buffer* buf, mesh_cb_func_t cb, void* cb_arg,
 	uint16_t qid, uint16_t qflags)
 {
 	struct mesh_cb* r = regional_alloc(s->s.region, 
@@ -1138,7 +1138,8 @@ mesh_stats(struct mesh_area* mesh, const char* str)
 		timeval_divide(&avg, &mesh->replies_sum_wait, 
 			mesh->replies_sent);
 		log_info("average recursion processing time "
-			"%lld.%6.6d sec", (long long)avg.tv_sec, (int)avg.tv_usec);
+			ARG_LL "d.%6.6d sec",
+			(long long)avg.tv_sec, (int)avg.tv_usec);
 		log_info("histogram of recursion processing times");
 		timehist_log(mesh->histogram, "recursions");
 	}
@@ -1167,7 +1168,7 @@ mesh_get_mem(struct mesh_area* mesh)
 	struct mesh_state* m;
 	size_t s = sizeof(*mesh) + sizeof(struct timehist) +
 		sizeof(struct th_buck)*mesh->histogram->num +
-		sizeof(ldns_buffer) + ldns_buffer_capacity(mesh->qbuf_bak);
+		sizeof(sldns_buffer) + sldns_buffer_capacity(mesh->qbuf_bak);
 	RBTREE_FOR(m, struct mesh_state*, &mesh->all) {
 		/* all, including m itself allocated in qstate region */
 		s += regional_get_mem(m->s.region);

services/mesh.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -51,6 +51,7 @@
 #include "util/data/msgparse.h"
 #include "util/module.h"
 #include "services/modstack.h"
+struct sldns_buffer;
 struct mesh_state;
 struct mesh_reply;
 struct mesh_cb;
@@ -125,7 +126,7 @@ struct mesh_area {
 
 	/** backup of query if other operations recurse and need the
 	 * network buffers */
-	ldns_buffer* qbuf_bak;
+	struct sldns_buffer* qbuf_bak;
 
 	/** double linked list of the run-to-completion query states.
 	 * These are query states with a reply */
@@ -219,7 +220,7 @@ struct mesh_reply {
  * Mesh result callback func.
  * called as func(cb_arg, rcode, buffer_with_reply, security, why_bogus);
  */
-typedef void (*mesh_cb_func_t)(void*, int, ldns_buffer*, enum sec_status, 
+typedef void (*mesh_cb_func_t)(void*, int, struct sldns_buffer*, enum sec_status, 
 	char*);
 
 /**
@@ -235,7 +236,7 @@ struct mesh_cb {
 	/** flags of query, for reply flags */
 	uint16_t qflags;
 	/** buffer for reply */
-	ldns_buffer* buf;
+	struct sldns_buffer* buf;
 
 	/** callback routine for results. if rcode != 0 buf has message.
 	 * called as cb(cb_arg, rcode, buf, sec_state);
@@ -294,7 +295,7 @@ void mesh_new_client(struct mesh_area* mesh, struct query_info* qinfo,
  * @return 0 on error.
  */
 int mesh_new_callback(struct mesh_area* mesh, struct query_info* qinfo,
-	uint16_t qflags, struct edns_data* edns, ldns_buffer* buf, 
+	uint16_t qflags, struct edns_data* edns, struct sldns_buffer* buf, 
 	uint16_t qid, mesh_cb_func_t cb, void* cb_arg);
 
 /**
@@ -473,7 +474,7 @@ int mesh_state_add_reply(struct mesh_state* s, struct edns_data* edns,
  * @return: 0 on alloc error.
  */
 int mesh_state_add_cb(struct mesh_state* s, struct edns_data* edns,
-        ldns_buffer* buf, mesh_cb_func_t cb, void* cb_arg, uint16_t qid, 
+        struct sldns_buffer* buf, mesh_cb_func_t cb, void* cb_arg, uint16_t qid, 
 	uint16_t qflags);
 
 /**
@@ -548,7 +549,7 @@ int mesh_state_ref_compare(const void* ap, const void* bp);
  *    You can pass NULL if there is no buffer that must be backed up.
  * @return false if no space is available.
  */
-int mesh_make_new_space(struct mesh_area* mesh, ldns_buffer* qbuf);
+int mesh_make_new_space(struct mesh_area* mesh, struct sldns_buffer* qbuf);
 
 /**
  * Insert mesh state into a double linked list.  Inserted at end.

services/modstack.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

services/modstack.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

services/outbound_list.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

services/outbound_list.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**

services/outside_network.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -45,7 +45,6 @@
 #  include <sys/types.h>
 #endif
 #include <sys/time.h>
-#include <ldns/wire2host.h>
 #include "services/outside_network.h"
 #include "services/listen_dnsport.h"
 #include "services/cache/infra.h"
@@ -58,6 +57,7 @@
 #include "util/net_help.h"
 #include "util/random.h"
 #include "util/fptr_wlist.h"
+#include "ldns/sbuffer.h"
 #ifdef HAVE_OPENSSL_SSL_H
 #include <openssl/ssl.h>
 #endif
@@ -76,10 +76,10 @@
 
