d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

import ldns 1.6.13

Browse Source
This commit is contained in:
des 2012-07-04 14:22:28 +00:00
commit 481a5cc876
285 changed files with 134028 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

704
Changelog Normal file
View File

@ -0,0 +1,704 @@
1.6.13 2012-05-21
* New -S option for ldns-verify-zone to chase signatures online.
* New -k option for ldns-verify-zone to validate using a trusted key.
* New inception and expiration margin options (-i and -e) to
ldns-verify-zone.
* New ldns_dnssec_zone_new_frm_fp and ldns_dnssec_zone_new_frm_fp_l
functions.
* New ldns_duration* functions (copied from OpenDNSSEC source)
* fix ldns-verify-zone to allow NSEC3 signatures to come before
the NSEC3 RR in all cases. Thanks Wolfgang Nagele.
* Zero the correct flag (opt-out) when creating NSEC3PARAMS.
Thanks Peter van Dijk.
* Canonicalize RRSIG's Signer's name too when validating, because
bind and unbound do that too. Thanks Peter van Dijk.
* bugfix #433: Allocate rdf using ldns_rdf_new in ldns_dname_label
* bugfix #432: Use LDNS_MALLOC & LDNS_FREE i.s.o. malloc & free
* bugfix #431: Added error message for LDNS_STATUS_INVALID_B32_EXT
* bugfix #427: Explicitely link ssl with the programs that use it.
* Fix reading \DDD: Error on values that are outside range (>255).
* bugfix #429: fix doxyparse.pl fails on NetBSD because specified
path to perl.
* New ECDSA support (RFC 6605), use --disable-ecdsa for older openssl.
* fix verifying denial of existence for DS's in NSEC3 Opt-Out zones.
Thanks John Barnitz
1.6.12 2012-01-11
* bugfix #413: Fix manpage source for srcdir != builddir
* Canonicalize the signers name rdata field in RRSIGs when signing
* Ignore minor version of Private-key-format (so v1.3 may be used)
* Allow a check_time to be given in stead of always checking against
the current time. With ldns-verify-zone the check_time can be set
with the -t option.
* Added functions for updating and manipulating SOA serial numbers.
ldns-read-zone has an option -S for updating and manipulating the
serial numbers.
* The library Makefile is now GNU and BSD make compatible.
* bugfix #419: NSEC3 validation of a name covered by a wildcard with
no data.
* Two new options (--with-drill and --with-examples) to the main
configure script (in the root of the source tree) to build drill
and examples too.
* Fix days_since_epoch to year_yday calculation on 32bits systems.
1.6.11 2011-09-29
* bugfix #394: Fix socket leak on errors
* bugfix #392: Apex only and percentage checks for ldns-verify-zone
(thanks Miek Gieben)
* bugfix #398: Allow NSEC RRSIGs before the NSEC3 in ldns-verify-zone
* Fix python site package path from sitelib to sitearch for pyldns.
* Fix python api to support python2 and python3 (thanks Karel Slany).
* bugfix #401: Correction of date/time functions algorithm and
prevention of an infinite loop therein
* bugfix #402: Correct the minimum and maximum number of rdata fields
in TSIG. (thanks David Keeler)
* bugfix #403: Fix heap overflow (thanks David Keeler)
* bugfix #404: Make parsing APL strings more robust
(thanks David Keeler)
* bugfix #391: Complete library assessment to prevent assertion errors
through ldns_rdf_size usage.
* Slightly more specific error messaging on wrong number of rdata
fields with the LDNS_STATUS_MISSING_RDATA_FIELDS_RRSIG and
LDNS_STATUS_MISSING_RDATA_FIELDS_KEY result codes.
* bugfix #406: More rigorous openssl result code handling to prevent
future crashes within openssl.
* Fix ldns_fetch_valid_domain_keys to search deeper than just one level
for a DNSKEY that signed a DS RR. (this function was used in the
check_dnssec_trace nagios module)
* bugfix #407: Canonicalize TSIG dnames and algorithm fields
* A new output specifier to accommodate configuration of what to show
in comment texts when converting host and/or wire-format data to
string. All conversion to string and printing functions have a new
version that have such a format specifier as an extra argument.
The default is changed so that only DNSKEY RR's are annotated with
an comment show the Key Tag of the DNSKEY.
* Fixed the ldns resolver to not mark a nameserver unreachable when
edns0 is tried unsuccessfully with size 4096 (no return packet came),
but to still try TCP. A big UDP packet might have been corrupted by
fragments dropping firewalls.
* Update of libdns.vim (thanks Miek Gieben)
* Added the ldnsx Python module to our contrib section, which adds even
more pythonisticism to the usage of ldns with Python. (Many thanks
to Christpher Olah and Paul Wouters)
The ldnsx module is automatically installed when --with-pyldns is
used with configuring, but may explicitly be excluded with the
--without-pyldnsx option to configure.
* bugfix #410: Fix clearing out temporary data on stack in sha2.c
* bugfix #411: Don't let empty non-terminal NSEC3s cause assertion failure.
1.6.10 2011-05-31
* New example tool added: ldns-gen-zone.
* bugfix #359: Serial-arithmetic for the inception and expiration
fields of a RRSIG and correctly converting them to broken-out time
information.
* bugfix #364: Slight performance increase of ldns-verifyzone.
* bugfix #367: Fix to allow glue records with the same name as the
delegation.
* Fix ldns-verifyzone to allow NSEC3-less records for NS rrsets *and*
glue when the zone is opt-out.
* bugfix #376: Adapt ldns_nsec3_salt, ldns_nsec3_iterations,
ldns_nsec3_flags and ldns_nsec3_algorithm to work for NSEC3PARAMS too.
* pyldns memory leaks fixed by Bedrich Kosata (at the cost of a bit
performance)
* Better handling of reference variables in ldns_rr_new_frm_fp_l from
pyldns, with a very nice generator function by Bedrich Kosata.
* Decoupling of the rdfs in rrs in the python wrappers to enable
the python garbage collector by Bedrich Kosata.
* bugfix #380: Minimizing effect of discrepancies in sizeof(bool) at
build time and when used.
* bugfix #383: Fix detection of empty nonterminals of multiple labels.
* Fixed the ommission of rrsets in nsec(3)s and rrsigs to all occluded
names (in stead of just the ones that contain glue only) and all
occluded records on the delegation points (in stead of just the glue).
* Clarify the operation of ldns_dnssec_mark_glue and the usage of
ldns_dnssec_node_next_nonglue functions in the documentation.
* Added function ldns_dnssec_mark_and_get_glue as an real fast
alternative for ldns_zone_glue_rr_list.
* Fix parse buffer overflow for max length domain names.
* Fix Makefile for U in environment, since wrong U is more common than
deansification necessity.
1.6.9 2011-03-16
* Fix creating NSEC(3) bitmaps: make array size 65536,
don't add doubles.
* Fix printout of escaped binary in TXT records.
* Parsing TXT records: don't skip starting whitespace that is quoted.
* bugfix #358: Check if memory was successfully allocated in
ldns_rdf2str().
* Added more memory allocation checks in host2str.c
* python wrapper for ldns_fetch_valid_domain_keys by Bedrich Kosata.
* fix to compile python wrapper with swig 2.0.2.
* Don't fallback to SHA-1 when creating NSEC3 hash with another
algorithm identifier, fail instead (no other algorithm identifiers
are assigned yet).
1.6.8 2011-01-24
* Fix ldns zone, so that $TTL definition match RFC 2308.
* Fix lots of missing checks on allocation failures and parse of
NSEC with many types and max parse length in hosts_frm_fp routine
and off by one in read_anchor_file routine (thanks Dan Kaminsky and
Justin Ferguson).
* bugfix #335: Drill: Print both SHA-1 and SHA-256 corresponding DS
records.
* Print correct WHEN in query packet (is not always 1-1-1970)
* ldns-test-edns: new example tool that detects EDNS support.
* fix ldns_resolver_send without openssl.
* bugfix #342: patch for support for more CERT key types (RFC4398).
* bugfix #351: fix udp_send hang if UDP checksum error.
* fix set_bit (from NSEC3 sign) patch from Jan Komissar.
1.6.7 2010-11-08
* EXPERIMENTAL ecdsa implementation, please do not enable on real
servers.
* GOST code enabled by default (RFC 5933).
* bugfix #326: ignore whitespace between directives and their values.
* Header comment to advertise ldns_axfr_complete to check for
successfully completed zone transfers.
* read resolv.conf skips interface labels, e.g. %eth0.
* Fix drill verify NSEC3 denials.
* Use closesocket() on windows.
* Add ldns_get_signing_algorithm_by_name that understand aliases,
names changed to RFC names and aliases for compatibility added.
* bugfix: don't print final dot if the domain is relative.
* bugfix: resolver search continue when packet rcode != NOERROR.
* bugfix: resolver push all domains in search directive to list.
* bugfix: resolver search by default includes the root domain.
* bugfix: tcp read could fail on single octet recv.
* bugfix: read of RR in unknown syntax with missing fields.
* added ldns_pkt_tsig_sign_next() and ldns_pkt_tsig_verify_next()
to sign and verify TSIG RRs on subsequent messages
(section 4.4, RFC 2845, thanks to Michael Sheldon).
* bugfix: signer sigs nsecs with zsks only.
* bugfix #333: fix ldns_dname_absolute for name ending with backslash.
1.6.6 2010-08-09
* Fix ldns_rr_clone to copy question rrs properly.
* Fix ldns_sign_zone(_nsec3) to clone the soa for the new zone.
* Fix ldns_wire2dname size check from reading 1 byte beyond buffer end.
* Fix ldns_wire2dname from reading 1 byte beyond end for pointer.
* Fix crash using GOST for particular platform configurations.
* extern C declarations used in the header file.
* Removed debug fprintf from resolver.c.
* ldns-signzone checks if public key file is for the right zone.
* NETLDNS, .NET port of ldns functionality, by Alex Nicoll, in contrib.
* Fix handling of comments in resolv.conf parse.
* GOST code enabled if SSL recent, RFC 5933.
* bugfix #317: segfault util.c ldns_init_random() fixed.
* Fix ldns_tsig_mac_new: allocate enough memory for the hash, fix use of
b64_pton_calculate_size.
* Fix ldns_dname_cat: size calculation and handling of realloc().
* Fix ldns_rr_pop_rdf: fix handling of realloc().
* Fix ldns-signzone for single type key scheme: sign whole zone if there
are only KSKs.
* Fix ldns_resolver: also close socket if AXFR failed (if you don't,
it would block subsequent transfers (thanks Roland van Rijswijk).
* Fix drill: allow for a secure trace if you use DS records as trust
anchors (thanks Jan Komissar).
1.6.5 2010-06-15
* Catch \X where X is a digit as an error.
* Fix segfault when ip6 ldns resolver only has ip4 servers.
* Fix NSEC record after DNSKEY at zone apex not properly signed.
* Fix syntax error if last label too long and no dot at end of domain.
* Fix parse of \# syntax with space for type LOC.
* Fix ldns_dname_absolute for escape sequences, fixes some parse errs.
* bugfix #297: linking ssl, bug due to patch submitted as #296.
* bugfix #299: added missing declarations to host2str.h
* ldns-compare-zones -s to not exclude SOA record from comparison.
* --disable-rpath fix
* fix ldns_pkt_empty(), reported by Alex Nicoll.
* fix ldns_resolver_new_frm_fp not ignore lines after a comment.
* python code for ldns_rr.new_question_frm_str()
* Fix ldns_dnssec_verify_denial: the signature selection routine.
* Type TALINK parsed (draft-ietf-dnsop-trust-history).
* bugfix #304: fixed dead loop in ldns_tcp_read_wire() and
ldns_tcp_read_wire_timeout().
* GOST support with correct algorithm numbers. The plan is to make it
enabled if openssl support is detected, but it is disabled by
default in this release because the RFC is not ready.
* Fixed comment in rbtree.h about being first member and data ptr.
* Fixed possibly leak in case of out of memory in ldns_native2rdf...
* ldns_dname_is_wildcard added.
* Fixed: signatures over wildcards had the wrong labelcount.
* Fixed ldns_verify() inconsistent return values.
* Fixed ldns_resolver to copy and free tsig name, data and algorithm.
* Fixed ldns_resolver to push search onto searchlist.
* A ldns resolver now defaults to a non-recursive resolver that handles
the TC bit.
* ldns_resolver_print() prints more details.
* Fixed ldns_rdf2buffer_str_time(), which did not print timestamps
on 64bit systems.
* Make ldns_resolver_nameservers_randomize() more random.
* bugfix #310: POSIX specifies NULL second argument of gettimeofday.
* fix compiler warnings from llvm clang compiler.
* bugfix #309: ldns_pkt_clone did not clone the tsig_rr.
* Fix gentoo ebuild for drill, 'no m4 directory'.
* bugfix #313: drill trace on an empty nonterminal continuation.
1.6.4 2010-01-20
* Imported pyldns contribution by Zdenek Vasicek and Karel Slany.
Changed its configure and Makefile to fit into ldns.
Added its dname_* methods to the rdf_* class (as is the ldns API).
Changed swig destroy of ldns_buffer class to ldns_buffer_free.
Declared ldns_pkt_all and ldns_pkt_all_noquestion so swig sees them.
* Bugfix: parse PTR target of .tomhendrikx.nl with error not crash.
* Bugfix: handle escaped characters in TXT rdata.
* bug292: no longer crash on malformed domain names where a label is
on position 255, which was a buffer overflow by one.
* Fix ldns_get_rr_list_hosts_frm_fp_l (strncpy to strlcpy change),
which fixes resolv.conf reading badly terminated string buffers.
* Fix ldns_pkt_set_random_id to be more random, and a little faster,
it did not do value 0 statistically correctly.
* Fix ldns_rdf2native_sockaddr_storage to set sockaddr type to zeroes,
for portability.
* bug295: nsec3-hash routine no longer case sensitive.
* bug298: drill failed nsec3 denial of existence proof.
1.6.3 2009-12-04
* Bugfix: allow for unknown resource records in zonefile with rdlen=0.
* Bugfix: also mark an RR as question if it comes from the wire
* Bugfix: NSEC3 bitmap contained NSEC
* Bugfix: Inherit class when creating signatures
1.6.2 2009-11-12
* Fix Makefile patch from Havard Eidnes, better install.sh usage.
* Fix parse error on SOA serial of 2910532839.
Fix print of ';' and readback of '\;' in names, also for '\\'.
Fix parse of '\(' and '\)' in names. Also for file read. Also '\.'
* Fix signature creation when TTLs are different for RRs in RRset.
* bug273: fix so EDNS rdata is included in pkt to wire conversion.
* bug274: fix use of c++ keyword 'class' for RR class in the code.
* bug275: fix memory leak of packet edns rdata.
* Fix timeout procedure for TCP and AXFR on Solaris.
* Fix occasional NSEC bitmap bogus
* Fix rr comparing (was in reversed order since 1.6.0)
* bug278: fix parsing HINFO rdata (and other cases).
* Fix previous owner name: also pick up if owner name is @.
* RFC5702: enabled sha2 functions by default. This requires OpenSSL 0.9.8 or higher.
Reason for this default is the root to be signed with RSASHA256.
* Fix various LDNS RR parsing issues: IPSECKEY, WKS, NSAP, very long lines
* Fix: Make ldns_dname_is_subdomain case insensitive.
* Fix ldns-verify-zone so that address records at zone NS set are not considered glue
(Or glue records fall below delegation)
* Fix LOC RR altitude printing.
* Feature: Added period (e.g. '3m6d') support at explicit TTLs.
* Feature: DNSKEY rrset by default signed with minimal signatures
but -A option for ldns-signzone to sign it with all keys.
This makes the DNSKEY responses smaller for signed domains.
1.6.1 2009-09-14
* --enable-gost : use the GOST algorithm (experimental).
* Added some missing options to drill manpage
* Some fixes to --without-ssl option
* Fixed quote parsing withing strings
* Bitmask fix in EDNS handling
* Fixed non-fqdn domain name completion for rdata field domain
names of length 1
* Fixed chain validation with SHA256 DS records
1.6.0
Additions:
* Addition of an ldns-config script which gives cflags and libs
values, for use in configure scripts for applications that use
use ldns. Can be disabled with ./configure --disable-ldns-config
* Added direct sha1, sha256, and sha512 support in ldns.
With these functions, all NSEC3 functionality can still be
used, even if ldns is built without OpenSSL. Thanks to OpenBSD,
Steve Reid, and Aaron D. Gifford for the code.
* Added reading/writing support for the SPF Resource Record
* Base32 functions are now exported
Bugfixes:
* ldns_is_rrset did not go through the complete rrset, but
only compared the first two records. Thanks to Olafur
Gudmundsson for report and patch
* Fixed a small memory bug in ldns_rr_list_subtype_by_rdf(),
thanks to Marius Rieder for finding an patching this.
* --without-ssl should now work. Make sure that examples/ and
drill also get the --without-ssl flag on their configure, if
this is used.
* Some malloc() return value checks have been added
* NSEC3 creation has been improved wrt to empty nonterminals,
and opt-out.
* Fixed a bug in the parser when reading large NSEC3 salt
values.
* Made the allowed length for domain names on wire
and presentation format the same.
Example tools:
* ldns-key2ds can now also generate DS records for keys without
the SEP flag
* ldns-signzone now equalizes the TTL of the DNSKEY RRset (to
the first non-default DNSKEY TTL value it sees)
1.5.1
Example tools:
* ldns-signzone was broken in 1.5.0 for multiple keys, this
has been repaired
Build system:
* Removed a small erroneous output warning in
examples/configure and drill/configure
1.5.0
Bug fixes:
* fixed a possible memory overflow in the RR parser
* build flag fix for Sun Studio
* fixed a building race condition in the copying of header
files
* EDNS0 extended rcode; the correct assembled code number
is now printed (still in the EDNS0 field, though)
* ldns_pkt_rr no longer leaks memory (in fact, it no longer
copies anything all)
API addition:
* ldns_key now has support for 'external' data, in which
case the OpenSSL EVP structures are not used;
ldns_key_set_external_key() and ldns_key_external_key()
* added ldns_key_get_file_base_name() which creates a
'default' filename base string for key storage, of the
form "K<zone>+<algorithm>+<keytag>"
* the ldns_dnssec_* family of structures now have deep_free()
functions, which also free the ldns_rr's contained in them
* there is now an ldns_match_wildcard() function, which checks
whether a domain name matches a wildcard name
* ldns_sign_public has been split up; this resulted in the
addition of ldns_create_empty_rrsig() and
ldns_sign_public_buffer()
Examples:
* ldns-signzone can now automatically add DNSKEY records when
using an OpenSSL engine, as it already did when using key
files
* added new example tool: ldns-nsec3-hash
* ldns-dpa can now filter on specific query name and types
* ldnsd has fixes for the zone name, a fix for the return
value of recvfrom(), and an memory initialization fix
(Thanks to Colm MacCárthaigh for the patch)
* Fixed memory leaks in ldnsd
1.4.1
Bug fixes:
* fixed a build issue where ldns lib existence was done too early
* removed unnecessary check for pcap.h
* NSEC3 optout flag now correctly printed in string output
* inttypes.h moved to configured inclusion
* fixed NSEC3 type bitmaps for empty nonterminals and unsigned
delegations
API addition:
* for that last fix, we added a new function
ldns_dname_add_from() that can clone parts of a dname
1.4.0
Bug fixes:
* sig chase return code fix (patch from Rafael Justo, bug id 189)
* rdata.c memory leaks on error and allocation checks fixed (patch
from Shane Kerr, bug id 188)
* zone.c memory leaks on error and allocation checks fixed (patch
from Shane Kerr, bug id 189)
* ldns-zplit output and error messages fixed (patch from Shane Kerr,
bug id 190)
* Fixed potential buffer overflow in ldns_str2rdf_dname
* Signing code no longer signs delegation NS rrsets
* Some minor configure/makefile updates
* Fixed a bug in the randomness initialization
* Fixed a bug in the reading of resolv.conf
* Fixed a bug concerning whitespace in zone data (with patch from Ondrej
Sury, bug 213)
* Fixed a small fallback problem in axfr client code
API CHANGES:
* added 2str convenience functions:
- ldns_rr_type2str
- ldns_rr_class2str
- ldns_rr_type2buffer_str
- ldns_rr_class2buffer_str
* buffer2str() is now called ldns_buffer2str
* base32 and base64 function names are now also prepended with ldns_
* ldns_rr_new_frm_str() now returns an error on missing RDATA fields.
Since you cannot read QUESTION section RRs with this anymore,
there is now a function called ldns_rr_new_question_frm_str()
LIBRARY FEATURES:
* DS RRs string representation now add bubblebabble in a comment
(patch from Jakob Schlyter)
* DLV RR type added
* TCP fallback system has been improved
* HMAC-SHA256 TSIG support has been added.
* TTLS are now correcly set in NSEC(3) records when signing zones
EXAMPLE TOOLS:
* New example: ldns-revoke to revoke DNSKEYs according to RFC5011
* ldns-testpkts has been fixed and updated
* ldns-signzone now has the option to not add the DNSKEY
* ldns-signzone now has an (full zone only) opt-out option for
NSEC3
* ldns-keygen can create HMAC-SHA1 and HMAC-SHA256 symmetric keys
* ldns-walk output has been fixed
* ldns-compare-zones has been fixed, and now has an option
to show all differences (-a)
* ldns-read-zone now has an option to print DNSSEC records only
1.3
Base library:
* Added a new family of functions based around ldns_dnssec_zone,
which is a new structure that keeps a zone sorted through an
rbtree and links signatures and NSEC(3) records directly to their
RRset. These functions all start with ldns_dnssec_
* ldns_zone_sign and ldns_zone_sign_nsec3 are now deprecated, but
have been changed to internally use the new
ldns_dnssec_zone_sign(_nsec3)
* Moved some ldns_buffer functions inline, so a clean rebuild of
applications relying on those is needed (otherwise you'll get
linker errors)
* ldns_dname_label now returns one extra (zero)
byte, so it can be seen as an fqdn.
* NSEC3 type code update for signing algorithms.
* DSA key generation of DNSKEY RRs fixed (one byte too small).
* Added support for RSA/SHA256 and RSA/SHA512, as specified in
draft-ietf-dnsext-dnssec-rsasha256-04. The typecodes are not
final, and this feature is not enabled by default. It can be
enabled at compilation time with the flag --with-sha2
* Added 2wire_canonical family of functions that lowercase dnames
in rdata fields in resource records of the types in the list in
rfc3597
* Added base32 conversion functions.
* Fixed DSA RRSIG conversion when calling OpenSSL
Drill:
* Chase output is completely different, it shows, in ascii, the
relations in the trust hierarchy.
Examples:
* Added ldns-verify-zone, that can verify the internal DNSSEC records
of a signed BIND-style zone file
* ldns-keygen now takes an -a argument specifying the algorithm,
instead of -R or -D. -a list show a list of supported algorithms
* ldns-keygen now defaults to the exponent RSA_F4 instead of RSA_3
for RSA key generation
* ldns-signzone now has support for HSMs
* ldns-signzone uses the new ldns_dnssec_ structures and functions
which improves its speed, and output; RRSIGS are now placed
directly after their RRset, NSEC(3) records directly after the
name they handle
Contrib:
* new contrib/ dir with user contributions
* added compilation script for solaris (thanks to Jakob Schlyter)
28 Nov 2007 1.2.2:
* Added support for HMAC-MD5 keys in generator
* Added a new example tool (written by Ondrej Sury): ldns-compare-zones
* ldns-keygen now checks key sizes for rfc conformancy
* ldns-signzone outputs SSL error if present
* Fixed manpages (thanks to Ondrej Sury)
* Fixed Makefile for -j <x>
* Fixed a $ORIGIN error when reading zones
* Fixed another off-by-one error
03 Oct 2007 1.2.1:
* Fixed an offset error in rr comparison
* Fixed ldns-read-zone exit code
* Added check for availability of SHA256 hashing algorithm
* Fixed ldns-key2ds -2 argument
* Fixed $ORIGIN bug in .key files
* Output algorithms as an integer instead of their mnemonic
* Fixed a memory leak in dnssec code when SHA256 is not available
* Updated fedora .spec file
11 Apr 2007 1.2.0:
* canonicalization of rdata in DNSSEC functions now adheres to the
rr type list in rfc3597, not rfc4035, which will be updated
(see http://www.ops.ietf.org/lists/namedroppers/namedroppers.2007/msg00183.html)
* ldns-walk now support dnames with maximum label length
* ldnsd now takes an extra argument containing the address to listen on
* signing no longer signs every rrset with KSK's, but only the DNSKEY rrset
* ported to Solaris 10
* added ldns_send_buffer() function
* added ldns-testpkts fake packet server
* added ldns-notify to send NOTIFY packets
* ldns-dpa can now accurately calculate the number of matches per
second
* libtool is now used for compilation too (still gcc, but not directly)
* Bugfixes:
- TSIG signing buffer size
- resolv.conf reading (comments)
- dname comparison off by one error
- typo in keyfetchers output file name fixed (a . too much)
- fixed zone file parser when comments contain ( or )
- fixed LOC RR type
- fixed CERT RR type
Drill:
* drill prints error on failed axfr.
* drill now accepts mangled packets with -f
* old -c option (use tcp) changed to -t
* -c option to specify alternative resolv.conf file added
* feedback of signature chase improved
* chaser now stops at root when no trusted keys are found
instead of looping forever trying to find the DS for .
* Fixed bugs:
- wildcard on multiple labels signature verification
- error in -f packet writing for malformed packets
- made KSK check more resilient
7 Jul 2006: 1.1.0: ldns-team
* Added tutorials and an introduction to the documentation
* Added include/ and lib/ dirs so that you can compile against ldns
without installing ldns on your system
* Makefile updates
* Starting usage of assert throughout the library to catch illegal calls
* Solaris 9 testing was carried out. Ldns now compiles on that
platform; some gnuism were identified and fixed.
* The ldns_zone structure was stress tested. The current setup
(ie. just a list of rrs) can scale to zone file in order of
megabytes. Sorting such zone is still difficult.
* Reading multiline b64 encoded rdata works.
* OpenSSL was made optional, configure --without-ssl.
Ofcourse all dnssec/tsig related functions are disabled
* Building of examples and drill now happens with the same
defines as the building of ldns itself.
* Preliminary sha-256 support was added. Currently is your
OpenSSL supports it, it is supported in the DS creation.
* ldns_resolver_search was implemented
* Fixed a lot of bugs
Drill:
* -r was killed in favor of -o <header bit mnemonic> which
allows for a header bits setting (and maybe more in the
future)
* DNSSEC is never automaticaly set, even when you query
for DNSKEY/RRSIG or DS.
* Implement a crude RTT check, it now distinguishes between
reachable and unreachable.
* A form of secure tracing was added
* Secure Chasing has been improved
* -x does a reverse lookup for the given IP address
Examples:
* ldns-dpa was added to the examples - this is the Dns Packet
Analyzer tool.
* ldnsd - as very, very simple nameserver impl.
* ldns-zsplit - split zones for parrallel signing
* ldns-zcat - cat split zones back together
* ldns-keyfetcher - Fetches DNSKEY records with a few (non-strong,
non-DNSSEC) anti-spoofing techniques.
* ldns-walk - 'Walks' a DNSSEC signed zone
* Added an all-static target to the makefile so you can use examples
without installing the library
* When building in the source tree or in a direct subdirectory of
the build dir, configure does not need --with-ldns=../ anymore
Code:
* All networking code was moved to net.c
* rdata.c: added asserts to the rdf set/get functions
* const keyword was added to pointer arguments that
aren't changed
API:
Changed:
* renamed ldns/dns.h to ldns/ldns.h
* ldns_rr_new_frm_str() is extented with an extra variable which
in common use may be NULL. This trickles through to:
o ldns_rr_new_frm_fp
o ldns_rr_new_frm_fp_l
Which also get an extra variable
Also the function has been changed to return a status message.
The compiled RR is returned in the first argument.
* ldns_zone_new_frm_fp_l() and ldns_zone_new_frm_fp() are
changed to return a status msg.
* ldns_key_new_frm_fp is changed to return ldns_status and
the actual key list in the first argument
* ldns_rdata_new_frm_fp[_l]() are changed to return a status.
the rdf is return in the first argument
* ldns_resolver_new_frm_fp: same treatment: return status and
the new resolver in the first argument
* ldns_pkt_query_new_frm_str(): same: return status and the
packet in the first arg
* tsig.h: internal used functions are now static:
ldns_digest_name and ldns_tsig_mac_new
* ldns_key_rr2ds has an extra argument to specify the hash to
use.
* ldns_pkt_rcode() is renamed to ldns_pkt_get_rcode, ldns_pkt_rcode
is now the rcode type, like ldns_pkt_opcode
New:
* ldns_resolver_searchlist_count: return the searchlist counter
* ldns_zone_sort: Sort a zone
* ldns_bgsend(): background send, returns a socket.
* ldns_pkt_empty(): check is a packet is empty
* ldns_rr_list_pop_rr_list(): pop multiple rr's from another rr_list
* ldns_rr_list_push_rr_list(): push multiple rr's to an rr_list
* ldns_rr_list_compare(): compare 2 ldns_rr_lists
* ldns_pkt_push_rr_list: rr_list equiv for rr
* ldns_pkt_safe_push_rr_list: rr_list equiv for rr
Removed:
* ldns_resolver_bgsend(): was not used in 1.0.0 and is not used now
* ldns_udp_server_connect(): was faulty and isn't really part of
the core ldns idea any how.
* ldns_rr_list_insert_rr(): obsoleted, because not used.
* char *_when was removed from the ldns_pkt structure
18 Oct 2005: 1.0.0: ldns-team
* Commited a patch from Håkan Olsson
* Added UPDATE support (Jakob Schlyter and Håkan Olsson)
* License change: ldns is now BSD licensed
* ldns now depends on SSL
* Networking code cleanup, added (some) server udp/tcp support
* A zone type is introduced. Currently this is a list
of RRs, so it will not scale well.
* [beta] Zonefile parsing was added
* [tools] Drill was added to ldns - see drill/
* [tools] experimental signer was added
* [building] better check for ssl
* [building] major revision of build system
* [building] added rpm .spec in packaging/ (thanks to Paul Wouters)
* [building] A lot of cleanup in the build scripts (thanks to Jakob Schlyter
and Paul Wouters)
28 Jul 2005: 0.70: ldns-team
* [func] ldns_pkt_get_section now returns copies from the rrlists
in the packet. This can be freed by the user program
* [code] added ldns_ prefixes to function from util.h
* [inst] removed documentation from default make install
* Usual fixes in documentation and code
20 Jun 2005: 0.66: ldns-team
Rel. Focus: drill-pre2 uses some functions which are
not in 0.65
* dnssec_cd bit function was added
* Zone infrastructure was added
* Usual fixes in documentation and code
13 Jun 2005: 0.65: ldns-team
* Repository is online at:
http://www.nlnetlabs.nl/ldns/svn/
* Apply reference copying throuhgout ldns, except in 2
places in the ldns_resolver structure (._domain and
._nameservers)
* Usual array of bugfixes
* Documentation added
* keygen.c added as an example for DNSSEC programming
23 May 2005: 0.60: ldns-team
* Removed config.h from the header installed files
(you're not supposed to include that in a libary)
* Further tweaking
- DNSSEC signing/verification works
- Assorted bug fixes and tweaks (memory management)
May 2005: 0.50: ldns-team
* First usable release
* Basic DNS functionality works
* DNSSEC validation works

26
LICENSE Normal file
View File

@ -0,0 +1,26 @@
Copyright (c) 2005,2006, NLnetLabs
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
* Neither the name of NLnetLabs nor the names of its
contributors may be used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.