 /** initiate TCP transaction for serviced query */
 static void serviced_tcp_initiate(struct outside_network* outnet, 
-	struct serviced_query* sq, ldns_buffer* buff);
+	struct serviced_query* sq, sldns_buffer* buff);
 /** with a fd available, randomize and send UDP */
 static int randomize_and_send_udp(struct outside_network* outnet, 
-	struct pending* pend, ldns_buffer* packet, int timeout);
+	struct pending* pend, sldns_buffer* packet, int timeout);
 
 int 
 pending_cmp(const void* key1, const void* key2)
@@ -263,9 +263,9 @@ outnet_tcp_take_into_use(struct waiting_tcp* w, uint8_t* pkt, size_t pkt_len)
 	pend->query = w;
 	pend->c->repinfo.addrlen = w->addrlen;
 	memcpy(&pend->c->repinfo.addr, &w->addr, w->addrlen);
-	ldns_buffer_clear(pend->c->buffer);
-	ldns_buffer_write(pend->c->buffer, pkt, pkt_len);
-	ldns_buffer_flip(pend->c->buffer);
+	sldns_buffer_clear(pend->c->buffer);
+	sldns_buffer_write(pend->c->buffer, pkt, pkt_len);
+	sldns_buffer_flip(pend->c->buffer);
 	pend->c->tcp_is_reading = 0;
 	pend->c->tcp_byte_count = 0;
 	comm_point_start_listening(pend->c, s, -1);
@@ -325,8 +325,8 @@ outnet_tcp_cb(struct comm_point* c, void* arg, int error,
 		/* pass error below and exit */
 	} else {
 		/* check ID */
-		if(ldns_buffer_limit(c->buffer) < sizeof(uint16_t) ||
-			LDNS_ID_WIRE(ldns_buffer_begin(c->buffer))!=pend->id) {
+		if(sldns_buffer_limit(c->buffer) < sizeof(uint16_t) ||
+			LDNS_ID_WIRE(sldns_buffer_begin(c->buffer))!=pend->id) {
 			log_addr(VERB_QUERY, 
 				"outnettcp: bad ID in reply, from:",
 				&pend->query->addr, pend->query->addrlen);
@@ -372,18 +372,20 @@ outnet_send_wait_udp(struct outside_network* outnet)
 		pend = outnet->udp_wait_first;
 		outnet->udp_wait_first = pend->next_waiting;
 		if(!pend->next_waiting) outnet->udp_wait_last = NULL;
-		ldns_buffer_clear(outnet->udp_buff);
-		ldns_buffer_write(outnet->udp_buff, pend->pkt, pend->pkt_len);
-		ldns_buffer_flip(outnet->udp_buff);
+		sldns_buffer_clear(outnet->udp_buff);
+		sldns_buffer_write(outnet->udp_buff, pend->pkt, pend->pkt_len);
+		sldns_buffer_flip(outnet->udp_buff);
 		free(pend->pkt); /* freeing now makes get_mem correct */
 		pend->pkt = NULL; 
 		pend->pkt_len = 0;
 		if(!randomize_and_send_udp(outnet, pend, outnet->udp_buff, 
 			pend->timeout)) {
 			/* callback error on pending */
-			fptr_ok(fptr_whitelist_pending_udp(pend->cb));
-			(void)(*pend->cb)(outnet->unused_fds->cp, pend->cb_arg, 
-				NETEVENT_CLOSED, NULL);
+			if(pend->cb) {
+				fptr_ok(fptr_whitelist_pending_udp(pend->cb));
+				(void)(*pend->cb)(outnet->unused_fds->cp, pend->cb_arg, 
+					NETEVENT_CLOSED, NULL);
+			}
 			pending_delete(outnet, pend);
 		}
 	}
@@ -402,14 +404,14 @@ outnet_udp_cb(struct comm_point* c, void* arg, int error,
 		verbose(VERB_QUERY, "outnetudp got udp error %d", error);
 		return 0;
 	}
-	if(ldns_buffer_limit(c->buffer) < LDNS_HEADER_SIZE) {
+	if(sldns_buffer_limit(c->buffer) < LDNS_HEADER_SIZE) {
 		verbose(VERB_QUERY, "outnetudp udp too short");
 		return 0;
 	}
 	log_assert(reply_info);
 
 	/* setup lookup key */
-	key.id = (unsigned)LDNS_ID_WIRE(ldns_buffer_begin(c->buffer));
+	key.id = (unsigned)LDNS_ID_WIRE(sldns_buffer_begin(c->buffer));
 	memcpy(&key.addr, &reply_info->addr, reply_info->addrlen);
 	key.addrlen = reply_info->addrlen;
 	verbose(VERB_ALGO, "Incoming reply id = %4.4x", key.id);
@@ -460,8 +462,10 @@ outnet_udp_cb(struct comm_point* c, void* arg, int error,
 	verbose(VERB_ALGO, "outnet handle udp reply");
 	/* delete from tree first in case callback creates a retry */
 	(void)rbtree_delete(outnet->pending, p->node.key);
-	fptr_ok(fptr_whitelist_pending_udp(p->cb));
-	(void)(*p->cb)(p->pc->cp, p->cb_arg, NETEVENT_NOERROR, reply_info);
+	if(p->cb) {
+		fptr_ok(fptr_whitelist_pending_udp(p->cb));
+		(void)(*p->cb)(p->pc->cp, p->cb_arg, NETEVENT_NOERROR, reply_info);
+	}
 	portcomm_loweruse(outnet, p->pc);
 	pending_delete(NULL, p);
 	outnet_send_wait_udp(outnet);
@@ -496,6 +500,17 @@ calc_num46(char** ifs, int num_ifs, int do_ip4, int do_ip6,
 