1098
Makefile.in Normal file
View File

File diff suppressed because it is too large Load Diff

144
README Normal file
View File

@ -0,0 +1,144 @@
Contents:
REQUIREMENTS
INSTALLATION
libdns
examples
drill
INFORMATION FOR SPECIFIC OPERATING SYSTEMS
Mac OS X
Solaris
KNOWN ISSUES
pyldns
Your Support
Project page:
http://www.nlnetlabs.nl/ldns/
On that page you can also subscribe to the ldns mailing list.
* Development
ldns is mainly developed on Linux and FreeBSD. It is regularly tested to
compile on other systems like Solaris and Mac OS X.
REQUIREMENTS
- OpenSSL (Optional, but needed for features like DNSSEC)
- libpcap (Optional, but needed for examples/ldns-dpa)
- (GNU) libtool (in OSX, that's glibtool, not libtool)
- GNU make
INSTALLATION
1. Unpack the tarball
2. cd ldns-<VERSION>
3. ./configure
4. gmake (it needs gnu make to compile, on systems where GNU make is the
default you can just use 'make')
5. sudo gmake install
6. Optional. (cd examples; ./configure; gmake), make example programs included.
7. Optional. (cd drill; ./configure; gmake; gmake install), to build drill.
You can configure and compile it in a separate build directory.
* Examples
There are some examples and dns related tools in the examples/ directory.
These can be built with:
1. cd examples/
2. ./configure [--with-ldns=<path to ldns installation or build>]
3. gmake
* Drill
Drill can be built with:
1. cd drill/
2. ./configure [--with-ldns=<path to ldns installation or build>]
3. gmake
Note that you need to set LD_LIBRARY_PATH if you want to run the binaries
and you have not installed the library to a system directory. You can use
the make target all-static for the examples to run them if you don't want to
install the library.
* Building from subversion repository
If you are building from the repository you will need to have (gnu)
autotools like libtool and autoreconf installed. A list of all the commands
needed to build everything can be found in README.svn. Note that the actual
commands may be a little bit different on your machine. Most notable, you'll need to run libtoolize (or glibtoolize), if you skip this step, you'll get an error about missing config.sub.
* Developers
ldns is developed by the ldns team at NLnet Labs. This team currently
consists of:
o Willem Toorop
o Wouter Wijngaards
o Matthijs Mekking
Former main developers:
o Jelte Jansen
o Miek Gieben
* Credits
We have received patches from the following people, thanks!
o Bedrich Kosata
o Erik Rozendaal
o Håkan Olsson
o Jakob Schlyter
o Paul Wouters
o Simon Vallet
o Ondřej Surý
INFORMATION FOR SPECIFIC OPERATING SYSTEMS
MAC OS X
For MACOSX 10.4 and later, it seems that you have to set the
MACOSX_DEPLOYMENT_TARGET environment variable to 10.4 before running
make. Apparently it defaults to 10.1.
This appears to be a known problem in 10.2 to 10.4, see:
http://developer.apple.com/qa/qa2001/qa1233.html
for more information.
SOLARIS
In Solaris multi-architecture systems (that have both 32-bit and
64-bit support), it can be a bit taxing to convince the system to
compile in 64-bit mode. Jakob Schlyter has kindly contributed a build
script that sets the right build and link options. You can find it in
contrib/build-solaris.sh
KNOWN ISSUES
A complete list of currently known open issues can be found here:
http://www.nlnetlabs.nl/projects/ldns/bugs
* pyldns
Compiling pyldns produces many ``unused parameter'' warnings. Those are
harmless and may safely be ignored.
Also when building with Swig which version is before 2.0.4, compiling
pyldns produces many ``missing initializer'' warnings. Those are harmless
too.
Your Support
NLnet Labs offers all of its software products as open source, most are
published under a BDS license. You can download them, not only from the
NLnet Labs website but also through the various OS distributions for
which NSD, ldns, and Unbound are packaged. We therefore have little idea
who uses our software in production environments and have no direct ties
with 'our customers'.
Therefore, we ask you to contact us at users@NLnetLabs.nl and tell us
whether you use one of our products in your production environment,
what that environment looks like, and maybe even share some praise.
We would like to refer to the fact that your organization is using our
products. We will only do that if you explicitly allow us. In all other
cases we will keep the information you share with us to ourselves.
In addition to the moral support you can also support us
financially. NLnet Labs is a recognized not-for-profit charity foundation
that is chartered to develop open-source software and open-standards
for the Internet. If you use our software to satisfaction please express
that by giving us a donation. For small donations PayPal can be used. For
larger and regular donations please contact us at users@NLnetLabs.nl. Also
see http://www.nlnetlabs.nl/labs/contributors/.

8
README.snapshots Normal file
View File

@ -0,0 +1,8 @@
ldns - snapshot releases
Snapshot releases are not official released. They can be released to
interested parties for development.
Snapshots can be recognized from the date in the the tar file name.
They should not be used for packaging in distributions.

26
README.svn Normal file
View File

@ -0,0 +1,26 @@
# The ldns subversion repository can found at:
# www.nlnetlabs.nl/ldns/svn/
# small list of commands to build all on a linux system
# libtoolize is needed for most other targets
# on Solaris, and other systems that may not have
# the default 'automake' and 'aclocal' script aliases,
# the correct versions may need to be set. On those
# systems, the 'autoreconf' line should be changed to:
# AUTOMAKE=automake-1.10 ACLOCAL=aclocal-1.10 autoreconf
# (and these systems probably need gmake instead of make)
# older versions of libtoolize do not support --install
# so you might need to remove that (with newer versions
# it is needed)
libtoolize -c --install
autoreconf --install
./configure
make
make doc # needs doxygen for the html pages
(cd examples && autoreconf && ./configure && make)
(cd drill && autoreconf && ./configure && make)
(cd pcat && autoreconf && ./configure && make)
(cd examples/nsd-test && autoreconf && ./configure && make)

8620
aclocal.m4 vendored Normal file
View File

File diff suppressed because it is too large Load Diff

1370
acx_nlnetlabs.m4 Normal file
View File

File diff suppressed because it is too large Load Diff

135
ax_pkg_swig.m4 Normal file
View File

@ -0,0 +1,135 @@
# ===========================================================================
# http://www.gnu.org/software/autoconf-archive/ax_pkg_swig.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_PKG_SWIG([major.minor.micro], [action-if-found], [action-if-not-found])
#
# DESCRIPTION
#
# This macro searches for a SWIG installation on your system. If found,
# then SWIG is AC_SUBST'd; if not found, then $SWIG is empty. If SWIG is
# found, then SWIG_LIB is set to the SWIG library path, and AC_SUBST'd.
#
# You can use the optional first argument to check if the version of the
# available SWIG is greater than or equal to the value of the argument. It
# should have the format: N[.N[.N]] (N is a number between 0 and 999. Only
# the first N is mandatory.) If the version argument is given (e.g.
# 1.3.17), AX_PKG_SWIG checks that the swig package is this version number
# or higher.
#
# As usual, action-if-found is executed if SWIG is found, otherwise
# action-if-not-found is executed.
#
# In configure.in, use as:
#
# AX_PKG_SWIG(1.3.17, [], [ AC_MSG_ERROR([SWIG is required to build..]) ])
# AX_SWIG_ENABLE_CXX
# AX_SWIG_MULTI_MODULE_SUPPORT
# AX_SWIG_PYTHON
#
# LICENSE
#
# Copyright (c) 2008 Sebastian Huber <sebastian-huber@web.de>
# Copyright (c) 2008 Alan W. Irwin <irwin@beluga.phys.uvic.ca>
# Copyright (c) 2008 Rafael Laboissiere <rafael@laboissiere.net>
# Copyright (c) 2008 Andrew Collier <colliera@ukzn.ac.za>
# Copyright (c) 2011 Murray Cumming <murrayc@openismus.com>
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 2 of the License, or (at your
# option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
# Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program. If not, see <http://www.gnu.org/licenses/>.
#
# As a special exception, the respective Autoconf Macro's copyright owner
# gives unlimited permission to copy, distribute and modify the configure
# scripts that are the output of Autoconf when processing the Macro. You
# need not follow the terms of the GNU General Public License when using
# or distributing such scripts, even though portions of the text of the
# Macro appear in them. The GNU General Public License (GPL) does govern
# all other use of the material that constitutes the Autoconf Macro.
#
# This special exception to the GPL applies to versions of the Autoconf
# Macro released by the Autoconf Archive. When you make and distribute a
# modified version of the Autoconf Macro, you may extend this special
# exception to the GPL to apply to your modified version as well.
#serial 8
AC_DEFUN([AX_PKG_SWIG],[
# Ubuntu has swig 2.0 as /usr/bin/swig2.0
AC_PATH_PROGS([SWIG],[swig2.0 swig])
if test -z "$SWIG" ; then
m4_ifval([$3],[$3],[:])
elif test -n "$1" ; then
AC_MSG_CHECKING([SWIG version])
[swig_version=`$SWIG -version 2>&1 | grep 'SWIG Version' | sed 's/.*\([0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\).*/\1/g'`]
AC_MSG_RESULT([$swig_version])
if test -n "$swig_version" ; then
# Calculate the required version number components
[required=$1]
[required_major=`echo $required | sed 's/[^0-9].*//'`]
if test -z "$required_major" ; then
[required_major=0]
fi
[required=`echo $required | sed 's/[0-9]*[^0-9]//'`]
[required_minor=`echo $required | sed 's/[^0-9].*//'`]
if test -z "$required_minor" ; then
[required_minor=0]
fi
[required=`echo $required | sed 's/[0-9]*[^0-9]//'`]
[required_patch=`echo $required | sed 's/[^0-9].*//'`]
if test -z "$required_patch" ; then
[required_patch=0]
fi
# Calculate the available version number components
[available=$swig_version]
[available_major=`echo $available | sed 's/[^0-9].*//'`]
if test -z "$available_major" ; then
[available_major=0]
fi
[available=`echo $available | sed 's/[0-9]*[^0-9]//'`]
[available_minor=`echo $available | sed 's/[^0-9].*//'`]
if test -z "$available_minor" ; then
[available_minor=0]
fi
[available=`echo $available | sed 's/[0-9]*[^0-9]//'`]
[available_patch=`echo $available | sed 's/[^0-9].*//'`]
if test -z "$available_patch" ; then
[available_patch=0]
fi
# Convert the version tuple into a single number for easier comparison.
# Using base 100 should be safe since SWIG internally uses BCD values
# to encode its version number.
required_swig_vernum=`expr $required_major \* 10000 \
\+ $required_minor \* 100 \+ $required_patch`
available_swig_vernum=`expr $available_major \* 10000 \
\+ $available_minor \* 100 \+ $available_patch`
if test $available_swig_vernum -lt $required_swig_vernum; then
AC_MSG_WARN([SWIG version >= $1 is required. You have $swig_version.])
SWIG=''
m4_ifval([$3],[$3],[])
else
AC_MSG_CHECKING([for SWIG library])
SWIG_LIB=`$SWIG -swiglib`
AC_MSG_RESULT([$SWIG_LIB])
m4_ifval([$2],[$2],[])
fi
else
AC_MSG_WARN([cannot determine SWIG version])
SWIG=''
m4_ifval([$3],[$3],[])
fi
fi
AC_SUBST([SWIG_LIB])
])

327
ax_python_devel.m4 Normal file
View File

@ -0,0 +1,327 @@
# ===========================================================================
# http://www.gnu.org/software/autoconf-archive/ax_python_devel.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_PYTHON_DEVEL([version])
#
# DESCRIPTION
#
# Note: Defines as a precious variable "PYTHON_VERSION". Don't override it
# in your configure.ac.
#
# This macro checks for Python and tries to get the include path to
# 'Python.h'. It provides the $(PYTHON_CPPFLAGS) and $(PYTHON_LDFLAGS)
# output variables. It also exports $(PYTHON_EXTRA_LIBS) and
# $(PYTHON_EXTRA_LDFLAGS) for embedding Python in your code.
#
# You can search for some particular version of Python by passing a
# parameter to this macro, for example ">= '2.3.1'", or "== '2.4'". Please
# note that you *have* to pass also an operator along with the version to
# match, and pay special attention to the single quotes surrounding the
# version number. Don't use "PYTHON_VERSION" for this: that environment
# variable is declared as precious and thus reserved for the end-user.
#
# This macro should work for all versions of Python >= 2.1.0. As an end
# user, you can disable the check for the python version by setting the
# PYTHON_NOVERSIONCHECK environment variable to something else than the
# empty string.
#
# If you need to use this macro for an older Python version, please
# contact the authors. We're always open for feedback.
#
# LICENSE
#
# Copyright (c) 2009 Sebastian Huber <sebastian-huber@web.de>
# Copyright (c) 2009 Alan W. Irwin <irwin@beluga.phys.uvic.ca>
# Copyright (c) 2009 Rafael Laboissiere <rafael@laboissiere.net>
# Copyright (c) 2009 Andrew Collier <colliera@ukzn.ac.za>
# Copyright (c) 2009 Matteo Settenvini <matteo@member.fsf.org>
# Copyright (c) 2009 Horst Knorr <hk_classes@knoda.org>
#
# This program is free software: you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation, either version 3 of the License, or (at your
# option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
# Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program. If not, see <http://www.gnu.org/licenses/>.
#
# As a special exception, the respective Autoconf Macro's copyright owner
# gives unlimited permission to copy, distribute and modify the configure
# scripts that are the output of Autoconf when processing the Macro. You
# need not follow the terms of the GNU General Public License when using
# or distributing such scripts, even though portions of the text of the
# Macro appear in them. The GNU General Public License (GPL) does govern
# all other use of the material that constitutes the Autoconf Macro.
#
# This special exception to the GPL applies to versions of the Autoconf
# Macro released by the Autoconf Archive. When you make and distribute a
# modified version of the Autoconf Macro, you may extend this special
# exception to the GPL to apply to your modified version as well.
#serial 8
AU_ALIAS([AC_PYTHON_DEVEL], [AX_PYTHON_DEVEL])
AC_DEFUN([AX_PYTHON_DEVEL],[
#
# Allow the use of a (user set) custom python version
#
AC_ARG_VAR([PYTHON_VERSION],[The installed Python
version to use, for example '2.3'. This string
will be appended to the Python interpreter
canonical name.])
AC_PATH_PROG([PYTHON],[python[$PYTHON_VERSION]])
if test -z "$PYTHON"; then
AC_MSG_ERROR([Cannot find python$PYTHON_VERSION in your system path])
PYTHON_VERSION=""
fi
#
# Check for a version of Python >= 2.1.0
#
AC_MSG_CHECKING([for a version of Python >= '2.1.0'])
ac_supports_python_ver=`$PYTHON -c "import sys; \
ver = sys.version.split ()[[0]]; \
print (ver >= '2.1.0')"`
if test "$ac_supports_python_ver" != "True"; then
if test -z "$PYTHON_NOVERSIONCHECK"; then
AC_MSG_RESULT([no])
AC_MSG_FAILURE([
This version of the AC@&t@_PYTHON_DEVEL macro
doesn't work properly with versions of Python before
2.1.0. You may need to re-run configure, setting the
variables PYTHON_CPPFLAGS, PYTHON_LDFLAGS, PYTHON_SITE_PKG,
PYTHON_EXTRA_LIBS and PYTHON_EXTRA_LDFLAGS by hand.
Moreover, to disable this check, set PYTHON_NOVERSIONCHECK
to something else than an empty string.
])
else
AC_MSG_RESULT([skip at user request])
fi
else
AC_MSG_RESULT([yes])
fi
#
# if the macro parameter ``version'' is set, honour it
#
if test -n "$1"; then
AC_MSG_CHECKING([for a version of Python $1])
ac_supports_python_ver=`$PYTHON -c "import sys; \
ver = sys.version.split ()[[0]]; \
print (ver $1)"`
if test "$ac_supports_python_ver" = "True"; then
AC_MSG_RESULT([yes])
else
AC_MSG_RESULT([no])
AC_MSG_ERROR([this package requires Python $1.
If you have it installed, but it isn't the default Python
interpreter in your system path, please pass the PYTHON_VERSION
variable to configure. See ``configure --help'' for reference.
])
PYTHON_VERSION=""
fi
fi
#
# Check if you have distutils, else fail
#
AC_MSG_CHECKING([for the distutils Python package])
ac_distutils_result=`$PYTHON -c "import distutils" 2>&1`
if test -z "$ac_distutils_result"; then
AC_MSG_RESULT([yes])
else
AC_MSG_RESULT([no])
AC_MSG_ERROR([cannot import Python module "distutils".
Please check your Python installation. The error was:
$ac_distutils_result])
PYTHON_VERSION=""
fi
#
# Check for Python include path
#
AC_MSG_CHECKING([for Python include path])
if test -z "$PYTHON_CPPFLAGS"; then
python_path=`$PYTHON -c "import distutils.sysconfig; \
print (distutils.sysconfig.get_python_inc ());"`
if test -n "${python_path}"; then
python_path="-I$python_path"
fi
PYTHON_CPPFLAGS=$python_path
fi
AC_MSG_RESULT([$PYTHON_CPPFLAGS])
AC_SUBST([PYTHON_CPPFLAGS])
#
# Check for Python library path
#
AC_MSG_CHECKING([for Python library path])
if test -z "$PYTHON_LDFLAGS"; then
# (makes two attempts to ensure we've got a version number
# from the interpreter)
ac_python_version=`cat<<EOD | $PYTHON -
# join all versioning strings, on some systems
# major/minor numbers could be in different list elements
from distutils.sysconfig import *
ret = ''
for e in get_config_vars ('VERSION'):
if (e != None):
ret += e
print (ret)
EOD
`
if test -z "$ac_python_version"; then
if test -n "$PYTHON_VERSION"; then
ac_python_version=$PYTHON_VERSION
else
ac_python_version=`$PYTHON -c "import sys; \
print (sys.version[[:3]])"`
fi
fi
# Make the versioning information available to the compiler
AC_DEFINE_UNQUOTED([HAVE_PYTHON], ["$ac_python_version"],
[If available, contains the Python version number currently in use.])
# First, the library directory:
ac_python_libdir=`cat<<EOD | $PYTHON -
# There should be only one
import distutils.sysconfig
for e in distutils.sysconfig.get_config_vars ('LIBDIR'):
if e != None:
print (e)
break
EOD
`
# Before checking for libpythonX.Y, we need to know
# the extension the OS we're on uses for libraries
# (we take the first one, if there's more than one fix me!):
ac_python_soext=`$PYTHON -c \
"import distutils.sysconfig; \
print (distutils.sysconfig.get_config_vars('SO')[[0]])"`
# Now, for the library:
ac_python_soname=`$PYTHON -c \
"import distutils.sysconfig; \
print (distutils.sysconfig.get_config_vars('LDLIBRARY')[[0]])"`
# Strip away extension from the end to canonicalize its name:
ac_python_library=`echo "$ac_python_soname" | sed "s/${ac_python_soext}$//"`
# This small piece shamelessly adapted from PostgreSQL python macro;
# credits goes to momjian, I think. I'd like to put the right name
# in the credits, if someone can point me in the right direction... ?
#
if test -n "$ac_python_libdir" -a -n "$ac_python_library" \
-a x"$ac_python_library" != x"$ac_python_soname"
then
# use the official shared library
ac_python_library=`echo "$ac_python_library" | sed "s/^lib//"`
PYTHON_LDFLAGS="-L$ac_python_libdir -l$ac_python_library"
else
# old way: use libpython from python_configdir
ac_python_libdir=`$PYTHON -c \
"from distutils.sysconfig import get_python_lib as f; \
import os; \
print (os.path.join(f(plat_specific=1, standard_lib=1), 'config'));"`
PYTHON_LDFLAGS="-L$ac_python_libdir -lpython$ac_python_version"
fi
if test -z "PYTHON_LDFLAGS"; then
AC_MSG_ERROR([
Cannot determine location of your Python DSO. Please check it was installed with
dynamic libraries enabled, or try setting PYTHON_LDFLAGS by hand.
])
fi
fi
AC_MSG_RESULT([$PYTHON_LDFLAGS])
AC_SUBST([PYTHON_LDFLAGS])
#
# Check for site packages
#
AC_MSG_CHECKING([for Python site-packages path])
if test -z "$PYTHON_SITE_PKG"; then
PYTHON_SITE_PKG=`$PYTHON -c "import distutils.sysconfig; \
print (distutils.sysconfig.get_python_lib(1,0));"`
fi
AC_MSG_RESULT([$PYTHON_SITE_PKG])
AC_SUBST([PYTHON_SITE_PKG])
#
# libraries which must be linked in when embedding
#
AC_MSG_CHECKING(python extra libraries)
if test -z "$PYTHON_EXTRA_LIBS"; then
PYTHON_EXTRA_LIBS=`$PYTHON -c "import distutils.sysconfig; \
conf = distutils.sysconfig.get_config_var; \
print (conf('LOCALMODLIBS') + ' ' + conf('LIBS'))"`
fi
AC_MSG_RESULT([$PYTHON_EXTRA_LIBS])
AC_SUBST(PYTHON_EXTRA_LIBS)
#
# linking flags needed when embedding
#
AC_MSG_CHECKING(python extra linking flags)
if test -z "$PYTHON_EXTRA_LDFLAGS"; then
PYTHON_EXTRA_LDFLAGS=`$PYTHON -c "import distutils.sysconfig; \
conf = distutils.sysconfig.get_config_var; \
print (conf('LINKFORSHARED'))"`
fi
AC_MSG_RESULT([$PYTHON_EXTRA_LDFLAGS])
AC_SUBST(PYTHON_EXTRA_LDFLAGS)
#
# final check to see if everything compiles alright
#
AC_MSG_CHECKING([consistency of all components of python development environment])
# save current global flags
ac_save_LIBS="$LIBS"
ac_save_CPPFLAGS="$CPPFLAGS"
LIBS="$ac_save_LIBS $PYTHON_LDFLAGS $PYTHON_EXTRA_LDFLAGS $PYTHON_EXTRA_LIBS"
CPPFLAGS="$ac_save_CPPFLAGS $PYTHON_CPPFLAGS"
AC_LANG_PUSH([C])
AC_LINK_IFELSE([
AC_LANG_PROGRAM([[#include <Python.h>]],
[[Py_Initialize();]])
],[pythonexists=yes],[pythonexists=no])
AC_LANG_POP([C])
# turn back to default flags
CPPFLAGS="$ac_save_CPPFLAGS"
LIBS="$ac_save_LIBS"
AC_MSG_RESULT([$pythonexists])
if test ! "x$pythonexists" = "xyes"; then
AC_MSG_FAILURE([
Could not link test program to Python. Maybe the main Python library has been
installed in some non-standard library path. If so, pass it to configure,
via the LDFLAGS environment variable.
Example: ./configure LDFLAGS="-L/usr/non-standard-path/python/lib"
============================================================================
ERROR!
You probably have to install the development version of the Python package
for your distribution. The exact name of this package varies among them.
============================================================================
])
PYTHON_VERSION=""
fi
#
# all done!
#
])

176
buffer.c Normal file
View File

@ -0,0 +1,176 @@
/*
* buffer.c -- generic memory buffer .
*
* Copyright (c) 2001-2008, NLnet Labs. All rights reserved.
*
* See LICENSE for the license.
*
*/
#include <ldns/config.h>
#include <ldns/ldns.h>
#include <ldns/buffer.h>
ldns_buffer *
ldns_buffer_new(size_t capacity)
{
ldns_buffer *buffer = LDNS_MALLOC(ldns_buffer);
if (!buffer) {
return NULL;
}
buffer->_data = (uint8_t *) LDNS_XMALLOC(uint8_t, capacity);
if (!buffer->_data) {
LDNS_FREE(buffer);
return NULL;
}
buffer->_position = 0;
buffer->_limit = buffer->_capacity = capacity;
buffer->_fixed = 0;
buffer->_status = LDNS_STATUS_OK;
ldns_buffer_invariant(buffer);
return buffer;
}
void
ldns_buffer_new_frm_data(ldns_buffer *buffer, void *data, size_t size)
{
assert(data != NULL);
buffer->_position = 0;
buffer->_limit = buffer->_capacity = size;
buffer->_fixed = 0;
buffer->_data = LDNS_XMALLOC(uint8_t, size);
if(!buffer->_data) {
buffer->_status = LDNS_STATUS_MEM_ERR;
return;
}
memcpy(buffer->_data, data, size);
buffer->_status = LDNS_STATUS_OK;
ldns_buffer_invariant(buffer);
}
bool
ldns_buffer_set_capacity(ldns_buffer *buffer, size_t capacity)
{
void *data;
ldns_buffer_invariant(buffer);
assert(buffer->_position <= capacity);
data = (uint8_t *) LDNS_XREALLOC(buffer->_data, uint8_t, capacity);
if (!data) {
buffer->_status = LDNS_STATUS_MEM_ERR;
return false;
} else {
buffer->_data = data;
buffer->_limit = buffer->_capacity = capacity;
return true;
}
}
bool
ldns_buffer_reserve(ldns_buffer *buffer, size_t amount)
{
ldns_buffer_invariant(buffer);
assert(!buffer->_fixed);
if (buffer->_capacity < buffer->_position + amount) {
size_t new_capacity = buffer->_capacity * 3 / 2;
if (new_capacity < buffer->_position + amount) {
new_capacity = buffer->_position + amount;
}
if (!ldns_buffer_set_capacity(buffer, new_capacity)) {
buffer->_status = LDNS_STATUS_MEM_ERR;
return false;
}
}
buffer->_limit = buffer->_capacity;
return true;
}
int
ldns_buffer_printf(ldns_buffer *buffer, const char *format, ...)
{
va_list args;
int written = 0;
size_t remaining;
if (ldns_buffer_status_ok(buffer)) {
ldns_buffer_invariant(buffer);
assert(buffer->_limit == buffer->_capacity);
remaining = ldns_buffer_remaining(buffer);
va_start(args, format);
written = vsnprintf((char *) ldns_buffer_current(buffer), remaining,
format, args);
va_end(args);
if (written == -1) {
buffer->_status = LDNS_STATUS_INTERNAL_ERR;
return -1;
} else if ((size_t) written >= remaining) {
if (!ldns_buffer_reserve(buffer, (size_t) written + 1)) {
buffer->_status = LDNS_STATUS_MEM_ERR;
return -1;
}
va_start(args, format);
written = vsnprintf((char *) ldns_buffer_current(buffer),
ldns_buffer_remaining(buffer), format, args);
va_end(args);
if (written == -1) {
buffer->_status = LDNS_STATUS_INTERNAL_ERR;
return -1;
}
}
buffer->_position += written;
}
return written;
}
void
ldns_buffer_free(ldns_buffer *buffer)
{
if (!buffer) {
return;
}
LDNS_FREE(buffer->_data);
LDNS_FREE(buffer);
}
void *
ldns_buffer_export(ldns_buffer *buffer)
{
buffer->_fixed = 1;
return buffer->_data;
}
int
ldns_bgetc(ldns_buffer *buffer)
{
if (!ldns_buffer_available_at(buffer, buffer->_position, sizeof(uint8_t))) {
ldns_buffer_set_position(buffer, ldns_buffer_limit(buffer));
/* ldns_buffer_rewind(buffer);*/
return EOF;
}
return (int)ldns_buffer_read_u8(buffer);
}
void
ldns_buffer_copy(ldns_buffer* result, ldns_buffer* from)
{
size_t tocopy = ldns_buffer_limit(from);
if(tocopy > ldns_buffer_capacity(result))
tocopy = ldns_buffer_capacity(result);
ldns_buffer_clear(result);
ldns_buffer_write(result, ldns_buffer_begin(from), tocopy);
ldns_buffer_flip(result);
}

333
compat/b32_ntop.c Normal file
View File

@ -0,0 +1,333 @@
/*
* Copyright (c) 1996, 1998 by Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/
/*
* Portions Copyright (c) 1995 by International Business Machines, Inc.
*
* International Business Machines, Inc. (hereinafter called IBM) grants
* permission under its copyrights to use, copy, modify, and distribute this
* Software with or without fee, provided that the above copyright notice and
* all paragraphs of this notice appear in all copies, and that the name of IBM
* not be used in connection with the marketing of any product incorporating
* the Software or modifications thereof, without specific, written prior
* permission.
*
* To the extent it has a right to do so, IBM grants an immunity from suit
* under its patents, if any, for the use, sale or manufacture of products to
* the extent that such products are used for performing Domain Name System
* dynamic updates in TCP/IP networks by means of the Software. No immunity is
* granted for any product per se or for any other function of any product.
*
* THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
* INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
* PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
* DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
* IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
*/
#include <ldns/config.h>
#include <sys/types.h>
#include <sys/param.h>
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
static const char Base32[] =
"abcdefghijklmnopqrstuvwxyz234567";
/* "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";*/
/* 00000000001111111111222222222233
01234567890123456789012345678901*/
static const char Base32_extended_hex[] =
/* "0123456789ABCDEFGHIJKLMNOPQRSTUV";*/
"0123456789abcdefghijklmnopqrstuv";
static const char Pad32 = '=';
/* (From RFC3548 and draft-josefsson-rfc3548bis-00.txt)
5. Base 32 Encoding
The Base 32 encoding is designed to represent arbitrary sequences of
octets in a form that needs to be case insensitive but need not be
humanly readable.
A 33-character subset of US-ASCII is used, enabling 5 bits to be
represented per printable character. (The extra 33rd character, "=",
is used to signify a special processing function.)
The encoding process represents 40-bit groups of input bits as output
strings of 8 encoded characters. Proceeding from left to right, a
40-bit input group is formed by concatenating 5 8bit input groups.
These 40 bits are then treated as 8 concatenated 5-bit groups, each
of which is translated into a single digit in the base 32 alphabet.
When encoding a bit stream via the base 32 encoding, the bit stream
must be presumed to be ordered with the most-significant-bit first.
That is, the first bit in the stream will be the high-order bit in
the first 8bit byte, and the eighth bit will be the low-order bit in
the first 8bit byte, and so on.
Each 5-bit group is used as an index into an array of 32 printable
characters. The character referenced by the index is placed in the
output string. These characters, identified in Table 3, below, are
selected from US-ASCII digits and uppercase letters.
Table 3: The Base 32 Alphabet
Value Encoding Value Encoding Value Encoding Value Encoding
0 A 9 J 18 S 27 3
1 B 10 K 19 T 28 4
2 C 11 L 20 U 29 5
3 D 12 M 21 V 30 6
4 E 13 N 22 W 31 7
5 F 14 O 23 X
6 G 15 P 24 Y (pad) =
7 H 16 Q 25 Z
8 I 17 R 26 2
Special processing is performed if fewer than 40 bits are available
at the end of the data being encoded. A full encoding quantum is
always completed at the end of a body. When fewer than 40 input bits
are available in an input group, zero bits are added (on the right)
to form an integral number of 5-bit groups. Padding at the end of
the data is performed using the "=" character. Since all base 32
input is an integral number of octets, only the following cases can
arise:
(1) the final quantum of encoding input is an integral multiple of 40
bits; here, the final unit of encoded output will be an integral
multiple of 8 characters with no "=" padding,
(2) the final quantum of encoding input is exactly 8 bits; here, the
final unit of encoded output will be two characters followed by six
"=" padding characters,
(3) the final quantum of encoding input is exactly 16 bits; here, the
final unit of encoded output will be four characters followed by four
"=" padding characters,
(4) the final quantum of encoding input is exactly 24 bits; here, the
final unit of encoded output will be five characters followed by
three "=" padding characters, or
(5) the final quantum of encoding input is exactly 32 bits; here, the
final unit of encoded output will be seven characters followed by one
"=" padding character.
6. Base 32 Encoding with Extended Hex Alphabet
The following description of base 32 is due to [7]. This encoding
should not be regarded as the same as the "base32" encoding, and
should not be referred to as only "base32".
One property with this alphabet, that the base64 and base32 alphabet
lack, is that encoded data maintain its sort order when the encoded
data is compared bit-wise.
This encoding is identical to the previous one, except for the
alphabet. The new alphabet is found in table 4.
Table 4: The "Extended Hex" Base 32 Alphabet
Value Encoding Value Encoding Value Encoding Value Encoding
0 0 9 9 18 I 27 R
1 1 10 A 19 J 28 S
2 2 11 B 20 K 29 T
3 3 12 C 21 L 30 U
4 4 13 D 22 M 31 V
5 5 14 E 23 N
6 6 15 F 24 O (pad) =
7 7 16 G 25 P
8 8 17 H 26 Q
*/
int
ldns_b32_ntop_ar(uint8_t const *src, size_t srclength, char *target, size_t targsize, const char B32_ar[]) {
size_t datalength = 0;
uint8_t input[5];
uint8_t output[8];
size_t i;
memset(output, 0, 8);
while (4 < srclength) {
input[0] = *src++;
input[1] = *src++;
input[2] = *src++;
input[3] = *src++;
input[4] = *src++;
srclength -= 5;
output[0] = (input[0] & 0xf8) >> 3;
output[1] = ((input[0] & 0x07) << 2) + ((input[1] & 0xc0) >> 6);
output[2] = (input[1] & 0x3e) >> 1;
output[3] = ((input[1] & 0x01) << 4) + ((input[2] & 0xf0) >> 4);
output[4] = ((input[2] & 0x0f) << 1) + ((input[3] & 0x80) >> 7);
output[5] = (input[3] & 0x7c) >> 2;
output[6] = ((input[3] & 0x03) << 3) + ((input[4] & 0xe0) >> 5);
output[7] = (input[4] & 0x1f);
assert(output[0] < 32);
assert(output[1] < 32);
assert(output[2] < 32);
assert(output[3] < 32);
assert(output[4] < 32);
assert(output[5] < 32);
assert(output[6] < 32);
assert(output[7] < 32);
if (datalength + 8 > targsize) {
return (-1);
}
target[datalength++] = B32_ar[output[0]];
target[datalength++] = B32_ar[output[1]];
target[datalength++] = B32_ar[output[2]];
target[datalength++] = B32_ar[output[3]];
target[datalength++] = B32_ar[output[4]];
target[datalength++] = B32_ar[output[5]];
target[datalength++] = B32_ar[output[6]];
target[datalength++] = B32_ar[output[7]];
}
/* Now we worry about padding. */
if (0 != srclength) {
/* Get what's left. */
input[0] = input[1] = input[2] = input[3] = input[4] = (uint8_t) '\0';
for (i = 0; i < srclength; i++)
input[i] = *src++;
output[0] = (input[0] & 0xf8) >> 3;
assert(output[0] < 32);
if (srclength >= 1) {
output[1] = ((input[0] & 0x07) << 2) + ((input[1] & 0xc0) >> 6);
assert(output[1] < 32);
output[2] = (input[1] & 0x3e) >> 1;
assert(output[2] < 32);
}
if (srclength >= 2) {
output[3] = ((input[1] & 0x01) << 4) + ((input[2] & 0xf0) >> 4);
assert(output[3] < 32);
}
if (srclength >= 3) {
output[4] = ((input[2] & 0x0f) << 1) + ((input[3] & 0x80) >> 7);
assert(output[4] < 32);
output[5] = (input[3] & 0x7c) >> 2;
assert(output[5] < 32);
}
if (srclength >= 4) {
output[6] = ((input[3] & 0x03) << 3) + ((input[4] & 0xe0) >> 5);
assert(output[6] < 32);
}
if (datalength + 1 > targsize) {
return (-2);
}
target[datalength++] = B32_ar[output[0]];
if (srclength >= 1) {
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = B32_ar[output[1]];
if (srclength == 1 && output[2] == 0) {
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = Pad32;
} else {
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = B32_ar[output[2]];
}
} else {
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = Pad32;
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = Pad32;
}
if (srclength >= 2) {
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = B32_ar[output[3]];
} else {
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = Pad32;
}
if (srclength >= 3) {
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = B32_ar[output[4]];
if (srclength == 3 && output[5] == 0) {
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = Pad32;
} else {
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = B32_ar[output[5]];
}
} else {
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = Pad32;
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = Pad32;
}
if (srclength >= 4) {
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = B32_ar[output[6]];
} else {
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = Pad32;
}
if (datalength + 1 > targsize) { return (-2); }
target[datalength++] = Pad32;
}
if (datalength+1 > targsize) {
return (int) (datalength);
}
target[datalength] = '\0'; /* Returned value doesn't count \0. */
return (int) (datalength);
}
int
ldns_b32_ntop(uint8_t const *src, size_t srclength, char *target, size_t targsize) {
return ldns_b32_ntop_ar(src, srclength, target, targsize, Base32);
}
/* deprecated, here for backwards compatibility */
int
b32_ntop(uint8_t const *src, size_t srclength, char *target, size_t targsize) {
return ldns_b32_ntop_ar(src, srclength, target, targsize, Base32);
}
int
ldns_b32_ntop_extended_hex(uint8_t const *src, size_t srclength, char *target, size_t targsize) {
return ldns_b32_ntop_ar(src, srclength, target, targsize, Base32_extended_hex);
}
/* deprecated, here for backwards compatibility */
int
b32_ntop_extended_hex(uint8_t const *src, size_t srclength, char *target, size_t targsize) {
return ldns_b32_ntop_ar(src, srclength, target, targsize, Base32_extended_hex);
}

387
compat/b32_pton.c Normal file
View File

@ -0,0 +1,387 @@
/*
* Copyright (c) 1996, 1998 by Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/
/*
* Portions Copyright (c) 1995 by International Business Machines, Inc.
*
* International Business Machines, Inc. (hereinafter called IBM) grants
* permission under its copyrights to use, copy, modify, and distribute this
* Software with or without fee, provided that the above copyright notice and
* all paragraphs of this notice appear in all copies, and that the name of IBM
* not be used in connection with the marketing of any product incorporating
* the Software or modifications thereof, without specific, written prior
* permission.
*
* To the extent it has a right to do so, IBM grants an immunity from suit
* under its patents, if any, for the use, sale or manufacture of products to
* the extent that such products are used for performing Domain Name System
* dynamic updates in TCP/IP networks by means of the Software. No immunity is
* granted for any product per se or for any other function of any product.
*
* THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
* INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
* PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
* DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
* IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
*/
#include <ldns/config.h>
#include <sys/types.h>
#include <sys/param.h>
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
/* "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";*/
static const char Base32[] =
"abcdefghijklmnopqrstuvwxyz234567";
/* "0123456789ABCDEFGHIJKLMNOPQRSTUV";*/
static const char Base32_extended_hex[] =
"0123456789abcdefghijklmnopqrstuv";
static const char Pad32 = '=';
/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt)
5. Base 32 Encoding
The Base 32 encoding is designed to represent arbitrary sequences of
octets in a form that needs to be case insensitive but need not be
humanly readable.
A 33-character subset of US-ASCII is used, enabling 5 bits to be
represented per printable character. (The extra 33rd character, "=",
is used to signify a special processing function.)
The encoding process represents 40-bit groups of input bits as output
strings of 8 encoded characters. Proceeding from left to right, a
40-bit input group is formed by concatenating 5 8bit input groups.
These 40 bits are then treated as 8 concatenated 5-bit groups, each
of which is translated into a single digit in the base 32 alphabet.
When encoding a bit stream via the base 32 encoding, the bit stream
must be presumed to be ordered with the most-significant-bit first.
That is, the first bit in the stream will be the high-order bit in
the first 8bit byte, and the eighth bit will be the low-order bit in
the first 8bit byte, and so on.
Each 5-bit group is used as an index into an array of 32 printable
characters. The character referenced by the index is placed in the
output string. These characters, identified in Table 3, below, are
selected from US-ASCII digits and uppercase letters.
Table 3: The Base 32 Alphabet
Value Encoding Value Encoding Value Encoding Value Encoding
0 A 9 J 18 S 27 3
1 B 10 K 19 T 28 4
2 C 11 L 20 U 29 5
3 D 12 M 21 V 30 6
4 E 13 N 22 W 31 7
5 F 14 O 23 X
6 G 15 P 24 Y (pad) =
7 H 16 Q 25 Z
8 I 17 R 26 2
Special processing is performed if fewer than 40 bits are available
at the end of the data being encoded. A full encoding quantum is
always completed at the end of a body. When fewer than 40 input bits
are available in an input group, zero bits are added (on the right)
to form an integral number of 5-bit groups. Padding at the end of
the data is performed using the "=" character. Since all base 32
input is an integral number of octets, only the following cases can
arise:
(1) the final quantum of encoding input is an integral multiple of 40
bits; here, the final unit of encoded output will be an integral
multiple of 8 characters with no "=" padding,
(2) the final quantum of encoding input is exactly 8 bits; here, the
final unit of encoded output will be two characters followed by six
"=" padding characters,
(3) the final quantum of encoding input is exactly 16 bits; here, the
final unit of encoded output will be four characters followed by four
"=" padding characters,
(4) the final quantum of encoding input is exactly 24 bits; here, the
final unit of encoded output will be five characters followed by
three "=" padding characters, or
(5) the final quantum of encoding input is exactly 32 bits; here, the
final unit of encoded output will be seven characters followed by one
"=" padding character.
6. Base 32 Encoding with Extended Hex Alphabet
The following description of base 32 is due to [7]. This encoding
should not be regarded as the same as the "base32" encoding, and
should not be referred to as only "base32".
One property with this alphabet, that the base32 and base32 alphabet
lack, is that encoded data maintain its sort order when the encoded
data is compared bit-wise.
This encoding is identical to the previous one, except for the
alphabet. The new alphabet is found in table 4.
Table 4: The "Extended Hex" Base 32 Alphabet
Value Encoding Value Encoding Value Encoding Value Encoding
0 0 9 9 18 I 27 R
1 1 10 A 19 J 28 S
2 2 11 B 20 K 29 T
3 3 12 C 21 L 30 U
4 4 13 D 22 M 31 V
5 5 14 E 23 N
6 6 15 F 24 O (pad) =
7 7 16 G 25 P
8 8 17 H 26 Q
*/
/* skips all whitespace anywhere.
converts characters, four at a time, starting at (or after)
src from base - 32 numbers into three 8 bit bytes in the target area.
it returns the number of data bytes stored at the target, or -1 on error.
*/
int
ldns_b32_pton_ar(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize, const char B32_ar[])
{
int tarindex, state, ch;
char *pos;
int i = 0;
state = 0;
tarindex = 0;
while ((ch = *src++) != '\0' && (i == 0 || i < (int) hashed_owner_str_len)) {
i++;
ch = tolower(ch);
if (isspace((unsigned char)ch)) /* Skip whitespace anywhere. */
continue;
if (ch == Pad32)
break;
pos = strchr(B32_ar, ch);
if (pos == 0) {
/* A non-base32 character. */
return (-ch);
}
switch (state) {
case 0:
if (target) {
if ((size_t)tarindex >= targsize) {
return (-2);
}
target[tarindex] = (pos - B32_ar) << 3;
}
state = 1;
break;
case 1:
if (target) {
if ((size_t)tarindex + 1 >= targsize) {
return (-3);
}
target[tarindex] |= (pos - B32_ar) >> 2;
target[tarindex+1] = ((pos - B32_ar) & 0x03)
<< 6 ;
}
tarindex++;
state = 2;
break;
case 2:
if (target) {
if ((size_t)tarindex + 1 >= targsize) {
return (-4);
}
target[tarindex] |= (pos - B32_ar) << 1;
}
/*tarindex++;*/
state = 3;
break;
case 3:
if (target) {
if ((size_t)tarindex + 1 >= targsize) {
return (-5);
}
target[tarindex] |= (pos - B32_ar) >> 4;
target[tarindex+1] = ((pos - B32_ar) & 0x0f) << 4 ;
}
tarindex++;
state = 4;
break;
case 4:
if (target) {
if ((size_t)tarindex + 1 >= targsize) {
return (-6);
}
target[tarindex] |= (pos - B32_ar) >> 1;
target[tarindex+1] = ((pos - B32_ar) & 0x01)
<< 7 ;
}
tarindex++;
state = 5;
break;
case 5:
if (target) {
if ((size_t)tarindex + 1 >= targsize) {
return (-7);
}
target[tarindex] |= (pos - B32_ar) << 2;
}
state = 6;
break;
case 6:
if (target) {
if ((size_t)tarindex + 1 >= targsize) {
return (-8);
}
target[tarindex] |= (pos - B32_ar) >> 3;
target[tarindex+1] = ((pos - B32_ar) & 0x07)
<< 5 ;
}
tarindex++;
state = 7;
break;
case 7:
if (target) {
if ((size_t)tarindex + 1 >= targsize) {
return (-9);
}
target[tarindex] |= (pos - B32_ar);
}
tarindex++;
state = 0;
break;
default:
abort();
}
}
/*
* We are done decoding Base-32 chars. Let's see if we ended
* on a byte boundary, and/or with erroneous trailing characters.
*/
if (ch == Pad32) { /* We got a pad char. */
ch = *src++; /* Skip it, get next. */
switch (state) {
case 0: /* Invalid = in first position */
case 1: /* Invalid = in second position */
return (-10);
case 2: /* Valid, means one byte of info */
case 3:
/* Skip any number of spaces. */
for ((void)NULL; ch != '\0'; ch = *src++)
if (!isspace((unsigned char)ch))
break;
/* Make sure there is another trailing = sign. */
if (ch != Pad32) {
return (-11);
}
ch = *src++; /* Skip the = */
/* Fall through to "single trailing =" case. */
/* FALLTHROUGH */
case 4: /* Valid, means two bytes of info */
case 5:
case 6:
/*
* We know this char is an =. Is there anything but
* whitespace after it?
*/
for ((void)NULL; ch != '\0'; ch = *src++)
if (!(isspace((unsigned char)ch) || ch == '=')) {
return (-12);
}
case 7: /* Valid, means three bytes of info */
/*
* We know this char is an =. Is there anything but
* whitespace after it?
*/
for ((void)NULL; ch != '\0'; ch = *src++)
if (!isspace((unsigned char)ch)) {
return (-13);
}
/*
* Now make sure for cases 2 and 3 that the "extra"
* bits that slopped past the last full byte were
* zeros. If we don't check them, they become a
* subliminal channel.
*/
if (target && target[tarindex] != 0) {
return (-14);
}
}
} else {
/*
* We ended by seeing the end of the string. Make sure we
* have no partial bytes lying around.
*/
if (state != 0)
return (-15);
}
return (tarindex);
}
int
ldns_b32_pton(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize)
{
return ldns_b32_pton_ar(src, hashed_owner_str_len, target, targsize, Base32);
}
/* deprecated, here for backwards compatibility */
int
b32_pton(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize)
{
return ldns_b32_pton_ar(src, hashed_owner_str_len, target, targsize, Base32);
}
int
ldns_b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize)
{
return ldns_b32_pton_ar(src, hashed_owner_str_len, target, targsize, Base32_extended_hex);
}
/* deprecated, here for backwards compatibility */
int
b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize)
{
return ldns_b32_pton_ar(src, hashed_owner_str_len, target, targsize, Base32_extended_hex);
}

202
compat/b64_ntop.c Normal file
View File

@ -0,0 +1,202 @@
/*
* Copyright (c) 1996, 1998 by Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/
/*
* Portions Copyright (c) 1995 by International Business Machines, Inc.
*
* International Business Machines, Inc. (hereinafter called IBM) grants
* permission under its copyrights to use, copy, modify, and distribute this
* Software with or without fee, provided that the above copyright notice and
* all paragraphs of this notice appear in all copies, and that the name of IBM
* not be used in connection with the marketing of any product incorporating
* the Software or modifications thereof, without specific, written prior
* permission.
*
* To the extent it has a right to do so, IBM grants an immunity from suit
* under its patents, if any, for the use, sale or manufacture of products to
* the extent that such products are used for performing Domain Name System
* dynamic updates in TCP/IP networks by means of the Software. No immunity is
* granted for any product per se or for any other function of any product.
*
* THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
* INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
* PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
* DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
* IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
*/
#include <ldns/config.h>
#include <sys/types.h>
#include <sys/param.h>
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define Assert(Cond) if (!(Cond)) abort()
static const char Base64[] =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static const char Pad64 = '=';
/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt)
The following encoding technique is taken from RFC 1521 by Borenstein
and Freed. It is reproduced here in a slightly edited form for
convenience.
A 65-character subset of US-ASCII is used, enabling 6 bits to be
represented per printable character. (The extra 65th character, "=",
is used to signify a special processing function.)
The encoding process represents 24-bit groups of input bits as output
strings of 4 encoded characters. Proceeding from left to right, a
24-bit input group is formed by concatenating 3 8-bit input groups.
These 24 bits are then treated as 4 concatenated 6-bit groups, each
of which is translated into a single digit in the base64 alphabet.
Each 6-bit group is used as an index into an array of 64 printable
characters. The character referenced by the index is placed in the
output string.
Table 1: The Base64 Alphabet
Value Encoding Value Encoding Value Encoding Value Encoding
0 A 17 R 34 i 51 z
1 B 18 S 35 j 52 0
2 C 19 T 36 k 53 1
3 D 20 U 37 l 54 2
4 E 21 V 38 m 55 3
5 F 22 W 39 n 56 4
6 G 23 X 40 o 57 5
7 H 24 Y 41 p 58 6
8 I 25 Z 42 q 59 7
9 J 26 a 43 r 60 8
10 K 27 b 44 s 61 9
11 L 28 c 45 t 62 +
12 M 29 d 46 u 63 /
13 N 30 e 47 v
14 O 31 f 48 w (pad) =
15 P 32 g 49 x
16 Q 33 h 50 y
Special processing is performed if fewer than 24 bits are available
at the end of the data being encoded. A full encoding quantum is
always completed at the end of a quantity. When fewer than 24 input
bits are available in an input group, zero bits are added (on the
right) to form an integral number of 6-bit groups. Padding at the
end of the data is performed using the '=' character.
Since all base64 input is an integral number of octets, only the
-------------------------------------------------
following cases can arise:
(1) the final quantum of encoding input is an integral
multiple of 24 bits; here, the final unit of encoded
output will be an integral multiple of 4 characters
with no "=" padding,
(2) the final quantum of encoding input is exactly 8 bits;
here, the final unit of encoded output will be two
characters followed by two "=" padding characters, or
(3) the final quantum of encoding input is exactly 16 bits;
here, the final unit of encoded output will be three
characters followed by one "=" padding character.
*/
int
ldns_b64_ntop(uint8_t const *src, size_t srclength, char *target, size_t targsize) {
size_t datalength = 0;
uint8_t input[3];
uint8_t output[4];
size_t i;
if (srclength == 0) {
if (targsize > 0) {
target[0] = '\0';
return 0;
} else {
return -1;
}
}
while (2 < srclength) {
input[0] = *src++;
input[1] = *src++;
input[2] = *src++;
srclength -= 3;
output[0] = input[0] >> 2;
output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
output[3] = input[2] & 0x3f;
Assert(output[0] < 64);
Assert(output[1] < 64);
Assert(output[2] < 64);
Assert(output[3] < 64);
if (datalength + 4 > targsize) {
return (-1);
}
target[datalength++] = Base64[output[0]];
target[datalength++] = Base64[output[1]];
target[datalength++] = Base64[output[2]];
target[datalength++] = Base64[output[3]];
}
/* Now we worry about padding. */
if (0 != srclength) {
/* Get what's left. */
input[0] = input[1] = input[2] = (uint8_t) '\0';
for (i = 0; i < srclength; i++)
input[i] = *src++;
output[0] = input[0] >> 2;
output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
Assert(output[0] < 64);
Assert(output[1] < 64);
Assert(output[2] < 64);
if (datalength + 4 > targsize) {
return (-2);
}
target[datalength++] = Base64[output[0]];
target[datalength++] = Base64[output[1]];
if (srclength == 1) {
target[datalength++] = Pad64;
} else {
target[datalength++] = Base64[output[2]];
}
target[datalength++] = Pad64;
}
if (datalength >= targsize) {
return (-3);
}
target[datalength] = '\0'; /* Returned value doesn't count \0. */
return (int) (datalength);
}

260
compat/b64_pton.c Normal file
View File

@ -0,0 +1,260 @@
/*
* Copyright (c) 1996, 1998 by Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/
/*
* Portions Copyright (c) 1995 by International Business Machines, Inc.
*
* International Business Machines, Inc. (hereinafter called IBM) grants
* permission under its copyrights to use, copy, modify, and distribute this
* Software with or without fee, provided that the above copyright notice and
* all paragraphs of this notice appear in all copies, and that the name of IBM
* not be used in connection with the marketing of any product incorporating
* the Software or modifications thereof, without specific, written prior
* permission.
*
* To the extent it has a right to do so, IBM grants an immunity from suit
* under its patents, if any, for the use, sale or manufacture of products to
* the extent that such products are used for performing Domain Name System
* dynamic updates in TCP/IP networks by means of the Software. No immunity is
* granted for any product per se or for any other function of any product.
*
* THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
* INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
* PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
* DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
* IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
*/
#include <ldns/config.h>
#include <sys/types.h>
#include <sys/param.h>
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define Assert(Cond) if (!(Cond)) abort()
static const char Base64[] =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static const char Pad64 = '=';
/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt)
The following encoding technique is taken from RFC 1521 by Borenstein
and Freed. It is reproduced here in a slightly edited form for
convenience.
A 65-character subset of US-ASCII is used, enabling 6 bits to be
represented per printable character. (The extra 65th character, "=",
is used to signify a special processing function.)
The encoding process represents 24-bit groups of input bits as output
strings of 4 encoded characters. Proceeding from left to right, a
24-bit input group is formed by concatenating 3 8-bit input groups.
These 24 bits are then treated as 4 concatenated 6-bit groups, each
of which is translated into a single digit in the base64 alphabet.
Each 6-bit group is used as an index into an array of 64 printable
characters. The character referenced by the index is placed in the
output string.
Table 1: The Base64 Alphabet
Value Encoding Value Encoding Value Encoding Value Encoding
0 A 17 R 34 i 51 z
1 B 18 S 35 j 52 0
2 C 19 T 36 k 53 1
3 D 20 U 37 l 54 2
4 E 21 V 38 m 55 3
5 F 22 W 39 n 56 4
6 G 23 X 40 o 57 5
7 H 24 Y 41 p 58 6
8 I 25 Z 42 q 59 7
9 J 26 a 43 r 60 8
10 K 27 b 44 s 61 9
11 L 28 c 45 t 62 +
12 M 29 d 46 u 63 /
13 N 30 e 47 v
14 O 31 f 48 w (pad) =
15 P 32 g 49 x
16 Q 33 h 50 y
Special processing is performed if fewer than 24 bits are available
at the end of the data being encoded. A full encoding quantum is
always completed at the end of a quantity. When fewer than 24 input
bits are available in an input group, zero bits are added (on the
right) to form an integral number of 6-bit groups. Padding at the
end of the data is performed using the '=' character.
Since all base64 input is an integral number of octets, only the
-------------------------------------------------
following cases can arise:
(1) the final quantum of encoding input is an integral
multiple of 24 bits; here, the final unit of encoded
output will be an integral multiple of 4 characters
with no "=" padding,
(2) the final quantum of encoding input is exactly 8 bits;
here, the final unit of encoded output will be two
characters followed by two "=" padding characters, or
(3) the final quantum of encoding input is exactly 16 bits;
here, the final unit of encoded output will be three
characters followed by one "=" padding character.
*/
/* skips all whitespace anywhere.
converts characters, four at a time, starting at (or after)
src from base - 64 numbers into three 8 bit bytes in the target area.
it returns the number of data bytes stored at the target, or -1 on error.
*/
int
ldns_b64_pton(char const *src, uint8_t *target, size_t targsize)
{
int tarindex, state, ch;
char *pos;
state = 0;
tarindex = 0;
if (strlen(src) == 0) {
return 0;
}
while ((ch = *src++) != '\0') {
if (isspace((unsigned char)ch)) /* Skip whitespace anywhere. */
continue;
if (ch == Pad64)
break;
pos = strchr(Base64, ch);
if (pos == 0) {
/* A non-base64 character. */
return (-1);
}
switch (state) {
case 0:
if (target) {
if ((size_t)tarindex >= targsize)
return (-1);
target[tarindex] = (pos - Base64) << 2;
}
state = 1;
break;
case 1:
if (target) {
if ((size_t)tarindex + 1 >= targsize)
return (-1);
target[tarindex] |= (pos - Base64) >> 4;
target[tarindex+1] = ((pos - Base64) & 0x0f)
<< 4 ;
}
tarindex++;
state = 2;
break;
case 2:
if (target) {
if ((size_t)tarindex + 1 >= targsize)
return (-1);
target[tarindex] |= (pos - Base64) >> 2;
target[tarindex+1] = ((pos - Base64) & 0x03)
<< 6;
}
tarindex++;
state = 3;
break;
case 3:
if (target) {
if ((size_t)tarindex >= targsize)
return (-1);
target[tarindex] |= (pos - Base64);
}
tarindex++;
state = 0;
break;
default:
abort();
}
}
/*
* We are done decoding Base-64 chars. Let's see if we ended
* on a byte boundary, and/or with erroneous trailing characters.
*/
if (ch == Pad64) { /* We got a pad char. */
ch = *src++; /* Skip it, get next. */
switch (state) {
case 0: /* Invalid = in first position */
case 1: /* Invalid = in second position */
return (-1);
case 2: /* Valid, means one byte of info */
/* Skip any number of spaces. */
for ((void)NULL; ch != '\0'; ch = *src++)
if (!isspace((unsigned char)ch))
break;
/* Make sure there is another trailing = sign. */
if (ch != Pad64)
return (-1);
ch = *src++; /* Skip the = */
/* Fall through to "single trailing =" case. */
/* FALLTHROUGH */
case 3: /* Valid, means two bytes of info */
/*
* We know this char is an =. Is there anything but
* whitespace after it?
*/
for ((void)NULL; ch != '\0'; ch = *src++)
if (!isspace((unsigned char)ch))
return (-1);
/*
* Now make sure for cases 2 and 3 that the "extra"
* bits that slopped past the last full byte were
* zeros. If we don't check them, they become a
* subliminal channel.
*/
if (target && target[tarindex] != 0)
return (-1);
}
} else {
/*
* We ended by seeing the end of the string. Make sure we
* have no partial bytes lying around.
*/
if (state != 0)
return (-1);
}
return (tarindex);
}

24
compat/calloc.c Normal file
View File

@ -0,0 +1,24 @@
/* Just a replacement, if the original malloc is not
GNU-compliant. See autoconf documentation. */
#if HAVE_CONFIG_H
#include <ldns/config.h>
#endif
void *calloc();
#if !HAVE_BZERO && HAVE_MEMSET
# define bzero(buf, bytes) ((void) memset (buf, 0, bytes))
#endif
void *
calloc(size_t num, size_t size)
{
void *new = malloc(num * size);
if (!new) {
return NULL;
}
bzero(new, num * size);
return new;
}

16
compat/ctime_r.c Normal file
View File

@ -0,0 +1,16 @@
#ifdef HAVE_CONFIG_H
#include <ldns/config.h>
#endif
#ifdef HAVE_TIME_H
#include <time.h>
#endif
char *ctime_r(const time_t *timep, char *buf)
{
/* no thread safety. */
char* result = ctime(timep);
if(buf && result)
strcpy(buf, result);
return result;
}

229
compat/fake-rfc2553.c Normal file
View File

@ -0,0 +1,229 @@
/* From openssh 4.3p2 filename openbsd-compat/fake-rfc2553.h */
/*
* Copyright (C) 2000-2003 Damien Miller. All rights reserved.
* Copyright (C) 1999 WIDE Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* Pseudo-implementation of RFC2553 name / address resolution functions
*
* But these functions are not implemented correctly. The minimum subset
* is implemented for ssh use only. For example, this routine assumes
* that ai_family is AF_INET. Don't use it for another purpose.
*/
#include <ldns/config.h>
#include <ldns/common.h>
#include <unistd.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include "compat/fake-rfc2553.h"
#ifndef HAVE_GETNAMEINFO
int getnameinfo(const struct sockaddr *sa, size_t ATTR_UNUSED(salen), char *host,
size_t hostlen, char *serv, size_t servlen, int flags)
{
struct sockaddr_in *sin = (struct sockaddr_in *)sa;
struct hostent *hp;
char tmpserv[16];
if (serv != NULL) {
snprintf(tmpserv, sizeof(tmpserv), "%d", ntohs(sin->sin_port));
if (strlcpy(serv, tmpserv, servlen) >= servlen)
return (EAI_MEMORY);
}
if (host != NULL) {
if (flags & NI_NUMERICHOST) {
if (strlcpy(host, inet_ntoa(sin->sin_addr),
hostlen) >= hostlen)
return (EAI_MEMORY);
else
return (0);
} else {
hp = gethostbyaddr((char *)&sin->sin_addr,
sizeof(struct in_addr), AF_INET);
if (hp == NULL)
return (EAI_NODATA);
if (strlcpy(host, hp->h_name, hostlen) >= hostlen)
return (EAI_MEMORY);
else
return (0);
}
}
return (0);
}
#endif /* !HAVE_GETNAMEINFO */
#ifndef HAVE_GAI_STRERROR
#ifdef HAVE_CONST_GAI_STRERROR_PROTO
const char *
#else
char *
#endif
gai_strerror(int err)
{
switch (err) {
case EAI_NODATA:
return ("no address associated with name");
case EAI_MEMORY:
return ("memory allocation failure.");
case EAI_NONAME:
return ("nodename nor servname provided, or not known");
default:
return ("unknown/invalid error.");
}
}
#endif /* !HAVE_GAI_STRERROR */
#ifndef HAVE_FREEADDRINFO
void
freeaddrinfo(struct addrinfo *ai)
{
struct addrinfo *next;
for(; ai != NULL;) {
next = ai->ai_next;
free(ai);
ai = next;
}
}
#endif /* !HAVE_FREEADDRINFO */
#ifndef HAVE_GETADDRINFO
static struct
addrinfo *malloc_ai(int port, u_long addr, const struct addrinfo *hints)
{
struct addrinfo *ai;
ai = malloc(sizeof(*ai) + sizeof(struct sockaddr_in));
if (ai == NULL)
return (NULL);
memset(ai, '\0', sizeof(*ai) + sizeof(struct sockaddr_in));
ai->ai_addr = (struct sockaddr *)(ai + 1);
/* XXX -- ssh doesn't use sa_len */
ai->ai_addrlen = sizeof(struct sockaddr_in);
ai->ai_addr->sa_family = ai->ai_family = AF_INET;
((struct sockaddr_in *)(ai)->ai_addr)->sin_port = port;
((struct sockaddr_in *)(ai)->ai_addr)->sin_addr.s_addr = addr;
/* XXX: the following is not generally correct, but does what we want */
if (hints->ai_socktype)
ai->ai_socktype = hints->ai_socktype;
else
ai->ai_socktype = SOCK_STREAM;
if (hints->ai_protocol)
ai->ai_protocol = hints->ai_protocol;
return (ai);
}
int
getaddrinfo(const char *hostname, const char *servname,
const struct addrinfo *hints, struct addrinfo **res)
{
struct hostent *hp;
struct servent *sp;
struct in_addr in;
int i;
long int port;
u_long addr;
port = 0;
if (servname != NULL) {
char *cp;
port = strtol(servname, &cp, 10);
if (port > 0 && port <= 65535 && *cp == '\0')
port = htons(port);
else if ((sp = getservbyname(servname, NULL)) != NULL)
port = sp->s_port;
else
port = 0;
}
if (hints && hints->ai_flags & AI_PASSIVE) {
addr = htonl(0x00000000);
if (hostname && inet_aton(hostname, &in) != 0)
addr = in.s_addr;
*res = malloc_ai(port, addr, hints);
if (*res == NULL)
return (EAI_MEMORY);
return (0);
}
if (!hostname) {
*res = malloc_ai(port, htonl(0x7f000001), hints);
if (*res == NULL)
return (EAI_MEMORY);
return (0);
}
if (inet_aton(hostname, &in)) {
*res = malloc_ai(port, in.s_addr, hints);
if (*res == NULL)
return (EAI_MEMORY);
return (0);
}
/* Don't try DNS if AI_NUMERICHOST is set */
if (hints && hints->ai_flags & AI_NUMERICHOST)
return (EAI_NONAME);
hp = gethostbyname(hostname);
if (hp && hp->h_name && hp->h_name[0] && hp->h_addr_list[0]) {
struct addrinfo *cur, *prev;
cur = prev = *res = NULL;
for (i = 0; hp->h_addr_list[i]; i++) {
struct in_addr *in = (struct in_addr *)hp->h_addr_list[i];
cur = malloc_ai(port, in->s_addr, hints);
if (cur == NULL) {
if (*res != NULL)
freeaddrinfo(*res);
return (EAI_MEMORY);
}
if (prev)
prev->ai_next = cur;
else
*res = cur;
prev = cur;
}
return (0);
}
return (EAI_NODATA);
}
#endif /* !HAVE_GETADDRINFO */

183
compat/fake-rfc2553.h Normal file
View File

@ -0,0 +1,183 @@
/* From openssh 4.3p2 filename openbsd-compat/fake-rfc2553.h */
/*
* Copyright (C) 2000-2003 Damien Miller. All rights reserved.
* Copyright (C) 1999 WIDE Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* Pseudo-implementation of RFC2553 name / address resolution functions
*
* But these functions are not implemented correctly. The minimum subset
* is implemented for ssh use only. For example, this routine assumes
* that ai_family is AF_INET. Don't use it for another purpose.
*/
#ifndef _FAKE_RFC2553_H
#define _FAKE_RFC2553_H
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
#include <limits.h>
#ifdef __cplusplus
extern "C" {
#endif
/*
* First, socket and INET6 related definitions
*/
#ifndef HAVE_STRUCT_SOCKADDR_STORAGE
#ifndef _SS_MAXSIZE
# define _SS_MAXSIZE 128 /* Implementation specific max size */
# define _SS_PADSIZE (_SS_MAXSIZE - sizeof (struct sockaddr))
struct sockaddr_storage {
struct sockaddr ss_sa;
char __ss_pad2[_SS_PADSIZE];
};
# define ss_family ss_sa.sa_family
#endif /* _SS_MAXSIZE */
#endif /* !HAVE_STRUCT_SOCKADDR_STORAGE */
#ifndef IN6_IS_ADDR_LOOPBACK
# define IN6_IS_ADDR_LOOPBACK(a) \
(((uint32_t *)(a))[0] == 0 && ((uint32_t *)(a))[1] == 0 && \
((uint32_t *)(a))[2] == 0 && ((uint32_t *)(a))[3] == htonl(1))
#endif /* !IN6_IS_ADDR_LOOPBACK */
#ifndef HAVE_STRUCT_IN6_ADDR
struct in6_addr {
uint8_t s6_addr[16];
};
#endif /* !HAVE_STRUCT_IN6_ADDR */
#ifndef HAVE_STRUCT_SOCKADDR_IN6
struct sockaddr_in6 {
unsigned short sin6_family;
uint16_t sin6_port;
uint32_t sin6_flowinfo;
struct in6_addr sin6_addr;
};
#endif /* !HAVE_STRUCT_SOCKADDR_IN6 */
#ifndef AF_INET6
/* Define it to something that should never appear */
#define AF_INET6 AF_MAX
#endif
/*
* Next, RFC2553 name / address resolution API
*/
#ifndef NI_NUMERICHOST
# define NI_NUMERICHOST (1)
#endif
#ifndef NI_NAMEREQD
# define NI_NAMEREQD (1<<1)
#endif
#ifndef NI_NUMERICSERV
# define NI_NUMERICSERV (1<<2)
#endif
#ifndef AI_PASSIVE
# define AI_PASSIVE (1)
#endif
#ifndef AI_CANONNAME
# define AI_CANONNAME (1<<1)
#endif
#ifndef AI_NUMERICHOST
# define AI_NUMERICHOST (1<<2)
#endif
#ifndef NI_MAXSERV
# define NI_MAXSERV 32
#endif /* !NI_MAXSERV */
#ifndef NI_MAXHOST
# define NI_MAXHOST 1025
#endif /* !NI_MAXHOST */
#ifndef INT_MAX
#define INT_MAX 0xffffffff
#endif
#ifndef EAI_NODATA
# define EAI_NODATA (INT_MAX - 1)
#endif
#ifndef EAI_MEMORY
# define EAI_MEMORY (INT_MAX - 2)
#endif
#ifndef EAI_NONAME
# define EAI_NONAME (INT_MAX - 3)
#endif
#ifndef EAI_SYSTEM
# define EAI_SYSTEM (INT_MAX - 4)
#endif
#ifndef HAVE_STRUCT_ADDRINFO
struct addrinfo {
int ai_flags; /* AI_PASSIVE, AI_CANONNAME */
int ai_family; /* PF_xxx */
int ai_socktype; /* SOCK_xxx */
int ai_protocol; /* 0 or IPPROTO_xxx for IPv4 and IPv6 */
size_t ai_addrlen; /* length of ai_addr */
char *ai_canonname; /* canonical name for hostname */
struct sockaddr *ai_addr; /* binary address */
struct addrinfo *ai_next; /* next structure in linked list */
};
#endif /* !HAVE_STRUCT_ADDRINFO */
#ifndef HAVE_GETADDRINFO
#ifdef getaddrinfo
# undef getaddrinfo
#endif
#define getaddrinfo(a,b,c,d) (ssh_getaddrinfo(a,b,c,d))
int getaddrinfo(const char *, const char *,
const struct addrinfo *, struct addrinfo **);
#endif /* !HAVE_GETADDRINFO */
#if !defined(HAVE_GAI_STRERROR) && !defined(HAVE_CONST_GAI_STRERROR_PROTO)
#define gai_strerror(a) (ssh_gai_strerror(a))
char *gai_strerror(int);
#endif /* !HAVE_GAI_STRERROR */
#ifndef HAVE_FREEADDRINFO
#define freeaddrinfo(a) (ssh_freeaddrinfo(a))
void freeaddrinfo(struct addrinfo *);
#endif /* !HAVE_FREEADDRINFO */
#ifndef HAVE_GETNAMEINFO
#define getnameinfo(a,b,c,d,e,f,g) (ssh_getnameinfo(a,b,c,d,e,f,g))
int getnameinfo(const struct sockaddr *, size_t, char *, size_t,
char *, size_t, int);
#endif /* !HAVE_GETNAMEINFO */
#ifdef __cplusplus
}
#endif
#endif /* !_FAKE_RFC2553_H */