 }
 
+void
+pending_udp_timer_delay_cb(void* arg)
+{
+	struct pending* p = (struct pending*)arg;
+	struct outside_network* outnet = p->outnet;
+	verbose(VERB_ALGO, "timeout udp with delay");
+	portcomm_loweruse(outnet, p->pc);
+	pending_delete(outnet, p);
+	outnet_send_wait_udp(outnet);
+}
+
 void 
 pending_udp_timer_cb(void *arg)
 {
@@ -503,8 +518,20 @@ pending_udp_timer_cb(void *arg)
 	struct outside_network* outnet = p->outnet;
 	/* it timed out */
 	verbose(VERB_ALGO, "timeout udp");
-	fptr_ok(fptr_whitelist_pending_udp(p->cb));
-	(void)(*p->cb)(p->pc->cp, p->cb_arg, NETEVENT_TIMEOUT, NULL);
+	if(p->cb) {
+		fptr_ok(fptr_whitelist_pending_udp(p->cb));
+		(void)(*p->cb)(p->pc->cp, p->cb_arg, NETEVENT_TIMEOUT, NULL);
+	}
+	/* if delayclose, keep port open for a longer time.
+	 * But if the udpwaitlist exists, then we are struggling to
+	 * keep up with demand for sockets, so do not wait, but service
+	 * the customer (customer service more important than portICMPs) */
+	if(outnet->delayclose && !outnet->udp_wait_first) {
+		p->cb = NULL;
+		p->timer->callback = &pending_udp_timer_delay_cb;
+		comm_timer_set(p->timer, &outnet->delay_tv);
+		return;
+	}
 	portcomm_loweruse(outnet, p->pc);
 	pending_delete(outnet, p);
 	outnet_send_wait_udp(outnet);
@@ -561,7 +588,7 @@ outside_network_create(struct comm_base *base, size_t bufsize,
 	struct ub_randstate* rnd, int use_caps_for_id, int* availports, 
 	int numavailports, size_t unwanted_threshold,
 	void (*unwanted_action)(void*), void* unwanted_param, int do_udp,
-	void* sslctx)
+	void* sslctx, int delayclose)
 {
 	struct outside_network* outnet = (struct outside_network*)
 		calloc(1, sizeof(struct outside_network));
@@ -583,6 +610,13 @@ outside_network_create(struct comm_base *base, size_t bufsize,
 	outnet->unwanted_param = unwanted_param;
 	outnet->use_caps_for_id = use_caps_for_id;
 	outnet->do_udp = do_udp;
+#ifndef S_SPLINT_S
+	if(delayclose) {
+		outnet->delayclose = 1;
+		outnet->delay_tv.tv_sec = delayclose/1000;
+		outnet->delay_tv.tv_usec = (delayclose%1000)*1000;
+	}
+#endif
 	if(numavailports == 0) {
 		log_err("no outgoing ports available");
 		outside_network_delete(outnet);
@@ -609,7 +643,7 @@ outside_network_create(struct comm_base *base, size_t bufsize,
 			return NULL;
 		}
 	}
-	if(	!(outnet->udp_buff = ldns_buffer_new(bufsize)) ||
+	if(	!(outnet->udp_buff = sldns_buffer_new(bufsize)) ||
 		!(outnet->pending = rbtree_create(pending_cmp)) ||
 		!(outnet->serviced = rbtree_create(serviced_cmp)) ||
 		!create_pending_tcp(outnet, bufsize)) {
@@ -731,7 +765,7 @@ outside_network_delete(struct outside_network* outnet)
 		free(outnet->serviced);
 	}
 	if(outnet->udp_buff)
-		ldns_buffer_free(outnet->udp_buff);
+		sldns_buffer_free(outnet->udp_buff);
 	if(outnet->unused_fds) {
 		struct port_comm* p = outnet->unused_fds, *np;
 		while(p) {
@@ -849,13 +883,13 @@ udp_sockport(struct sockaddr_storage* addr, socklen_t addrlen, int port,
 		sa->sin6_port = (in_port_t)htons((uint16_t)port);
 		fd = create_udp_sock(AF_INET6, SOCK_DGRAM, 
 			(struct sockaddr*)addr, addrlen, 1, inuse, &noproto,
-			0, 0);
+			0, 0, 0, NULL);
 	} else {
 		struct sockaddr_in* sa = (struct sockaddr_in*)addr;
 		sa->sin_port = (in_port_t)htons((uint16_t)port);
 		fd = create_udp_sock(AF_INET, SOCK_DGRAM, 
 			(struct sockaddr*)addr, addrlen, 1, inuse, &noproto,
-			0, 0);
+			0, 0, 0, NULL);
 	}
 	return fd;
 }
@@ -863,18 +897,18 @@ udp_sockport(struct sockaddr_storage* addr, socklen_t addrlen, int port,
 /** Select random ID */
 static int
 select_id(struct outside_network* outnet, struct pending* pend,
-	ldns_buffer* packet)
+	sldns_buffer* packet)
 {
 	int id_tries = 0;
 	pend->id = ((unsigned)ub_random(outnet->rnd)>>8) & 0xffff;
-	LDNS_ID_SET(ldns_buffer_begin(packet), pend->id);
+	LDNS_ID_SET(sldns_buffer_begin(packet), pend->id);
 
 	/* insert in tree */
 	pend->node.key = pend;
 	while(!rbtree_insert(outnet->pending, &pend->node)) {
 		/* change ID to avoid collision */
 		pend->id = ((unsigned)ub_random(outnet->rnd)>>8) & 0xffff;
-		LDNS_ID_SET(ldns_buffer_begin(packet), pend->id);
+		LDNS_ID_SET(sldns_buffer_begin(packet), pend->id);
 		id_tries++;
 		if(id_tries == MAX_ID_RETRY) {
 			pend->id=99999; /* non existant ID */
@@ -958,7 +992,7 @@ select_ifport(struct outside_network* outnet, struct pending* pend,
 
 static int
 randomize_and_send_udp(struct outside_network* outnet, struct pending* pend,
-	ldns_buffer* packet, int timeout)
+	sldns_buffer* packet, int timeout)
 {
 	struct timeval tv;
 