14
compat/gmtime_r.c Normal file
View File

@ -0,0 +1,14 @@
#ifdef HAVE_CONFIG_H
#include <ldns/config.h>
#endif
#ifdef HAVE_TIME_H
#include <time.h>
#endif
struct tm *gmtime_r(const time_t *timep, struct tm *result)
{
/* no thread safety. */
*result = *gmtime(timep);
return result;
}

182
compat/inet_aton.c Normal file
View File

@ -0,0 +1,182 @@
/* From openssh4.3p2 compat/inet_aton.c */
/*
* Copyright (c) 1983, 1990, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* -
* Portions Copyright (c) 1993 by Digital Equipment Corporation.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies, and that
* the name of Digital Equipment Corporation not be used in advertising or
* publicity pertaining to distribution of the document or software without
* specific, written prior permission.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL
* WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT
* CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
* -
* --Copyright--
*/
/* OPENBSD ORIGINAL: lib/libc/net/inet_addr.c */
#include <ldns/config.h>
#if !defined(HAVE_INET_ATON)
#include <sys/types.h>
#include <sys/param.h>
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#include <ctype.h>
#if 0
/*
* Ascii internet address interpretation routine.
* The value returned is in network order.
*/
in_addr_t
inet_addr(const char *cp)
{
struct in_addr val;
if (inet_aton(cp, &val))
return (val.s_addr);
return (INADDR_NONE);
}
#endif
/*
* Check whether "cp" is a valid ascii representation
* of an Internet address and convert to a binary address.
* Returns 1 if the address is valid, 0 if not.
* This replaces inet_addr, the return value from which
* cannot distinguish between failure and a local broadcast address.
*/
int
inet_aton(const char *cp, struct in_addr *addr)
{
uint32_t val;
int base, n;
char c;
unsigned int parts[4];
unsigned int *pp = parts;
c = *cp;
for (;;) {
/*
* Collect number up to ``.''.
* Values are specified as for C:
* 0x=hex, 0=octal, isdigit=decimal.
*/
if (!isdigit((int) c))
return (0);
val = 0; base = 10;
if (c == '0') {
c = *++cp;
if (c == 'x' || c == 'X')
base = 16, c = *++cp;
else
base = 8;
}
for (;;) {
if (isascii((int) c) && isdigit((int) c)) {
val = (val * base) + (c - '0');
c = *++cp;
} else if (base == 16 && isascii((int) c) && isxdigit((int) c)) {
val = (val << 4) |
(c + 10 - (islower((int) c) ? 'a' : 'A'));
c = *++cp;
} else
break;
}
if (c == '.') {
/*
* Internet format:
* a.b.c.d
* a.b.c (with c treated as 16 bits)
* a.b (with b treated as 24 bits)
*/
if (pp >= parts + 3)
return (0);
*pp++ = val;
c = *++cp;
} else
break;
}
/*
* Check for trailing characters.
*/
if (c != '\0' && (!isascii((int) c) || !isspace((int) c)))
return (0);
/*
* Concoct the address according to
* the number of parts specified.
*/
n = pp - parts + 1;
switch (n) {
case 0:
return (0); /* initial nondigit */
case 1: /* a -- 32 bits */
break;
case 2: /* a.b -- 8.24 bits */
if ((val > 0xffffff) || (parts[0] > 0xff))
return (0);
val |= parts[0] << 24;
break;
case 3: /* a.b.c -- 8.8.16 bits */
if ((val > 0xffff) || (parts[0] > 0xff) || (parts[1] > 0xff))
return (0);
val |= (parts[0] << 24) | (parts[1] << 16);
break;
case 4: /* a.b.c.d -- 8.8.8.8 bits */
if ((val > 0xff) || (parts[0] > 0xff) || (parts[1] > 0xff) || (parts[2] > 0xff))
return (0);
val |= (parts[0] << 24) | (parts[1] << 16) | (parts[2] << 8);
break;
}
if (addr)
addr->s_addr = htonl(val);
return (1);
}
#endif /* !defined(HAVE_INET_ATON) */

218
compat/inet_ntop.c Normal file
View File

@ -0,0 +1,218 @@
/* From openssh 4.3p2 compat/inet_ntop.c */
/* Copyright (c) 1996 by Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/
/* OPENBSD ORIGINAL: lib/libc/net/inet_ntop.c */
#include <ldns/config.h>
#ifndef HAVE_INET_NTOP
#include <sys/param.h>
#include <sys/types.h>
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#include <string.h>
#include <errno.h>
#include <stdio.h>
#ifndef IN6ADDRSZ
#define IN6ADDRSZ 16 /* IPv6 T_AAAA */
#endif
#ifndef INT16SZ
#define INT16SZ 2 /* for systems without 16-bit ints */
#endif
/*
* WARNING: Don't even consider trying to compile this on a system where
* sizeof(int) < 4. sizeof(int) > 4 is fine; all the world's not a VAX.
*/
static const char *inet_ntop4(const u_char *src, char *dst, size_t size);
static const char *inet_ntop6(const u_char *src, char *dst, size_t size);
/* char *
* inet_ntop(af, src, dst, size)
* convert a network format address to presentation format.
* return:
* pointer to presentation format address (`dst'), or NULL (see errno).
* author:
* Paul Vixie, 1996.
*/
const char *
inet_ntop(int af, const void *src, char *dst, size_t size)
{
switch (af) {
case AF_INET:
return (inet_ntop4(src, dst, size));
case AF_INET6:
return (inet_ntop6(src, dst, size));
default:
#ifdef EAFNOSUPPORT
errno = EAFNOSUPPORT;
#else
errno = ENOSYS;
#endif
return (NULL);
}
/* NOTREACHED */
}
/* const char *
* inet_ntop4(src, dst, size)
* format an IPv4 address, more or less like inet_ntoa()
* return:
* `dst' (as a const)
* notes:
* (1) uses no statics
* (2) takes a u_char* not an in_addr as input
* author:
* Paul Vixie, 1996.
*/
static const char *
inet_ntop4(const u_char *src, char *dst, size_t size)
{
static const char fmt[] = "%u.%u.%u.%u";
char tmp[sizeof "255.255.255.255"];
int l;
l = snprintf(tmp, size, fmt, src[0], src[1], src[2], src[3]);
if (l <= 0 || l >= (int)size) {
errno = ENOSPC;
return (NULL);
}
strlcpy(dst, tmp, size);
return (dst);
}
/* const char *
* inet_ntop6(src, dst, size)
* convert IPv6 binary address into presentation (printable) format
* author:
* Paul Vixie, 1996.
*/
static const char *
inet_ntop6(const u_char *src, char *dst, size_t size)
{
/*
* Note that int32_t and int16_t need only be "at least" large enough
* to contain a value of the specified size. On some systems, like
* Crays, there is no such thing as an integer variable with 16 bits.
* Keep this in mind if you think this function should have been coded
* to use pointer overlays. All the world's not a VAX.
*/
char tmp[sizeof "ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255"];
char *tp, *ep;
struct { int base, len; } best, cur;
u_int words[IN6ADDRSZ / INT16SZ];
int i;
int advance;
/*
* Preprocess:
* Copy the input (bytewise) array into a wordwise array.
* Find the longest run of 0x00's in src[] for :: shorthanding.
*/
memset(words, '\0', sizeof words);
for (i = 0; i < IN6ADDRSZ; i++)
words[i / 2] |= (src[i] << ((1 - (i % 2)) << 3));
best.base = -1;
best.len = 0;
cur.base = -1;
cur.len = 0;
for (i = 0; i < (IN6ADDRSZ / INT16SZ); i++) {
if (words[i] == 0) {
if (cur.base == -1)
cur.base = i, cur.len = 1;
else
cur.len++;
} else {
if (cur.base != -1) {
if (best.base == -1 || cur.len > best.len)
best = cur;
cur.base = -1;
}
}
}
if (cur.base != -1) {
if (best.base == -1 || cur.len > best.len)
best = cur;
}
if (best.base != -1 && best.len < 2)
best.base = -1;
/*
* Format the result.
*/
tp = tmp;
ep = tmp + sizeof(tmp);
for (i = 0; i < (IN6ADDRSZ / INT16SZ) && tp < ep; i++) {
/* Are we inside the best run of 0x00's? */
if (best.base != -1 && i >= best.base &&
i < (best.base + best.len)) {
if (i == best.base) {
if (tp + 1 >= ep)
return (NULL);
*tp++ = ':';
}
continue;
}
/* Are we following an initial run of 0x00s or any real hex? */
if (i != 0) {
if (tp + 1 >= ep)
return (NULL);
*tp++ = ':';
}
/* Is this address an encapsulated IPv4? */
if (i == 6 && best.base == 0 &&
(best.len == 6 || (best.len == 5 && words[5] == 0xffff))) {
if (!inet_ntop4(src+12, tp, (size_t)(ep - tp)))
return (NULL);
tp += strlen(tp);
break;
}
advance = snprintf(tp, ep - tp, "%x", words[i]);
if (advance <= 0 || advance >= ep - tp)
return (NULL);
tp += advance;
}
/* Was it a trailing run of 0x00's? */
if (best.base != -1 && (best.base + best.len) == (IN6ADDRSZ / INT16SZ)) {
if (tp + 1 >= ep)
return (NULL);
*tp++ = ':';
}
if (tp + 1 >= ep)
return (NULL);
*tp++ = '\0';
/*
* Check for overflow, copy, and we're done.
*/
if ((size_t)(tp - tmp) > size) {
errno = ENOSPC;
return (NULL);
}
strlcpy(dst, tmp, size);
return (dst);
}
#endif /* !HAVE_INET_NTOP */

230
compat/inet_pton.c Normal file
View File

@ -0,0 +1,230 @@
/* $KAME: inet_pton.c,v 1.5 2001/08/20 02:32:40 itojun Exp $ */
/* Copyright (c) 1996 by Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
* CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
*/
#include <ldns/config.h>
#include <string.h>
#include <stdio.h>
#include <errno.h>
/*
* WARNING: Don't even consider trying to compile this on a system where
* sizeof(int) < 4. sizeof(int) > 4 is fine; all the world's not a VAX.
*/
static int inet_pton4 (const char *src, uint8_t *dst);
static int inet_pton6 (const char *src, uint8_t *dst);
/*
*
* The definitions we might miss.
*
*/
#ifndef NS_INT16SZ
#define NS_INT16SZ 2
#endif
#ifndef NS_IN6ADDRSZ
#define NS_IN6ADDRSZ 16
#endif
#ifndef NS_INADDRSZ
#define NS_INADDRSZ 4
#endif
/* int
* inet_pton(af, src, dst)
* convert from presentation format (which usually means ASCII printable)
* to network format (which is usually some kind of binary format).
* return:
* 1 if the address was valid for the specified address family
* 0 if the address wasn't valid (`dst' is untouched in this case)
* -1 if some other error occurred (`dst' is untouched in this case, too)
* author:
* Paul Vixie, 1996.
*/
int
inet_pton(af, src, dst)
int af;
const char *src;
void *dst;
{
switch (af) {
case AF_INET:
return (inet_pton4(src, dst));
case AF_INET6:
return (inet_pton6(src, dst));
default:
#ifdef EAFNOSUPPORT
errno = EAFNOSUPPORT;
#else
errno = ENOSYS;
#endif
return (-1);
}
/* NOTREACHED */
}
/* int
* inet_pton4(src, dst)
* like inet_aton() but without all the hexadecimal and shorthand.
* return:
* 1 if `src' is a valid dotted quad, else 0.
* notice:
* does not touch `dst' unless it's returning 1.
* author:
* Paul Vixie, 1996.
*/
static int
inet_pton4(src, dst)
const char *src;
uint8_t *dst;
{
static const char digits[] = "0123456789";
int saw_digit, octets, ch;
uint8_t tmp[NS_INADDRSZ], *tp;
saw_digit = 0;
octets = 0;
*(tp = tmp) = 0;
while ((ch = *src++) != '\0') {
const char *pch;
if ((pch = strchr(digits, ch)) != NULL) {
uint32_t new = *tp * 10 + (pch - digits);
if (new > 255)
return (0);
*tp = new;
if (! saw_digit) {
if (++octets > 4)
return (0);
saw_digit = 1;
}
} else if (ch == '.' && saw_digit) {
if (octets == 4)
return (0);
*++tp = 0;
saw_digit = 0;
} else
return (0);
}
if (octets < 4)
return (0);
memcpy(dst, tmp, NS_INADDRSZ);
return (1);
}
/* int
* inet_pton6(src, dst)
* convert presentation level address to network order binary form.
* return:
* 1 if `src' is a valid [RFC1884 2.2] address, else 0.
* notice:
* (1) does not touch `dst' unless it's returning 1.
* (2) :: in a full address is silently ignored.
* credit:
* inspired by Mark Andrews.
* author:
* Paul Vixie, 1996.
*/
static int
inet_pton6(src, dst)
const char *src;
uint8_t *dst;
{
static const char xdigits_l[] = "0123456789abcdef",
xdigits_u[] = "0123456789ABCDEF";
uint8_t tmp[NS_IN6ADDRSZ], *tp, *endp, *colonp;
const char *xdigits, *curtok;
int ch, saw_xdigit;
uint32_t val;
memset((tp = tmp), '\0', NS_IN6ADDRSZ);
endp = tp + NS_IN6ADDRSZ;
colonp = NULL;
/* Leading :: requires some special handling. */
if (*src == ':')
if (*++src != ':')
return (0);
curtok = src;
saw_xdigit = 0;
val = 0;
while ((ch = *src++) != '\0') {
const char *pch;
if ((pch = strchr((xdigits = xdigits_l), ch)) == NULL)
pch = strchr((xdigits = xdigits_u), ch);
if (pch != NULL) {
val <<= 4;
val |= (pch - xdigits);
if (val > 0xffff)
return (0);
saw_xdigit = 1;
continue;
}
if (ch == ':') {
curtok = src;
if (!saw_xdigit) {
if (colonp)
return (0);
colonp = tp;
continue;
}
if (tp + NS_INT16SZ > endp)
return (0);
*tp++ = (uint8_t) (val >> 8) & 0xff;
*tp++ = (uint8_t) val & 0xff;
saw_xdigit = 0;
val = 0;
continue;
}
if (ch == '.' && ((tp + NS_INADDRSZ) <= endp) &&
inet_pton4(curtok, tp) > 0) {
tp += NS_INADDRSZ;
saw_xdigit = 0;
break; /* '\0' was seen by inet_pton4(). */
}
return (0);
}
if (saw_xdigit) {
if (tp + NS_INT16SZ > endp)
return (0);
*tp++ = (uint8_t) (val >> 8) & 0xff;
*tp++ = (uint8_t) val & 0xff;
}
if (colonp != NULL) {
/*
* Since some memmove()'s erroneously fail to handle
* overlapping regions, we'll do the shift by hand.
*/
const int n = tp - colonp;
int i;
for (i = 1; i <= n; i++) {
endp[- i] = colonp[n - i];
colonp[n - i] = 0;
}
tp = endp;
}
if (tp != endp)
return (0);
memcpy(dst, tmp, NS_IN6ADDRSZ);
return (1);
}

15
compat/isascii.c Normal file
View File

@ -0,0 +1,15 @@
/* Just a replacement, if the original isascii is not
present */
#if HAVE_CONFIG_H
#include <ldns/config.h>
#endif
int isascii(int c);
/* true if character is ascii. */
int
isascii(int c)
{
return c >= 0 && c < 128;
}

15
compat/isblank.c Normal file
View File

@ -0,0 +1,15 @@
/* Just a replacement, if the original isblank is not
present */
#if HAVE_CONFIG_H
#include <ldns/config.h>
#endif
int isblank(int c);
/* true if character is a blank (space or tab). C99. */
int
isblank(int c)
{
return (c == ' ') || (c == '\t');
}

14
compat/localtime_r.c Normal file
View File

@ -0,0 +1,14 @@
#ifdef HAVE_CONFIG_H
#include <ldns/config.h>
#endif
#ifdef HAVE_TIME_H
#include <time.h>
#endif
struct tm *localtime_r(const time_t *timep, struct tm *result)
{
/* no thread safety. */
*result = *localtime(timep);
return result;
}

22
compat/malloc.c Normal file
View File

@ -0,0 +1,22 @@
/* Just a replacement, if the original malloc is not
GNU-compliant. See autoconf documentation. */
#if HAVE_CONFIG_H
#include <ldns/config.h>
#endif
#undef malloc
#include <sys/types.h>
void *malloc ();
/* Allocate an N-byte block of memory from the heap.
If N is zero, allocate a 1-byte block. */
void *
rpl_malloc (size_t n)
{
if (n == 0)
n = 1;
return malloc (n);
}

43
compat/memmove.c Normal file
View File

@ -0,0 +1,43 @@
/*
* memmove.c: memmove compat implementation.
*
* Copyright (c) 2001-2008, NLnet Labs. All rights reserved.
*
* See LICENSE for the license.
*/
#include <ldns/config.h>
#include <stdlib.h>
void *memmove(void *dest, const void *src, size_t n);
void *memmove(void *dest, const void *src, size_t n)
{
uint8_t* from = (uint8_t*) src;
uint8_t* to = (uint8_t*) dest;
if (from == to || n == 0)
return dest;
if (to > from && to-from < (int)n) {
/* to overlaps with from */
/* <from......> */
/* <to........> */
/* copy in reverse, to avoid overwriting from */
int i;
for(i=n-1; i>=0; i--)
to[i] = from[i];
return dest;
}
if (from > to && from-to < (int)n) {
/* to overlaps with from */
/* <from......> */
/* <to........> */
/* copy forwards, to avoid overwriting from */
size_t i;
for(i=0; i<n; i++)
to[i] = from[i];
return dest;
}
memcpy(dest, src, n);
return dest;
}

30
compat/realloc.c Normal file
View File

@ -0,0 +1,30 @@
/* Just a replacement, if the original malloc is not
GNU-compliant. Based on malloc.c */
#if HAVE_CONFIG_H
#include <ldns/config.h>
#endif
#undef realloc
#include <sys/types.h>
void *realloc (void*, size_t);
void *malloc (size_t);
/* Changes allocation to new sizes, copies over old data.
* if oldptr is NULL, does a malloc.
* if size is zero, allocate 1-byte block....
* (does not return NULL and free block)
*/
void *
rpl_realloc (void* ptr, size_t n)
{
if (n == 0)
n = 1;
if(ptr == 0) {
return malloc(n);
}
return realloc(ptr, n);
}

770
compat/snprintf.c Normal file
View File

@ -0,0 +1,770 @@
#include <ldns/config.h>
#ifndef HAVE_SNPRINTF
#include <ctype.h>
#include <sys/types.h>
/* Define this as a fall through, HAVE_STDARG_H is probably already set */
#define HAVE_VARARGS_H
/**************************************************************
* Original:
* Patrick Powell Tue Apr 11 09:48:21 PDT 1995
* A bombproof version of doprnt (dopr) included.
* Sigh. This sort of thing is always nasty do deal with. Note that
* the version here does not include floating point...
*
* snprintf() is used instead of sprintf() as it does limit checks
* for string length. This covers a nasty loophole.
*
* The other functions are there to prevent NULL pointers from
* causing nast effects.
*
* More Recently:
* Brandon Long (blong@fiction.net) 9/15/96 for mutt 0.43
* This was ugly. It is still ugly. I opted out of floating point
* numbers, but the formatter understands just about everything
* from the normal C string format, at least as far as I can tell from
* the Solaris 2.5 printf(3S) man page.
*
* Brandon Long (blong@fiction.net) 10/22/97 for mutt 0.87.1
* Ok, added some minimal floating point support, which means this
* probably requires libm on most operating systems. Don't yet
* support the exponent (e,E) and sigfig (g,G). Also, fmtint()
* was pretty badly broken, it just wasn't being exercised in ways
* which showed it, so that's been fixed. Also, formated the code
* to mutt conventions, and removed dead code left over from the
* original. Also, there is now a builtin-test, just compile with:
* gcc -DTEST_SNPRINTF -o snprintf snprintf.c -lm
* and run snprintf for results.
*
**************************************************************/
/* varargs declarations: */
#if defined(HAVE_STDARG_H)
# include <stdarg.h>
# define HAVE_STDARGS /* let's hope that works everywhere (mj) */
# define VA_LOCAL_DECL va_list ap
# define VA_START(f) va_start(ap, f)
# define VA_SHIFT(v,t) ; /* no-op for ANSI */
# define VA_END va_end(ap)
#else
# if defined(HAVE_VARARGS_H)
# include <varargs.h>
# undef HAVE_STDARGS
# define VA_LOCAL_DECL va_list ap
# define VA_START(f) va_start(ap) /* f is ignored! */
# define VA_SHIFT(v,t) v = va_arg(ap,t)
# define VA_END va_end(ap)
# else
/*XX ** NO VARARGS ** XX*/
# endif
#endif
int snprintf (char *str, size_t count, const char *fmt, ...);
int vsnprintf (char *str, size_t count, const char *fmt, va_list arg);
static void dopr (char *buffer, size_t maxlen, const char *format,
va_list args);
static void fmtstr (char *buffer, size_t *currlen, size_t maxlen,
char *value, int flags, int min, int max);
static void fmtint (char *buffer, size_t *currlen, size_t maxlen,
long value, int base, int min, int max, int flags);
static void fmtfp (char *buffer, size_t *currlen, size_t maxlen,
long double fvalue, int min, int max, int flags);
static void dopr_outch (char *buffer, size_t *currlen, size_t maxlen, char c );
int vsnprintf (char *str, size_t count, const char *fmt, va_list args)
{
str[0] = 0;
dopr(str, count, fmt, args);
return(strlen(str));
}
/* VARARGS3 */
#ifdef HAVE_STDARGS
int snprintf (char *str,size_t count,const char *fmt,...)
#else
int snprintf (va_alist) va_dcl
#endif
{
#ifndef HAVE_STDARGS
char *str;
size_t count;
char *fmt;
#endif
VA_LOCAL_DECL;
VA_START (fmt);
VA_SHIFT (str, char *);
VA_SHIFT (count, size_t );
VA_SHIFT (fmt, char *);
(void) vsnprintf(str, count, fmt, ap);
VA_END;
return(strlen(str));
}
/*
* dopr(): poor man's version of doprintf
*/
/* format read states */
#define DP_S_DEFAULT 0
#define DP_S_FLAGS 1
#define DP_S_MIN 2
#define DP_S_DOT 3
#define DP_S_MAX 4
#define DP_S_MOD 5
#define DP_S_CONV 6
#define DP_S_DONE 7
/* format flags - Bits */
#define DP_F_MINUS 1
#define DP_F_PLUS 2
#define DP_F_SPACE 4
#define DP_F_NUM 8
#define DP_F_ZERO 16
#define DP_F_UP 32
/* Conversion Flags */
#define DP_C_SHORT 1
#define DP_C_LONG 2
#define DP_C_LDOUBLE 3
#define char_to_int(p) (p - '0')
#define MAX(p,q) ((p >= q) ? p : q)
static void dopr (char *buffer, size_t maxlen, const char *format, va_list args)
{
char ch;
long value;
long double fvalue;
char *strvalue;
int min;
int max;
int state;
int flags;
int cflags;
size_t currlen;
state = DP_S_DEFAULT;
currlen = flags = cflags = min = 0;
max = -1;
ch = *format++;
while (state != DP_S_DONE)
{
if ((ch == '\0') || (currlen >= maxlen))
state = DP_S_DONE;
switch(state)
{
case DP_S_DEFAULT:
if (ch == '%')
state = DP_S_FLAGS;
else
dopr_outch (buffer, &currlen, maxlen, ch);
ch = *format++;
break;
case DP_S_FLAGS:
switch (ch)
{
case '-':
flags |= DP_F_MINUS;
ch = *format++;
break;
case '+':
flags |= DP_F_PLUS;
ch = *format++;
break;
case ' ':
flags |= DP_F_SPACE;
ch = *format++;
break;
case '#':
flags |= DP_F_NUM;
ch = *format++;
break;
case '0':
flags |= DP_F_ZERO;
ch = *format++;
break;
default:
state = DP_S_MIN;
break;
}
break;
case DP_S_MIN:
if (isdigit((int) ch))
{
min = 10*min + char_to_int (ch);
ch = *format++;
}
else if (ch == '*')
{
min = va_arg (args, int);
ch = *format++;
state = DP_S_DOT;
}
else
state = DP_S_DOT;
break;
case DP_S_DOT:
if (ch == '.')
{
state = DP_S_MAX;
ch = *format++;
}
else
state = DP_S_MOD;
break;
case DP_S_MAX:
if (isdigit((int) ch))
{
if (max < 0)
max = 0;
max = 10*max + char_to_int (ch);
ch = *format++;
}
else if (ch == '*')
{
max = va_arg (args, int);
ch = *format++;
state = DP_S_MOD;
}
else
state = DP_S_MOD;
break;
case DP_S_MOD:
/* Currently, we don't support Long Long, bummer */
switch (ch)
{
case 'h':
cflags = DP_C_SHORT;
ch = *format++;
break;
case 'l':
cflags = DP_C_LONG;
ch = *format++;
break;
case 'L':
cflags = DP_C_LDOUBLE;
ch = *format++;
break;
default:
break;
}
state = DP_S_CONV;
break;
case DP_S_CONV:
switch (ch)
{
case 'd':
case 'i':
if (cflags == DP_C_SHORT)
value = va_arg (args, int);
else if (cflags == DP_C_LONG)
value = va_arg (args, long int);
else
value = va_arg (args, int);
fmtint (buffer, &currlen, maxlen, value, 10, min, max, flags);
break;
case 'o':
flags &= ~DP_F_PLUS;
if (cflags == DP_C_SHORT)
value = va_arg (args, unsigned int);
else if (cflags == DP_C_LONG)
value = va_arg (args, unsigned long int);
else
value = va_arg (args, unsigned int);
fmtint (buffer, &currlen, maxlen, value, 8, min, max, flags);
break;
case 'u':
flags &= ~DP_F_PLUS;
if (cflags == DP_C_SHORT)
value = va_arg (args, unsigned int);
else if (cflags == DP_C_LONG)
value = va_arg (args, unsigned long int);
else
value = va_arg (args, unsigned int);
fmtint (buffer, &currlen, maxlen, value, 10, min, max, flags);
break;
case 'X':
flags |= DP_F_UP;
case 'x':
flags &= ~DP_F_PLUS;
if (cflags == DP_C_SHORT)
value = va_arg (args, unsigned int);
else if (cflags == DP_C_LONG)
value = va_arg (args, unsigned long int);
else
value = va_arg (args, unsigned int);
fmtint (buffer, &currlen, maxlen, value, 16, min, max, flags);
break;
case 'f':
if (cflags == DP_C_LDOUBLE)
fvalue = va_arg (args, long double);
else
fvalue = va_arg (args, double);
/* um, floating point? */
fmtfp (buffer, &currlen, maxlen, fvalue, min, max, flags);
break;
case 'E':
flags |= DP_F_UP;
case 'e':
if (cflags == DP_C_LDOUBLE)
fvalue = va_arg (args, long double);
else
fvalue = va_arg (args, double);
break;
case 'G':
flags |= DP_F_UP;
case 'g':
if (cflags == DP_C_LDOUBLE)
fvalue = va_arg (args, long double);
else
fvalue = va_arg (args, double);
break;
case 'c':
dopr_outch (buffer, &currlen, maxlen, va_arg (args, int));
break;
case 's':
strvalue = va_arg (args, char *);
if (max < 0)
max = maxlen; /* ie, no max */
fmtstr (buffer, &currlen, maxlen, strvalue, flags, min, max);
break;
case 'p':
strvalue = va_arg (args, void *);
fmtint (buffer, &currlen, maxlen, (long) strvalue, 16, min, max, flags);
break;
case 'n':
if (cflags == DP_C_SHORT)
{
short int *num;
num = va_arg (args, short int *);
*num = currlen;
}
else if (cflags == DP_C_LONG)
{
long int *num;
num = va_arg (args, long int *);
*num = currlen;
}
else
{
int *num;
num = va_arg (args, int *);
*num = currlen;
}
break;
case '%':
dopr_outch (buffer, &currlen, maxlen, ch);
break;
case 'w':
/* not supported yet, treat as next char */
ch = *format++;
break;
default:
/* Unknown, skip */
break;
}
ch = *format++;
state = DP_S_DEFAULT;
flags = cflags = min = 0;
max = -1;
break;
case DP_S_DONE:
break;
default:
/* hmm? */
break; /* some picky compilers need this */
}
}
if (currlen < maxlen - 1)
buffer[currlen] = '\0';
else
buffer[maxlen - 1] = '\0';
}
static void fmtstr (char *buffer, size_t *currlen, size_t maxlen,
char *value, int flags, int min, int max)
{
int padlen, strln; /* amount to pad */
int cnt = 0;
if (value == 0)
{
value = (char *) "<NULL>";
}
for (strln = 0; value[strln]; ++strln); /* strlen */
padlen = min - strln;
if (padlen < 0)
padlen = 0;
if (flags & DP_F_MINUS)
padlen = -padlen; /* Left Justify */
while ((padlen > 0) && (cnt < max))
{
dopr_outch (buffer, currlen, maxlen, ' ');
--padlen;
++cnt;
}
while (*value && (cnt < max))
{
dopr_outch (buffer, currlen, maxlen, *value++);
++cnt;
}
while ((padlen < 0) && (cnt < max))
{
dopr_outch (buffer, currlen, maxlen, ' ');
++padlen;
++cnt;
}
}
/* Have to handle DP_F_NUM (ie 0x and 0 alternates) */
static void fmtint (char *buffer, size_t *currlen, size_t maxlen,
long value, int base, int min, int max, int flags)
{
int signvalue = 0;
unsigned long uvalue;
char convert[20];
int place = 0;
int spadlen = 0; /* amount to space pad */
int zpadlen = 0; /* amount to zero pad */
int caps = 0;
if (max < 0)
max = 0;
uvalue = value;
if( value < 0 ) {
signvalue = '-';
uvalue = -value;
}
else
if (flags & DP_F_PLUS) /* Do a sign (+/i) */
signvalue = '+';
else
if (flags & DP_F_SPACE)
signvalue = ' ';
if (flags & DP_F_UP) caps = 1; /* Should characters be upper case? */
do {
convert[place++] =
(caps? "0123456789ABCDEF":"0123456789abcdef")
[uvalue % (unsigned)base ];
uvalue = (uvalue / (unsigned)base );
} while(uvalue && (place < 20));
if (place == 20) place--;
convert[place] = 0;
zpadlen = max - place;
spadlen = min - MAX (max, place) - (signvalue ? 1 : 0);
if (zpadlen < 0) zpadlen = 0;
if (spadlen < 0) spadlen = 0;
if (flags & DP_F_ZERO)
{
zpadlen = MAX(zpadlen, spadlen);
spadlen = 0;
}
if (flags & DP_F_MINUS)
spadlen = -spadlen; /* Left Justifty */
#ifdef DEBUG_SNPRINTF
dprint (1, (debugfile, "zpad: %d, spad: %d, min: %d, max: %d, place: %d\n",
zpadlen, spadlen, min, max, place));
#endif
/* Spaces */
while (spadlen > 0)
{
dopr_outch (buffer, currlen, maxlen, ' ');
--spadlen;
}
/* Sign */
if (signvalue)
dopr_outch (buffer, currlen, maxlen, signvalue);
/* Zeros */
if (zpadlen > 0)
{
while (zpadlen > 0)
{
dopr_outch (buffer, currlen, maxlen, '0');
--zpadlen;
}
}
/* Digits */
while (place > 0)
dopr_outch (buffer, currlen, maxlen, convert[--place]);
/* Left Justified spaces */
while (spadlen < 0) {
dopr_outch (buffer, currlen, maxlen, ' ');
++spadlen;
}
}
static long double abs_val (long double value)
{
long double result = value;
if (value < 0)
result = -value;
return result;
}
static double pow10 (double exp)
{
long double result = 1;
while (exp)
{
result *= 10;
exp--;
}
return result;
}
static double round (double value)
{
long intpart;
intpart = value;
value = value - intpart;
if (value >= 0.5)
intpart++;
return intpart;
}
static void fmtfp (char *buffer, size_t *currlen, size_t maxlen,
long double fvalue, int min, int max, int flags)
{
int signvalue = 0;
long double ufvalue;
char iconvert[20];
char fconvert[20];
int iplace = 0;
int fplace = 0;
int padlen = 0; /* amount to pad */
int zpadlen = 0;
int caps = 0;
long intpart;
long fracpart;
/*
* AIX manpage says the default is 0, but Solaris says the default
* is 6, and sprintf on AIX defaults to 6
*/
if (max < 0)
max = 6;
ufvalue = abs_val (fvalue);
if (fvalue < 0)
signvalue = '-';
else
if (flags & DP_F_PLUS) /* Do a sign (+/i) */
signvalue = '+';
else
if (flags & DP_F_SPACE)
signvalue = ' ';
#if 0
if (flags & DP_F_UP) caps = 1; /* Should characters be upper case? */
#endif
intpart = ufvalue;
/*
* Sorry, we only support 9 digits past the decimal because of our
* conversion method
*/
if (max > 9)
max = 9;
/* We "cheat" by converting the fractional part to integer by
* multiplying by a factor of 10
*/
fracpart = round ((pow10 (max)) * (ufvalue - intpart));
if (fracpart >= pow10 (max))
{
intpart++;
fracpart -= pow10 (max);
}
#ifdef DEBUG_SNPRINTF
dprint (1, (debugfile, "fmtfp: %f =? %d.%d\n", fvalue, intpart, fracpart));
#endif
/* Convert integer part */
do {
iconvert[iplace++] =
(caps? "0123456789ABCDEF":"0123456789abcdef")[intpart % 10];
intpart = (intpart / 10);
} while(intpart && (iplace < 20));
if (iplace == 20) iplace--;
iconvert[iplace] = 0;
/* Convert fractional part */
do {
fconvert[fplace++] =
(caps? "0123456789ABCDEF":"0123456789abcdef")[fracpart % 10];
fracpart = (fracpart / 10);
} while(fracpart && (fplace < 20));
if (fplace == 20) fplace--;
fconvert[fplace] = 0;
/* -1 for decimal point, another -1 if we are printing a sign */
padlen = min - iplace - max - 1 - ((signvalue) ? 1 : 0);
zpadlen = max - fplace;
if (zpadlen < 0)
zpadlen = 0;
if (padlen < 0)
padlen = 0;
if (flags & DP_F_MINUS)
padlen = -padlen; /* Left Justifty */
if ((flags & DP_F_ZERO) && (padlen > 0))
{
if (signvalue)
{
dopr_outch (buffer, currlen, maxlen, signvalue);
--padlen;
signvalue = 0;
}
while (padlen > 0)
{
dopr_outch (buffer, currlen, maxlen, '0');
--padlen;
}
}
while (padlen > 0)
{
dopr_outch (buffer, currlen, maxlen, ' ');
--padlen;
}
if (signvalue)
dopr_outch (buffer, currlen, maxlen, signvalue);
while (iplace > 0)
dopr_outch (buffer, currlen, maxlen, iconvert[--iplace]);
/*
* Decimal point. This should probably use locale to find the correct
* char to print out.
*/
dopr_outch (buffer, currlen, maxlen, '.');
while (zpadlen > 0)
{
dopr_outch (buffer, currlen, maxlen, '0');
--zpadlen;
}
while (fplace > 0)
dopr_outch (buffer, currlen, maxlen, fconvert[--fplace]);
while (padlen < 0)
{
dopr_outch (buffer, currlen, maxlen, ' ');
++padlen;
}
}
static void dopr_outch (char *buffer, size_t *currlen, size_t maxlen, char c)
{
if (*currlen < maxlen)
buffer[(*currlen)++] = c;
}
#ifdef TEST_SNPRINTF
#ifndef LONG_STRING
#define LONG_STRING 1024
#endif
int main (void)
{
char buf1[LONG_STRING];
char buf2[LONG_STRING];
char *fp_fmt[] = {
"%-1.5f",
"%1.5f",
"%123.9f",
"%10.5f",
"% 10.5f",
"%+22.9f",
"%+4.9f",
"%01.3f",
"%4f",
"%3.1f",
"%3.2f",
NULL
};
double fp_nums[] = { -1.5, 134.21, 91340.2, 341.1234, 0203.9, 0.96, 0.996,
0.9996, 1.996, 4.136, 0};
char *int_fmt[] = {
"%-1.5d",
"%1.5d",
"%123.9d",
"%5.5d",
"%10.5d",
"% 10.5d",
"%+22.33d",
"%01.3d",
"%4d",
NULL
};
long int_nums[] = { -1, 134, 91340, 341, 0203, 0};
int x, y;
int fail = 0;
int num = 0;
printf ("Testing snprintf format codes against system sprintf...\n");
for (x = 0; fp_fmt[x] != NULL ; x++)
for (y = 0; fp_nums[y] != 0 ; y++)
{
snprintf (buf1, sizeof (buf1), fp_fmt[x], fp_nums[y]);
sprintf (buf2, fp_fmt[x], fp_nums[y]);
if (strcmp (buf1, buf2))
{
printf("snprintf doesn't match Format: %s\n\tsnprintf = %s\n\tsprintf = %s\n",
fp_fmt[x], buf1, buf2);
fail++;
}
num++;
}
for (x = 0; int_fmt[x] != NULL ; x++)
for (y = 0; int_nums[y] != 0 ; y++)
{
snprintf (buf1, sizeof (buf1), int_fmt[x], int_nums[y]);
sprintf (buf2, int_fmt[x], int_nums[y]);
if (strcmp (buf1, buf2))
{
printf("snprintf doesn't match Format: %s\n\tsnprintf = %s\n\tsprintf = %s\n",
int_fmt[x], buf1, buf2);
fail++;
}
num++;
}
printf ("%d tests failed out of %d.\n", fail, num);
}
#endif /* SNPRINTF_TEST */
#endif /* !HAVE_SNPRINTF */

57
compat/strlcpy.c Normal file
View File

@ -0,0 +1,57 @@
/* from openssh 4.3p2 compat/strlcpy.c */
/*
* Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* OPENBSD ORIGINAL: lib/libc/string/strlcpy.c */
#include <ldns/config.h>
#ifndef HAVE_STRLCPY
#include <sys/types.h>
#include <string.h>
/*
* Copy src to string dst of size siz. At most siz-1 characters
* will be copied. Always NUL terminates (unless siz == 0).
* Returns strlen(src); if retval >= siz, truncation occurred.
*/
size_t
strlcpy(char *dst, const char *src, size_t siz)
{
char *d = dst;
const char *s = src;
size_t n = siz;
/* Copy as many bytes as will fit */
if (n != 0 && --n != 0) {
do {
if ((*d++ = *s++) == 0)
break;
} while (--n != 0);
}
/* Not enough room in dst, add NUL and traverse rest of src */
if (n == 0) {
if (siz != 0)
*d = '\0'; /* NUL-terminate dst */
while (*s++)
;
}
return(s - src - 1); /* count does not include NUL */
}
#endif /* !HAVE_STRLCPY */

31
compat/timegm.c Normal file
View File

@ -0,0 +1,31 @@
#ifdef HAVE_CONFIG_H
#include <ldns/config.h>
#endif
#include <stdio.h>
#ifdef HAVE_STDLIB_H
#include <stdlib.h>
#endif
#include <time.h>
time_t
timegm (struct tm *tm) {
time_t ret;
char *tz;
tz = getenv("TZ");
putenv((char*)"TZ=");
tzset();
ret = mktime(tm);
if (tz) {
char buf[256];
snprintf(buf, sizeof(buf), "TZ=%s", tz);
putenv(tz);
}
else
putenv((char*)"TZ");
tzset();
return ret;
}

1530
config.guess vendored Executable file
View File

File diff suppressed because it is too large Load Diff

1773
config.sub vendored Executable file
View File

File diff suppressed because it is too large Load Diff

18779
configure vendored Executable file
View File

File diff suppressed because it is too large Load Diff

674
configure.ac Normal file
View File

@ -0,0 +1,674 @@
# -*- Autoconf -*-
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.56)
sinclude(acx_nlnetlabs.m4)
# must be numbers. ac_defun because of later processing.
m4_define([VERSION_MAJOR],[1])
m4_define([VERSION_MINOR],[6])
m4_define([VERSION_MICRO],[13])
AC_INIT(ldns, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), libdns@nlnetlabs.nl, libdns)
AC_CONFIG_SRCDIR([packet.c])
# needed to build correct soname
AC_SUBST(LIBTOOL_VERSION_INFO, VERSION_MAJOR:VERSION_MINOR:VERSION_MICRO)
AC_SUBST(LDNS_VERSION_MAJOR, [VERSION_MAJOR])
AC_SUBST(LDNS_VERSION_MINOR, [VERSION_MINOR])
AC_SUBST(LDNS_VERSION_MICRO, [VERSION_MICRO])
OURCPPFLAGS=''
CPPFLAGS=${CPPFLAGS:-${OURCPPFLAGS}}
CFLAGS="$CFLAGS"
AC_AIX
# Checks for programs.
AC_PROG_CC
ACX_DEPFLAG
AC_PROG_MAKE_SET
# Extra (sp)lint flags for NetBSD
AC_CANONICAL_HOST
case "$host_os" in
netbsd*) LINTFLAGS="'-D__RENAME(x)=' -D_NETINET_IN_H_ $LINTFLAGS"
;;
*) LINTFLAGS="$LINTFLAGS"
;;
esac
AC_SUBST(LINTFLAGS)
AC_DEFINE(WINVER, 0x0502, [the version of the windows API enabled])
ACX_CHECK_COMPILER_FLAG(std=c99, [C99FLAG="-std=c99"])
ACX_CHECK_COMPILER_FLAG(xc99, [C99FLAG="-xc99"])
# routine to copy files
# argument 1 is a list of files (relative to the source dir)
# argument 2 is a destination directory (relative to the current
# working directory
AC_DEFUN([COPY_FILES],
[
for file in $1; do
sh $srcdir/install-sh -m 644 $file $2
done
])
# copy all .h files in the dir at argument 1
# (relative to source) to the dir at argument 2
# (relative to current dir)
AC_DEFUN([COPY_HEADER_FILES],
[
echo "copying header files"
COPY_FILES($srcdir/$1/*.h, $2)
])
# Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
AC_LANG_C
ACX_CHECK_COMPILER_FLAG(g, [CFLAGS="-g $CFLAGS"])
ACX_CHECK_COMPILER_FLAG(O2, [CFLAGS="-O2 $CFLAGS"])
ACX_CHECK_COMPILER_FLAG(Wall, [CFLAGS="-Wall $CFLAGS"])
ACX_CHECK_COMPILER_FLAG(W, [CFLAGS="-W $CFLAGS"])
ACX_CHECK_COMPILER_FLAG(Wwrite-strings, [CFLAGS="-Wwrite-strings $CFLAGS"])
AC_CHECK_HEADERS([getopt.h time.h],,, [AC_INCLUDES_DEFAULT])
# MinGW32 tests
AC_CHECK_HEADERS([winsock2.h ws2tcpip.h],,, [AC_INCLUDES_DEFAULT])
# end mingw32 tests
ACX_DETERMINE_EXT_FLAGS_UNBOUND
AC_C_INLINE
AC_CHECK_TYPE(int8_t, char)
AC_CHECK_TYPE(int16_t, short)
AC_CHECK_TYPE(int32_t, int)
AC_CHECK_TYPE(int64_t, long long)
AC_CHECK_TYPE(uint8_t, unsigned char)
AC_CHECK_TYPE(uint16_t, unsigned short)
AC_CHECK_TYPE(uint32_t, unsigned int)
AC_CHECK_TYPE(uint64_t, unsigned long long)
# my own checks
AC_CHECK_PROG(doxygen, doxygen, doxygen)
# check to see if libraries are needed for these functions.
AC_SEARCH_LIBS([socket], [socket])
AC_SEARCH_LIBS([inet_pton], [nsl])
AC_ARG_WITH(drill, AC_HELP_STRING([--with-drill],
[Also build drill.]),
[],[with_drill="no"])
if test x_$with_drill != x_no ; then
AC_SUBST(DRILL,[drill])
AC_SUBST(INSTALL_DRILL,[install-drill])
AC_SUBST(UNINSTALL_DRILL,[uninstall-drill])
AC_SUBST(CLEAN_DRILL,[clean-drill])
AC_SUBST(LINT_DRILL,[lint-drill])
if test -e $srcdir/drill/config.h -o -e drill/config.h ; then
AC_MSG_ERROR([
A config.h was detected in the drill subdirectory.
This does not work with the --with-drill option.
Please remove the config.h from the drill subdirectory
or do not use the --with-drill option.])
fi
else
AC_SUBST(DRILL,[""])
AC_SUBST(INSTALL_DRILL,[""])
AC_SUBST(UNINSTALL_DRILL,[""])
AC_SUBST(CLEAN_DRILL,[""])
AC_SUBST(LINT_DRILL,[""])
fi
AC_ARG_WITH(examples, AC_HELP_STRING([--with-examples],
[Also build examples.]),
[],[with_examples="no"])
if test x_$with_examples != x_no ; then
AC_SUBST(EXAMPLES,[examples])
AC_SUBST(INSTALL_EXAMPLES,[install-examples])
AC_SUBST(UNINSTALL_EXAMPLES,[uninstall-examples])
AC_SUBST(CLEAN_EXAMPLES,[clean-examples])
AC_SUBST(LINT_EXAMPLES,[lint-examples])
if test -e $srcdir/examples/config.h -o -e examples/config.h ; then
AC_MSG_ERROR([
A config.h was detected in the examples subdirectory.
This does not work with the --with-examples option.
Please remove the config.h from the examples subdirectory
or do not use the --with-examples option.])
fi
else
AC_SUBST(EXAMPLES,[""])
AC_SUBST(INSTALL_EXAMPLES,[""])
AC_SUBST(UNINSTALL_EXAMPLES,[""])
AC_SUBST(CLEAN_EXAMPLES,[""])
AC_SUBST(LINT_EXAMPLES,[""])
fi
# add option to disable installation of ldns-config script
AC_ARG_ENABLE(ldns-config, [ --disable-ldns-config disable installation of ldns-config (default=enabled)],
enable_ldns_config=$enableval, enable_ldns_config=yes)
if test "x$enable_ldns_config" = xyes; then
AC_SUBST(INSTALL_CONFIG, [install-config])
AC_SUBST(INSTALL_CONFIG_MANPAGE, [install-config-manpage])
AC_SUBST(UNINSTALL_CONFIG, [uninstall-config])
AC_SUBST(UNINSTALL_CONFIG_MANPAGE, [uninstall-config-manpage])
else
AC_SUBST(INSTALL_CONFIG, [""])
AC_SUBST(INSTALL_CONFIG_MANPAGE, [""])
AC_SUBST(UNINSTALL_CONFIG, [""])
AC_SUBST(UNINSTALL_CONFIG_MANPAGE, [""])
fi
# check for python
PYTHON_X_CFLAGS=""
ldns_with_pyldns=no
ldns_with_pyldnsx=no
AC_ARG_WITH(pyldns, AC_HELP_STRING([--with-pyldns],
[generate python library, or --without-pyldns to disable Python support.]),
[],[ withval="no" ])
ldns_have_python=no
if test x_$withval != x_no; then
sinclude(ax_python_devel.m4)
ac_save_LIBS="$LIBS" dnl otherwise AC_PYTHON_DEVEL thrashes $LIBS
AX_PYTHON_DEVEL([>= '2.4.0'])
if test ! -z "$ac_python_version"; then
ldns_have_python=yes
fi
# pass additional Python 3 option to SWIG
if test `$PYTHON -c "import sys; \
ver = sys.version.split()[[0]]; \
print(ver >= '3')"` = "True"; then
AC_SUBST(SWIGPY3, ["-py3 -DPY3"])
fi
# check for SWIG
if test x_$ldns_have_python != x_no; then
sinclude(ax_pkg_swig.m4)
# check for >=SWIG-2.0.4 if Python 3.2 used
if test `$PYTHON -c "import sys; \
ver = sys.version.split()[[0]]; \
print(ver >= '3.2')"` = "True"; then
AX_PKG_SWIG(2.0.4, [], [AC_MSG_ERROR([SWIG-2.0.4 is required to build pyldns for Python 3.2 and greater.])])
else
AX_PKG_SWIG
fi
if test ! -x "$SWIG"; then
AC_MSG_ERROR([failed to find SWIG tool, install it, or do not build pyldns])
else
AC_DEFINE(HAVE_SWIG,1,[Define if you have SWIG libraries and header files.])
AC_SUBST(PYLDNS, "pyldns")
AC_SUBST(swig, "$SWIG")
ldns_with_pyldns=yes
fi
else
AC_MSG_RESULT([*** don't have Python, skipping SWIG, no pyldns ***]) # '
fi
# xtra cflags for pyldns
if test x_$ldns_have_python != x_no; then
ACX_CHECK_COMPILER_FLAG(fno-strict-aliasing, [PYTHON_X_CFLAGS="-fno-strict-aliasing"])
ACX_CHECK_COMPILER_FLAG(Wno-missing-field-initializers, [PYTHON_X_CFLAGS="-Wno-missing-field-initializers $PYTHON_X_CFLAGS"])
ACX_CHECK_COMPILER_FLAG(Wno-unused-parameter, [PYTHON_X_CFLAGS="-Wno-unused-parameter $PYTHON_X_CFLAGS"])
ACX_CHECK_COMPILER_FLAG(Wno-unused-variable, [PYTHON_X_CFLAGS="-Wno-unused-variable $PYTHON_X_CFLAGS"])
fi
fi
AC_SUBST(PYTHON_X_CFLAGS)
# Check for pyldnsx
AC_ARG_WITH(pyldnsx, AC_HELP_STRING([--without-pyldnsx],
[Do not install the ldnsx python module, or --with-pyldnsx to install it.]),
[],[ withval="with_pyldns" ])
if test x_$withval != x_no; then
if test x_$ldns_with_pyldns != x_no; then
AC_SUBST(PYLDNSX, "pyldnsx")
ldns_with_pyldnsx=yes
else
if test x_$withval != x_with_pyldns; then
AC_MSG_ERROR([--with-pyldns is needed for the ldnsx python module])
fi
fi
fi
if test x_$ldns_with_pyldns != x_no; then
AC_SUBST(PYLDNSINST, "install-pyldns")dnl
AC_SUBST(PYLDNSUNINST, "uninstall-pyldns")
else
AC_SUBST(PYLDNSINST, "")dnl
AC_SUBST(PYLDNSUNINST, "")
fi
if test x_$ldns_with_pyldnsx != x_no; then
AC_SUBST(PYLDNSXINST, "install-pyldnsx")dnl
AC_SUBST(PYLDNSXUNINST, "uninstall-pyldnsx")
else
AC_SUBST(PYLDNSXINST, "")dnl
AC_SUBST(PYLDNSXUNINST, "")
fi
# Use libtool
ACX_LIBTOOL_C_ONLY
tmp_CPPFLAGS=$CPPFLAGS
tmp_LDFLAGS=$LDFLAGS
tmp_LIBS=$LIBS
ACX_WITH_SSL_OPTIONAL
AC_CHECK_FUNCS([EVP_sha256])
# for macosx, see if glibtool exists and use that
# BSD's need to know the version...
#AC_CHECK_PROG(glibtool, glibtool, [glibtool], )
#AC_CHECK_PROGS(libtool, [libtool15 libtool], [./libtool])
AC_ARG_ENABLE(sha2, AC_HELP_STRING([--disable-sha2], [Disable SHA256 and SHA512 RRSIG support]))
case "$enable_sha2" in
no)
;;
yes|*)
if test "x$HAVE_SSL" != "xyes"; then
AC_MSG_ERROR([SHA2 enabled, but no SSL support])
fi
AC_MSG_CHECKING(for SHA256 and SHA512)
AC_CHECK_FUNC(SHA256_Init, [], [
AC_MSG_ERROR([No SHA2 functions found in OpenSSL: please upgrade OpenSSL or rerun with --disable-sha2])
])
AC_DEFINE_UNQUOTED([USE_SHA2], [1], [Define this to enable SHA256 and SHA512 support.])
;;
esac
AC_ARG_ENABLE(gost, AC_HELP_STRING([--disable-gost], [Disable GOST support]))
case "$enable_gost" in
no)
;;
*) dnl default
if test "x$HAVE_SSL" != "xyes"; then
AC_MSG_ERROR([GOST enabled, but no SSL support])
fi
AC_MSG_CHECKING(for GOST)
AC_CHECK_FUNC(EVP_PKEY_set_type_str, [],[AC_MSG_ERROR([OpenSSL >= 1.0.0 is needed for GOST support or rerun with --disable-gost])])
AC_CHECK_FUNC(EC_KEY_new, [], [AC_MSG_ERROR([No ECC functions found in OpenSSL: please upgrade OpenSSL or rerun with --disable-gost])])
AC_DEFINE_UNQUOTED([USE_GOST], [1], [Define this to enable GOST support.])
;;
esac
AC_ARG_ENABLE(ecdsa, AC_HELP_STRING([--disable-ecdsa], [Disable ECDSA support]))
case "$enable_ecdsa" in
no)
;;
*) dnl default
if test "x$HAVE_SSL" != "xyes"; then
AC_MSG_ERROR([ECDSA enabled, but no SSL support])
fi
AC_CHECK_FUNC(ECDSA_sign, [], [AC_MSG_ERROR([OpenSSL does not support ECDSA: please upgrade OpenSSL or rerun with --disable-ecdsa])])
AC_CHECK_FUNC(SHA384_Init, [], [AC_MSG_ERROR([OpenSSL does not support SHA384: please upgrade OpenSSL or rerun with --disable-ecdsa])])
AC_CHECK_DECLS([NID_X9_62_prime256v1, NID_secp384r1], [], [AC_MSG_ERROR([OpenSSL does not support the ECDSA curves: please upgrade OpenSSL or rerun with --disable-ecdsa])], [AC_INCLUDES_DEFAULT
#include <openssl/evp.h>
])
# we now know we have ECDSA and the required curves.
AC_DEFINE_UNQUOTED([USE_ECDSA], [1], [Define this to enable ECDSA support.])
;;
esac
AC_SUBST(LIBSSL_CPPFLAGS)
AC_SUBST(LIBSSL_LDFLAGS)
AC_SUBST(LIBSSL_LIBS)
CPPFLAGS=$tmp_CPPFLAGS
LDFLAGS=$tmp_LDFLAGS
LIBS=$tmp_LIBS
# add option to disable the evil rpath
ACX_ARG_RPATH
#AC_RUN_IFELSE([AC_LANG_SOURCE(
#[
#int main()
#{
#short one = 1;
#char *cp = (char*)&one;
#if ( *cp == 0 )
#return(0);
#else
#return(1);
#}
#])], [],[
#AC_DEFINE(CONFCHECK_LITTLE_ENDIAN, 1, [system appears to be little-endian])
#],[])
# should define WORDS_BIGENDIAN if the system is big-endian
AC_C_BIGENDIAN
# Checks for header files.
AC_HEADER_STDC
AC_HEADER_STDBOOL
#AC_HEADER_SYS_WAIT
#AC_CHECK_HEADERS([getopt.h fcntl.h stdlib.h string.h strings.h unistd.h])
# do the very minimum - we can always extend this
AC_CHECK_HEADERS([getopt.h stdarg.h openssl/ssl.h netinet/in.h time.h arpa/inet.h netdb.h],,, [AC_INCLUDES_DEFAULT])
AC_CHECK_HEADERS(sys/param.h sys/mount.h,,,
[AC_INCLUDES_DEFAULT
[
#if HAVE_SYS_PARAM_H
# include <sys/param.h>
#endif
]
])
AC_CHECK_HEADER(sys/socket.h,
[
include_sys_socket_h='#include <sys/socket.h>'
AC_DEFINE(HAVE_SYS_SOCKET_H, 1, [define if you have sys/socket.h])
],[
include_sys_socket_h=''
],[AC_INCLUDES_DEFAULT
[
#if HAVE_SYS_PARAM_H
# include <sys/param.h>
#endif
]
])
AC_SUBST(include_sys_socket_h)
AC_CHECK_HEADER(inttypes.h,
[
include_inttypes_h='#include <inttypes.h>'
AC_DEFINE(HAVE_INTTYPES_H, 1, [define if you have inttypes.h])
AC_SUBST(ldns_build_config_have_inttypes_h, 1)
],[
include_inttypes_h=''
AC_SUBST(ldns_build_config_have_inttypes_h, 0)
],[AC_INCLUDES_DEFAULT
])
AC_SUBST(include_inttypes_h)
AC_CHECK_HEADER(sys/types.h,
[
include_systypes_h='#include <sys/types.h>'
AC_DEFINE(HAVE_SYS_TYPES_H, 1, [define if you have sys/types.h])
],[
include_systypes_h=''
],[AC_INCLUDES_DEFAULT
])
AC_SUBST(include_systypes_h)
AC_CHECK_HEADER(unistd.h,
[
include_unistd_h='#include <unistd.h>'
AC_DEFINE(HAVE_UNISTD_H, 1, [define if you have unistd.h])
],[
include_unistd_h=''
],[AC_INCLUDES_DEFAULT
])
AC_SUBST(include_unistd_h)
AC_CHECK_SIZEOF(time_t,,[
AC_INCLUDES_DEFAULT
#ifdef TIME_WITH_SYS_TIME
# include <sys/time.h>
# include <time.h>
#else
# ifdef HAVE_SYS_TIME_H
# include <sys/time.h>
# else
# include <time.h>
# endif
#endif
])
if test x_$with_examples != x_no; then
AC_CHECK_HEADERS([pcap.h],, [AC_INCLUDES_DEFAULT])
AC_CHECK_LIB(pcap, pcap_open_offline, [
AC_DEFINE([HAVE_LIBPCAP], [1], [Define to 1 if you have the `pcap' library (-lpcap).])dnl`
AC_SUBST([LIBPCAP_LIBS], [-lpcap])
], [
AC_MSG_WARN([Can't find pcap library (needed for ldns-dpa, will not build dpa now.)])dnl'
AC_SUBST([LIBPCAP_LIBS], [])
]
)
AC_CHECK_HEADERS([netinet/in_systm.h net/if.h netinet/ip.h netinet/udp.h netinet/igmp.h netinet/if_ether.h netinet/ip6.h net/ethernet.h netinet/ip_compat.h],,, [
AC_INCLUDES_DEFAULT
#ifdef HAVE_NETINET_IN_SYSTM_H
#include <netinet/in_systm.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_NET_IF_H
#include <net/if.h>
#endif])
fi
ACX_TYPE_SOCKLEN_T
AC_TYPE_SIZE_T
AC_TYPE_SSIZE_T
AC_TYPE_INTPTR_T
AC_CHECK_TYPE(in_addr_t, [], [AC_DEFINE([in_addr_t], [uint32_t], [in_addr_t])], [
#if HAVE_SYS_TYPES_H
# include <sys/types.h>
#endif
#if HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif])
AC_CHECK_TYPE(in_port_t, [], [AC_DEFINE([in_port_t], [uint16_t], [in_port_t])], [
#if HAVE_SYS_TYPES_H
# include <sys/types.h>
#endif
#if HAVE_NETINET_IN_H
# include <netinet/in.h>
#endif])
ACX_CHECK_SS_FAMILY
AC_FUNC_MALLOC
AC_FUNC_REALLOC
AC_REPLACE_FUNCS(b64_pton)
AC_REPLACE_FUNCS(b64_ntop)
AC_REPLACE_FUNCS(b32_pton)
AC_REPLACE_FUNCS(b32_ntop)
AC_REPLACE_FUNCS(calloc)
AC_REPLACE_FUNCS(timegm)
AC_REPLACE_FUNCS(gmtime_r)
AC_REPLACE_FUNCS(ctime_r)
AC_REPLACE_FUNCS(localtime_r)
AC_REPLACE_FUNCS(isblank)
AC_REPLACE_FUNCS(isascii)
AC_REPLACE_FUNCS(inet_aton)
AC_REPLACE_FUNCS(inet_pton)
AC_REPLACE_FUNCS(inet_ntop)
AC_REPLACE_FUNCS(snprintf)
AC_REPLACE_FUNCS(strlcpy)
AC_REPLACE_FUNCS(memmove)
AC_FUNC_FORK
AC_CHECK_FUNCS([endprotoent endservent sleep random fcntl strtoul bzero memset])
ACX_CHECK_GETADDRINFO_WITH_INCLUDES
if test $ac_cv_func_getaddrinfo = no; then
AC_LIBOBJ([fake-rfc2553])
fi
if test "$USE_WINSOCK" = 1; then
AC_CHECK_TOOL(WINDRES, windres)
fi
ACX_FUNC_IOCTLSOCKET
#AC_SEARCH_LIBS(RSA_new, [crypto])
ACX_CHECK_FORMAT_ATTRIBUTE
ACX_CHECK_UNUSED_ATTRIBUTE
# check OSX deployment target which is needed
if echo $build_os | grep darwin > /dev/null; then
export MACOSX_DEPLOYMENT_TARGET="10.4"
fi
AC_DEFINE([SYSCONFDIR], [sysconfdir], [System configuration dir])
AH_BOTTOM([
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <assert.h>
#ifndef LITTLE_ENDIAN
#define LITTLE_ENDIAN 1234
#endif
#ifndef BIG_ENDIAN
#define BIG_ENDIAN 4321
#endif
#ifndef BYTE_ORDER
#ifdef WORDS_BIGENDIAN
#define BYTE_ORDER BIG_ENDIAN
#else
#define BYTE_ORDER LITTLE_ENDIAN
#endif /* WORDS_BIGENDIAN */
#endif /* BYTE_ORDER */
#if STDC_HEADERS
#include <stdlib.h>
#include <stddef.h>
#endif
#ifdef HAVE_STDINT_H
#include <stdint.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#ifdef HAVE_WINSOCK2_H
#include <winsock2.h>
#endif
#ifdef HAVE_WS2TCPIP_H
#include <ws2tcpip.h>
#endif
]
AHX_CONFIG_W32_FD_SET_T
)
AH_BOTTOM([
#ifdef __cplusplus
extern "C" {
#endif
#ifndef B64_PTON
int ldns_b64_ntop(uint8_t const *src, size_t srclength,
char *target, size_t targsize);
/**
* calculates the size needed to store the result of b64_ntop
*/
/*@unused@*/
static inline size_t ldns_b64_ntop_calculate_size(size_t srcsize)
{
return ((((srcsize + 2) / 3) * 4) + 1);
}
#endif /* !B64_PTON */
#ifndef B64_NTOP
int ldns_b64_pton(char const *src, uint8_t *target, size_t targsize);
/**
* calculates the size needed to store the result of ldns_b64_pton
*/
/*@unused@*/
static inline size_t ldns_b64_pton_calculate_size(size_t srcsize)
{
return (((((srcsize + 3) / 4) * 3)) + 1);
}
#endif /* !B64_NTOP */
#ifndef HAVE_SLEEP
/* use windows sleep, in millisecs, instead */
#define sleep(x) Sleep((x)*1000)
#endif
#ifndef HAVE_RANDOM
#define srandom(x) srand(x)
#define random(x) rand(x)
#endif
#ifndef HAVE_TIMEGM
#include <time.h>
time_t timegm (struct tm *tm);
#endif /* !TIMEGM */
#ifndef HAVE_GMTIME_R
struct tm *gmtime_r(const time_t *timep, struct tm *result);
#endif
#ifndef HAVE_LOCALTIME_R
struct tm *localtime_r(const time_t *timep, struct tm *result);
#endif
#ifndef HAVE_ISBLANK
int isblank(int c);
#endif /* !HAVE_ISBLANK */
#ifndef HAVE_ISASCII
int isascii(int c);
#endif /* !HAVE_ISASCII */
#ifndef HAVE_SNPRINTF
#include <stdarg.h>
int snprintf (char *str, size_t count, const char *fmt, ...);
int vsnprintf (char *str, size_t count, const char *fmt, va_list arg);
#endif /* HAVE_SNPRINTF */
#ifndef HAVE_INET_PTON
int inet_pton(int af, const char* src, void* dst);
#endif /* HAVE_INET_PTON */
#ifndef HAVE_INET_NTOP
const char *inet_ntop(int af, const void *src, char *dst, size_t size);
#endif
#ifndef HAVE_INET_ATON
int inet_aton(const char *cp, struct in_addr *addr);
#endif
#ifndef HAVE_MEMMOVE
void *memmove(void *dest, const void *src, size_t n);
#endif
#ifndef HAVE_STRLCPY
size_t strlcpy(char *dst, const char *src, size_t siz);
#endif
#ifdef __cplusplus
}
#endif
#ifndef HAVE_GETADDRINFO
#include "compat/fake-rfc2553.h"
#endif
#ifndef HAVE_STRTOUL
#define strtoul (unsigned long)strtol
#endif
])
if test "x$HAVE_SSL" = "xyes"; then
AC_SUBST(ldns_build_config_have_ssl, 1)
else
AC_SUBST(ldns_build_config_have_ssl, 0)
fi
if test "x$ac_cv_c_format_attribute" = "xyes"; then
AC_SUBST(ldns_build_config_have_attr_format, 1)
else
AC_SUBST(ldns_build_config_have_attr_format, 0)
fi
if test "x$ac_cv_c_unused_attribute" = "xyes"; then
AC_SUBST(ldns_build_config_have_attr_unused, 1)
else
AC_SUBST(ldns_build_config_have_attr_unused, 0)
fi
AC_CONFIG_FILES([Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config])
AC_CONFIG_HEADER([ldns/config.h])
AC_OUTPUT
COPY_HEADER_FILES(ldns/, ldns/)
dnl AC_CONFIG_SUBDIRS([drill])

10
contrib/NETLDNS.readme.txt Normal file
View File

@ -0,0 +1,10 @@
NETLDNS is a functionality port of NLnet Labs' LDNS to the .NET
2.0 framework, contributed by Alex Nicoll of the Carnegie Mellon
University Software Engineering Institute. NETLDNS is released
under the BSD license. NETLDNS uses Mihnea Radulescu's BigInteger
Library (http://www.codeproject.com/KB/cs/BigInteger_Library.aspx)
from CodeProject to help with key manipulation. Please contact Alex at
anicoll@cert.org with inquiries or requests for newer versions.
This project is not supported by NLnet Labs.