@@ -997,7 +1031,7 @@ randomize_and_send_udp(struct outside_network* outnet, struct pending* pend,
 }
 
 struct pending* 
-pending_udp_query(struct outside_network* outnet, ldns_buffer* packet, 
+pending_udp_query(struct outside_network* outnet, sldns_buffer* packet, 
 	struct sockaddr_storage* addr, socklen_t addrlen, int timeout,
 	comm_point_callback_t* cb, void* cb_arg)
 {
@@ -1020,8 +1054,8 @@ pending_udp_query(struct outside_network* outnet, ldns_buffer* packet,
 		/* no unused fd, cannot create a new port (randomly) */
 		verbose(VERB_ALGO, "no fds available, udp query waiting");
 		pend->timeout = timeout;
-		pend->pkt_len = ldns_buffer_limit(packet);
-		pend->pkt = (uint8_t*)memdup(ldns_buffer_begin(packet),
+		pend->pkt_len = sldns_buffer_limit(packet);
+		pend->pkt = (uint8_t*)memdup(sldns_buffer_begin(packet),
 			pend->pkt_len);
 		if(!pend->pkt) {
 			comm_timer_delete(pend->timer);
@@ -1080,7 +1114,7 @@ outnet_tcptimer(void* arg)
 }
 
 struct waiting_tcp* 
-pending_tcp_query(struct outside_network* outnet, ldns_buffer* packet, 
+pending_tcp_query(struct outside_network* outnet, sldns_buffer* packet, 
 	struct sockaddr_storage* addr, socklen_t addrlen, int timeout,
 	comm_point_callback_t* callback, void* callback_arg, int ssl_upstream)
 {
@@ -1090,7 +1124,7 @@ pending_tcp_query(struct outside_network* outnet, ldns_buffer* packet,
 	uint16_t id;
 	/* if no buffer is free allocate space to store query */
 	w = (struct waiting_tcp*)malloc(sizeof(struct waiting_tcp) 
-		+ (pend?0:ldns_buffer_limit(packet)));
+		+ (pend?0:sldns_buffer_limit(packet)));
 	if(!w) {
 		return NULL;
 	}
@@ -1101,7 +1135,7 @@ pending_tcp_query(struct outside_network* outnet, ldns_buffer* packet,
 	w->pkt = NULL;
 	w->pkt_len = 0;
 	id = ((unsigned)ub_random(outnet->rnd)>>8) & 0xffff;
-	LDNS_ID_SET(ldns_buffer_begin(packet), id);
+	LDNS_ID_SET(sldns_buffer_begin(packet), id);
 	memcpy(&w->addr, addr, addrlen);
 	w->addrlen = addrlen;
 	w->outnet = outnet;
@@ -1115,16 +1149,16 @@ pending_tcp_query(struct outside_network* outnet, ldns_buffer* packet,
 	comm_timer_set(w->timer, &tv);
 	if(pend) {
 		/* we have a buffer available right now */
-		if(!outnet_tcp_take_into_use(w, ldns_buffer_begin(packet),
-			ldns_buffer_limit(packet))) {
+		if(!outnet_tcp_take_into_use(w, sldns_buffer_begin(packet),
+			sldns_buffer_limit(packet))) {
 			waiting_tcp_delete(w);
 			return NULL;
 		}
 	} else {
 		/* queue up */
 		w->pkt = (uint8_t*)w + sizeof(struct waiting_tcp);
-		w->pkt_len = ldns_buffer_limit(packet);
-		memmove(w->pkt, ldns_buffer_begin(packet), w->pkt_len);
+		w->pkt_len = sldns_buffer_limit(packet);
+		memmove(w->pkt, sldns_buffer_begin(packet), w->pkt_len);
 		w->next_waiting = NULL;
 		if(outnet->tcp_wait_last)
 			outnet->tcp_wait_last->next_waiting = w;
@@ -1136,31 +1170,31 @@ pending_tcp_query(struct outside_network* outnet, ldns_buffer* packet,
 
 /** create query for serviced queries */
 static void
-serviced_gen_query(ldns_buffer* buff, uint8_t* qname, size_t qnamelen, 
+serviced_gen_query(sldns_buffer* buff, uint8_t* qname, size_t qnamelen, 
 	uint16_t qtype, uint16_t qclass, uint16_t flags)
 {
-	ldns_buffer_clear(buff);
+	sldns_buffer_clear(buff);
 	/* skip id */
-	ldns_buffer_write_u16(buff, flags);
-	ldns_buffer_write_u16(buff, 1); /* qdcount */
-	ldns_buffer_write_u16(buff, 0); /* ancount */
-	ldns_buffer_write_u16(buff, 0); /* nscount */
-	ldns_buffer_write_u16(buff, 0); /* arcount */
-	ldns_buffer_write(buff, qname, qnamelen);
-	ldns_buffer_write_u16(buff, qtype);
-	ldns_buffer_write_u16(buff, qclass);
-	ldns_buffer_flip(buff);
+	sldns_buffer_write_u16(buff, flags);
+	sldns_buffer_write_u16(buff, 1); /* qdcount */
+	sldns_buffer_write_u16(buff, 0); /* ancount */
+	sldns_buffer_write_u16(buff, 0); /* nscount */
+	sldns_buffer_write_u16(buff, 0); /* arcount */
+	sldns_buffer_write(buff, qname, qnamelen);
+	sldns_buffer_write_u16(buff, qtype);
+	sldns_buffer_write_u16(buff, qclass);
+	sldns_buffer_flip(buff);
 }
 
 /** lookup serviced query in serviced query rbtree */
 static struct serviced_query*
-lookup_serviced(struct outside_network* outnet, ldns_buffer* buff, int dnssec,
+lookup_serviced(struct outside_network* outnet, sldns_buffer* buff, int dnssec,
 	struct sockaddr_storage* addr, socklen_t addrlen)
 {
 	struct serviced_query key;
 	key.node.key = &key;
-	key.qbuf = ldns_buffer_begin(buff);
-	key.qbuflen = ldns_buffer_limit(buff);
+	key.qbuf = sldns_buffer_begin(buff);
+	key.qbuflen = sldns_buffer_limit(buff);
 	key.dnssec = dnssec;
 	memcpy(&key.addr, addr, addrlen);
 	key.addrlen = addrlen;
@@ -1170,7 +1204,7 @@ lookup_serviced(struct outside_network* outnet, ldns_buffer* buff, int dnssec,
 