BIN
contrib/NETLDNS.tar.gz Normal file
View File

Binary file not shown.

50
contrib/build-solaris.sh Executable file
View File

@ -0,0 +1,50 @@
#!/bin/ksh
#
# $Id: build-solaris.sh 2597 2008-04-15 08:39:58Z jelte $
PREFIX=/opt/ldns
OPENSSL=/usr/sfw
SUDO=sudo
MAKE_PROGRAM=gmake
MAKE_ARGS="-j 4"
OBJ32=obj32
OBJ64=obj64
SRCDIR=`pwd`
test -d $OBJ32 && $SUDO rm -fr $OBJ32
mkdir $OBJ32
export CFLAGS=""
export LDFLAGS="-L${OPENSSL}/lib -R${OPENSSL}/lib"
(cd $OBJ32; \
${SRCDIR}/configure --with-ssl=${OPENSSL} --prefix=${PREFIX} --libdir=${PREFIX}/lib; \
$MAKE_PROGRAM $MAKE_ARGS)
if [ `isainfo -k` = amd64 ]; then
test -d $OBJ64 && $SUDO rm -fr $OBJ64
mkdir $OBJ64
export CFLAGS="-m64"
export LDFLAGS="-L${OPENSSL}/lib/amd64 -R${OPENSSL}/lib/amd64"
(cd $OBJ64; \
${SRCDIR}/configure --with-ssl=${OPENSSL} --prefix=${PREFIX} --libdir=${PREFIX}/lib/amd64; \
$MAKE_PROGRAM $MAKE_ARGS)
fi
# optionally install
#
if [ x$1 = xinstall ]; then
(cd $OBJ32; $SUDO $MAKE_PROGRAM install-h)
(cd $OBJ32; $SUDO $MAKE_PROGRAM install-doc)
(cd $OBJ32; $SUDO $MAKE_PROGRAM install-lib)
if [ `isainfo -k` = amd64 ]; then
(cd $OBJ64; $SUDO $MAKE_PROGRAM install-lib)
fi
fi

28
contrib/ldnsx/LICENSE Normal file
View File

@ -0,0 +1,28 @@
Copyright (c) 2011, Xelerance
Author: Christopher Olah <chris@xelerance.com>
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
* Neither the name of Xelerance nor the names of its
contributors may be used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.

89
contrib/ldnsx/Makefile Normal file
View File

@ -0,0 +1,89 @@
# Makefile for Sphinx documentation
#
# You can set these variables from the command line.
SPHINXOPTS =
SPHINXBUILD = sphinx-build
PAPER =
BUILDDIR = build
# Internal variables.
PAPEROPT_a4 = -D latex_paper_size=a4
PAPEROPT_letter = -D latex_paper_size=letter
ALLSPHINXOPTS = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) source
.PHONY: help clean html dirhtml pickle json htmlhelp qthelp latex changes linkcheck doctest
help:
@echo "Please use \`make <target>' where <target> is one of"
@echo " html to make standalone HTML files"
@echo " dirhtml to make HTML files named index.html in directories"
@echo " pickle to make pickle files"
@echo " json to make JSON files"
@echo " htmlhelp to make HTML files and a HTML help project"
@echo " qthelp to make HTML files and a qthelp project"
@echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter"
@echo " changes to make an overview of all changed/added/deprecated items"
@echo " linkcheck to check all external links for integrity"
@echo " doctest to run all doctests embedded in the documentation (if enabled)"
clean:
-rm -rf $(BUILDDIR)/*
html:
$(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html
@echo
@echo "Build finished. The HTML pages are in $(BUILDDIR)/html."
dirhtml:
$(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml
@echo
@echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml."
pickle:
$(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle
@echo
@echo "Build finished; now you can process the pickle files."
json:
$(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json
@echo
@echo "Build finished; now you can process the JSON files."
htmlhelp:
$(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp
@echo
@echo "Build finished; now you can run HTML Help Workshop with the" \
".hhp project file in $(BUILDDIR)/htmlhelp."
qthelp:
$(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp
@echo
@echo "Build finished; now you can run "qcollectiongenerator" with the" \
".qhcp project file in $(BUILDDIR)/qthelp, like this:"
@echo "# qcollectiongenerator $(BUILDDIR)/qthelp/ldnsx.qhcp"
@echo "To view the help file:"
@echo "# assistant -collectionFile $(BUILDDIR)/qthelp/ldnsx.qhc"
latex:
$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
@echo
@echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex."
@echo "Run \`make all-pdf' or \`make all-ps' in that directory to" \
"run these through (pdf)latex."
changes:
$(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes
@echo
@echo "The overview file is in $(BUILDDIR)/changes."
linkcheck:
$(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck
@echo
@echo "Link check complete; look for any errors in the above output " \
"or in $(BUILDDIR)/linkcheck/output.txt."
doctest:
$(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest
@echo "Testing of doctests in the sources finished, look at the " \
"results in $(BUILDDIR)/doctest/output.txt."

36
contrib/ldnsx/README Normal file
View File

@ -0,0 +1,36 @@
LDNSX: Easy DNS (including DNSSEC) via ldns.
ldns is a great library. It is a powerfull tool for
working with DNS. python-ldns it is a straight up clone of the C
interface, howver that is not a very good interface for python. Its
documentation is incomplete and some functions don't work as
described. And some objects don't have a full python API.
ldnsx aims to fix this. It wraps around the ldns python bindings,
working around its limitations and providing a well-documented, more
pythonistic interface.
Written by Christopher Olah <chris@xelerance.com>
Examples
========
Query the default resolver for google.com's A records. Print the response
packet.
>>> import ldnsx
>>> resolver = ldnsx.resolver()
>>> print resolver.query("google.com","A")
Print the NS records for com. from f.root-servers.net if we get a
response, else an error message.
>>> import ldnsx
>>> pkt = ldnsx.resolver("f.root-servers.net").query("com.","NS")
>>> if pkt:
>>> for rr in pkt.answer():
>>> print rr
>>> else:
>>> print "response not received"

30
contrib/ldnsx/examples/ldnsx-axfr.py Normal file
View File

@ -0,0 +1,30 @@
#!/usr/bin/python
# vim:fileencoding=utf-8
#
# AXFR client with IDN (Internationalized Domain Names) support
#
import ldns
import encodings.idna
def utf2name(name):
return '.'.join([encodings.idna.ToASCII(a) for a in name.split('.')])
def name2utf(name):
return '.'.join([encodings.idna.ToUnicode(a) for a in name.split('.')])
resolver = ldnsx.resolver("zone.nic.cz")
#Print results
for rr in resolver.AXFR(utf2name(u"háčkyčárky.cz")):
# rdf = rr.owner()
# if (rdf.get_type() == ldns.LDNS_RDF_TYPE_DNAME):
# print "RDF owner: type=",rr.type(),"data=",name2utf(rr.owner())
# else:
# print "RDF owner: type=",rdf.get_type_str(),"data=",str(rdf)
# print " RR type=", rr.get_type_str()," ttl=",rr.ttl()
# for rdf in rr.rdfs():
# if (rdf.get_type() == ldns.LDNS_RDF_TYPE_DNAME):
# print " RDF: type=",rdf.get_type_str(),"data=",name2utf(str(rdf))
# else:
# print " RDF: type=",rdf.get_type_str(),"data=",str(rdf)

39
contrib/ldnsx/examples/ldnsx-dnssec.py Normal file
View File

@ -0,0 +1,39 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
import ldnsx
import sys
debug = True
if len(sys.argv) < 2:
print "Usage:", sys.argv[0], "domain [resolver_addr]"
sys.exit(1)
name = sys.argv[1]
# Create resolver
resolver = ldnsx.resolver(dnssec=True)
# Custom resolver
if len(sys.argv) > 2:
# Clear previous nameservers
resolver.set_nameservers(sys.argv[2:])
# Resolve DNS name
pkt = resolver.query(name, "A")
if pkt and pkt.answer():
# Debug
if debug:
print "NS returned:", pkt.rcode(), "(AA: %d AD: %d)" % ( "AA" in pkt.flags(), "AD" in pkt.flags() )
# SERVFAIL indicated bogus name
if pkt.rcode() == "SERVFAIL":
print name, "failed to resolve"
# Check AD (Authenticated) bit
if pkt.rcode() == "NOERROR":
if "AD" in pkt.flags(): print name, "is secure"
else: print name, "is insecure"

11
contrib/ldnsx/examples/ldnsx-mx1.py Normal file
View File

@ -0,0 +1,11 @@
import ldnsx
resolver = ldnsx.resolver()
pkt = resolver.query("nic.cz", "MX")
if (pkt):
mx = pkt.answer()
if (mx):
mx.sort()
print mx

17
contrib/ldnsx/examples/ldnsx-mx2.py Normal file
View File

@ -0,0 +1,17 @@
#!/usr/bin/python
#
# MX is a small program that prints out the mx records for a particular domain
#
import ldnsx
resolver = ldnsx.resolver()
pkt = resolver.query("nic.cz", "MX")
if pkt:
for rr in pkt.answer(rr_type = "MX"):
rdf = rr.owner()
print rr
#Could also do:
#print rr[0], rr[1], rr[2], rr[3], " ".join(rr[4:])
#print rr.owner(), rr.ttl(), rr.rr_clas(), rr.rr_type(), " ".join(rr[4:])

25
contrib/ldnsx/examples/ldnsx-walk.py Executable file
View File

@ -0,0 +1,25 @@
#!/usr/bin/python
# vim:fileencoding=utf-8
#
# Walk a domain that's using NSEC and print in zonefile format.
import sys
import ldnsx
def walk(domain):
res = ldnsx.resolver("193.110.157.136", dnssec=True)
pkt = res.query(domain, 666)
try:
nsec_rr = pkt.authority(rr_type="NSEC")[0]
except:
print "no NSEC found, domain is not signed or using NSEC3"
sys.exit()
for rr_type in nsec_rr[5].split(' ')[:-1]:
for rr in ldnsx.get_rrs(domain, rr_type):
print str(rr)[:-1]
next_rec = nsec_rr[4]
if (next_rec != domain) and (next_rec[-len(domain):] == domain):
walk(next_rec)
walk("xelerance.com")

916
contrib/ldnsx/ldnsx.py Normal file
View File

@ -0,0 +1,916 @@
# Copyright (C) Xelerance Corp. <http://www.xelerance.com/>.
# Author: Christopher Olah <colah@xelerance.com>
# License: BSD
""" Easy DNS (including DNSSEC) via ldns.
ldns is a great library. It is a powerfull tool for
working with DNS. python-ldns it is a straight up clone of the C
interface, howver that is not a very good interface for python. Its
documentation is incomplete and some functions don't work as
described. And some objects don't have a full python API.
ldnsx aims to fix this. It wraps around the ldns python bindings,
working around its limitations and providing a well-documented, more
pythonistic interface.
**WARNING:**
**API subject to change.** No backwards compatibility guarantee. Write software using this version at your own risk!
Examples
--------
Query the default resolver for google.com's A records. Print the response
packet.
>>> import ldnsx
>>> resolver = ldnsx.resolver()
>>> print resolver.query("google.com","A")
Print the root NS records from f.root-servers.net; if we get a
response, else an error message.
>>> import ldnsx
>>> pkt = ldnsx.resolver("f.root-servers.net").query(".", "NS")
>>> if pkt:
>>> for rr in pkt.answer():
>>> print rr
>>> else:
>>> print "response not received"
"""
import time, sys, calendar, warnings, socket
try:
import ldns
except ImportError:
print >> sys.stderr, "ldnsx requires the ldns-python sub-package from http://www.nlnetlabs.nl/projects/ldns/"
print >> sys.stderr, "Fedora/CentOS: yum install ldns-python"
print >> sys.stderr, "Debian/Ubuntu: apt-get install python-ldns"
print >> sys.stderr, "openSUSE: zypper in python-ldns"
sys.exit(1)
__version__ = "0.1"
def isValidIP(ipaddr):
try:
v4 = socket.inet_pton(socket.AF_INET,ipaddr)
return 4
except:
try:
v6 = socket.inet_pton(socket.AF_INET6,ipaddr)
return 6
except:
return 0
def query(name, rr_type, rr_class="IN", flags=["RD"], tries = 3, res=None):
"""Convenience function. Creates a resolver and then queries it. Refer to resolver.query()
* name -- domain to query for
* rr_type -- rr_type to query for
* flags -- flags for query (list of strings)
* tries -- number of times to retry the query on failure
* res -- configurations for the resolver as a dict -- see resolver()
"""
if isinstance(res, list) or isinstance(res, tuple):
res = resolver(*res)
elif isinstance(res, dict):
res = resolver(**res)
else:
res = resolver(res)
return res.query(name, rr_type, rr_class, flags, tries)
def get_rrs(name, rr_type, rr_class="IN", tries = 3, strict = False, res=None, **kwds):
"""Convenience function. Gets RRs for name of type rr_type trying tries times.
If strict, it raises and exception on failure, otherwise it returns [].
* name -- domain to query for
* rr_type -- rr_type to query for
* flags -- flags for query (list of strings)
* tries -- number of times to retry the query on failure
* strict -- if the query fails, do we return [] or raise an exception?
* res -- configurations for the resolver as a dict -- see resolver()
* kwds -- query filters, refer to packet.answer()
"""
if isinstance(res, list) or isinstance(res, tuple):
res = resolver(*res)
elif isinstance(res, dict):
res = resolver(**res)
else:
res = resolver(res)
if "|" in rr_type:
pkt = res.query(name, "ANY", rr_class=rr_class, tries=tries)
else:
pkt = res.query(name, rr_type, rr_class=rr_class, tries=tries)
if pkt:
if rr_type in ["", "ANY", "*"]:
return pkt.answer( **kwds)
else:
return pkt.answer(rr_type=rr_type, **kwds)
else:
if strict:
raise Exception("LDNS couldn't complete query")
else:
return []
def secure_query(name, rr_type, rr_class="IN", flags=["RD"], tries = 1, flex=False, res=None):
"""Convenience function. Creates a resolver and then does a DNSSEC query. Refer to resolver.query()
* name -- domain to query for
* rr_type -- rr_type to query for
* flags -- flags for query (list of strings)
* tries -- number of times to retry the query on failure
* flex -- if we can't verify data, exception or warning?
* res -- configurations for the resolver as a dict -- see resolver()"""
if isinstance(res, list) or isinstance(res, tuple):
res = resolver(*res)
elif isinstance(res, dict):
res = resolver(**res)
else:
res = resolver(res)
pkt = res.query(name, rr_type, rr_class, flags, tries)
if pkt.rcode() == "SERVFAIL":
raise Exception("%s lookup failed (server error or dnssec validation failed)" % name)
if pkt.rcode() == "NXDOMAIN":
if "AD" in pkt.flags():
raise Exception("%s lookup failed (non-existence proven by DNSSEC)" % hostname )
else:
raise Exception("%s lookup failed" % hostname )
if pkt.rcode() == "NOERROR":
if "AD" not in pkt.flags():
if not flex:
raise Exception("DNS lookup was insecure")
else:
warnings.warn("DNS lookup was insecure")
return pkt
else:
raise Exception("unknown ldns error, %s" % pkt.rcode())
class resolver:
""" A wrapper around ldns.ldns_resolver.
**Examples**
Making resolvers is easy!
>>> from ldnsx import resolver
>>> resolver() # from /etc/resolv.conf
<resolver: 192.168.111.9>
>>> resolver("") # resolver with no nameservers
<resolver: >
>>> resolver("193.110.157.135") #resolver pointing to ip addr
<resolver: 193.110.157.135>
>>> resolver("f.root-servers.net") # resolver pointing ip address(es) resolved from name
<resolver: 2001:500:2f::f, 192.5.5.241>
>>> resolver("193.110.157.135, 193.110.157.136")
>>> # resolver pointing to multiple ip addr, first takes precedence.
<resolver: 193.110.157.136, 193.110.157.135>
So is playing around with their nameservers!
>>> import ldnsx
>>> res = ldnsx.resolver("192.168.1.1")
>>> res.add_nameserver("192.168.1.2")
>>> res.add_nameserver("192.168.1.3")
>>> res.nameservers_ip()
["192.168.1.1","192.168.1.2","192.168.1.3"]
And querying!
>>> from ldnsx import resolver
>>> res= resolver()
>>> res.query("cow.com","A")
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 7663
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; cow.com. IN A
;; ANSWER SECTION:
cow.com. 300 IN A 208.87.34.18
;; AUTHORITY SECTION:
;; ADDITIONAL SECTION:
;; Query time: 313 msec
;; SERVER: 192.168.111.9
;; WHEN: Fri Jun 3 11:01:02 2011
;; MSG SIZE rcvd: 41
"""
def __init__(self, ns = None, dnssec = False, tcp = False, port = 53):
"""resolver constructor
* ns -- the nameserver/comma delimited nameserver list
defaults to settings from /etc/resolv.conf
* dnssec -- should the resolver try and use dnssec or not?
* tcp -- should the resolver use TCP
'auto' is a depricated work around for old ldns problems
* port -- the port to use, must be the same for all nameservers
"""
# We construct based on a file and dump the nameservers rather than using
# ldns_resolver_new() to avoid environment/configuration/magic specific
# bugs.
self._ldns_resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
if ns != None:
self.drop_nameservers()
nm_list = ns.split(',')
nm_list = map(lambda s: s.strip(), nm_list)
nm_list = filter(lambda s: s != "", nm_list)
nm_list.reverse()
for nm in nm_list:
self.add_nameserver(nm)
# Configure DNSSEC, tcp and port
self.set_dnssec(dnssec)
if tcp == 'auto':
self.autotcp = True
self._ldns_resolver.set_usevc(False)
else:
self.autotcp = False
self._ldns_resolver.set_usevc(tcp)
self._ldns_resolver.set_port(port)
def query(self, name, rr_type, rr_class="IN", flags=["RD"], tries = 3):
"""Run a query on the resolver.
* name -- name to query for
* rr_type -- the record type to query for
* rr_class -- the class to query for, defaults to IN (Internet)
* flags -- the flags to send the query with
* tries -- the number of times to attempt to acheive query in case of packet loss, etc
**Examples**
Let's get some A records!
>>> google_a_records = resolver.query("google.com","A").answer()
Using DNSSEC is easy :)
>>> dnssec_pkt = ldnsx.resolver(dnssec=True).query("xelerance.com")
We let you use strings to make things easy, but if you prefer stay close to DNS...
>>> AAAA = 28
>>> resolver.query("ipv6.google.com", AAAA)
**More about rr_type**
rr_type must be a supported resource record type. There are a large number of RR types:
=========== =================================== ==================
TYPE Value and meaning Reference
=========== =================================== ==================
A 1 a host address [RFC1035]
NS 2 an authoritative name server [RFC1035]
...
AAAA 28 IP6 Address [RFC3596]
...
DS 43 Delegation Signer [RFC4034][RFC3658]
...
DNSKEY 48 DNSKEY [RFC4034][RFC3755]
...
Unassigned 32770-65279
Private use 65280-65534
Reserved 65535
=========== =================================== ==================
(From http://www.iana.org/assignments/dns-parameters)
RR types are given as a string (eg. "A"). In the case of Unassigned/Private use/Reserved ones,
they are given as "TYPEXXXXX" where XXXXX is the number. ie. RR type 65280 is "TYPE65280". You
may also pass the integer, but you always be given the string.
If the version of ldnsx you are using is old, it is possible that there could be new rr_types that
we don't recognise mnemonic for. You can still use the number XXX or the string "TYPEXXX". To
determine what rr_type menmonics we support, please refer to resolver.supported_rr_types()
"""
# Determine rr_type int
if rr_type in _rr_types.keys():
_rr_type = _rr_types[rr_type]
elif isinstance(rr_type,int):
_rr_type = rr_type
elif isinstance(rr_type,str) and rr_type[0:4] == "TYPE":
try:
_rr_type = int(rr_type[4:])
except:
raise Exception("%s is a bad RR type. TYPEXXXX: XXXX must be a number")
else:
raise Exception("ldnsx (version %s) does not support the RR type %s." % (__version__, str(rr_type)) )
# Determine rr_class int
if rr_class == "IN": _rr_class = ldns.LDNS_RR_CLASS_IN
elif rr_class == "CH": _rr_class = ldns.LDNS_RR_CLASS_CH
elif rr_class == "HS": _rr_class = ldns.LDNS_RR_CLASS_HS
else:
raise Exception("ldnsx (version %s) does not support the RR class %s." % (__version__, str(rr_class)) )
# Determine flags int
_flags = 0
if "QR" in flags: _flags |= ldns.LDNS_QR
if "AA" in flags: _flags |= ldns.LDNS_AA
if "TC" in flags: _flags |= ldns.LDNS_TC
if "RD" in flags: _flags |= ldns.LDNS_RD
if "CD" in flags: _flags |= ldns.LDNS_CD
if "RA" in flags: _flags |= ldns.LDNS_RA
if "AD" in flags: _flags |= ldns.LDNS_AD
# Query
if tries == 0: return None
try:
pkt = self._ldns_resolver.query(name, _rr_type, _rr_class, _flags)
except KeyboardInterrupt: #Since so much time is spent waiting on ldns, this is very common place for Ctr-C to fall
raise
except: #Since the ldns exceptiion is not very descriptive...
raise Exception("ldns backend ran into problems. Likely, the name you were querying for, %s, was invalid." % name)
#Deal with failed queries
if not pkt:
if tries <= 1:
return None
else:
# One of the major causes of none-packets is truncation of packets
# When autotcp is set, we are in a flexible enough position to try and use tcp
# to get around this.
# Either way, we want to replace the resolver, since resolvers will sometimes
# just freeze up.
if self.autotcp:
self = resolver( ",".join(self.nameservers_ip()),tcp=True, dnssec = self._ldns_resolver.dnssec())
self.autotcp = True
pkt = self.query(name, rr_type, rr_class=rr_class, flags=flags, tries = tries-1)
self._ldns_resolver.set_usevc(False)
return pkt
else:
self = resolver( ",".join(self.nameservers_ip()), tcp = self._ldns_resolver.usevc(), dnssec = self._ldns_resolver.dnssec() )
time.sleep(1) # It could be that things are failing because of a brief outage
return self.query(name, rr_type, rr_class=rr_class, flags=flags, tries = tries-1)
elif self.autotcp:
pkt = packet(pkt)
if "TC" in pkt.flags():
self._ldns_resolver.set_usevc(True)
pkt2 = self.query(name, rr_type, rr_class=rr_class, flags=flags, tries = tries-1)
self._ldns_resolver.set_usevc(False)
if pkt2: return packet(pkt2)
return pkt
return packet(pkt)
#ret = []
#for rr in pkt.answer().rrs():
# ret.append([str(rr.owner()),rr.ttl(),rr.get_class_str(),rr.get_type_str()]+[str(rdf) for rdf in rr.rdfs()])
#return ret
def suported_rr_types(self):
""" Returns the supported DNS resource record types.
Refer to resolver.query() for thorough documentation of resource
record types or refer to:
http://www.iana.org/assignments/dns-parameters
"""
return _rr_types.keys()
def AXFR(self,name):
"""AXFR for name
* name -- name to AXFR for
This function is a generator. As it AXFRs it will yield you the records.
**Example**
Let's get a list of the tlds (gotta catch em all!):
>>> tlds = []
>>> for rr in resolver("f.root-servers.net").AXFR("."):
>>> if rr.rr_type() == "NS":
>>> tlds.append(rr.owner())
"""
#Dname seems to be unecessary on some computers, but it is on others. Avoid bugs.
if self._ldns_resolver.axfr_start(ldns.ldns_dname(name), ldns.LDNS_RR_CLASS_IN) != ldns.LDNS_STATUS_OK:
raise Exception("Starting AXFR failed. Error: %s" % ldns.ldns_get_errorstr_by_id(status))
pres = self._ldns_resolver.axfr_next()
while pres:
yield resource_record(pres)
pres = self._ldns_resolver.axfr_next()
def nameservers_ip(self):
""" returns a list of the resolvers nameservers (as IP addr)
"""
nm_stack2 =[]
nm_str_stack2=[]
nm = self._ldns_resolver.pop_nameserver()
while nm:
nm_stack2.append(nm)
nm_str_stack2.append(str(nm))
nm = self._ldns_resolver.pop_nameserver()
for nm in nm_stack2:
self._ldns_resolver.push_nameserver(nm)
nm_str_stack2.reverse()
return nm_str_stack2
def add_nameserver(self,ns):
""" Add a nameserver, IPv4/IPv6/name.
"""
if isValidIP(ns) == 4:
address = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A,ns)
self._ldns_resolver.push_nameserver(address)
elif isValidIP(ns) == 6:
address = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_AAAA,ns)
self._ldns_resolver.push_nameserver(address)
else:
resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
#address = resolver.get_addr_by_name(ns)
address = resolver.get_addr_by_name(ldns.ldns_dname(ns))
if not address:
address = resolver.get_addr_by_name(ldns.ldns_dname(ns))
if not address:
raise Exception("Failed to resolve address for %s" % ns)
for rr in address.rrs():
self._ldns_resolver.push_nameserver_rr(rr)
def drop_nameservers(self):
"""Drops all nameservers.
This function causes the resolver to forget all nameservers.
"""
while self._ldns_resolver.pop_nameserver():
pass
def set_nameservers(self, nm_list):
"""Takes a list of nameservers and sets the resolver to use them
"""
self.drop_nameservers()
for nm in nm_list:
self.add_nameserver(nm)
def __repr__(self):
return "<resolver: %s>" % ", ".join(self.nameservers_ip())
__str__ = __repr__
def set_dnssec(self,new_dnssec_status):
"""Set whether the resolver uses DNSSEC.
"""
self._ldns_resolver.set_dnssec(new_dnssec_status)
class packet:
def _construct_rr_filter(self, **kwds):
def match(pattern, target):
if pattern[0] in ["<",">","!"]:
rel = pattern[0]
pattern=pattern[1:]
elif pattern[0:2] in ["<=","=>"]:
rel = pattern[0:2]
pattern=pattern[2:]
else:
rel = "="
for val in pattern.split("|"):
if {"<" : target < val,
">" : target > val,
"!" : target != val,
"=" : target == val,
">=": target >= val,
"<=": target <= val}[rel]:
return True
return False
def f(rr):
for key in kwds.keys():
if ( ( isinstance(kwds[key], list) and str(rr[key]) not in map(str,kwds[key]) )
or ( not isinstance(kwds[key], list) and not match(str(kwds[key]), str(rr[key])))):
return False
return True
return f
def __init__(self, pkt):
self._ldns_pkt = pkt
def __repr__(self):
return str(self._ldns_pkt)
__str__ = __repr__
def rcode(self):
"""Returns the rcode.
Example returned value: "NOERROR"
possilbe rcodes (via ldns): "FORMERR", "MASK", "NOERROR",
"NOTAUTH", "NOTIMPL", "NOTZONE", "NXDOMAIN",
"NXRSET", "REFUSED", "SERVFAIL", "SHIFT",
"YXDOMAIN", "YXRRSET"
Refer to http://www.iana.org/assignments/dns-parameters
section: DNS RCODEs
"""
return self._ldns_pkt.rcode2str()
def opcode(self):
"""Returns the rcode.
Example returned value: "QUERY"
"""
return self._ldns_pkt.opcode2str()
def flags(self):
"""Return packet flags (as list of strings).
Example returned value: ['QR', 'RA', 'RD']
**What are the flags?**
======== ==== ===================== =========
Bit Flag Description Reference
======== ==== ===================== =========
bit 5 AA Authoritative Answer [RFC1035]
bit 6 TC Truncated Response [RFC1035]
bit 7 RD Recursion Desired [RFC1035]
bit 8 RA Recursion Allowed [RFC1035]
bit 9 Reserved
bit 10 AD Authentic Data [RFC4035]
bit 11 CD Checking Disabled [RFC4035]
======== ==== ===================== =========
(from http://www.iana.org/assignments/dns-parameters)
There is also QR. It is mentioned in other sources,
though not the above page. It being false means that
the packet is a query, it being true means that it is
a response.
"""
ret = []
if self._ldns_pkt.aa(): ret += ["AA"]
if self._ldns_pkt.ad(): ret += ["AD"]
if self._ldns_pkt.cd(): ret += ["CD"]
if self._ldns_pkt.qr(): ret += ["QR"]
if self._ldns_pkt.ra(): ret += ["RA"]
if self._ldns_pkt.rd(): ret += ["RD"]
if self._ldns_pkt.tc(): ret += ["TC"]
return ret
def answer(self, **filters):
"""Returns the answer section.
* filters -- a filtering mechanism
Since a very common desire is to filter the resource records in a packet
section, we provide a special tool for doing this: filters. They are a
lot like regular python filters, but more convenient. If you set a
field equal to some value, you will only receive resource records for which
it holds true.
**Examples**
>>> res = ldnsx.resolver()
>>> pkt = res.query("google.ca","A")
>>> pkt.answer()
[google.ca. 28 IN A 74.125.91.99
, google.ca. 28 IN A 74.125.91.105
, google.ca. 28 IN A 74.125.91.147
, google.ca. 28 IN A 74.125.91.103
, google.ca. 28 IN A 74.125.91.104
, google.ca. 28 IN A 74.125.91.106
]
To understand filters, consider the following:
>>> pkt = ldnsx.query("cow.com","ANY")
>>> pkt.answer()
[cow.com. 276 IN A 208.87.32.75
, cow.com. 3576 IN NS sell.internettraffic.com.
, cow.com. 3576 IN NS buy.internettraffic.com.
, cow.com. 3576 IN SOA buy.internettraffic.com. hostmaster.hostingnet.com. 1308785320 10800 3600 604800 3600
]
>>> pkt.answer(rr_type="A")
[cow.com. 276 IN A 208.87.32.75
]
>>> pkt.answer(rr_type="A|NS")
[cow.com. 276 IN A 208.87.32.75
, cow.com. 3576 IN NS sell.internettraffic.com.
, cow.com. 3576 IN NS buy.internettraffic.com.
]
>>> pkt.answer(rr_type="!NS")
[cow.com. 276 IN A 208.87.32.75
, cow.com. 3576 IN SOA buy.internettraffic.com. hostmaster.hostingnet.com. 1308785320 10800 3600 604800 3600
]
fields are the same as when indexing a resource record.
note: ordering is alphabetical.
"""
ret = [resource_record(rr) for rr in self._ldns_pkt.answer().rrs()]
return filter(self._construct_rr_filter(**filters), ret)
def authority(self, **filters):
"""Returns the authority section.
* filters -- a filtering mechanism
Since a very common desire is to filter the resource records in a packet
section, we provide a special tool for doing this: filters. They are a
lot like regular python filters, but more convenient. If you set a
field equal to some value, you will only receive resource records for which
it holds true. See answer() for details.
**Examples**
>>> res = ldnsx.resolver()
>>> pkt = res.query("google.ca","A")
>>> pkt.authority()
[google.ca. 251090 IN NS ns3.google.com.
, google.ca. 251090 IN NS ns1.google.com.
, google.ca. 251090 IN NS ns2.google.com.
, google.ca. 251090 IN NS ns4.google.com.
]
"""
ret = [resource_record(rr) for rr in self._ldns_pkt.authority().rrs()]
return filter(self._construct_rr_filter(**filters), ret)
def additional(self, **filters):
"""Returns the additional section.
* filters -- a filtering mechanism
Since a very common desire is to filter the resource records in a packet
section, we provide a special tool for doing this: filters. They are a
lot like regular python filters, but more convenient. If you set a
field equal to some value, you will only receive resource records for which
it holds true. See answer() for details.
**Examples**
>>> res = ldnsx.resolver()
>>> pkt = res.query("google.ca","A")
>>> pkt.additional()
[ns3.google.com. 268778 IN A 216.239.36.10
, ns1.google.com. 262925 IN A 216.239.32.10
, ns2.google.com. 255659 IN A 216.239.34.10
, ns4.google.com. 264489 IN A 216.239.38.10
]
"""
ret = [resource_record(rr) for rr in self._ldns_pkt.additional().rrs()]
return filter(self._construct_rr_filter(**filters), ret)
def question(self, **filters):
"""Returns the question section.
* filters -- a filtering mechanism
Since a very common desire is to filter the resource records in a packet
section, we provide a special tool for doing this: filters. They are a
lot like regular python filters, but more convenient. If you set a
field equal to some value, you will only receive resource records for which
it holds true. See answer() for details.
"""
ret = [resource_record(rr) for rr in self._ldns_pkt.question().rrs()]
return filter(self._construct_rr_filter(**filters), ret)
class resource_record:
_rdfs = None
_iter_pos = None
def __init__(self, rr):
self._ldns_rr = rr
self._rdfs = [str(rr.owner()),rr.ttl(),rr.get_class_str(),rr.get_type_str()]+[str(rdf) for rdf in rr.rdfs()]
def __repr__(self):
return str(self._ldns_rr)
__str__ = __repr__
def __iter__(self):
self._iter_pos = 0
return self
def next(self):
if self._iter_pos < len(self._rdfs):
self._iter_pos += 1
return self._rdfs[self._iter_pos-1]
else:
raise StopIteration
def __len__(self):
try:
return len(_rdfs)
except:
return 0
def __getitem__(self, n):
if isinstance(n, int):
return self._rdfs[n]
elif isinstance(n, str):
n = n.lower()
if n in ["owner"]:
return self.owner()
elif n in ["rr_type", "rr type", "type"]:
return self.rr_type()
elif n in ["rr_class", "rr class", "class"]:
return self.rr_class()
elif n in ["covered_type", "covered type", "type2"]:
return self.covered_type()
elif n in ["ttl"]:
return self.ttl()
elif n in ["ip"]:
return self.ip()
elif n in ["alg", "algorithm"]:
return self.alg()
elif n in ["protocol"]:
return self.protocol()
elif n in ["flags"]:
return self.flags()
else:
raise Exception("ldnsx (version %s) does not recognize the rr field %s" % (__version__,n) )
else:
raise TypeError("bad type %s for index resource record" % type(n) )
#def rdfs(self):
# return self._rdfs.clone()
def owner(self):
"""Get the RR's owner"""
return str(self._ldns_rr.owner())
def rr_type(self):
"""Get a RR's type """
return self._ldns_rr.get_type_str()
def covered_type(self):
"""Get an RRSIG RR's covered type"""
if self.rr_type() == "RRSIG":
return self[4]
else:
return ""
def rr_class(self):
"""Get the RR's collapse"""
return self._ldns_rr.get_class_str()
def ttl(self):
"""Get the RR's TTL"""
return self._ldns_rr.ttl()
def inception(self, out_format="UTC"):
"""returns the inception time in format out_format, defaulting to a UTC string.
options for out_format are:
UTC -- a UTC string eg. 20110712192610 (2011/07/12 19:26:10)
unix -- number of seconds since the epoch, Jan 1, 1970
struct_time -- the format used by python's time library
"""
# Something very strange is going on with inception/expiration dates in DNS.
# According to RFC 4034 section 3.1.5 (http://tools.ietf.org/html/rfc4034#page-9)
# the inception/expiration fields should be in seconds since Jan 1, 1970, the Unix
# epoch (as is standard in unix). Yet all the packets I've seen provide UTC encoded
# as a string instead, eg. "20110712192610" which is 2011/07/12 19:26:10.
#
# It turns out that this is a standard thing that ldns is doing before the data gets
# to us.
if self.rr_type() == "RRSIG":
if out_format.lower() in ["utc", "utc str", "utc_str"]:
return self[9]
elif out_format.lower() in ["unix", "posix", "ctime"]:
return calendar.timegm(time.strptime(self[9], "%Y%m%d%H%M%S"))
elif out_format.lower() in ["relative"]:
return calendar.timegm(time.strptime(self[9], "%Y%m%d%H%M%S")) - time.time()
elif out_format.lower() in ["struct_time", "time.struct_time"]:
return time.strptime(self[9], "%Y%m%d%H%M%S")
else:
raise Exception("unrecognized time format")
else:
return ""
def expiration(self, out_format="UTC"):
"""get expiration time. see inception() for more information"""
if self.rr_type() == "RRSIG":
if out_format.lower() in ["utc", "utc str", "utc_str"]:
return self[8]
elif out_format.lower() in ["unix", "posix", "ctime"]:
return calendar.timegm(time.strptime(self[8], "%Y%m%d%H%M%S"))
elif out_format.lower() in ["relative"]:
return calendar.timegm(time.strptime(self[8], "%Y%m%d%H%M%S")) - time.time()
elif out_format.lower() in ["struct_time", "time.struct_time"]:
return time.strptime(self[8], "%Y%m%d%H%M%S")
else:
raise Exception("unrecognized time format")
else:
return ""
def ip(self):
""" IP address form A/AAAA record"""
if self.rr_type() in ["A", "AAAA"]:
return self[4]
else:
raise Exception("ldnsx does not support ip for records other than A/AAAA")
def alg(self):
"""Returns algorithm of RRSIG/DNSKEY/DS"""
t = self.rr_type()
if t == "RRSIG":
return int(self[5])
elif t == "DNSKEY":
return int(self[6])
elif t == "DS":
return int(self[5])
else:
return -1
def protocol(self):
""" Returns proticol of the DNSKEY"""
t = self.rr_type()
if t == "DNSKEY":
return int(self[5])
else:
return -1
def flags(self):
"""Return RR flags for DNSKEY """
t = self.rr_type()
if t == "DNSKEY":
ret = []
n = int(self[4])
for m in range(1):
if 2**(15-m) & n:
if m == 7: ret.append("ZONE")
elif m == 8: ret.append("REVOKE")
elif m ==15: ret.append("SEP")
else: ret.append(m)
return ret
else:
return []
_rr_types={
"A" : ldns.LDNS_RR_TYPE_A,
"A6" : ldns.LDNS_RR_TYPE_A6,
"AAAA" : ldns.LDNS_RR_TYPE_AAAA,
"AFSDB": ldns.LDNS_RR_TYPE_AFSDB,
"ANY" : ldns.LDNS_RR_TYPE_ANY,
"APL" : ldns.LDNS_RR_TYPE_APL,
"ATMA" : ldns.LDNS_RR_TYPE_ATMA,
"AXFR" : ldns.LDNS_RR_TYPE_AXFR,
"CERT" : ldns.LDNS_RR_TYPE_CERT,
"CNAME": ldns.LDNS_RR_TYPE_CNAME,
"COUNT": ldns.LDNS_RR_TYPE_COUNT,
"DHCID": ldns.LDNS_RR_TYPE_DHCID,
"DLV" : ldns.LDNS_RR_TYPE_DLV,
"DNAME": ldns.LDNS_RR_TYPE_DNAME,
"DNSKEY": ldns.LDNS_RR_TYPE_DNSKEY,
"DS" : ldns.LDNS_RR_TYPE_DS,
"EID" : ldns.LDNS_RR_TYPE_EID,
"FIRST": ldns.LDNS_RR_TYPE_FIRST,
"GID" : ldns.LDNS_RR_TYPE_GID,
"GPOS" : ldns.LDNS_RR_TYPE_GPOS,
"HINFO": ldns.LDNS_RR_TYPE_HINFO,
"IPSECKEY": ldns.LDNS_RR_TYPE_IPSECKEY,
"ISDN" : ldns.LDNS_RR_TYPE_ISDN,
"IXFR" : ldns.LDNS_RR_TYPE_IXFR,
"KEY" : ldns.LDNS_RR_TYPE_KEY,
"KX" : ldns.LDNS_RR_TYPE_KX,
"LAST" : ldns.LDNS_RR_TYPE_LAST,
"LOC" : ldns.LDNS_RR_TYPE_LOC,
"MAILA": ldns.LDNS_RR_TYPE_MAILA,
"MAILB": ldns.LDNS_RR_TYPE_MAILB,
"MB" : ldns.LDNS_RR_TYPE_MB,
"MD" : ldns.LDNS_RR_TYPE_MD,
"MF" : ldns.LDNS_RR_TYPE_MF,
"MG" : ldns.LDNS_RR_TYPE_MG,
"MINFO": ldns.LDNS_RR_TYPE_MINFO,
"MR" : ldns.LDNS_RR_TYPE_MR,
"MX" : ldns.LDNS_RR_TYPE_MX,
"NAPTR": ldns.LDNS_RR_TYPE_NAPTR,
"NIMLOC": ldns.LDNS_RR_TYPE_NIMLOC,
"NS" : ldns.LDNS_RR_TYPE_NS,
"NSAP" : ldns.LDNS_RR_TYPE_NSAP,
"NSAP_PTR" : ldns.LDNS_RR_TYPE_NSAP_PTR,
"NSEC" : ldns.LDNS_RR_TYPE_NSEC,
"NSEC3": ldns.LDNS_RR_TYPE_NSEC3,
"NSEC3PARAMS" : ldns.LDNS_RR_TYPE_NSEC3PARAMS,
"NULL" : ldns.LDNS_RR_TYPE_NULL,
"NXT" : ldns.LDNS_RR_TYPE_NXT,
"OPT" : ldns.LDNS_RR_TYPE_OPT,
"PTR" : ldns.LDNS_RR_TYPE_PTR,
"PX" : ldns.LDNS_RR_TYPE_PX,
"RP" : ldns.LDNS_RR_TYPE_RP,
"RRSIG": ldns.LDNS_RR_TYPE_RRSIG,
"RT" : ldns.LDNS_RR_TYPE_RT,
"SIG" : ldns.LDNS_RR_TYPE_SIG,
"SINK" : ldns.LDNS_RR_TYPE_SINK,
"SOA" : ldns.LDNS_RR_TYPE_SOA,
"SRV" : ldns.LDNS_RR_TYPE_SRV,
"SSHFP": ldns.LDNS_RR_TYPE_SSHFP,
"TSIG" : ldns.LDNS_RR_TYPE_TSIG,
"TXT" : ldns.LDNS_RR_TYPE_TXT,
"UID" : ldns.LDNS_RR_TYPE_UID,
"UINFO": ldns.LDNS_RR_TYPE_UINFO,
"UNSPEC": ldns.LDNS_RR_TYPE_UNSPEC,
"WKS" : ldns.LDNS_RR_TYPE_WKS,
"X25" : ldns.LDNS_RR_TYPE_X25
}

15
contrib/ldnsx/source/api/ldnsx.rst Normal file
View File

@ -0,0 +1,15 @@
LDNSX API Reference
===================
.. automodule:: ldnsx
:members: query, get_rrs, secure_query
Classes
-------
.. toctree::
:maxdepth: 1
:glob:
resolver
packet
resource_record

6
contrib/ldnsx/source/api/packet.rst Normal file
View File

@ -0,0 +1,6 @@
Class packet
==============
.. autoclass:: ldnsx.packet
:members:
:undoc-members:

6
contrib/ldnsx/source/api/resolver.rst Normal file
View File

@ -0,0 +1,6 @@
Class resolver
===============
.. autoclass:: ldnsx.resolver
:members:
:undoc-members:

6
contrib/ldnsx/source/api/resource_record.rst Normal file
View File

@ -0,0 +1,6 @@
Class resource_record
=====================
.. autoclass:: ldnsx.resource_record
:members:
:undoc-members:

194
contrib/ldnsx/source/conf.py Normal file
View File

@ -0,0 +1,194 @@
# -*- coding: utf-8 -*-
#
# ldnsx documentation build configuration file, created by
# sphinx-quickstart on Mon May 30 16:56:19 2011.
#
# This file is execfile()d with the current directory set to its containing dir.
#
# Note that not all possible configuration values are present in this
# autogenerated file.
#
# All configuration values have a default; values that are commented out
# serve to show the default.
import sys, os
# If extensions (or modules to document with autodoc) are in another directory,
# add these directories to sys.path here. If the directory is relative to the
# documentation root, use os.path.abspath to make it absolute, like shown here.
sys.path.append(os.path.abspath('..'))
# -- General configuration -----------------------------------------------------
# Add any Sphinx extension module names here, as strings. They can be extensions
# coming with Sphinx (named 'sphinx.ext.*') or your custom ones.
extensions = ['sphinx.ext.autodoc', 'sphinx.ext.doctest']#, 'sphinx.ext.jsmath']
# Add any paths that contain templates here, relative to this directory.
templates_path = ['_templates']
# The suffix of source filenames.
source_suffix = '.rst'
# The encoding of source files.
#source_encoding = 'utf-8'
# The master toctree document.
master_doc = 'index'
# General information about the project.
project = u'ldnsx'
copyright = u'2011, Christopher Olah'
# The version info for the project you're documenting, acts as replacement for
# |version| and |release|, also used in various other places throughout the
# built documents.
#
# The short X.Y version.
version = '0.0'
# The full version, including alpha/beta/rc tags.
release = '-1'
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
#language = None
# There are two options for replacing |today|: either, you set today to some
# non-false value, then it is used:
#today = ''
# Else, today_fmt is used as the format for a strftime call.
#today_fmt = '%B %d, %Y'
# List of documents that shouldn't be included in the build.
#unused_docs = []
# List of directories, relative to source directory, that shouldn't be searched
# for source files.
exclude_trees = []
# The reST default role (used for this markup: `text`) to use for all documents.
#default_role = None
# If true, '()' will be appended to :func: etc. cross-reference text.
#add_function_parentheses = True
# If true, the current module name will be prepended to all description
# unit titles (such as .. function::).
#add_module_names = True
# If true, sectionauthor and moduleauthor directives will be shown in the
# output. They are ignored by default.
#show_authors = False
# The name of the Pygments (syntax highlighting) style to use.
pygments_style = 'sphinx'
# A list of ignored prefixes for module index sorting.
#modindex_common_prefix = []
# -- Options for HTML output ---------------------------------------------------
# The theme to use for HTML and HTML Help pages. Major themes that come with
# Sphinx are currently 'default' and 'sphinxdoc'.
html_theme = 'default'
# Theme options are theme-specific and customize the look and feel of a theme
# further. For a list of options available for each theme, see the
# documentation.
#html_theme_options = {}
# Add any paths that contain custom themes here, relative to this directory.
#html_theme_path = []
# The name for this set of Sphinx documents. If None, it defaults to
# "<project> v<release> documentation".
#html_title = None
# A shorter title for the navigation bar. Default is the same as html_title.
#html_short_title = None
# The name of an image file (relative to this directory) to place at the top
# of the sidebar.
#html_logo = None
# The name of an image file (within the static path) to use as favicon of the
# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32
# pixels large.
#html_favicon = None
# Add any paths that contain custom static files (such as style sheets) here,
# relative to this directory. They are copied after the builtin static files,
# so a file named "default.css" will overwrite the builtin "default.css".
html_static_path = ['_static']
# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
# using the given strftime format.
#html_last_updated_fmt = '%b %d, %Y'
# If true, SmartyPants will be used to convert quotes and dashes to
# typographically correct entities.
#html_use_smartypants = True
# Custom sidebar templates, maps document names to template names.
#html_sidebars = {}
# Additional templates that should be rendered to pages, maps page names to
# template names.
#html_additional_pages = {}
# If false, no module index is generated.
#html_use_modindex = True
# If false, no index is generated.
#html_use_index = True
# If true, the index is split into individual pages for each letter.
#html_split_index = False
# If true, links to the reST sources are added to the pages.
#html_show_sourcelink = True
# If true, an OpenSearch description file will be output, and all pages will
# contain a <link> tag referring to it. The value of this option must be the
# base URL from which the finished HTML is served.
#html_use_opensearch = ''
# If nonempty, this is the file name suffix for HTML files (e.g. ".xhtml").
#html_file_suffix = ''
# Output file base name for HTML help builder.
htmlhelp_basename = 'ldnsxdoc'
# -- Options for LaTeX output --------------------------------------------------
# The paper size ('letter' or 'a4').
#latex_paper_size = 'letter'
# The font size ('10pt', '11pt' or '12pt').
#latex_font_size = '10pt'
# Grouping the document tree into LaTeX files. List of tuples
# (source start file, target name, title, author, documentclass [howto/manual]).
latex_documents = [
('index', 'ldnsx.tex', u'ldnsx Documentation',
u'Christopher Olah', 'manual'),
]
# The name of an image file (relative to this directory) to place at the top of
# the title page.
#latex_logo = None
# For "manual" documents, if this is true, then toplevel headings are parts,
# not chapters.
#latex_use_parts = False
# Additional stuff for the LaTeX preamble.
#latex_preamble = ''
# Documents to append as an appendix to all manuals.
#latex_appendices = []
# If false, no module index is generated.
#latex_use_modindex = True

6
contrib/ldnsx/source/examples/ldnsx-axfr.rst Normal file
View File

@ -0,0 +1,6 @@
AXFR Example
============
.. literalinclude:: ../../examples/ldnsx-axfr.py
:language: python
:linenos:

6
contrib/ldnsx/source/examples/ldnsx-dnssec.rst Normal file
View File

@ -0,0 +1,6 @@
DNSSEC Example
==============
.. literalinclude:: ../../examples/ldnsx-dnssec.py
:language: python
:linenos:

6
contrib/ldnsx/source/examples/ldnsx-mx1.rst Normal file
View File

@ -0,0 +1,6 @@
MX1
===
.. literalinclude:: ../../examples/ldnsx-mx1.py
:language: python
:linenos:

6
contrib/ldnsx/source/examples/ldnsx-mx2.rst Normal file
View File

@ -0,0 +1,6 @@
MX2
===
.. literalinclude:: ../../examples/ldnsx-mx2.py
:language: python
:linenos:

6
contrib/ldnsx/source/examples/ldnsx-walk.rst Normal file
View File

@ -0,0 +1,6 @@
NSEC Walker
===========
.. literalinclude:: ../../examples/ldnsx-walk.py
:language: python
:linenos:

57
contrib/ldnsx/source/index.rst Normal file
View File

@ -0,0 +1,57 @@
Welcome to ldnsx's documentation!
=================================
LDNSX: Easy DNS (including DNSSEC) via ldns.
ldns is a great library. It is a powerfull tool for
working with DNS. python-ldns it is a straight up clone of the C
interface, howver that is not a very good interface for python. Its
documentation is incomplete and some functions don't work as
described. And some objects don't have a full python API.
ldnsx aims to fix this. It wraps around the ldns python bindings,
working around its limitations and providing a well-documented, more
pythonistic interface.
Reference
=========
.. toctree::
:maxdepth: 1
api/ldnsx
.. toctree::
:maxdepth: 2
api/resolver
api/packet
api/resource_record
Examples
========
Examples translated from ldns examples:
.. toctree::
:maxdepth: 1
examples/ldnsx-axfr
examples/ldnsx-dnssec
examples/ldnsx-mx1
examples/ldnsx-mx2
Others:
.. toctree::
:maxdepth: 1
examples/ldnsx-walk
Indices and tables
==================
* :ref:`genindex`
* :ref:`search`

27
contrib/python/LICENSE Normal file
View File

@ -0,0 +1,27 @@
Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
Karel Slany (slany AT fit.vutbr.cz)
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
* Neither the name of the organization nor the names of its
contributors may be used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.

67
contrib/python/Makefile Normal file
View File

@ -0,0 +1,67 @@
# Makefile: compilation of sources and documentation, test environment
#
# Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
# Karel Slany (slany AT fit.vutbr.cz)
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
#
# * Redistributions of source code must retain the above copyright notice,
# this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# * Neither the name of the organization nor the names of its
# contributors may be used to endorse or promote products derived from this
# software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
help:
@echo "Please use \`make <target>' where <target> is one of"
@echo " testenv to make test environment and run bash "
@echo " usefull in case you don't want to install ldns but want to test examples"
@echo " doc to make documentation"
@echo " clean clean all"
../../Makefile: ../../configure
cd ../.. && ./configure --with-python
_ldns.so: ../../Makefile
$(MAKE) -C ../..
../../.libs/ldns.so.1: ../../Makefile
$(MAKE) -C ../..
clean:
rm -rdf examples/ldns
rm -f _ldns.so ldns_wrapper.o
$(MAKE) -C ../.. clean
testenv: ../../.libs/libldns.so.1 _ldns.so
rm -rdf examples/ldns
cd examples && mkdir ldns && ln -s ../../ldns.py ldns/__init__.py && ln -s ../../_ldns.so ldns/_ldns.so && ln -s ../../../../.libs/libldns.so.1 ldns/libldns.so.1 && ls -la
@echo "Run a script by typing ./script_name.py"
cd examples && LD_LIBRARY_PATH=ldns bash
rm -rdf examples/ldns
doc: ../../.libs/ldns.so.1 _ldns.so
$(MAKE) -C docs html
#for development only
swig: ldns.i
swig -python -py3 -o ldns_wrapper.c -I../.. ldns.i
gcc -c ldns_wrapper.c -O9 -fPIC -I../.. -I../../ldns -I/usr/include/python3.1 -I. -o ldns_wrapper.o
ld -shared ldns_wrapper.o -L../../.libs -lldns -o _ldns.so

70
contrib/python/docs/Makefile Normal file
View File

@ -0,0 +1,70 @@
# Makefile for Sphinx documentation
#
# You can set these variables from the command line.
SPHINXOPTS =
SPHINXBUILD = sphinx-build
PAPER =
# Internal variables.
PAPEROPT_a4 = -D latex_paper_size=a4
PAPEROPT_letter = -D latex_paper_size=letter
ALLSPHINXOPTS = -d build/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) source
.PHONY: help clean html web pickle htmlhelp latex changes linkcheck
help:
@echo "Please use \`make <target>' where <target> is one of"
@echo " html to make standalone HTML files"
@echo " pickle to make pickle files (usable by e.g. sphinx-web)"
@echo " htmlhelp to make HTML files and a HTML help project"
@echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter"
@echo " changes to make an overview over all changed/added/deprecated items"
@echo " linkcheck to check all external links for integrity"
clean:
-rm -rf build/*
html:
mkdir -p build/html build/doctrees
LD_LIBRARY_PATH=../../../.libs $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) build/html
@echo
@echo "Build finished. The HTML pages are in build/html."
pickle:
mkdir -p build/pickle build/doctrees
LD_LIBRARY_PATH=../../../.libs $(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) build/pickle
@echo
@echo "Build finished; now you can process the pickle files or run"
@echo " sphinx-web build/pickle"
@echo "to start the sphinx-web server."
web: pickle
htmlhelp:
mkdir -p build/htmlhelp build/doctrees
LD_LIBRARY_PATH=../../../.libs $(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) build/htmlhelp
@echo
@echo "Build finished; now you can run HTML Help Workshop with the" \
".hhp project file in build/htmlhelp."
latex:
mkdir -p build/latex build/doctrees
LD_LIBRARY_PATH=../../../.libs $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) build/latex
@echo
@echo "Build finished; the LaTeX files are in build/latex."
@echo "Run \`make all-pdf' or \`make all-ps' in that directory to" \
"run these through (pdf)latex."
changes:
mkdir -p build/changes build/doctrees
LD_LIBRARY_PATH=../../../.libs $(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) build/changes
@echo
@echo "The overview file is in build/changes."
linkcheck:
mkdir -p build/linkcheck build/doctrees
LD_LIBRARY_PATH=../../../.libs $(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) build/linkcheck
@echo
@echo "Link check complete; look for any errors in the above output " \
"or in build/linkcheck/output.txt."

180
contrib/python/docs/source/conf.py Normal file
View File

@ -0,0 +1,180 @@
# -*- coding: utf-8 -*-
#
# Unbound documentation build configuration file, created by
# sphinx-quickstart on Fri Jan 2 19:14:13 2009.
#
# This file is execfile()d with the current directory set to its containing dir.
#
# The contents of this file are pickled, so don't put values in the namespace
# that aren't pickleable (module imports are okay, they're removed automatically).
#
# All configuration values have a default value; values that are commented out
# serve to show the default value.
import sys, os
# If your extensions are in another directory, add it here. If the directory
# is relative to the documentation root, use os.path.abspath to make it
# absolute, like shown here.
sys.path.append(os.path.abspath(os.path.join(os.path.dirname(__file__),'../../')))
#print sys.path
# General configuration
# ---------------------
# Add any Sphinx extension module names here, as strings. They can be extensions
# coming with Sphinx (named 'sphinx.ext.*') or your custom ones.
extensions = ['sphinx.ext.autodoc', 'sphinx.ext.doctest']
# Add any paths that contain templates here, relative to this directory.
templates_path = ['_templates']
# The suffix of source filenames.
source_suffix = '.rst'
# The master toctree document.
master_doc = 'index'
# General substitutions.
project = 'pyLDNS'
copyright = '2009, Karel Slany, Zdenek Vasicek'
# The default replacements for |version| and |release|, also used in various
# other places throughout the built documents.
#
# The short X.Y version.
version = '1.0'
# The full version, including alpha/beta/rc tags.
release = '1.0.0'
# There are two options for replacing |today|: either, you set today to some
# non-false value, then it is used:
#today = ''
# Else, today_fmt is used as the format for a strftime call.
today_fmt = '%B %d, %Y'
# List of documents that shouldn't be included in the build.
#unused_docs = []
# List of directories, relative to source directories, that shouldn't be searched
# for source files.
#exclude_dirs = []
# The reST default role (used for this markup: `text`) to use for all documents.
#default_role = None
# If true, '()' will be appended to :func: etc. cross-reference text.
#add_function_parentheses = True
# If true, the current module name will be prepended to all description
# unit titles (such as .. function::).
#add_module_names = True
# If true, sectionauthor and moduleauthor directives will be shown in the
# output. They are ignored by default.
#show_authors = False
# The name of the Pygments (syntax highlighting) style to use.
pygments_style = 'sphinx'
# Options for HTML output
# -----------------------
# The style sheet to use for HTML and HTML Help pages. A file of that name
# must exist either in Sphinx' static/ path, or in one of the custom paths
# given in html_static_path.
html_style = 'default.css'
# The name for this set of Sphinx documents. If None, it defaults to
# "<project> v<release> documentation".
#html_title = None
# A shorter title for the navigation bar. Default is the same as html_title.
#html_short_title = None
# The name of an image file (within the static path) to place at the top of
# the sidebar.
#html_logo = None
# The name of an image file (within the static path) to use as favicon of the
# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32
# pixels large.
#html_favicon = None
# Add any paths that contain custom static files (such as style sheets) here,
# relative to this directory. They are copied after the builtin static files,
# so a file named "default.css" will overwrite the builtin "default.css".
html_static_path = ['_static']
# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
# using the given strftime format.
html_last_updated_fmt = '%b %d, %Y'
# If true, SmartyPants will be used to convert quotes and dashes to
# typographically correct entities.
#html_use_smartypants = True
# Custom sidebar templates, maps document names to template names.
#html_sidebars = {}
# Additional templates that should be rendered to pages, maps page names to
# template names.
#html_additional_pages = {}
# If false, no module index is generated.
html_use_modindex = False
# If false, no index is generated.
#html_use_index = True
# If true, the index is split into individual pages for each letter.
html_split_index = False
# If true, the reST sources are included in the HTML build as _sources/<name>.
html_copy_source = False
# If true, an OpenSearch description file will be output, and all pages will
# contain a <link> tag referring to it. The value of this option must be the
# base URL from which the finished HTML is served.
#html_use_opensearch = ''
# If nonempty, this is the file name suffix for HTML files (e.g. ".xhtml").
#html_file_suffix = ''
# Output file base name for HTML help builder.
htmlhelp_basename = 'ldnsdoc'
# Options for LaTeX output
# ------------------------
# The paper size ('letter' or 'a4').
#latex_paper_size = 'letter'
# The font size ('10pt', '11pt' or '12pt').
#latex_font_size = '10pt'
# Grouping the document tree into LaTeX files. List of tuples
# (source start file, target name, title, author, document class [howto/manual]).
latex_documents = [
('index', 'ldns-doc.tex', 'LDNS Documentation',
'Karel Slany, Zdenek Vasicek', 'manual'),
]
# The name of an image file (relative to this directory) to place at the top of
# the title page.
#latex_logo = None
# For "manual" documents, if this is true, then toplevel headings are parts,
# not chapters.
#latex_use_parts = False
# Additional stuff for the LaTeX preamble.
#latex_preamble = ''
# Documents to append as an appendix to all manuals.
#latex_appendices = []
# If false, no module index is generated.
#latex_use_modindex = True

68
contrib/python/docs/source/examples/example1.rst Normal file
View File

@ -0,0 +1,68 @@
Resolving the MX records
==============================
This basic example shows how to create a resolver which asks for MX records which contain the information about mail servers.
::
#!/usr/bin/python
#
# MX is a small program that prints out the mx records for a particular domain
#
import ldns
resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
dname = ldns.ldns_dname("nic.cz")
pkt = resolver.query(dname, ldns.LDNS_RR_TYPE_MX, ldns.LDNS_RR_CLASS_IN, ldns.LDNS_RD)
if (pkt):
mx = pkt.rr_list_by_type(ldns.LDNS_RR_TYPE_MX, ldns.LDNS_SECTION_ANSWER)
if (mx):
mx.sort()
print mx
Resolving step by step
------------------------
First of all we import :mod:`ldns` extension module which make LDNS functions and classes accessible::
import ldns
If importing fails, it means that Python cannot find the module or ldns library.
Then we create the resolver by :meth:`ldns.ldns_resolver.new_frm_file` constructor ::
resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
and domain name variable dname::
dname = ldns.ldns_dname("nic.cz")
To create a resolver you may also use::
resolver = ldns.ldns_resolver.new_frm_file(None)
which behaves in the same manner as the command above.
In the third step we tell the resolver to query for our domain, type MX, of class IN::
pkt = resolver.query(dname, ldns.LDNS_RR_TYPE_MX, ldns.LDNS_RR_CLASS_IN, ldns.LDNS_RD)
The function should return a packet if everything goes well and this packet will contain resource records we asked for.
Note that there exists a simplier way. Instead of using a dname variable, we can use a string which will be automatically converted.
::
pkt = resolver.query("fit.vutbr.cz", ldns.LDNS_RR_TYPE_MX, ldns.LDNS_RR_CLASS_IN, ldns.LDNS_RD)
Now, we test whether the resolver returns a packet and then get all RRs of type MX from the answer packet and store them in list mx::
if (pkt):
mx = pkt.rr_list_by_type(ldns.LDNS_RR_TYPE_MX, ldns.LDNS_SECTION_ANSWER)
If this list is not empty, we sort and print the content to stdout::
if (mx):
mx.sort()
print mx

45
contrib/python/docs/source/examples/example2.py Executable file
View File

@ -0,0 +1,45 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
import ldns
import sys
debug = True
# Check args
argc = len(sys.argv)
name = "www.nic.cz"
if argc < 2:
print("Usage:", sys.argv[0], "domain [resolver_addr]")
sys.exit(1)
else:
name = sys.argv[1]
# Create resolver
resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
resolver.set_dnssec(True)
# Custom resolver
if argc > 2:
# Clear previous nameservers
ns = resolver.pop_nameserver()
while ns != None:
ns = resolver.pop_nameserver()
ip = ldns.ldns_rdf.new_frm_str(sys.argv[2], ldns.LDNS_RDF_TYPE_A)
resolver.push_nameserver(ip)
# Resolve DNS name
pkt = resolver.query(name, ldns.LDNS_RR_TYPE_A, ldns.LDNS_RR_CLASS_IN)
if pkt and pkt.answer():
# Debug
if debug:
print("NS returned:", pkt.get_rcode(), "(AA: %d AD: %d)" % ( pkt.ad(), pkt.ad() ))
# SERVFAIL indicated bogus name
if pkt.get_rcode() is ldns.LDNS_RCODE_SERVFAIL:
print(name, "is bogus")
# Check AD (Authenticated) bit
if pkt.get_rcode() is ldns.LDNS_RCODE_NOERROR:
if pkt.ad(): print(name, "is secure")
else: print(name, "is insecure")

100
contrib/python/docs/source/examples/example2.rst Normal file
View File

@ -0,0 +1,100 @@
.. _ex_dnssec:
Querying DNS-SEC validators
===========================
This basic example shows how to query validating resolver and
evaluate answer.
Resolving step by step
------------------------
For DNS queries, we need to initialize ldns resolver (covered in previous example).
::
# Create resolver
resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
resolver.set_dnssec(True)
# Custom resolver
if argc > 2:
# Clear previous nameservers
ns = resolver.pop_nameserver()
while ns != None:
ns = resolver.pop_nameserver()
ip = ldns.ldns_rdf.new_frm_str(sys.argv[2], ldns.LDNS_RDF_TYPE_A)
resolver.push_nameserver(ip)
Note the second line :meth:`resolver.set_dnssec`, which enables DNSSEC OK bit
in queries in order to get meaningful results.
As we have resolver initialized, we can start querying for domain names :
::
# Resolve DNS name
pkt = resolver.query(name, ldns.LDNS_RR_TYPE_A, ldns.LDNS_RR_CLASS_IN)
if pkt and pkt.answer():
Now we evaluate result, where two flags are crucial :
* Return code
* AD flag (authenticated)
When return code is `SERVFAIL`, it means that validating resolver marked requested
name as **bogus** (or bad configuration).
**AD** flag is set if domain name is authenticated **(secure)** or false if
it's insecure.
Complete source code
--------------------
.. literalinclude:: ../../../examples/ldns-dnssec.py
:language: python
Testing
-------
In order to get meaningful results, you have to enter IP address of validating
resolver or setup your own (see howto).
Execute `./example2.py` with options `domain name` and `resolver IP`,
example:
::
user@localhost# ./example2.py www.dnssec.cz 127.0.0.1 # Secure (Configured Unbound running on localhost)
user@localhost# ./example2.py www.rhybar.cz 127.0.0.1 # Bogus
Howto setup Unbound as validating resolver
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Install Unbound according to instructions.
Modify following options in `unbound.conf` (located in `/etc` or `/usr/local/etc`)/
Uncomment `module-config` and set `validator` before iterator.
::
module-config: "validator iterator"
Download DLV keys and update path in `unbound.conf`::
# DLV keys
# Download from http://ftp.isc.org/www/dlv/dlv.isc.org.key
dlv-anchor-file: "/usr/local/etc/unbound/dlv.isc.org.key"
Update trusted keys (`.cz` for example)::
# Trusted keys
# For current key, see www.dnssec.cz
trusted-keys-file: "/usr/local/etc/unbound/trusted.key"
Now you should have well configured Unbound, so run it::
user@localhost# unbound -dv

7
contrib/python/docs/source/examples/example3.rst Normal file
View File

@ -0,0 +1,7 @@
High-level functions
===========================
This basic example shows how to get name by addr and vice versa.
.. literalinclude:: ../../../examples/ldns-higher.py
:language: python

7
contrib/python/docs/source/examples/example4.rst Normal file
View File

@ -0,0 +1,7 @@
AXFR client with IDN support
===============================
This example shows how to get AXFR working and how to get involved Internationalized Domain Names (IDN)
.. literalinclude:: ../../../examples/ldns-axfr.py
:language: python

14
contrib/python/docs/source/examples/example5.rst Normal file
View File

@ -0,0 +1,14 @@
Examine the results
===============================
This example shows how to go through the obtained results
.. literalinclude:: ../../../examples/ldns-mx2.py
:language: python
This snippet of code prints::
nic.cz. 1761 IN MX 20 mx.cznic.org.
nic.cz. 1761 IN MX 10 mail.nic.cz.
nic.cz. 1761 IN MX 15 mail4.nic.cz.