 /** Create new serviced entry */
 static struct serviced_query*
-serviced_create(struct outside_network* outnet, ldns_buffer* buff, int dnssec,
+serviced_create(struct outside_network* outnet, sldns_buffer* buff, int dnssec,
 	int want_dnssec, int tcp_upstream, int ssl_upstream,
 	struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone,
 	size_t zonelen, int qtype)
@@ -1182,12 +1216,12 @@ serviced_create(struct outside_network* outnet, ldns_buffer* buff, int dnssec,
 	if(!sq) 
 		return NULL;
 	sq->node.key = sq;
-	sq->qbuf = memdup(ldns_buffer_begin(buff), ldns_buffer_limit(buff));
+	sq->qbuf = memdup(sldns_buffer_begin(buff), sldns_buffer_limit(buff));
 	if(!sq->qbuf) {
 		free(sq);
 		return NULL;
 	}
-	sq->qbuflen = ldns_buffer_limit(buff);
+	sq->qbuflen = sldns_buffer_limit(buff);
 	sq->zone = memdup(zone, zonelen);
 	if(!sq->zone) {
 		free(sq->qbuf);
@@ -1312,17 +1346,17 @@ serviced_perturb_qname(struct ub_randstate* rnd, uint8_t* qbuf, size_t len)
 
 /** put serviced query into a buffer */
 static void
-serviced_encode(struct serviced_query* sq, ldns_buffer* buff, int with_edns)
+serviced_encode(struct serviced_query* sq, sldns_buffer* buff, int with_edns)
 {
 	/* if we are using 0x20 bits for ID randomness, perturb them */
 	if(sq->outnet->use_caps_for_id) {
 		serviced_perturb_qname(sq->outnet->rnd, sq->qbuf, sq->qbuflen);
 	}
 	/* generate query */
-	ldns_buffer_clear(buff);
-	ldns_buffer_write_u16(buff, 0); /* id placeholder */
-	ldns_buffer_write(buff, sq->qbuf, sq->qbuflen);
-	ldns_buffer_flip(buff);
+	sldns_buffer_clear(buff);
+	sldns_buffer_write_u16(buff, 0); /* id placeholder */
+	sldns_buffer_write(buff, sq->qbuf, sq->qbuflen);
+	sldns_buffer_flip(buff);
 	if(with_edns) {
 		/* add edns section */
 		struct edns_data edns;
@@ -1346,7 +1380,7 @@ serviced_encode(struct serviced_query* sq, ldns_buffer* buff, int with_edns)
 		if(sq->dnssec & EDNS_DO)
 			edns.bits = EDNS_DO;
 		if(sq->dnssec & BIT_CD)
-			LDNS_CD_SET(ldns_buffer_begin(buff));
+			LDNS_CD_SET(sldns_buffer_begin(buff));
 		attach_edns_record(buff, &edns);
 	}
 }
@@ -1359,7 +1393,7 @@ serviced_encode(struct serviced_query* sq, ldns_buffer* buff, int with_edns)
  * @return 0 on error.
  */
 static int
-serviced_udp_send(struct serviced_query* sq, ldns_buffer* buff)
+serviced_udp_send(struct serviced_query* sq, sldns_buffer* buff)
 {
 	int rtt, vs;
 	uint8_t edns_lame_known;
@@ -1399,21 +1433,21 @@ serviced_udp_send(struct serviced_query* sq, ldns_buffer* buff)
 
 /** check that perturbed qname is identical */
 static int
-serviced_check_qname(ldns_buffer* pkt, uint8_t* qbuf, size_t qbuflen)
+serviced_check_qname(sldns_buffer* pkt, uint8_t* qbuf, size_t qbuflen)
 {
-	uint8_t* d1 = ldns_buffer_at(pkt, 12);
+	uint8_t* d1 = sldns_buffer_at(pkt, 12);
 	uint8_t* d2 = qbuf+10;
 	uint8_t len1, len2;
 	int count = 0;
 	log_assert(qbuflen >= 15 /* 10 header, root, type, class */);
 	len1 = *d1++;
 	len2 = *d2++;
-	if(ldns_buffer_limit(pkt) < 12+1+4) /* packet too small for qname */
+	if(sldns_buffer_limit(pkt) < 12+1+4) /* packet too small for qname */
 		return 0;
 	while(len1 != 0 || len2 != 0) {
 		if(LABEL_IS_PTR(len1)) {
-			d1 = ldns_buffer_at(pkt, PTR_OFFSET(len1, *d1));
-			if(d1 >= ldns_buffer_at(pkt, ldns_buffer_limit(pkt)))
+			d1 = sldns_buffer_at(pkt, PTR_OFFSET(len1, *d1));
+			if(d1 >= sldns_buffer_at(pkt, sldns_buffer_limit(pkt)))
 				return 0;
 			len1 = *d1++;
 			if(count++ > MAX_COMPRESS_PTRS)
@@ -1463,10 +1497,10 @@ serviced_callbacks(struct serviced_query* sq, int error, struct comm_point* c,
 	verbose(VERB_ALGO, "svcd callbacks start");
 	if(sq->outnet->use_caps_for_id && error == NETEVENT_NOERROR && c) {
 		/* noerror and nxdomain must have a qname in reply */
-		if(ldns_buffer_read_u16_at(c->buffer, 4) == 0 &&
-			(LDNS_RCODE_WIRE(ldns_buffer_begin(c->buffer))
+		if(sldns_buffer_read_u16_at(c->buffer, 4) == 0 &&
+			(LDNS_RCODE_WIRE(sldns_buffer_begin(c->buffer))
 				== LDNS_RCODE_NOERROR || 
-			 LDNS_RCODE_WIRE(ldns_buffer_begin(c->buffer))
+			 LDNS_RCODE_WIRE(sldns_buffer_begin(c->buffer))
 				== LDNS_RCODE_NXDOMAIN)) {
 			verbose(VERB_DETAIL, "no qname in reply to check 0x20ID");
 			log_addr(VERB_DETAIL, "from server", 
@@ -1474,7 +1508,7 @@ serviced_callbacks(struct serviced_query* sq, int error, struct comm_point* c,
 			log_buf(VERB_DETAIL, "for packet", c->buffer);
 			error = NETEVENT_CLOSED;
 			c = NULL;
-		} else if(ldns_buffer_read_u16_at(c->buffer, 4) > 0 &&
+		} else if(sldns_buffer_read_u16_at(c->buffer, 4) > 0 &&
 			!serviced_check_qname(c->buffer, sq->qbuf, 
 			sq->qbuflen)) {
 			verbose(VERB_DETAIL, "wrong 0x20-ID in reply qname");
@@ -1484,12 +1518,12 @@ serviced_callbacks(struct serviced_query* sq, int error, struct comm_point* c,
 			error = NETEVENT_CAPSFAIL;
 			/* and cleanup too */
 			pkt_dname_tolower(c->buffer, 
-				ldns_buffer_at(c->buffer, 12));
+				sldns_buffer_at(c->buffer, 12));
 		} else {
 			verbose(VERB_ALGO, "good 0x20-ID in reply qname");
 			/* cleanup caps, prettier cache contents. */
 			pkt_dname_tolower(c->buffer, 
-				ldns_buffer_at(c->buffer, 12));
+				sldns_buffer_at(c->buffer, 12));
 		}
 	}
 	if(dobackup && c) {
@@ -1497,8 +1531,8 @@ serviced_callbacks(struct serviced_query* sq, int error, struct comm_point* c,
 		 * may send outgoing queries that overwrite the buffer.
 		 * use secondary buffer to store the query.
 		 * This is a data copy, but faster than packet to server */
-		backlen = ldns_buffer_limit(c->buffer);
-		backup_p = memdup(ldns_buffer_begin(c->buffer), backlen);
+		backlen = sldns_buffer_limit(c->buffer);
+		backup_p = memdup(sldns_buffer_begin(c->buffer), backlen);
 		if(!backup_p) {
 			log_err("malloc failure in serviced query callbacks");
 			error = NETEVENT_CLOSED;
@@ -1510,9 +1544,9 @@ serviced_callbacks(struct serviced_query* sq, int error, struct comm_point* c,
 	while((p=sq->cblist) != NULL) {
 		sq->cblist = p->next; /* remove this element */
 		if(dobackup && c) {
-			ldns_buffer_clear(c->buffer);
-			ldns_buffer_write(c->buffer, backup_p, backlen);
-			ldns_buffer_flip(c->buffer);
+			sldns_buffer_clear(c->buffer);
+			sldns_buffer_write(c->buffer, backup_p, backlen);
+			sldns_buffer_flip(c->buffer);
 		}
 		fptr_ok(fptr_whitelist_serviced_query(p->cb));
 		(void)(*p->cb)(c, p->cb_arg, error, rep);
@@ -1541,8 +1575,8 @@ serviced_tcp_callback(struct comm_point* c, void* arg, int error,
 		infra_update_tcp_works(sq->outnet->infra, &sq->addr,
 			sq->addrlen, sq->zone, sq->zonelen);
 	if(error==NETEVENT_NOERROR && sq->status == serviced_query_TCP_EDNS &&
-		(LDNS_RCODE_WIRE(ldns_buffer_begin(c->buffer)) == 
-		LDNS_RCODE_FORMERR || LDNS_RCODE_WIRE(ldns_buffer_begin(
+		(LDNS_RCODE_WIRE(sldns_buffer_begin(c->buffer)) == 
+		LDNS_RCODE_FORMERR || LDNS_RCODE_WIRE(sldns_buffer_begin(
 		c->buffer)) == LDNS_RCODE_NOTIMPL) ) {
 		/* attempt to fallback to nonEDNS */
 		sq->status = serviced_query_TCP_EDNS_fallback;
@@ -1550,10 +1584,10 @@ serviced_tcp_callback(struct comm_point* c, void* arg, int error,
 		return 0;
 	} else if(error==NETEVENT_NOERROR && 
 		sq->status == serviced_query_TCP_EDNS_fallback &&
-			(LDNS_RCODE_WIRE(ldns_buffer_begin(c->buffer)) == 
+			(LDNS_RCODE_WIRE(sldns_buffer_begin(c->buffer)) == 
 			LDNS_RCODE_NOERROR || LDNS_RCODE_WIRE(
-			ldns_buffer_begin(c->buffer)) == LDNS_RCODE_NXDOMAIN 
-			|| LDNS_RCODE_WIRE(ldns_buffer_begin(c->buffer)) 
+			sldns_buffer_begin(c->buffer)) == LDNS_RCODE_NXDOMAIN 
+			|| LDNS_RCODE_WIRE(sldns_buffer_begin(c->buffer)) 
 			== LDNS_RCODE_YXDOMAIN)) {
 		/* the fallback produced a result that looks promising, note
 		 * that this server should be approached without EDNS */
@@ -1599,7 +1633,7 @@ serviced_tcp_callback(struct comm_point* c, void* arg, int error,
 
 static void
 serviced_tcp_initiate(struct outside_network* outnet, 
-	struct serviced_query* sq, ldns_buffer* buff)
+	struct serviced_query* sq, sldns_buffer* buff)
 {
 	verbose(VERB_ALGO, "initiate TCP query %s", 
 		sq->status==serviced_query_TCP_EDNS?"EDNS":"");
@@ -1618,7 +1652,7 @@ serviced_tcp_initiate(struct outside_network* outnet,
 