12
contrib/python/docs/source/examples/example6.rst Normal file
View File

@ -0,0 +1,12 @@
Read zone file
===============================
This example shows how to read the content of a zone file
.. literalinclude:: ../../../examples/ldns-zone.py
:language: python
Zone file ``zone.txt``:
.. literalinclude:: ../../../examples/zone.txt

8
contrib/python/docs/source/examples/example7.rst Normal file
View File

@ -0,0 +1,8 @@
Generate public/private key pair
=======================================
This example shows how generate keys for DNSSEC (i.e. for signing a zone file according DNSSECbis).
.. literalinclude:: ../../../examples/ldns-keygen.py
:language: python

17
contrib/python/docs/source/examples/example8.rst Normal file
View File

@ -0,0 +1,17 @@
Signing of a zone file
===============================
This example shows how to sign the content of the given zone file
.. literalinclude:: ../../../examples/ldns-signzone.py
:language: python
In order to be able sign a zone file, you have to generate a key-pair using ``ldns-keygen.py``. Don't forget to modify tag number.
Signing consists of three steps
1. In the first step, the content of a zone file is readed and parsed. This can be done using :class:`ldns.ldns_zone` class.
2. In the second step, the private and public key is readed and public key is inserted into zone (as DNSKEY).
3. In the last step, the DNSSEC zone instace is created and all the RRs from zone file are copied here. Then, all the records are signed using :meth:`ldns.ldns_zone.sign` method. If the signing was successfull, the content of DNSSEC zone is written to a file.

12
contrib/python/docs/source/examples/index.rst Normal file
View File

@ -0,0 +1,12 @@
Tutorials
==============================
Here you can find a set of simple applications which utilizes the ldns library in Python environment.
`Tutorials`
.. toctree::
:maxdepth: 1
:glob:
example*

22
contrib/python/docs/source/index.rst Normal file
View File

@ -0,0 +1,22 @@
PyLDNS documentation
=======================================
PyLDNS provides an `LDNS`_ wrapper (Python extension module) - the thinnest layer over the library possible. Everything you can do from the C API, you can do from Python, but with less effort. The purpose of porting LDNS library to Python is to simplify DNS programming and usage of LDNS, however, still preserve the performance of this library as the speed represents the main benefit of LDNS. The proposed object approach allows the users to be concentrated at the essential part of application only and don't bother with deallocation of objects and so on.
.. _LDNS: http://www.nlnetlabs.nl/projects/ldns/
Contents
----------
.. toctree::
:maxdepth: 2
install.rst
examples/index.rst
modules/ldns
Indices and tables
-------------------
* :ref:`genindex`
* :ref:`search`

46
contrib/python/docs/source/install.rst Normal file
View File

@ -0,0 +1,46 @@
Installation
===================================
**Prerequisites**
Python 2.4 or higher, SWIG 1.3 or higher, GNU make
**Download**
You can download the source codes `here`_.
The latest release is 1.4.1, Jan 15, 2009.
.. _here: ldns-1.4.1-py.tar.gz
**Compiling**
After downloading, you can compile the library by doing::
> tar -xzf ldns-1.4.1-py.tar.gz
> cd ldns-1.4.1
> ./configure --with-pyldns
> make
You need GNU make to compile pyLDNS; SWIG and Python development libraries to compile extension module.
**Testing**
If the compilation is successfull, you can test the python LDNS extension module by::
> cd contrib/python
> make testenv
> ./ldns-mx.py
This will start a new shell, during which the symbolic links will be working.
When you exit the shell, then symbolic links will be deleted.
In ``contrib/examples`` you can find many simple applications in python which demostrates the capabilities of LDNS library.
**Installation**
To install libraries and extension type::
> cd ldns-1.4.1
> make install

40
contrib/python/docs/source/modules/ldns.rst Normal file
View File

@ -0,0 +1,40 @@
LDNS module documentation
================================
Here you can find the documentation of pyLDNS extension module. This module consists of several classes and a couple of functions.
.. toctree::
:maxdepth: 1
:glob:
ldns_resolver
ldns_pkt
ldns_rr
ldns_rdf
ldns_dname
ldns_rr_list
ldns_zone
ldns_key
ldns_key_list
ldns_buffer
ldns_dnssec
ldns_func
**Differences against libLDNS**
* You don't need to use ldns-compare functions, instances can be compared using standard operators <, >, = ::
if (some_rr.owner() == another_rr.rdf(1)):
pass
* Classes contain static methods that create new instances, the name of these methods starts with the new\_ prefix (e.g. :meth:`ldns.ldns_pkt.new_frm_file`).
* Is it possible to print the content of an object using ``print objinst`` (see :meth:`ldns.ldns_resolver.get_addr_by_name`).
* Classes contain write_to_buffer method that writes the content into buffer.
* All the methods that consume parameter of (const ldns_rdf) type allows to use string instead (see :meth:`ldns.ldns_resolver.query`).

11
contrib/python/docs/source/modules/ldns_buffer.rst Normal file
View File

@ -0,0 +1,11 @@
Class ldns_buffer
================================
.. automodule:: ldns
Class ldns_buffer
------------------------------
.. autoclass:: ldns_buffer
:members:
:undoc-members:

11
contrib/python/docs/source/modules/ldns_dname.rst Normal file
View File

@ -0,0 +1,11 @@
Class ldns_dname
================================
.. automodule:: ldns
Class ldns_dname
------------------------------
.. autoclass:: ldns_dname
:members:
:undoc-members:

28
contrib/python/docs/source/modules/ldns_dnssec.rst Normal file
View File

@ -0,0 +1,28 @@
Class ldns_dnssec_zone
================================
.. automodule:: ldns
Class ldns_dnssec_zone
------------------------------
.. autoclass:: ldns_dnssec_zone
:members:
:undoc-members:
Class ldns_dnssec_name
------------------------------
.. autoclass:: ldns_dnssec_name
:members:
:undoc-members:
Class ldns_dnssec_rrsets
------------------------------
.. autoclass:: ldns_dnssec_rrsets
:members:
:undoc-members:
Class ldns_dnssec_rrs
------------------------------
.. autoclass:: ldns_dnssec_rrs
:members:
:undoc-members:

253
contrib/python/docs/source/modules/ldns_func.rst Normal file
View File

@ -0,0 +1,253 @@
Various functions
================================
Here you can find list of functions that are not assigned to the classes.
These functions have the same parameters as LDNS functions of the same name.
You are encouraged to read the LDNS documentation.
**List of functions**
* ldns_algorithm2buffer_str
* ldns_bget_keyword_data
* ldns_bget_token
* ldns_bgetc
* ldns_bskipcs
* ldns_bubblebabble
* ldns_buffer2pkt_wire
* ldns_buffer2str
* ldns_calc_keytag
* ldns_calc_keytag_raw
* ldns_cert_algorithm2buffer_str
* ldns_convert_dsa_rrsig_asn12rdf
* ldns_convert_dsa_rrsig_rdf2asn1
* ldns_create_nsec
* ldns_create_nsec3
* ldns_dname2buffer_wire
* ldns_dname2canonical
* ldns_dnssec_build_data_chain
* ldns_dnssec_chain_nsec3_list
* ldns_dnssec_create_nsec
* ldns_dnssec_create_nsec3
* ldns_dnssec_create_nsec_bitmap
* ldns_dnssec_data_chain_deep_free
* ldns_dnssec_data_chain_free
* ldns_dnssec_data_chain_new
* ldns_dnssec_data_chain_print
* ldns_dnssec_default_add_to_signatures
* ldns_dnssec_default_delete_signatures
* ldns_dnssec_default_leave_signatures
* ldns_dnssec_default_replace_signatures
* ldns_dnssec_derive_trust_tree
* ldns_dnssec_derive_trust_tree_dnskey_rrset
* ldns_dnssec_derive_trust_tree_ds_rrset
* ldns_dnssec_derive_trust_tree_no_sig
* ldns_dnssec_derive_trust_tree_normal_rrset
* ldns_dnssec_get_dnskey_for_rrsig
* ldns_dnssec_get_rrsig_for_name_and_type
* ldns_dnssec_nsec3_closest_encloser
* ldns_dnssec_pkt_get_rrsigs_for_name_and_type
* ldns_dnssec_pkt_get_rrsigs_for_type
* ldns_dnssec_pkt_has_rrsigs
* ldns_dnssec_remove_signatures
* ldns_dnssec_trust_tree_add_parent
* ldns_dnssec_trust_tree_contains_keys
* ldns_dnssec_trust_tree_depth
* ldns_dnssec_trust_tree_free
* ldns_dnssec_trust_tree_new
* ldns_dnssec_trust_tree_print
* ldns_dnssec_verify_denial
* ldns_dnssec_verify_denial_nsec3
* ldns_fetch_valid_domain_keys
* ldns_fget_keyword_data
* ldns_fget_keyword_data_l
* ldns_fget_token
* ldns_fget_token_l
* ldns_fskipcs
* ldns_fskipcs_l
* ldns_get_bit
* ldns_get_bit_r
* ldns_get_errorstr_by_id
* ldns_get_rr_class_by_name
* ldns_get_rr_list_addr_by_name
* ldns_get_rr_list_hosts_frm_file
* ldns_get_rr_list_hosts_frm_fp
* ldns_get_rr_list_hosts_frm_fp_l
* ldns_get_rr_list_name_by_addr
* ldns_get_rr_type_by_name
* ldns_getaddrinfo
* ldns_hexdigit_to_int
* ldns_hexstring_to_data
* ldns_init_random
* ldns_int_to_hexdigit
* ldns_is_rrset
* ldns_key2buffer_str
* ldns_key2rr
* ldns_key2str
* ldns_lookup_by_id
* ldns_lookup_by_name
* ldns_native2rdf_int16
* ldns_native2rdf_int16_data
* ldns_native2rdf_int32
* ldns_native2rdf_int8
* ldns_nsec3_add_param_rdfs
* ldns_nsec3_algorithm
* ldns_nsec3_bitmap
* ldns_nsec3_flags
* ldns_nsec3_hash_name
* ldns_nsec3_hash_name_frm_nsec3
* ldns_nsec3_iterations
* ldns_nsec3_next_owner
* ldns_nsec3_optout
* ldns_nsec3_salt
* ldns_nsec3_salt_data
* ldns_nsec3_salt_length
* ldns_nsec_bitmap_covers_type
* ldns_nsec_covers_name
* ldns_nsec_get_bitmap
* ldns_nsec_type_check
* ldns_octet
* ldns_pkt2buffer_str
* ldns_pkt2buffer_wire
* ldns_pkt2str
* ldns_pkt2wire
* ldns_pktheader2buffer_str
* ldns_power
* ldns_print_rr_rdf
* ldns_rbtree_create
* ldns_rbtree_delete
* ldns_rbtree_find_less_equal
* ldns_rbtree_first
* ldns_rbtree_free
* ldns_rbtree_init
* ldns_rbtree_insert
* ldns_rbtree_insert_vref
* ldns_rbtree_last
* ldns_rbtree_next
* ldns_rbtree_previous
* ldns_rbtree_search
* ldns_rdf2buffer_str
* ldns_rdf2buffer_str_a
* ldns_rdf2buffer_str_aaaa
* ldns_rdf2buffer_str_alg
* ldns_rdf2buffer_str_apl
* ldns_rdf2buffer_str_b64
* ldns_rdf2buffer_str_cert_alg
* ldns_rdf2buffer_str_class
* ldns_rdf2buffer_str_dname
* ldns_rdf2buffer_str_hex
* ldns_rdf2buffer_str_int16
* ldns_rdf2buffer_str_int16_data
* ldns_rdf2buffer_str_ipseckey
* ldns_rdf2buffer_str_loc
* ldns_rdf2buffer_str_nsap
* ldns_rdf2buffer_str_nsec
* ldns_rdf2buffer_str_period
* ldns_rdf2buffer_str_str
* ldns_rdf2buffer_str_tsig
* ldns_rdf2buffer_str_tsigtime
* ldns_rdf2buffer_str_type
* ldns_rdf2buffer_str_unknown
* ldns_rdf2buffer_str_wks
* ldns_rdf2buffer_wire
* ldns_rdf2buffer_wire_canonical
* ldns_rdf2native_int16
* ldns_rdf2native_int32
* ldns_rdf2native_int8
* ldns_rdf2native_sockaddr_storage
* ldns_rdf2native_time_t
* ldns_rdf2rr_type
* ldns_rdf2str
* ldns_rdf2wire
* ldns_read_anchor_file
* ldns_read_uint16
* ldns_read_uint32
* ldns_rr2buffer_str
* ldns_rr2buffer_wire
* ldns_rr2buffer_wire_canonical
* ldns_rr2canonical
* ldns_rr2str
* ldns_rr2wire
* ldns_rrsig2buffer_wire
* ldns_send
* ldns_send_buffer
* ldns_set_bit
* ldns_sign_public
* ldns_sockaddr_storage2rdf
* ldns_str2period
* ldns_str2rdf_a
* ldns_str2rdf_aaaa
* ldns_str2rdf_alg
* ldns_str2rdf_apl
* ldns_str2rdf_b32_ext
* ldns_str2rdf_b64
* ldns_str2rdf_cert_alg
* ldns_str2rdf_class
* ldns_str2rdf_dname
* ldns_str2rdf_hex
* ldns_str2rdf_int16
* ldns_str2rdf_int32
* ldns_str2rdf_int8
* ldns_str2rdf_loc
* ldns_str2rdf_nsap
* ldns_str2rdf_nsec
* ldns_str2rdf_nsec3_salt
* ldns_str2rdf_period
* ldns_str2rdf_service
* ldns_str2rdf_str
* ldns_str2rdf_time
* ldns_str2rdf_tsig
* ldns_str2rdf_type
* ldns_str2rdf_unknown
* ldns_str2rdf_wks
* ldns_tcp_bgsend
* ldns_tcp_connect
* ldns_tcp_read_wire
* ldns_tcp_send
* ldns_tcp_send_query
* ldns_traverse_postorder
* ldns_tsig_algorithm
* ldns_tsig_keydata
* ldns_tsig_keydata_clone
* ldns_tsig_keyname
* ldns_tsig_keyname_clone
* ldns_udp_bgsend
* ldns_udp_connect
* ldns_udp_read_wire
* ldns_udp_send
* ldns_udp_send_query
* ldns_update_pkt_new
* ldns_update_pkt_tsig_add
* ldns_update_prcount
* ldns_update_set_adcount
* ldns_update_set_prcount
* ldns_update_set_upcount
* ldns_update_soa_mname
* ldns_update_soa_zone_mname
* ldns_update_upcount
* ldns_update_zocount
* ldns_validate_domain_dnskey
* ldns_validate_domain_ds
* ldns_verify
* ldns_verify_rrsig
* ldns_verify_rrsig_buffers
* ldns_verify_rrsig_buffers_raw
* ldns_verify_rrsig_dsa
* ldns_verify_rrsig_dsa_raw
* ldns_verify_rrsig_keylist
* ldns_verify_rrsig_rsamd5
* ldns_verify_rrsig_rsamd5_raw
* ldns_verify_rrsig_rsasha1
* ldns_verify_rrsig_rsasha1_raw
* ldns_verify_rrsig_rsasha256_raw
* ldns_verify_rrsig_rsasha512_raw
* ldns_verify_trusted
* ldns_version
* ldns_wire2dname
* ldns_wire2pkt
* ldns_wire2rdf
* ldns_wire2rr
* ldns_write_uint16
* ldns_write_uint32
* ldns_write_uint64_as_uint48
* mktime_from_utc
* qsort_rr_compare_nsec3

11
contrib/python/docs/source/modules/ldns_key.rst Normal file
View File

@ -0,0 +1,11 @@
Class ldns_key
================================
.. automodule:: ldns
Class ldns_key
------------------------------
.. autoclass:: ldns_key
:members:
:undoc-members:

11
contrib/python/docs/source/modules/ldns_key_list.rst Normal file
View File

@ -0,0 +1,11 @@
Class ldns_key_list
================================
.. automodule:: ldns
Class ldns_key_list
------------------------------
.. autoclass:: ldns_key_list
:members:
:undoc-members:

11
contrib/python/docs/source/modules/ldns_pkt.rst Normal file
View File

@ -0,0 +1,11 @@
Class ldns_pkt
================================
.. automodule:: ldns
Class ldns_pkt
------------------------------
.. autoclass:: ldns_pkt
:members:
:undoc-members:

47
contrib/python/docs/source/modules/ldns_rdf.rst Normal file
View File

@ -0,0 +1,47 @@
Class ldns_rdf
================================
.. automodule:: ldns
Class ldns_rdf
------------------------------
.. autoclass:: ldns_rdf
:members:
:undoc-members:
Predefined constants
------------------------------
**RDF TYPE**
* LDNS_RDF_TYPE_NONE,
* LDNS_RDF_TYPE_DNAME,
* LDNS_RDF_TYPE_INT8,
* LDNS_RDF_TYPE_INT16,
* LDNS_RDF_TYPE_INT32,
* LDNS_RDF_TYPE_A,
* LDNS_RDF_TYPE_AAAA,
* LDNS_RDF_TYPE_STR,
* LDNS_RDF_TYPE_APL,
* LDNS_RDF_TYPE_B32_EXT,
* LDNS_RDF_TYPE_B64,
* LDNS_RDF_TYPE_HEX,
* LDNS_RDF_TYPE_NSEC,
* LDNS_RDF_TYPE_TYPE,
* LDNS_RDF_TYPE_CLASS,
* LDNS_RDF_TYPE_CERT_ALG,
* LDNS_RDF_TYPE_ALG,
* LDNS_RDF_TYPE_UNKNOWN,
* LDNS_RDF_TYPE_TIME,
* LDNS_RDF_TYPE_PERIOD,
* LDNS_RDF_TYPE_TSIGTIME,
* LDNS_RDF_TYPE_TSIG,
* LDNS_RDF_TYPE_INT16_DATA,
* LDNS_RDF_TYPE_SERVICE,
* LDNS_RDF_TYPE_LOC,
* LDNS_RDF_TYPE_WKS,
* LDNS_RDF_TYPE_NSAP,
* LDNS_RDF_TYPE_IPSECKEY,
* LDNS_RDF_TYPE_NSEC3_SALT,
* LDNS_RDF_TYPE_NSEC3_NEXT_OWNER

13
contrib/python/docs/source/modules/ldns_resolver.rst Normal file
View File

@ -0,0 +1,13 @@
Class ldns_resolver
================================
.. automodule:: ldns
Class ldns_resolver
------------------------------
.. autoclass:: ldns_resolver
:members:
:undoc-members:

18
contrib/python/docs/source/modules/ldns_rr.rst Normal file
View File

@ -0,0 +1,18 @@
Class ldns_rr
================================
.. automodule:: ldns
Class ldns_rr
------------------------------
.. autoclass:: ldns_rr
:members:
:undoc-members:
Class ldns_rr_descriptor
------------------------------
.. autoclass:: ldns_rr_descriptor
:members:
:undoc-members:

11
contrib/python/docs/source/modules/ldns_rr_list.rst Normal file
View File

@ -0,0 +1,11 @@
Class ldns_rr_list
================================
.. automodule:: ldns
Class ldns_rr_list
------------------------------
.. autoclass:: ldns_rr_list
:members:
:undoc-members:

11
contrib/python/docs/source/modules/ldns_zone.rst Normal file
View File

@ -0,0 +1,11 @@
Class ldns_zone
================================
.. automodule:: ldns
Class ldns_zone
------------------------------
.. autoclass:: ldns_zone
:members:
:undoc-members:

56
contrib/python/examples/ldns-axfr.py Executable file
View File

@ -0,0 +1,56 @@
#!/usr/bin/python
# vim:fileencoding=utf-8
#
# AXFR client with IDN (Internationalized Domain Names) support
#
import ldns
import encodings.idna
def utf2name(name):
return '.'.join([encodings.idna.ToASCII(a) for a in name.split('.')])
def name2utf(name):
return '.'.join([encodings.idna.ToUnicode(a) for a in name.split('.')])
resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
#addr = ldns.ldns_get_rr_list_addr_by_name(resolver, "zone.nic.cz", ldns.LDNS_RR_CLASS_IN, ldns.LDNS_RD);
addr = resolver.get_addr_by_name("zone.nic.cz", ldns.LDNS_RR_CLASS_IN, ldns.LDNS_RD);
if (not addr):
raise Exception("Can't retrieve server address")
print "Addr_by_name:",str(addr).replace("\n","; ")
#remove all nameservers
while resolver.pop_nameserver():
pass
#insert server addr
for rr in addr.rrs():
resolver.push_nameserver_rr(rr)
#AXFR transfer
status = resolver.axfr_start(utf2name(u"háčkyčárky.cz"), ldns.LDNS_RR_CLASS_IN)
if status != ldns.LDNS_STATUS_OK:
raise Exception("Can't start AXFR. Error: %s" % ldns.ldns_get_errorstr_by_id(status))
#Print results
while True:
rr = resolver.axfr_next()
if not rr:
break
rdf = rr.owner()
if (rdf.get_type() == ldns.LDNS_RDF_TYPE_DNAME):
print "RDF owner: type=",rdf.get_type_str(),"data=",name2utf(str(rdf))
else:
print "RDF owner: type=",rdf.get_type_str(),"data=",str(rdf)
print " RR type=", rr.get_type_str()," ttl=",rr.ttl()
for rdf in rr.rdfs():
if (rdf.get_type() == ldns.LDNS_RDF_TYPE_DNAME):
print " RDF: type=",rdf.get_type_str(),"data=",name2utf(str(rdf))
else:
print " RDF: type=",rdf.get_type_str(),"data=",str(rdf)
print

8
contrib/python/examples/ldns-buf.py Executable file
View File

@ -0,0 +1,8 @@
#!/usr/bin/python
import ldns
buf = ldns.ldns_buffer(1024)
buf.printf("Test buffer")
print buf

45
contrib/python/examples/ldns-dnssec.py Executable file
View File

@ -0,0 +1,45 @@
#!/usr/bin/python
# -*- coding: utf-8 -*-
import ldns
import sys
debug = True
# Check args
argc = len(sys.argv)
name = "www.nic.cz"
if argc < 2:
print "Usage:", sys.argv[0], "domain [resolver_addr]"
sys.exit(1)
else:
name = sys.argv[1]
# Create resolver
resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
resolver.set_dnssec(True)
# Custom resolver
if argc > 2:
# Clear previous nameservers
ns = resolver.pop_nameserver()
while ns != None:
ns = resolver.pop_nameserver()
ip = ldns.ldns_rdf.new_frm_str(sys.argv[2], ldns.LDNS_RDF_TYPE_A)
resolver.push_nameserver(ip)
# Resolve DNS name
pkt = resolver.query(name, ldns.LDNS_RR_TYPE_A, ldns.LDNS_RR_CLASS_IN)
if pkt and pkt.answer():
# Debug
if debug:
print "NS returned:", pkt.get_rcode(), "(AA: %d AD: %d)" % ( pkt.ad(), pkt.ad() )
# SERVFAIL indicated bogus name
if pkt.get_rcode() is ldns.LDNS_RCODE_SERVFAIL:
print name, "is bogus"
# Check AD (Authenticated) bit
if pkt.get_rcode() is ldns.LDNS_RCODE_NOERROR:
if pkt.ad(): print name, "is secure"
else: print name, "is insecure"

36
contrib/python/examples/ldns-higher.py Executable file
View File

@ -0,0 +1,36 @@
#!/usr/bin/python
import ldns
resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
dnn = ldns.ldns_dname("www.google.com")
print dnn.get_type_str(), dnn
dna = ldns.ldns_rdf.new_frm_str("74.125.43.99",ldns.LDNS_RDF_TYPE_A)
print dna.get_type_str(), dna
name = resolver.get_name_by_addr(dna)
if (not name): raise Exception("Can't retrieve server name")
for rr in name.rrs():
print rr
name = resolver.get_name_by_addr("74.125.43.99")
if (not name): raise Exception("Can't retrieve server name")
for rr in name.rrs():
print rr
addr = resolver.get_addr_by_name(dnn)
if (not addr): raise Exception("Can't retrieve server address")
for rr in addr.rrs():
print rr
addr = resolver.get_addr_by_name("www.google.com")
if (not addr): raise Exception("Can't retrieve server address")
for rr in addr.rrs():
print rr
hosts = ldns.ldns_rr_list.new_frm_file("/etc/hosts")
if (not hosts): raise Exception("Can't retrieve the content of file")
for rr in hosts.rrs():
print rr

46
contrib/python/examples/ldns-keygen.py Executable file
View File

@ -0,0 +1,46 @@
#!/usr/bin/python
#
# This example shows how to generate public/private key pair
#
import ldns
algorithm = ldns.LDNS_SIGN_DSA
bits = 512
ldns.ldns_init_random(open("/dev/random","rb"), (bits+7)//8)
domain = ldns.ldns_dname("example.")
#generate a new key
key = ldns.ldns_key.new_frm_algorithm(algorithm, bits);
print key
#set owner
key.set_pubkey_owner(domain)
#create the public from the ldns_key
pubkey = key.key_to_rr()
#previous command is equivalent to
# pubkey = ldns.ldns_key2rr(key)
print pubkey
#calculate and set the keytag
key.set_keytag(ldns.ldns_calc_keytag(pubkey))
#build the DS record
ds = ldns.ldns_key_rr2ds(pubkey, ldns.LDNS_SHA1)
print ds
owner, tag = pubkey.owner(), key.keytag()
#write public key to .key file
fw = open("key-%s-%d.key" % (owner,tag), "wb")
pubkey.print_to_file(fw)
#write private key to .priv file
fw = open("key-%s-%d.private" % (owner,tag), "wb")
key.print_to_file(fw)
#write DS to .ds file
fw = open("key-%s-%d.ds" % (owner,tag), "wb")
ds.print_to_file(fw)

15
contrib/python/examples/ldns-mx.py Executable file
View File

@ -0,0 +1,15 @@
#!/usr/bin/python
#
# MX is a small program that prints out the mx records for a particular domain
#
import ldns
resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
pkt = resolver.query("nic.cz", ldns.LDNS_RR_TYPE_MX,ldns.LDNS_RR_CLASS_IN)
if (pkt):
mx = pkt.rr_list_by_type(ldns.LDNS_RR_TYPE_MX, ldns.LDNS_SECTION_ANSWER)
if (mx):
mx.sort()
print mx

18
contrib/python/examples/ldns-mx1.py Executable file
View File

@ -0,0 +1,18 @@
#!/usr/bin/python
#
# MX is a small program that prints out the mx records for a particular domain
#
import ldns
dname = ldns.ldns_dname("nic.cz")
print dname
resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
pkt = resolver.query(dname, ldns.LDNS_RR_TYPE_MX,ldns.LDNS_RR_CLASS_IN)
if (pkt):
mx = pkt.rr_list_by_type(ldns.LDNS_RR_TYPE_MX, ldns.LDNS_SECTION_ANSWER)
if (mx):
mx.sort()
print mx

19
contrib/python/examples/ldns-mx2.py Executable file
View File

@ -0,0 +1,19 @@
#!/usr/bin/python
#
# MX is a small program that prints out the mx records for a particular domain
#
import ldns
resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
pkt = resolver.query("nic.cz", ldns.LDNS_RR_TYPE_MX,ldns.LDNS_RR_CLASS_IN)
if (pkt) and (pkt.answer()):
for rr in pkt.answer().rrs():
if (rr.get_type() != ldns.LDNS_RR_TYPE_MX):
continue
rdf = rr.owner()
print rdf," ",rr.ttl()," ",rr.get_class_str()," ",rr.get_type_str()," ",
print " ".join(str(rdf) for rdf in rr.rdfs())

17
contrib/python/examples/ldns-newpkt.py Executable file
View File

@ -0,0 +1,17 @@
#!/usr/bin/python
import ldns
pkt = ldns.ldns_pkt.new_query_frm_str("www.google.com",ldns.LDNS_RR_TYPE_ANY, ldns.LDNS_RR_CLASS_IN, ldns.LDNS_QR | ldns.LDNS_AA)
rra = ldns.ldns_rr.new_frm_str("www.google.com. IN A 192.168.1.1",300)
rrb = ldns.ldns_rr.new_frm_str("www.google.com. IN TXT Some\ Description",300)
list = ldns.ldns_rr_list()
if (rra): list.push_rr(rra)
if (rrb): list.push_rr(rrb)
pkt.push_rr_list(ldns.LDNS_SECTION_ANSWER, list)
print "Packet:"
print pkt

65
contrib/python/examples/ldns-signzone.py Executable file
View File

@ -0,0 +1,65 @@
#!/usr/bin/python
# This example shows how to sign a given zone file with private key
import ldns
import sys, os, time
#private key TAG which identifies the private key
#use ldns-keygen.py in order to obtain private key
keytag = 30761
# Read zone file
#-------------------------------------------------------------
zone = ldns.ldns_zone.new_frm_fp(open("zone.txt","r"), None, 0, ldns.LDNS_RR_CLASS_IN)
soa = zone.soa()
origin = soa.owner()
# Prepare keys
#-------------------------------------------------------------
#Read private key from file
keyfile = open("key-%s-%d.private" % (origin, keytag), "r");
key = ldns.ldns_key.new_frm_fp(keyfile)
#Read public key from file
pubfname = "key-%s-%d.key" % (origin, keytag)
pubkey = None
if os.path.isfile(pubfname):
pubkeyfile = open(pubfname, "r");
pubkey,_,_,_ = ldns.ldns_rr.new_frm_fp(pubkeyfile)
if not pubkey:
#Create new public key
pubkey = key.key_to_rr()
#Set key expiration
key.set_expiration(int(time.time()) + 365*60*60*24) #365 days
#Set key owner (important step)
key.set_pubkey_owner(origin)
#Insert DNSKEY RR
zone.push_rr(pubkey)
# Sign zone
#-------------------------------------------------------------
#Create keylist and push private key
keys = ldns.ldns_key_list()
keys.push_key(key)
#Add SOA
signed_zone = ldns.ldns_dnssec_zone()
signed_zone.add_rr(soa)
#Add RRs
for rr in zone.rrs().rrs():
print "RR:",str(rr),
signed_zone.add_rr(rr)
added_rrs = ldns.ldns_rr_list()
status = signed_zone.sign(added_rrs, keys)
if (status == ldns.LDNS_STATUS_OK):
signed_zone.print_to_file(open("zone_signed.txt","w"))

15
contrib/python/examples/ldns-zone.py Executable file
View File

@ -0,0 +1,15 @@
#!/usr/bin/python
import ldns
#Read zone from file
zone = ldns.ldns_zone.new_frm_fp(open("zone.txt","r"), None, 0, ldns.LDNS_RR_CLASS_IN)
print zone
print "SOA:", zone.soa()
for r in zone.rrs().rrs():
print "RR:", r
zone = ldns.ldns_zone()
#print zone

15
contrib/python/examples/ldns_rr_iter_frm_fp_l.demo.py Normal file
View File

@ -0,0 +1,15 @@
import ldns
import sys
if len(sys.argv) <= 1:
print "Usage: %s zone_file" % sys.argv[0]
sys.exit()
inp = open(sys.argv[1],"r");
for rr in ldns.ldns_rr_iter_frm_fp_l(inp):
print rr
inp.close()

Some files were not shown because too many files have changed in this diff Show More