 /** Send serviced query over TCP return false on initial failure */
 static int
-serviced_tcp_send(struct serviced_query* sq, ldns_buffer* buff)
+serviced_tcp_send(struct serviced_query* sq, sldns_buffer* buff)
 {
 	int vs, rtt;
 	uint8_t edns_lame_known;
@@ -1697,9 +1731,9 @@ serviced_udp_callback(struct comm_point* c, void* arg, int error,
 	if(!fallback_tcp) {
 	    if( (sq->status == serviced_query_UDP_EDNS 
 	        ||sq->status == serviced_query_UDP_EDNS_FRAG)
-		&& (LDNS_RCODE_WIRE(ldns_buffer_begin(c->buffer)) 
+		&& (LDNS_RCODE_WIRE(sldns_buffer_begin(c->buffer)) 
 			== LDNS_RCODE_FORMERR || LDNS_RCODE_WIRE(
-			ldns_buffer_begin(c->buffer)) == LDNS_RCODE_NOTIMPL)) {
+			sldns_buffer_begin(c->buffer)) == LDNS_RCODE_NOTIMPL)) {
 		/* try to get an answer by falling back without EDNS */
 		verbose(VERB_ALGO, "serviced query: attempt without EDNS");
 		sq->status = serviced_query_UDP_EDNS_fallback;
@@ -1732,9 +1766,9 @@ serviced_udp_callback(struct comm_point* c, void* arg, int error,
 		sq->edns_lame_known = 1;
 	    } else if(sq->status == serviced_query_UDP_EDNS_fallback &&
 		!sq->edns_lame_known && (LDNS_RCODE_WIRE(
-		ldns_buffer_begin(c->buffer)) == LDNS_RCODE_NOERROR || 
-		LDNS_RCODE_WIRE(ldns_buffer_begin(c->buffer)) == 
-		LDNS_RCODE_NXDOMAIN || LDNS_RCODE_WIRE(ldns_buffer_begin(
+		sldns_buffer_begin(c->buffer)) == LDNS_RCODE_NOERROR || 
+		LDNS_RCODE_WIRE(sldns_buffer_begin(c->buffer)) == 
+		LDNS_RCODE_NXDOMAIN || LDNS_RCODE_WIRE(sldns_buffer_begin(
 		c->buffer)) == LDNS_RCODE_YXDOMAIN)) {
 		/* the fallback produced a result that looks promising, note
 		 * that this server should be approached without EDNS */
@@ -1773,7 +1807,7 @@ serviced_udp_callback(struct comm_point* c, void* arg, int error,
 	} /* end of if_!fallback_tcp */
 	/* perform TC flag check and TCP fallback after updating our
 	 * cache entries for EDNS status and RTT times */
-	if(LDNS_TC_WIRE(ldns_buffer_begin(c->buffer)) || fallback_tcp) {
+	if(LDNS_TC_WIRE(sldns_buffer_begin(c->buffer)) || fallback_tcp) {
 		/* fallback to TCP */
 		/* this discards partial UDP contents */
 		if(sq->status == serviced_query_UDP_EDNS ||
@@ -1796,7 +1830,7 @@ outnet_serviced_query(struct outside_network* outnet,
 	uint16_t flags, int dnssec, int want_dnssec, int tcp_upstream,
 	int ssl_upstream, struct sockaddr_storage* addr, socklen_t addrlen,
 	uint8_t* zone, size_t zonelen, comm_point_callback_t* callback,
-	void* callback_arg, ldns_buffer* buff)
+	void* callback_arg, sldns_buffer* buff)
 {
 	struct serviced_query* sq;
 	struct service_callback* cb;
@@ -1925,7 +1959,7 @@ size_t outnet_get_mem(struct outside_network* outnet)
 	struct port_comm* pc;
 	size_t s = sizeof(*outnet) + sizeof(*outnet->base) + 
 		sizeof(*outnet->udp_buff) + 
-		ldns_buffer_capacity(outnet->udp_buff);
+		sldns_buffer_capacity(outnet->udp_buff);
 	/* second buffer is not ours */
 	for(pc = outnet->unused_fds; pc; pc = pc->next) {
 		s += sizeof(*pc) + comm_point_get_mem(pc->cp);

services/outside_network.h

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -54,6 +54,7 @@ struct waiting_udp;
 struct infra_cache;
 struct port_comm;
 struct port_if;
+struct sldns_buffer;
 
 /**
  * Send queries to outside servers and wait for answers from servers.
@@ -69,7 +70,7 @@ struct outside_network {
 
 	/** buffer shared by UDP connections, since there is only one
 	    datagram at any time. */
-	ldns_buffer* udp_buff;
+	struct sldns_buffer* udp_buff;
 	/** serviced_callbacks malloc overhead when processing multiple
 	 * identical serviced queries to the same server. */
 	size_t svcd_overhead;
@@ -94,6 +95,10 @@ struct outside_network {
 	struct port_comm* unused_fds;
 	/** if udp is done */
 	int do_udp;
+	/** if udp is delay-closed (delayed answers do not meet closed port)*/
+	int delayclose;
+	/** timeout for delayclose */
+	struct timeval delay_tv;
 
 	/** array of outgoing IP4 interfaces */
 	struct port_if* ip4_ifs;
@@ -376,6 +381,8 @@ struct serviced_query {
  * @param unwanted_param: user parameter to action.
  * @param do_udp: if udp is done.
  * @param sslctx: context to create outgoing connections with (if enabled).
+ * @param delayclose: if not 0, udp sockets are delayed before timeout closure.
+ * 	msec to wait on timeouted udp sockets.
  * @return: the new structure (with no pending answers) or NULL on error.
  */
 struct outside_network* outside_network_create(struct comm_base* base,
@@ -384,7 +391,7 @@ struct outside_network* outside_network_create(struct comm_base* base,
 	struct ub_randstate* rnd, int use_caps_for_id, int* availports, 
 	int numavailports, size_t unwanted_threshold,
 	void (*unwanted_action)(void*), void* unwanted_param, int do_udp,
-	void* sslctx);
+	void* sslctx, int delayclose);
 
 /**
  * Delete outside_network structure.
@@ -411,7 +418,7 @@ void outside_network_quit_prepare(struct outside_network* outnet);
  * @return: NULL on error for malloc or socket. Else the pending query object.
  */
 struct pending* pending_udp_query(struct outside_network* outnet, 
-	ldns_buffer* packet, struct sockaddr_storage* addr, 
+	struct sldns_buffer* packet, struct sockaddr_storage* addr, 
 	socklen_t addrlen, int timeout, comm_point_callback_t* callback, 
 	void* callback_arg);
 
@@ -431,7 +438,7 @@ struct pending* pending_udp_query(struct outside_network* outnet,
  * @return: false on error for malloc or socket. Else the pending TCP object.
  */
 struct waiting_tcp* pending_tcp_query(struct outside_network* outnet, 
-	ldns_buffer* packet, struct sockaddr_storage* addr, 
+	struct sldns_buffer* packet, struct sockaddr_storage* addr, 
 	socklen_t addrlen, int timeout, comm_point_callback_t* callback, 
 	void* callback_arg, int ssl_upstream);
 
@@ -476,7 +483,7 @@ struct serviced_query* outnet_serviced_query(struct outside_network* outnet,
 	uint16_t flags, int dnssec, int want_dnssec, int tcp_upstream,
 	int ssl_upstream, struct sockaddr_storage* addr, socklen_t addrlen,
 	uint8_t* zone, size_t zonelen, comm_point_callback_t* callback,
-	void* callback_arg, ldns_buffer* buff);
+	void* callback_arg, struct sldns_buffer* buff);
 
 /**
  * Remove service query callback.
@@ -515,6 +522,9 @@ int outnet_tcp_cb(struct comm_point* c, void* arg, int error,
 /** callback for udp timeout */
 void pending_udp_timer_cb(void *arg);
 
+/** callback for udp delay for timeout */
+void pending_udp_timer_delay_cb(void *arg);
+
 /** callback for outgoing TCP timer event */
 void outnet_tcptimer(void* arg);
 

smallapp/unbound-anchor.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -116,7 +116,7 @@
 
 #include "config.h"
 #include "libunbound/unbound.h"
-#include <ldns/rr.h>
+#include "ldns/rrdef.h"
 #include <expat.h>
 #ifndef HAVE_EXPAT_H
 #error "need libexpat to parse root-anchors.xml file."
@@ -669,6 +669,15 @@ count_unused(struct ip_list* p)
 	return num;
 }
 
+static int get_random(void)
+{
+	int r;
+	if (RAND_bytes((unsigned char*)&r, (int)sizeof(r)) == 1) {
+		return r;
+	}
+	return (int)random();
+}
+
 /** pick random unused element from IP list */
 static struct ip_list*
 pick_random_ip(struct ip_list* list)
@@ -678,7 +687,7 @@ pick_random_ip(struct ip_list* list)
 	int sel;
 	if(num == 0) return NULL;
 	/* not perfect, but random enough */
-	sel = (int)ldns_get_random() % num;
+	sel = get_random() % num;
 	/* skip over unused elements that we did not select */
 	while(sel > 0 && p) {
 		if(!p->used) sel--;

smallapp/unbound-checkconf.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**
@@ -53,6 +53,7 @@
 #include "iterator/iter_hints.h"
 #include "validator/validator.h"
 #include "services/localzone.h"
+#include "ldns/sbuffer.h"
 #ifdef HAVE_GETOPT_H
 #include <getopt.h>
 #endif
@@ -105,14 +106,14 @@ check_mod(struct config_file* cfg, struct module_func_block* fb)
 	memset(&env, 0, sizeof(env));
 	env.cfg = cfg;
 	env.scratch = regional_create();
-	env.scratch_buffer = ldns_buffer_new(BUFSIZ);
+	env.scratch_buffer = sldns_buffer_new(BUFSIZ);
 	if(!env.scratch || !env.scratch_buffer)
 		fatal_exit("out of memory");
 	if(!(*fb->init)(&env, 0)) {
 		fatal_exit("bad config for %s module", fb->name);
 	}
 	(*fb->deinit)(&env, 0);
-	ldns_buffer_free(env.scratch_buffer);
+	sldns_buffer_free(env.scratch_buffer);
 	regional_destroy(env.scratch);
 }
 
@@ -343,9 +344,9 @@ morechecks(struct config_file* cfg, const char* fname)
 		if(fname[0] != '/') {
 			if(getcwd(buf, sizeof(buf)) == NULL)
 				fatal_exit("getcwd: %s", strerror(errno));
-			strncat(buf, "/", sizeof(buf)-strlen(buf)-1);
+			(void)strlcat(buf, "/", sizeof(buf));
 		}
-		strncat(buf, fname, sizeof(buf)-strlen(buf)-1);
+		(void)strlcat(buf, fname, sizeof(buf));
 		if(strncmp(buf, cfg->chrootdir, strlen(cfg->chrootdir)) != 0)
 			fatal_exit("config file %s is not inside chroot %s",
 				buf, cfg->chrootdir);

smallapp/unbound-control-setup.sh

@@ -22,16 +22,16 @@
 # specific prior written permission.
 # 
 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
-# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
-# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+# PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 # settings:
 

smallapp/unbound-control.c

@@ -21,16 +21,16 @@
  * specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 /**